LTS report 2020-03-01 to 2020-03-31

This time period I used 10 hours.

Jessie Package Support

For the project Jessie Package Support, I used 10 hours in the following tasks:

  • lua-cgi
  • phppgadmin
  • ruby-rack

lua-cgi

  • Investigate CVE-2014-2875.
  • Posted email to debian-lts.
  • File upstream bug reports: #16, and #17.
  • Followup to debian-lts posts.
  • Private followup to debian-lts posts.
  • Private followup to debian-lts posts.
  • Attempt to get lua-cgi running.
  • Create good working test case.
  • Create a debian bug report #954300 on session management breakage.
  • Updated a debian bug report #953037 on security issue.
  • Posted email to debian-lts

phppgadmin

  • Investigate CVE-2019-10784.
  • Post message to upstream bug report.
  • Investigate possible solution for CVE-2019-10784 using samesite.

ruby-rack

  • Posted email to debian-lts.
  • Posted email to debian-lts.