Tag: lomiri

Debian LTS/ELTS

This was my hundred-thirty-ninth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian (as the LTS- and ELTS-teams have been merged now, there is only one paragraph left for both activities).

During my allocated time I uploaded or worked on:

• [DLA 4449-1] zvbi security update to fix five CVEs related to uninitialized pointers and integer overflows.
• [DLA 4450-1] taglib security update to fix one CVE related to a segmentation violation.
• [DLA 4451-1] shapelib security update to fix one CVE related to a double free.
• [DLA 4454-1] libuev security update to fix one CVE related to a buffer overrun.
• [ELA-1620-1] zvbi security update to fix five CVEs in Buster and Stretch related to uninitialized pointers and integer overflows.
• [ELA-1621-1] taglib security update to fix one CVE in Buster and Stretch related to a segmentation violation.
• [#1126167] bookworm-pu bug for zvbi to fix five CVEs in Bookworm.
• [#1126273] bookworm-pu bug for taglib to fix one CVE in Bookworm.
• [#1126370] bookworm-pu bug for libuev to fix one CVE in Bookworm.

I also attended the monthly LTS/ELTS meeting. While working on updates, I stumbled upon packages, whose CVEs have been postponed for a long time and their CVSS score was rather high. I wonder whether one should pay more attention to postponed issues, otherwise one could have already marked them as ignored.

Debian Printing

Unfortunately I didn’t found any time to work on this topic.

Debian Lomiri

This month I worked on unifying packaging on Debian and Ubuntu. This makes it easier to work on those packages independent of the used platform.

This work is generously funded by Fre(i)e Software GmbH!

Debian Astro

This month I uploaded a new upstream version or a bugfix version of:

• … supernovas to unstable (sponsored upload).
• … libahp-xc to unstable.
• … c-munipack to unstable.

Debian IoT

Unfortunately I didn’t found any time to work on this topic.

Debian Mobcom

Unfortunately I didn’t found any time to work on this topic.

misc

This month I uploaded a new upstream version or a bugfix version of:

• … liburjtag to unstable.

Unfortunately this month I was distracted from my normal Debian work by other unpleasant things, so that the paragraphs above are mostly empty. I now have to think about how many of my spare time I am able to dedicate to Debian in the future.