This month I had 10 hours and I spent my 10 hours on the following projects:
* Researched CVE-2016-9013 in python-django and found to be not worthy of fixing. * Upload fixed version of python-django. * CVE-2016-9014: DNS rebinding vulnerability when DEBUG=True. * Upload fixed version of lynx-cur. * CVE-2016-9179: invalid URL parsing with '?'. * Research monit CVE-2016-7067 CSRF issue. * Research asterisk. Ask if it is supported in Wheezy. Add links to upstream advisories in secure-testing. -- Brian May <[email protected]>
