Hi, During the month of January, I spent 42.5 hours working on LTS on the following tasks:
- thunderbird 60.4.0 ESR security update - tzdata and libdatetime-timezone-perl new releases - investigated symfony test failures - policykit-1 security update - investigated lua vulnerability, which didn't affect old versions present in jessie - prepared and tested ghostscript security update, called for testing - firefox-esr and thunderbird 60.5.0 ESR security updates - spice security update - libvncserver security update - prepared and tested rdesktop update to 1.8.4 to fix security issues, talked to security team to coordinate an update to 1.8.4 in stretch too - mariadb-10.0 security update - prepared coturn security update. one of the changes disables a vulnerable feature, contacted upstream to see if there was a fix for that feature now that they released a new upstream version - postgis security update - CVE triaging I also spent 6h on ELTS: - tzdata and libdatetime-timezone-perl new releases - php5/libgd2 review - spice security update - libsndfile security update - triaging Cheers, Emilio
