-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 March was my 38th month as a Debian LTS paid contributor. I was assigned 14 hours and I spent all of them for the following;
* mediawiki: There were 8 CVEs reported. CVE-2021-20270 CVE-2021-27291 CVE-2021-30152 CVE-2021-30154 CVE-2021-30155 CVE-2021-30157 CVE-2021-30158 CVE-2021-30159. Marked CVE-2021-30154 CVE-2021-30157 as not-affected and fixed rest. Uploaded and released [DLA 2648-1][1], [DLA 2648-2][2] regression update. * smarty3: Fixed a regression and uploaded [DLA 2618-2][3]. Thanks to Benjamin Renard for finding it. * samba: There were 9 CVEs including the no-dsa tagged ones. So far backported CVE-2019-10218 CVE-2019-14833 CVE-2019-14847 CVE-2019-14861 CVE-2019-14870. Continuing work on remaining fixes. Build available[4] for testing. Regards Abhijith PA [1] - https://lists.debian.org/debian-lts-announce/2021/05/msg00003.html [2] - https://lists.debian.org/debian-lts-announce/2021/05/msg00006.html [3] - https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html [4] - https://people.debian.org/~abhijith/upload/vda/samba_4.5.16+dfsg-1+deb9u4.dsc -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEE7xPqJqaY/zX9fJAuhj1N8u2cKO8FAmCYMksACgkQhj1N8u2c KO8xkQ/9EuCjBRqU6Pz+5H732IsybV5Ypftxn1nvISLZe0W/VTDfjKuFdQGEJxQX qAkPbzrjKca+TPwd30NKNWM1K8EI0Y7GBsgkg1JHOCGzBFdaOj8Kv78qgKHFFVTg dSOsRRVUPnD8aR69lZXL5/EzaLJrbddLQlCcTSp3By28/0PydOyRasdLEnN9EMnY NWzCqCeuorPWWvHR50lZyWPXokzSfmXz8zb2qKjVAuAIOiJToNbh5b2rFx8HEufW AMb5seQQye6qrkIm4xtpAuDOTM8qaqU73C6qFa+6aFb+GmiFMTGGN53dkUaPdNS+ JVP8znRegfeyQ+MlLApBhyVStylS8hM4hPhrc7ybnPrmEbzYujdjOkQh030YsUp3 Ksx6vQTHbkGExPx/C4qOKzsmg6ycY1um3xtISIRWaxpkMbFladksb9dFOVDVRic/ wgRs1OI9V70+cxZa5ewvNsj59bRXOuOxCJS2rwXf4GiSb7XKuK4YfHXgtZfNCDYH Yzxa3BO+IjsDFR2jQnhBA5wh6IMju059O8gceZBqyEpqd7nFATkdlP5AK7lanvjw FytFd7SalN5PXWkPsdVcml2/NSVlSbsLcJtldwwAAnOqbnuG23Xx1qxv2Cvs74cN mtYUQEeJy/KprmqWmOFLAaio88fr0h3njr8ocaPHq/7bXyJwdrw= =SH1q -----END PGP SIGNATURE-----