LTS report for December 2018

[Lucas Kanashiro]

Hi,

In December I was allocated 4h and I spent only 3h of them (I'll catch
up the remaining 1h during January 2019) doing the following:

* ghostscript: Fixed CVE-2018-19134 and CVE-2018-19478. The DLA was
properly sent [1].

* phpmyadmin: Trying to reproduce CVE-2018-19968.

[1] https://lists.debian.org/debian-lts-announce/2018/12/msg00019.html

Kind regards,

-- 
Lucas Kanashiro



signature.asc
Description: OpenPGP digital signature

LTS report for December 2018 - Abhijith PA

[Abhijith PA]

December 2018 was my 11th month as a Debian LTS paid contributor. I was
assigned 8 hours and I spend all of them for the following:

* pdns/pdns-recursor: Spend some time working on CVE-2018-10851. But it
  will going to be a no-DSA as it was.

* libvncserver: Fixed CVE-2018-15127, CVE-2018-20019, CVE-2018-20020,
  CVE-2018-20021, CVE-2018-20022, CVE-2018-20023, CVE-2018-20024 and
  CVE-2018-6307. Uploaded and released DLA[1]. Also marked
  CVE-2018-15126 as not affected.

* libraw: Started working on very old CVEs.



 Also uploaded libphp-phpmailer to fix a possible regression.[2]


Regards
Abhijith PA

[1] - https://lists.debian.org/debian-lts-announce/2018/12/msg00017.html
[2] - https://lists.debian.org/debian-lts-announce/2018/12/msg00020.html