Raphaël Hertzog: My Free Software Activities in April 2015
My monthly report covers a large part of what I have been doing in the free software world. I write it for my donators (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it s one of the best ways to find volunteers to work with me on projects that matter to me.
Debian LTS
This month I have been paid to work 26.25 hours on Debian LTS. In that time I did the following:
- CVE triage: I pushed 52 commits to the security tracker. I finished a new helper script (bin/lts-cve-triage.py) that builds on the JSON output that Holger implemented recently. It helps to triage more quickly some issues based on the triaging work already done by the Debian Security team.
- I filed #783005 to clarify the situation of libhtp and suricata in unstable (discovered this problem while triaging issues affecting those packages).
- I reviewed and sponsored DLA-197-1 for Nguyen Cong fixing 5 CVE on libvncserver.
- I released DLA-199-1 fixing one CVE on libx11. I also used codesearch.debian.net to identify all packages that had to be rebuilt with the fixed macro and uploaded them all (there was 11 of them).
- I sponsored DLA-207-1 for James McCoy fixing 7 CVE on subversion.
- I released DLA-210-1 fixing 5 CVE on qt4-x11.
- I released DLA-213-1 fixing 7 CVE on openjdk-6.
- I released DLA-214-1 fixing 1 CVE on libxml-libxml-perl.
- I released DLA-215-1 fixing 1 CVE on libjson-ruby. This backport was non-trivial but luckily included some non-regression tests.
- I filed #783800 about the security-tracker not handling correctly squeeze-lts/non-free.
- I wrote a talk on Debian LTS that I gave during the Mini-DebConf in Lyon. I took quite some time to collect some statistics about the last 10 months of work within the team.
- I helped to draft a press release announcing our plans for Wheezy LTS and seeking more help at the same time.
- I ensured that the Jessie press release will include a sentence saying that it would be supported for 5 years too.
No comment Liked this article? Click here. My blog is Flattr-enabled.