Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In March, 252 work hours have been dispatched among 14 paid contributors. Their reports are available:

• Abhijith PA did 16.0h (out of 14h assigned and 2h from February).
• Ben Hutchings did 12.25h (out of 20h assigned and 0.75h from February), thus carrying over 8.5h to April.
• Brian May did 10h (out of 10h assigned).
• Chris Lamb did 18h (out of 18h assigned).
• Dylan A ssi did 6h (out of 6h assigned).
• Emilio Pozuelo Monfort did 19.5h (out of 30h assigned and 6.75h from February), thus carrying over 17.25h to April.
• Hugo Lefeuvre gave back the 12h he got assigned.
• Markus Koschany did 10h (out of 30h assigned and 18.75h from February), thus carrying over 38.75h to April.
• Mike Gabriel did 10.25h (out of 8h assigned and 2.25h from February).
• Ola Lundqvist did 6h (out of 12h assigned and 2.5h from February), thus carrying over 8.5h to April.
• Roberto C. S nchez did 6.25h (out of 8h assigned), and gave back the remaining 1.75h.
• Sylvain Beucler did 30h (out of 30h assigned).
• Thorsten Alteholz did 30h (out of 30h assigned).
• Utkarsh Gupta did 24h (out of 24h assigned).

Evolution of the situation March was a strange month for many people all over the globe. Here we ll just express our hopes that you are and will be well! LTS gained a new contributor in March, Anton Gladky, however he then decided to become active later this year. Similarly Hugo Lefeuvre notified us that he ll be inactive in April. In case you missed it (or missed to act), please read this post about keeping Debian 8 Jessie alive for longer than 5 years. If you expect to have Debian 8 servers/devices running after June 30th 2020, and would like to have security updates for them, please get in touch with Freexian. Hurry up: the end of Jessie LTS is coming in less than three months! The security tracker currently lists 25 packages with a known CVE and the dla-needed.txt file has 23 packages needing an update. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 55 months)
• GitHub (for 45 months)
• Civil Infrastructure Platform (CIP) (for 22 months)
• Gold sponsors:
• Blablacar (for 70 months)
• Roche Diagnostics International AG (for 65 months)
• Linode (for 59 months)
• Babiel GmbH (for 49 months)
• Plat Home (for 48 months)
• University of Oxford (for 4 months)
• Silver sponsors:
• The Positive Internet Company (for 71 months)
• Domeneshop AS (for 70 months)
• Nantes M tropole (for 64 months)
• Univention GmbH (for 56 months)
• Universit Jean Monnet de St Etienne (for 56 months)
• Ribbon Communications, Inc. (for 49 months)
• Exonet B.V. (for 39 months)
• Leibniz Rechenzentrum (for 33 months)
• CINECA (for 23 months)
• Minist re de l Europe et des Affaires trang res (for 17 months)
• Cloudways Ltd (for 6 months)
• Dinahosting SL (for 4 months)
• Bronze sponsors:
• Seznam.cz, a.s. (for 71 months)
• Evolix (for 70 months)
• MyTux (for 70 months)
• Intevation GmbH (for 67 months)
• Linuxhotel GmbH (for 67 months)
• Daevel SARL (for 66 months)
• Bitfolk LTD (for 65 months)
• Megaspace Internet Services GmbH (for 65 months)
• Greenbone Networks GmbH (for 64 months)
• NUMLOG (for 64 months)
• WinGo AG (for 63 months)
• Ecole Centrale de Nantes LHEEA (for 59 months)
• Sig-I/O (for 57 months)
• Entr ouvert (for 54 months)
• Adfinis SyGroup AG (for 52 months)
• GNI MEDIA (for 46 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 46 months)
• Tesorion (for 46 months)
• Bearstech (for 38 months)
• LiHAS (for 38 months)
• People Doc (for 34 months)
• Catalyst IT Ltd (for 32 months)
• Supagro (for 28 months)
• Demarcq SAS (for 26 months)
• TrapX Security (for 23 months)
• Universit Grenoble Alpes (for 12 months)
• TouchWeb SAS (for 4 months)
• SPiN AG

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In February, 226 work hours have been dispatched among 14 paid contributors. Their reports are available:

• Abhijith PA gave back 12 out of his assigned 14h, thus he is carrying over 2h for March.
• Ben Hutchings did 19.25h (out of 20h assigned), thus carrying over 0.75h to March.
• Brian May did 10h (out of 10h assigned).
• Chris Lamb did 18h (out of 18h assigned).
• Dylan A ssi did 5.5h (out of 4h assigned and 1.5h from January).
• Emilio Pozuelo Monfort did 29h (out of 20h assigned and 15.75h from January), thus carrying over 6.75h to March.
• Hugo Lefeuvre gave back the 12h he got assigned.
• Markus Koschany did 10h (out of 20h assigned and 8.75h from January), thus carrying over 18.75h to March.
• Mike Gabriel did 5.75h (out of 20h assigned) and gave 12h back to the pool, thus he is carrying over 2.25h to March.
• Ola Lundqvist did 10h (out of 8h assigned and 4.5h from January), thus carrying over 2.5h to March.
• Roberto C. S nchez did 20.25h (out of 20h assigned and 13h from January) and gave back 12.75h to the pool.
• Sylvain Beucler did 20h (out of 20h assigned).
• Thorsten Alteholz did 20h (out of 20h assigned).
• Utkarsh Gupta did 20h (out of 20h assigned).

Evolution of the situation February began as rather calm month and the fact that more contributors have given back unused hours is an indicator of this calmness and also an indicator that contributing to LTS has become more of a routine now, which is good. In the second half of February Holger Levsen (from LTS) and Salvatore Bonaccorso (from the Debian Security Team) met at SnowCamp in Italy and discussed tensions and possible improvements from and for Debian LTS. The security tracker currently lists 25 packages with a known CVE and the dla-needed.txt file has 21 packages needing an update. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 54 months)
• GitHub (for 44 months)
• Civil Infrastructure Platform (CIP) (for 22 months)
• Gold sponsors:
• Blablacar (for 69 months)
• Roche Diagnostics International AG (for 65 months)
• Linode (for 59 months)
• Babiel GmbH (for 48 months)
• Plat Home (for 47 months)
• University of Oxford (for 4 months)
• Silver sponsors:
• The Positive Internet Company (for 70 months)
• Domeneshop AS (for 69 months)
• Nantes M tropole (for 63 months)
• Univention GmbH (for 55 months)
• Universit Jean Monnet de St Etienne (for 55 months)
• Ribbon Communications, Inc. (for 49 months)
• Exonet B.V. (for 38 months)
• Leibniz Rechenzentrum (for 32 months)
• CINECA (for 22 months)
• Minist re de l Europe et des Affaires trang res (for 16 months)
• Cloudways Ltd (for 5 months)
• Dinahosting SL (for 3 months)
• Bronze sponsors:
• Seznam.cz, a.s. (for 70 months)
• Evolix (for 69 months)
• MyTux (for 69 months)
• Linuxhotel GmbH (for 67 months)
• Intevation GmbH (for 66 months)
• Daevel SARL (for 65 months)
• Bitfolk LTD (for 64 months)
• Megaspace Internet Services GmbH (for 64 months)
• Greenbone Networks GmbH (for 63 months)
• NUMLOG (for 63 months)
• WinGo AG (for 62 months)
• Ecole Centrale de Nantes LHEEA (for 59 months)
• Sig-I/O (for 56 months)
• Entr ouvert (for 54 months)
• Adfinis SyGroup AG (for 51 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 46 months)
• Tesorion (for 46 months)
• GNI MEDIA (for 45 months)
• Bearstech (for 37 months)
• LiHAS (for 37 months)
• People Doc (for 33 months)
• Catalyst IT Ltd (for 32 months)
• Supagro (for 27 months)
• Demarcq SAS (for 25 months)
• TrapX Security (for 22 months)
• Universit Grenoble Alpes (for 12 months)
• TouchWeb SAS (for 4 months)
• SPiN AG

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In October, about 197 work hours have been dispatched among 13 paid contributors. Their reports are available:

• Antoine Beaupr did 21h (out of 16h allocated + 8.75h remaining, thus keeping 3.75h for November).
• Ben Hutchings did 20 hours (out of 15h allocated + 9 extra hours, thus keeping 4 extra hours for November).
• Brian May did 10 hours.
• Chris Lamb did 18 hours.
• Emilio Pozuelo Monfort did 7 hours (out of 20.75 hours allocated + 1.5 hours remaining, thus keeping 15.25 hours for November).
• Guido G nther did 6.5 hours (out of 11h allocated + 1 extra hour, thus keeping 5.5h for November).
• Hugo Lefeuvre did 20h.
• Lucas Kanashiro did 2 hours (out of 5h allocated, thus keeping 3 hours for November).
• Markus Koschany did 19 hours (out of 20.75h allocated, thus keeping 1.75 extra hours for November).
• Ola Lundqvist did 7.5h (out of 7h allocated + 0.5 extra hours).
• Rapha l Hertzog did 13.5 hours (out of 12h allocated + 1.5 extra hours).
• Roberto C. Sanchez did 11 hours (out of 20.75 hours allocated + 14.75 hours remaining, thus keeping 24.50 extra hours for November, he will give back remaining hours at the end of the month).
• Thorsten Alteholz did 20.75 hours.

Evolution of the situation The number of sponsored hours increased slightly to 183 hours per month. With the increasing number of security issues to deal with, and with the number of open issues not really going down, I decided to bump the funding target to what amounts to 1.5 full-time position. The security tracker currently lists 50 packages with a known CVE and the dla-needed.txt file 36 (we re a bit behind in CVE triaging apparently). Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 25 months)
• GitHub (for 16 months)
• Gold sponsors:
• The Positive Internet (for 41 months)
• Blablacar (for 40 months)
• Linode (for 30 months)
• Babiel GmbH (for 19 months)
• Plat Home (for 19 months)
• Silver sponsors:
• Domeneshop AS (for 40 months)
• Universit Lille 3 (for 40 months)
• Trollweb Solutions (for 38 months)
• Nantes M tropole (for 35 months)
• Dalenys (for 31 months)
• Univention GmbH (for 26 months)
• Universit Jean Monnet de St Etienne (for 26 months)
• Sonus Networks (for 20 months)
• maxcluster GmbH (for 14 months)
• Exonet B.V. (for 10 months)
• Leibniz Rechenzentrum (for 4 months)
• Vente-privee.com
• Bronze sponsors:
• David Ayers IntarS Austria (for 41 months)
• Evolix (for 41 months)
• Offensive Security (for 41 months)
• Seznam.cz, a.s. (for 41 months)
• Freeside Internet Service (for 40 months)
• MyTux (for 40 months)
• Intevation GmbH (for 38 months)
• Linuxhotel GmbH (for 38 months)
• Daevel SARL (for 36 months)
• Bitfolk LTD (for 35 months)
• Megaspace Internet Services GmbH (for 35 months)
• NUMLOG (for 35 months)
• Greenbone Networks GmbH (for 34 months)
• WinGo AG (for 34 months)
• Ecole Centrale de Nantes LHEEA (for 30 months)
• Sig-I/O (for 28 months)
• Entr ouvert (for 25 months)
• Adfinis SyGroup AG (for 23 months)
• GNI MEDIA (for 17 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 17 months)
• Quarantainenet BV (for 17 months)
• RHX Srl (for 14 months)
• Bearstech (for 8 months)
• LiHAS (for 8 months)
• People Doc (for 5 months)
• Catalyst IT Ltd (for 3 months)

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In August, about 170 work hours have been dispatched among 13 paid contributors. Their reports are available:

• Antoine Beaupr did 7h (out of 15.75h allocated, thus keeping 8.75h for October).
• Ben Hutchings did 12 hours (out of 15h allocated + 6 extra hours, thus keeping 9 extra hours for October).
• Brian May did 10 hours.
• Chris Lamb did 15.75 hours.
• Emilio Pozuelo Monfort did 27 hours (out of 15.75 hours allocated + 12.75 hours remaining, thus keeping 1.5 hours for October).
• Guido G nther did 10 hours (out of 11h allocated, thus keeping one hour for October).
• Hugo Lefeuvre did 15h.
• Lucas Kanashiro did 5 hours.
• Markus Koschany did 15.75 hours.
• Ola Lundqvist did 13.5h (out of 7h allocated + 7 extra hours, thus keeping 0.5 extra hours for October).
• Rapha l Hertzog did 10.5 hours (out of 12h allocated, thus keeping 1.5 hours for October).
• Roberto C. Sanchez did 10 hours (out of 15.75 hours allocated + 9 hours remaining, thus keeping 14.75 extra hours for October).
• Thorsten Alteholz did 15.75 hours.

Evolution of the situation The number of sponsored hours is the same as last month. But we have a new sponsor in the pipe. The security tracker currently lists 52 packages with a known CVE and the dla-needed.txt file 49. The number of packages with open issues decreased slightly compared to last month but we re not yet back to the usual situation. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 24 months)
• GitHub (for 15 months)
• Gold sponsors:
• The Positive Internet (for 40 months)
• Blablacar (for 39 months)
• Linode (for 29 months)
• Babiel GmbH (for 18 months)
• Plat Home (for 18 months)
• Silver sponsors:
• Domeneshop AS (for 40 months)
• Universit Lille 3 (for 39 months)
• Trollweb Solutions (for 37 months)
• Nantes M tropole (for 34 months)
• Dalenys (for 30 months)
• Univention GmbH (for 25 months)
• Universit Jean Monnet de St Etienne (for 25 months)
• Sonus Networks (for 19 months)
• maxcluster GmbH (for 13 months)
• Exonet B.V. (for 9 months)
• Leibniz Rechenzentrum (for 3 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 40 months)
• Evolix (for 40 months)
• Offensive Security (for 40 months)
• Seznam.cz, a.s. (for 40 months)
• Freeside Internet Service (for 39 months)
• MyTux (for 39 months)
• Intevation GmbH (for 37 months)
• Linuxhotel GmbH (for 37 months)
• Daevel SARL (for 36 months)
• Bitfolk LTD (for 34 months)
• Megaspace Internet Services GmbH (for 34 months)
• NUMLOG (for 34 months)
• Greenbone Networks GmbH (for 33 months)
• WinGo AG (for 33 months)
• Ecole Centrale de Nantes LHEEA (for 29 months)
• Sig-I/O (for 27 months)
• Entr ouvert (for 24 months)
• Adfinis SyGroup AG (for 22 months)
• GNI MEDIA (for 16 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 16 months)
• Quarantainenet BV (for 16 months)
• RHX Srl (for 13 months)
• Bearstech (for 8 months)
• LiHAS (for 7 months)
• People Doc (for 4 months)
• Catalyst IT Ltd

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In August, about 189 work hours have been dispatched among 12 paid contributors. Their reports are available:

• Antoine Beaupr did 16h.
• Ben Hutchings did 10 hours (out of 15h allocated + 1 extra hour, thus keeping 6 extra hour for September).
• Chris Lamb did 18 hours.
• Emilio Pozuelo Monfort did 20.5 hours (out of 20.25 hours allocated + 13 hours remaining, thus keeping 12.75 hours for September).
• Guido G nther did 10 hours.
• Hugo Lefeuvre did 14h (out of 2h allocated + 12 extra hours).
• Lucas Kanashiro did 20.25 hours.
• Markus Koschany did 20.25 hours.
• Ola Lundqvist did 9h (out of 14h allocated + 16 extra hours, he gave back 14 hours, thus keeping 7 extra hours for September).
• Rapha l Hertzog did 12 hours.
• Roberto C. Sanchez did 27.25 hours (out of 20.25 hours allocated + 16 hours remaining, thus keeping 9 extra hours for September).
• Thorsten Alteholz did 20.25 hours.

Evolution of the situation The number of sponsored hours is the same as last month. The security tracker currently lists 59 packages with a known CVE and the dla-needed.txt file 60. The number of packages with open issues decreased slightly compared to last month but we re not yet back to the usual situation. The number of CVE to fix per package tends to increase due to the increased usage of fuzzers. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 22 months)
• GitHub (for 13 months)
• Gold sponsors:
• The Positive Internet (for 38 months)
• Blablacar (for 37 months)
• Linode (for 27 months)
• Babiel GmbH (for 16 months)
• Plat Home (for 16 months)
• Silver sponsors:
• Domeneshop AS (for 37 months)
• Universit Lille 3 (for 37 months)
• Trollweb Solutions (for 35 months)
• Nantes M tropole (for 32 months)
• Dalenys (for 28 months)
• Univention GmbH (for 23 months)
• Universit Jean Monnet de St Etienne (for 23 months)
• Sonus Networks (for 17 months)
• UR Communications BV (for 12 months)
• maxcluster GmbH (for 11 months)
• Exonet B.V. (for 7 months)
• Leibniz Rechenzentrum
• Bronze sponsors:
• David Ayers IntarS Austria (for 38 months)
• Evolix (for 38 months)
• Offensive Security (for 38 months)
• Seznam.cz, a.s. (for 38 months)
• Freeside Internet Service (for 37 months)
• MyTux (for 37 months)
• Intevation GmbH (for 35 months)
• Linuxhotel GmbH (for 35 months)
• Daevel SARL (for 33 months)
• Bitfolk LTD (for 32 months)
• Megaspace Internet Services GmbH (for 32 months)
• NUMLOG (for 32 months)
• Greenbone Networks GmbH (for 31 months)
• WinGo AG (for 31 months)
• Ecole Centrale de Nantes LHEEA (for 27 months)
• Sig-I/O (for 24 months)
• Entr ouvert (for 22 months)
• Adfinis SyGroup AG (for 19 months)
• GNI MEDIA (for 14 months)
• Quarantainenet BV (for 14 months)
• RHX Srl (for 11 months)
• Bearstech (for 5 months)
• LiHAS (for 5 months)
• People Doc
• Catalyst IT Ltd

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In July, about 181 work hours have been dispatched among 11 paid contributors. Their reports are available:

• Antoine Beaupr did 20h (out of 16h allocated + 4 extra hours).
• Ben Hutchings did 14 hours (out of 15h allocated, thus keeping 1 extra hour for August).
• Chris Lamb did 18 hours.
• Emilio Pozuelo Monfort did 18.5 hours (out of 23.5 hours allocated + 8 hours remaining, thus keeping 13 hours for August).
• Guido G nther did 10 hours.
• Hugo Lefeuvre did nothing due to personal problems (out of 2h allocated + 10 extra hours, thus keeping 12 extra hours for August).
• Markus Koschany did 23.5 hours.
• Ola Lundqvist did not publish his report yet (out of 14h allocated + 2 extra hours).
• Rapha l Hertzog did 7 hours (out of 12 hours allocated but he gave back his remaining hours).
• Roberto C. Sanchez did 19.5 hours (out of 23.5 hours allocated + 12 hours remaining, thus keeping 16 extra hours for August).
• Thorsten Alteholz did 23.5 hours.

Evolution of the situation The number of sponsored hours increased slightly with two new sponsors: Leibniz Rechenzentrum (silver sponsor) and Catalyst IT Ltd (bronze sponsor). The security tracker currently lists 74 packages with a known CVE and the dla-needed.txt file 64. The number of packages with open issues increased of almost 50% compared to last month. Hopefully this backlog will get cleared up when the unused hours will actually be done. In any case, this evolution is worth watching. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 22 months)
• GitHub (for 13 months)
• Gold sponsors:
• The Positive Internet (for 38 months)
• Blablacar (for 37 months)
• Linode (for 27 months)
• Babiel GmbH (for 16 months)
• Plat Home (for 16 months)
• Silver sponsors:
• Domeneshop AS (for 37 months)
• Universit Lille 3 (for 37 months)
• Trollweb Solutions (for 35 months)
• Nantes M tropole (for 32 months)
• Dalenys (for 28 months)
• Univention GmbH (for 23 months)
• Universit Jean Monnet de St Etienne (for 23 months)
• Sonus Networks (for 17 months)
• UR Communications BV (for 12 months)
• maxcluster GmbH (for 11 months)
• Exonet B.V. (for 7 months)
• Leibniz Rechenzentrum
• Bronze sponsors:
• David Ayers IntarS Austria (for 38 months)
• Evolix (for 38 months)
• Offensive Security (for 38 months)
• Seznam.cz, a.s. (for 38 months)
• Freeside Internet Service (for 37 months)
• MyTux (for 37 months)
• Intevation GmbH (for 35 months)
• Linuxhotel GmbH (for 35 months)
• Daevel SARL (for 33 months)
• Bitfolk LTD (for 32 months)
• Megaspace Internet Services GmbH (for 32 months)
• NUMLOG (for 32 months)
• Greenbone Networks GmbH (for 31 months)
• WinGo AG (for 31 months)
• Ecole Centrale de Nantes LHEEA (for 27 months)
• Sig-I/O (for 24 months)
• Entr ouvert (for 22 months)
• Adfinis SyGroup AG (for 19 months)
• GNI MEDIA (for 14 months)
• Quarantainenet BV (for 14 months)
• RHX Srl (for 11 months)
• Bearstech (for 5 months)
• LiHAS (for 5 months)
• People Doc
• Catalyst IT Ltd

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In May, about 161 work hours have been dispatched among 11 paid contributors. Their reports are available:

• Antoine Beaupr did 12h (out of 16h allocated, thus keeping 4 extra hours for July).
• Ben Hutchings did 20 hours (out of 15h allocated + 5 extra hours).
• Chris Lamb did 16 hours.
• Emilio Pozuelo Monfort did 11 hours (out of 16 hours allocated + 3 hours remaining, thus keeping 8 hours for July).
• Guido G nther did 9 hours.
• Hugo Lefeuvre did 5 hours (out of 15h allocated, thus keeping 10 extra hours for July).
• Markus Koschany did 16 hours.
• Ola Lundqvist did 12 hours (out of 14h allocated, thus keeping 2 extra hours for July).
• Rapha l Hertzog did 12 hours.
• Roberto C. Sanchez did 6.5 hours (out of 16 hours allocated + 2.5 hour remaining, thus keeping 12 extra hours for July).
• Thorsten Alteholz did 16 hours.

Evolution of the situation The number of sponsored hours increased slightly with one new bronze sponsor and another silver sponsor is in the process of joining. The security tracker currently lists 49 packages with a known CVE and the dla-needed.txt file 54. The number of open issues is close to last month. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 21 months)
• GitHub (for 11 months)
• Gold sponsors:
• The Positive Internet (for 37 months)
• Blablacar (for 36 months)
• Linode (for 26 months)
• Babiel GmbH (for 15 months)
• Plat Home (for 14 months)
• Silver sponsors:
• Domeneshop AS (for 36 months)
• Universit Lille 3 (for 36 months)
• Trollweb Solutions (for 34 months)
• Nantes M tropole (for 30 months)
• Dalenys (for 27 months)
• Univention GmbH (for 22 months)
• Universit Jean Monnet de St Etienne (for 22 months)
• Sonus Networks (for 16 months)
• UR Communications BV (for 10 months)
• maxcluster GmbH (for 10 months)
• Exonet B.V. (for 6 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 37 months)
• Evolix (for 37 months)
• Offensive Security (for 37 months)
• Seznam.cz, a.s. (for 37 months)
• Freeside Internet Service (for 36 months)
• MyTux (for 36 months)
• Linuxhotel GmbH (for 34 months)
• Intevation GmbH (for 33 months)
• Daevel SARL (for 32 months)
• Bitfolk LTD (for 31 months)
• Megaspace Internet Services GmbH (for 31 months)
• Greenbone Networks GmbH (for 30 months)
• NUMLOG (for 30 months)
• WinGo AG (for 29 months)
• Ecole Centrale de Nantes LHEEA (for 26 months)
• Sig-I/O (for 23 months)
• Entr ouvert (for 21 months)
• Adfinis SyGroup AG (for 18 months)
• Quarantainenet BV (for 13 months)
• GNI MEDIA (for 12 months)
• RHX Srl (for 10 months)
• Bearstech (for 4 months)
• LiHAS (for 4 months)
• People Doc

One comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In May, about 182 work hours have been dispatched among 11 paid contributors. Their reports are available:

• Ben Hutchings did 13 hours (out of 15h allocated + 3 extra hours, thus keeping 5 extra hours for June).
• Brian May did 10 hours.
• Chris Lamb did 18 hours.
• Emilio Pozuelo Monfort did 23 hours (out of 24 hours allocated + 2 hours remaining, thus keeping 3 hours for June).
• Guido G nther did 8 hours.
• Hugo Lefeuvre did 15 hours.
• Jonas Meurer gave back his remaining hours from last month.
• Markus Koschany did 27.25 hours.
• Ola Lundqvist did 12 hours (out of 6h allocated + 6 remaining hours).
• Rapha l Hertzog did 12 hours.
• Roberto C. Sanchez did 22 hours (out of 20 hours allocated + 4.5 hour remaining, thus keeping 2.5 extra hours for June).
• Thorsten Alteholz did 27.25 hours.

Evolution of the situation The number of sponsored hours did not change and we are thus still a little behind our objective. The security tracker currently lists 44 packages with a known CVE and the dla-needed.txt file 42. The number of open issues is close to last month. Thanks to our sponsors New sponsors are in bold (none this month unfortunately).

• Platinum sponsors:
• TOSHIBA (for 20 months)
• GitHub (for 11 months)
• Gold sponsors:
• The Positive Internet (for 36 months)
• Blablacar (for 35 months)
• Linode (for 25 months)
• Babiel GmbH (for 14 months)
• Plat Home (for 14 months)
• Silver sponsors:
• Domeneshop AS (for 35 months)
• Universit Lille 3 (for 35 months)
• Trollweb Solutions (for 33 months)
• Nantes M tropole (for 29 months)
• Dalenys (for 26 months)
• Univention GmbH (for 21 months)
• Universit Jean Monnet de St Etienne (for 21 months)
• Sonus Networks (for 15 months)
• UR Communications BV (for 9 months)
• maxcluster GmbH (for 9 months)
• Exonet B.V. (for 5 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 36 months)
• Evolix (for 36 months)
• Offensive Security (for 36 months)
• Seznam.cz, a.s. (for 36 months)
• Freeside Internet Service (for 35 months)
• MyTux (for 35 months)
• Linuxhotel GmbH (for 33 months)
• Intevation GmbH (for 32 months)
• Daevel SARL (for 31 months)
• Bitfolk LTD (for 30 months)
• Megaspace Internet Services GmbH (for 30 months)
• Greenbone Networks GmbH (for 29 months)
• NUMLOG (for 29 months)
• WinGo AG (for 28 months)
• Ecole Centrale de Nantes LHEEA (for 25 months)
• Sig-I/O (for 22 months)
• Entr ouvert (for 20 months)
• Adfinis SyGroup AG (for 17 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 12 months)
• Quarantainenet BV (for 12 months)
• GNI MEDIA (for 11 months)
• RHX Srl (for 9 months)
• Bearstech (for 3 months)
• LiHAS (for 3 months)

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In April, about 190 work hours have been dispatched among 13 paid contributors. Their reports are available:

• Antoine Beaupr did 19.5 hours (out of 16h allocated + 5.5 remaining hours, thus keeping 2 extra hours for May).
• Ben Hutchings did 12 hours (out of 15h allocated, thus keeping 3 extra hours for May).
• Brian May did 10 hours.
• Chris Lamb did 18 hours.
• Emilio Pozuelo Monfort did 17.5 hours (out of 16 hours allocated + 3.5 hours remaining, thus keeping 2 hours for May).
• Guido G nther did 12 hours (out of 8 hours allocated + 4 hours remaining).
• Hugo Lefeuvre did 15.5 hours (out of 6 hours allocated + 9.5 hours remaining).
• Jonas Meurer did nothing (out of 4 hours allocated + 3.5 hours remaining, thus keeping 7.5 hours for May).
• Markus Koschany did 23.75 hours.
• Ola Lundqvist did 14 hours (out of 20h allocated, thus keeping 6 extra hours for May).
• Rapha l Hertzog did 11.25 hours (out of 10 hours allocated + 1.25 hours remaining).
• Roberto C. Sanchez did 16.5 hours (out of 20 hours allocated + 1 hour remaining, thus keeping 4.5 extra hours for May).
• Thorsten Alteholz did 23.75 hours.

Evolution of the situation The number of sponsored hours decreased slightly and we re now again a little behind our objective. The security tracker currently lists 54 packages with a known CVE and the dla-needed.txt file 37. The number of open issues is comparable to last month. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 19 months)
• GitHub (for 10 months)
• Gold sponsors:
• The Positive Internet (for 35 months)
• Blablacar (for 34 months)
• Linode (for 24 months)
• Babiel GmbH (for 13 months)
• Plat Home (for 13 months)
• Silver sponsors:
• Domeneshop AS (for 34 months)
• Universit Lille 3 (for 34 months)
• Trollweb Solutions (for 32 months)
• Nantes M tropole (for 28 months)
• Dalenys (for 25 months)
• Univention GmbH (for 20 months)
• Universit Jean Monnet de St Etienne (for 20 months)
• Sonus Networks (for 14 months)
• UR Communications BV (for 9 months)
• maxcluster GmbH (for 8 months)
• Exonet B.V. (for 4 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 35 months)
• Evolix (for 35 months)
• Offensive Security (for 35 months)
• Seznam.cz, a.s. (for 35 months)
• Freeside Internet Service (for 34 months)
• MyTux (for 34 months)
• Linuxhotel GmbH (for 32 months)
• Intevation GmbH (for 31 months)
• Daevel SARL (for 30 months)
• Bitfolk LTD (for 29 months)
• Megaspace Internet Services GmbH (for 29 months)
• Greenbone Networks GmbH (for 28 months)
• NUMLOG (for 28 months)
• WinGo AG (for 28 months)
• Ecole Centrale de Nantes LHEEA (for 24 months)
• Sig-I/O (for 21 months)
• Entr ouvert (for 19 months)
• Adfinis SyGroup AG (for 16 months)
• GNI MEDIA (for 11 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 11 months)
• Quarantainenet BV (for 11 months)
• RHX Srl (for 8 months)
• Bearstech
• LiHAS

No comment Liked this article? Click here. My blog is Flattr-enabled.

My monthly report covers a large part of what I have been doing in the free software world. I write it for my donors (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it s one of the best ways to find volunteers to work with me on projects that matter to me. Debian LTS I was allocated 10 hours to work on security updates for Debian 7 Wheezy and had 1.5 hours remaining from March. During this time I did the following:

• I released DLA-905-1 on ghostscript fixing 3 CVE. I also triaged two other ghostscript CVE that were not relevant to the version in wheezy.
• I started to look into CVE-2016-10209 for libarchive but was not able to reproduce the segfault and marked it as not worth an update (same decision as security team).
• After many tries to get more details from upstream of libxml-twig-perl on CVE-2016-9180, I decided that the low severity of the issue was not worth spending more time on it (same decision as RedHat and Debian security team).
• I released DLA-921-1 on slurm-llnl fixing 1 high-severity CVE.
• I investigated CVE-2016-8686 on potrace and marked it as not requiring an update because the impact is very low. I documented the fact that it s fixed in unstable and asked the upstream author for the specific patch (no answer yet though).

Kali and pkg-security I updated the britney instance that we are using in Kali and spotted two small documentation mistakes that I fixed. We had a long-standing bug in Kali where extensions would stay visible on the lock screen. It was hard to reproduce and this month we finally managed to nail down the conditions required to reproduce it. It turns out that EasyScreenCast was the culprit. We paid Emilio Pozuelo Monfort to work on a patch and he fixed the problem in EasyScreenCast and also in gnome-shell, as a buggy extension should not have resulted in this behavior. I responded to multiple queries of new contributors in the pkg-security team. The team is rather active and it would be great if we could have a few more Debian developers to help review and sponsor the work our enthusiastic new members. Thanks See you next month for a new summary of my activities. Hopefully, I will be more active again between kids vacations, French elections and Zelda Breadth of the Wild, I got very much distracted from Debian last month.

One comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In March, about 190 work hours have been dispatched among 14 paid contributors. Their reports are available:

• Antoine Beaupr did 19 hours (out of 14.75h allocated + 10 remaining hours, thus keeping 5.75 extra hours for April).
• Balint Reczey did nothing (out of 14.75 hours allocated + 2.5 hours remaining) and gave back all his unused hours. He took on a new job and will stop his work as LTS paid contributor.
• Ben Hutchings did 14.75 hours.
• Brian May did 10 hours.
• Chris Lamb did 14.75 hours.
• Emilio Pozuelo Monfort did 11.75 hours (out of 14.75 hours allocated + 0.5 hours remaining, thus keeping 3.5 hours for April).
• Guido G nther did 4 hours (out of 8 hours allocated, thus keeping 4 extra hours for April).
• Hugo Lefeuvre did 4 hours (out of 13.5 hours allocated, thus keeping 9.5 extra hours for April).
• Jonas Meurer did 11.25 hours (out of 14.75 hours allocated, thus keeping 3.5 extra hours for April).
• Markus Koschany did 14.75 hours.
• Ola Lundqvist did 23.75 hours (out of 14.75h allocated + 9 hours remaining).
• Rapha l Hertzog did 15 hours (out of 10 hours allocated + 6.25 hours remaining, thus keeping 1.25 hours for April).
• Roberto C. Sanchez did 21.5 hours (out of 14.75 hours allocated + 7.75 hours remaining, thus keeping 1 extra hour for April).
• Thorsten Alteholz did 14.75 hours.

Evolution of the situation The number of sponsored hours has been unchanged but will likely decrease slightly next month as one sponsor will not renew his support (because they have switched to CentOS). The security tracker currently lists 52 packages with a known CVE and the dla-needed.txt file 40. The number of open issues continued its slight increase not worrisome yet but we need to keep an eye on this situation. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 18 months)
• GitHub (for 9 months)
• Gold sponsors:
• The Positive Internet (for 34 months)
• Blablacar (for 33 months)
• Linode LLC (for 23 months)
• Babiel GmbH (for 12 months)
• Plat Home (for 12 months)
• Silver sponsors:
• Domeneshop AS (for 33 months)
• Universit Lille 3 (for 33 months)
• Trollweb Solutions (for 31 months)
• Nantes M tropole (for 27 months)
• University of Luxembourg (for 25 months)
• Dalenys (for 24 months)
• Univention GmbH (for 19 months)
• Universit Jean Monnet de St Etienne (for 19 months)
• Sonus Networks (for 13 months)
• UR Communications BV (for 7 months)
• maxcluster GmbH (for 7 months)
• Exonet B.V. (for 3 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 34 months)
• Evolix (for 34 months)
• Offensive Security (for 34 months)
• Seznam.cz, a.s. (for 34 months)
• Freeside Internet Service (for 33 months)
• MyTux (for 33 months)
• Linuxhotel GmbH (for 31 months)
• Intevation GmbH (for 30 months)
• Daevel SARL (for 29 months)
• Bitfolk LTD (for 28 months)
• Megaspace Internet Services GmbH (for 28 months)
• Greenbone Networks GmbH (for 27 months)
• NUMLOG (for 27 months)
• WinGo AG (for 26 months)
• Ecole Centrale de Nantes LHEEA (for 23 months)
• Sig-I/O (for 20 months)
• Entr ouvert (for 18 months)
• Adfinis SyGroup AG (for 15 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 10 months)
• Quarantainenet BV (for 10 months)
• GNI MEDIA (for 9 months)
• RHX Srl (for 7 months)
• Bearstech
• LiHAS

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In January, about 154 work hours have been dispatched among 13 paid contributors. Their reports are available:

• Antoine Beaupr did 3 hours (out of 13h allocated, thus keeping 10 extra hours for March).
• Balint Reczey did 13 hours (out of 13 hours allocated + 1.25 hours remaining, thus keeping 1.25 hours for March).
• Ben Hutchings did 19 hours (out of 13 hours allocated + 15.25 hours remaining, he gave back the remaining hours to the pool).
• Chris Lamb did 13 hours.
• Emilio Pozuelo Monfort did 12.5 hours (out of 13 hours allocated, thus keeping 0.5 hour for March).
• Guido G nther did 8 hours.
• Hugo Lefeuvre did nothing and gave back his 13 hours to the pool.
• Jonas Meurer did 14.75 hours (out of 5 hours allocated + 9.75 hours remaining).
• Markus Koschany did 13 hours.
• Ola Lundqvist did 4 hours (out of 13h allocated, thus keeping 9 hours for March).
• Rapha l Hertzog did 3.75 hours (out of 10 hours allocated, thus keeping 6.25 hours for March).
• Roberto C. Sanchez did 5.5 hours (out of 13 hours allocated + 0.25 hours remaining, thus keeping 7.75 hours for March).
• Thorsten Alteholz did 13 hours.

Evolution of the situation The number of sponsored hours increased slightly thanks to Bearstech and LiHAS joining us. The security tracker currently lists 45 packages with a known CVE and the dla-needed.txt file 39. The number of open issues continued its slight increase, this time it could be explained by the fact that many contributors did not spend all the hours allocated (for various reasons). There s nothing worrisome at this point. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 17 months)
• GitHub (for 8 months)
• Gold sponsors:
• The Positive Internet (for 33 months)
• Blablacar (for 32 months)
• Linode LLC (for 22 months)
• Babiel GmbH (for 11 months)
• Plat Home (for 11 months)
• Silver sponsors:
• Domeneshop AS (for 32 months)
• Universit Lille 3 (for 32 months)
• Trollweb Solutions (for 30 months)
• Nantes M tropole (for 26 months)
• University of Luxembourg (for 24 months)
• Dalenys (for 23 months)
• Univention GmbH (for 18 months)
• Universit Jean Monnet de St Etienne (for 18 months)
• Sonus Networks (for 12 months)
• UR Communications BV (for 6 months)
• maxcluster GmbH (for 6 months)
• Exonet B.V.
• Bronze sponsors:
• David Ayers IntarS Austria (for 33 months)
• Evolix (for 33 months)
• Offensive Security (for 33 months)
• Seznam.cz, a.s. (for 33 months)
• Freeside Internet Service (for 32 months)
• MyTux (for 32 months)
• Linuxhotel GmbH (for 30 months)
• Intevation GmbH (for 29 months)
• Daevel SARL (for 28 months)
• Bitfolk LTD (for 27 months)
• Megaspace Internet Services GmbH (for 27 months)
• Greenbone Networks GmbH (for 26 months)
• NUMLOG (for 26 months)
• WinGo AG (for 25 months)
• Ecole Centrale de Nantes LHEEA (for 22 months)
• Sig-I/O (for 19 months)
• Entr ouvert (for 17 months)
• Adfinis SyGroup AG (for 14 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 9 months)
• Quarantainenet BV (for 9 months)
• GNI MEDIA (for 8 months)
• RHX Srl (for 6 months)
• LiHAS
• Bearstech

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In January, about 159 work hours have been dispatched among 13 paid contributors. Their reports are available:

• Antoine Beaupr did 12.75 hours.
• Balint Reczey did 14 hours (out of 12.75 hours allocated + 2.5 hours remaining, thus keeping 1.25 hours for February).
• Ben Hutchings did 3 hours (out of 12.75 hours allocated + 5.5 hours remaining, thus keeping 15.25 extra hours for February).
• Chris Lamb did 12.75 hours.
• Emilio Pozuelo Monfort did 15.25 hours (out of 12.75 hours allocated + 2.5 hours remaining).
• Guido G nther did 8 hours.
• Hugo Lefeuvre did 15.25 hours (out of 12.75 hours allocated + 2.5 hours remaining).
• Jonas Meurer did 9 hours (out of 12 hours allocated + 6.75 hours remaining, thus keeping 9.75 extra hours for February).
• Markus Koschany did 12.75 hours.
• Ola Lundqvist did 12.75 hours.
• Rapha l Hertzog did 10 hours.
• Roberto C. Sanchez did 12.5 hours (out of 12.75 hours allocated, thus keeping 0.25 hours for February).
• Thorsten Alteholz did 12.75 hours.

Evolution of the situation The number of sponsored hours increased slightly thanks to Exonet joining us. The security tracker currently lists 37 packages with a known CVE and the dla-needed.txt file 36. The situation is roughly similar to last month even though the number of open issues increased slightly. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 16 months)
• GitHub (for 7 months)
• Gold sponsors:
• The Positive Internet (for 32 months)
• Blablacar (for 31 months)
• Linode LLC (for 21 months)
• Babiel GmbH (for 10 months)
• Plat Home (for 10 months)
• Silver sponsors:
• Domeneshop AS (for 31 months)
• Universit Lille 3 (for 31 months)
• Trollweb Solutions (for 29 months)
• Nantes M tropole (for 25 months)
• University of Luxembourg (for 23 months)
• Dalenys (for 22 months)
• Univention GmbH (for 17 months)
• Universit Jean Monnet de St Etienne (for 17 months)
• Sonus Networks (for 11 months)
• UR Communications BV (for 5 months)
• maxcluster GmbH (for 5 months)
• Exonet B.V.
• Bronze sponsors:
• David Ayers IntarS Austria (for 32 months)
• Evolix (for 32 months)
• Offensive Security (for 32 months)
• Seznam.cz, a.s. (for 32 months)
• Freeside Internet Service (for 31 months)
• MyTux (for 31 months)
• Linuxhotel GmbH (for 29 months)
• Intevation GmbH (for 28 months)
• Daevel SARL (for 27 months)
• Bitfolk LTD (for 26 months)
• Megaspace Internet Services GmbH (for 26 months)
• Greenbone Networks GmbH (for 25 months)
• NUMLOG (for 25 months)
• WinGo AG (for 24 months)
• Ecole Centrale de Nantes LHEEA (for 21 months)
• Sig-I/O (for 18 months)
• Entr ouvert (for 16 months)
• Adfinis SyGroup AG (for 13 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 8 months)
• Quarantainenet BV (for 8 months)
• GNI MEDIA (for 7 months)
• RHX Srl (for 5 months)

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In December, about 175 work hours have been dispatched among 14 paid contributors. Their reports are available:

• Antoine Beaupr did 20.5 hours (out of 13.5 hours allocated + 7 remaining hours).
• Balint Reczey did 10 hours (out of 13.5 hours allocated, thus keeping 2.5 hours for January).
• Ben Hutchings did 10 hours (out of 13.5 hours allocated + 2 hours remaining, thus keeping 5.5 extra hours for January).
• Brian May did 10 hours.
• Chris Lamb did 13.5 hours.
• Emilio Pozuelo Monfort did 11 hours (out of 13.5 hours allocated, thus keeping 2.5 extra hours for January).
• Guido G nther did 8 hours.
• Hugo Lefeuvre did 11 hours (out of 13.5 hours allocated, thus keeping 2.5 extra hours for January).
• Jonas Meurer did 5.25 hours (out of 12 hours allocated, thus keeping 6.75 extra hours for January).
• Markus Koschany did 13.5 hours.
• Ola Lundqvist did 13.5 hours.
• Rapha l Hertzog did 10 hours.
• Roberto C. Sanchez did 13.5 hours.
• Thorsten Alteholz did 13.5 hours.

Evolution of the situation The number of sponsored hours did not increase but a new silver sponsor is in the process of joining. We are only missing another silver sponsor (or two to four bronze sponsors) to reach our objective of funding the equivalent of a full time position. The security tracker currently lists 31 packages with a known CVE and the dla-needed.txt file 27. The situation improved a little bit compared to last month. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 14 months)
• GitHub (for 5 months)
• Gold sponsors:
• The Positive Internet (for 30 months)
• Blablacar (for 29 months)
• Linode LLC (for 19 months)
• Babiel GmbH (for 8 months)
• Plat Home (for 8 months)
• Silver sponsors:
• Domeneshop AS (for 29 months)
• Universit Lille 3 (for 29 months)
• Trollweb Solutions (for 27 months)
• Nantes M tropole (for 23 months)
• University of Luxembourg (for 21 months)
• Dalenys (for 20 months)
• Univention GmbH (for 15 months)
• Universit Jean Monnet de St Etienne (for 15 months)
• Sonus Networks (for 9 months)
• UR Communications BV (for 3 months)
• maxcluster GmbH (for 3 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 30 months)
• Evolix (for 30 months)
• Offensive Security (for 30 months)
• Seznam.cz, a.s. (for 30 months)
• Freeside Internet Service (for 29 months)
• MyTux (for 29 months)
• Linuxhotel GmbH (for 27 months)
• Intevation GmbH (for 26 months)
• Daevel SARL (for 25 months)
• Bitfolk LTD (for 24 months)
• Megaspace Internet Services GmbH (for 24 months)
• Greenbone Networks GmbH (for 23 months)
• NUMLOG (for 23 months)
• WinGo AG (for 22 months)
• Ecole Centrale de Nantes LHEEA (for 19 months)
• Sig-I/O (for 16 months)
• Entr ouvert (for 14 months)
• Adfinis SyGroup AG (for 11 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 6 months)
• Quarantainenet BV (for 6 months)
• GNI MEDIA (for 5 months)
• RHX Srl (for 3 months)

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In October, about 150 work hours have been dispatched among 14 paid contributors. Their reports are available:

• Antoine Beaupr did 4 hours (out of 11 hours allocated, thus keeping 7 extra hours for December).
• Balint Reczey did 11 hours.
• Ben Hutchings did 9 hours (out of 11 hours allocated, thus keeping 2 extra hours for December).
• Brian May did 11 hours.
• Chris Lamb did 11 hours.
• Emilio Pozuelo Monfort did 11 hours.
• Guido G nther did 8 hours.
• Hugo Lefeuvre did 11 hours.
• Jonas Meurer did 12.75 hours (out of 11 hours allocated + 1.75 hours remaining).
• Markus Koschany did 11 hours.
• Ola Lundqvist did 11.75 hours (out of 11 hours allocated + 0.75 hours remaining).
• Rapha l Hertzog did 11 hours.
• Roberto C. Sanchez did 11 hours.
• Thorsten Alteholz did 11 hours.

Evolution of the situation The number of sponsored hours did not change this month and in fact we haven t had any new sponsor since September. We still need a couple of supplementary sponsors to reach our objective of funding the equivalent of a full time position. The security tracker currently lists 40 packages with a known CVE and the dla-needed.txt file 36. We don t seem to really catch up the small backlog. The reasons are not clear but I noticed that there are a few packages that take a lot of time due to the number of issues found with fuzzers. We also handle many issues that the security team ends up classifying as not worth an update because we add the package to dla-needed.txt before the security team has done its review and nobody checks afterwards. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 14 months)
• GitHub (for 5 months)
• Gold sponsors:
• The Positive Internet (for 30 months)
• Blablacar (for 29 months)
• Linode LLC (for 19 months)
• Babiel GmbH (for 8 months)
• Plat Home (for 8 months)
• Silver sponsors:
• Domeneshop AS (for 29 months)
• Universit Lille 3 (for 29 months)
• Trollweb Solutions (for 27 months)
• Nantes M tropole (for 23 months)
• University of Luxembourg (for 21 months)
• Dalenys (for 20 months)
• Univention GmbH (for 15 months)
• Universit Jean Monnet de St Etienne (for 15 months)
• Sonus Networks (for 9 months)
• UR Communications BV (for 3 months)
• maxcluster GmbH (for 3 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 30 months)
• Evolix (for 30 months)
• Offensive Security (for 30 months)
• Seznam.cz, a.s. (for 30 months)
• Freeside Internet Service (for 29 months)
• MyTux (for 29 months)
• Linuxhotel GmbH (for 27 months)
• Intevation GmbH (for 26 months)
• Daevel SARL (for 25 months)
• Bitfolk LTD (for 24 months)
• Megaspace Internet Services GmbH (for 24 months)
• Greenbone Networks GmbH (for 23 months)
• NUMLOG (for 23 months)
• WinGo AG (for 22 months)
• Ecole Centrale de Nantes LHEEA (for 19 months)
• Sig-I/O (for 16 months)
• Entr ouvert (for 14 months)
• Adfinis SyGroup AG (for 11 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 6 months)
• Quarantainenet BV (for 6 months)
• GNI MEDIA (for 5 months)
• RHX Srl (for 3 months)

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In October, about 175 work hours have been dispatched among 14 paid contributors. Their reports are available:

• Antoine Beaupr did 13 hours.
• Balint Reczey did 7 hours (out of 13 hours allocated + 4.5 remaining, the extra hours have been given back).
• Ben Hutchings did 13.75 hours (out of 13 hours allocated + 0.75 remaining).
• Brian May did 13 hours.
• Chris Lamb did 13 hours.
• Emilio Pozuelo Monfort did 13 hours.
• Guido G nther did 9 hours (out of 8h allocated + 1h remaining).
• Hugo Lefeuvre did 12 hours.
• Jonas Meurer did 10.25 hours (out of 12 hours allocated, thus keeping 1.75 extra hours for November).
• Markus Koschany did 13 hours.
• Ola Lundqvist did 13.5 hours (out of 13 hours assigned + 1.25 remaining, thus keeping 0.75 extra hours).
• Rapha l Hertzog did 13 hours.
• Roberto C. Sanchez did 14.75 hours (out of 13h allocated + 1.75h remaining).
• Thorsten Alteholz did 13 hours.

Evolution of the situation The number of sponsored hours did not change this month. We still need a couple of supplementary sponsors to reach our objective of funding the equivalent of a full time position. The security tracker currently lists 34 packages with a known CVE and the dla-needed.txt file 29. The situation improved slightly compared to last month. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 13 months)
• GitHub (for 4 months)
• Gold sponsors:
• The Positive Internet (for 29 months)
• Blablacar (for 28 months)
• Linode LLC (for 18 months)
• Babiel GmbH (for 7 months)
• Plat Home (for 7 months)
• UR Communications BV
• Silver sponsors:
• Domeneshop AS (for 28 months)
• Universit Lille 3 (for 28 months)
• Trollweb Solutions (for 26 months)
• Nantes M tropole (for 22 months)
• University of Luxembourg (for 20 months)
• Dalenys (for 19 months)
• Univention GmbH (for 14 months)
• Universit Jean Monnet de St Etienne (for 14 months)
• Sonus Networks (for 8 months)
• maxcluster GmbH
• Bronze sponsors:
• David Ayers IntarS Austria (for 29 months)
• Evolix (for 29 months)
• Offensive Security (for 29 months)
• Seznam.cz, a.s. (for 29 months)
• Freeside Internet Service (for 28 months)
• MyTux (for 28 months)
• Linuxhotel GmbH (for 26 months)
• Intevation GmbH (for 25 months)
• Daevel SARL (for 24 months)
• Bitfolk LTD (for 23 months)
• Megaspace Internet Services GmbH (for 23 months)
• Greenbone Networks GmbH (for 22 months)
• NUMLOG (for 22 months)
• WinGo AG (for 21 months)
• Ecole Centrale de Nantes LHEEA (for 18 months)
• Sig-I/O (for 15 months)
• Entr ouvert (for 13 months)
• Adfinis SyGroup AG (for 10 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 5 months)
• Quarantainenet BV (for 5 months)
• GNI MEDIA (for 4 months)
• RHX Srl

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In September, about 152 work hours have been dispatched among 13 paid contributors. Their reports are available:

• Balint Reczey did 15 hours (out of 12.25 hours allocated + 7.25 remaining, thus keeping 4.5 extra hours for October).
• Ben Hutchings did 6 hours (out of 12.3 hours allocated + 1.45 remaining, he gave back 7h and thus keeps 9.75 extra hours for October).
• Brian May did 12.25 hours.
• Chris Lamb did 12.75 hours (out of 12.30 hours allocated + 0.45 hours remaining).
• Emilio Pozuelo Monfort did 1 hour (out of 12.3 hours allocated + 2.95 remaining) and gave back the unused hours.
• Guido G nther did 6 hours (out of 7h allocated, thus keeping 1 extra hour for October).
• Hugo Lefeuvre did 12 hours.
• Jonas Meurer did 8 hours (out of 9 hours allocated, thus keeping 1 extra hour for October).
• Markus Koschany did 12.25 hours.
• Ola Lundqvist did 11 hours (out of 12.25 hours assigned thus keeping 1.25 extra hours).
• Rapha l Hertzog did 12.25 hours.
• Roberto C. Sanchez did 14 hours (out of 12.25h allocated + 3.75h remaining, thus keeping 2 extra hours).
• Thorsten Alteholz did 12.25 hours.

Evolution of the situation The number of sponsored hours reached 172 hours per month thanks to maxcluster GmbH joining as silver sponsor and RHX Srl joining as bronze sponsor. We only need a couple of supplementary sponsors now to reach our objective of funding the equivalent of a full time position. The security tracker currently lists 39 packages with a known CVE and the dla-needed.txt file 34. It s a small bump compared to last month but almost all issues are affected to someone. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 12 months)
• GitHub (for 3 months)
• Gold sponsors:
• The Positive Internet (for 28 months)
• Blablacar (for 27 months)
• Linode LLC (for 17 months)
• Babiel GmbH (for 6 months)
• Plat Home (for 6 months)
• UR Communications BV
• Silver sponsors:
• Domeneshop AS (for 27 months)
• Universit Lille 3 (for 27 months)
• Trollweb Solutions (for 25 months)
• Nantes M tropole (for 21 months)
• University of Luxembourg (for 19 months)
• Dalenys (for 18 months)
• Univention GmbH (for 13 months)
• Universit Jean Monnet de St Etienne (for 13 months)
• Sonus Networks (for 7 months)
• maxcluster GmbH
• Bronze sponsors:
• David Ayers IntarS Austria (for 28 months)
• Evolix (for 28 months)
• Offensive Security (for 28 months)
• Seznam.cz, a.s. (for 28 months)
• Freeside Internet Service (for 27 months)
• MyTux (for 27 months)
• Intevation GmbH (for 25 months)
• Linuxhotel GmbH (for 25 months)
• Daevel SARL (for 23 months)
• Bitfolk LTD (for 22 months)
• Megaspace Internet Services GmbH (for 22 months)
• Greenbone Networks GmbH (for 21 months)
• NUMLOG (for 21 months)
• WinGo AG (for 21 months)
• Ecole Centrale de Nantes LHEEA (for 17 months)
• Sig-I/O (for 14 months)
• Entr ouvert (for 12 months)
• Adfinis SyGroup AG (for 9 months)
• GNI MEDIA (for 4 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 4 months)
• Quarantainenet BV (for 4 months)
• RHX Srl

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In August, 140 work hours have been dispatched among 10 paid contributors. Their reports are available:

• Balint Reczey did 9.5 hours (out of 14.75 hours allocated + 2 remaining, thus keeping 7.25 extra hours for September).
• Ben Hutchings did 14 hours (out of 14.75 hours allocated + 0.7 remaining, keeping 1.45 extra hours for September).
• Brian May did 14.75 hours.
• Chris Lamb did 15 hours (out of 14.75 hours, thus keeping 0.45 hours for next month).
• Emilio Pozuelo Monfort did 13.5 hours (out of 14.75 hours allocated + 0.5 remaining, thus keeping 2.95 hours extra hours for September).
• Guido G nther did 9 hours.
• Markus Koschany did 14.75 hours.
• Ola Lundqvist did 15.2 hours (out of 14.5 hours assigned + 0.7 remaining).
• Roberto C. Sanchez did 11 hours (out of 14.75h allocated, thus keeping 3.75 extra hours for September).
• Thorsten Alteholz did 14.75 hours.

Evolution of the situation The number of sponsored hours rised to 167 hours per month thanks to UR Communications BV joining as gold sponsor (funding 1 day of work per month)! In practice, we never distributed this amount of work per month because some sponsors did not renew in time and some of them might not even be able to renew at all. The security tracker currently lists 31 packages with a known CVE and the dla-needed.txt file 29. It s a small bump compared to last month but almost all issues are affected to someone. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 11 months)
• GitHub
• Gold sponsors:
• The Positive Internet (for 27 months)
• Blablacar (for 26 months)
• Linode LLC (for 16 months)
• Babiel GmbH (for 5 months)
• Plat Home (for 4 months)
• UR Communications BV
• Silver sponsors:
• Domeneshop AS (for 26 months)
• Universit Lille 3 (for 26 months)
• Trollweb Solutions (for 24 months)
• Nantes M tropole (for 20 months)
• University of Luxembourg (for 18 months)
• Dalenys (for 16 months)
• Univention GmbH (for 12 months)
• Universit Jean Monnet de St Etienne (for 12 months)
• Sonus Networks (for 6 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 27 months)
• Evolix (for 27 months)
• Offensive Security (for 27 months)
• Seznam.cz, a.s. (for 27 months)
• Freeside Internet Service (for 26 months)
• MyTux (for 26 months)
• Linuxhotel GmbH (for 24 months)
• Intevation GmbH (for 23 months)
• Daevel SARL (for 22 months)
• Bitfolk LTD (for 21 months)
• Megaspace Internet Services GmbH (for 21 months)
• Greenbone Networks GmbH (for 20 months)
• NUMLOG (for 20 months)
• WinGo AG (for 19 months)
• Ecole Centrale de Nantes LHEEA (for 16 months)
• Sig-I/O (for 13 months)
• Entr ouvert (for 11 months)
• Adfinis SyGroup AG (for 8 months)
• Laboratoire LEGI UMR 5519 / CNRS (for 3 months)
• Quarantainenet BV (for 3 months)
• GNI MEDIA

No comment Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In July, 136.6 work hours have been dispatched among 11 paid contributors. Their reports are available:

• Antoine Beaupr has been allocated 4 hours again but in the end he put back his 8 pending hours in the pool for the next months.
• Balint Reczey did 18 hours (out of 7 hours allocated + 2 remaining, thus keeping 2 extra hours for August).
• Ben Hutchings did 15 hours (out of 14.7 hours allocated + 1 remaining, keeping 0.7 extra hour for August).
• Brian May did 14.7 hours.
• Chris Lamb did 14 hours (out of 14.7 hours, thus keeping 0.7 hours for next month).
• Emilio Pozuelo Monfort did 13 hours (out of 14.7 hours allocated, thus keeping 1.7 hours extra hours for August).
• Guido G nther did 8 hours.
• Markus Koschany did 14.7 hours.
• Ola Lundqvist did 14 hours (out of 14.7 hours assigned, thus keeping 0.7 extra hours for August).
• Santiago Ruano Rinc n did 14 hours (out of 14.7h allocated + 11.25 remaining, the 11.95 extra hours will be put back in the global pool as Santiago is stepping down).
• Thorsten Alteholz did 14.7 hours.

Evolution of the situation The number of sponsored hours jumped to 159 hours per month thanks to GitHub joining as our second platinum sponsor (funding 3 days of work per month)! Our funding goal is getting closer but it s not there yet. The security tracker currently lists 22 packages with a known CVE and the dla-needed.txt file likewise. That s a sharp decline compared to last month. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 10 months)
• GitHub
• Gold sponsors:
• The Positive Internet (for 26 months)
• Blablacar (for 25 months)
• Linode LLC (for 15 months)
• Babiel GmbH (for 4 months)
• Plat Home (for 4 months)
• Silver sponsors:
• Domeneshop AS (for 25 months)
• Universit Lille 3 (for 25 months)
• Trollweb Solutions (for 23 months)
• Nantes M tropole (for 19 months)
• University of Luxembourg (for 17 months)
• Dalenys (for 16 months)
• Univention GmbH (for 11 months)
• Universit Jean Monnet de St Etienne (for 11 months)
• Sonus Networks (for 5 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 26 months)
• Evolix (for 26 months)
• Offensive Security (for 26 months)
• Seznam.cz, a.s. (for 26 months)
• Freeside Internet Service (for 25 months)
• MyTux (for 25 months)
• Linuxhotel GmbH (for 23 months)
• Intevation GmbH (for 22 months)
• Daevel SARL (for 21 months)
• Bitfolk LTD (for 20 months)
• Megaspace Internet Services GmbH (for 20 months)
• Greenbone Networks GmbH (for 19 months)
• NUMLOG (for 19 months)
• WinGo AG (for 18 months)
• Ecole Centrale de Nantes LHEEA (for 15 months)
• Sig-I/O (for 12 months)
• Entr ouvert (for 10 months)
• Adfinis SyGroup AG (for 7 months)
• Laboratoire LEGI UMR 5519 / CNRS
• Quarantainenet BV
• GNI MEDIA

2 comments Liked this article? Click here. My blog is Flattr-enabled.

Like each month, here comes a report about the work of paid contributors to Debian LTS. Individual reports In June, 158.25 work hours have been dispatched among 11 paid contributors. Their reports are available:

• Antoine Beaupr has been allocated 4 hours but did not publish his report yet.
• Balint Reczey did 3 hours (out of 16 hours allocated, thus keeping 13 extra hours for July).
• Ben Hutchings did 19 hours (out of 15 hours allocated + 5 remaining, keeping 1 extra hour for July).
• Brian May did 15 hours.
• Chris Lamb did 18 hours.
• Emilio Pozuelo Monfort did 16 hours.
• Guido G nther did 8 hours.
• Markus Koschany did 19.75 hours (out of 18.75 hours allocated + 1 remaining).
• Ola Lundqvist did 10 hours.
• Santiago Ruano Rinc n did 15.5 hours (out of 18.75h allocated + 8 remaining, thus keeping 11.25 extra hours for July).
• Thorsten Alteholz did 18.75 hours.

DebConf 16 Presentation If you want to know more about how the LTS project is organized, you can watch the presentation I gave during DebConf 16 in Cape Town. Evolution of the situation The number of sponsored hours increased a little bit at 135 hours per month thanks to 3 new sponsors (Laboratoire LEGI UMR 5519 / CNRS, Quarantainenet BV, GNI MEDIA). Our funding goal is getting closer but it s not there yet. The security tracker currently lists 40 packages with a known CVE and the dla-needed.txt file lists 38 packages awaiting an update. Thanks to our sponsors New sponsors are in bold.

• Platinum sponsors:
• TOSHIBA (for 9 months)
• Gold sponsors:
• The Positive Internet (for 25 months)
• Blablacar (for 24 months)
• Linode LLC (for 14 months)
• Babiel GmbH (for 3 months)
• Plat Home
• Silver sponsors:
• Domeneshop AS (for 24 months)
• Universit Lille 3 (for 24 months)
• Trollweb Solutions (for 22 months)
• Nantes M tropole (for 18 months)
• University of Luxembourg (for 16 months)
• Dalenys (for 15 months)
• Univention GmbH (for 10 months)
• Universit Jean Monnet de St Etienne (for 10 months)
• Sonus Networks (for 4 months)
• Bronze sponsors:
• David Ayers IntarS Austria (for 25 months)
• Evolix (for 25 months)
• Offensive Security (for 25 months)
• Seznam.cz, a.s. (for 25 months)
• Freeside Internet Service (for 24 months)
• MyTux (for 24 months)
• Linuxhotel GmbH (for 22 months)
• Intevation GmbH (for 21 months)
• Daevel SARL (for 20 months)
• Bitfolk LTD (for 19 months)
• Megaspace Internet Services GmbH (for 19 months)
• Greenbone Networks GmbH (for 18 months)
• NUMLOG (for 18 months)
• WinGo AG (for 17 months)
• Ecole Centrale de Nantes LHEEA (for 14 months)
• Sig-I/O (for 11 months)
• Entr ouvert (for 9 months)
• Adfinis SyGroup AG (for 6 months)
• Laboratoire LEGI UMR 5519 / CNRS
• Quarantainenet BV
• GNI MEDIA

No comment Liked this article? Click here. My blog is Flattr-enabled.