December was the eighth month I contributed to Debian LTS under the Freexian umbrella. It was a bit of a funny month since most of the time most open CVEs were already taken care of by other team members (which is nice) but it resulted in me not releasing a single DLA which feels weird.
Nevertheless in total I spent nine hours working on:
LTS Frontdesk duties like the triaging of 16 CVEs and patch reviews (which actually found an error reassuring me that spending time on this is useful).
Finding a fix for CVE-2015-7555 in giflib. I did not release a DLA yet since I hoped upstream would comment if this is the proper fix.
- Discussion on using the same nss in all suites continued.
- I did further upgrade test for nss focusing on Java this time (which is a heavy user of nss for its certificate handling).
- Enabled the internal testsuite of nspr as well since nss and nspr often get updated in lockstep. This resulted in 809723 and upstream bugs 1236333, 1236334, 1236244 (which were already merged thanks to Wan-Teh Chang). The current modifications are available here. Overall the test suite needs more cleanups but it's already useful as is.
On unpaid time I introduced some usertags for tracking our non DLA related activities (although it seems I'm currently the only user).
Other Debian stuff
- I uploaded libvirt 1.3.0~rc1 and 1.3.0~rc2 to experimental and 1.3.0 final to unstable.
- I uploaded libvirt-python 1.3.0 with newly added autopkg tests
- Filed bugs reminding that libvirt-bin is a transitional package that will be dropped soon.
- git-pbuilder updates to 1.37 and 1.38
- fixes for 791759 and 766350,
- doc updates including the addition of the patch queue handling
Still looking for time to finish gbp import-orig's rollback support.
- I added a function to link to the Debian BTS to my emacs config to ease writing these kind of posts.