Hi, Last month I was allocated 14.75h and carried over 0.5h from the previous month. I spent 11.75h doing the following:
- libice/libxdmcp/xorg-server: investigated and ended up marking all the vulnerabilities as no-dsa. - tzdata/libdatetime-timezone-perl: updated to tzdata 2017a. - firefox-esr: updated to Firefox 45.8.0 ESR. I also looked at Firefox 52 ESR, as 45 is soon to be end of life, and investigated and fixed some build issues. Also tested the resulting package, which works fine. - gdk-pixbuf: marked the issues as no-dsa. - libvpx: backported one of the fixes. The other issue is harder to backport as part of the code has been rewritten. I'm considering marking these issues as no-dsa, but still investigating that. Cheers, Emilio