Here is my public monthly report. Thanks to our sponsors for making this possible, and to Freexian for handling the offering. https://www.freexian.com/services/debian-lts.html#sponsors
LTS - front-desk - Leverage last month's new report on missing buster updates in LTS - Mark 30 packages for update - Clarify or fix triage for 11 packages - Report: https://lists.debian.org/debian-lts/2022/05/msg00058.html - Mark 14 packages for update (regular front-desk triage workflow) - Set vulnerability status for 15 CVEs - Clarify postgresql-9.6 and nvidia-graphics-drivers-legacy-340xx status https://lists.debian.org/debian-lts/2022/05/msg00055.html https://lists.debian.org/debian-lts/2022/05/msg00057.html - Help fix incomplete announcement for DLA-2962-2 and DLA-3017-1 - rsyslog - Clarify related CVEs - Fix flaky tests in test suite on arm/slow architectures - DLA-3016-1 https://lists.debian.org/debian-lts-announce/2022/05/msg00028.html - ckeditor (v4) - Assess supportability, probably requires mass upgrade - Postpone pending ckeditor3 status - ckeditor3 - Coordinate support status with maintainer and security team https://lists.debian.org/debian-lts/2022/05/msg00018.html - Mark EOL for stretch https://salsa.debian.org/debian/debian-security-support/-/merge_requests/14 - libdbi-perl - DLA-3035-1 https://lists.debian.org/debian-lts-announce/2022/05/msg00046.html ELTS - front-desk - Common work with TLS - Leverage last month's new report on missing buster update in LTS - Mark 8 supported packages for update - Associate CVEs with 3 renamed supported packages - Mark 2 packages for update - Set vulnerability status for 13 CVEs - ckeditor (v4) - Drop support (actually unused in jessie) - rsyslog - Commmon work with LTS - No update (no affected CVEs, nothing to do for now) - libdbi-perl - Commmon work with LTS - ELA-620-1 https://deb.freexian.com/extended-lts/updates/ela-620-1-libdbi-perl/ Documentation and tooling - LTS documentation - CVEs triage: add reference to introductory commit when <not-affected> https://wiki.debian.org/LTS/Development?action=diff&rev2=291&rev1=290 - gen-DLA now removes obsolete triage https://wiki.debian.org/LTS/Development?action=diff&rev2=294&rev1=293 - ffmpeg testing: link our libav (past fork) documentation https://wiki.debian.org/LTS/TestSuites/ffmpeg?action=diff&rev2=4&rev1=3 - Wiki notifications HOWTO for the LTS namespace (internal documentation) - security-tracker: lts-cve-triage.py - Clarify intent and recommend against downgrading report priority https://lists.debian.org/debian-lts/2022/05/msg00035.html https://lists.debian.org/debian-lts/2022/05/msg00038.html - Clarify report label and document expected front-desk action - Internal discussions - Recommend keeping documentation in the wiki and ad-hoc READMEs - Recommend leaving git-based workflow optional - Help LTS newcomers on IRC -- Sylvain Beucler Debian LTS Team