Better living through software

Ben Hutchings's diary of life and technology

Email: • Twitter: @benhutchingsuk • Debian: benh • Gitweb: • Github:

Thu, 17 Sep 2015

Debian LTS work, August 2015

This was my ninth month working on Debian LTS. I was assigned 15 hours of work by Freexian's Debian LTS initiative.

Front desk

I spent another week in the 'front desk' role, largely overlapping with DebConf. I investigated which new CVEs affected LTS-supported packages in squeeze, recorded this in the secure-testing repository, and mailed the package maintainers to give them a chance to handle the updates. I found that one claimed security flaw in glusterfs was actually harmless for all supported Debian releases.


conntrack had one new issue (CVE-2015-6496, possible remote DoS if certain kernel modules aren't loaded). I didn't find a way to reproduce it, but it still seemed to be applicable to squeeze (but for fewer protocols). I was able to backport the upstream fix without difficulty, after which I uploaded and issued DLA-295-1.


I attended the LTS BoF at DebConf 15 to discuss the plans for wheezy LTS. Raphael just posted a summary of these discussions.


I spent some time on kernel security fixes, but haven't uploaded an update yet. That will probably come in September.

posted at: 00:59 | path: / | permanent link to this entry