Email: email@example.com • Twitter: @benhutchingsuk • Debian: benh • Gitweb: git.decadent.org.uk • Github: github.com/bwhacks
February marked the end of Debian 6.0 "squeeze" LTS, though there was some initial confusion (partly my fault) over which day of month it should end. I carried over 10 hours from January and was assigned another 11.25 hours of work by Freexian's Debian LTS initiative. I worked a total of 14 hours.
I started the month with "the final" update to the linux-2.6 kernel package (DLA-412-1), fixing 5 CVEs and incorporating upstream stable update 18.104.22.168. After it was agreed that support would continue to the end of the month, I made one more update on the last day (DLA-439-1), fixing 4 CVEs, a regression, and some issues I had found lacking CVEs (one is now CVE-2012-6701).
I helped to edit the end-of-life announcement for Squeeze LTS.
I spent a fairly quiet week in the front desk, triaging new issues for squeeze.
As I've volunteered to handle embargoed issues, I prepared security updates to libssh and libssh2 and issued them minutes after the public disclosure of the similarly disastrous CVE-2016-0739 and CVE-2016-0787 issues.