FOSS Activites in March 2022 · utkarsh2102

Right here’s my (thirtieth) month-to-month however transient replace in regards to the actions I’ve carried out within the F/L/OSS world.

Debian

This was my thirty ninth month of actively contributing to Debian.
I turned a DM in late March 2019 and a DD on Christmas ‘19! o/

I recovered this month and cleared up a bunch of my backlog. So month, that means.

I didn’t do any uploads this month however I nonetheless did the next this month:

Different $issues:

• Volunteering for DC22 Content material crew.
• Volunteering for DC22 Bursary crew.
• Being a DC22 Bursary lead alongside w/ Paulo.
• Being an AM for Arun Kumar, course of #1024.
• Mentoring for newcomers.
• Moderation of -project mailing listing.

Ubuntu

This was my 14th month of actively contributing to Ubuntu.
Now that I joined Canonical to work on Ubuntu full-time, there’s a bunch of issues I do! o/

I principally labored on various things, I suppose.

I used to be too lazy to take care of an inventory of issues I labored on so there’s
no concrete listing atm. Perhaps I’ll get again to this part later or
will begin to listing stuff from the autumn, as I used to be doing earlier than. 😀

Debian (E)LTS

Debian Lengthy Time period Help (LTS) is a challenge to increase the lifetime of all Debian secure releases to (not less than) 5 years. Debian LTS will not be dealt with by the Debian safety crew, however by a separate group of volunteers and corporations concerned with making it successful.

And Debian Prolonged LTS (ELTS) is its sister challenge, extending assist to the Jessie launch (+2 years after LTS assist).

This was my thirtieth month as a Debian LTS and nineteenth month as a Debian ELTS paid contributor.
I labored for 57.75 out of 59.50 hours for LTS and 42.25 out of 60.00 hours for ELTS.

LTS CVE Fixes and Bulletins:

• Issued DLA 2943-1, fixing CVE-2021-30151 and CVE-2022-23837, for ruby-sidekiq.
  For Debian 9 stretch, these issues have been fastened in model 4.2.3+dfsg-1+deb9u1.
• Issued DLA 2951-1, fixing CVE-2021-0561, for flac.
  For Debian 9 stretch, these issues have been fastened in model 1.3.2-2+deb9u2.
• Issued DLA 2956-1, fixing some vulnerabilties which haven’t a CVE ID assigned but, for wordpress.
  For Debian 9 stretch, these issues have been fastened in model 4.7.23+dfsg-0+deb9u1.
• Issued DLA 2958-1, fixing CVE-2021-3700, for usbredir.
  For Debian 9 stretch, these issues have been fastened in model 0.7.1-1+deb9u1.
• Issued DLA 2936-1, fixing CVE-2018-8098, CVE-2018-8099, CVE-2018-10887, CVE-2018-10888, CVE-2018-15501, CVE-2020-12278, CVE-2020-12279, CVE-2019-1352, and CVE-2019-1353, for libgit2.
  For Debian 9 stretch, these issues have been fastened in model 0.25.1+really0.24.6-1+deb9u1.
• Engaged on src:tiff and src:mbedtls to repair the problems, ready for extra points to be reported, although.
• Assist and assisted others w/ their queries, see “Different (E)LTS Work” part for extra particulars.

ELTS CVE Fixes and Bulletins:

• Issued ELA 578-1, fixing CVE-2021-0561, for flac.
  For Debian 8 jessie, these issues have been fastened in model 1.3.0-3+deb8u2.
• Issued ELA 582-1, fixing some vulnerabilties which haven’t a CVE ID assigned but, for wordpress.
  For Debian 8 jessie, these issues have been fastened in model 4.1.35+dfsg-0+deb8u1.
• Labored on readying up python2.7 replace. However the assessments fails with a segfault however solely on jessie. The exact same works high quality on stretch.
  Been attempting to workthru the assessments nevertheless it seems that it’s a test-only factor. However I’ll double-check to make certain. 🙂
• Regarded into src:bind9 for Markus. Additionally, coordinated the identical w/ the Ubuntu safety crew (ESM one). Reported the findings that I and Marc mentioned.
  Markus appeared to workthru a means out in the long run. o/
• Engaged on src:tiff and src:beep to repair the problems, ready for extra points to be reported for src:tiff and src:beep is a little bit of a PITA, although. 🙂

Different (E)LTS Work:

• Triaged xterm,
  dojo,
  strongswan,
  ruby-sidekiq,
  flac,
  wordpress,
  usbredir,
  debian-edu-config,
  libphp-adodb, and
  libgit2,
• Contributed to “Freexian values” (cf: inner survey).
• Learn by the logs of the month-to-month Debian LTS assembly.
• Helped w/ debian-archive-keyring thread and gave tips to Anton.
• Sorted out the LXD VM situation for src:libgit2 add.
• Helped reply Markus’ query on src:bind9 safety/regression updates.
• Answered questions (& discussions) on IRC (#debian-lts and #debian-elts).
• Common and different discussions on LTS personal and public mailing listing.
• Attended the month-to-month LTS assembly. Occurred on #debian-lts this month.

Debian LTS Survey

I’ve spent 9 hours on the LTS survey on the next bits:
(however I’ll bill them subsequent month)

• Set up questions. Re-order, repair, and add issues wherever wanted.
• Lastly set the entire thing up.
• Did a few dry-runs.
• Drafted the mail to be despatched.

Till subsequent time.
:wq for in the present day.