FOSS Activites in May 2022

Here’s my (thirty-second) monthly but brief update about the activities I’ve done in the F/L/OSS world.

Debian

This was my 41st month of actively contributing to Debian. I became a DM in late March 2019 and a DD on Christmas ‘19! \o/

There’s a bunch of things I did this month but mostly non-technical, now that DC22 is around the corner. Here are the things I did:

Debian Uploads

• puppet-beaker (4.30.0-2) - Sponsored the upload to fix net-ssh’s FTBFS.
• ruby-terminal-table (3.0.2-1) - New upstream version, v3.0.2.

Other $things:

• Volunteering for DC22 Content team.
• Leading the Bursary team w/ Paulo.
• Answering a bunch of questions and things bursary.
• Being an AM for Arun Kumar, process #1024.
• Mentoring for newcomers.
• Moderation of -project mailing list.

Ubuntu

This was my 16th month of actively contributing to Ubuntu. Now that I joined Canonical to work on Ubuntu full-time, there’s a bunch of things I do! \o/

I mostly worked on different things, I guess.

I was too lazy to maintain a list of things I worked on so there’s no concrete list atm. Maybe I’ll get back to this section later or will start to list stuff from the fall, as I was doing before. :D

Debian (E)LTS

Debian Long Term Support (LTS) is a project to extend the lifetime of all Debian stable releases to (at least) 5 years. Debian LTS is not handled by the Debian security team, but by a separate group of volunteers and companies interested in making it a success.

And Debian Extended LTS (ELTS) is its sister project, extending support to the Jessie release (+2 years after LTS support).

This was my thirty-second month as a Debian LTS and twenty-third month as a Debian ELTS paid contributor.
I worked for 35.00 hours for LTS and 30.00 hours for ELTS.

LTS CVE Fixes and Announcements:

• Issued DLA 2999-1, fixing CVE-2022-1328, for mutt.
  For Debian 9 stretch, these problems have been fixed in version 1.7.2-1+deb9u6.
• Issued DLA 3009-1, fixing CVE-2022-27239 and CVE-2022-29869, for cifs-utils.
  For Debian 9 stretch, these problems have been fixed in version 2:6.7-1+deb9u1.
• Issued DLA 3013-1, fixing CVE-2022-30688, for needrestart.
  For Debian 9 stretch, these problems have been fixed in version 2.11-3+deb9u2.
• Issued DLA 3014-1, fixing CVE-2020-8659, for elog.
  For Debian 9 stretch, these problems have been fixed in version 3.1.2-1-1+deb9u1.
• Issued DLA 3038-1, for debian-security-support.
  For Debian 9 stretch, these problems have been fixed in version 1:9+2022.06.02.
• Working on tiff update for stretch.

ELTS CVE Fixes and Announcements:

• Issued ELA 607-1, fixing CVE-2022-1328, for mutt.
  For Debian 8 jessie, these problems have been fixed in version 1.5.23-3+deb8u6.
• Issued ELA 608-1, fixing CVE-2022-28044, for lrzip.
  For Debian 8 jessie, these problems have been fixed in version 0.616-1+deb8u2.
• Issued ELA 611-1, fixing CVE-2022-25647, for libgoogle-gson-java.
  For Debian 8 jessie, these problems have been fixed in version 2.2.4-1+deb8u1.
• Issued ELA 614-1, fixing CVE-2022-27239 and CVE-2022-29869, for cifs-utils.
  For Debian 8 jessie, these problems have been fixed in version 2:6.4-1+deb8u1.
• Working on tiff and beep updates for jessie.

Other (E)LTS Work:

• Triaged cifs-utils, vim, elog, needrestart, amd64-microcode, libgoogle-gson-java, lrzip, and mutt.
• Started as a Freexian Collaborator! \o/
• Read through the documentation bits around that.
• Helped and assisted new contributors joining Freexian.
• Answered questions (& discussions) on IRC (#debian-lts and #debian-elts).
• Participated and helped fellow members with theie queries via private mail and chat.
• General and other discussions on LTS private and public mailing list.

Debian LTS Survey

I’ve spent 2 hours on the LTS survey on the following bits:

• Finalizing and wrapping up the survey.
• Providing the stats, working on the initial export of the survey.
• Dropping ghost entries and other things which are useless. :)

Until next time.
:wq for today.