https://stefanorivera.com/enContents © 2026 <a href="mailto:stefano@rivera.za.net">Stefano Rivera</a> <a rel="license" href="https://creativecommons.org/licenses/by-sa/4.0/"> <img alt="Creative Commons License BY-SA" class="cc-license-button" src="/assets/img/cc-by-sa-4.0.svg"></a>Fri, 01 May 2026 14:29:41 GMTNikola (getnikola.com)http://blogs.law.harvard.edu/tech/rsshttps://stefanorivera.com/posts/2022/06/02/lts-elts-report-for-april-may-2022/Stefano Rivera<p>April was my first month contributing Freexian sponsored work to Debian LTS. I started with ELTS in May. As April was my first month, and I didn't have any hours allocated, covering both months in one report.</p> <p>In April, I spent 5 hours doing LTS security updates for:</p> <ul> <li>twisted, backporting a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2022-24801">CVE-2022-24801</a> to stretch (finished in May)</li> </ul> <p>In May, I spent 14 hours doing LTS security updates for:</p> <ul> <li>completing the twisted update from April.</li> <li>kicad, backporting a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2022-23803">CVE-2022-23803</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2022-23804">CVE-2022-23804</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2022-23946">CVE-2022-23946</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2022-23947">CVE-2022-23947</a> to stretch.</li> <li>waitress, backporting a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2019-16785">CVE-2019-16785</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2019-16786">CVE-2019-16786</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2019-16789">CVE-2019-16789</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2019-16792">CVE-2019-16792</a>, <a href="https://security-tracker.debian.org/tracker/CVE-2022-24761">CVE-2022-24761</a> to stretch.</li> <li>lrzip, backporting a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2022-28044">CVE-2022-28044</a> to stretch.</li> <li>openssl, backporting a fix for <a href="https://security-tracker.debian.org/tracker/CVE-2022-1292">CVE-2022-1292</a> to stretch.</li> </ul> <p>In May I spent 4 hours doing ELTS security updates for:</p> <ul> <li>openssl, backporting a fix for <a href="https://deb.freexian.com/extended-lts/tracker/CVE-2022-1292">CVE-2022-1292</a> to jessie.</li> <li>openjpeg2, backporting a fix for <a href="https://deb.freexian.com/extended-lts/tracker/CVE-2022-1122">CVE-2022-1122</a> to jessie.</li> <li>intel-microcode, looking at backporting a newer version. Not uploaded due to more updates on the way.</li> </ul> <p>In April, I spent 4 hours of Freexian-sponsored Debian time on:</p> <ul> <li>The <a href="https://debconf22.debconf.org/">DebConf 22 website</a>.</li> <li>Preparations for DebConf 22.</li> <li>Applying related security updates (from LTS work) to Debian stable.</li> </ul> <p>In May, I spent 12 hours of Freexian-sponsored Debian time on:</p> <ul> <li>The <a href="https://debconf22.debconf.org/">DebConf 22 website</a>.</li> <li>Preparations for DebConf 22.</li> <li>Applying related security updates (from LTS work) to Debian stable.</li> <li>Fixing the flit support in dh-python.</li> </ul>eltsfreexianltshttps://stefanorivera.com/posts/2022/06/02/lts-elts-report-for-april-may-2022/Thu, 02 Jun 2022 12:57:05 GMT