Monday, October 10, 2022
HomeOperating SystemFOSS Activites in September 2022 · utkarsh2102

FOSS Activites in September 2022 · utkarsh2102


Right here’s my (thirty-sixth) month-to-month however transient replace concerning the actions I’ve performed within the F/L/OSS world.

Debian

This was my forty fifth month of actively contributing to Debian.
I grew to become a DM in late March 2019 and a DD on Christmas ‘19! o/

There’s a bunch of issues I do, each, technical and non-technical. Listed below are the issues I did this month:

Debian Uploads

  • rails (2:6.1.6.1+dfsg-2) – Add patch to permit Symbols in YAML columns, fixes #1018934.
  • rails (2:6.1.6.1+dfsg-3) – Add patch to take away active_record.yaml initializers.
  • rails (2:6.1.6.1+dfsg-4) – Add patch to permit Date, Time, ActiveSupport::HashWithIndifferentAccess in YAML columns.
  • ruby-arbre (1.4.0-2) – Add patch to make use of selector to detect authenticity token enter.
  • ruby-net-http-digest-auth (1.4.1-1) – New upstream model, v1.4.1 to repair the FTBFS w/ rails.
  • rails (2:6.1.7+dfsg-1) – New upstream model, v6.1.7+dfsg.
  • redmine (5.0.2-1) – New upstream model, v5.0.2 + fixes for #1017525, #1019607, #1019238, and #1014813.
  • redmine (5.0.2-2) – Add patch to calm down pg’s model for autopkgtest.
  • ruby-json-jwt (1.14.0-2) – No-change rebuild for unstable to repair #1011682.
  • libexporter-tiny-perl (1.004002-1) – New upstream model, v1.004002.

Different $issues:

  • Sponsored php-nikic-fast-route/1.3.0-4~bpo11+1 for William.
  • Being an AM for Arun Kumar, course of #1024.
  • Sponsoring stuff for non-DDs.
  • Mentoring for newcomers.
  • Moderation of -project mailing record.

Ubuntu

This was my twentieth month of actively contributing to Ubuntu.
Now that I joined Canonical to work on Ubuntu full-time, there’s a bunch of issues I do! o/

I largely labored on various things, I assume.

I used to be too lazy to keep up an inventory of issues I labored on so there’s
no concrete record atm. Perhaps I’ll get again to this part later or
will begin to record stuff from the autumn, as I used to be doing earlier than. 😀


Debian (E)LTS

Debian Lengthy Time period Assist (LTS) is a undertaking to increase the lifetime of all Debian secure releases to (at the very least) 5 years. Debian LTS isn’t dealt with by the Debian safety workforce, however by a separate group of volunteers and corporations focused on making it a hit.

And Debian Prolonged LTS (ELTS) is its sister undertaking, extending assist to the Jessie launch (+2 years after LTS assist).

This was my thirty-sixth month as a Debian LTS and twenty-seventh month as a Debian ELTS paid contributor.
I labored for 38.00 hours for LTS and 27.00 hours for ELTS.

LTS CVE Fixes and Bulletins:

  • Rolled out announcement for src:flac.
  • Rolled out announcement for src:ruby-rack.
  • Issued DLA 3128-1, fixing CVE-2020-7677, for node-thenify.
    For Debian 10 buster, these issues have been mounted in model 3.3.0-1+deb10u1.
  • Issued DLA 3129-1, fixing CVE-2019-17545 and CVE-2021-45943, for gdal.
    For Debian 10 buster, these issues have been mounted in model 2.4.0+dfsg-1+deb10u1.
  • Checked out src:mbedtls which has about 18 CVEs opened in buster (together with no-dsa).
    Additionally, spoke to the maintainer – they mentioned they’d be uncomfortable doing or reviewing the backport (though they initially mentioned they’d be joyful to assist).
  • Mounted src:rails regression by way of 2:6.1.6.1+dfsg-2, 2:6.1.6.1+dfsg-3, and a couple of:6.1.6.1+dfsg-4 for sid.
    CVE-2022-32224 broke your entire world. 🙂
  • Helped Abhijith determine the regression repair for CVE-2022-32224.
    Additionally obtained that verified by the individuals who reported regression, Raphael, Sven, and Jude. The entire thread is on debian-lts@.

ELTS CVE Fixes and Bulletins:

  • Rolled out announcemnet for src:ruby-tzinfo.
  • Rolled out announcemnet for src:grubt.
  • Issued ELA 682-1, fixing CVE-2022-31676, for open-vm-tools.
    For Debian 9 stretch, these issues have been mounted in model 2:10.1.5-5055683-4+deb9u3.
  • Issued ELA 691-1, fixing CVE-2020-21365, for wkhtmltopdf.
    For Debian 8 jessie, these issues have been mounted in model 0.12.1-2+deb8u1.
    For Debian 9 stretch, these issues have been mounted in model 0.12.3.2-3+deb9u1.
  • Issued ELA 692-1, fixing CVE-2022-37452, for exim4.
    For Debian 8 jessie, these issues have been mounted in model 4.84.2-2+deb8u9.
    For Debian 9 stretch, these issues have been mounted in model 4.89-2+deb9u9.
  • Began to take a look at src:tiff once more. Has quite a lot of open points. Haven’t claimed the bundle formally but, although. 🙂

Different (E)LTS Work:

  • Triaged rails,
    node-thenify,
    exim4,
    wkhtmltopdf,
    gdal, and
    mbedtls.
  • Marked CVE-2019-25050/gdal as not-affected for buster.
  • Marked CVE-2022-37451/exim4 as not-affected for stretch and jessie; following buster and bullseye.
  • Helped and assisted new contributors becoming a member of Freexian (LTS/ELTS).
  • Answered questions (& discussions) on IRC (#debian-lts and #debian-elts) and Matrix.
  • Participated and helped fellow members with their queries by way of personal mail and chat.
  • Basic and different discussions on LTS personal and public mailing record.
  • Attended the month-to-month public assembly held on #debian-lts on September twenty ninth.

Till subsequent time.
:wq for at the moment.

RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

- Advertisment -
Google search engine

Most Popular

Recent Comments