This is the first month being part of the Debian Long Term Support team.
The following contributions were made:
- Corrected dhcpcd5 and issued DLA-506-1
- Corrected nss and issued DLA-507-1
- Questioned update of qemu and qemu-kvm (the conclusion is that we shall support it on best effort)
- Security tracker updated with findings from Diego Biurrun. CVE-2015-8217 and CVE-2015-8363 do not apply to Libav 0.8 because the affected decoders are not present in that release.
- Analyzed nss code for CVE-2016-2834 and reported in an email to the list. Emilio Pozuelo Monfort <pochu@debian.org> completed this work for me.
- Analyzed phpmyadmin vulnerabilities. Backporting will be started next month when I have new hours.