Debian Long Term Support work 2016 September

This is the second month being part of the Debian Long Term Support team.

The following contributions were made:

  • Correction of phpmyadmin (DLA-626-1). 25 CVE were checked and solved or concluded as unimportant.
  • Concluded that libical CVE-2016-5823 is not severe enough to solve. It is a free of non-malloced area and that means a possible DOS attack. I do not think this is severe enough for wheezy where this is mainly used in client software.
  • Security tracker data update:
    • A few CVEs for openjdk-6 was marked with "end-of-life" tag.