This is the second month being part of the Debian Long Term Support team.
The following contributions were made:
- Correction of phpmyadmin (DLA-626-1). 25 CVE were checked and solved or concluded as unimportant.
- Concluded that libical CVE-2016-5823 is not severe enough to solve. It is a free of non-malloced area and that means a possible DOS attack. I do not think this is severe enough for wheezy where this is mainly used in client software.
- Security tracker data update:
- A few CVEs for openjdk-6 was marked with "end-of-life" tag.