Inguza Technology AB

technology, analysis and solutions

Debian Long Term Support work 2018 July

The following contributions were made:

  • Took part in discussion about issues for jetty, jetty8 and jetty9. Checked CVEs from 2011 to be on the safe side. Checked some issues from 2009 as Santiago was so persistent. It was rather pointless though.
  • Triaged accountsservice
    • TEMP identifier - marked as ignored following stretch.
  • Triaged binutils
    • CVE-2018-13033 - Ignored, minor issue following stretch.
  • Triaged busybox
    • CVE-2018-1000517 - Code inspection shows that the vulnerability is there. The urgency is low however. TODO.
  • Triaged giflib
    • CVE-2018-11
  • Triaged tiff. 
    • CVE-2018-12900 - Marked as postponed following stretch.
    • CVE-2018-10963 - Marked as ignored following stretch.