My LTS work in August 2018

In August I spend 10h working on jessie LTS on:

  • review and sponsor the regresstion update for slurm-llnl and writing DLA-1437-2, and then learning the hard way that jessie-security is not configured to build arch:all packages and that one needs to use '--debbuildopts "-g"' with pbuilder.
  • update
  • claimed a DLA for wpa but Andrew Shadura (one of the maintainers) just went ahead and uploaded it, as I didn't claim it via dla-needed. Following processes is important... (and I didn't)
  • work on sam2p, merge upstream commits fixing CVE-2018-12601 and CVE-2018-12571 into usable patches for the jessie package. Write DLA-1463-1 and release it. I also updated #891527, which is a meta bug asking for several upstream issues to be fixed.
  • drop src:tiff3 from dla-needed.txt as it's only present in wheezy, which is gone / in eLTS.
  • work on patches for samba, which then caused the test suite to fail. Need to follow up on this in September.
  • work on confuse to fix CVE-2018-14447 and upload it and write and release DLA-1470-1, uploaded needed -g -sa, narf.
  • review upload for dropbear by Guilhem Moulin and notice CVE-2018-15599 isn't fixed in sid yet, thus held back sponsoring the upload at first, then uploaded, wrote and released DLA-1476-1.
  • building fixed mariadb-10.0 packages (to address CVE-2018-3058, CVE-2018-3063, CVE-2018-3064 and CVE-2018-3066) which thankfully were prepared by Otto Kekäläinen was more tedious then expected: first I had to fiddle with sbuild and git-buildpackage, which I dont use normally, to get the orig.tar.gz from git, then I ran into diskspace issues with sbuild, then I switched to build with pbuilder, then learned that 7gb diskspace are not enough but 12gb are. Then the testsuite still failed (after hours) because my system was too slow. To address this Otto helpfully recommended to build with DEB_BUILD_OPTIONS="nocheck parallel=4"... and that was all, testing and writing DLA-1488-1 was rather easy and joyfull ;)
  • writing this blog post.