This is my first (beside test time last year) official month of working for LTS. I was assigned 12 hrs and worked all of them. I could relatively easy set up the development environment for Debian Stretch and managed to release several DLAs.
I investigated CVE-2020-119977, which was marked as guacamole-server issue. There were not so much information about
this CVE. I was trying to analyze git log and git diff between affected and fixed versions without any visible success. After that I contacted upstream and they were very responsive!
This CVE affects guacamole-client only and the ancient versions in the archive is very difficult to fix. So I decided to mark this CVE as NOT-FOR-US.
Repositories with pipelines
For most of packages, which I touched due to LTS work the new repositories were created in LTS packages group on salsa.d.o with enabled CI-pipelines. It really helps to test updates though some tests needs to be disabled for passing pipelines.
I attended the Debian LTS team IRC-meeting.
Debian Science Team
I have prepared and uploaded following packages, which are maintained under the umbrella of Debian Science Team:
Prepared, uploaded and requested unblock for boost1.74_1.74.0-9
Moved 4 packages under the roof of Debian Electronics Team Team, which is a better place for them: