LTS Link to heading

Released DLAs Link to heading

  1. DLA-2619-1 python3.5_3.5.3-1+deb9u4

    CVE-2021-23336 introduced an API-change. It was hard decision to upload this fix, because it can potentially break user’s code, if they code uses semicolon as separator. Another option is not to fix it at all, leaving the security issue open. Not the best solution.

    Also I have fixed the failing autopkgtest, which was introduced in one of latest CVE fixes. CI-pipelines on salsa.d.o are helping now to detect such mistakes.

  2. DLA-2628-1 python2.7_2.7.13-2+deb9u5

    CVE-2021-23336 introduced an API-change, same as for python3.5. But the backporting was much harder because python3->2 is not always easy.

CI-pipelines Link to heading

I try to setup for all LTS-packages which I touch CI-pipelines on salsa.d.o. Setting up pipelines for python3.5 and python2.7 was much harder as for other packages. Failing autopkgtests and some other issues. Though it takes at the beginning more time to setup, I believe it improves package quality.

LTS-Meeting Link to heading

I attended the Debian LTS team Jitsi-meeting.