During the month of June, I have worked on the following task for LTS and ELTS: - u-boot + Released ELA-1459-1 + This update contains fixes for 24 CVEs + Target was Stretch and Buster + Those CVEs were already fixed on Bullseye onwards - angular.js + Reviewed the changes from Bastien + Helped him writing DEP-8 regression tests based on the available PoCs for multiple CVES - https://salsa.debian.org/js-team/angular.js/-/merge_requests/1 - https://salsa.debian.org/js-team/angular.js/-/merge_requests/2 - ruby3.1 + Checked the latest comment from the SRM about the update to a new minor release + It is a fix only update but we need to demonstrate that to the SRM + Instructed Bastien on what we should do to accomplish that - CSAF generator + CSAF is a standardized format to announce security advisories + PoC was considerably improved - It can parse the whole data/DLA/list - Store status of each DLA in a sqlite3 database (whether it was processed) - Tested the output with trivy (https://trivy.dev/latest/) - More info: https://salsa.debian.org/kanashiro/csaf-poc - debci + Worked on a fix for #1107645 + This is an issue found in our ELTS infra + There is a patch that should be fine - Need some integration tests before submitting a MR