Subject: LTS Report for February 2018

For February I spent 27.5 hours on the following tasks:

 - bind9: #889285 was reported as a possible instance of CVE-2017-3139
   (that CVE had been officially documented as RedHat-specific);
   investigated the reported problem, concluded that the issue was most
   likely CVE-2017-3139, but as ISC was not certain, CVE-2018-5735 was
   assigned; built and uploaded 1:9.8.4.dfsg.P1-6+nmu2+deb7u20
 - audacity: uploaded 2.0.1-1+deb7u1 to address CVE-2016-2540
 - graphicsmagick: uploaded 1.3.16-1.1+deb7u18 to address CVE-2018-6799
 - leptonlib: reviewed Abhijith PA's upload request
 - gcc-4.6/gcc-4.7: Worked on backporting jmm's retpoline patches from
   gcc-4.9 (no work has been done on gcc-4.7 as yet, but both are
   triaged)