Email: email@example.com • Twitter: @benhutchingsuk • Debian: benh • Gitweb: git.decadent.org.uk • Github: github.com/bwhacks
In June I was assigned 14 hours of work by Freexian's Debian LTS initiative and carried over 2 hours from earlier months. I worked 13.25 hours and will carry over the remainder.
I finished bringing the linux (Linux 4.9) package up to date, uploaded it, and issued DLA-2689-1.
I also updated the linux-4.19 package based on the version in stable point release 10.10, and issued DLA-2690-1.
Finally, I backported my recent security fixes for klibc, uploaded it and issued DLA-2695-1.
In May I was assigned 13.5 hours of work by Freexian's Debian LTS initiative and carried over 4.5 hours from earlier months. I worked 16 hours and will carry over the remainder.
I finished reviewing the futex code in the PREEMPT_RT patchset for Linux 4.9, and identified several places where it had been mis-merged with the recent futex security fixes. I sent a patch for these upstream, which was accepted and applied in v4.9.268-rt180.
I have continued updating the Linux 4.9 package to later upstream stable versions, and backported some missing security fixes. I have still not made a new upload, but intend to do so this week.
In April I was assigned 16 hours of work by Freexian's Debian LTS initiative and carried over 2.5 hours from earlier months. I worked 14 hours and will carry over the remainder.
I spent a long time trying to verify that the futex issue in was now properly fixed in Linux 4.9, and reviewing the merge of these changes with the real-time (PREEMPT_RT) kernel patchset. Unfortunately this work is not complete and I did not make another upload this month.
In March I was assigned 16 hours of work by Freexian's Debian LTS initiative and carried over 12.25 hours from earlier months. I worked 25.75 hours and will carry over the remainder.
I eventually settled on an apparently working patch series to fix the futex security issue in Linux 4.9. This went through upstream stable review and was included in 4.9.260. I applied the same fixes to the Debian package, along with some other security and regression fixes. I uploaded it and issued DLA-2586-1.
Unfortunately the futex changes for Linux 4.9 still caused a regression (kernel WARNING in some circumstances). I worked to backport and test a further set of fixes that had already been applied to later kernel branches. These were included in upstream stable release 4.9.264 and should go into an updated Debian package soon.
Following the Debian 10.9 point release, I also backported the updated Linux 4.19 package. I uploaded it and issued DLA-2610-1.
In January was assigned 7 hours of work by Freexian's Debian LTS initiative and carried over 8.5 hours from earlier months. However, I only used 0.25 hours of these to write December's report. In Feburary I was assigned another 16 hours to work, and have worked 19 hours. I will carry over the remaining hours to March.
I uploaded a Linux 4.19 package update based on the recent security update for Debian 10 "buster", and issued DLA-2557-1 for this. I spent most of my time working on an update for Linux 4.9. However, some of the recent security fixes are not yet in a fully working state, so I have not been able to upload an update yet.