Like each month, here comes a report about the work of paid contributors to Debian LTS.
Individual reports
In November 42.5 work hours have been equally split among 3 paid contributors. Their reports are available:
- Thorsten Alteholz did his share as usual.
- Raphaël Hertzog worked 18 hours (catching up the remaining 4 hours of October).
- Holger Levsen did his share but did not manage to catch up with the backlog of the previous months. As such, those unused work hours have been redispatched among other contributors for the month of December.
New paid contributors
Last month we mentioned the possibility to recruit more paid contributors to better share the work load and this has already happened: Ben Hutchings and Mike Gabriel join the list of paid contributors.
Ben, as a kernel maintainer, will obviously take care of releasing Linux security updates. We are glad to have him on board because backporting kernel fixes really need some skills that nobody else had within the team of paid contributors.
Evolution of the situation
Compared to last month, the number of paid work hours has almost not increased (we are at 45.7 hours per month) but we are in the process of adding a few more sponsors: Roche Diagnostics International AG, Misal-System, Bitfolk LTD. And we are still in contact with a couple of other companies which have announced their willingness to contribute but which are waiting the new fiscal year.
But even with those new sponsors, we still have some way to go to reach our minimal goal of funding the equivalent of a half-time position. So consider asking your company representative to join this project!
In terms of security updates waiting to be handled, the situation looks better than last month: the dla-needed.txt file lists 27 packages awaiting an update (6 less than last month), the list of open vulnerabilities in Squeeze shows about 58 affected packages in total. Like last month, we’re a bit behind in terms of CVE triaging and there are still many packages using SSLv3 where we have no clear plan (in response to the POODLE issues).
The good side is that even though the kernel update spent a large chunk of time to Holger and Raphaël, we still managed to further reduce the backlog of security issues.
Thanks to our sponsors
- Gold sponsors:
- Silver sponsors:
- AD&D – David Ayers – IntarS Austria
- Blablacar
- Domeneshop AS
- Evolix
- Trollweb Solutions
- Université Lille 3
- Bronze sponsors: