In February, 58 work hours have been equally split among 4 paid contributors. Their reports are available:
- Ben Hutchings
- Holger Levsen (though he did only 9h out of the 14.5h allocated, he will have to catch up in March)
- Raphaël Hertzog
- Thorsten Alteholz
Evolution of the situation
During the last month, we gained 3 paid work hours: we’re now at 61 hours per month sponsored by 28 organizations and we have one supplementary sponsor in the pipe that should bring 4 more hours.
The increase is not very quick but seems to be steady. Hopefully at some point, we will have enough resources to do a more exhaustive job. For now, the paid contributors handle in priority the most popular packages used by the sponsors and there are some packages in the end of the queue which have open security issues for months already (example: CVE-2012-6685 on libnokogiri-ruby).
So, as usual, we are looking for more sponsors.
In terms of security updates waiting to be handled, the situation looks a little bit worse than last month: the dla-needed.txt file lists 40 packages awaiting an update (3 more than last month), the list of open vulnerabilities in Squeeze shows about 58 affected packages in total (5 less than last month). We are getting a bit more effective with CVE triage.
A logo for the LTS project?
Every time that I write an LTS report, I remember that it would be nice if my LTS related articles could feature a nice picture/logo that reminds people of the LTS team/initiative. Is there anyone up for the challenge of creating that logo? 🙂
Thanks to our sponsors
The new sponsors of the month are in bold.
- Gold sponsors:
- Silver sponsors:
- AD&D – David Ayers – IntarS Austria
- Domeneshop AS
- Gandi SAS
- Trollweb Solutions
- Université Lille 3
- Bronze sponsors: