ELTS report February 2024
=========================

1. I have been ELTS frontdesk from 26.02.2024 to 03.03.2024.
   I triaged CVE in c-ares, clamav, cpio, curl, dnsmasq, dnspython, exiv2,
   expat, firmware-nonfree, freeglut, imlib2, krb5, less, ncurses, openexr,
   python-cryptography, systemd, texlive-bin, libcommons-compress-java, libuv1
   and qpdf.

2. I have been working on fixing 3 CVE for imlib2, which I am also responsible
   for as Debian's maintainer.

3. I have been working on CVE-2024-25710 and had a look at older CVE for
   libcommons-compress-java. Currently I believe the older ones are correctly
   triaged and no further action is required.

4. I revisited older Jetty9 CVE which were marked as postponed or ignored. I
   still believe the triaging is correct but let other team members decide how
   we move forward.

5. I picked up tomcat7/tomcat8 again and will either remove it from our todo
   list for now or prepare a small update soon.