------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Debian Project News                    debian-public...@lists.debian.org
November 14, 2014            https://www.debian.org/News/weekly/2014/15/
------------------------------------------------------------------------

Welcome to this year's fifteen issue of DPN, the newsletter for the
Debian community. Topics covered in this issue include:

  * The Debian Community combats Global Warming with a Freeze
  * Tokyo area Debian study group
  * First Jessie based Debian Edu released
  * LTS Reports for October 2014
  * Other Reports
  * Open Source Conference 2014 Tokyo/Fall
  * Who's using Debian Audit
  * Jessie removals/updates
  * 2014 Mini-DebConf in Cambridge at ARM
  * New Debian Contributors
  * Release-Critical bugs statistics for the upcoming release
  * Important Debian Security Advisories
  * New and noteworthy packages
  * Work-needing packages
  * Want to continue reading DPN?


The Debian Community combats Global Warming with a Freeze
---------------------------------------------------------

The Release Team is proud to announce [1] that Debian 8.0 "Jessie" is
frozen. Further updates to this release will be restricted to bug fixes
only.

    1: https://lists.debian.org/debian-devel-announce/2014/11/msg00003.html

With the freeze occurring as planned on November 5, Lucas Nussbaum
blogged [2]: "This is quite an achievement from the project as a whole,
and the Release Team specifically. First, we froze on the date announced
more than a year ago, and the freeze seems to have been well respected
by all maintainers. Second, with 310 RC bugs at the time of the freeze,
we are probably breaking a record for all recent Debian releases. Could
we have the shorter Debian freeze ever? Given that FOSDEM [3] is 12
weeks away, could we even release before FOSDEM, and have a big party
there to celebrate?"

    2: http://www.lucas-nussbaum.net/blog/?p=854
    3: https://fosdem.org/2015/

Richard Hartmann posted the Release Critical Bug report for Week 45 [4]
which highlights the work that needs to be done to push Jessie into
release. There are 1,154 bugs of which 295 directly affect Jessie, which
we need to get down to zero. Of these, 229 are bugs which affect both
Jessie and unstable and 66 affect Jessie only. He also posts a table of
data which compares our current status to the Squeeze release cycle. Not
to be lost in the pretty data and graph [5] is the request that if you
are able, please look into the key [6] packages [7] which need the most
help.

    4: 
http://richardhartmann.de/blog/posts/2014/11/07-Debian_Release_Critical_Bug_report_for_Week_45/
    5: http://richardhartmann.de/img/rc_bugs_report_en_2014-45.png
    6: 
https://udd.debian.org/bugs.cgi?release=jessie&merged=ign&rc=1&keypackages=only&chints=1&cdeferred=1&crttags=1
    7: 
https://udd.debian.org/bugs.cgi?release=jessie_and_sid&merged=ign&rc=1&keypackages=only&chints=1&cdeferred=1&crttags=1


Tokyo area Debian study group
-----------------------------

The Tokyo area Debian study group [8] held its 119th meeting starting
with a Debian common sense quiz, moving on to a discussion of the
LibreOffice package in Debian and desires to see more upstream and
downstream support. They also had a hands-on event [9] for debian-
installer beta2 for Debian 8 "Jessie".

    8: https://tokyodebian.alioth.debian.org/
    9: 
http://henrich-on-debian.blogspot.de/2014/11/meeting-event-with-libo-people-in-tokyo.html


First Jessie based Debian Edu released
--------------------------------------

Petter Reinholdtsen announced [10] the first Jessie based Debian Edu
release. Debian Edu, also known as Skolelinux [11], is a complete
operating system for schools, with support for servers, workstations,
and laptops working together on a school network. The creation of a
multi-user multi-machine study environment can be completed in a few
hours with hundreds of applications pre-installed. Further details of
the release include information about its current distribution,
documentation [12], and status [13].

   10: https://lists.debian.org/debian-devel-announce/2014/10/msg00006.html
   11: http://www.skolelinux.org/
   12: https://wiki.debian.org/DebianEdu/Documentation/Jessie
   13: https://wiki.debian.org/DebianEdu/Status/Jessie


LTS Reports for October 2014
----------------------------

Raphaël Hertzog reported [14] on ten hours of paid LTS work with the CVE
triage of 23 commits to the security tracker, the filing of several bug
reports, a sponsored upload, and mysql-5.1 and apache2 security updates.
This month he shares some thoughts on the workflow and user base of the
project. The project still needs help from its users, who are asked to
subscribe to the mailing list [15] and to test some of the packages
being submitted, and help by way of organisations joining the project by
providing help directly or sponsoring [16] others to do the work.

   14: 
http://raphaelhertzog.com/2014/11/04/my-debian-lts-report-for-october-2014/
   15: https://lists.debian.org/debian-lts/
   16: http://www.freexian.com/services/debian-lts.html

Thorsten Alteholz reported [17] that he was assigned a workload of
13.75 hours towards Squeeze LTS which allowed him to upload new versions of
rsyslog, torque, and libxml2 among others. He was also able to prepare a
new upload of wget, and sends congratulatory kudos to the Security Team
who deal with support on a daily basis.

   17: http://blog.alteholz.eu/2014/11/my-debian-activities-in-october-2014/


Other Reports
-------------

Thorsten Alteholz also blogged [18] his other October Debian activities
which started with working in the FTP assistant role, which has seen a
spike of uploads as developers try to get their packages in prior to the
freeze.

   18: http://blog.alteholz.eu/2014/11/my-debian-activities-in-october-2014/

Thomas Goirand greatly detailed [19] his OpenStack packaging activity
for October. His work involved patch submissions, uploads of multiple
release candidates through various stages, and the writing of a new
system in openstack-pkg-tools. He also backported python-libvirt,
python-setuptools, and some needed JavaScript packages. The OpenStack
Juno packages were all uploaded and ready by the day of the upstream
release.

   19: http://thomas.goirand.fr/blog/?p=225

Raphaël Hertzog updated [20] his free software activities for the month
of October with packaging work towards the upcoming Jessie freeze, bug
fixes for Publican, the first point release of Django 1.7.1 to unstable,
and package sponsorship. Work on the Distro Tracker continued, along
with a request for others to contribute [21] to the project with plenty
of easy bugs to fix [22]. All of the Distro Tracker instances he manages
are now running Django which he opted to make mandatory.

   20: 
http://raphaelhertzog.com/2014/11/05/my-free-software-activities-in-october-2014/
   21: https://tracker.debian.org/docs/contributing.html
   22: https://bugs.debian.org/tracker.debian.org


Open Source Conference 2014 Tokyo/Fall
--------------------------------------

Hideki Yamane blogged [23] about the Open Source Conference 2014 Tokyo/
Fall. Over 1,500 attendees participated over two days at the event which
focused on FOSS. The Tokyo area Debian study group [24] maintained a
booth, giving out fliers, DVDs and information. In the Debian community
session Nobuhiro Iwamatsu spoke about Debian 8 "Jessie".

   23: 
http://henrich-on-debian.blogspot.de/2014/10/open-source-conference-2014-tokyofall.html
   24: https://tokyodebian.alioth.debian.org/


Who's using Debian Audit
------------------------

The Who's using Debian [25] page lists Educational, Commercial,
Government and non-profit organisations that use Debian. Over the course
of time the page has collected a few stale entries that need to be
removed or updated in order to keep the listing relevant and current.
Toward that goal, the page and entries will undergo an audit [26].
Comments, suggestions, and interested parties are welcome.

   25: https://www.debian.org/users/
   26: https://lists.debian.org/debian-publicity/2014/10/msg00019.html


Jessie removals/updates
-----------------------

Matthias Klumpp shared via his blog the state of AppStream/GNOME-
Software [27] in Debian Jessie. When GNOME was updated to 3.14, the
normal functionality for update notifications was moved from gnome-
settings-daemon to GNOME-Software. As GNOME-Software requires additional
integration work by the distributors, GNOME systems are currently
without update notifications as AppStream [28] metadata is not yet
available in Debian and its full integration to Jessie has been
postponed though with an option to include some metadata for GNOME and
KDE to use via normal.deb packages. All is not lost as GNOME-Software is
in unstable, but because it uses offline-updates [28] by default, which
don't work well yet in Debian, it currently has an RC bug, preventing it
from entering Testing. "We need a way forward to bring update-
notifications back, and there is currently work going on to do that. For
all Debian users: Please be patient while we resolve the situation. For
all developers: If you would like to help, please contact me or Laurent
Bigonville, there are some tasks which could use some help." On the Xfce
front, Debian will soon have a new pk-update-icon package, which is
currently in NEW. That will resolve the situation there. This situation
does not affect KDE which uses Apper, which covers all its update-
notification needs.

   27: 
http://blog.tenstral.net/2014/11/the-state-of-appstreamgnome-software-in-debian-jessie.html
   28: http://www.freedesktop.org/software/appstream/docs/

Lisandro Damián Nicanor Pérez Meyer of the Debian QT/KDE Team [29] gave
an early warning [30] of the removal of Qt4 for Debian Stretch (Jessie
+1). Qt4 has been deprecated since the release of Qt5 on December 19,
2012, almost 2 years ago now. While the team did support bug-fix-only
releases, upstream has announced they will end support for Qt4 in 2015,
which means from that point on bug fixes for Jessie will require a
special effort. As Qt5 is available the decision to no longer support
Qt4 was made. As there is still a lot of software that relies on using
Qt4 and to ease the transition there is a backport for Wheezy for Qt5.

   29: https://pkg-kde.alioth.debian.org/
   30: 
http://perezmeyer.blogspot.de/2014/11/early-announce-qt4-removal-in-jessie1.html


2014 Mini-DebConf in Cambridge at ARM
-------------------------------------

Andrew Cater took us through the start [31] of the 2014 Mini-DebConf at
the ARM offices in Cambridge, UK [32], getting to meet and speak to
individuals in person rather than via email, surrounded by Debian
Developers who've taken on help desk roles [33] solving issues with
broken laptops, and the release sprint [34] with the Release Team.

   31: 
http://flosslinuxblog.blogspot.com/2014/11/here-at-debian-mini-conf-in-cambridge.html
   32: https://wiki.debconf.org/wiki/Miniconf-UK/2014
   33: 
http://flosslinuxblog.blogspot.com/2014/11/at-mini-debconf-cambridge-much.html
   34: 
http://nthykier.wordpress.com/2014/11/07/release-sprint-preparing-for-jessie/


New Debian Contributors
-----------------------

13 people have started to maintain packages [35] since the previous
issue of the Debian Project News. Please welcome Richard Sellam, James
Marsh, Pierre Mavro, Benda Xu, Nicolas Schier, Wolfgang Fuetterer,
Balasankar C, Josh Triplett, Reiner Herrmann, Kurashiki Satoru, Daniel
Gröber, Jakub Warmuz, and Dmitry Borisyuk into our project!

   35: https://udd.debian.org/cgi-bin/new-maintainers.cgi


Release-Critical bugs statistics for the upcoming release
---------------------------------------------------------

According to the Bugs Search interface of the Ultimate Debian
Database [36], the upcoming release, Debian "Jessie", is currently
affected by 427 Release-Critical bugs. Ignoring bugs which are easily
solved or on the way to being solved, roughly speaking, about 268
Release-Critical bugs remain to be solved for the release to happen.

   36: https://udd.debian.org/bugs.cgi

There are also more detailed statistics [37] as well as some hints on
how to interpret [38] these numbers.

   37: 
http://richardhartmann.de/blog/posts/2014/11/14-Debian_Release_Critical_Bug_report_for_Week_46/
   38: https://wiki.debian.org/ProjectNews/RC-Stats


Important Debian Security Advisories
------------------------------------

Debian's Security Team recently released advisories for these packages
(among others): libtasn1-3 [39], libxml2 [40], torque [41],
dokuwiki [42], linux [43], icedove [44], wget [45], quassel [46],
php5 [47], libxml-security-java [48], qemu [49], qemu-kvm [50],
konversation [51], curl [52], kfreebsd-9 [53], and nss [54]. Please read
them carefully and take the proper measures.

   39: https://www.debian.org/security/2014/dsa-3056
   40: https://www.debian.org/security/2014/dsa-3057
   41: https://www.debian.org/security/2014/dsa-3058
   42: https://www.debian.org/security/2014/dsa-3059
   43: https://www.debian.org/security/2014/dsa-3060
   44: https://www.debian.org/security/2014/dsa-3061
   45: https://www.debian.org/security/2014/dsa-3062
   46: https://www.debian.org/security/2014/dsa-3063
   47: https://www.debian.org/security/2014/dsa-3064
   48: https://www.debian.org/security/2014/dsa-3065
   49: https://www.debian.org/security/2014/dsa-3066
   50: https://www.debian.org/security/2014/dsa-3067
   51: https://www.debian.org/security/2014/dsa-3068
   52: https://www.debian.org/security/2014/dsa-3069
   53: https://www.debian.org/security/2014/dsa-3070
   54: https://www.debian.org/security/2014/dsa-3071

The Debian team in charge of Squeeze Long Term Support released security
update announcements for these packages: libtasn1-3 [55], torque [56],
dokuwiki [57], libxml2 [58], openssl [59], wget [60], curl [61], and
libxml-security-java [62]. Please read them carefully and take the
proper measures.

   55: https://lists.debian.org/debian-lts-announce/2014/10/msg00010.html
   56: https://lists.debian.org/debian-lts-announce/2014/10/msg00011.html
   57: https://lists.debian.org/debian-lts-announce/2014/10/msg00013.html
   58: https://lists.debian.org/debian-lts-announce/2014/10/msg00014.html
   59: https://lists.debian.org/debian-lts-announce/2014/11/msg00000.html
   60: https://lists.debian.org/debian-lts-announce/2014/11/msg00001.html
   61: https://lists.debian.org/debian-lts-announce/2014/11/msg00003.html
   62: https://lists.debian.org/debian-lts-announce/2014/11/msg00004.html

Please note that these are a selection of the more important security
advisories of the last weeks. If you need to be kept up to date about
security advisories released by the Debian Security Team, please
subscribe to the security mailing list [63] (and the separate backports
list [64], stable updates list [65], and long term support security
updates list [66]) for announcements.

   63: https://lists.debian.org/debian-security-announce/
   64: https://lists.debian.org/debian-backports-announce/
   65: https://lists.debian.org/debian-stable-announce/
   66: https://lists.debian.org/debian-lts-announce/


New and noteworthy packages
---------------------------

196 packages were added to the unstable Debian archive recently. Among
many others [67] are:

  * armory — advanced Bitcoin wallet management software [68]
  * bareos — Backup Archiving Recovery Open Sourced [69]
  * ghc-mod-el — Happy Haskell programming with Emacs [70]
  * irony-mode — C/C++ minor mode for Emacs powered by libclang [71]
  * mysecureshell — SFTP Server with ACL [72]
  * phabricator — Software engineering platform [73]
  * qmenu — tool to create simple menus for terminal interfaces [74]
  * ripmime — extraction of attachments out of MIME encoded emails [75]
  * utopia-documents — PDF reader that displays interactive annotations on 
scientific articles [76]

   67: https://packages.debian.org/unstable/main/newpkg
   68: https://packages.debian.org/unstable/main/armory
   69: https://packages.debian.org/unstable/main/bareos
   70: https://packages.debian.org/unstable/main/ghc-mod-el
   71: https://packages.debian.org/unstable/main/irony-mode
   72: https://packages.debian.org/unstable/main/mysecureshell
   73: https://packages.debian.org/unstable/main/phabricator
   74: https://packages.debian.org/unstable/main/qmenu
   75: https://packages.debian.org/unstable/main/ripmime
   76: https://packages.debian.org/unstable/main/utopia-documents


Work-needing packages
---------------------

Currently [77] 613 packages are orphaned [78] and 140 packages are up
for adoption [79]: please visit the complete list of packages which need
your help [80].

   77: https://lists.debian.org/debian-devel/2014/11/msg00639.html
   78: https://www.debian.org/devel/wnpp/orphaned
   79: https://www.debian.org/devel/wnpp/rfa
   80: https://www.debian.org/devel/wnpp/help_requested


Want to continue reading DPN?
-----------------------------

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [81] to find out how to help. We're
looking forward to receiving your mail at
<debian-public...@lists.debian.org>.

   81: https://wiki.debian.org/ProjectNews/HowToContribute


This issue of Debian Project News was edited by Cédric Boutillier,
Jean-Pierre Giraud, Donald Norwood, Justin B Rye and Thomas Vincent.


Attachment: signature.asc
Description: Digital signature

Reply via email to