------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Debian Project News debian-public...@lists.debian.org February 16, 2015 https://www.debian.org/News/weekly/2015/01/ ------------------------------------------------------------------------
Welcome to this year's first issue of DPN, the newsletter for the Debian community. Topics covered in this issue include: * A brief history of the arm64 port * First release candidate of Jessie Debian Installer * Debian Mirrors new and old * Debian Long Term Support * Debian members vote to limit Technical Committee Term * Call for projects and mentors for Debian GSoC 2015 * Progress on reproducible builds * Bug Squashing Parties * Recap of the 2015 mini-DebConf in Mumbai * 2048-bit key removal from Debian keyrings * Reports * Other news * New Debian Contributors * Release-Critical bugs statistics for the upcoming release * Important Debian Security Advisories * New and noteworthy packages * Work-needing packages * Want to continue reading DPN? A brief history of the arm64 port --------------------------------- Steve McIntyre walks us through a brief history of the Debian ARM port [1]. Now an official release architecture for Jessie, arm64 took many years and a lot of CPU time considering the over 21,000 source packages available. From the inception of the port, developers struggled for accessible hardware and were only able to work on it using ARM's AArch64 software models, until the folks running the Tianhe-2 supercomputer [2] project in China contacted the team to offer access to their arm64 hardware. Later as ARM [3] started producing its own "Juno" development boards, Debian Developers were able to acquire some for use as official Debian build machines. The Juno buildds ran well and with them a large portion of the Debian archive was built; however, suitability issues begin to arise with using them all over the world and with many developers using them for debugging the new architecture. Things progressed as best they could until Linaro, with a goal of helping to improve FOSS on ARM, came to the aid of the project with a cluster of servers [4] made available for software developers to use to get early access to ARMv8 hardware. Debian was able to negotiate dedicated access to three of the machines from the cluster in October of 2014, with two of the machines serving as build machines and the other as a porter box. Developers now had the necessary hardware in place to race against the small amount of time left before the freeze of Jessie. They did just that at the Cambridge mini-DebConf in November of 2014 where ARM was officially added to the list of release architectures. Since that time Steve has managed to obtain another arm64 machine on loan from AMD to Debian to use for further porting and building. He expects that as more vendors move from prototype to production, more hardware will become available, and hopes to see ARM running not just in your server rooms, but on your desktops and laptops. Running Jessie of course. 1: http://blog.einval.com/2015/01/06#bootstrapping-debian-arm64 2: http://en.wikipedia.org/wiki/Tianhe-2 3: http://www.arm.com/ 4: http://www.linaro.org/leg/servercluster/ First release candidate of Jessie Debian Installer -------------------------------------------------- The Debian Installer Jessie RC1 release has been announced [5]. Changes include checks for missing hardware, the official artwork for Jessie, the renaming of 486 to 586, and an updated mirror listing. Other items of note are language support for 75 languages, a PXE-bootable grub.efi, imx6 support and netcfg interface.d support. The Debian Installer team extends a Thank You to all the people who contributed towards this release. The team also extends a call for help for testers to help find bugs in all media available [6]. 5: https://lists.debian.org/debian-devel-announce/2015/01/msg00005.html 6: https://www.debian.org/devel/debian-installer Debian Mirrors new and old -------------------------- Yasuhiro Araki, who has provided cdn.debian.net since February of 2008, is planning on orphaning the project [7] in light of the more recent http.debian.net [8]. As he begins the process DNS for cdn.debian.net will eventually point to http.debian.net. Thank you Yasuhiro for the many years of service. 7: https://lists.debian.org/debian-mirrors/2014/12/msg00000.html 8: https://www.debian.org/News/weekly/2015/01/http.debian.net The Debian Project is pleased to announce [9] a new security.debian.org mirror with hardware and hosting provided by SAKURA Internet, Inc. The new host is located in and serves content from Japan and will service users in Asia. 9: https://www.debian.org/News/2015/20150206 Debian Long Term Support ------------------------ Freexian's fifth report [10] about Debian Long Term Support showed that in the month of December 46 work hours were split among four paid LTS contributors. Compared to the month of November the number of paid hours has not increased from the allotted 48 hours per month. Starting this year, 2015, with more sponsors the team hopes to have an increase in available funding, towards the goal of funding the equivalent of a half- time position [11]. Security updates in LTS held close to the same numbers are last month with 30 packages awaiting an update affecting around 56 packages in total. 10: http://raphaelhertzog.com/2015/01/16/freexians-fitfth-report-about-debian-long-term-support/ 11: http://www.freexian.com/services/debian-lts.html Thorsten Alteholz updated [12] his LTS status for December for which he was assigned 20.5 hours towards LTS. He used the time to upload new security updates to 14 packages including flac, tcpdump, jasper, unzip, and many others. Thorsten sponsored the upload of an ettercap security update, which may be the first non-Debian Developer patch for LTS, for which he thanks Nguyen Cong and Toshiba. 12: http://blog.alteholz.eu/2015/01/my-debian-activities-in-december-2014/ Raphaël Hertzog blogged [13] about his December 2014 LTS work: he was assigned 20 hours of LTS work which was spent on CVE triage with 47 commits to the security tracker, two fixes for wishlist bugs and several releases of which the biggest was DLA-120-1 on xorg-server [14] which took over 6 hours to backport, but fixed 12 CVEs. Raphaël created a dedicated funding subpage [15] on the LTS wiki, which now gives more information to interested parties and opens up the project for more companies to get involved in and to contribute to. The new page fixes what may have been an erroneously implied relationship between Freexian as an LTS sponsor and the Debian project. 13: http://raphaelhertzog.com/2015/01/05/my-free-software-activities-for-december-2014/ 14: https://lists.debian.org/debian-lts-announce/2014/12/msg00022.html 15: https://wiki.debian.org/LTS/Funding Ben Hutchings posted [16] his LTS summary with 11.5 hours of support on LTS and an update to the kernel package linux-2.6 [17], version 2.6.32- 48squeeze9. [18] The LTS team had been working with and using an older kernel with applied security and critical fixes until a recent shift to rebase packages on the 2014 2.6.32.64 release. Ben reviewed and applied fixes and security flaws for the kernel for upstream inclusion into 2.6.32.65. 16: http://womble.decadent.org.uk/blog/debian-lts-work-december-2014.html 17: https://packages.qa.debian.org/l/linux-2.6.html 18: https://packages.qa.debian.org/l/linux-2.6/news/20141209T000621Z.html Holger Levsen reported [19] on 11 LTS hours working on the linux-2.6 security update, bind9, and ntp. 19: http://layer-acht.org/thinking/blog/20150106-lts-december-2014/ Debian members vote to limit Technical Committee Term ----------------------------------------------------- Debian members were called by Kurt Roeckx [20], Debian secretary, to vote on a general resolution to change the Debian Constitution [21], and create term limits for Technical Committee members. Both proposals aimed at creating a regular turnover of Technical Committee members, by enforcing a term limit of about four years. The proposals differed in the way they respond to resignations or removals of TC members for reasons other than the term limit. The first option, which could result in more than two TC members leaving the TC during the same year, won the vote [22]. More details about the results of this vote can be found on the page of the website dedicated to this general resolution [23]. 20: https://lists.debian.org/debian-devel-announce/2014/12/msg00010.html 21: https://www.debian.org/devel/constitution 22: https://vote.debian.org/~secretary/gr_initcoupling/tally.txt 23: https://www.debian.org/vote/2014/vote_004 Call for projects and mentors for Debian GSoC 2015 -------------------------------------------------- Nicolas Dandrimont asked all Debian contributors for projects and mentors [24] to help Debian participate in the eleventh year of the Google Summer of Code [25]. "Everyone (member of the Debian project or not, student or not) is welcome to submit their ideas, and to try and find people willing to mentor the projects", explained Nicolas in his mail. If you have an idea, please publish it on the wiki page [26], and send an email to the coordination mailing list [27]. You can also contact Nicolas and the other GSoC administrators for Debian on their mailing list or on their IRC channel, #debian-soc on irc.debian.org. 24: https://lists.debian.org/debian-devel-announce/2015/02/msg00006.html 25: https://developers.google.com/open-source/soc/ 26: https://wiki.debian.org/SummerOfCode2015/Projects 27: soc-coordinat...@lists.alioth.debian.org Progress on reproducible builds ------------------------------- The reproducible builds team sent a report [28] about their work, which enables anyone to independently confirm that a given Debian binary package was indeed built from some specified source package. Currently, more than 83% of all the source packages in the main archive of the unstable distribution can be built reproducibly. The team developped the tool debbindiff [29] to provide in-depth detailed diffs of binary packages. Packages are then built twice on jenkins.debian.net [30], and reproducibility results are reported on the Debian Package Tracker [31]. The team is considering submitting a proposal to make reproducible builds a release goal for Stretch, the next stable release after Jessie. 28: https://lists.debian.org/debian-devel-announce/2015/02/msg00007.html 29: https://packages.debian.org/debbindiff 30: https://jenkins.debian.net 31: https://tracker.debian.org Bug Squashing Parties --------------------- Bernd Zeimetz announced a Debian Bug Squashing Party, which will be held on April 17-19 2015. Registration can be completed through the BSP wiki page [32]. The BSP will be located close to Salzburg Airport W.A. Mozart, at the office of Conova Communications Gmbh [33]. Besides registration, the wiki page covers hotel accommodations, sightseeing possibilities, meal planning, and leisure activities. Bernd welcomes team meetings or sprints, but warns travellers to email him [34] in advance to ensure accommodation. 32: https://wiki.debian.org/BSP/2015/04/at/Salzburg 33: https://www.conova.com/ 34: b...@debian.org In a series of quick [35] blog [36] posts [37], Jonathan Wiltshire reported on three days of the Alcester Bug Squashing Party [38] (BSP) which closed and worked on a large number of bugs, downgrades, removals, and patches. 35: http://www.jwiltshire.org.uk/content/2015/01/17/alcester-bsp-day-one/ 36: http://www.jwiltshire.org.uk/content/2015/01/17/alcester-bsp-day-two/ 37: http://www.jwiltshire.org.uk/content/2015/01/18/alcester-bsp-day-three/ 38: https://wiki.debian.org/BSP/2015/01/gb/Alcester Recap of the 2015 mini-DebConf in Mumbai ---------------------------------------- A mini-DebConf took place at the Indian Institute of Technology Bombay (IIT Bombay). The Conference was opened by Professor Kumar Appaiah from the Electrical Engineering department. Other notable speakers included Kannan Moudgalya, head of the Free and Open Source Sotware for Education (FOSSEE) project. Among the topics discussed were open source software security, Debian on ARM by Siji Sunny, and Raspbian (Debian on Raspberry Pi). A total recap of topics and discussions can be found on linuxveda [39]. Jaldhar H. Vyas attended the mini-DebConf, and completed a lengthy blog summary [40]. Organisers of the conference were pleased with the turn-out, and plan another mini-DebConf next year. 39: http://www.linuxveda.com/2015/01/21/mini-debconf-mumbai-2015-recap/ 40: http://www.braincells.com/debian/ 2048-bit key removal from Debian keyrings ----------------------------------------- The keyring-maint team is proud to announce that, after almost five years of actively requesting stronger keys to be used for the project, and after a four months intensive campaign to speed up the key migration, as of January 1 we have disabled all PGP keys weaker than 2048 bits. A full list of affected keys together with the requisites and instructions on how to submit a new key for Debian is available [41]. A statistical roundup of the keyrings' evolution can be found in a blog post [42] by Gunnar Wolf. 41: https://lists.debian.org/debian-devel-announce/2015/01/msg00000.html 42: http://gwolf.org/node/4022 Reports ------- Jingjie Jiang, our OPW (Outreach Program for Women) intern, posted [43] a progress report on her work on debsources. Several bugs were fixed and are to be merged into the codebase, such as allowing symbolic links within the same version, and override detection. She has also been working towards making debsources available on sor.debian.org, and provided some thoughts on the benefits of OPW internship [44]. 43: http://sophiejjj.wordpress.com/2014/12/29/week2-week3-opw-journey/ 44: https://sophiejjj.wordpress.com/2015/01/27/yet-another-post/ Niels Thykier gave an update [45] on the status of Jessie as of December of 2014. Currently there is no set release date and there is still much work to be done. He reminded users and developers of the automatic removal clause [46] that was about to go into effect; any package with a dependency on a threatened package may itself be at risk. Work on the release notes [47] still needs more time and hands. While the number of bugs is declining there are still a few problematic bugs to be solved. 45: http://nthykier.wordpress.com/2014/12/30/status-on-jessie-december-2014/ 46: https://release.debian.org/jessie/freeze_policy.html#autoremovals 47: https://www.debian.org/releases/jessie/releasenotes At this time only RC bug fixes are being accepted. Help is requested! Users can file bugs against the release notes [48] concerning missing or outdated documentation, fix the known RC bugs that are blocking Jessie [49], and report on tests of upgrade paths and installation media. 48: https://bugs.debian.org/release-notes 49: https://udd.debian.org/bugs/?release=jessie_and_sid&patch=ign&merged=ign&done=ign&rtjessie-is-blocker=only&fnewerval=7&flastmodval=7&rc=1&ctags=1&cdeferred=1&crttags=1&sortby=id&sorto=asc&format=html#results Steve McIntyre's work on UEFI support in Jessie continued with a series of posts on getting an i386-only UEFI net install [50] up and running (and made available with test images to download), then a mixed 32- and 64-bit UEFI net install [51] (available for testing and download), and later work on integration of 32-bit grub-efi [52] with patches to the Linux kernel, grub2 for /sys and a grub-installer patch. Steve's last update was in mid-January of 2015, when he also announced a pause in development in favour of a few other items that need work such as RC bugs, sorting Mac-only 32-bit images, and debian-live images. 50: http://blog.einval.com/2015/01/02#Jessie-EFI_3 51: http://blog.einval.com/2015/01/06#Jessie-EFI_4 52: http://blog.einval.com/2015/01/11#Jessie-EFI_5 Gregor Herrmann updated some RC bugs dealt with in the last few weeks on lirc-x [53], gxine [54], rtpproxy [55], and ciderwebmail [56] to name a few. 53: https://bugs.debian.org/774867 54: https://bugs.debian.org/772868 55: https://bugs.debian.org/774584 56: https://bugs.debian.org/774862 Raphaël Hertzog posted [57] his Free Software Activities for January 2015, including 12 hours of paid work on Debian LTS which had work done on libnokogiri-ruby and on pound-related SSL issues [58]. He also submitted bugs reports for the Tryton application platform, created three Salt formulas for Saltstack, packaging for upstream releases of Django in experimental along with a pre-approval [59], and an unblock request for Dolibarr with input from the security team. Raphael also worked on soliciting candidates for Debian France's election for a third board member. 57: http://raphaelhertzog.com/2015/01/30/my-free-software-activities-for-january-2015/ 58: https://security-tracker.debian.org/tracker/CVE-2009-3555 59: https://bugs.debian.org/775892 Thomas Goirand gave an update [60] on OpenStack [61] image availability letting us know that it is now generated at the same time as the official Debian CD ISO images. He suggests cloud users and public cloud operators should download [62] the now available weekly build. Presently the only arch available is arm64, which historically has not been a problem for operators. Goirand adds a few suggestions and comments for the image generation and included sources.tar.gz. file. Contributors and testers are welcomed. 60: http://thomas.goirand.fr/blog/?p=237 61: https://wiki.debian.org/OpenStack 62: http://cdimage.debian.org/cdimage/openstack/testing/ Roland Fehrenbacher wrote on his blog [63] a report on the DebianMed Sprint 2015 [64], which took place in Saint-Malo, France, from January 30 to February 2. He gave a brief review of the various presentations and discussions that occurred during this meeting as well as the packaging and mentoring activities. In related news, Andreas Tille announced a Debian Med "Mentoring of the month [65]" initiative for women. See the wiki page dedicated to the initiative [66] for more details. 63: https://www.qlustar.com/content/bioinformatics-waves-french-atlantic-coast 64: https://wiki.debian.org/Sprints/2015/DebianMed2015 65: https://lists.debian.org/20150210085117.ge29...@an3as.eu 66: https://wiki.debian.org/DebianMed/MoM Other news ---------- The eighth update of the stable distribution of Debian (codename "Wheezy") was released on January 10 [67]. 67: https://www.debian.org/News/2015/20150110 Christian Perrier asked on his blog [68] who was going to report bug #777777 in the Debian bug tracking system [69]. Matthias Klose answered that question a few hours later, by opening a bug [70] against the package aqsis [71]. 68: http://www.perrier.eu.org/weblog/2015/02/12#777777 69: https://bugs.debian.org 70: https://bugs.debian.org/777777 71: https://packages.debian.org/aqsis Lusas Nussbaum announced that he will not seek re-election in his post as the Debian Project Leader [72] (DPL), and shares some insight and thoughts about the transition to the next DPL while reflecting on some of the events of his term. With a new election slated to start in the upcoming months, he suggests that we in the community champion a lively campaign by reaching out to our dream candidates and encouraging them to run, or perhaps running for the position ourselves. On the project mailing list a separate thread asks, "What do you expect from the DPL? [73]" 72: https://www.debian.org/devel/leader 73: https://lists.debian.org/debian-project/2015/02/msg00039.html The Debian France association [74] is organising a mini-DebConf [75] on April 11 and 12, in Lyon, France, hosted by the Maison Pour Tous-Salle des Rancy [76]. If you're planning to attend, please add your name to the list on the dedicated wiki page [77]. 74: http://france.debian.net/ 75: http://france.debian.net/events/minidebconf2015/ 76: http://epn.salledesrancy.com/evenements/mini-debconf-debian/ 77: https://wiki.debian.org/DebianEvents/fr/2015/Minidebconf Lucas Nussbaum updated the delegation [78] for the Debian System Administrators team, which counts now two new official members: Paul Wise and Julien Cristau. Kurt Roeckx has been reappointed [79] as Project Secretary [80] for one more year. 78: https://lists.debian.org/debian-devel-announce/2015/02/msg00005.html 79: https://lists.debian.org/debian-devel-announce/2015/02/msg00004.html 80: https://www.debian.org/devel/secretary This Debian News Project issue just beats the length record previously held by the 2006/28 issue [81], and becomes for now the longest DPN ever. 81: https://www.debian.org/News/weekly/2006/28 New Debian Contributors ----------------------- 3 applicants have been accepted [82] as Debian Developers, 8 applicants have been [83] accepted [84] as Debian Maintainer, and 11 people have started to maintain packages [85] since the previous issue of the Debian Project News. Please welcome Nattie Mayer-Hutchings, Sebastiaan Couwenberg, Johannes Schauer, Alexander Alemayhu, Daniel Stender, Nigel Kukard, Sebastian Andrzej Siewior, Helge Kreutzmann, Etienne Millon, Steven Chamberlain, Timothy Potter Dmitry Bogatov, Edward Betts, Aggelos Avgerinos, Florian Pelgrim, Alessio Di Mauro, Michael R. Crusoe, Mario Stephan, Christopher Hoskin, Antonio Cardoso Martins, Patrick Huck, and Peter Spiess-Knafl into our project! 82: https://nm.debian.org/public/nmlist#done 83: https://lists.debian.org/debian-project/2014/12/msg00044.html 84: https://lists.debian.org/debian-project/2015/01/msg00080.html 85: https://udd.debian.org/cgi-bin/new-maintainers.cgi Release-Critical bugs statistics for the upcoming release --------------------------------------------------------- According to the Bugs Search interface of the Ultimate Debian Database [86], the upcoming release, Debian "Jessie", is currently affected by 147 Release-Critical bugs. Ignoring bugs which are easily solved or on the way to being solved, roughly speaking, about 77 Release-Critical bugs remain to be solved for the release to happen. 86: https://udd.debian.org/bugs.cgi There are also more detailed statistics [87] as well as some hints on how to interpret [88] these numbers. 87: http://richardhartmann.de/blog/posts/2015/02/13-Debian_Release_Critical_Bug_report_for_Week_07/ 88: https://wiki.debian.org/ProjectNews/RC-Stats Important Debian Security Advisories ------------------------------------ Debian's Security Team recently released advisories for these packages (among others): pyyaml [89], polarssl [90], php5 [91], strongswan [92], libevent [93], mantis [94], file [95], curl [96], binutils [97], otrs2 [98], openssl [99], php5 [100], iceweasel [101], linux [102], rpm [103], lsyncd [104], xdg-utils [105], icedove [106], privoxy [107], sympa [108], mysql-5.5 [109], polarssl [110], websvn [111], jasper [112], squid [113], xen [114], wireshark [115], eglibc [116], virtualbox [117], openjdk-7 [118], privoxy [119], requests [120], openjdk-6 [121], chromium-browser [122], condor [123], vlc [124], python-django [125], unzip [126], krb5 [127], ntp [128], postgresql-9.1 [129], ruby1.9.1 [130], unrtf [131], ruby1.8 [132], xorg-server [133], and dbus [134]. Please read them carefully and take the proper measures. 89: https://www.debian.org/security/2014/dsa-3115 90: https://www.debian.org/security/2014/dsa-3116 91: https://www.debian.org/security/2014/dsa-3117 92: https://www.debian.org/security/2015/dsa-3118 93: https://www.debian.org/security/2015/dsa-3119 94: https://www.debian.org/security/2015/dsa-3120 95: https://www.debian.org/security/2015/dsa-3121 96: https://www.debian.org/security/2015/dsa-3122 97: https://www.debian.org/security/2015/dsa-3123 98: https://www.debian.org/security/2015/dsa-3124 99: https://www.debian.org/security/2015/dsa-3125 100: https://www.debian.org/security/2015/dsa-3126 101: https://www.debian.org/security/2015/dsa-3127 102: https://www.debian.org/security/2015/dsa-3128 103: https://www.debian.org/security/2015/dsa-3129 104: https://www.debian.org/security/2015/dsa-3130 105: https://www.debian.org/security/2015/dsa-3131 106: https://www.debian.org/security/2015/dsa-3132 107: https://www.debian.org/security/2015/dsa-3133 108: https://www.debian.org/security/2015/dsa-3134 109: https://www.debian.org/security/2015/dsa-3135 110: https://www.debian.org/security/2015/dsa-3136 111: https://www.debian.org/security/2015/dsa-3137 112: https://www.debian.org/security/2015/dsa-3138 113: https://www.debian.org/security/2015/dsa-3139 114: https://www.debian.org/security/2015/dsa-3140 115: https://www.debian.org/security/2015/dsa-3141 116: https://www.debian.org/security/2015/dsa-3142 117: https://www.debian.org/security/2015/dsa-3143 118: https://www.debian.org/security/2015/dsa-3144 119: https://www.debian.org/security/2015/dsa-3145 120: https://www.debian.org/security/2015/dsa-3146 121: https://www.debian.org/security/2015/dsa-3147 122: https://www.debian.org/security/2015/dsa-3148 123: https://www.debian.org/security/2015/dsa-3149 124: https://www.debian.org/security/2015/dsa-3150 125: https://www.debian.org/security/2015/dsa-3151 126: https://www.debian.org/security/2015/dsa-3152 127: https://www.debian.org/security/2015/dsa-3153 128: https://www.debian.org/security/2015/dsa-3154 129: https://www.debian.org/security/2015/dsa-3155 130: https://www.debian.org/security/2015/dsa-3157 131: https://www.debian.org/security/2015/dsa-3158 132: https://www.debian.org/security/2015/dsa-3159 133: https://www.debian.org/security/2015/dsa-3160 134: https://www.debian.org/security/2015/dsa-3161 The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: mime-support [135], ettercap [136], ettercap [136], pyyaml [137], polarssl [138], sox [139], firebird2.1 [140], file [141], openssl [142], unrtf [143], curl [144], ia32-libs [145], tomcat6 [146], websvn [147], libevent [148], eglibc [149], rpm [150], jasper [151], libksba [152], privoxy [153], python-django [154], polarssl [155], php5 [156], wpasupplicant [157], sympa [158], krb5 [159], unzip [160], ntp [161], libxml2 [162], and postgresql-8.4 [163]. Please read them carefully and take the proper measures. 135: https://lists.debian.org/debian-lts-announce/2014/12/msg00027.html 136: https://lists.debian.org/debian-lts-announce/2014/12/msg00028.html 137: https://lists.debian.org/debian-lts-announce/2015/01/msg00000.html 138: https://lists.debian.org/debian-lts-announce/2015/01/msg00001.html 139: https://lists.debian.org/debian-lts-announce/2015/01/msg00002.html 140: https://lists.debian.org/debian-lts-announce/2015/01/msg00003.html 141: https://lists.debian.org/debian-lts-announce/2015/01/msg00004.html 142: https://lists.debian.org/debian-lts-announce/2015/01/msg00005.html 143: https://lists.debian.org/debian-lts-announce/2015/01/msg00006.html 144: https://lists.debian.org/debian-lts-announce/2015/01/msg00007.html 145: https://lists.debian.org/debian-lts-announce/2015/01/msg00008.html 146: https://lists.debian.org/debian-lts-announce/2015/01/msg00009.html 147: https://lists.debian.org/debian-lts-announce/2015/01/msg00010.html 148: https://lists.debian.org/debian-lts-announce/2015/01/msg00011.html 149: https://lists.debian.org/debian-lts-announce/2015/01/msg00012.html 150: https://lists.debian.org/debian-lts-announce/2015/01/msg00013.html 151: https://lists.debian.org/debian-lts-announce/2015/01/msg00014.html 152: https://lists.debian.org/debian-lts-announce/2015/01/msg00015.html 153: https://lists.debian.org/debian-lts-announce/2015/01/msg00016.html 154: https://lists.debian.org/debian-lts-announce/2015/01/msg00017.html 155: https://lists.debian.org/debian-lts-announce/2015/01/msg00018.html 156: https://lists.debian.org/debian-lts-announce/2015/01/msg00019.html 157: https://lists.debian.org/debian-lts-announce/2015/02/msg00000.html 158: https://lists.debian.org/debian-lts-announce/2015/02/msg00001.html 159: https://lists.debian.org/debian-lts-announce/2015/02/msg00002.html 160: https://lists.debian.org/debian-lts-announce/2015/02/msg00003.html 161: https://lists.debian.org/debian-lts-announce/2015/02/msg00004.html 162: https://lists.debian.org/debian-lts-announce/2015/02/msg00005.html 163: https://lists.debian.org/debian-lts-announce/2015/02/msg00006.html Debian's Stable Release Team released an update announcement for the packages: tzdata [164] and libdatetime-timezone-perl [164]. Please read it carefully and take the proper measures. 164: https://lists.debian.org/debian-stable-announce/2015/02/msg00000.html Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list [165] (and the separate backports list [166], stable updates list [167], and long term support security updates list [168]) for announcements. 165: https://lists.debian.org/debian-security-announce/ 166: https://lists.debian.org/debian-backports-announce/ 167: https://lists.debian.org/debian-stable-announce/ 168: https://lists.debian.org/debian-lts-announce/ New and noteworthy packages --------------------------- 158 packages were added to the unstable Debian archive recently. Among many others [169] are: * dex — tool to generate and execute Application type.desktop files [170] * sluice — rate limiting data piping tool [171] * apt-config-auto-update — Apt configuration for automatic cache updates [172] * git-big-picture — visualization tool for Git repositories [173] * u2f-host — command line tool to do Universal 2nd Factor (U2F) operations [174] * mrtdreader — reader for machine-readable travel documents (MRTDs / passports) [175] * php5-facedetect — faces detection with PHP [176] * sjaakii — Sjaak II - computer player for many Chess variants, including Shogi and XiangQi [177] * guidedog — NAT/masquerading/port-forwarding configuration tool in Qt5 [178] * rna-star — ultrafast universal RNA-seq aligner [179] 169: https://packages.debian.org/unstable/main/newpkg 170: https://packages.debian.org/unstable/main/dex 171: https://packages.debian.org/unstable/main/sluice 172: https://packages.debian.org/unstable/main/apt-config-auto-update 173: https://packages.debian.org/unstable/main/git-big-picture 174: https://packages.debian.org/unstable/main/u2f-host 175: https://packages.debian.org/unstable/main/mrtdreader 176: https://packages.debian.org/unstable/main/php5-facedetect 177: https://packages.debian.org/unstable/main/sjaakii 178: https://packages.debian.org/unstable/main/guidedog 179: https://packages.debian.org/unstable/main/rna-star Work-needing packages --------------------- Currently [180] 668 packages are orphaned [181] and 155 packages are up for adoption [182]: please visit the complete list of packages which need your help [183]. 180: https://lists.debian.org/debian-devel/2015/02/msg00140.html 181: https://www.debian.org/devel/wnpp/orphaned 182: https://www.debian.org/devel/wnpp/rfa 183: https://www.debian.org/devel/wnpp/help_requested Want to continue reading DPN? ----------------------------- Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page [184] to find out how to help. We're looking forward to receiving your mail at <debian-public...@lists.debian.org>. 184: https://wiki.debian.org/ProjectNews/HowToContribute This issue of Debian Project News was edited by Cédric Boutillier, Jean- Pierre Giraud, Carl J Mannino, Donald Norwood, Justin B Rye and and Paul Wise.
signature.asc
Description: Digital signature