------------------------------------------------------------------------
The Debian Project                               https://www.debian.org/
Debian Project News                    debian-public...@lists.debian.org
April 16th, 2015             https://www.debian.org/News/weekly/2015/03/
------------------------------------------------------------------------

Welcome to this year's third issue of DPN, the newsletter for the Debian
community. Topics covered in this issue include:

  * Jessie coming soon!
  * Reports
  * Calls For Help
  * Interviews
  * Other news
  * Upcoming events
  * New Debian Contributors
  * Release-Critical bugs statistics for the upcoming release
  * Important Debian Security Advisories
  * New and noteworthy packages
  * Work-needing packages
  * Want to continue reading DPN?


Jessie coming soon!
-------------------

Niels Thykier of the Debian Release team made the official
announcement [1] of a target release date of Saturday 25 April for
Debian 8 Jessie! The date although announced is still subject to change
for critical issues, but otherwise we are moving into the final stages
for release. There will be a quiet period starting Saturday 18 April;
all bug fixes must be in before then. There is still time to work on and
apply fixes, so don't be shy!

    1: https://lists.debian.org/debian-devel-announce/2015/03/msg00016.html

The Debian Installer team announced [2] the second release candidate of
the installer for Jessie. Several improvements were made to brltty-udeb,
console-setup, and tasksel, among other things. Hardware support is also
improved, with the installer providing u-boot binaries for armhf systems
without u-boot in flash, and grub2 support for running the 64-bit Linux
kernel on a 32-bit EFI. There is full translation for 19 of the 75
languages supported.

    2: https://lists.debian.org/debian-devel-announce/2015/03/msg00015.html

Steve McIntyre gave a final update [3] to his UEFI Debian installer work
for Jessie to say that all improvements were committed. The latest
release candidate works just as well as the test builds.

    3: http://blog.einval.com/2015/03/30#Jessie-EFI_6


Reports
-------

Ulrike Uhlig detailed [4] quite extensively her work towards improving
AppArmor support in Debian, as part of her final report on the latest
segment of Debian's involvement in the Outreach Program for Women. She
wrote about first starting [5] with AppArmor [6] and her learning curve
both with it and with Debian, sharing the maturation process from being
uncomfortable at first to later authoring documentation [7] on how
others could contribute. Although the internship has ended the work
continues as she still plans on contributing as a member of the AppArmor
Packaging Team.

    4: http://apparmor.451f.org/2015/03/09/final-report/
    5:
https://apparmor.451f.org/2014/12/23/how-does-my-apparmor-profile-get-into-debian/
    6: http://wiki.apparmor.net/index.php/Main_Page
    7:
https://apparmor.451f.org/2014/12/23/how-to-contribute-to-the-apparmor-upstream-profiles/

Gregor Herrmann gave an update [8] on RC bugs he worked on towards
Jessie's release.

    8: http://info.comodo.priv.at/blog/rc_bugs_2015_07_10.html

Freexian’s Debian Long Term Support report [9] for February 2015
detailed how 58 paid work hours were divided between the four
contributors. Ben Hutchings [10] worked on linux-2.6 version 2.6.32-
48squeeze11, userland, and security updates. Holger Levsen [11] worked
on the security tracker package. Raphaël Hertzog [12] worked mostly on
CVE triage with 41 commits to the tracker, a helper script for that
process, and a sponsorship of e2fsprogs. Thorsten Alteholz [13] uploaded
new versions of php5 (fixing a regression), krb5, unzip, and binutils.

    9:
http://raphaelhertzog.com/2015/03/17/freexians-report-about-debian-long-term-support-february-2015/
   10:
http://www.decadent.org.uk/ben/blog/debian-lts-work-february-2015.html
   11: http://layer-acht.org/thinking/blog/20150310-lts-february-2015/
   12:
http://raphaelhertzog.com/2015/03/06/my-free-software-activities-in-february-2015/
   13:
http://blog.alteholz.eu/2015/03/my-debian-activities-in-february-2015/


Calls For Help
--------------

The AppArmor Packaging Team is asking for volunteers and interested
parties to please help improve AppArmor support in Debian [14]. They
currently need help with documentation and bug reports.

   14: https://lists.debian.org/debian-devel-announce/2015/03/msg00008.html

Are you good at graphic design or artwork? There are several projects
right now that need artwork [15] such as JuggleMaster which needs icons,
the Debian wiki which needs a community icon, and the LTS group which
needs a logo.

   15: https://wiki.debian.org/DebianArt/RequestArtwork

The Debian Installer team asks for feedback and for help finding bugs
and to further improve the installer.


Interviews
----------

Zlatan Todorić interviewed Laura Arjona [16] as part of a series on
FLOSS developers. Laura talked about applying to become a Debian
Developer, her future plans in Debian, self-hosting, and administration.

   16:
http://zgrimshell.github.io/interviews-with-floss-developers-laura-arjona/

Next in the series was an interview with Francesca Ciceri [17] who
shared some history of the non-packaging Debian Developer role, her
journey in Debian through various teams, and how she came to be the
voice of Debian's diversity.

   17:
http://zgrimshell.github.io/interviews-with-floss-developers-francesca-ciceri/

Stefano Zacchiroli [18] was interviewed by The Setup [19] where he
details the equipment and software that a computer researcher and Debian
Developer uses for getting the job done. He followed up [20] with a
small commentary and thank you.

   18: http://stefano.zacchiroli.usesthis.com/
   19: http://usesthis.com/
   20: http://upsilon.cc/~zack/blog/posts/2015/03/interview_for_The_Setup/


Other news
----------

Following a vote and change to our constitution regarding term limits
for Technical Committee members [21] and the manner in which those
positions will expire, new appointments were announced [22] for Sam
Hartman, Tollef Fog Heen, and Didier Raboud.

   21: https://www.debian.org/vote/2014/vote_004
   22: https://lists.debian.org/debian-devel-announce/2015/03/msg00003.html

A recap of miscellaneous developer news.

  * Gitorious and Codehaus will be closing soon. Gitorious [23] will
shut down at the end of May and Codehaus [24] will be removing projects
from April 2 onwards.
  * There is currently a queue of prospective Debian members waiting for
Application Managers (AMs). If you would like to help please contact the
New Members Front Desk [25].
  * check-all-the-things is a tool to check all of the things related to
an unpacked or post-build source package or VCS repository. It will soon
be available [26] in experimental and can be checked out from
collab-maint git.
  * Debian's hardware donations wishlist has moved to the Debian wiki to
allow all Debian contributors to add their Debian-related hardware
wishlists. If you have a need for hardware to enable your work on
Debian, please add an entry [27] to the wiki so that hardware donors can
contact you about it.
  * There has been a change in how the SSL certificate
configuration [28] is organised on debian.org hosts. Going forward,
DSA-administered machines do not trust any CA certs and will only trust
SSL certs for debian.org services.

   23: https://about.gitlab.com/2015/03/03/gitlab-acquires-gitorious/
   24: https://codehaus.org/
   25: https://wiki.debian.org/Teams/FrontDesk
   26:
https://ftp-master.debian.org/new/check-all-the-things_2015.02.04.html
   27: https://wiki.debian.org/Hardware/Wanted#add
   28: https://lists.debian.org/debian-services-admin/2015/01/msg00002.html


Upcoming events
---------------

There are several upcoming Debian-related events:

  * Reminder: Bug Squashing party [29] in Salzburg, Austria, 17-19 April
2015.
  * Debian Jessie Release Parties (listed alphabetically) [30]

   29: https://lists.debian.org/debian-devel/2015/03/msg00121.html
   30: https://wiki.debian.org/ReleasePartyJessie

You can find more information about Debian-related events and talks on
the events section [31] of the Debian web site, or subscribe to one of
our events mailing lists for different regions: Europe [32],
Netherlands [33], Hispanic America [34], North America [35].

   31: https://www.debian.org/events
   32: https://lists.debian.org/debian-events-eu
   33: https://lists.debian.org/debian-events-nl
   34: https://lists.debian.org/debian-events-ha
   35: https://lists.debian.org/debian-events-na

Do you want to organise a Debian booth or a Debian install party? Are
you aware of other upcoming Debian-related events? Have you delivered a
Debian talk that you want to link on our talks page [36]? Send an email
to the Debian Events Team [37].

   36: https://www.debian.org/events/talks
   37: eve...@debian.org


New Debian Contributors
-----------------------

1 applicant has been accepted [38] as Debian Maintainer, and 3 people
have started to maintain packages [39] since the previous issue of the
Debian Project News. Please welcome Leopold Palomo-Avellaneda, Jessie
Frazelle, Rodney Dawes, and Tycho Andersen into our project!

   38: https://lists.debian.org/debian-project/2015/03/msg00054.html
   39: https://udd.debian.org/cgi-bin/new-maintainers.cgi


Release-Critical bugs statistics for the upcoming release
---------------------------------------------------------

According to the Bugs Search interface of the Ultimate Debian
Database [40], the upcoming release, Debian "Jessie", is currently
affected by 82 Release-Critical bugs. Ignoring bugs which are easily
solved or on the way to being solved, roughly speaking, about 40
Release-Critical bugs remain to be solved for the release to happen.

   40: https://udd.debian.org/bugs.cgi

There are also more detailed statistics [41] as well as some hints on
how to interpret [42] these numbers.

   41:
http://richardhartmann.de/blog/posts/2015/04/10-Debian_Release_Critical_Bug_report_for_Week_15/
   42: https://wiki.debian.org/ProjectNews/RC-Stats


Important Debian Security Advisories
------------------------------------

Debian's Security Team recently released advisories for these packages
(among others): mod-gnutls [43], xen [44], libssh2 [45], movabletype-
opensource [46], gnupg [47], ibgcrypt11 [48], nss [49], icu [50],
freetype [51], libav [52], putty [53], gnutls26 [54], checkpw [55],
tcpdump [56], libxfont [57], php5 [58], file [59], openssl [60],
php5 [61], xerces-c [62], drupal7 [63], iceweasel [64], mono [65],
tor [66], python-django [67], batik [68], dulwich [69], shibboleth-
sp2 [70], freexl [71], openldap [72], wireshark [73], icewaesel [74],
icedove [75], arj [76], mailman [77], libgd2 [78], tor [79], and
dpkg [80]. Please read them carefully and take the proper measures.

   43: https://www.debian.org/security/2015/dsa-3177
   44: https://www.debian.org/security/2015/dsa-3181
   45: https://www.debian.org/security/2015/dsa-3182
   46: https://www.debian.org/security/2015/dsa-3183
   47: https://www.debian.org/security/2015/dsa-3184
   48: https://www.debian.org/security/2015/dsa-3185
   49: https://www.debian.org/security/2015/dsa-3186
   50: https://www.debian.org/security/2015/dsa-3187
   51: https://www.debian.org/security/2015/dsa-3188
   52: https://www.debian.org/security/2015/dsa-3189
   53: https://www.debian.org/security/2015/dsa-3190
   54: https://www.debian.org/security/2015/dsa-3191
   55: https://www.debian.org/security/2015/dsa-3192
   56: https://www.debian.org/security/2015/dsa-3193
   57: https://www.debian.org/security/2015/dsa-3194
   58: https://www.debian.org/security/2015/dsa-3195
   59: https://www.debian.org/security/2015/dsa-3196
   60: https://www.debian.org/security/2015/dsa-3197
   61: https://www.debian.org/security/2015/dsa-3198
   62: https://www.debian.org/security/2015/dsa-3199
   63: https://www.debian.org/security/2015/dsa-3200
   64: https://www.debian.org/security/2015/dsa-3201
   65: https://www.debian.org/security/2015/dsa-3202
   66: https://www.debian.org/security/2015/dsa-3203
   67: https://www.debian.org/security/2015/dsa-3204
   68: https://www.debian.org/security/2015/dsa-3205
   69: https://www.debian.org/security/2015/dsa-3206
   70: https://www.debian.org/security/2015/dsa-3207
   71: https://www.debian.org/security/2015/dsa-3208
   72: https://www.debian.org/security/2015/dsa-3209
   73: https://www.debian.org/security/2015/dsa-3210
   74: https://www.debian.org/security/2015/dsa-3211
   75: https://www.debian.org/security/2015/dsa-3212
   76: https://www.debian.org/security/2015/dsa-3213
   77: https://www.debian.org/security/2015/dsa-3214
   78: https://www.debian.org/security/2015/dsa-3215
   79: https://www.debian.org/security/2015/dsa-3216
   80: https://www.debian.org/security/2015/dsa-3217

The Debian team in charge of Squeeze Long Term Support released security
update announcements for these packages: libarchive [81], redcloth [82],
konversation [83], axis [84], mod-gnutls [85], libssh2 [86], libextlib-
ruby [87], putty [88], tcpdump [89], gnupg [90], mono [91],
openssl [92], tor [93], tzdata [94], gnutls26 [95], xerces-c [96],
batik [97], libxfont [98], binutils [99], freetype [100], mailman [101],
tor [102], arj [103], libgd2 [104], libgcrypt11 [105], checkpw [106],
and ntp [107]. Please read them carefully and take the proper measures.

   81: https://lists.debian.org/debian-lts-announce/2015/03/msg00003.html
   82: https://lists.debian.org/debian-lts-announce/2015/03/msg00004.html
   83: https://lists.debian.org/debian-lts-announce/2015/03/msg00005.html
   84: https://lists.debian.org/debian-lts-announce/2015/03/msg00006.html
   85: https://lists.debian.org/debian-lts-announce/2015/03/msg00007.html
   86: https://lists.debian.org/debian-lts-announce/2015/03/msg00008.html
   87: https://lists.debian.org/debian-lts-announce/2015/03/msg00009.html
   88: https://lists.debian.org/debian-lts-announce/2015/03/msg00010.html
   89: https://lists.debian.org/debian-lts-announce/2015/03/msg00011.html
   90: https://lists.debian.org/debian-lts-announce/2015/03/msg00012.html
   91: https://lists.debian.org/debian-lts-announce/2015/03/msg00013.html
   92: https://lists.debian.org/debian-lts-announce/2015/03/msg00014.html
   93: https://lists.debian.org/debian-lts-announce/2015/03/msg00015.html
   94: https://lists.debian.org/debian-lts-announce/2015/03/msg00016.html
   95: https://lists.debian.org/debian-lts-announce/2015/03/msg00017.html
   96: https://lists.debian.org/debian-lts-announce/2015/03/msg00018.html
   97: https://lists.debian.org/debian-lts-announce/2015/03/msg00019.html
   98: https://lists.debian.org/debian-lts-announce/2015/03/msg00020.html
   99: https://lists.debian.org/debian-lts-announce/2015/03/msg00021.html
  100: https://lists.debian.org/debian-lts-announce/2015/03/msg00022.html
  101: https://lists.debian.org/debian-lts-announce/2015/04/msg00000.html
  102: https://lists.debian.org/debian-lts-announce/2015/04/msg00001.html
  103: https://lists.debian.org/debian-lts-announce/2015/04/msg00002.html
  104: https://lists.debian.org/debian-lts-announce/2015/04/msg00003.html
  105: https://lists.debian.org/debian-lts-announce/2015/04/msg00004.html
  106: https://lists.debian.org/debian-lts-announce/2015/04/msg00005.html
  107: https://lists.debian.org/debian-lts-announce/2015/04/msg00006.html

Debian's Stable Release Team released an update announcement for the
package: tzdata [108], and libdatetime-timezone-perl [109]. Please read
it carefully and take the proper measures.

  108: https://lists.debian.org/debian-stable-announce/2015/03/msg00000.html
  109: https://lists.debian.org/debian-stable-announce/2015/03/msg00001.html

Please note that these are a selection of the more important security
advisories of the last weeks. If you need to be kept up to date about
security advisories released by the Debian Security Team, please
subscribe to the security mailing list [110] (and the separate backports
list [111], stable updates list [112], and long term support security
updates list [113]) for announcements.

  110: https://lists.debian.org/debian-security-announce/
  111: https://lists.debian.org/debian-backports-announce/
  112: https://lists.debian.org/debian-stable-announce/
  113: https://lists.debian.org/debian-lts-announce/


New and noteworthy packages
---------------------------

66 packages were added to the unstable Debian archive recently. Among
many others [114] are:

  * afl — instrumentation-driven fuzzer for binary formats [115]
  * fw4spl — FrameWork for Software Production Line [116]
  * golang-logrus-dev — Logrus: a logging library for Go [117]
  * ksmtuned — enables and tunes Kernel Samepage Merging [118]
  * pipexec — create a directed graph of processes and pipes [119]
  * python-beanbag — Helper module for accessing REST APIs [120]
  * rofi — window switcher, run dialog and dmenu replacement [121]
  * superkb — Hotkey-based application launcher with on-screen hints [122]
  * yubikey-neo-manager — YubiKey NEO management graphical user
interface [123]

  114: https://packages.debian.org/unstable/main/newpkg
  115: https://packages.debian.org/unstable/main/afl
  116: https://packages.debian.org/unstable/main/fw4spl
  117: https://packages.debian.org/unstable/main/golang-logrus-dev
  118: https://packages.debian.org/unstable/main/ksmtuned
  119: https://packages.debian.org/unstable/main/pipexec
  120: https://packages.debian.org/unstable/main/python-beanbag
  121: https://packages.debian.org/unstable/main/rofi
  122: https://packages.debian.org/unstable/main/superkb
  123: https://packages.debian.org/unstable/main/yubikey-neo-manager


Work-needing packages
---------------------

Currently [124] 667 packages are orphaned [125] and 147 packages are up
for adoption [126]: please visit the complete list of packages which
need your help [127].

  124: https://lists.debian.org/debian-devel/2015/04/msg00088.html
  125: https://www.debian.org/devel/wnpp/orphaned
  126: https://www.debian.org/devel/wnpp/rfa
  127: https://www.debian.org/devel/wnpp/help_requested


Want to continue reading DPN?
-----------------------------

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [128] to find out how to help. We're
looking forward to receiving your mail at
<debian-public...@lists.debian.org>.

  128: https://wiki.debian.org/ProjectNews/HowToContribute


This issue of Debian Project News was edited by Cédric Boutillier,
Chris, Jean-Pierre Giraud, Donald Norwood, Justin B Rye and and Paul
Wise.


Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to