------------------------------------------------------------------------ The Debian Project https://www.debian.org/ Debian Project News debian-public...@lists.debian.org June 15, 2015 https://www.debian.org/News/weekly/2015/05/ ------------------------------------------------------------------------
Welcome to this year's fifth issue of DPN, the newsletter for the Debian community. Topics covered in this issue include: * Souvenirs from Jessie's release parties from all over the world * Reports * A challenge to improve reproducibility * Debian Squeeze LTS reports * An official mirrors redirector * A glimpse at DebConf15's program * Interviews * Other news * New Debian Contributors * Important Debian Security Advisories * New and noteworthy packages * Work-needing packages * Want to continue reading DPN? Souvenirs from Jessie's release parties from all over the world --------------------------------------------------------------- To celebrate Jessie's release, many parties were organised all over the world. Here is a collection of links to photos and reports of the various events, in Évry [1] (France), Perth [2] (Australia), San [3] Francisco [4] (USA), and several [5] places [6] in [7] India, from where we received group [8] pictures [9] and [10] Jessie [11] cake [12] photos [13]. Thanks for sharing these moments with the community! 1: https://www-public.tem-tsp.eu/~berger_o/weblog/2015/05/19/presentation-du-projet-debian-par-nicolas-dandrimont-lors-de-la-debian-release-party-de-jessie/ 2: http://lists.linux.org.au/pipermail/debian-au/2015-May/000353.html 3: https://www.flickr.com/photos/pleia2/sets/72157650542082473 4: http://princessleia.com/journal/?p=10324 5: http://www.technoparktoday.com/debian-jessie-released-technopark/ 6: https://plus.google.com/events/cj7o7qu1pp02rj426p1fgqeatq4 7: https://poddery.com/uploads/images/scaled_full_c1e1fa3636c066f4525f.jpg 8: https://poddery.com/uploads/images/scaled_full_3eef6ddf359884550514.png 9: https://poddery.com/uploads/images/scaled_full_2e8e5f3613b6ebb26d22.jpg 10: https://poddery.com/uploads/images/scaled_full_ac120c665928c39183ac.jpg 11: https://poddery.com/uploads/images/scaled_full_9ba0eaab043def897def.JPG 12: https://poddery.com/uploads/images/scaled_full_123530c82601fe8b1561.jpg 13: https://poddery.com/posts/1764904 Reports ------- The Ruby team posted a report [14] on their recent meet at IRILL in Paris from April 8 to 10 for the 2015 Debian Ruby Sprint [15]. Pre- Jessie a large part of the results were sent to experimental; post- release the changes are being sent to unstable. The team triaged and/or fixed almost all of the important bugs in Ruby library packages, and while doing so discovered that the popular text-with-markup parsers bluecloth and redcloth were unmaintained upstream; the team would like to encourage anyone to work on these projects upstream. Obsolete packages were identified and requests for removal filed and/or prepared. The obsolete githubredir service has been removed, and a long-standing issue with the handling of the /var/lib/gems/$VERSION paths resolved: for Stretch and beyond, they will be shipped with the interpreter itself. The team also worked on improving the support for Reproducible builds, porting work for Ruby 2.2, whitelisting Ruby Packages in Debian CI, and packaging improvements. 14: https://lists.debian.org/debian-project/2015/05/msg00001.html 15: https://bits.debian.org/2015/05/ruby-sprint-2015.html Niels Thykier updated the status of experimental ddeb support [16] which aims to automatically produce debugging symbols for everything in the archive, without developers needing to add -dbg packages. Currently a consensus has been reached on using the ".deb" extension for ddebs for Automatic Debug Packages [17]. Debhelper has the necessary patches to produce compliant ddebs with the.deb extension. Work is ongoing on support in dak, as well as progress in debhelper toward removing and reverting patches. Niels kindly included an FAQ and outlined the most recent changes. 16: https://lists.debian.org/debian-dpkg/2015/05/msg00038.html 17: https://wiki.debian.org/AutomaticDebugPackages Martin Pitt has put forth an idea to enable stateless persistent network interface names to overcome the problems with the kernel's unpredictable sorting order of network devices. The proposal would remove the administrative overhead of having to correct the order by using a round- about manner to keep and use a stable interface name for firewalls or other network configuration. His initial proposal [18] called for dropping persistent-net-generator.rules and enabling ifnames; however, as he received feedback and comments an updated proposal [19] was made which would include a naming policy using MAC based names for USB and other devices. 18: https://lists.debian.org/debian-devel/2015/05/msg00170.html 19: https://lists.debian.org/debian-devel/2015/06/msg00018.html From Bits from the Debian Hamradio Maintainers [20], Ian Learmonth posted updates on the Debian Hamradio pure blend and the status of its DVD images, work towards live images based on Stretch, outstanding issue resolutions, and updates on packages such as direwolf, qsstv, and soundmodem. 20: https://lists.debian.org/debian-hams/2015/05/msg00147.html Andrew Pollock blogged [21] on fixing a few issues with changelogs.debian.net which was giving incorrect codes, along with some needed cosmetic upgrades, and working with api.ftp-master.debian.org. 21: http://blog.andrew.net.au/2015/05/17#changelogs_back_2015 A challenge to improve reproducibility -------------------------------------- GSOC student Eduard Sanou updated his status on Reproducible builds in Debian [22]. Many packages in Debian are built with a fair amount of unique data, such as build machine names, unique IDs, and timestamps that may unfortunately produce different results when they are built on different machines. The project goal is to achieve the same binaries independently of what machine builds the package for production. Eduard introduces himself with some of his background, motivation, and separately the benefits of this coding work. 22: https://dhole.github.io/post/reproducible_builds_debian_gsoc2015/ While Jérémie Bobbio continued his series [23] of [24] weekly [25] reports [26] about [27] reproducibility [28] of package builds, and how it is improving over the Stretch development cycle, Daniel Kahn Gillmor proposed a challenge [29], called "one reproducible package a week". Daniel invites everyone interested in Debian development to find packages on the reproducible builds web pages which cannot be built reproducibly at the moment and for which the reason has not been mentioned in the notes yet. If you find the reason, you can then file a bug against the package with your diagnosis, and tag it with one of the tags. It is a good opportunity to discover many aspects of Debian in a fun and useful way. Daniel describes his workflow to achieve this, and also refers to the dedicated Wiki page [30] for more information. 23: https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_2/ 24: https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_3/ 25: https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_4/ 26: https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_5/ 27: https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_6/ 28: https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_7/ 29: http://debian-administration.org/users/dkg/weblog/115 30: https://wiki.debian.org/ReproducibleBuilds Debian Squeeze LTS reports -------------------------- Freexian sent a report [31] about the activities of contributors on the long term support of Debian Squeeze during the month of April. Ben Hutchings [32], Thorsten Alteholz [33], Raphaël Hertzog [34], Guido Günter [35], Mike Gabriel [36], and Holger Levsen [37] have described on their blogs their work on Debian Squeeze LTS during the month of May, together with their activities on Debian and more broadly on free software. 31: https://raphaelhertzog.com/2015/05/18/freexians-report-about-debian-long-term-support-april-2015/ 32: http://womble.decadent.org.uk/blog/debian-lts-work-may-2015.html 33: http://blog.alteholz.eu/2015/06/my-debian-activities-in-may-2015/ 34: https://raphaelhertzog.com/2015/06/03/my-free-software-activities-in-may-2015/ 35: http://honk.sigxcpu.org/con/Debian_work_in_may.html 36: http://sunweavers.net.blog/node/15 37: http://layer-acht.org/thinking/blog/20150610-lts-may/ An official mirrors redirector ------------------------------ Raphael Geissert announced [38] the availability of an official Debian service, httpredir.debian.org, acting as a Debian mirrors redirector. This service, known as http.debian.net before it was hosted on Debian infrastructure, "allows many of the nearly 400 Debian mirrors to be available via a single address, adapting to your network location, IP family connectivity, and service availability", says Raphael. To use this service with Debian Jessie, just put deb http://httpredir.debian.org/debian jessie main in your /etc/apt/sources file. 38: https://lists.debian.org/debian-devel-announce/2015/05/msg00003.html A glimpse at DebConf15's program -------------------------------- Monday June 15 is the deadline [39] to submit proposals for events at DebConf15 [40], to be held in Heidelberg, Germany, from August 15 to August 22. A list of already approved talks has been [41] published [42], together with the list of keynote speakers [43] for the opening and closing of DebConf: Bradley M. Kuhn [44], Werner Koch [45], Bdale Garbee [46], and Jacob Appelbaum [47]. 39: http://lists.debconf.org/lurker/message/20150603.165921.a84cb7dd.en.html 40: http://debconf15.debconf.org/ 41: http://lists.debconf.org/lurker/message/20150523.144333.afc07dcf.en.html 42: http://lists.debconf.org/lurker/message/20150603.165921.a84cb7dd.en.html 43: http://lists.debconf.org/lurker/message/20150611.105002.eac906ab.en.html 44: http://en.wikipedia.org/wiki/Bradley_M._Kuhn 45: http://en.wikipedia.org/wiki/Werner_Koch 46: http://en.wikipedia.org/wiki/Bdale_Garbee 47: http://en.wikipedia.org/wiki/Jacob_Appelbaum Interviews ---------- Neil McGovern, Debian Project Leader, has been interviewed [48] by Swapnil Bhartiya for the linux.com website. 48: https://www.linux.com/news/software/applications/829303-new-debian-project-leader-talks-open-source-careers-ppas-and-more Julien Danjou published on his blog an interview on software testing in Python by Johannes Hubertz with himself [49]. It belongs to a series of interviews gathered by Johannes Hubertz as part of a book on the subject. 49: https://julien.danjou.info/blog/2015/interview-software-tests-in-python Other news ---------- Simon McVittie posted on his blog a very detailed article on how PolicyKit works [50]. He took the example of mounting a disk on modern Linux to illustrate the various processes involved. 50: http://smcv.pseudorandom.co.uk/2015/why_polkit/ Patrick Schoenfeld wrote an overview [51] of the different options to test puppet [52] modules. 51: http://tech.just-imho.net/2015/06/testing-puppet-modules-an-overview.html 52: https://packages.debian.org/jessie/puppet Holger Levsen mentioned on his blog [53] that the number of source packages in the Debian archive has just passed 22,000. The number of binary packages reached 45,000 a few weeks ago. 53: http://layer-acht.org/thinking/blog/20150610-debian-22k/ The first update of the stable distribution of Debian (codename "Jessie") was released on June 6 [54]. 54: https://www.debian.org/News/2015/20150606 New Debian Contributors ----------------------- 4 applicants have been accepted [55] as Debian Developers, 9 applicants have been accepted [56] as Debian Maintainer, and 18 people have started to maintain packages [57] since the previous issue of the Debian Project News. Please welcome Fabian Greffrath, Michael Fladischer, Jean-Michel Vourgère, Alexandre Delanoë, Arturo Borrero Gonzalez, Bertrand Marc, Herbert Parentes Fortes Neto, Robert James Clay, Jochen Sprickerhof, Peter Spiess-Knafl, Roland Fehrenbacher, Ruben Undheim, Steven Capper, Johannes Hubertz, Navid Fehrenbacher, Partha Pratim Mukherjee, Richard B Winters, Pali Rohár, Gustavo Soares de Lima, Paulo Henrique de Lima Santana, Paul Liétar, Arthur de Moura Del Esposte, Lucas Kanashiro, Hialo Muniz, Guillaume Grossetie, Athos Coimbra Ribeiro, James Lu, Alba Crespi, Kai-Chung Yan, Kevin Murray, and David Mohr into our project! 55: https://nm.debian.org/public/nmlist#done 56: https://lists.debian.org/debian-project/2015/05/msg00004.html 57: https://udd.debian.org/cgi-bin/new-maintainers.cgi Important Debian Security Advisories ------------------------------------ Debian's Security Team recently released advisories for these packages (among others): quassel [58], qemu [59], iceweasel [60], libmodule-signature-perl [61], xen [62], proftpd-dfsg [63], icedove [64], zendframework [65], fuse [66], chromium-browser [67], ntfs-3g [68], postgresql-9.1 [69], postgresql-9.4 [70], nbd [71], ipsec-tools [72], tiff [73], virtualbox [74], fusionforge [75], symfony [76], wireshark [77], libapache-mod-jk [78], redis [79], php5 [80], strongswan [81], and cups [82]. Please read them carefully and take the proper measures. 58: https://www.debian.org/security/2015/dsa-3258 59: https://www.debian.org/security/2015/dsa-3259 60: https://www.debian.org/security/2015/dsa-3260 61: https://www.debian.org/security/2015/dsa-3261 62: https://www.debian.org/security/2015/dsa-3262 63: https://www.debian.org/security/2015/dsa-3263 64: https://www.debian.org/security/2015/dsa-3264 65: https://www.debian.org/security/2015/dsa-3265 66: https://www.debian.org/security/2015/dsa-3266 67: https://www.debian.org/security/2015/dsa-3267 68: https://www.debian.org/security/2015/dsa-3268 69: https://www.debian.org/security/2015/dsa-3269 70: https://www.debian.org/security/2015/dsa-3270 71: https://www.debian.org/security/2015/dsa-3271 72: https://www.debian.org/security/2015/dsa-3272 73: https://www.debian.org/security/2015/dsa-3273 74: https://www.debian.org/security/2015/dsa-3274 75: https://www.debian.org/security/2015/dsa-3275 76: https://www.debian.org/security/2015/dsa-3276 77: https://www.debian.org/security/2015/dsa-3277 78: https://www.debian.org/security/2015/dsa-3278 79: https://www.debian.org/security/2015/dsa-3279 80: https://www.debian.org/security/2015/dsa-3280 81: https://www.debian.org/security/2015/dsa-3282 82: https://www.debian.org/security/2015/dsa-3283 Debian's Backports Team released advisories for these packages: nbd [83] and horizon [84]. Please read them carefully and take the proper measures. 83: https://lists.debian.org/debian-backports-announce/2015/05/msg00000.html 84: https://lists.debian.org/debian-backports-announce/2015/05/msg00001.html The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: icu [85], dpkg [86], tiff [87], nbd [88], ruby1.8 [89], commons-httpclient [90], dnsmasq [91], ntfs-3g [92], ntfs-3g [93], libnokogiri-ruby [94], eglibc [95], dulwich [96], exactimage [97], tomcat6 [98], clamav [99], postgresql-8.4 [100] ipsec-tools [101] ruby1.9.1 [102] wordpress [103], mercurial [104], fuse [105], cups [106], libapache-mod-jk [107], wireshark [108], libraw [109], imagemagick [110], and strongswan [111]. Please read them carefully and take the proper measures. 85: https://lists.debian.org/debian-lts-announce/2015/05/msg00003.html 86: https://lists.debian.org/debian-lts-announce/2015/05/msg00004.html 87: https://lists.debian.org/debian-lts-announce/2015/05/msg00005.html 88: https://lists.debian.org/debian-lts-announce/2015/05/msg00006.html 89: https://lists.debian.org/debian-lts-announce/2015/05/msg00007.html 90: https://lists.debian.org/debian-lts-announce/2015/05/msg00008.html 91: https://lists.debian.org/debian-lts-announce/2015/05/msg00009.html 92: https://lists.debian.org/debian-lts-announce/2015/05/msg00010.html 93: https://lists.debian.org/debian-lts-announce/2015/05/msg00011.html 94: https://lists.debian.org/debian-lts-announce/2015/05/msg00012.html 95: https://lists.debian.org/debian-lts-announce/2015/05/msg00013.html 96: https://lists.debian.org/debian-lts-announce/2015/05/msg00014.html 97: https://lists.debian.org/debian-lts-announce/2015/05/msg00015.html 98: https://lists.debian.org/debian-lts-announce/2015/05/msg00016.html 99: https://lists.debian.org/debian-lts-announce/2015/05/msg00017.html 100: https://lists.debian.org/debian-lts-announce/2015/05/msg00018.html 101: https://lists.debian.org/debian-lts-announce/2015/05/msg00019.html 102: https://lists.debian.org/debian-lts-announce/2015/05/msg00020.html 103: https://lists.debian.org/debian-lts-announce/2015/06/msg00000.html 104: https://lists.debian.org/debian-lts-announce/2015/06/msg00001.html 105: https://lists.debian.org/debian-lts-announce/2015/06/msg00002.html 106: https://lists.debian.org/debian-lts-announce/2015/06/msg00003.html 107: https://lists.debian.org/debian-lts-announce/2015/06/msg00004.html 108: https://lists.debian.org/debian-lts-announce/2015/06/msg00006.html 109: https://lists.debian.org/debian-lts-announce/2015/06/msg00007.html 110: https://lists.debian.org/debian-lts-announce/2015/06/msg00008.html 111: https://lists.debian.org/debian-lts-announce/2015/06/msg00009.html Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list [112] (and the separate backports list [113], stable updates list [114], and long term support security updates list [115]) for announcements. 112: https://lists.debian.org/debian-security-announce/ 113: https://lists.debian.org/debian-backports-announce/ 114: https://lists.debian.org/debian-stable-announce/ 115: https://lists.debian.org/debian-lts-announce/ New and noteworthy packages --------------------------- 849 packages were added to the unstable Debian archive recently. Among many others [116] are: * btcheck — downloaded data checker and a torrent file content viewer [117] * care — make Linux programs reproducible on all Linux systems [118] * chake — serverless configuration management tool for chef [119] * docker-compose — punctual, lightweight development environments using Docker [120] * fiona — command line tool for reading/writing vector geospatial data [121] * flamp — ham radio Amateur Multicast Protocol application [122] * git-crypt — Transparent file encryption in git [123] * pamu2fcfg — universal 2nd factor (U2F) PAM module command-line helper tool [124] * pluginhook — simple plugin system for Bash programs [125] * rustc — Rust systems programming language [126] * xbuilder — tool to cross-build a list of packages using sbuild, xdeb or pdebuild-cross [127] * xul-ext-lightbeam — visualize sites that may be tracking you around the internet [128] * yad — tool for creating graphical dialogs from shell scripts [129] * zyne — Modular synthesizer written in Python [130] 116: https://packages.debian.org/unstable/main/newpkg 117: https://packages.debian.org/unstable/main/btcheck 118: https://packages.debian.org/unstable/main/care 119: https://packages.debian.org/unstable/main/chake 120: https://packages.debian.org/unstable/main/docker-compose 121: https://packages.debian.org/unstable/main/fiona 122: https://packages.debian.org/unstable/main/flamp 123: https://packages.debian.org/unstable/main/git-crypt 124: https://packages.debian.org/unstable/main/pamu2fcfg 125: https://packages.debian.org/unstable/main/pluginhook 126: https://packages.debian.org/unstable/main/rustc 127: https://packages.debian.org/unstable/main/xbuilder 128: https://packages.debian.org/unstable/main/xul-ext-lightbeam 129: https://packages.debian.org/unstable/main/yad 130: https://packages.debian.org/unstable/main/zyne Work-needing packages --------------------- Currently [131] 666 packages are orphaned [132] and 177 packages are up for adoption [133]: please visit the complete list of packages which need your help [134]. 131: https://lists.debian.org/debian-devel/2015/06/msg00159.html 132: https://www.debian.org/devel/wnpp/orphaned 133: https://www.debian.org/devel/wnpp/rfa 134: https://www.debian.org/devel/wnpp/help_requested Want to continue reading DPN? ----------------------------- Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page [135] to find out how to help. We're looking forward to receiving your mail at <debian-public...@lists.debian.org>. 135: https://wiki.debian.org/ProjectNews/HowToContribute This issue of Debian Project News was edited by Cédric Boutillier, Jean- Pierre Giraud, Donald Norwood, Justin B Rye and Paul Wise.
signature.asc
Description: Digital signature