Debian Project News - July 3rd, 2014

IntnsRed's picture

Forums: 

------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Debian Project News debian-publicity@lists.debian.org
July 3rd, 2014 http://www.debian.org/News/weekly/2014/11/
------------------------------------------------------------------------

Welcome to this year's eleventh issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:

* Google Summer of Code updates
* The first set of talks for DebConf14 have been accepted!
* Debian is moving (back) to GLIBC
* Other news
* New Debian Contributors
* Important Debian Security Advisories
* New and noteworthy packages
* Work-needing packages
* Want to continue reading DPN?

Google Summer of Code updates
-----------------------------

S.M. Floris gives a status update to Muon package integration with apt-listbugs [1]: apt-listbugs will warn users when installing packages if those packages have serious, grave, or critical bugs. The muon package is available in the Git repository for the muon package on Alioth [2] under the gsoc-floris-2014 branch. Ian S. Donnelly takes us through his 4 week experience and process of implementing a three-Way merge algorithm for Elektra KeySets in C++ towards the kdb merge tool [3]. Andrew Schurman shares his latest update on the Java Project Dependency Builder [4] which aims to check all of the dependencies in a project to assure that the sources are actually "free".

1: http://web2unu.ro/?p=51
2: http://git.debian.org/?p=pkg-kde/kde-extras/muon.git
3: http://community.libelektra.org/wp/?author=2
4: https://lists.debian.org/debian-java/2014/06/msg00088.html

The first set of talks for DebConf14 have been accepted!
--------------------------------------------------------

* Outsourcing your webapp maintenance to Debian [5] We moved away from statically-linked C/C++ programs a long time ago and now live in a nicely-packaged shared library world. This talk will examine the decision that the Libravatar project made to outsource much of its maintenance burden to Debian by using system packages for almost everything.
* bugs.debian.org — Database Ho! [6] Brief overview of the current state of the BTS, new features, and new developments in the ongoing onslaught of bugs.
* use Perl; # Annual meeting of the Debian Perl Group [7] The pkg-perl team will again take the opportunity to meet in person for discussing current topics and planning future work.
* Status of the Debian OpenPGP keyring [8] Introduce keyring-maint's work processes and policies to get them better understood by the overall Debian community.
* Seeing Debian through a functional lens [9] Using Nix's functional package management as inspiration, let's look at Debian from a functional programming perspective.
* Debsources: powering sources.debian.net [10] Debsources [11] provides web access to the entire historical Debian source code from archives to current and experimental. Users can browse or search source packages online through the web instance or use Debsources via its API [12]
* A glimpse into a systemd future [13] Technologies covered include journald, systemd-networkd, socket activation, timer units, containers, and systemd user sessions. Goals include reducing boot time, reducing duplicate configuration, improving system manageability, improving battery life, and unifying graphical session startup.
* New Network Interface Manager for Debian: ifupdown2 [14] A proposal for ifupdown2, a new implementation of debian ifupdown package written in python.

5: https://summit.debconf.org/debconf14/meeting/16/outsourcing-your-webapp-...
6: https://summit.debconf.org/debconf14/meeting/15/bugsdebianorg-database-ho/
7: https://summit.debconf.org/debconf14/meeting/12/use-perl-annual-meeting-...
8: https://summit.debconf.org/debconf14/meeting/11/status-of-the-debian-ope...
9: https://summit.debconf.org/debconf14/meeting/9/seeing-debian-through-a-f...
10: https://summit.debconf.org/debconf14/meeting/7/debsources-powering-sourc...
11: http://sources.debian.net
12: http://sources.debian.net/doc/api/
13: https://summit.debconf.org/debconf14/meeting/5/a-glimpse-into-a-systemd-...
14: https://summit.debconf.org/debconf14/meeting/6/new-network-interface-man...

These are just the first accepted talks and we are still accepting talks about Debian-related ideas, proposals, and stories. Details on how to submit your own talk [15] are available on the events page.

15: http://debconf14.debconf.org/talks.xhtml

Debian is moving (back) to GLIBC
--------------------------------

Five years ago Debian moved from using GLIBC to the EGLIBC fork as the standard C library. Now that course of action is being reversed and Debian is switching back to GLIBC [16] due to the demise of the EGLIBC project and the dissolution of the GLIBC steering committee [17]. With the GLIBC committee gone, GLIBC became open for peer review, shared repositories, removal of the ports/ directories, and has had most of the important EGLIBC features merged back into it. The new glibc package is available in experimental.

16: http://blog.aurel32.net/175
17: https://sourceware.org/ml/libc-alpha/2012-03/msg01038.html

Other news
----------

The HackFest of the Tails (The Amnesic Incognito Live System) [18] project will take place on July 5-6 in Paris, hosted by IRILL. The Tails HackFest [19] will bring together anyone interested in making Tails more usable and more secure. If you want to learn about the challenges faced by Tails, and how you can be part of the solution, this open event will be an intense mix of teaching, drawing, coding, sharing, learning and celebrating, supported by Debian, IRILL, Mozilla and the Tor project.

18: https://tails.boum.org/index.en.html
19: https://tails.boum.org/blueprint/HackFest_2014_Paris/

New Debian Contributors
-----------------------

15 people have started to maintain packages [20] since the previous issue of the Debian Project News. Please welcome Gustavo Paniagua dos Santos, Michael Jeanson, Valentin OVD, Punit Agrawal, Andrew Ayer, Thomi Richards, Aurélien Joga, David Steele, Klaus Ethgen, Fabien Spindler, Graeme Gott, Yusuke Yatsuo, Alexander Alemayhu, Ulrike Uhlig, and Clément Schreiner into our project!

20: http://udd.debian.org/cgi-bin/new-maintainers.cgi

Important Debian Security Advisories
------------------------------------

Debian's Security Team recently released advisories for these packages (among others): kfreebsd-9 [21], dpkg [22], dovecot [23], iceweasel [24], icinga [25], mediawiki [26], apt [27], chromium-browser [28], icedove [29], php5 [30], nspr [31], lucene-solr [32], iodine [33], tiff [34], samba [35], gnupg [36], gnupg2 [37], libemail-address-perl [38], and cacti [39]. Please read them carefully and take the proper measures.

21: http://www.debian.org/security/2014/dsa-2952
22: http://www.debian.org/security/2014/dsa-2953
23: http://www.debian.org/security/2014/dsa-2954
24: http://www.debian.org/security/2014/dsa-2955
25: http://www.debian.org/security/2014/dsa-2956
26: http://www.debian.org/security/2014/dsa-2957
27: http://www.debian.org/security/2014/dsa-2958
28: http://www.debian.org/security/2014/dsa-2959
29: http://www.debian.org/security/2014/dsa-2960
30: http://www.debian.org/security/2014/dsa-2961
31: http://www.debian.org/security/2014/dsa-2962
32: http://www.debian.org/security/2014/dsa-2963
33: http://www.debian.org/security/2014/dsa-2964
34: http://www.debian.org/security/2014/dsa-2965
35: http://www.debian.org/security/2014/dsa-2966
36: http://www.debian.org/security/2014/dsa-2967
37: http://www.debian.org/security/2014/dsa-2968
38: http://www.debian.org/security/2014/dsa-2969
39: http://www.debian.org/security/2014/dsa-2970

Debian's Stable Release Team released an update announcement for these packages: clamav [40], tzdata (for wheezy [41] and, squeeze [42]), and duo-unix [43]. Please read them carefully and take the proper measures.

40: https://lists.debian.org/debian-stable-announce/2014/06/msg00000.html
41: https://lists.debian.org/debian-stable-announce/2014/06/msg00001.html
42: https://lists.debian.org/debian-stable-announce/2014/06/msg00002.html
43: https://lists.debian.org/debian-stable-announce/2014/06/msg00003.html

The Debian team in charge of squeeze long term support released a security update announcement for these packages: dovecot [44], apt [45], scheme48 [46], and linux-2.6 [47]. Please read them carefully and take the proper measures.

44: https://lists.debian.org/debian-lts-announce/2014/06/msg00003.html
45: https://lists.debian.org/debian-lts-announce/2014/06/msg00004.html
46: https://lists.debian.org/debian-lts-announce/2014/06/msg00005.html
47: https://lists.debian.org/debian-lts-announce/2014/06/msg00006.html

Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list [48] (and the separate backports list [49], stable updates list [50], and long term support security updates list [51]) for announcements.

48: https://lists.debian.org/debian-security-announce/
49: https://lists.debian.org/debian-backports-announce/
50: https://lists.debian.org/debian-stable-announce/
51: https://lists.debian.org/debian-lts-announce/

New and noteworthy packages
---------------------------

172 packages were added to the unstable Debian archive recently. Among many others [52] are:

* airspy — tiny and efficient software defined radio receiver [53]
* direnv — utility to set directory specific environment variables [54]
* efivar — tools to manage UEFI variables [55]
* gap-autpgrp — program computing the automorphism group of a p-group [56]
* nslcd-utils — utilities for querying LDAP via nslcd [57]
* pdepend — PHP_Depend design quality metrics for PHP packages [58]
* pktools — GDAL add-on tools to perform useful raster processing [59]
* pulseview — sigrok logic analyzer, oscilloscope, and MSO GUI [60]
* torbrowser-launcher — tool to download, update and run the Tor Browser Bundle [61]

52: https://packages.debian.org/unstable/main/newpkg
53: https://packages.debian.org/unstable/main/airspy
54: https://packages.debian.org/unstable/main/direnv
55: https://packages.debian.org/unstable/main/efivar
56: https://packages.debian.org/unstable/main/gap-autpgrp
57: https://packages.debian.org/unstable/main/nslcd-utils
58: https://packages.debian.org/unstable/main/pdepend
59: https://packages.debian.org/unstable/main/pktools
60: https://packages.debian.org/unstable/main/pulseview
61: https://packages.debian.org/unstable/main/torbrowser-launcher

Work-needing packages
---------------------

Currently [62] 577 packages are orphaned [63] and 139 packages are up for adoption [64]: please visit the complete list of packages which need your help [65].

62: https://lists.debian.org/debian-devel/2014/06/msg00543.html
63: http://www.debian.org/devel/wnpp/orphaned
64: http://www.debian.org/devel/wnpp/rfa
65: http://www.debian.org/devel/wnpp/help_requested

Want to continue reading DPN?
-----------------------------

Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page [66] to find out how to help. We're looking forward to receiving your mail at debian-publicity@lists.debian.org.

66: https://wiki.debian.org/ProjectNews/HowToContribute

This issue of Debian Project News was edited by Cédric Boutillier, Jean-Pierre Giraud, Donald Norwood and Paul Wise.