Debian Project News - October 27, 2014

IntnsRed's picture

Forums: 

------------------------------------------------------------------------
The Debian Project https://www.debian.org/
Debian Project News debian-publicity@lists.debian.org
October 27, 2014 https://www.debian.org/News/weekly/2014/14/
------------------------------------------------------------------------

Welcome to this year's fourteenth issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:

* Debian & Stuff podcast
* Debian switching back to GNOME as the default desktop
* Contributing to Debian in other ways
* The Ada initiative and the Outreach Program For Women
* Who is 15?!
* Squeeze long term support reports
* General Resolution: init system coupling
* Bits from the Debian Multimedia Maintainers
* Debian Quiz Game, help wanted!
* Debian DebUtsav'14
* Other reports
* Upcoming events
* New Debian Contributors
* Release-Critical bugs statistics for the upcoming release
* Important Debian Security Advisories
* New and noteworthy packages
* Work-needing packages
* Want to continue reading DPN?

Debian & Stuff podcast
-----------------------

Asheesh Laroia and Sam Erbs have started a podcast entitled "Debian and Stuff" [1]. The first episode, "Moin Moin Vs. MediaWiki" [2], was recorded at DebConf14 and contains a little bit of Debian and a lot of stuff discussed between Sam and Asheesh.

1: http://www.debianandstuff.com/
2: http://www.debianandstuff.com/listen/1mmvm

Debian switching back to GNOME as the default desktop
-----------------------------------------------------

Joey Hess shared [3] why Debian is likely switching back to GNOME as the default desktop environment, based on preliminary results [4] which show GNOME coming out ahead in the requalification. This change is also supported by accessibility and to some extent systemd integration.

3: http://anonscm.debian.org/cgit/tasksel/tasksel.git/commit/?id=dce99f5f8d...
4: https://wiki.debian.org/DebianDesktop/Requalification/Jessie

Contributing to Debian in other ways
------------------------------------

Vincent Sanders blogged about contributions to Debian and how, surprisingly, they do not always need to be software related. He demonstrated [5] this with a project to cool Debian down a bit. The project shows how doing some behind the scenes work, which may seem small, really makes a major contribution to Debian, and occasionally provides that excuse needed to buy more tools.

5: http://vincentsanders.blogspot.de/2014/10/it-is-bad-plan-that-admits-of-...

The Ada initiative and the Outreach Program For Women
-----------------------------------------------------

Matt Zimmerman shared [6] an update on the Ada Initiative [7], a non-profit organisation which has helped create positive change for women far past its inital goal of supporting women working in open source communities. Matt asked for and financially matched donations for the Initiative.

Nicolas Dandrimont posted [8] a call for projects and participants in the Outreach Program for Women. The GNOME Foundation started the Free & Open Source Software Outreach Program for Women in 2006; this year, Debian will participate and offer (pending sponsorship) up to three internships. OPW allows applicants to work on any kind of project to increase the number of women in FOSS. Interested parties are encouraged to apply. More information about Debian's contribution and an overview is available on the Outreach Program for Women [9] wiki page.

6: http://mdzlog.alcor.net/2014/10/01/join-me-in-supporting-the-ada-initiat...
7: http://www.adainitiative.org/
8: https://lists.debian.org/debian-devel-announce/2014/09/msg00004.html
9: https://wiki.debian.org/OutreachProgramForWomen

Who is 15?!
-----------

Today in world domination news [10], we wish you a Happy WHOIS! 15 years ago Marco d'Itri thought the process of acquiring WHOIS information should be simpler and should not require hunting through multiple registries. He authored a Debian version of WHOIS [11] to replace the BSD-derived version that used to ship with Debian. Marco's version of WHOIS and his continued work in the background over the years for a WHOIS that knows which server to query for IP addresses and ASNs has a database that is often more up to date than the official IANA database. Marco's WHOIS is now the default WHOIS client on all Linux distributions.

10: http://blog.bofh.it/debian/id_452
11: https://github.com/rfc1036/whois

Squeeze long term support reports
---------------------------------

Raphaël Hertzog reported [12] on 11 hours of paid support work on Debian LTS. 23 commits were made to the security tracker consisting of patch reviews, uplinks, and changes to the list of packages that require LTS updates [13]. A fair amount of research goes into the effort beyond just reviewing or triage. He detailed some of the efforts taken to ensure quality and stay abreast of vulnerabilities.

Freexian's second report about Debian Long Term Support [14] showed that compared to last month, we have gained five new sponsors and now provide almost 25% of a full-time position. 39 packages needed updates in Squeeze, which is nine more than last month. Contributors paid by Freexian handled 11 updates last month, which gives an approximate rate of three hours per update with CVE triage included. Given that the list of sponsors is almost exclusively comprised of European companies, readers are asked what can be done to convince others to join the effort.

Holger Levsen's September 2014 LTS report [15] relayed work on the Debian Security Tracker which he is happy to announce looks good and professional. Eight bugs were squashed, a backport of dgit was uploaded to wheezy-backports, and uploads to squeeze-lts were made for apache2, nss, libplack-perl, icinfa, libstrus1, and wordpress.

Thorsten Alteholz reported [16] 11 hours in September on Squeeze-LTS, uploading new versions of eglibc, curl, php5, and fex. He also collaborated with Raphaël Hertzog on a new version of python-django. In other areas Thorsten uploaded a new version of net-dns-fingerprint [17] and worked in his role as FTP assistant with 312 packages accepted.

12: http://raphaelhertzog.com/2014/09/30/my-debian-lts-report-for-september/
13: http://anonscm.debian.org/viewvc/secure-testing/data/dla-needed.txt?view=co
14: http://raphaelhertzog.com/2014/10/15/freexians-second-report-about-debia...
15: http://layer-acht.org/thinking/blog/20141001-lts-september-2014/
16: http://blog.alteholz.eu/2014/10/my-debian-activities-in-september-2014/
17: https://packages.qa.debian.org/n/net-dns-fingerprint.html

General Resolution: init system coupling
----------------------------------------

In February of 2014 the technical committee [18] selected systemd as the default init system [19] for Debian. Since that selection there has been a multitude of discussions on many mailing lists both for and against the change. Lucas Nussbaum posted [20] a tentative summary of each of the proposed amendments in the init system coupling General Resolution vote [21] that is to occur shortly.

18: https://www.debian.org/devel/tech-ctte
19: https://lists.debian.org/debian-devel-announce/2014/02/msg00005.html
20: http://www.lucas-nussbaum.net/blog/?p=845
21: https://www.debian.org/vote/2014/vote_003.en.html

Bits from the Debian Multimedia Maintainers
-------------------------------------------

Alessio Treglia posted bits from the Debian Multimedia Maintainers [22] regarding Jessie. They have been very busy with codec updates, from libavcodec (which has been updated to the latest upstream to provide for HEVC, Opus, Matroska, and Apple ProRes) to libeburl128, libltc, libva, and LADI Session Handler for JACK applications. Included is the LV2 Toolkit and a LADSPA plugin bundle. New multimedia applications include Advene, Ardour3, dvdwizard, flowblade, Groove Basin, and mpv, among others. As the overall goal is to improve quality, a few packages were dropped, such as beast, plotmn, phat, and mplayer. The team invites interested parties to join them on the pkg-multimedia-maintainers mailing list [23] on Alioth [24] or on the OFTC #debian-multimedia IRC channel.

22: https://lists.debian.org/debian-devel-announce/2014/10/msg00005.html
23: pkg-multimedia-maintainers@lists.alioth.debian.org
24: http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-multimedia-m...

Debian Quiz Game, help wanted!
------------------------------

Lucas Nussbaum revisited the Debian Quiz Game [25] based on the original TCP/IP drinking game with 23 newly added questions. He asks for a few adopters to assist with pushing the process forward. Readers can check the current state [26] of the quiz with its posted answers on collab-maint.

25: https://lists.debian.org/debian-project/2014/10/msg00002.html
26: http://anonscm.debian.org/cgit/collab-maint/debian-quiz.git/

Debian DebUtsav'14
------------------

On October 17-18 at the Amrita School of Engineering, Debian-India held a "Debian Festival": DebUtsav'14. Despite some last-minute political turmoil, the event planners persevered.

Pirate Praveen wrote [27] of the excitement and enthusiasm of working with students who were already familiar with FOSS and in seeing women participating in FOSS. He also shared his insight into how DebUtsav came to be created and how this event that marries a Mini-DebConf and FOSS conference can move forward as a brand and serve as a blueprint for other organisations.

Shirish Agarwal posted [28] sharing his experience and timeline of the planning processes that went into the location, hosting facility, and media aspects of the event.

Balasankar C blogged [29] about the hackfest, the keynote from Krishnakant Mane, and some of the sessions that took place during the event. The wrap-up comes with a nice summary: "An event full of FOSS, Fun, and Food".

R. Harish Navnit described [30] how an email this April about the possibility of a Mini-DebConf in Amritapuri led to an idea, collaboration across several teams, a guest speaker, and finally an event.

27: http://www.j4v4m4n.in/2014/10/23/debutsav-14-at-amrita-a-rewarding-exper...
28: https://flossexperiences.wordpress.com/2014/10/23/debutsav-2014-experien...
29: http://balasankarc.in/tech/celebrating-deepavali-differently-debutsav-14/
30: http://harishnavnit.wordpress.com/2014/10/20/the-debutsav14-experience/

Other reports
-------------

As well as the LTS report mentioned above, Raphaël Hertzog's Free Software Activities in September 2014 [31] included updating Django 1.7 in experimental and pushing for its inclusion in unstable. He noted that the pace of development on tracker.debian.org slowed down a bit, with only 30 new commits in the repository to close six bugs. Raphaël has also been packaging for a new upstream version of Publican, and sponsoring new uploads of dolibarr, tcpdf, and tryton-server.

31: http://raphaelhertzog.com/2014/10/02/my-free-software-activities-in-sept...

Thomas Goirand shared a detailed [32] OpenStack report showing his activity for the month of September 2014. He highlighted the work done in the background for the packages Icehouse and Juno (in Sid/ Experimental, with backports for Wheezy). His overview focuses on the daily uploads, fixes, and collaboration with other Debian Developers and teams.

32: http://thomas.goirand.fr/blog/?p=207

Upcoming events
---------------

There are some upcoming Debian-related events:

* November 14-16, Paris, France — bug squashing party [33] in Mozilla France office [34],
* November 21-23, Munich, Germany — bug squashing party [35] in LiMux office.

33: https://wiki.debian.org/BSP/2014/11/fr/Paris
34: https://www.mozilla.org/en-US/contact/spaces/paris/
35: https://wiki.debian.org/BSP/2014/11/de/Munich

You can find more information about Debian-related events and talks on the events section [36] of the Debian wiki, or subscribe to one of our events mailing lists for different regions: Europe [37], Netherlands [38], Hispanic America [39], North America [40].

36: https://wiki.debian.org/DebianEvents
37: https://lists.debian.org/debian-events-eu
38: https://lists.debian.org/debian-events-nl
39: https://lists.debian.org/debian-events-ha
40: https://lists.debian.org/debian-events-na

Do you want to organise a Debian booth or a Debian install party? Are you aware of other upcoming Debian-related events? Have you delivered a Debian talk that you want to link on our talks page [41]? Send an email to the Debian Events Team [42].

41: https://www.debian.org/events/talks
42: events@debian.org

New Debian Contributors
-----------------------

Seven applicants have been accepted [43] as Debian Maintainer, and twenty-eight people have started to maintain packages [44] since the previous issue of the Debian Project News. Please welcome Carlos Alberto Lopez Perez, Guilhem Moulin, Iain R. Learmonth, Mattia Rizzolo, Otto Kekäläinen, Ralf Jung, Stein Magnus Jodal, Morgan Deters, Tim Potter, Rémi Palancher, Bernhard Übelacker, Marcio de Souza Oliveira, Petr Salinger, Eugen Wintersberger, Alexandre Detiste, Cesare Falco, Jean-Christophe Jaskula, Matthew Bekkema, Corentin Desfarges, Roger Kalt, Łukasz 'sil2100' Zemczak, Fabien Givors, Reuben Thomas, Jose Robson Mariano Alves, Pedro Beja, Bruno Nova, Martin Steghöfer, Alexandre Viau, HAYASHI Kentaro, François-René Rideau, Jason Pleau, Dominik Paulus, Sebastian Schmidt, Olek Wojnar, and Tino Didriksen into our project!

43: https://lists.debian.org/debian-project/2014/10/msg00040.html
44: https://udd.debian.org/cgi-bin/new-maintainers.cgi

Release-Critical bugs statistics for the upcoming release
---------------------------------------------------------

According to the Bugs Search interface of the Ultimate Debian Database [45], the upcoming release, Debian "Jessie", is currently affected by 319 Release-Critical bugs. Ignoring bugs which are easily solved or on the way to being solved, roughly speaking, about 240 Release-Critical bugs remain to be solved for the release to happen.

45: https://udd.debian.org/bugs.cgi

There are also more detailed statistics [46] as well as some hints on how to interpret [47] these numbers.

46: http://richardhartmann.de/blog/posts/2014/10/24-Debian_Release_Critical_...
47: https://wiki.debian.org/ProjectNews/RC-Stats

Important Debian Security Advisories
------------------------------------

Debian's Security Team recently released advisories for these packages (among others): icedove [48], libvirt [49], chromium-browser [50], rsyslog [51], xen [52], exuberant-ctags [53], qemu-kvm [54], qemu [55], mediawiki [56], rsyslog [57], apt [58], wireshark [59], iceweasel [60], drupal7 [61], wpa [62], openssl [63], mysql-5.5 [64], and pidgin [65]. Please read them carefully and take the proper measures.

48: https://www.debian.org/security/2014/dsa-3037
49: https://www.debian.org/security/2014/dsa-3038
50: https://www.debian.org/security/2014/dsa-3039
51: https://www.debian.org/security/2014/dsa-3040
52: https://www.debian.org/security/2014/dsa-3041
53: https://www.debian.org/security/2014/dsa-3042
54: https://www.debian.org/security/2014/dsa-3044
55: https://www.debian.org/security/2014/dsa-3045
56: https://www.debian.org/security/2014/dsa-3046
57: https://www.debian.org/security/2014/dsa-3047
58: https://www.debian.org/security/2014/dsa-3048
59: https://www.debian.org/security/2014/dsa-3049
60: https://www.debian.org/security/2014/dsa-3050
61: https://www.debian.org/security/2014/dsa-3051
62: https://www.debian.org/security/2014/dsa-3052
63: https://www.debian.org/security/2014/dsa-3053
64: https://www.debian.org/security/2014/dsa-3054
65: https://www.debian.org/security/2014/dsa-3055

Debian's Backports Team released advisories for the package drupal7 [66]. Please read them carefully and take the proper measures.

66: https://lists.debian.org/debian-backports-announce/2014/10/msg00000.html

The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: python-django [67], apache2 [68], php5 [69], fex [69], exuberant-ctags [70], apt [71], tryton-server [72], apache2 [73], rsyslog [74], tzdata [75], ppp [76], mysql-5.1 [77], and kde4libs [77]. Please read them carefully and take the proper measures.

67: https://lists.debian.org/debian-lts-announce/2014/09/msg00022.html
68: https://lists.debian.org/debian-lts-announce/2014/09/msg00023.html
69: https://lists.debian.org/debian-lts-announce/2014/09/msg00024.html
70: https://lists.debian.org/debian-lts-announce/2014/10/msg00000.html
71: https://lists.debian.org/debian-lts-announce/2014/10/msg00001.html
72: https://lists.debian.org/debian-lts-announce/2014/10/msg00002.html
73: https://lists.debian.org/debian-lts-announce/2014/10/msg00004.html
74: https://lists.debian.org/debian-lts-announce/2014/10/msg00005.html
75: https://lists.debian.org/debian-lts-announce/2014/10/msg00006.html
76: https://lists.debian.org/debian-lts-announce/2014/10/msg00007.html
77: https://lists.debian.org/debian-lts-announce/2014/10/msg00008.html

Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list [78] (and the separate backports list [79], stable updates list [80], and long term support security updates list [81]) for announcements.

78: https://lists.debian.org/debian-security-announce/
79: https://lists.debian.org/debian-backports-announce/
80: https://lists.debian.org/debian-stable-announce/
81: https://lists.debian.org/debian-lts-announce/

New and noteworthy packages
---------------------------

964 packages were added to the unstable Debian archive recently. Among many others [82] are:

* autodep8 — DEP-8 test control file generator [83]
* cgit — hyperfast web frontend for git repositories written in C [84]
* cleo — tool to play back shell commands for live demonstrations [85]
* debbindiff — highlight differences between two builds of Debian packages [86]
* fuse-zip — ZIP archive mounter based on FUSE [87]
* geophar — Swiss army knife for the math teacher [88]
* gimagereader — graphical GTK+ front-end to tesseract-ocr [89]
* gravit — visually stunning gravity simulator [90]
* obsession — Session management helpers for lightweight desktop environments [91]
* parl-desktop — DebianParl desktop for parliamentary work [92]
* pdf2htmlex — Converts PDF to HTML while retaining most formatting [93]
* qqwing — tool for generating and solving Sudoku puzzles (application) [94]
* strip-nondeterminism — tool for stripping non-determinism from files [95]
* terminology — Enlightenment efl based terminal emulator [96]

82: https://packages.debian.org/unstable/main/newpkg
83: https://packages.debian.org/unstable/main/autodep8
84: https://packages.debian.org/unstable/main/cgit
85: https://packages.debian.org/unstable/main/cleo
86: https://packages.debian.org/unstable/main/debbindiff
87: https://packages.debian.org/unstable/main/fuse-zip
88: https://packages.debian.org/unstable/main/geophar
89: https://packages.debian.org/unstable/main/gimagereader
90: https://packages.debian.org/unstable/main/gravit
91: https://packages.debian.org/unstable/main/obsession
92: https://packages.debian.org/unstable/main/parl-desktop
93: https://packages.debian.org/unstable/main/pdf2htmlex
94: https://packages.debian.org/unstable/main/qqwing
95: https://packages.debian.org/unstable/main/strip-nondeterminism
96: https://packages.debian.org/unstable/main/terminology

Work-needing packages
---------------------

Currently [97] 607 packages are orphaned [98] and 139 packages are up for adoption [99]: please visit the complete list of packages which need your help [100].

97: https://lists.debian.org/debian-devel/2014/10/msg00686.html
98: https://www.debian.org/devel/wnpp/orphaned
99: https://www.debian.org/devel/wnpp/rfa
100: https://www.debian.org/devel/wnpp/help_requested

Want to continue reading DPN?
-----------------------------

Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page [101] to find out how to help. We're looking forward to receiving your mail at debian-publicity@lists.debian.org.

101: https://wiki.debian.org/ProjectNews/HowToContribute

This issue of Debian Project News was edited by Cédric Boutillier, Donald Norwood, Justin B Rye and Paul Wise.