Debian Weekly News - September 13th, 2005
Welcome to this year's 37th issue of DWN, the weekly newsletter for the Debian community. Wouter Verhelst noticed that the bug tracking system has gotten a new layout and even uses cascading style sheets like the main website. In an article Ian Murdock suggested Debian to concentrate on a tight release cycle and keeping the growing family of Debian derivatives united.
Debian UK Society. In March Steve McIntyre announced plans to found the Debian UK Society. There have been some resentments against it and against selling items at exhibitions, though, leading to a large discussion. Branden Robinson already worked on a revocable trademark license grant for Debian's name and logos usable by any local charitable affiliates.
Value of Debian GNU/Linux. The paper Measuring Libre Software studying the size of the source packages in Debian 3.1 calculates the size of sarge (close to 230 million lines of source code), the use of the various programming languages in which the software has been written, and the size of the packages included in the distribution. It also estimates cost to create something on the scale of Debian from scratch with a classical and well-known cost method (COCOMO) to be over 8 billion US dollar.
Supporting Testing Security. Joey Hess announced the beginning of full security support for Debian's testing distribution. The Debian testing security team has spent the past year building the team and creating infrastructure. Advisories for security fixes will only be announced for updates that are made available through the new repository and don't reach testing through normal propagation from unstable.
Team Maintenance. Wolfgang Borgert proposed as a conclusion of many discussions at DebConf5 to maintain all packages by teams and start projects at Alioth. John Goerzen liked the idea but suggested to move towards a more BSD approach, where any developer can commit changes to any package.
Old Documentation Links. Joey Hess identified
497 packages that still contain code in their
postinst script to
create links in
/usr/doc/ which should have been a bug since
2002. Recompiling most of them with a current version of debhelper will remove that
code. Henning Makholm added
that several of these packages have been orphaned without changing their
maintainer field to the QA team.
Planet Debian via Mailing List? Christoph Berg requested a mailing list to distribute the aggregated content of Planet Debian. Providing that service would recognise the relevance of Planet Debian to the Debian culture. Tollef Fog Heen, however, didn't want his feed to end up in a public mail archive somewhere.
Executable Example Files. Jörg Sommer proposed
an example file to be executable.
Clint Adams argued that the file must reside in
/usr/bin to be
executable. Marcelo Magallon suggested
to write a wrapper script that will execute the example instead.
Debian Package Sponsor Platform. Neil McGovern announced sponsors.debian.net that intends to help prospective Debian developers to find a sponsor for the packages they maintain. The site supports automatic updates of intent-to-package bugs when the package has been uploaded and notification of maintainers when a package has been sponsored.
Beta Version Package Versioning. Lars Bahner noticed that the final version of a package is considered a lower version number than the beta version and wondered how to cope with it. Robert Collins suggested to use the low-priority tilde delimiter in such cases, although for the current version this is too late already and it is also not yet available.
Source-only Package Uploads. Sven Luther suggested all packages to be built by the buildd network. Wouter Verhelst reported that many developers would not even test their packages when source-only uploads were permitted. Henrique Holschuh had the idea to work around this by throwing away the maintainer-supplied packages and letting a buildd compile them again.
Usertags for Bug Reports. Anthony Towns announced the availability of user tags for the bug tracking system and explained uses and ways to display bugs according to the supplied tags. Marc Brockschmidt added such tags in order to be able to track QA related bugs easier.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- DSA 802: cvs -- Insecure temporary files.
- DSA 803: apache -- HTTP request smuggling.
- DSA 804: kdelibs -- Backup file information leak.
- DSA 805: apache2 -- Several vulnerabilities
- DSA 806: gcvs -- Insecure temporary files.
- DSA 807: libapache-mod-ssl -- ACL restriction bypass.
- DSA 808: tdiary -- Cross Site Request Forgery.
- DSA 809: squid -- Several vulnerabilities.
- DSA 810: mozilla -- Several vulnerabilities.
New or Noteworthy Packages. The following packages were added to the unstable Debian archive recently or contain important updates.
- baz-load-dirs -- Import upstream archives into baz.
- conky -- Highly configurable system monitor for X based on torsmo.
- dealer -- Bridge hand generator.
- easyh10 -- Utility to manage the iRiver H10 music player.
- enca -- Extremely naive charset analyser.
- kdebluetooth -- KDE Bluetooth Framework.
- lmms -- Linux Multimedia Studio.
- numactl -- NUMA scheduling and memory placement tool.
- ocaml-mode -- Major mode for editing Objective Caml in Emacs.
- pida -- Python Integrated Development Application, a Python IDE.
- pycocuma -- Pythonic contact and customer management.
- qalculate-kde -- Powerful and easy to use desktop calculator - KDE version.
- qobex -- Swiss army knife for the OBject EXchange (obex) protocol.
- srcinst -- Build and install Debian packages completely from source.
- tart -- Versatile and feature-rich email signature generator.
- zope2.8 -- Open Source Web Application Server.
Orphaned Packages. 5 packages were orphaned this week and require a new maintainer. This makes a total of 184 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.
- doc-debian-ko -- Debian FAQ and other documents to Korean. (Bug#327764)
- ipkungfu -- Iptables-based Linux firewall. (Bug#327437)
- irmp3 -- Multimedia Audio Jukebox application. (Bug#327776)
- rhdb-admin -- Graphical tool to administer PostgreSQL/RHDB Databases. (Bug#327775)
- windowlab -- Small and simple Amiga-like window manager. (Bug#327438)
Removed Packages. 17 packages have been removed from the Debian archive during the past week:
- xfree86 -- XFree86 X server.
Bug#326839: Request of maintainer, superseded by xorg-x11
- ggz-* -- GGZ Gaming Zone (12 packages).
Bug#279787 et al.: Request of QA, orphaned, out of date
- amd -- Dummy package for am-utils.
Bug#308718: Request of QA: obsolete dummy package
- aspseek -- Advanced Internet search engine (backend programs).
Bug#321328: Request of QA, RC bugs, licensing issues, dead upstream
- kernel-patch-2.4-kgdb -- GDB debugging for the kernel.
Bug#323441: Request of QA, orphaned; RC bugs; out of date
- sattrack -- Satellite tracker and prediction.
Bug#325363: Request of maintainer, non-free, better alternatives exist (mtrack/ktrack/...)
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at firstname.lastname@example.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Jesus Gonzalez-Barahona and Martin 'Joey' Schulze.