Debian Project News - December 2nd, 2008

Welcome to this year's 16th issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:

Etch-and-a-half installation images updated

As a result of the release of the first release candidate for Lenny of Debian Installer (D-I RC1) on November 12th, the installer images for Etch-and-a-half have also been updated. A consequence of this update is that during installation of Etch-and-a-half using the currently available images, a newer kernel version (2.6.26) will be used. However, the kernel used for the installed system remains unchanged at version 2.6.24. In some cases this can mean that hardware which is supported during the installation does not work after the reboot into the installed system because support for it was added after the 2.6.24 version.

Old Etch-and-a-half businesscard and netinst CD images remain usable. Old netboot images are no longer usable and will need to be replaced with a current image. The Etch-and-a-half Debian Installer web page has links to the new images and to the release announcements which give an overview of changes in the installation system. The Debian Installer team is currently preparing the second release candidate (RC2) of the Lenny installer, which will again result in an update of the installer images for Etch-and-a-half. The kernel version used during installation will remain at 2.6.26.

GNU Affero General Public License suitable for Debian "main"

Jörg Jaspert, representing the FTP Archives team, has released a position statement about the inclusion in main of works licensed under GNU Affero General Public License version 3 (AGPLv3). In short, the statement says that such works are suitable for Debian/main, even though the AGPL has an additional clause when compared to the GNU General Public License (GPLv3). The clause in question requires software to offer the source code to a user when interacting with it remotely through a computer network.

Security Teams Meeting in Essen

Martin 'Joey' Schulze reports on the Debian Security meeting which took place 28-30 November 2008 in Essen, Germany. Members of both the stable and the testing security teams attended as did the developers who are currently working on security updates for the backports archive.

The attendees discussed issues with regard to future security work in the Debian project and for the Debian distribution. Specific topics were cooperation between the different teams (both in terms of work as well as in terms of archive management), as well as long term support for Debian GNU/Linux installations which cannot support an upgrade every two years (such as large clusters of Debian GNU/Linux systems). Notes taken during the meeting will be sent to the debian-devel-announce mailing list and summarized in the Debian Project News.

New Stable SuiteTelecentro 2.0

The new stable version of SuiteTelecentro is now available for download from Sourceforge. SuiteTelecentro is a customisation of Debian and is built at the Free Software Laboratory of the IT Board of Banco do Brasil, the largest and oldest public bank in Brazil.

As already covered at Debian Times, SuiteTelecentro is a GNU/Linux solution which allows the use of low performance CPU and memory computers as affordable thin clients at telecentres for the poor. Over 4 million users now have affordable access to an Internet enabled computer thanks to this Free Software project.

SuiteTelecentro is based on Debian GNU/Linux 4.0 (Etch) and LTSP 4.2. The new 2.0 version features easy installation, uses the GNOME graphical environment and includes: the OpenOffice.org suite, MySQL, PHP, Apache, MediaWiki and the Ocara telecentre management software.

Dependency based boot sequencing release goal completed

Petter Reinholdtsen announced that the release goal of supporting a dependency based boot sequence has been completed. This allows system services to be started in an order which is calculated from their dependencies on each other instead of a hardcoded order.

He adds that 99.8% of all packages in unstable now have the necessary dependency information, with only 2 packages missing them. However, more testers are needed to identify problems with currently untested combinations of packages.

Debian bugs #600000 and #1000000 contest

Christian Perrier announced that as the bug #500000 mark was turned on September 24th 2008, Debian developers and contributors need a new challenge. So a small contest has been set up again. The principle is very simple: participants should place a bet (one per person) about the day bugs #600000 and #1000000 will be reported. The winners will be the persons placing their bets as close as possible to the real moment bugs #600000 and #1000000 are reported.

The bet page is hosted in the Debian wiki. It will be closed on December 31st, 2008. Bets will be kept statically until bug #600000 is reported. Then the page will be reopened with a new list of bets for bug #1000000. Thus, there will be four sets of bets for bug #1000000 with even more suspense and fun.

Inter-distribution collaboration for maintaining games

Initiated by members of the merged Debian and Ubuntu games teams and Hans de Goede from Fedora, a mailing list was created to foster collaboration between operating systems for the maintenance of games. The goal is to share and review patches that the upstream project is slow or unwilling to accept, or to take over as the new upstream for software in cases where the original upstream has died.

At this time, members of Arch Linux, Debian, Fedora, Fink, FreeBSD, Gentoo, NetBSD, OpenSolaris, PC-BSD, Slackbuilds, SUSE and Yellow Dog Linux are on this list as well as GNOME and KDE members.

Call for talks for the Debian Developers' room at FOSDEM

Wouter Verhelst called for talks for the Debian Developers' room at the upcoming Free and Open Source Developers European Meeting (FOSDEM): a yearly community meeting that takes place at the université libre de Bruxelles in Brussels, Belgium and which concentrates on bringing developers of Free Software together. As during previous events, Debian has the opportunity to hold its own one and a half day conference sub-track.

When to do non-maintainer uploads?

A recent non-maintainer upload of the php5 package caused some discussion about how and when non-maintainer uploads should be done. While fixing release critical bugs is indeed a very important topic (especially for long standing bugs without action from the maintainer), release team member Steve Langasek reminded that developers should still inform the maintainers about any plans to perform a NMU, while Thomas Viehmann reminded maintainers that they should fix, or at least comment on, release critical bugs within two weeks.

Popular packages in Ubuntu that are not in Debian main

Petter Reinholdtsen did a survey on the question of which popular Ubuntu packages are not included in Debian/main and why. In order to determine the packages' popularity, Petter used their popcon ratings. He ended up with a list of 152 popular Ubuntu packages which are currently not in Debian/main, a number he considered surprisingly low.

Many of these packages are not in Debian due to different package structure or other differences between Debian and Ubuntu, while others are already available in contrib or non-free. Of the remaining packages many are multimedia related. Petter thinks it would be very nice to have these packages available in Debian and wants to encourage their packaging.

In related news James Westby did a survey on the quality of the Ubuntu packages which are not included in Debian using their records in the Ubuntu bug tracking system.

Developer News wanted

Raphaël Hertzog, the author of the Misc Developer News asks developers to (regularly) share short news about their work and plans so they can be published in the Misc Developer News. Possible news covers everything which is related to Debian development and not worth a dedicated mail to debian-devel-announce. The news is published whenever five news stories have come together. Raphaël points out that the Misc Developer News can also be used to post calls for help.

Need for an unofficial public community repository?

The rejection from the queue for some new packages to be added to Debian by the ftp-masters caused some discussion about the need of a repository for unofficial packages not meeting Debian's standards or being otherwise unsupported. Holger Levsen pointed to debian-unofficial.org, which isn't flawless. This caused Holger to think about a solution inside of debian-community.org. The proposal to use apt-get.org has been criticised as well.

New maintainer

One applicant has been accepted as Debian Maintainer since the prior issue of the Debian Project News. Please welcome Jörg Sommer into our project!

Bits from the buildd world

Adeodato Simó sent bits from buildd world. Buildds are a part of Debian's infrastructure, organising which automated build system (build daemon) is building which package for which architecture. Beside some personnel changes, he also explains the proper ways to contact the buildd team, as well as where the source code of the buildd infrastructure is maintained.

Release critical bug stats for the upcoming release

According to the unofficial RC-bugs count, the upcoming release Debian GNU/Linux 5.0 Lenny is currently affected by 118 release critical bugs. 43 of them have already been fixed in Debian's unstable branch. Of the remaining 75 release critical bugs, 33 already have a patch (which might need testing) and 5 are marked as pending.

Ignoring these bugs as well as release critical bugs for packages in contrib or non-free, 36 release critical bugs remain to be solved for the release to happen.

Important Debian Security Advisories

Debian's Security Team recently released advisories for these packages (among others): python2.4, xulrunner, iceweasel, wireshark and phpmyadmin. Please read them carefully and take the proper measures.

Please note that these are only a selection of the more important security advisories of the last two weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list for announcements.

New and noteworthy packages

The following packages were added to the unstable Debian archive recently (among others):

Debian Package of the Day featured the package apticron (a cron-script to mail impending apt updates).

Work-needing packages

Currently 488 packages are orphaned and 117 packages are up for adoption. Please take a look at the recent reports to see if there are packages you are interested in or view the complete list of packages which need your help.

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at debian-publicity@lists.debian.org.


To receive this newsletter in your mailbox, subscribe to the debian-news mailing list.

Back issues of this newsletter are available.

This issue of Debian Project News was edited by Andre Felipe Machado, Jon Evans, Richard Hartmann, Stefano Zacchiroli, Christian Perrier, Frans Pop, Meike Reichle and Alexander Reichle-Schmehl.