Debian Project News - September 2nd, 2015

Welcome to this year's seventh issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:

Stefano Zacchiroli receives O'Reilly Open Source Award

Stefano Zacchiroli received an O'Reilly Open Source Award at OSCON for his contributions to Debian and the FOSS community. Stefano served as Debian Project Leader (DPL) for three years. He currently serves on the board of the Open Source Initiative and is a researcher at IRILL in Paris.

First Alpha versions for Stretch Debian installer

Cyril Brulebois announced that the first Alpha version of the installer for Debian 9 Stretch had been released. Shortly afterward the second version was released live from the DebConf Birthday Party in Heidelberg, Germany. He posted on his blog a quick recap of the beginning of the development cycle of the installer for Stretch, and announced that the migration to testing of packages producing the special udeb packages used by the installer would be frozen just before the release of a new version of the installer. He also asks the maintainers of packages with potential changes to the installer for coordination through the debian-boot mailing list.

DebConf15: The biggest Debconf ever held!

The annual Debian developer meeting took place in Heidelberg, Germany, 15 to 22 August 2015. More than 550 DebConf15 attendees participated in the 216 scheduled events, talks, discussions, workshops, and programming sessions, of which 119 were streamed and recorded, and are now available for viewing, as are the slides and photos. DebConf team is collecting impressions from attendees as well as links to press articles so that you can see how intensive and fruitful this amazing conference was, as the DebConf team put it.

Archive changes: SPARC architecture removed from the archive, Squeeze moved

Joerg Jaspert announced that support for the SPARC architecture has been removed from the official archive. The support of SPARC was introduced with Debian 2.1 Slink. Andrew Carter shared his memories of SPARC in Debian. He also announced that due to disk space limitations on mirror hosts, the non-LTS architectures of Squeeze were removed from the mirror network. Squeeze i386/amd64 will continue to be hosted on the normal mirrors, while the whole of Squeeze is available at

New Debian UEFI team

Steve McIntyre announced on his blog the creation of a UEFI team in Debian, using the freshly opened #debian-uefi IRC channel on The team is welcoming new members interested in helping with these packages and UEFI in general. Steve also reported the beginning of a cross-distribution effort to track broken UEFI implementations. If you have a particular UEFI horror story, add details to the dedicated wiki page.

FreedomBox 0.5 released

James Valleroy announced the release of FreedomBox version 0.5. The FreedomBox Project is a community effort to develop, design, and promote personal servers based on Debian running free software for private personal communications. More information about this version is available in the release notes.

Bits from the release Team: GCC5 as default, transition thereof

Jonathan Wiltshire sent a message about the way package maintainers can help the transition to GCC5 and libstdc++6, which can be tracked on the transition tracker. They are asked to defer uploads to unstable where possible, unless they are related to this transition - for example, fixing a FTBFS with GCC5, or other RC bugs to unblock migration, or related to the libstdc++ follow-up transitions. They are welcome to work in experimental in the meantime. Matthias Klose focused on the transition for the libstdc++6 ABI with an emphasis on what should be done, or not!

Bits from Perl maintainers: Transition to Perl 5.22

Niko Tyni announced a Perl transition to Perl 5.22, expected in the next couple of months. Perl 5.22 packages have been in experimental since June, and the list of blockers is getting shorter. Some changes occurred in the organisation of the binary packages built from src:perl version 5.22 in experimental to allow for keeping older versions of libperl5.xx installable, and for marking them Multi-Arch:same so that they can be co-installed for multiple architectures. In order not to increase the number of packages, the non-essential parts of the standard library have been integrated into the libperl5.xx package. As a side effect, installing libperl5.xx now installs the full Perl standard library.

Bits from the Wanna Build team: Buildd status

The Wanna Build team met at DebCamp welcoming Joachim Breitner as a new member. They quickly got to work on getting arch:all packages buildable with their autobuilders, and they remind developers that they are available if a package does not make it through the ftp-master archive. The team continuted work on merging into, and did a front end update to the buildd status pages. The team also focused on rsync based uploads from the buildds, upgraded their autobuilders to Jessie and discussed package archives for project members. The team plans to work on cross build dependencies, workflow regarding communication between the autobuilders, and working toward stateless autobuilders. The team gives special thanks to the DSA and ftp-master teams.


Simon Kainz announced and updated the weekly DUCK challenge to help find, fix, and upload packages with DUCK issues before the end of DebConf15. Prizes and notoriety aside, the tallies for Week 1: 10 fixes and uploads. Week 2: 15 fixes and uploads. Week 3: 10 fixes and uploads, with an impressive pause to acknowledge 35 packages by 25 different people thus far. Week 4: 14 fixes and uploads.

Gregor Herrmann reported on RC bugs worked on in early July as part of the GCC5 transition, and work with the Debian Perl Group's upstream releases.

Niels Thykier worked in the background on Lintian and applied some performance tuning, with the output monitoring process being made available on-line. The set of changes, such as an increase in buffer size, along with various memory optimisations, brought memory consumption down 33%. A second tuning concentrated on field definitions which further reduced memory use and when applied saw reductions in size for libreoffice and chromium at 55% and 61% respectively.

John Goerzen wondered about better password storage with readily available means such as a USB stick or other secure hardware, which led him to blog about his first steps with smartcards under Linux and Android. He followed this with a Detailed Smart Card Cryptographic Token Security Guide.

The Reproducible Builds team is proud to report on over 65 packages fixed in the 17th week of the Stretch cycle; they also share their talk given at DebConf15 and their roundtable.

Freexian, sponsor of Debian Long Term Support (LTS), highlighted 73.50 work hours in their June report and 79.50 work hours in their July 2015 report, spread in each case among 7 paid contributors. July's work listed 20 packages awaiting an update with about 22 packages in a vulnerable state, down from 33 the previous month. During DebConf15 LTS was featured in a talk, and video is available of two presentations: LTS Past, Present, and Future and Preparing for Wheezy LTS.

Raphaël Hertzog reported on 15 hours of paid support working on Debian LTS and his jump ahead to the future to work on Kali Linux / Debian Stretch. The work with Kali Linux is to parallel Debian Constantly Usable Testing with a rolling release cycle and snapshot for every 4 months toward 3 releases per year. Bugs closed on the Kali side of work benefited Debian with improvements to APT, upstream requests for nvidia drivers, and the investigation of a schroot issue. In his other time Raphaël sponsored packages, uploaded his own packages, and worked on the Distro Tracker.

Carl Chenet worked on Retweet, a Twitter bot that automatically re-tweets posts, nearly completed the full localisation of Le Journal du hacker into French, and submitted a pull request for additional sources for Carl also worked on several bug reports for and Backupchecker.

Antonio Terceiro introduced his readers to Elixir and plans for its use in Debian; interested parties are encouraged to join or hang around in #debian-elixir on Antonio helped organise a MiniDebconf in Porto Alegre which targeted bringing more participants into Debian; he spoke about What is Debian, and how it works and packaging free software. Videos of his talks are available here. Antonio is also helping to organise another MiniDebConf in October as part of Latinoware. Antonio also worked on the transition to Ruby 2.2 as the default in Debian unstable, and uploaded updates to unstable which reached testing.

Ritesh Raj Sarraf blogged on a few topics discussed at a Micro Debian Developers meeting regarding cross compilation, licensing from the point of view of the end user, and systemd. Container groups held a fair amount of discussion time in consideration of how they work within systemd. He shares an example of using systemd-nspawn as a replacement for Linux Containers (LXC).

Tips and Tricks

Several members of the Debian community shared some tips: Christoph Egger shows how to export org notes from emacs to HTML. Petter Reinholdtsen demonstrates typesetting DocBook footnotes with dblatex. Jonathan McDowell recovers a Netgear DGN3500 via JTAG. In the world of 3D printing, Elena Grandi shares a makefile for OpenSCAD projects. James McCoy expands on an idea for ease of porterbox logins using a script and ssh_config snippets. François Marier shows how to set up a wifi regulatory domain on Linux and OpenWRT.

Upcoming events

There are two upcoming Debian-related events:

You can find more information about Debian-related events and talks on the events section of the Debian web site, or subscribe to one of our events mailing lists for different regions: Europe, Netherlands, Hispanic America, North America.

Do you want to organise a Debian booth or a Debian install party? Are you aware of other upcoming Debian-related events? Have you delivered a Debian talk that you want to link on our talks page? Send an email to the Debian Events Team.

New Debian Contributors

8 applicants have been accepted as Debian Developers, 10 applicants have been accepted as Debian Maintainer, and 19 people have started to maintain packages since the previous issue of the Debian Project News. Please welcome Carsten Leonhardt, Gianfranco Costamagna, Tianon Gravi, Graham Inggs, Iain R. Learmonth, Ximin Luo, Christian Kastner, Laura Arjona Reina, Riley Baird, Christopher Knadle, Alex Muntada, Benjamin Barenblat, Johan Van de Wauw, Jose Luis Rivero, Lennart Weller, Paul Novotny, Robie Basak, Senthil Kuramans S, Paulo Roberto Alves de Oliveira, Guillaume Turri, Víctor Manuel Jáquez Leal, Michael Grünewald, Antti Järvinen, Etienne Dublé, Francois Lafont, Sven Geggus, Nick Daly, Martin Wimpress, Adilson dos Reis, Alexander Sosna, Ivan Udovichenko, Fabian Klötzl, Nick Morrott, Danny Edel, Michael Moll, Marcin Dulak, and Chris Kuehl into our project!

Important Debian Security Advisories

Debian's Security Team recently released advisories for these packages (among others): tidy, freexl, mariadb-10.0, cacti, linux, typo3-src, chromium-browser, openjdk-7, lxc, expat, bind9, openafs, xmltooling, ruby-rack, icu, icedove, apache2, ghostscript, squid3, wordpress, linux, activemq, subversion, wordpress, iceweasel, gnutls28, request-traquer4, nss, gdk-pixbuf, python-django, openjdk-6, zendframework, conntrack, vlc, twig, php5, iceweasel, and drupal. Please read them carefully and take the proper measures.

The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: tidy, inspircd, groovy, ruby1.9.1, libidn, cacti, cacti, python-tornado, lighttpd, ghostscript, expat, icu, bind9, apache2, squid3, ia32-libs, openssh, remind, xmltooling, opensaml2, libidn, subversion, libstruts1.2-java, wordpress, conntrack, extplorer, wesnoth-1.8, and roundup ruby1.8 ruby1.9.1 pykerberos python-django zendframework openjdk-6. Please read them carefully and take the proper measures.

Debian's Stable Release Team released an update announcement for the package: tzdata, and libdatetime-timezone-perl. Please read it carefully and take the proper measures.

Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list (and the separate backports list, stable updates list, and long term support security updates list) for announcements.

New and noteworthy packages

1436 packages were added to the unstable Debian archive recently. Among many others are:

Work-needing packages

Currently 680 packages are orphaned and 181 packages are up for adoption: please visit the complete list of packages which need your help.

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at

To receive this newsletter in your mailbox, subscribe to the debian-news mailing list.

Back issues of this newsletter are available.

This issue of Debian Project News was edited by Cédric Boutillier, Jean-Pierre Giraud, Martin Michlmayr, Donald Norwood, Justin B Rye and Paul Wise.