Debian Project News - September 2nd, 2015
Welcome to this year's seventh issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:
- Stefano Zacchiroli receives O'Reilly Open Source Award
- First Alpha versions for Stretch Debian installer
- DebConf15: The biggest Debconf ever held!
- Archive changes: SPARC architecture removed from the archive, Squeeze moved
- New Debian UEFI team
- FreedomBox 0.5 released
- Bits from the release Team: GCC5 as default, transition thereof
- Bits from Perl maintainers: Transition to Perl 5.22
- Bits from the Wanna Build team: Buildd status
- Tips and Tricks
- Upcoming events
- New Debian Contributors
- Important Debian Security Advisories
- New and noteworthy packages
- Work-needing packages
- Want to continue reading DPN?
Stefano Zacchiroli received an O'Reilly Open Source Award at OSCON for his contributions to Debian and the FOSS community. Stefano served as Debian Project Leader (DPL) for three years. He currently serves on the board of the Open Source Initiative and is a researcher at IRILL in Paris.
that the first Alpha version of the installer for Debian 9
had been released. Shortly afterward the second version
was released live from the DebConf Birthday Party in Heidelberg, Germany. He posted on his blog
a quick recap of the beginning of the development cycle of the installer for Stretch, and announced
that the migration to testing of packages producing the special udeb
packages used by the installer would be frozen just before the release of
a new version of the installer. He also asks the maintainers of packages
with potential changes to the installer for coordination through the
debian-boot mailing list.
The annual Debian developer meeting took place in Heidelberg, Germany, 15
to 22 August 2015. More than 550
DebConf15 attendees participated
in the 216 scheduled events, talks, discussions, workshops, and programming
sessions, of which 119 were streamed and recorded, and are now
for viewing, as are
the slides and
photos. DebConf team is collecting impressions
from attendees as well as links to press
articles so that you can see how intensive and fruitful this
amazing conference was, as the DebConf
team put it.
Joerg Jaspert announced
that support for the SPARC architecture
has been removed from the official archive.
The support of SPARC was introduced with Debian 2.1
Andrew Carter shared his memories
of SPARC in Debian.
He also announced
that due to disk space limitations on mirror hosts, the non-LTS
architectures of Squeeze were removed from the mirror network. Squeeze i386/amd64
will continue to be hosted on the normal mirrors, while the whole of Squeeze is
available at archive.debian.org.
Steve McIntyre announced on his blog the creation of a UEFI team in Debian, using the freshly opened #debian-uefi IRC channel on irc.debian.org. The team is welcoming new members interested in helping with these packages and UEFI in general. Steve also reported the beginning of a cross-distribution effort to track broken UEFI implementations. If you have a particular UEFI horror story, add details to the dedicated wiki page.
James Valleroy announced the release of FreedomBox version 0.5. The FreedomBox Project is a community effort to develop, design, and promote personal servers based on Debian running free software for private personal communications. More information about this version is available in the release notes.
Jonathan Wiltshire sent a message about the way package maintainers can help the transition to GCC5 and libstdc++6, which can be tracked on the transition tracker. They are asked to defer uploads to unstable where possible, unless they are related to this transition - for example, fixing a FTBFS with GCC5, or other RC bugs to unblock migration, or related to the libstdc++ follow-up transitions. They are welcome to work in experimental in the meantime. Matthias Klose focused on the transition for the libstdc++6 ABI with an emphasis on what should be done, or not!
Niko Tyni announced a Perl transition to Perl 5.22, expected in the next couple of months. Perl 5.22 packages have been in experimental since June, and the list of blockers is getting shorter. Some changes occurred in the organisation of the binary packages built from src:perl version 5.22 in experimental to allow for keeping older versions of libperl5.xx installable, and for marking them Multi-Arch:same so that they can be co-installed for multiple architectures. In order not to increase the number of packages, the non-essential parts of the standard library have been integrated into the libperl5.xx package. As a side effect, installing libperl5.xx now installs the full Perl standard library.
The Wanna Build team met at DebCamp welcoming Joachim Breitner as a new member. They quickly got to work on getting arch:all packages buildable with their autobuilders, and they remind developers that they are available if a package does not make it through the ftp-master archive. The team continuted work on merging buildd.debian-ports.org into buildd.debian.org, and did a front end update to the buildd status pages. The team also focused on rsync based uploads from the buildds, upgraded their autobuilders to Jessie and discussed package archives for project members. The team plans to work on cross build dependencies, workflow regarding communication between the autobuilders, and working toward stateless autobuilders. The team gives special thanks to the DSA and ftp-master teams.
Simon Kainz announced and updated the weekly DUCK challenge to help find, fix, and upload packages with DUCK issues before the end of DebConf15. Prizes and notoriety aside, the tallies for Week 1: 10 fixes and uploads. Week 2: 15 fixes and uploads. Week 3: 10 fixes and uploads, with an impressive pause to acknowledge 35 packages by 25 different people thus far. Week 4: 14 fixes and uploads.
Gregor Herrmann reported on RC bugs worked on in early July as part of the GCC5 transition, and work with the Debian Perl Group's upstream releases.
Niels Thykier worked in the background on Lintian and applied some performance tuning, with the output monitoring process being made available on-line. The set of changes, such as an increase in buffer size, along with various memory optimisations, brought memory consumption down 33%. A second tuning concentrated on field definitions which further reduced memory use and when applied saw reductions in size for libreoffice and chromium at 55% and 61% respectively.
John Goerzen wondered about better password storage with readily available means such as a USB stick or other secure hardware, which led him to blog about his first steps with smartcards under Linux and Android. He followed this with a Detailed Smart Card Cryptographic Token Security Guide.
Freexian, sponsor of Debian Long Term Support (LTS), highlighted 73.50 work hours in their June report and 79.50 work hours in their July 2015 report, spread in each case among 7 paid contributors. July's work listed 20 packages awaiting an update with about 22 packages in a vulnerable state, down from 33 the previous month. During DebConf15 LTS was featured in a talk, and video is available of two presentations: LTS Past, Present, and Future and Preparing for Wheezy LTS.
Raphaël Hertzog reported on 15 hours of paid support working on Debian LTS and his jump ahead to the future to work on Kali Linux / Debian Stretch. The work with Kali Linux is to parallel Debian Constantly Usable Testing with a rolling release cycle and snapshot for every 4 months toward 3 releases per year. Bugs closed on the Kali side of work benefited Debian with improvements to APT, upstream requests for nvidia drivers, and the investigation of a schroot issue. In his other time Raphael sponsored packages, uploaded his own packages, and worked on the Distro Tracker.
Carl Chenet worked on Retweet, a Twitter bot that automatically re-tweets posts, nearly completed the full localisation of Le Journal du hacker into French, and submitted a pull request for additional sources for planet.sysadmin-fr.org. Carl also worked on several bug reports for Dockier.io and Backupchecker.
Antonio Terceiro introduced
his readers to Elixir and plans for its use in
Debian; interested parties are encouraged to join or hang around in #debian-elixir
on irc.debian.org. Antonio helped organise a MiniDebconf in
Porto Alegre which targeted bringing more participants into Debian; he spoke
What is Debian, and how it works and packaging free software. Videos of
his talks are available here.
Antonio is also helping to organise
another MiniDebConf in October as part of Latinoware. Antonio also worked on the
transition to Ruby 2.2 as the default in Debian unstable, and uploaded
updates to unstable which reached testing.
Ritesh Raj Sarraf blogged on a few topics discussed at a Micro Debian Developers meeting regarding cross compilation, licensing from the point of view of the end user, and systemd. Container groups held a fair amount of discussion time in consideration of how they work within systemd. He shares an example of using systemd-nspawn as a replacement for Linux Containers (LXC).
Several members of the Debian community shared some tips: Christoph Egger shows how to export org notes from emacs to HTML. Petter Reinholdtsen demonstrates typesetting DocBook footnotes with dblatex. Jonathan McDowell recovers a Netgear DGN3500 via JTAG. In the world of 3D printing, Elena Grandi shares a makefile for OpenSCAD projects. James McCoy expands on an idea for ease of porterbox logins using a script and ssh_config snippets. François Marier shows how to set up a wifi regulatory domain on Linux and OpenWRT.
There are two upcoming Debian-related events:
- October, 14-16, the MiniDebconf Latinoware will take place during Latinoware2015, the 12th Latin-American Free Software Conference, in Foz do Iguaçu, Brazil.
- September, 12-13, the Debian India community is having a mini-debconf in Pune, India.
You can find more information about Debian-related events and talks on the events section of the Debian web site, or subscribe to one of our events mailing lists for different regions: Europe, Netherlands, Hispanic America, North America.
Do you want to organise a Debian booth or a Debian install party? Are you aware of other upcoming Debian-related events? Have you delivered a Debian talk that you want to link on our talks page? Send an email to the Debian Events Team.
8 applicants have been accepted as Debian Developers, 10 applicants have been accepted as Debian Maintainer, and 20 people have started to maintain packages since the previous issue of the Debian Project News. Please welcome Carsten Leonhardt, Gianfranco Costamagna, Tianon Gravi, Graham Inggs, Iain R. Learmonth, Ximin Luo, Christian Kastner, Laura Arjona Reina, Riley Baird, Christopher Knadle, Alex Muntada, Benjamin Barenblat, Johan Van de Wauw, Jose Luis Rivero, Lennart Weller, Paul Novotny, Robie Basak, Senthil Kuramans S, Martin Michlmayr, Paulo Roberto Alves de Oliveira, Guillaume Turri, Víctor Manuel Jáquez Leal, Michael Grünewald, Antti Järvinen, Etienne Dublé, Francois Lafont, Sven Geggus, Nick Daly, Martin Wimpress, Adilson dos Reis, Alexander Sosna, Ivan Udovichenko, Fabian Klötzl, Nick Morrott, Danny Edel, Michael Moll, Marcin Dulak, and Chris Kuehl into our project!
Debian's Security Team recently released advisories for these packages (among others): tidy, freexl, mariadb-10.0, cacti, linux, typo3-src, chromium-browser, openjdk-7, lxc, expat, bind9, openafs, xmltooling, ruby-rack, icu, icedove, apache2, ghostscript, squid3, wordpress, linux, activemq, subversion, wordpress, iceweasel, gnutls28, request-traquer4, nss, gdk-pixbuf, python-django, openjdk-6, zendframework, conntrack, vlc, twig, php5, iceweasel, and drupal. Please read them carefully and take the proper measures.
The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: tidy, inspircd, groovy, ruby1.9.1, libidn, cacti, cacti, python-tornado, lighttpd, ghostscript, expat, icu, bind9, apache2, squid3, ia32-libs, openssh, remind, xmltooling, opensaml2, libidn, subversion, libstruts1.2-java, wordpress, conntrack, extplorer, wesnoth-1.8, and roundup ruby1.8 ruby1.9.1 pykerberos python-django zendframework openjdk-6. Please read them carefully and take the proper measures.
Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list (and the separate backports list, stable updates list, and long term support security updates list) for announcements.
1436 packages were added to the unstable Debian archive recently. Among many others are:
- backintime-qt4 — simple backup/snapshot system (graphical interface)
- caja-wallpaper — Allows one to quickly set a wallpaper from folders
- cpustat — periodic cpu utilization statistics
- gir1.2-gsound-1.0 — small library for playing system sounds
- libace-6.3.2 — C++ network programming framework
- python-gssapi — Python interface to GSSAPI
- libctpp2-2v5 — HTML template engine for C++
- postsrsd — Sender Rewriting Scheme (SRS) lookup table for Postfix
- sndiod — Small audio and MIDI framework from OpenBSD, sound server
- systemd-container — systemd container/nspawn tools
- usrmerge — Convert the system to everything-in-usr
- vim-voom — Vim two-pane outliner
Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at email@example.com.
To receive this newsletter in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Project News was edited by Cédric Boutillier, Jean-Pierre Giraud, Martin Michlmayr, Donald Norwood, Justin B Rye and Paul Wise.