Debian Project News - January 31st, 2011

Welcome to this year's second issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:

Debian 6.0 Squeeze to be released this weekend

Release Manager Neil McGovern announced the target release date of Debian 6.0 Squeeze on the weekend of the 5th and 6th of February. Debian 6.0 Squeeze will finally arrive as a stable release! Final work towards this has begun including preparations for release parties all over the world!

For those from the community who are waiting impatiently for the release, provides a countdown banner. As the release process takes time, members of the Debian Project will provide live comments and interesting facts via Debian's official account.

One interesting number has already been posted: in the two years of development of Debian 6.0 Squeeze the Debian Project has closed 149,862 bugs. Thank you everyone for this fantastic work!

Join the DebConf team

DebConf is a yearly conference for the Debian community. Like everything else in Debian, DebConf is run completely by volunteers. Organising a conference is a lot of work, as you might imagine, so it is no surprise that the DebConf team is eager to have people help out. As Richard Darst writes: DebConf is a huge process, and there are many things we could use help on. People come and go, and are usually overworked after a year or two — so we would love new people to get involved. If you have new ideas, we'd love to hear about them and we can discuss if they'd work and how to make them happen. And by the way, if you are looking for a good way to get involved with Debian and don't know where to start, this might be among the best options!

Bits from the Security Team

Thijs Kinkhorst sent some bits from the Debian Security Team reporting about the group's meeting at the Linux Hotel in Essen, Germany. Among the things they discussed were various improvements to the team work-flow, particularly regarding the release process of Debian Security Advisories - redesigned from the ground up; a longer security support for Debian stable - still a proposal - and backports security support. The report also mentions various other interesting topics such as Beta testing of security updates, a README.test file to include into packages to explain how its functionality can be tested, and the problem of some specific packages which are difficult to handle because they include a lot of source packages. The mail ends with a call for volunteers. More details can be read on the full minutes of the meeting.

In related news, Simon Paillard from the Debian mirrors team reported news for sponsors of Debian mirrors. One interesting element was his request for help to provide more official mirrors of the security archive. He's especially interested in new official mirrors in South America, Asia, and Africa.

Debunking myths about Debian's firmware (non-)removal

Noticing that Debian's recent announcement about releasing Debian 6.0 Squeeze with a completely free Linux kernel seems to have been widely misunderstood, Debian Developer Alexander Reichle-Schmehl debunked some myths about the (non-)removal of firmware. For example, the claim that Debian removed all firmware files from its kernels. The short answer to that claim is no. Debian will be uninstallable (sic) for many users (short answer: there are netinstall images and tarballs for other installation media available); Ah, those Debian freedom zealots again... (short answer: it's not only Debian).

He also explained some of the reasons for the fuss about non-free firmware files, and recommended that people who find it difficult to find the non-free images should just remember two words: wiki and firmware, as everything needed can be found on the firmware page of Debian's wiki.

Updated Debian GNU/Linux: 5.0.8 released

A new update for Debian GNU/Linux 5.0 Lenny has been released. This update mainly adds corrections for security problems to the stable release, along with a few adjustments to serious problems.

Debian Installer 6.0 RC2 released

The second release candidate of the installer for Debian Squeeze was released on 22 January. This release includes some fixes, such as correct keyboard configuration for the graphical installer for several languages.
The errata collects some details and a full list of known issues. You are encouraged to test the installer and report bugs. Install media and further information are available on the Debian Installer page.

In related news, Matthew Palmer announced test images of the debian-installer supporting IPv6 (suitable for IPv6-only networks) and test images supporting Wi-Fi Protected Access (WPA). He calls for testers for both images.

Cross-distro Application Installer

Enrico Zini has published on his blog a report of his participation at the Cross-distro Meeting on Application Installer. The meeting, organised by Vincent Untz, was focused on metadata (both from packages and users) and how to share them between distributions or, at least, how to define some standards for this metadata. Enrico has presented debtags and apt-xapian-index, two of the most powerful tools for handling package metadata in Debian. As a result of the meeting, there is now a plan to match package names across Linux distributions.

It's also nice to see how Debian's services and projects like (providing screenshots of applications to users and package management frontends), the Debian Description Translation Project (DDTP for short; translating Debian package descriptions into other languages), or debtags (tagging Debian packages for easier search) were welcomed and admired by other representatives.

On the maintainability of Ruby

The maintainability of Ruby became again topic of discussion, after two of its long-time package maintainers decided to give up on Ruby and related packaging. Lucas Nussbaum explained some of the problems he sees, which make it difficult for distributions to package Ruby and its libraries. Often problems seem to arise due to the different needs of developers and administrators/distributors. The topic was also discussed in an article on Linux Weekly News. How the situation will continue is not yet clear, but even so some progress has been reported. Both maintainers have also said that they will be open to handing over package maintenance of their Ruby related packages to new volunteers.

Bits from Debian GIS

The mailing list for general discussion of Geographic Information System (GIS) issues in Debian was moved from Alioth to As usual is also open for non-subscribers, has a more generic name, and can hopefully attract more GIS users and developers in Debian to discuss relevant issues.

The Debian GIS Blend has defined a new task SAR and Earth Observation on their tasks page which contains a list of not yet official packages which are potential targets for inclusion into Debian. Feel free to discuss this task or other ideas you might have about the GIS relevant packages on the mailing list mentioned above.

Please note that Debian GIS also maintains OpenStreetMap-related packages, together with the Debian OpenStreetMap Team (pkg-osm on Alioth). Feel free to join!

Debian Project at several conferences and trade fairs

The Debian project announced that it will be present on several upcoming events and trade fairs, including Cloud Expo Europe 2011 in London, UK, FOSDEM in Brussels, Belgium, SCaLE in Los Angeles, USA, CeBIT in Hanover, Germany, and the Chemnitzer Linux-Tage in Chemnitz, Germany.

Further This week in Debian interviews

Since the last issue of the Debian Project News, one new issue of the This week in Debian podcast has been published: an interview with Jonas Smedegaard, discussing the Freedom Box.

There has also been one further People behind Debian interview: with Michael Vogt, synaptic and APT developer.

Other news

Aurélien Jarno announced the new debian-ports archive signing key, which will be used to sign the archive on unofficial ports.

The Debian Administration blog published a how-to about installing an encrypted openvpn on Lenny and one about creating dynamic volumes with loop devices.

Mike Hommey blogged about changes to the Debian Mozilla team APT archive, where test versions of several Mozilla products (like Firefox 3.6 and 4.0) are made available.

Raphaël Hertzog noted that unlike other distributions, Debian is doing very well eating its own dog food, meaning that its infrastructure is running on its own distribution. He congratulated the Debian Systems Administration team for keeping more than 140 servers running Debian.

Cyril Brulebois published Debian XSF News summarising many recent events around packaging in Debian.

Yves-Alexis Perez requested a crypto declaration file number from the French authorities. The number is 1101027 and he's made scans of the documents available too.

New Debian Contributors

3 applicants have been accepted as Debian Developers, 1 applicant has been accepted as Debian Maintainer, and 3 people have started maintaining packages since the previous issue of the Debian Project News. Please welcome Kamal Mostafa, Scott Howard, Kai Wasserbäch, Vincent Legout, Christer Edwards, Rico Tzschichholz, and Krzysztof Klimonda into our project!

Release-Critical bugs statistics for the upcoming release

According to the Bugs Search interface of the Ultimate Debian Database, the upcoming release, Debian 6.0 Squeeze, is currently affected by 8 release-critical bugs. Ignoring bugs which are easily solved or on the way to being solved, roughly speaking, only about 5 release-critical bugs remain to be solved for the release to happen!

There are also more detailed statistics as well as some hints on how to interpret these numbers.

Important Debian Security Advisories

Debian's Security Team recently released advisories for these packages (among others): wireshark, libsmi, mydms, pimd, tor, dbus, request-tracker3.6,, hplip, linux-2.6, exim4 and freetype. Please read them carefully and take the proper measures.

Debian's Backports Team releases advisories for these packages: egroupware (removal), kvm (removal), request-tracker3.8 and Please read them carefully and take the proper measures.

Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list (and the separate backports list and volatile list) for announcements.

New and noteworthy packages

The following packages were added to the unstable Debian archive recently (among others):

Please note that due to the freeze of the upcoming Debian 6.0 Squeeze acceptance of new packages has almost ceased.

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at

To receive this newsletter in your mailbox, subscribe to the debian-news mailing list.

Back issues of this newsletter are available.

This issue of Debian Project News was edited by David Paleino, Francesca Ciceri, Jeremiah C. Foster, David Prévot and Alexander Reichle-Schmehl.