Debian Project News - October 27th, 2014

Welcome to this year's fourteenth issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:

Debian & Stuff podcast

Asheesh Laroia and Sam Erbs have started a podcast entitled Debian and Stuff. The first episode, Moin Moin Vs. MediaWiki, was recorded at DebConf14 and contains a little bit of Debian and a lot of stuff discussed between Sam and Asheesh.

Debian switching back to GNOME as the default desktop

Joey Hess shared why Debian is likely switching back to GNOME as the default desktop environment, based on preliminary results which show GNOME coming out ahead in the requalification. This change is also supported by accessibility and to some extent systemd integration.

Contributing to Debian in other ways

Vincent Sanders blogged about contributions to Debian and how, surprisingly, they do not always need to be software related. He demonstrated this with a project to cool Debian down a bit. The project shows how doing some behind the scenes work, which may seem small, really makes a major contribution to Debian, and occasionally provides that excuse needed to buy more tools.

The Ada initiative and the Outreach Program For Women

Matt Zimmerman shared an update on the Ada Initiative, a non-profit organisation which has helped create positive change for women far past its inital goal of supporting women working in open source communities. Matt asked for and financially matched donations for the Initiative.

Nicolas Dandrimont posted a call for projects and participants in the Outreach Program for Women. The GNOME Foundation started the Free & Open Source Software Outreach Program for Women in 2006; this year, Debian will participate and offer (pending sponsorship) up to three internships. OPW allows applicants to work on any kind of project to increase the number of women in FOSS. Interested parties are encouraged to apply. More information about Debian's contribution and an overview is available on the Outreach Program for Women wiki page.

Who is 15?!

Today in world domination news, we wish you a Happy WHOIS! 15 years ago Marco d'Itri thought the process of acquiring WHOIS information should be simpler and should not require hunting through multiple registries. He authored a Debian version of WHOIS to replace the BSD-derived version that used to ship with Debian. Marco's version of WHOIS and his continued work in the background over the years for a WHOIS that knows which server to query for IP addresses and ASNs has a database that is often more up to date than the official IANA database. Marco's WHOIS is now the default WHOIS client on all Linux distributions.

Squeeze long term support reports

Raphaël Hertzog reported on 11 hours of paid support work on Debian LTS. 23 commits were made to the security tracker consisting of patch reviews, uplinks, and changes to the list of packages that require LTS updates. A fair amount of research goes into the effort beyond just reviewing or triage. He detailed some of the efforts taken to ensure quality and stay abreast of vulnerabilities.

Freexian's second report about Debian Long Term Support showed that compared to last month, we have gained five new sponsors and now provide almost 25% of a full-time position. 39 packages needed updates in Squeeze, which is nine more than last month. Contributors paid by Freexian handled 11 updates last month, which gives an approximate rate of three hours per update with CVE triage included. Given that the list of sponsors is almost exclusively comprised of European companies, readers are asked what can be done to convince others to join the effort.

Holger Levsen's September 2014 LTS report relayed work on the Debian Security Tracker which he is happy to announce looks good and professional. Eight bugs were squashed, a backport of dgit was uploaded to wheezy-backports, and uploads to squeeze-lts were made for apache2, nss, libplack-perl, icinga, libstrus1, and wordpress.

Thorsten Alteholz reported 11 hours in September on Squeeze-LTS, uploading new versions of eglibc, curl, php5, and fex. He also collaborated with Raphaël Hertzog on a new version of python-django. In other areas Thorsten uploaded a new version of net-dns-fingerprint and worked in his role as FTP assistant with 312 packages accepted.

General Resolution: init system coupling

In February of 2014 the technical committee selected systemd as the default init system for Debian. Since that selection there has been a multitude of discussions on many mailing lists both for and against the change. Lucas Nussbaum posted a tentative summary of each of the proposed amendments in the init system coupling General Resolution vote that is to occur shortly.

Bits from the Debian Multimedia Maintainers

Alessio Treglia posted bits from the Debian Multimedia Maintainers regarding Jessie. They have been very busy with codec updates, from libavcodec (which has been updated to the latest upstream to provide for HEVC, Opus, Matroska, and Apple ProRes) to libeburl128, libltc, libva, and LADI Session Handler for JACK applications. Included is the LV2 Toolkit and a LADSPA plugin bundle. New multimedia applications include Advene, Ardour3, dvdwizard, flowblade, Groove Basin, and mpv, among others. As the overall goal is to improve quality, a few packages were dropped, such as beast, plotmn, phat, and mplayer. The team invites interested parties to join them on the pkg-multimedia-maintainers mailing list on Alioth or on the OFTC #debian-multimedia IRC channel.

Debian Quiz Game, help wanted!

Lucas Nussbaum revisited the Debian Quiz Game based on the original TCP/IP drinking game with 23 newly added questions. He asks for a few adopters to assist with pushing the process forward. Readers can check the current state of the quiz with its posted answers on collab-maint.

Debian DebUtsav'14

On October 17-18 at the Amrita School of Engineering, Debian-India held a Debian Festival: DebUtsav'14. Despite some last-minute political turmoil, the event planners persevered.

Pirate Praveen wrote of the excitement and enthusiasm of working with students who were already familiar with FOSS and in seeing women participating in FOSS. He also shared his insight into how DebUtsav came to be created and how this event that marries a Mini-DebConf and FOSS conference can move forward as a brand and serve as a blueprint for other organisations.

Shirish Agarwal posted sharing his experience and timeline of the planning processes that went into the location, hosting facility, and media aspects of the event.

Balasankar C blogged about the hackfest, the keynote from Krishnakant Mane, and some of the sessions that took place during the event. The wrap-up comes with a nice summary: An event full of FOSS, Fun, and Food.

R. Harish Navnit described how an email this April about the possibility of a Mini-DebConf in Amritapuri led to an idea, collaboration across several teams, a guest speaker, and finally an event.

Other reports

As well as the LTS report mentioned above, Raphaël Hertzog's Free Software Activities in September 2014 included updating Django 1.7 in experimental and pushing for its inclusion in unstable. He noted that the pace of development on slowed down a bit, with only 30 new commits in the repository to close six bugs. Raphaël has also been packaging for a new upstream version of Publican, and sponsoring new uploads of dolibarr, tcpdf, and tryton-server.

Thomas Goirand shared a detailed OpenStack report showing his activity for the month of September 2014. He highlighted the work done in the background for the packages Icehouse and Juno (in Sid/Experimental, with backports for Wheezy). His overview focuses on the daily uploads, fixes, and collaboration with other Debian Developers and teams.

Upcoming events

There are some upcoming Debian-related events:

You can find more information about Debian-related events and talks on the events section of the Debian wiki, or subscribe to one of our events mailing lists for different regions: Europe, Netherlands, Hispanic America, North America.

Do you want to organise a Debian booth or a Debian install party? Are you aware of other upcoming Debian-related events? Have you delivered a Debian talk that you want to link on our talks page? Send an email to the Debian Events Team.

New Debian Contributors

Seven applicants have been accepted as Debian Maintainer, and twenty-eight people have started to maintain packages since the previous issue of the Debian Project News. Please welcome Carlos Alberto Lopez Perez, Guilhem Moulin, Iain R. Learmonth, Mattia Rizzolo, Otto Kekäläinen, Ralf Jung, Stein Magnus Jodal, Morgan Deters, Tim Potter, Rémi Palancher, Bernhard Übelacker, Marcio de Souza Oliveira, Petr Salinger, Eugen Wintersberger, Alexandre Detiste, Cesare Falco, Jean-Christophe Jaskula, Matthew Bekkema, Corentin Desfarges, Roger Kalt, Łukasz 'sil2100' Zemczak, Fabien Givors, Reuben Thomas, Jose Robson Mariano Alves, Pedro Beja, Bruno Nova, Martin Steghöfer, Alexandre Viau, HAYASHI Kentaro, François-René Rideau, Jason Pleau, Dominik Paulus, Sebastian Schmidt, Olek Wojnar, and Tino Didriksen into our project!

Release-Critical bugs statistics for the upcoming release

According to the Bugs Search interface of the Ultimate Debian Database, the upcoming release, Debian Jessie, is currently affected by 319 Release-Critical bugs. Ignoring bugs which are easily solved or on the way to being solved, roughly speaking, about 240 Release-Critical bugs remain to be solved for the release to happen.

There are also more detailed statistics as well as some hints on how to interpret these numbers.

Important Debian Security Advisories

Debian's Security Team recently released advisories for these packages (among others): icedove, libvirt, chromium-browser, rsyslog, xen, exuberant-ctags, qemu-kvm, qemu, mediawiki, rsyslog, apt, wireshark, iceweasel, drupal7, wpa, openssl, mysql-5.5, and pidgin. Please read them carefully and take the proper measures.

Debian's Backports Team released advisories for the package drupal7. Please read them carefully and take the proper measures.

The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: python-django, apache2, php5, fex, exuberant-ctags, apt, tryton-server, apache2, rsyslog, tzdata, ppp, mysql-5.1, and kde4libs. Please read them carefully and take the proper measures.

Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the security mailing list (and the separate backports list, stable updates list, and long term support security updates list) for announcements.

New and noteworthy packages

964 packages were added to the unstable Debian archive recently. Among many others are:

Work-needing packages

Currently 607 packages are orphaned and 139 packages are up for adoption: please visit the complete list of packages which need your help.

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at

To receive this newsletter in your mailbox, subscribe to the debian-news mailing list.

Back issues of this newsletter are available.

This issue of Debian Project News was edited by Cédric Boutillier, Donald Norwood, Justin B Rye and Paul Wise.