[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

DPN 2014/17 frozen. Please review and translate.

[ Please reply on -publicity list ]

Hi all,

We just finished the last bits of the new issue of DPN to be released on
Monday, December 29, around 19:45 UTC.

We would very much appreciate reviews and translations.

Instructions are available on the wiki:

The last updated version is available on the publicity
Subversion repository, even via HTTP:

If you're willing to contribute to the redaction of the next issue,
don't hesitate, and join #debian-publicity IRC channel or send a message
to debian-publicity@lists.debian.org.

Best regards,

Donald Norwood

#use wml::debian::projectnews::header PUBDATE="2014-12-29" SUMMARY="Online Source Editing, Debian Code Search, UEFI Support in Jessie, Technical Committee Term Limits, Debian Long Term Support and Freexian's 4th report, C++11 talk, notes, and use in Jessie, Bug Reports for Jessie, DPN asks: Auditors, What do you do?, Other news"

# $Id: index.wml-template 5933 2014-11-20 04:21:15Z dnorwood-guest $
# $Rev: 5933 $
# Status: [content-frozen]

## substitute XXX with the number (expressed in letter) of the issue.
## please note that the var issue is not automagically localized, so
## translators need to put it directly in their language!
## example: <intro issue="fourth" />

<intro issue="seventeenth" />

<toc-add-entry name="DC_Editing">Online Source Editing</toc-add-entry>
Inspired by GitHub's online code editing and Stefano Zacchiroli's presentation at Debconf14,
Raphael Geissert
<a href="http://rgeissert.blogspot.com/2014/12/editing-debian-online-with.html";>announces
an integrated online editor</a>
for <a href="http://sources.debian.net/";>debsources</a>. The Chromium
extension allows users to edit debsources without having to download source packages and without leaving your

<toc-add-entry name="DCS">Debian Code Search</toc-add-entry>
Since the shutdown of Google Code Search in January 2012, Open Source 
(FLOSS) software developers lost a valuable coding tool. Michael Stapelberg 
developed <a href="http://codesearch.debian.net/";>Debian Code Search</a> and
launched it in November 2012. Debian Code Search provides Debian 
and FLOSS developers a source-code search engine to over 129 GiB of FLOSS software 
currently available in Debian, searchable by using regular expressions.
Recently a new version of Debian Code Search has been launched.
Michael Stapelberg
<a href="https://people.debian.org/~stapelberg//2014/12/23/code-search-taming-the-latency-tail.html";>highlights
several improvements</a>,
including grouping search results by 
Debian source packages. Search results are almost immediate (top 10 results)
available while your query continues, as indicated with a new progress bar.
Packages that are uploaded to Debian are searchable in Debian Code Search 
within a couple of minutes or within the hour, instead of up to a week. Users 
will find that the new Debian Code Search site has a modern user interface 
providing for cleaner search results achieved through CSS animations.

<toc-add-entry name="UEFI">UEFI Support in Jessie</toc-add-entry>
Steve McIntyre
<a href="http://blog.einval.com/2014/11/20#Jessie-EFI";>updated his blog</a>
explaining progress toward improved UEFI support for Debian Jessie. 
Steve in collaboration with Grub developers, continues to work hard squashing 
bugs. He readily recognizes much more work is needed, especially with i386 
UEFI and 32-bit Intel Macs. Steve is reaching out for those that can test 
32-bit UEFI, as he and other developers work hard in preparation for Jessie's 

<toc-add-entry name="grtc">Technical Committee Term Limits</toc-add-entry>
A General Resolution has been submitted toward a Debian Members vote,
regarding <a href="$(HOME)/vote/2014/vote_004">the term of Technical Committee Members</a>.
<a href="https://lists.debian.org/debian-devel-announce/2014/12/msg00010.html";>Voting</a>
remains open until January 8, 23:59 UTC.</p>
This is a vote to change the <a href="$(HOME)/devel/constitution">Debian Constitution.</a>
The two proposals are similar, both creating term limits for technical committee members. The 
proposals differ how they handle two or more committee members leaving within 
the same year. Proposal one offers to leave term limits unchanged (3.5 years), while proposal two 
suggests the possibility of maintaining senior committee members by exceeding term limits. 
<a href="https://$(HOME)/vote/howto_follow">Standard Resolution Procedure</a> will govern the voting process.

<toc-add-entry name="4th_LTS">Debian Long Term Support and Freexian's 4th report</toc-add-entry>
Freexian's <a href="http://raphaelhertzog.com/2014/12/11/freexians-fourth-report-about-debian-long-term-support/";>fourth report on Debian Long Term Support</a> was released.
For the month of November 2014, 42.5 work hours were allotted towards the LTS 
The monthly allotment of 45.7 hours has not increased and at this time talks 
are underway to attract more sponsors and outreach to some companies who have 
announced their willingness to contribute. The overall goal of the funding is to 
be able to fund the equivalent of a <a href="http://www.freexian.com/services/debian-lts.html";>half time position</a>. If your company is able to
contribute, please contribute towards this effort.
Freexian had previously mentioned the possibility of recruiting more paid 
contributors to the pool to better share the workload, and to that end, extended 
offers to both Ben Hutchings and to Mike Gabriel who both accepted.
Thorsten Alteholz worked 14.25 hours of paid LTS work and focused on new 
versions of curl, imagemagick, and wget among other packages. He also <a href="http://blog.alteholz.eu/2014/11/my-debian-activities-in-november-2014/";>wonders</a> 
why LTS users seem to be scant when needed to test releases before they move
to the archive, but seem numerous when complaints arise about an upload.
Raphael Hertzog did <a href="http://raphaelhertzog.com/2014/12/02/my-free-software-activities-in-november-2014/";>18 hours of paid LTS support</a> involving CVE triage with 19 
commits to the security tracker, and updates to dbus, libgcrypt11, and openjdk-6 security. 

A fair amount of time was alloted to updating the kernel to upstream,
with the integration of new and the removal of some old patches. The kernal patch
<i>openvz flavor</i> required quite a bit of tweaking and manual conflict resolution.
Raphael reached out to Ben Hutchings asking him to join the project as a paid 
LTS contributor to take care of the kernel for which Ben accepted. Prior to 
Bens involvement no kernel updates had been performed in Squeeze since July, 
this will change now as there is someone dedicated and able to handle it as a 
priority. Thank you Ben!
Holger Levsen's <a href="http://layer-acht.org/thinking/blog/20141201-lts-november-2014/";>LTS work for November</a> focused on security updates for ruby1.8, 
tomcat6, and tomcat-native. He also speaks of the newest contributor to the 
team effort and the identification of a problem in patch related to openvz.
Readers are reminded that LTS project needs support, testers, donations and 
help to continue this effort. Please see the <a href="https://lists.debian.org/debian-lts/";>LTS mailing list</a> for additional details.

Currently a <a href="https://lists.debian.org/debian-lts/2014/11/msg00038.html";>test of the upstream kernel</a> is needed.
The security situation in LTS improved with 27 packages awaiting a security 
update, with the list of open vulnerabilites in Squeeze showing 58 in total. 
The backlog is slowly being reduced and solutions are being sought towards
the SSLv3 POODLE issue.

<toc-add-entry name="C++">C++11 talk, notes, and use in Jessie</toc-add-entry>
Enrico Zini <a herf="http://www.enricozini.org/2014/cxx11-talk-examples/";>shared examples</a> from a talk he gave about C++ and new 
features introduced with C++11. He details working with wrapper interfaces, 
library exceptions, and cast operators which can be transparently passed to the
 underlying libraries. He also posted his <a herf="http://www.enricozini.org/2014/cxx11-talk-notes/";>talk notes</a> which include working 
with essential tools, tips, functions and many examples.
Enrico also notes that users will need at least g++ 4.8 or clang 3.3 to have 
full C++11 support. Both will be available in Jessie, Wheezy users can use the 
nightly clang packages repository. 

<toc-add-entry name="Buggy">Bug Reports for Jessie</toc-add-entry>
Niels Thykier recently blogged that as of Dec 08, Jessie had half the number 
of Release-critical bugs compared to Wheezy, he followed up with a link to the 
<a href="https://bugs.debian.org/release-critical/";>RC critical bug stats graph</a>, which also shows historical data. 
Richard Hartmann <a href="http://richardhartmann.de/blog/posts/2014/12/19-Debian_Release_Critical_Bug_report_for_Week_51/";>updates</a> the Release Critical Bug report for Week 51. There 
bugs interface shows <a href="http://udd.debian.org/bugs.cgi?release=any&merged=ign&rc=1&chints=1&cdeferred=1&crttags=1";>1,095</a> release critical bugs with 189 of them that directly 
affect Jessie. We will need to get that number to zero before the release. 
<a href="http://udd.debian.org/bugs.cgi?release=jessie_not_sid&merged=ign&fnewerval=7&rc=1&sortby=id&sorto=asc&chints=1&ctags=1&cdeferred=1&crttags=1&chints=1&cdeferred=1&crttags=1";>55</a> bugs in unstable have been fixed and need to migrate to Jessie. Users are 
encouraged to investigate and submit unblock requests those packages. This 
comes on the heels of Lucas Nussbaum <a href="http://www.lucas-nussbaum.net/blog/?p=854";>wondering</a> if we could release Jessie 
before the opening of FOSDEM 15.
Can we?

<toc-add-entry name="WDYD">DPN asks: Auditors, What do you do?</toc-add-entry>
	<a href="$(HOME)">Debian</a> is a large and global community of a lot of small actors, projects, and 
teams. This month as part of a special feature we'd like to share with you 
something about a project or a team that is working in Debian that you 
may not be aware of.

When reading the <a href="https://wiki.debian.org/Teams/Auditor";>Debian Auditor team's Wiki page</a>, which lists the
responsibilities and duties of the team one must wonder how such a busy
team seems to stay just under the radar.
We asked the auditing team for a bit of insight, Brian Gupta responds:
<q>Historically the auditor team was only responsible for accounting and 
asset tracking.</q>
<q>Currently the team's responsibilities are in the process of expanding to
also include helping the DPL track reimbursement requests, working 
with Trusted Organizations, and taking point in overall project fundraising.</q>
<q>Since Debian doesn't have a dedicated general fund raising team, we've
been helping coordinate fund-raising, most recently help <a href="https://lists.debian.org/debian-publicity/2014/10/msg00011.html";>fund Debian's
participation in the Outreach Program for Women</a>. This complements
the work of the DebConf fundraising team, which we share some team
members with.</q>
<q>We've also helped to facilitate <a href="https://wiki.debian.org/Teams/DPL/Reimbursement";>reimbursements</a> for various expenses
that the Debian Project Leader approves such as <a href="https://wiki.debian.org/Sprints";>Sprints</a>, <a href="https://wiki.debian.org/BSP";>Bug SquashingParties</a>
, and the miniconfs. We also help track Hardware expenses.</q>
<q>I personally have been working along with Paul Wise to streamline the
donations page, Paul has been invaluable in this effort and you can see
the efforts on <a href="$(HOME)/donations">the new Donations page</a>.</q>
<q>That said, I think that the name <q>auditor</q> team may be a misnomer, and
perhaps <q>finance</q> team would be better, with the understanding that it
is just a name, and all of Debian's assets aren't financial.</q>
<q>Another task that we've been working on, is working with <a href="http://www.spi-inc.org/";>Software in the Public Interest</a> (SPI) 
to enable them to accept Paypal donations. This 
should be done soon.</q>
<q>I suspect over time, that the auditor/finance team will work more and
more closely with our <a href="https://wiki.debian.org/Teams/DPL/TrustedOrganizationCriteria";>Trusted Organizations</a>. We already have two
auditor team members, Philip Hug on the Debian.ch board and Martin
Michlmayr on the SPI board, that are also Trusted Organization board 
<q>Our team can really use help. In particular, we can really use help 
improving the reimbursement workflow, as this is currently an overly
time consuming manual process and there doesn't seem to be many 
obvious Free Software tools to help streamline this process, nor do the
current team members have the time to tackle this.</q>
<q>In addition, we also need someone who has time and skills to help us 
implement and manage a CRM system to coordinate fundraising 
efforts for both Debian as a whole, as well as DebConf fundraising. 
(Likely CiviCRM, but that's not set in stone.)
We hope that you enjoyed reading about the Audit team, for more information 
about the team, or if you are interested and able to help assit the team, 
please contact them via <a href="mailto:auditor@debian.org";>Email</a>

<toc-add-entry name="other">Other news</toc-add-entry>

For the holidays season, Gregor Herrmann offered us a series of short blog posts
(starting <a href="http://info.comodo.priv.at/blog/gdac_2014_1.html";>here</a>),
one every day, to show the bright side of Debian and why it is fun for him to
Gregor Herrmann blogged on RC bugs he worked on in late <a href="http://info.comodo.priv.at/blog/rc_bugs_2014_47_48.html";>November</a> and <a href="http://info.comodo.priv.at/blog/rc_bugs_2014_49_50.html";>December</a>.

Raphael Hertzog <a href="http://raphaelhertzog.com/2014/12/02/my-free-software-activities-in-november-2014/";>mentions
in his report of activities for November</a>
that he drafted a 
<a href="http://dep.debian.net/deps/dep14/";>recommended layout for Git packaging repositories</a> which was submitted for discussion
<a href="https://lists.debian.org/debian-devel/2014/11/msg00444.html";>on the debian-devel mailing list</a>.

<a href="http://upsilon.cc/~zack/blog/posts/2014/11/Debsources_Participation_in_FOSS_Outreach_Program/";>Jingjie Jiang</a>,
Debian <a href="http://gnome.org/opw/";>OPW</a> <a href="https://identi.ca/debian/note/IYTLgqAKQAyqUCI5-O5wDg";>intern</a>,
started to <a href="http://sophiejjj.wordpress.com/2014/12/12/week1/";>blog</a> about her work on debsources.
She is looking forward to the 
working on the project and has already started on bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763921";>#763921</a> concerning 
renderings on the folder page.

Tomasz Buchert 
<a href="https://tomasz.buchert.pl/blog/2014/12/04/bsp-in-munich/";>reported</a>
on the <a href="https://wiki.debian.org/BSP/2014/11/de/Munich";>Munich 2014 Bug Squashing Party</a> which was 
sponsored and hosted by <a href="http://www.muenchen.de/rathaus/Stadtverwaltung/Direktorium/LiMux.html";>LiMux</> and gathered people from KDE, Kolab, and 
LibreOffice. Among many bugs squashed were <a href="https://bugs.debian.org/768673#12";>#768673 for ruby-httpclient</a>, 
<a href="https://bugs.debian.org/768695#24";>#768695 for statsmodels</a>, and <a href="https://bugs.debian.org/768690#17";>#768690 for latex-mk</a>. Tomasz also points out 
another benefit for him of attending a BSP which is not just collaboration or meeting 
and working with Debian Developers, but also signing GPG keys and getting more signatures on his GPG key.

<toc-add-entry name="newcontributors">New Debian Contributors</toc-add-entry>

3 applicants have been
<a href="https://nm.debian.org/public/nmlist#done";>accepted</a>
	as Debian Developers,
2 applicants have been
<a href="https://lists.debian.org/debian-project/2014/12/msg00024.html";>accepted</a>
	as Debian Maintainer, and
7 people have <a href="https://udd.debian.org/cgi-bin/new-maintainers.cgi";>started
        to maintain packages</a> since the previous issue of the Debian
	Project News. Please welcome
Chen Baozi,
Simon Kainz,
Simon Josefsson,
Joachim Wiedorn,
Sébastien Noel,
Jochen Sprickerhof,
Vincent Prat,
Matanya Moses,
Andrew Deason,
Joao Pedro Avelino Lara,
Cameron Norman,
Frank Brehm
	into our project!</p>

<toc-add-entry name="rcstats">Release-Critical bugs statistics for the upcoming release</toc-add-entry>

<rcstatslink release="Jessie"
	tobefixed="72" />

<toc-add-entry name="dsa">Important Debian Security Advisories</toc-add-entry>

	<p>Debian's Security Team recently released
	advisories for these packages (among others):
<a href="$(HOME)/security/2014/dsa-3084">openvpn</a>,
<a href="$(HOME)/security/2014/dsa-3085">wordpress</a>,
<a href="$(HOME)/security/2014/dsa-3086">tcpdump</a>,
<a href="$(HOME)/security/2014/dsa-3087">qemu</a>,
<a href="$(HOME)/security/2014/dsa-3088">qemu-kvm</a>,
<a href="$(HOME)/security/2014/dsa-3089">jasper</a>,
<a href="$(HOME)/security/2014/dsa-3090">iceweasel</a>,
<a href="$(HOME)/security/2014/dsa-3091">getmail4</a>,
<a href="$(HOME)/security/2014/dsa-3092">icedove</a>,
<a href="$(HOME)/security/2014/dsa-3093">linux</a>,
<a href="$(HOME)/security/2014/dsa-3094">bind9</a>,
<a href="$(HOME)/security/2014/dsa-3095">xorg-server</a>,
<a href="$(HOME)/security/2014/dsa-3096">pdns-recursor</a>,
<a href="$(HOME)/security/2014/dsa-3097">unbound</a>,
<a href="$(HOME)/security/2014/dsa-3098">graphviz</a>,
<a href="$(HOME)/security/2014/dsa-3099">dbus</a>,
<a href="$(HOME)/security/2014/dsa-3100">mediawiki</a>,
<a href="$(HOME)/security/2014/dsa-3101">c-icap</a>,
<a href="$(HOME)/security/2014/dsa-3102">libyaml</a>,
<a href="$(HOME)/security/2014/dsa-3103">libyaml-libyaml-perl</a>,
<a href="$(HOME)/security/2014/dsa-3104">bsd-mailx</a>,
<a href="$(HOME)/security/2014/dsa-3105">heirloom-mailx</a>,
<a href="$(HOME)/security/2014/dsa-3106">jasper</a>,
<a href="$(HOME)/security/2014/dsa-3107">subversion</a>,
<a href="$(HOME)/security/2014/dsa-3108">ntp</a>,
<a href="$(HOME)/security/2014/dsa-3109">firebird2.5</a>,
<a href="$(HOME)/security/2014/dsa-3110">mediawiki</a>,
<a href="$(HOME)/security/2014/dsa-3112">sox</a>.
	Please read them carefully and take the proper measures.</p>

        <p>Debian's Stable Release Team released an update announcement for the package:
<a href="https://lists.debian.org/debian-stable-announce/2014/12/msg00000.html";>spamassassin</a>.
        Please read it carefully and take the proper measures.</p>

	<p>The Debian team in charge of Squeeze Long Term Support released
security update announcements for these packages:

<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00000.html";>openvpn</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00001.html";>clamav</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00002.html";>flac</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00003.html";>mutt</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00004.html";>jasper</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00005.html";>tcpdump</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00006.html";>linux-2.6</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00007.html";>pdns-recursor</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00008.html";>graphviz</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00009.html";>getmail4</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00010.html";>unbound</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00011.html";>nfs-utils</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00012.html";>libyaml</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00013.html";>libyaml-libyaml-perl</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00014.html";>cpio</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00015.html";>bind9</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00016.html";>bsd-mailx</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00017.html";>heirloom-mailx</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00018.html";>ntp</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00019.html";>qt4-x11</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00020.html";>linux-2.6</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00021.html";>subversion</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00022.html";>xorg-server</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00023.html";>jasper</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00024.html";>eglibc</a>,
<a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00025.html";>firebird2.5</a>.
	Please read them carefully and take the proper measures.</p>

<p>Please note that these are a selection of the more important security
advisories of the last weeks. If you need to be kept up to date about
security advisories released by the Debian Security Team, please
subscribe to the <a href="https://lists.debian.org/debian-security-announce/";>security mailing
list</a> (and the separate <a href="https://lists.debian.org/debian-backports-announce/";>backports
list</a>, <a href="https://lists.debian.org/debian-stable-announce/";>stable updates
list</a>, and <a href="https://lists.debian.org/debian-lts-announce/";>long term
support security updates list</a>) for announcements.

<toc-add-entry name="nnwp">New and noteworthy packages</toc-add-entry>

124 packages were added to the unstable Debian archive
recently. <a href="https://packages.debian.org/unstable/main/newpkg";>Among
many others</a> are:</p>

<li><a href="https://packages.debian.org/unstable/main/apt-transport-s3";>apt-transport-s3 â?? APT transport for privately held AWS S3 repositories</a></li>
<li><a href="https://packages.debian.org/unstable/main/bats";>bats â?? bash automated testing system</a></li>
<li><a href="https://packages.debian.org/unstable/main/bdbvu";>bdbvu â?? simple GUI tool to browse Berkeley DB databases</a></li>
<li><a href="https://packages.debian.org/unstable/main/capstats";>capstats â?? command-line tool for collecting network interface statistics</a></li>
<li><a href="https://packages.debian.org/unstable/main/gitinspector";>gitinspector â?? statistical analysis tool for git repositories</a></li>
<li><a href="https://packages.debian.org/unstable/main/nfstrace";>nfstrace â?? NFS tracing/monitoring/capturing/analyzing tool</a></li>
<li><a href="https://packages.debian.org/unstable/main/prepair";>prepair â?? polygon repair tool</a></li>
<li><a href="https://packages.debian.org/unstable/main/s-el";>s-el â?? string manipulation library for Emacs</a></li>
<li><a href="https://packages.debian.org/unstable/main/willie";>willie â?? simple, lightweight, open source, easy-to-use IRC utility bot</a></li>
<li><a href="https://packages.debian.org/unstable/main/x265";>x265 â?? H.265/HEVC video stream encoder</a></li>
<li><a href="https://packages.debian.org/unstable/main/xul-ext-spdy-indicator";>xul-ext-spdy-indicator â?? extension to show an SPDY support indicator in the address bar</a></li>

<toc-add-entry name="wnpp">Work-needing packages</toc-add-entry>

## link= link to the mail report from wnpp@debian.org to debian-devel ML
## orphaned= number of packages orphaned according to $link
## rfa= number of packages up for adoption according to $link

<wnpp link="https://lists.debian.org/debian-devel/2014/12/msg00360.html";
	rfa="146" />

<toc-add-entry name="continuedpn">Want to continue reading DPN?</toc-add-entry>

<continue-dpn />

#use wml::debian::projectnews::footer editor="Cédric Boutillier, Jean-Pierre Giraud, Carl J Mannino, Donald Norwood, Justin B Rye, Paul Wise"
# Translators may also add a translator="foo, bar, baz" to the previous line

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: