[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian Project News - January 7th, 2013

The Debian Project                                http://www.debian.org/
Debian Project News                    debian-publicity@lists.debian.org
January 7th, 2013             http://www.debian.org/News/weekly/2013/01/

Welcome to this year's first issue of DPN, the newsletter for the Debian
community. Topics covered in this issue include:

  * wiki.debian.org security breach: global passwords reset
  * Bits from the DPL
  * Other news
  * New Debian Contributors
  * Release-Critical bugs statistics for the upcoming release
  * Important Debian Security Advisories
  * Work-needing packages
  * Want to continue reading DPN?

wiki.debian.org security breach: global passwords reset

Steve McIntyre, administrator of the Debian wiki, announced that due to
a security breach, all wiki.debian.org account passwords are being
reset [1]. In order to regain access to your wiki account, you'll need
to follow the password recovery process [2]. In the mail, Steve
explained that the Debian Security Team recently found a
vulnerability [3] in the moin package which had been succesfully
exploited for wiki.debian.org. The wiki has already been moved to
another server and an audit of the old server is ongoing.

    1: http://lists.debian.org/debian-devel-announce/2013/01/msg00000.html
    2: http://wiki.debian.org/FrontPage?action=recoverpass
    3: http://www.debian.org/security/2012/dsa-2593

Bits from the DPL

Stefano Zacchiroli sent his monthly report of DPL activities for
December 2012 [4]. Stefano reported about progress in the "DPL helpers"
experiment, as well as collaborations with external projects such as the
Open Source Initiative (OSI) and Free Software Foundation (FSF). In
addition, Stefano reported that the debian.eu domain is finally under
control of the Debian System Administrators.

    4: http://lists.debian.org/debian-devel-announce/2013/01/msg00001.html

Other news

The thirty-first issue of the miscellaneous news for developers [5] has
been released and covers the following topics:

  * amd64 most popular architecture according to popcon
  * Register your media types to the IANA
  * First release of dput-ng in "unstable"
  * Recent changes on the Debian QA front
  * Fancy graphs on lintian.debian.org

    5: http://lists.debian.org/debian-devel-announce/2012/12/msg00002.html

Andreas Tille announced that the statistics about selected Debian
teams [6] have been updated, and now include all of 2012.

    6: http://blends.debian.net/liststats/

New Debian Contributors

1 people have started to maintain packages [7] since the previous issue
of the Debian Project News. Please welcome David Smith into our project!

    7: http://udd.debian.org/cgi-bin/new-maintainers.cgi

Release-Critical bugs statistics for the upcoming release

According to the Bugs Search interface of the Ultimate Debian
Database [8], the upcoming release, Debian "Wheezy", is currently
affected by 171 Release-Critical bugs. Ignoring bugs which are easily
solved or on the way to being solved, roughly speaking, about 116
Release-Critical bugs remain to be solved for the release to happen.

    8: http://udd.debian.org/bugs.cgi

There are also more detailed statistics [9] as well as some hints on how
to interpret [10] these numbers.

    9: http://richardhartmann.de/blog/posts/2013/01/05-Debian_Release_Critical_Bug_report_for_Week_01/
   10: http://wiki.debian.org/ProjectNews/RC-Stats

Important Debian Security Advisories

Debian's Security Team recently released advisories for these packages
(among others): wireshark [11], mahara [12], elinks [13], moin [14],
virtualbox-ose [15], ghostscript [16], mediawiki-extensions [17],
rails [18], weechat [19], nss [20], cups [21], gnupg, and gnupg2 [22].
Please read them carefully and take the proper measures.

   11: http://www.debian.org/security/2012/dsa-2590
   12: http://www.debian.org/security/2012/dsa-2591
   13: http://www.debian.org/security/2012/dsa-2592
   14: http://www.debian.org/security/2012/dsa-2593
   15: http://www.debian.org/security/2012/dsa-2594
   16: http://www.debian.org/security/2012/dsa-2595
   17: http://www.debian.org/security/2012/dsa-2596
   18: http://www.debian.org/security/2013/dsa-2597
   19: http://www.debian.org/security/2013/dsa-2598
   20: http://www.debian.org/security/2013/dsa-2599
   21: http://www.debian.org/security/2013/dsa-2600
   22: http://www.debian.org/security/2013/dsa-2601

Please note that these are a selection of the more important security
advisories of the last weeks. If you need to be kept up to date about
security advisories released by the Debian Security Team, please
subscribe to the security mailing list [23] (and the separate backports
list [24], and stable updates list [25]) for announcements.

   23: http://lists.debian.org/debian-security-announce/
   24: http://lists.debian.org/debian-backports-announce/
   25: http://lists.debian.org/debian-stable-announce/

Work-needing packages

Currently [26] 519 packages are orphaned [27] and 141 packages are up
for adoption [28]: please visit the complete list of packages which need
your help [29].

   26: http://lists.debian.org/debian-devel/2013/01/msg00101.html
   27: http://www.debian.org/devel/wnpp/orphaned
   28: http://www.debian.org/devel/wnpp/rfa
   29: http://www.debian.org/devel/wnpp/help_requested

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [30] to find out how to help. We're
looking forward to receiving your mail at

   30: http://wiki.debian.org/ProjectNews/HowToContribute

This issue of Debian Project News was edited by Cédric Boutillier,
Francesca Ciceri and Justin B Rye.

Attachment: signature.asc
Description: Digital signature

Reply to: