[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian Project News - March 17th, 2014

The Debian Project                                http://www.debian.org/
Debian Project News                    debian-publicity@lists.debian.org
March 17th, 2013              http://www.debian.org/News/weekly/2014/05/

Welcome to this year's fifth issue of DPN, the newsletter for the Debian
community. Topics covered in this issue include:

  * The Supercomputing and Visualization Center of Madrid provides a Debian VPS service
  * DebConf, past and future
  * Upcoming votes in the Debian Project: DPL elections and a code of conduct
  * Bits from the DPL
  * Bits from the Security Team
  * Other news
  * Upcoming events
  * New Debian Contributors
  * Important Debian Security Advisories
  * New and noteworthy packages
  * Work-needing packages
  * Want to continue reading DPN?

The Supercomputing and Visualization Center of Madrid provides a Debian VPS service

The Supercomputing and Visualization Center of Madrid [1] (CeSViMa),
which is part of the Technical University of Madrid [2] and houses
Magerit [3], one of the most powerful supercomputers in Spain, has
chosen Debian as host and guest operating system for its new service of
Virtual Private Servers (VPS) [4], for the research community and

    1: http://www.cesvima.upm.es
    2: http://www.upm.es/internacional
    3: http://en.wikipedia.org/wiki/Magerit
    4: http://www.cesvima.upm.es/services/virtualization

DebConf, past and future

While the local DebConf team is well into the preparation of
DebConf14 [5] which will take place in Portland, Oregon, USA during 23–
31 August 2014, the DebConf committee decided during their last meeting
that DebConf15, the 16th annual Debian Conference, will be hosted in
Germany [6]. Details about location and date will be announced in the
coming months. A dedicated mailing list [7] has been created for the
organisation and those interested are welcome to subscribe and join the

Furthermore, the 32-page final report for DebConf13 [8] in
Vaumarcus, Switzerland, is now available [9]. It provides interesting
facts about the organisation of the event and the experiences of

    5: http://debconf14.debconf.org/
    6: http://blog.debconf.org/blog/debconf15/rh_dc15-in-germany-dc13-final-report-20140309.dc
    7: http://lists.debian.org/debconf15-team/
    8: http://debconf13.debconf.org/
    9: http://media.debconf.org/dc13/report/DebConf13-final-report.en.pdf

Upcoming votes in the Debian Project: DPL elections and a code of conduct

Kurt Roeckx, Debian project secretary [10], opened [11] the project
leader elections. This year, two candidates have nominated themselves:
Lucas Nussbaum [12], current DPL, and Neil McGovern [13]. During the
campaign candidates will answer questions on the debian-vote mailing
list [14] until March 30, after which Debian Members will have two weeks
to send their votes.

Kurt also announced [15] that a general resolution has been started
about a code of conduct, initiated by Wouter Verhelst. The debate about
the text proposed can be followed on the debian-vote mailing list [16].
More information is available on the web page of this vote [17].

The Debian project uses the Condorcet method for its elections [18].

   10: http://www.debian.org/devel/secretary
   11: http://lists.debian.org/debian-devel-announce/2014/03/msg00000.html
   12: http://www.debian.org/vote/2014/platforms/lucas
   13: http://www.debian.org/vote/2014/platforms/neilm
   14: http://lists.debian.org/debian-vote
   15: http://lists.debian.org/debian-devel-announce/2014/03/msg00006.html
   16: http://lists.debian.org/debian-vote
   17: http://www.debian.org/vote/2014/vote_002
   18: http://www.debian.org/vote

Bits from the DPL

Lucas Nussbaum sent his monthly report of DPL activities for the end of
January and February 2014 [19]. Lucas mentioned the ongoing work by
Stefano Zacchiroli, the Software Freedom Conservancy [20] and SPI [21]
to offer Debian contributors the possibility to transfer the copyright
of their contributions to a "trusted" organisation. Lucas also forwarded
to Debian France [22], Debian.ch [23] and FFIS [24] the list of
evaluation criteria [25] to become a trusted organisation, authorised to
accept and hold assets for Debian.

In another message [26], Lucas appointed Nicolas Dandrimont and
Sylvestre Ledru as admins for Debian participation in the Google Summer
of Code 2014.

   19: http://lists.debian.org/debian-devel-announce/2014/03/msg00001.html
   20: http://sfconservancy.org/
   21: http://www.spi-inc.org/
   22: http://france.debian.net/
   23: http://debian.ch/
   24: http://www.ffis.de/
   25: http://wiki.debian.org/Teams/DPL/TrustedOrganizationCriteria
   26: http://lists.debian.org/debian-devel-announce/2014/03/msg00002.html

Bits from the Security Team

Moritz Muehlenhoff sent some bits from the Security Team [27]. The
Security Team met on the first weekend of February at the Linux Hotel in
Essen. They discussed several improvements for the Debian security
tracker and the security release workflow, as well as changes in the
security archive, such as the possibility to allow maintainers not part
of the Security Team to release security updates on their own through a
mechanism similar to the procedure to grant upload privileges to Debian
Maintainers. Distribution hardening was also mentioned: currently, more
than 95% of security-sensitive packages and packages with priority
standard or above are hardened using dpkg-buildflags.

Last but not least, the Security Team considers that at the moment it
seems likely that an extended security support timespan for Squeeze is
possible. The plan is to go ahead, and provide updates for a "long term
support" for Squeeze in a separate suite where everyone in the Debian
keyring can upload in order to minimise bottlenecks and allow
contributions by all interested parties. The team needs help to make
this effort sustainable. Anyone interested in helping with an extended
security support is invited to contact the Security Team [28].

   27: http://lists.debian.org/debian-devel-announce/2014/03/msg00004.html
   28: team@security.debian.org

Other news

Stefano Zacchiroli blogged [29] about the how-can-i-help package [30]
and how useful it can be for Debian contributors searching for
opportunities to help the project.

   29: http://upsilon.cc/~zack/blog/posts/2014/02/apt-get_install_how-can-i-help/
   30: http://packages.debian.org/unstable/how-can-i-help

Bill Allombert and Stéphane Blondon have improved the website
popcon.debian.org [31], presenting the gathered results of Debian's
popularity contest [32]. In particular it now uses a style matching the
main Debian website [33].

   31: http://popcon.debian.org
   32: http://packages.debian.org/unstable/popularity-contest
   33: http://www.debian.org/

Enrico Zini announced [34] that the Debian Single SignOn [35] service
can now use not only the credentials of official Debian Members, but
also those from Alioth [36], the Debian sourceforge. At the moment,
contributors with an Alioth account are able to log in to
contributors.debian.org [37] with their Alioth password, and have access
to detailed information about their contributions. This will be extended
to other Debian web services in the future.

   34: http://lists.debian.org/debian-devel-announce/2014/03/msg00008.html
   35: http://sso.debian.org
   36: http://alioth.debian.org/
   37: http://contributors.debian.org

Gunnar Wolf announced [38] that the Debian keyring maintainers no longer
consider 1024 bit long DSA cryptographic keys to be trustable. They are
asking Debian Members and Maintainers still using this kind of key to
move to a stronger key (4096 bit RSA keys are recommended) as soon as

   38: http://lists.debian.org/debian-devel-announce/2014/03/msg00003.html

Upcoming events

There are several upcoming Debian-related events:

  * 22 March, Augsburg, Germany — 13th Augsburger Linux-Infotag [39]
  * 25-27 April, Salzburg, Austria — Debian Bug Squashing Party [40] in
    the offices of conova communications GmbH [41]

   39: http://www.luga.de/Aktionen/LIT-2014
   40: http://wiki.debian.org/BSP/2014/04/at/Salzburg
   41: http://www.conova.com/de/kontakt/anfahrtsplan-salzburg/

You can find more information about Debian-related events and talks on
the events section [42] of the Debian web site, or subscribe to one of
our events mailing lists for different regions: Europe [43],
Netherlands [44], Hispanic America [45], North America [46].

   42: http://www.debian.org/events
   43: http://lists.debian.org/debian-events-eu
   44: http://lists.debian.org/debian-events-nl
   45: http://lists.debian.org/debian-events-ha
   46: http://lists.debian.org/debian-events-na

Do you want to organise a Debian booth or a Debian install party? Are
you aware of other upcoming Debian-related events? Have you delivered a
Debian talk that you want to link on our talks page [47]? Send an email
to the Debian Events Team [48].

   47: http://www.debian.org/events/talks
   48: events@debian.org

New Debian Contributors

1 applicant has been accepted [49] as Debian Developer, 7 applicants
have been accepted [50] as Debian Maintainers, and 1 person has started
to maintain packages [51] since the previous issue of the Debian Project
News. Please welcome IOhannes m zmölnig, Giulio Paci, Tobias Hamp, Klee
Dienes, Victor Seva, Oleg Moskalenko, Philip Rinn, Simon Kainz, and
Joseph Herlant into our project!

   49: https://nm.debian.org/public/nmlist#done
   50: http://lists.debian.org/debian-project/2014/03/msg00089.html
   51: http://udd.debian.org/cgi-bin/new-maintainers.cgi

Important Debian Security Advisories

Debian's Security Team recently released advisories for these packages
(among others): php5 [52], gnutls26 [53], libyaml-libyaml-perl [54],
wireshark [55], udisks [56], file [57], mutt [58], cups-filters [59],
cups [60], lighttpd [61], virtualbox [62], and libssh [63]. Please read
them carefully and take the proper measures.

   52: http://www.debian.org/security/2013/dsa-2868
   53: http://www.debian.org/security/2013/dsa-2869
   54: http://www.debian.org/security/2013/dsa-2870
   55: http://www.debian.org/security/2013/dsa-2871
   56: http://www.debian.org/security/2013/dsa-2872
   57: http://www.debian.org/security/2013/dsa-2873
   58: http://www.debian.org/security/2013/dsa-2874
   59: http://www.debian.org/security/2013/dsa-2875
   60: http://www.debian.org/security/2013/dsa-2876
   61: http://www.debian.org/security/2013/dsa-2877
   62: http://www.debian.org/security/2013/dsa-2878
   63: http://www.debian.org/security/2013/dsa-2879

Debian's Backports Team released an advisory for the package
gnutls28 [64]. Please read them carefully and take the proper measures.

   64: http://lists.debian.org/debian-backports-announce/2014/03/msg00000.html

Debian's Stable Release Team released update announcements for these
packages: debian-edu-archive-keyring [65] and clamav (for Squeeze [66]
and Wheezy [67]). Please read it carefully and take the proper measures.

   65: http://lists.debian.org/debian-stable-announce/2014/03/msg00000.html
   66: http://lists.debian.org/debian-stable-announce/2014/03/msg00001.html
   67: http://lists.debian.org/debian-stable-announce/2014/03/msg00002.html

Please note that these are a selection of the more important security
advisories of the last weeks. If you need to be kept up to date about
security advisories released by the Debian Security Team, please
subscribe to the security mailing list [68] (and the separate backports
list [69], and stable updates list [70]) for announcements.

   68: http://lists.debian.org/debian-security-announce/
   69: http://lists.debian.org/debian-backports-announce/
   70: http://lists.debian.org/debian-stable-announce/

New and noteworthy packages

242 packages were added to the unstable Debian archive recently. Among
many others [71] are:

  * cbp2make — Makefile generation tool for the Code::Blocks IDE [72]
  * charon-cmd — standalone IPsec client [73]
  * dovecot-lucene — secure POP3/IMAP server - Lucene support [74]
  * duck — tool to check URLs in debian/control and debian/upstream files [75]
  * gap-openmath — OpenMath phrasebook for GAP [76]
  * libuhttpmock-0.0-0 — HTTP web service mocking [77]
  * loganalyzer — web interface to syslog and event data [78]
  * marco — lightweight GTK+ window manager for MATE [79]
  * openssh-known-hosts — download, filter and merge known_hosts for OpenSSH [80]
  * qjoypad — program for mapping gamepad/joystick events to mouse/keyboard event [81]
  * runawk — wrapper for AWK interpreter implementing modules [82]
  * salt-cloud — public cloud VM management system [83]
  * svtplay-dl — program to download videos from video on demand sites [84]
  * xul-ext-torbirdy — tool to configure and enhance various Mozilla birds for anonymity use [85]

   71: http://packages.debian.org/unstable/main/newpkg
   72: http://packages.debian.org/unstable/main/cbp2make
   73: http://packages.debian.org/unstable/main/charon-cmd
   74: http://packages.debian.org/unstable/main/dovecot-lucene
   75: http://packages.debian.org/unstable/main/duck
   76: http://packages.debian.org/unstable/main/gap-openmath
   77: http://packages.debian.org/unstable/main/libuhttpmock-0.0-0
   78: http://packages.debian.org/unstable/main/loganalyzer
   79: http://packages.debian.org/unstable/main/marco
   80: http://packages.debian.org/unstable/main/openssh-known-hosts
   81: http://packages.debian.org/unstable/main/qjoypad
   82: http://packages.debian.org/unstable/main/runawk
   83: http://packages.debian.org/unstable/main/salt-cloud
   84: http://packages.debian.org/unstable/main/svtplay-dl
   85: http://packages.debian.org/unstable/main/xul-ext-torbirdy

Work-needing packages

Currently [86] 564 packages are orphaned [87] and 140 packages are up
for adoption [88]: please visit the complete list of packages which need
your help [89].

   86: http://lists.debian.org/debian-devel/2014/03/msg00288.html
   87: http://www.debian.org/devel/wnpp/orphaned
   88: http://www.debian.org/devel/wnpp/rfa
   89: http://www.debian.org/devel/wnpp/help_requested

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [90] to find out how to help. We're
looking forward to receiving your mail at

   90: http://wiki.debian.org/ProjectNews/HowToContribute

This issue of Debian Project News was edited by Laura Arjona, Carl J
Mannino, Cédric Boutillier and Justin B Rye.

Attachment: signature.asc
Description: Digital signature

Reply to: