[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian Project News - February 18, 2016

The Debian Project                               https://www.debian.org/
Debian Project News                    debian-publicity@lists.debian.org
February 18th, 2016          https://www.debian.org/News/weekly/2016/01/

Welcome to this year's first issue of DPN, the newsletter for the Debian
community. Topics covered in this issue include:

  * Welcome to the "New" Debian Project News!
  * Internal News/Happenings
  * Help needed
  * More than just code
  * Reports
  * Outside News
  * Want to continue reading DPN?

Welcome to the "New" Debian Project News!

We hope that you have enjoyed our newly revised format of the DPN. We
have shifted some of the content around, introduced new sections, and
moved some content onto the Bits from Debian [1] blog.

    1: https://bits.debian.org/

Bits from Debian will showcase new packages and interviews, plus some
announcements, and is where we will welcome new DDs.

We are planning to send more short news items via our social network
account. Please be sure to follow us on identi.ca/debian [2] (or fall
back to the non-official mirrors in other social networks).

    2: https://identi.ca/debian

One of the major changes is the removal of the DSA security advisories
from the newsletter. Debian's Security Team releases current advisories
on a daily basis (Security Advisories 2016 [3]), so please read them
carefully and take the proper measures.

    3: https://www.debian.org/security/2016/

If you need to be kept up to date about security advisories released by
the Debian Security Team, please subscribe to the security mailing
list [4] (and the separate backports list [5], stable updates list [6],
and long term support security updates list [7]) for announcements.

    4: https://lists.debian.org/debian-security-announce/
    5: https://lists.debian.org/debian-backports-announce/
    6: https://lists.debian.org/debian-stable-announce/
    7: https://lists.debian.org/debian-lts-announce/

We are simplifying and (we hope) improving the "help needed" section.
From now on, you will find:

  * links to packages needing help,
  * links to bug reports tagged "newcomer",
  * calls for help from teams in coordination with the Welcome Team,
tailored for first-time contributors.

Internal News/Happenings

Updated Debian 8: 8.3 released

The third update of Debian 8 'jessie' was released [8] last month,
addressing security concerns in the stable release along with updates.

    8: https://www.debian.org/News/2016/20160123

Debtags cleaned up

Enrico Zini announced [9] a cleanup to debtags.debian.org. Changes were
made to anonymous submissions, the recognition of tags as official
contributions, and mailing lists.

    9: http://www.enricozini.org/2016/debian/debtags-cleanup/

Remembering Ian

As we are all aware Debian mourned the loss of its founder Ian Murdock.
For the month of January most Debian services and outward-facing visual
elements kept with a darkened theme and ribbon in remembrance. Slowly
into this month we are changing the websites and services back to their
original themes and colours.

The Debian Publicity Team is preparing a website that will gather many
of the blogposts, messages, and contributions made by community members
and the wider free software mourning Ian, as well as the tribute video
shown on 30 January 2016 in the session "Ian Murdock, in memoriam" [10]
at FOSDEM (the Free, Open Source Developers European Meeting). It will
be announced soon in bits.debian.org [11], the Debian blog.

   10: https://fosdem.org/2016/schedule/event/ian_murdock/
   11: https://bits.debian.org

We thank you all for grieving with us and for all these contributions,
and we hope these gestures have been able to speak to the community.

New Debian Pure Blends section in the website

Iain R. Learmonth together with the different Blend Teams is updating
and reorganising the information about Debian Pure Blends in our
website. Thanks! We all hope you like this new section about Pure
Blends [12], which is also listed in the homepage menu of

   12: https://www.debian.org/blends/

Tails installer is now in Debian

The Tails Installer is now in Debian, thanks to the Debian Privacy Tools
Maintainers Team.

The Amnesic Incognito Live System (Tails) is a live OS based on Debian
GNU/Linux which aims at preserving the user's privacy and anonymity.

The previous process for getting started with Tails was very complex,
but now it can now be done simply by installing Tails Installer in your
existing Debian system, using sid, stretch or jessie-backports, and
plugging in a USB stick.

Read more about this news in this article in the Debian blog [13].

   13: https://bits.debian.org/2016/02/tails-installer-in-debian.html

DSA and service maintainers encrypting all the things

Let's Encrypt, the free, automated, and open Certificate Authority went
Public Beta in December 2015, and packages containing several utilities
to create and install these certificates have already entered Debian
unstable and testing.

Let's Encrypt is now enabling the Debian System Administrators (DSA)
team to expand its deployment of encryption for debian.org services,
which started a few years ago with friendly help from Gandi.

Thanks to the DSA, we can now communicate with these Debian services
using secure channels: debtags.debian.org, metadata.ftp-
master.debian.org, several syncproxies, planet-search.debian.org,
cgi.debian.org, www-master.debian.org, search.debian.org,
i18n.debian.org, and l10n.debian.org.

Thanks to their maintainers, these other Debian services are also
secured: codesearch.debian.net, sources.debian.net, lava.debian.net,
jenkins.debian.net, timeline.debian.net, dedup.debian.net,
news.debian.net (static copy), debaday.debian.net (static copy), plus
several debconf.org sites.

And the work of deploying certificates is still ongoing!


Neil McGovern writes "On ZFS in Debian [14]", sharing his insight on the
process and discussion around compatible licensing in Debian.

   14: http://blog.halon.org.uk/2016/01/on-zfs-in-debian/

Upcoming Events

  * miniDebConf: Curitiba The Brazilian community of users and Debian
developers invites everyone to participate in the Mini-DebConf Curitiba
2016 [15] that will be held on March 5–6 at Aldeia Coworking in Curitiba
- Parana. The Mini-DebConf is open to all comers, regardless of their
level of knowledge about or in Debian. Most importantly we want to
gather the community to celebrate the biggest Free Software project in
the world, so we want to welcome users of all levels from inexperienced
to official Debian Developers. The program will consist of basic and
intermediate level lectures for those participants who will have their
first contact with Debian or want to know more about certain subjects,
and intermediate and advanced level workshops for Debian users who want
to get their hands dirty during the meeting. The subscription to the
Mini-DebConf 2016 Curitiba is completely free of charge and can be made
using the form available on the meeting website. Prior registration is
important for us to plan it according to the number of participants.
  * miniDebConf: Singapore At FOSSASIA [16], Debian Singapore users will
make use of generously offered space to hold a miniDebConf [17] March
18–20 2016 at the Singapore Science Centre. Multiple events are already
planned including a Debian & Friends Meetup where new users and those
interested in Debian can gather, several talks and workshops, a bug
squashing party, and other events. With enough participation and
attendees Debian may occupy a larger space and may be able to hold a
Sprint. This event is still in the planning phases [18] and open to
volunteers and suggestions. There is a community ticket of SGD35 which
includes lunches and a T-shirt.

   16: http://2016.fossasia.org/
   17: https://wiki.debian.org/FOSSASIA/MiniDebConf2016

You can find more information about how to sponsor Debian-related events
and talks on the events section [19] of the Debian website.

   19: https://www.debian.org/events

Once upon a time in Debian:

  * 1997-02-01 Board of Directors elected [20]
  * 1999-01-04 Joey Hess releases first issue of Debian Weekly News
  * 2000-02-07 Debian wins "Most Deserving of $2000" award [21]
  * 2000-02-12 Debian-kids (now "Debian Junior") announced
  * 2002-01-21 Debian-Med announced
  * 2004-01-03 planet.debian.org created
  * 2004-01-07 Debian Perl group founded
  * 2011-01-24 Derivatives Census announced [22]

   20: https://www.debian.org/News/1997/19970301
   21: http://slashdot.org/story/00/02/06/1950248/beanie-award-wrapup
   22: https://www.debian.org/News/2011/20110124


Help needed

Packages needing help:

Currently [23] 710 packages are orphaned [24] and 190 packages are up
for adoption [25]: please visit the complete list of packages which need
your help [26].

   23: https://lists.debian.org/debian-devel/2016/02/msg00245.html
   24: https://www.debian.org/devel/wnpp/orphaned
   25: https://www.debian.org/devel/wnpp/rfa
   26: https://www.debian.org/devel/wnpp/help_requested

Newcomer bugs

More than just code


While the world focused on the finding of gravitational waves, a savvy
Daniel Pocock noticed something else when he asked, "does Debian help
detect gravitational waves? [27]" Discussion brings to light some of the
efforts of several Debian teams focused on making Debian (and its
Blends) a better tool for researchers and scientific endeavours.

   27: https://lists.debian.org/debian-project/2016/02/msg00021.html

David Niklas asked a simple yet very serious question in debian-user
that we can all understand and possibly comment on when he asked, "is
this keyboard worth $220? [28]"

   28: https://lists.debian.org/debian-user/2016/02/msg00274.html

Tips and Tricks

Matthieu Caneill wrote a quick and easy one-liner to open the source
code [29] of any file on your Debian system; this marvel of code was
further modified by Orestis Loannou who tweaked it to use the debsources
API to determine a license [30].

   29: http://matthieu.io/blog/2015/08/16/one-liner-to-catch-em-all/
   30: http://oioannou.com/2016/blog/one-liner/

For the security minded, Petter Reinholdtsen shares a means of enabling
Tor to download Debian packages [31].



Norbert Preining writes [32] about 10 years of TeX Live in Debian with
reflections on the history of TeX, versions, and milestones of the
process. As development continues he gives the current state and plans
for the future.

   32: http://www.preining.info/blog/2016/01/10-years-tex-live-in-debian/

LTS status/updates

Squeeze-LTS [33] (Long Term Support) for Debian 6.0 'squeeze' will end
in February of 2016 (this month). LTS [34] is handled by a growing
community of volunteers, organisations, and sponsors who work toward
keeping a stable operating system in place with support, security, and
packages for an extended duration past new releases. LTS for squeeze ran
for 2 years. Look for an announcement soon from the LTS team reporting
on the end of support and the move to support Debian 7.0 'wheezy'.

   33: https://www.debian.org/News/2014/20140424
   34: https://wiki.debian.org/LTS

Freexian reported on its sponsored Debian Long Term Support. December of
2015 detailed 113.5 work hours distributed to 9 paid contributors, the
loss and reduction of 2 sponsors and the addition of 1 new sponsor.
Freexian is starting to look to the future as LTS begins support for
wheezy LTS which will include packages that were excluded from squeeze
LTS. Debian LTS is a critical area that really needs help, support, and
contributions; if you can assist or know of a company that is willing to
become a sponsor please reach out to the team.

  * Antoine Beaupré [35] worked on future support for Redmine [36] and a
patch proposal to ignore CVEs that affect unsupported software in the
future. Ben Hutchings [37] worked on a linux- 2.6 security update [38],
backported several security fixes for Linux-2.6.32-longterm, sudo, and
claws-mail. Chris Lamb [39] worked on libphp-phpmailer,
foomatic-filters, and a cacti SQL injection vulnerability as well as a
new upstream release for python-djano [40]. Guido Günther [41] worked on
the triaging of 16 CVEs and a fix for giflib. On his own unpaid time he
introduced some usertags for tracking non DLA items. Raphaël
Hertzog [42] uploaded MySQL 5.5 compatibility fixes for phpmyadmin and
postfix-policyd, updated the git repository for debian-security, worked
on dhcpd and arts CVEs, and worked the LTS frontdesk. Santiago Ruano
Rincón [43] worked on gnutls26, grub2, and MySQL- 5.5 [44] as well as
frontdesk duties. Scott Kitterman [45] worked on Quassel but was instead
educated on Quassel in attempting to resolve upstream code issues in
squeeze and wheezy. Thorsten Alteholz [46] did frontdesk duties and
worked on security updates for bind9, libxml2, and libpng. Reproducible
Build status/update Reproducible Builds weekly reports [47] on package
and toolchain fixes in the Stretch cycle. Week 35 [48] reports 30
packages were moved to reproducible state. 666 package reviews were
removed, 189 added, and 162 packages updated. 151 new packages have been
identified as failing to build from source.
  * Week 36 [49] reports 27 packages were moved to reproducible state.
131 package reviews were removed, 71 added, and 53 packages updated. 58
new packages have been identified as failing to build from source.
  * Week 37 [50] reports 40 packages were moved to reproducible state.
134 package reveiws were removed, 30 added, and 37 packages updated. 20
new packages have been identified as failing to build from source.
  * Week 38 [51] reports 30 packages were moved to reproducible state.
131 package reviews were removed, 85 added, and 32 packages updated. 29
new packages have been identified as failing to build from source.
  * Week 39 [52] reports 12 packages were moved to reproducible state.
70 package reveiws were removed, 125 added, and 33 packages updated. 25
new packages have been identified as failing to build from source.
  * Week 40 [53] reports 76 packages were moved to reproducible state.
54 package reveiws were removed, 36 added, and 17 packages updated. 30
new packages have been identified as failing to build from source.
  * Week 41 [54] reports 21 packages were moved to reproducible state.
223 package reviews were removed, 111 added, and 86 packages updated. 36
new packages have been identified as failing to build from source.
  * Week 42 [55] reports 45 packages were moved to reproducible state.
222 package reviews were removed, 110 added, and 50 packages updated. 35
new packages have been identified as failing to build from source.

   36: https://tracker.debian.org/redmine
   38: https://lists.debian.org/debian-lts-announce/2015/12/msg00002.html
   40: https://tracker.qa.debian.org/python-django
   41: http://honk.sigxcpu.org/con/Debian_Fun_in_December_2015.html
   43: https://lists.debian.org/debian-lts/2016/01/msg00004.html
   44: https://lists.debian.org/debian-lts-announce/2015/12/msg00011.html
   47: https://people.debian.org/~lunar/blog/posts/

Outside News

Iain R. Learmonth shares [56] a great write up and summary of his time
at FOSDEM 2016, Jose M. Calhariz shares [57] a list of links to some of
the Talks offered that he attended and found interesting, and Steinar H.
Gunderson relates [58] his time at FOSDEM 2016, his talk about
Nageru [59], and a shout-out to the networking team.

   56: http://iain.learmonth.me/after-fosdem-2016/
   59: https://nageru.sesse.net/

The Debian derivative HandyLinux [60] published its 2.3 " "Ian" [61]
release, so named in honour of Debian founder Ian Murdock.

   60: https://handylinux.org/

Kali Linux [62], a penetration and testing Linux distribution
announced [63] its first rolling release. "After 5 months of testing our
rolling distribution (and its supporting infrastructure), we're
confident in its reliability – giving our users the best of all worlds –
the stability of Debian, together with the latest versions of the many
outstanding penetration testing tools created and shared by the
information security community."

   62: https://www.kali.org/
   63: https://www.kali.org/releases/kali-linux-rolling-edition-2016-1/

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [64] to find out how to help. We're
looking forward to receiving your mail at

   64: https://wiki.debian.org/ProjectNews/HowToContribute

This issue of Debian Project News was edited by The Publicity Team.

Attachment: signature.asc
Description: OpenPGP digital signature

Reply to: