[ Please reply on -publicity list ] Hi all, We just finished the last bits of the new issue of DPN to be released on Monday, December 29, around 19:45 UTC. We would very much appreciate reviews and translations. Instructions are available on the wiki: http://wiki.debian.org/ProjectNews The last updated version is available on the publicity Subversion repository, even via HTTP: http://anonscm.debian.org/viewvc/publicity/dpn/en/2014/17/index.wml?view=markup If you're willing to contribute to the redaction of the next issue, don't hesitate, and join #debian-publicity IRC channel or send a message to debian-publicity@lists.debian.org. Best regards, Donald Norwood
#use wml::debian::projectnews::header PUBDATE="2014-12-29" SUMMARY="Online Source Editing, Debian Code Search, UEFI Support in Jessie, Technical Committee Term Limits, Debian Long Term Support and Freexian's 4th report, C++11 talk, notes, and use in Jessie, Bug Reports for Jessie, DPN asks: Auditors, What do you do?, Other news" # $Id: index.wml-template 5933 2014-11-20 04:21:15Z dnorwood-guest $ # $Rev: 5933 $ # Status: [content-frozen] ## substitute XXX with the number (expressed in letter) of the issue. ## please note that the var issue is not automagically localized, so ## translators need to put it directly in their language! ## example: <intro issue="fourth" /> <intro issue="seventeenth" /> <toc-display/> <toc-add-entry name="DC_Editing">Online Source Editing</toc-add-entry> <p> Inspired by GitHub's online code editing and Stefano Zacchiroli's presentation at Debconf14, Raphael Geissert <a href="http://rgeissert.blogspot.com/2014/12/editing-debian-online-with.html">announces an integrated online editor</a> for <a href="http://sources.debian.net/">debsources</a>. The Chromium extension allows users to edit debsources without having to download source packages and without leaving your browser. </p> <toc-add-entry name="DCS">Debian Code Search</toc-add-entry> <p> Since the shutdown of Google Code Search in January 2012, Open Source (FLOSS) software developers lost a valuable coding tool. Michael Stapelberg developed <a href="http://codesearch.debian.net/">Debian Code Search</a> and launched it in November 2012. Debian Code Search provides Debian and FLOSS developers a source-code search engine to over 129 GiB of FLOSS software currently available in Debian, searchable by using regular expressions. <p> Recently a new version of Debian Code Search has been launched. Michael Stapelberg <a href="https://people.debian.org/~stapelberg//2014/12/23/code-search-taming-the-latency-tail.html">highlights several improvements</a>, including grouping search results by Debian source packages. Search results are almost immediate (top 10 results) available while your query continues, as indicated with a new progress bar. Packages that are uploaded to Debian are searchable in Debian Code Search within a couple of minutes or within the hour, instead of up to a week. Users will find that the new Debian Code Search site has a modern user interface providing for cleaner search results achieved through CSS animations. </p> <toc-add-entry name="UEFI">UEFI Support in Jessie</toc-add-entry> <p> Steve McIntyre <a href="http://blog.einval.com/2014/11/20#Jessie-EFI">updated his blog</a> explaining progress toward improved UEFI support for Debian Jessie. Steve in collaboration with Grub developers, continues to work hard squashing bugs. He readily recognizes much more work is needed, especially with i386 UEFI and 32-bit Intel Macs. Steve is reaching out for those that can test 32-bit UEFI, as he and other developers work hard in preparation for Jessie's release. </p> <toc-add-entry name="grtc">Technical Committee Term Limits</toc-add-entry> <p> A General Resolution has been submitted toward a Debian Members vote, regarding <a href="$(HOME)/vote/2014/vote_004">the term of Technical Committee Members</a>. <a href="https://lists.debian.org/debian-devel-announce/2014/12/msg00010.html">Voting</a> remains open until January 8, 23:59 UTC.</p> This is a vote to change the <a href="$(HOME)/devel/constitution">Debian Constitution.</a> The two proposals are similar, both creating term limits for technical committee members. The proposals differ how they handle two or more committee members leaving within the same year. Proposal one offers to leave term limits unchanged (3.5 years), while proposal two suggests the possibility of maintaining senior committee members by exceeding term limits. <a href="https://$(HOME)/vote/howto_follow">Standard Resolution Procedure</a> will govern the voting process. </p> <toc-add-entry name="4th_LTS">Debian Long Term Support and Freexian's 4th report</toc-add-entry> <p> Freexian's <a href="http://raphaelhertzog.com/2014/12/11/freexians-fourth-report-about-debian-long-term-support/">fourth report on Debian Long Term Support</a> was released. </p> <p> For the month of November 2014, 42.5 work hours were allotted towards the LTS project. </p> <p> The monthly allotment of 45.7 hours has not increased and at this time talks are underway to attract more sponsors and outreach to some companies who have announced their willingness to contribute. The overall goal of the funding is to be able to fund the equivalent of a <a href="http://www.freexian.com/services/debian-lts.html">half time position</a>. If your company is able to contribute, please contribute towards this effort. </p> <p> Freexian had previously mentioned the possibility of recruiting more paid contributors to the pool to better share the workload, and to that end, extended offers to both Ben Hutchings and to Mike Gabriel who both accepted. </p> <p> Thorsten Alteholz worked 14.25 hours of paid LTS work and focused on new versions of curl, imagemagick, and wget among other packages. He also <a href="http://blog.alteholz.eu/2014/11/my-debian-activities-in-november-2014/">wonders</a> why LTS users seem to be scant when needed to test releases before they move to the archive, but seem numerous when complaints arise about an upload. </p> <p> Raphael Hertzog did <a href="http://raphaelhertzog.com/2014/12/02/my-free-software-activities-in-november-2014/">18 hours of paid LTS support</a> involving CVE triage with 19 commits to the security tracker, and updates to dbus, libgcrypt11, and openjdk-6 security. A fair amount of time was alloted to updating the kernel to upstream 2.6.32.64, with the integration of new and the removal of some old patches. The kernal patch <i>openvz flavor</i> required quite a bit of tweaking and manual conflict resolution. Raphael reached out to Ben Hutchings asking him to join the project as a paid LTS contributor to take care of the kernel for which Ben accepted. Prior to Bens involvement no kernel updates had been performed in Squeeze since July, this will change now as there is someone dedicated and able to handle it as a priority. Thank you Ben! </p> <p> Holger Levsen's <a href="http://layer-acht.org/thinking/blog/20141201-lts-november-2014/">LTS work for November</a> focused on security updates for ruby1.8, tomcat6, and tomcat-native. He also speaks of the newest contributor to the team effort and the identification of a problem in patch related to openvz. </p> <p> Readers are reminded that LTS project needs support, testers, donations and help to continue this effort. Please see the <a href="https://lists.debian.org/debian-lts/">LTS mailing list</a> for additional details. Currently a <a href="https://lists.debian.org/debian-lts/2014/11/msg00038.html">test of the upstream 2.6.32.64 kernel</a> is needed. </p> <p> The security situation in LTS improved with 27 packages awaiting a security update, with the list of open vulnerabilites in Squeeze showing 58 in total. The backlog is slowly being reduced and solutions are being sought towards the SSLv3 POODLE issue. </p> <toc-add-entry name="C++">C++11 talk, notes, and use in Jessie</toc-add-entry> <p> Enrico Zini <a herf="http://www.enricozini.org/2014/cxx11-talk-examples/">shared examples</a> from a talk he gave about C++ and new features introduced with C++11. He details working with wrapper interfaces, library exceptions, and cast operators which can be transparently passed to the underlying libraries. He also posted his <a herf="http://www.enricozini.org/2014/cxx11-talk-notes/">talk notes</a> which include working with essential tools, tips, functions and many examples. </p> <p> Enrico also notes that users will need at least g++ 4.8 or clang 3.3 to have full C++11 support. Both will be available in Jessie, Wheezy users can use the nightly clang packages repository. </p> <toc-add-entry name="Buggy">Bug Reports for Jessie</toc-add-entry> <p> Niels Thykier recently blogged that as of Dec 08, Jessie had half the number of Release-critical bugs compared to Wheezy, he followed up with a link to the <a href="https://bugs.debian.org/release-critical/">RC critical bug stats graph</a>, which also shows historical data. </p> <p> Richard Hartmann <a href="http://richardhartmann.de/blog/posts/2014/12/19-Debian_Release_Critical_Bug_report_for_Week_51/">updates</a> the Release Critical Bug report for Week 51. There bugs interface shows <a href="http://udd.debian.org/bugs.cgi?release=any&merged=ign&rc=1&chints=1&cdeferred=1&crttags=1">1,095</a> release critical bugs with 189 of them that directly affect Jessie. We will need to get that number to zero before the release. <a href="http://udd.debian.org/bugs.cgi?release=jessie_not_sid&merged=ign&fnewerval=7&rc=1&sortby=id&sorto=asc&chints=1&ctags=1&cdeferred=1&crttags=1&chints=1&cdeferred=1&crttags=1">55</a> bugs in unstable have been fixed and need to migrate to Jessie. Users are encouraged to investigate and submit unblock requests those packages. This comes on the heels of Lucas Nussbaum <a href="http://www.lucas-nussbaum.net/blog/?p=854">wondering</a> if we could release Jessie before the opening of FOSDEM 15. Can we? </p> <toc-add-entry name="WDYD">DPN asks: Auditors, What do you do?</toc-add-entry> <p> <a href="$(HOME)">Debian</a> is a large and global community of a lot of small actors, projects, and teams. This month as part of a special feature we'd like to share with you something about a project or a team that is working in Debian that you may not be aware of. </p> <p> When reading the <a href="https://wiki.debian.org/Teams/Auditor">Debian Auditor team's Wiki page</a>, which lists the responsibilities and duties of the team one must wonder how such a busy team seems to stay just under the radar. <p> <p> We asked the auditing team for a bit of insight, Brian Gupta responds: </p> <p> <q>Historically the auditor team was only responsible for accounting and asset tracking.</q> </p> <p> <q>Currently the team's responsibilities are in the process of expanding to also include helping the DPL track reimbursement requests, working with Trusted Organizations, and taking point in overall project fundraising.</q> </p> <p> <q>Since Debian doesn't have a dedicated general fund raising team, we've been helping coordinate fund-raising, most recently help <a href="https://lists.debian.org/debian-publicity/2014/10/msg00011.html">fund Debian's participation in the Outreach Program for Women</a>. This complements the work of the DebConf fundraising team, which we share some team members with.</q> </p> <p> <q>We've also helped to facilitate <a href="https://wiki.debian.org/Teams/DPL/Reimbursement">reimbursements</a> for various expenses that the Debian Project Leader approves such as <a href="https://wiki.debian.org/Sprints">Sprints</a>, <a href="https://wiki.debian.org/BSP">Bug SquashingParties</a> , and the miniconfs. We also help track Hardware expenses.</q> </p> <p> <q>I personally have been working along with Paul Wise to streamline the donations page, Paul has been invaluable in this effort and you can see the efforts on <a href="$(HOME)/donations">the new Donations page</a>.</q> </p> <p> <q>That said, I think that the name <q>auditor</q> team may be a misnomer, and perhaps <q>finance</q> team would be better, with the understanding that it is just a name, and all of Debian's assets aren't financial.</q> </p> <p> <q>Another task that we've been working on, is working with <a href="http://www.spi-inc.org/">Software in the Public Interest</a> (SPI) to enable them to accept Paypal donations. This should be done soon.</q> </p> <p> <q>I suspect over time, that the auditor/finance team will work more and more closely with our <a href="https://wiki.debian.org/Teams/DPL/TrustedOrganizationCriteria">Trusted Organizations</a>. We already have two auditor team members, Philip Hug on the Debian.ch board and Martin Michlmayr on the SPI board, that are also Trusted Organization board members.</q> </p> <p> <q>Our team can really use help. In particular, we can really use help improving the reimbursement workflow, as this is currently an overly time consuming manual process and there doesn't seem to be many obvious Free Software tools to help streamline this process, nor do the current team members have the time to tackle this.</q> </p> <p> <q>In addition, we also need someone who has time and skills to help us implement and manage a CRM system to coordinate fundraising efforts for both Debian as a whole, as well as DebConf fundraising. (Likely CiviCRM, but that's not set in stone.) </q> </p> <p> We hope that you enjoyed reading about the Audit team, for more information about the team, or if you are interested and able to help assit the team, please contact them via <a href="mailto:auditor@debian.org">Email</a> </p> <toc-add-entry name="other">Other news</toc-add-entry> <p> For the holidays season, Gregor Herrmann offered us a series of short blog posts (starting <a href="http://info.comodo.priv.at/blog/gdac_2014_1.html">here</a>), one every day, to show the bright side of Debian and why it is fun for him to contribute. </p> <p> Gregor Herrmann blogged on RC bugs he worked on in late <a href="http://info.comodo.priv.at/blog/rc_bugs_2014_47_48.html">November</a> and <a href="http://info.comodo.priv.at/blog/rc_bugs_2014_49_50.html">December</a>. </p> <p> Raphael Hertzog <a href="http://raphaelhertzog.com/2014/12/02/my-free-software-activities-in-november-2014/">mentions in his report of activities for November</a> that he drafted a <a href="http://dep.debian.net/deps/dep14/">recommended layout for Git packaging repositories</a> which was submitted for discussion <a href="https://lists.debian.org/debian-devel/2014/11/msg00444.html">on the debian-devel mailing list</a>. </p> <p> <a href="http://upsilon.cc/~zack/blog/posts/2014/11/Debsources_Participation_in_FOSS_Outreach_Program/">Jingjie Jiang</a>, Debian <a href="http://gnome.org/opw/">OPW</a> <a href="https://identi.ca/debian/note/IYTLgqAKQAyqUCI5-O5wDg">intern</a>, started to <a href="http://sophiejjj.wordpress.com/2014/12/12/week1/">blog</a> about her work on debsources. She is looking forward to the working on the project and has already started on bug <a href="https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763921">#763921</a> concerning renderings on the folder page. </p> <p> Tomasz Buchert <a href="https://tomasz.buchert.pl/blog/2014/12/04/bsp-in-munich/">reported</a> on the <a href="https://wiki.debian.org/BSP/2014/11/de/Munich">Munich 2014 Bug Squashing Party</a> which was sponsored and hosted by <a href="http://www.muenchen.de/rathaus/Stadtverwaltung/Direktorium/LiMux.html">LiMux</> and gathered people from KDE, Kolab, and LibreOffice. Among many bugs squashed were <a href="https://bugs.debian.org/768673#12">#768673 for ruby-httpclient</a>, <a href="https://bugs.debian.org/768695#24">#768695 for statsmodels</a>, and <a href="https://bugs.debian.org/768690#17">#768690 for latex-mk</a>. Tomasz also points out another benefit for him of attending a BSP which is not just collaboration or meeting and working with Debian Developers, but also signing GPG keys and getting more signatures on his GPG key. </p> <toc-add-entry name="newcontributors">New Debian Contributors</toc-add-entry> <p> 3 applicants have been <a href="https://nm.debian.org/public/nmlist#done">accepted</a> as Debian Developers, 2 applicants have been <a href="https://lists.debian.org/debian-project/2014/12/msg00024.html">accepted</a> as Debian Maintainer, and 7 people have <a href="https://udd.debian.org/cgi-bin/new-maintainers.cgi">started to maintain packages</a> since the previous issue of the Debian Project News. Please welcome #DDs Chen Baozi, Simon Kainz, Simon Josefsson, #DMs Joachim Wiedorn, Sébastien Noel, #DCs Jochen Sprickerhof, Vincent Prat, Matanya Moses, Andrew Deason, Joao Pedro Avelino Lara, Cameron Norman, and Frank Brehm into our project!</p> <toc-add-entry name="rcstats">Release-Critical bugs statistics for the upcoming release</toc-add-entry> <rcstatslink release="Jessie" url="http://richardhartmann.de/blog/posts/2014/12/27-Debian_Release_Critical_Bug_report_for_Week_52/" testing="147" tobefixed="72" /> <toc-add-entry name="dsa">Important Debian Security Advisories</toc-add-entry> <p>Debian's Security Team recently released advisories for these packages (among others): <a href="$(HOME)/security/2014/dsa-3084">openvpn</a>, <a href="$(HOME)/security/2014/dsa-3085">wordpress</a>, <a href="$(HOME)/security/2014/dsa-3086">tcpdump</a>, <a href="$(HOME)/security/2014/dsa-3087">qemu</a>, <a href="$(HOME)/security/2014/dsa-3088">qemu-kvm</a>, <a href="$(HOME)/security/2014/dsa-3089">jasper</a>, <a href="$(HOME)/security/2014/dsa-3090">iceweasel</a>, <a href="$(HOME)/security/2014/dsa-3091">getmail4</a>, <a href="$(HOME)/security/2014/dsa-3092">icedove</a>, <a href="$(HOME)/security/2014/dsa-3093">linux</a>, <a href="$(HOME)/security/2014/dsa-3094">bind9</a>, <a href="$(HOME)/security/2014/dsa-3095">xorg-server</a>, <a href="$(HOME)/security/2014/dsa-3096">pdns-recursor</a>, <a href="$(HOME)/security/2014/dsa-3097">unbound</a>, <a href="$(HOME)/security/2014/dsa-3098">graphviz</a>, <a href="$(HOME)/security/2014/dsa-3099">dbus</a>, <a href="$(HOME)/security/2014/dsa-3100">mediawiki</a>, <a href="$(HOME)/security/2014/dsa-3101">c-icap</a>, <a href="$(HOME)/security/2014/dsa-3102">libyaml</a>, <a href="$(HOME)/security/2014/dsa-3103">libyaml-libyaml-perl</a>, <a href="$(HOME)/security/2014/dsa-3104">bsd-mailx</a>, <a href="$(HOME)/security/2014/dsa-3105">heirloom-mailx</a>, <a href="$(HOME)/security/2014/dsa-3106">jasper</a>, <a href="$(HOME)/security/2014/dsa-3107">subversion</a>, <a href="$(HOME)/security/2014/dsa-3108">ntp</a>, <a href="$(HOME)/security/2014/dsa-3109">firebird2.5</a>, <a href="$(HOME)/security/2014/dsa-3110">mediawiki</a>, and <a href="$(HOME)/security/2014/dsa-3112">sox</a>. Please read them carefully and take the proper measures.</p> <p>Debian's Stable Release Team released an update announcement for the package: <a href="https://lists.debian.org/debian-stable-announce/2014/12/msg00000.html">spamassassin</a>. Please read it carefully and take the proper measures.</p> <p>The Debian team in charge of Squeeze Long Term Support released security update announcements for these packages: <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00000.html">openvpn</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00001.html">clamav</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00002.html">flac</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00003.html">mutt</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00004.html">jasper</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00005.html">tcpdump</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00006.html">linux-2.6</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00007.html">pdns-recursor</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00008.html">graphviz</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00009.html">getmail4</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00010.html">unbound</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00011.html">nfs-utils</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00012.html">libyaml</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00013.html">libyaml-libyaml-perl</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00014.html">cpio</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00015.html">bind9</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00016.html">bsd-mailx</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00017.html">heirloom-mailx</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00018.html">ntp</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00019.html">qt4-x11</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00020.html">linux-2.6</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00021.html">subversion</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00022.html">xorg-server</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00023.html">jasper</a>, <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00024.html">eglibc</a>, and <a href="https://lists.debian.org/debian-lts-announce/2014/12/msg00025.html">firebird2.5</a>. Please read them carefully and take the proper measures.</p> <p>Please note that these are a selection of the more important security advisories of the last weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the <a href="https://lists.debian.org/debian-security-announce/">security mailing list</a> (and the separate <a href="https://lists.debian.org/debian-backports-announce/">backports list</a>, <a href="https://lists.debian.org/debian-stable-announce/">stable updates list</a>, and <a href="https://lists.debian.org/debian-lts-announce/">long term support security updates list</a>) for announcements. </p> <toc-add-entry name="nnwp">New and noteworthy packages</toc-add-entry> <p> 124 packages were added to the unstable Debian archive recently. <a href="https://packages.debian.org/unstable/main/newpkg">Among many others</a> are:</p> <ul> <li><a href="https://packages.debian.org/unstable/main/apt-transport-s3">apt-transport-s3 â?? APT transport for privately held AWS S3 repositories</a></li> <li><a href="https://packages.debian.org/unstable/main/bats">bats â?? bash automated testing system</a></li> <li><a href="https://packages.debian.org/unstable/main/bdbvu">bdbvu â?? simple GUI tool to browse Berkeley DB databases</a></li> <li><a href="https://packages.debian.org/unstable/main/capstats">capstats â?? command-line tool for collecting network interface statistics</a></li> <li><a href="https://packages.debian.org/unstable/main/gitinspector">gitinspector â?? statistical analysis tool for git repositories</a></li> <li><a href="https://packages.debian.org/unstable/main/nfstrace">nfstrace â?? NFS tracing/monitoring/capturing/analyzing tool</a></li> <li><a href="https://packages.debian.org/unstable/main/prepair">prepair â?? polygon repair tool</a></li> <li><a href="https://packages.debian.org/unstable/main/s-el">s-el â?? string manipulation library for Emacs</a></li> <li><a href="https://packages.debian.org/unstable/main/willie">willie â?? simple, lightweight, open source, easy-to-use IRC utility bot</a></li> <li><a href="https://packages.debian.org/unstable/main/x265">x265 â?? H.265/HEVC video stream encoder</a></li> <li><a href="https://packages.debian.org/unstable/main/xul-ext-spdy-indicator">xul-ext-spdy-indicator â?? extension to show an SPDY support indicator in the address bar</a></li> </ul> <toc-add-entry name="wnpp">Work-needing packages</toc-add-entry> ## link= link to the mail report from wnpp@debian.org to debian-devel ML ## orphaned= number of packages orphaned according to $link ## rfa= number of packages up for adoption according to $link <wnpp link="https://lists.debian.org/debian-devel/2014/12/msg00360.html" orphaned="658" rfa="146" /> <toc-add-entry name="continuedpn">Want to continue reading DPN?</toc-add-entry> <continue-dpn /> #use wml::debian::projectnews::footer editor="Cédric Boutillier, Jean-Pierre Giraud, Carl J Mannino, Donald Norwood, Justin B Rye, Paul Wise" # Translators may also add a translator="foo, bar, baz" to the previous line
Attachment:
signature.asc
Description: OpenPGP digital signature