Hi, I send back the DPN July draft with some suggestions for amendments. I think we need to have more than 2 title levels I propose to add some reports of some of the recent events. For once upon a time in Debian : usually, the events were choosed between facts occurred in the same month as the DPN is released. Jean-Pierre Giraud
--- /home/jpg1/debian_git/bits/content/2023/dpnjuly2023.md 2023-07-29 00:49:49.868505504 +0200 +++ /home/jpg1/debian_git/bits/content/2023/dpnjuly2023_jpg.md 2023-07-29 14:44:52.791307762 +0200 @@ -1,8 +1,8 @@ Title: Debian Project Bits Volume 1, Issue 1 -Date: 2023-07-30 12:30 -Tags: dpn news debconf23, dpb Slug: dpn202307 +Date: 2023-07-30 12:30 Author: Contributor 1, Contributor 2 +Tags: dpn news debconf23, dpb Status: draft - - - **Debian Project Bits** @@ -10,9 +10,8 @@ *July 30, 2023* -News ---- - +News +---- #### Debian Day @@ -22,9 +21,10 @@ Be sure share to share your days, events, thoughts, or notes with us and the rest of the community with the **#debianday** tag that will be used across most social media platforms. See you then! +Events: Upcoming and Reports +---- - -#### Debian Developers Camp and Conference +#### DebConf23: Debian Developers Camp and Conference The 2023 Debian Developers Camp \(DebCamp) and Conference (**[DebConf23](https://debconf23.debconf.org/)**) will be hosted this year in Infopark, [Kochi, India](https://debconf23.debconf.org/about/kochi/). @@ -32,12 +32,26 @@ If you are planning on attending the conference this year, now is the time to ensure your travel documentation, [visa information](https://lists.debian.org/debconf-announce/2023/07/msg00001.html)**very important**, bursary submissions, papers and relevant equipment are prepared. For more information contact <debconf@debconf>. +#### MiniDebConf Cambridge 2023 + +There will be a <a href="https://lists.debian.org/debian-devel-announce/2023/07/msg00002.html";>MiniDebConf </a> +held in Cambridge, UK, hosted by ARM for 4 days in November: 2 days for a mini-DebCamp (Thu 23 - Fri 24), +with space for dedicated development / sprint / team meetings, then 2 days for a more regular mini-conf +(Sat 25 - Sun 26) with space for more general talks, up to 80 people. + +Reports + +#### MiniDebConf Brazil +Todo + +#### DebianReunionHamburg +Todo #### Stable Release Debian 12 [bookworm](https://wiki.debian.org/DebianBookworm) was released on [June 10, 2023](https://www.debian.org/News/2023/20230610). This new version becomes the stable release of Debian and moves the prior Debian 11 [bullseye](https://wiki.debian.org/DebianBullseye) release to the [oldstable](https://wiki.debian.org/DebianOldStable) codename. -The 1st point release of [12.1](https://wiki.debian.org/DebianReleases) to address miscellaneous bug fixes, documentation, and installer updates was made available on [July 22, 2023](https://www.debian.org/News/2023/20230722). +The 1st point release of [12.1](https://wiki.debian.org/DebianReleases) to address miscellaneous bug fixes affecting 88 packages, documentation, and installer updates was made available on [July 22, 2023](https://www.debian.org/News/2023/20230722). @@ -48,27 +62,29 @@ - Marius Gripsgard \(mariogrip) -- Mohammed Bilal \(rmb) -- Emmanuel Arias \(amanu) +- Mohammed Bilal \(rmb) +- Emmanuel Arias \(amanu) - Robin Gustafsson \(rgson) - Lukas Märdian \(slyon) -- David da Silva Polverari \(polverari) +- David da Silva Polverari \(polverari) -To find out more about our newest members or any Debian Developer, look for them on the [Debian People list](https://nm.debian.org/public/people/). +To find out more about our newest members or any Debian Developer, look +for them on the [Debian People list](https://nm.debian.org/public/people/). Security --- -Debian's Security Team releases current advisories on a daily basis: Some recently release advisories concern these packages: +Debian's Security Team releases current advisories on a daily basis: +Some recently release advisories concern these packages: -[trafficserver security update](https://lists.debian.org/debian-security-announce/2023/msg00126.html) +[trafficserver](https://www.debian.org/security/2023/dsa-5435-2) Several vulnerabilities were discovered in Apache Traffic Server, a reverse and forward proxy server, which could result in information disclosure or denial of service. -[asterisk security update](https://lists.debian.org/debian-security-announce/2023/msg00130.html) +[asterisk](https://www.debian.org/security/2023/dsa-5438) A flaw was found in Asterisk, an Open Source Private Branch Exchange. A buffer overflow vulnerability affects users that use PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. The difference is that @@ -77,11 +93,11 @@ resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead. -[flask security update](https://lists.debian.org/debian-security-announce/2023/msg00134.html) +[flask](https://www.debian.org/security/2023/dsa-5442) It was discovered that in some conditions the Flask web framework may disclose a session cookie. -[chromium security update](https://lists.debian.org/debian-security-announce/2023/msg00132.html) +[chromium](https://www.debian.org/security/2023/dsa-5456) Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. @@ -92,8 +108,13 @@ #### Popular packages -[gpgv](https://packages.debian.org/stable/gpgv) - GNU privacy guard signature verification tool. _99,053_ installations. - gpgv is actually a stripped-down version of gpg which is only able to check signatures. It is somewhat smaller than the fully-blown gpg and uses a different (and simpler) way to check that the public keys used to make the signature are valid. There are no configuration files and only a few options are implemented. +[gpgv](https://packages.debian.org/stable/gpgv) - GNU privacy guard +signature verification tool. _99,053_ installations. + gpgv is actually a stripped-down version of gpg which +is only able to check signatures. It is somewhat smaller than the fully-blown +gpg and uses a different (and simpler) way to check that the public keys used +to make the signature are valid. There are no configuration files and only a +few options are implemented. [dmsetup](https://packages.debian.org/stable/dmsetup) - Linux Kernel Device Mapper userspace library. _77,769_ installations. The Linux Kernel Device Mapper is the LVM (Linux Logical Volume Management) Team's implementation of a minimalistic kernel-space driver that handles volume management, while keeping knowledge of the underlying device layout in user-space. This makes it useful for not only LVM, but software raid, and other drivers that create "virtual" block devices. @@ -114,13 +135,13 @@ 3D CAD programs and rendering programs using the LDraw parts library of LEGO parts rely on a file called parts.lst containing a list of all available parts. The program ldraw-mklist is used to generate this list from a directory of LDraw parts. [Open Lighting Architecture - RDM Responder Tests](https://packages.debian.org/unstable/main/ola-rdm-tests) - The DMX512 standard for Digital MultipleX is used for digital communication networks commonly used to control stage lighting and effects. The Remote Device Management protocol is an extension to DMX512, allowing bi-directional communication between RDM-compliant devices without disturbing other devices on the same connection. The Open Lighting Architecture (OLA) provides a plugin framework for distributing DMX512 control signals. This package provides an automated way to check protocol compliance in RDM devices. + The DMX512 standard for Digital MultipleX is used for digital communication networks commonly used to control stage lighting and effects. The Remote Device Management protocol is an extension to DMX512, allowing bi-directional communication between RDM-compliant devices without disturbing other devices on the same connection. The Open Lighting Architecture (OLA) provides a plugin framework for distributing DMX512 control signals. The ola-rdm-tests package provides an automated way to check protocol compliance in RDM devices. [parsec-service](https://packages.debian.org/unstable/main/parsec-service) Parsec is an abstraction layer that can be used to interact with hardware-backed security facilities such as the Hardware Security Module (HSM), the Trusted Platform Module (TPM), as well as firmware-backed and isolated software services. The core component of Parsec is the security service, provided by this package. The service is a background process that runs on the host platform and provides connectivity with the secure facilities of that host, exposing a platform-neutral API that can be consumed into different programming languages using a client library. For a client library implemented in Rust see the package librust-parsec-interface-dev. [simple network calculator and lookup tool](https://packages.debian.org/unstable/main/ripcalc) - Process and lookup network addresses from the command line or CSV. Output has a variety of customisable formats. + Process and lookup network addresses from the command line or CSV with ripalc . Output has a variety of customisable formats. [High performance, open source CPU/GPU miner and RandomX benchmark](https://packages.debian.org/unstable/main/xmrig) XMRig is a high performance, open source, cross platform RandomX, KawPow, CryptoNight, and GhostRider unified CPU/GPU miner and RandomX benchmark.
Attachment:
signature.asc
Description: This is a digitally signed message part