Debian Project News - July 3rd, 2014

[Saxman]

------------------------------------------------------------------------
The Debian Project http://www.debian.org/
Debian Project News debian-publicity@lists.debian.org
July 3rd, 2014 http://www.debian.org/News/weekly/2014/11/
------------------------------------------------------------------------

Welcome to this year's eleventh issue of DPN, the newsletter for the
Debian community. Topics covered in this issue include:

* Google Summer of Code updates
* The first set of talks for DebConf14 have been accepted!
* Debian is moving (back) to GLIBC
* Other news
* New Debian Contributors
* Important Debian Security Advisories
* New and noteworthy packages
* Work-needing packages
* Want to continue reading DPN?


Google Summer of Code updates
-----------------------------

S.M. Floris gives a status update to Muon package integration with
apt-listbugs [1]: apt-listbugs will warn users when installing packages if
those packages have serious, grave, or critical bugs. The muon package
is available in the Git repository for the muon package on Alioth [2] under
the gsoc-floris-2014 branch. Ian S. Donnelly takes us through his 4 week
experience and process of implementing a three-Way merge algorithm for
Elektra KeySets in C++ towards the kdb merge tool [3]. Andrew Schurman
shares his latest update on the Java Project Dependency Builder [4]
which aims to check all of the dependencies in a project to assure that
the sources are actually "free".

1: http://web2unu.ro/?p=51
2: http://git.debian.org/?p=pkg-kde/kde-extras/muon.git
3: http://community.libelektra.org/wp/?author=2
4: https://lists.debian.org/debian-java/20 ... 00088.html


The first set of talks for DebConf14 have been accepted!
--------------------------------------------------------

* Outsourcing your webapp maintenance to Debian [5] We moved away from
statically-linked C/C++ programs a long time ago and now live in a
nicely-packaged shared library world. This talk will examine the
decision that the Libravatar project made to outsource much of its
maintenance burden to Debian by using system packages for almost
everything.
* bugs.debian.org — Database Ho! [6] Brief overview of the current
state of the BTS, new features, and new developments in the ongoing
onslaught of bugs.
* use Perl; # Annual meeting of the Debian Perl Group [7] The pkg-perl
team will again take the opportunity to meet in person for discussing
current topics and planning future work.
* Status of the Debian OpenPGP keyring [8] Introduce keyring-maint's
work processes and policies to get them better understood by the overall
Debian community.
* Seeing Debian through a functional lens [9] Using Nix's functional
package management as inspiration, let's look at Debian from a
functional programming perspective.
* Debsources: powering sources.debian.net [10] Debsources [11]
provides web access to the entire historical Debian source code from
archives to current and experimental. Users can browse or search source
packages online through the web instance or use Debsources via its
API [12]
* A glimpse into a systemd future [13] Technologies covered include
journald, systemd-networkd, socket activation, timer units, containers,
and systemd user sessions. Goals include reducing boot time, reducing
duplicate configuration, improving system manageability, improving
battery life, and unifying graphical session startup.
* New Network Interface Manager for Debian: ifupdown2 [14] A proposal
for ifupdown2, a new implementation of debian ifupdown package written
in python.

5: https://summit.debconf.org/debconf14/me ... to-debian/
6: https://summit.debconf.org/debconf14/me ... tabase-ho/
7: https://summit.debconf.org/debconf14/me ... erl-group/
8: https://summit.debconf.org/debconf14/me ... p-keyring/
9: https://summit.debconf.org/debconf14/me ... onal-lens/
10: https://summit.debconf.org/debconf14/me ... debiannet/
11: http://sources.debian.net
12: http://sources.debian.net/doc/api/
13: https://summit.debconf.org/debconf14/me ... md-future/
14: https://summit.debconf.org/debconf14/me ... ifupdown2/

These are just the first accepted talks and we are still accepting talks
about Debian-related ideas, proposals, and stories. Details on how to
submit your own talk [15] are available on the events page.

15: http://debconf14.debconf.org/talks.xhtml


Debian is moving (back) to GLIBC
--------------------------------

Five years ago Debian moved from using GLIBC to the EGLIBC fork as the
standard C library. Now that course of action is being reversed and
Debian is switching back to GLIBC [16] due to the demise of the EGLIBC
project and the dissolution of the GLIBC steering committee [17]. With
the GLIBC committee gone, GLIBC became open for peer review, shared
repositories, removal of the ports/ directories, and has had most of the
important EGLIBC features merged back into it. The new glibc package is
available in experimental.

16: http://blog.aurel32.net/175
17: https://sourceware.org/ml/libc-alpha/20 ... 01038.html


Other news
----------

The HackFest of the Tails (The Amnesic Incognito Live System) [18]
project will take place on July 5-6 in Paris, hosted by IRILL. The Tails
HackFest [19] will bring together anyone interested in making Tails more
usable and more secure. If you want to learn about the challenges faced
by Tails, and how you can be part of the solution, this open event will
be an intense mix of teaching, drawing, coding, sharing, learning and
celebrating, supported by Debian, IRILL, Mozilla and the Tor project.

18: https://tails.boum.org/index.en.html
19: https://tails.boum.org/blueprint/HackFest_2014_Paris/


New Debian Contributors
-----------------------

15 people have started to maintain packages [20] since the previous
issue of the Debian Project News. Please welcome Gustavo Paniagua dos
Santos, Michael Jeanson, Valentin OVD, Punit Agrawal, Andrew Ayer, Thomi
Richards, Aurélien Joga, David Steele, Klaus Ethgen, Fabien Spindler,
Graeme Gott, Yusuke Yatsuo, Alexander Alemayhu, Ulrike Uhlig, and
Clément Schreiner into our project!

20: http://udd.debian.org/cgi-bin/new-maintainers.cgi


Important Debian Security Advisories
------------------------------------

Debian's Security Team recently released advisories for these packages
(among others): kfreebsd-9 [21], dpkg [22], dovecot [23],
iceweasel [24], icinga [25], mediawiki [26], apt [27],
chromium-browser [28], icedove [29], php5 [30], nspr [31],
lucene-solr [32], iodine [33], tiff [34], samba [35], gnupg [36],
gnupg2 [37], libemail-address-perl [38], and cacti [39].
Please read them carefully and take the proper measures.

21: http://www.debian.org/security/2014/dsa-2952
22: http://www.debian.org/security/2014/dsa-2953
23: http://www.debian.org/security/2014/dsa-2954
24: http://www.debian.org/security/2014/dsa-2955
25: http://www.debian.org/security/2014/dsa-2956
26: http://www.debian.org/security/2014/dsa-2957
27: http://www.debian.org/security/2014/dsa-2958
28: http://www.debian.org/security/2014/dsa-2959
29: http://www.debian.org/security/2014/dsa-2960
30: http://www.debian.org/security/2014/dsa-2961
31: http://www.debian.org/security/2014/dsa-2962
32: http://www.debian.org/security/2014/dsa-2963
33: http://www.debian.org/security/2014/dsa-2964
34: http://www.debian.org/security/2014/dsa-2965
35: http://www.debian.org/security/2014/dsa-2966
36: http://www.debian.org/security/2014/dsa-2967
37: http://www.debian.org/security/2014/dsa-2968
38: http://www.debian.org/security/2014/dsa-2969
39: http://www.debian.org/security/2014/dsa-2970

Debian's Stable Release Team released an update announcement for these
packages: clamav [40], tzdata (for wheezy [41] and, squeeze [42]), and
duo-unix [43]. Please read them carefully and take the proper measures.

40: https://lists.debian.org/debian-stable- ... 00000.html
41: https://lists.debian.org/debian-stable- ... 00001.html
42: https://lists.debian.org/debian-stable- ... 00002.html
43: https://lists.debian.org/debian-stable- ... 00003.html

The Debian team in charge of squeeze long term support released a
security update announcement for these packages: dovecot [44], apt [45],
scheme48 [46], and linux-2.6 [47]. Please read them carefully and take
the proper measures.

44: https://lists.debian.org/debian-lts-ann ... 00003.html
45: https://lists.debian.org/debian-lts-ann ... 00004.html
46: https://lists.debian.org/debian-lts-ann ... 00005.html
47: https://lists.debian.org/debian-lts-ann ... 00006.html

Please note that these are a selection of the more important security
advisories of the last weeks. If you need to be kept up to date about
security advisories released by the Debian Security Team, please
subscribe to the security mailing list [48] (and the separate backports
list [49], stable updates list [50], and long term support security
updates list [51]) for announcements.

48: https://lists.debian.org/debian-security-announce/
49: https://lists.debian.org/debian-backports-announce/
50: https://lists.debian.org/debian-stable-announce/
51: https://lists.debian.org/debian-lts-announce/


New and noteworthy packages
---------------------------

172 packages were added to the unstable Debian archive recently. Among
many others [52] are:

* airspy — tiny and efficient software defined radio receiver [53]
* direnv — utility to set directory specific environment variables [54]
* efivar — tools to manage UEFI variables [55]
* gap-autpgrp — program computing the automorphism group of a p-group [56]
* nslcd-utils — utilities for querying LDAP via nslcd [57]
* pdepend — PHP_Depend design quality metrics for PHP packages [58]
* pktools — GDAL add-on tools to perform useful raster processing [59]
* pulseview — sigrok logic analyzer, oscilloscope, and MSO GUI [60]
* torbrowser-launcher — tool to download, update and run the Tor Browser Bundle [61]

52: https://packages.debian.org/unstable/main/newpkg
53: https://packages.debian.org/unstable/main/airspy
54: https://packages.debian.org/unstable/main/direnv
55: https://packages.debian.org/unstable/main/efivar
56: https://packages.debian.org/unstable/main/gap-autpgrp
57: https://packages.debian.org/unstable/main/nslcd-utils
58: https://packages.debian.org/unstable/main/pdepend
59: https://packages.debian.org/unstable/main/pktools
60: https://packages.debian.org/unstable/main/pulseview
61: https://packages.debian.org/unstable/ma ... r-launcher


Work-needing packages
---------------------

Currently [62] 577 packages are orphaned [63] and 139 packages are up
for adoption [64]: please visit the complete list of packages which need
your help [65].

62: https://lists.debian.org/debian-devel/2 ... 00543.html
63: http://www.debian.org/devel/wnpp/orphaned
64: http://www.debian.org/devel/wnpp/rfa
65: http://www.debian.org/devel/wnpp/help_requested


Want to continue reading DPN?
-----------------------------

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [66] to find out how to help. We're
looking forward to receiving your mail at
<debian-publicity@lists.debian.org>.

66: https://wiki.debian.org/ProjectNews/HowToContribute


This issue of Debian Project News was edited by Cédric Boutillier, Jean-
Pierre Giraud, Donald Norwood and Paul Wise.