This is an OpenPGP/MIME signed message (RFC 4880 and 3156) ------------------------------------------------------------------------
The Debian Project
https://www.debian.org/
Debian Project News
debian-publicity@lists.debian.org February 18th, 2016
https://www.debian.org/News/weekly/2016/01/ ------------------------------------------------------------------------
Welcome to this year's first issue of DPN, the newsletter for the Debian community. Topics covered in this issue include:
* Welcome to the "New" Debian Project News!
* Internal News/Happenings
* Help needed
* More than just code
* Reports
* Outside News
* Want to continue reading DPN?
Welcome to the "New" Debian Project News! -----------------------------------------
We hope that you have enjoyed our newly revised format of the DPN. We
have shifted some of the content around, introduced new sections, and
moved some content onto the Bits from Debian [1] blog.
1:
https://bits.debian.org/
Bits from Debian will showcase new packages and interviews, plus some announcements, and is where we will welcome new DDs.
We are planning to send more short news items via our social network
account. Please be sure to follow us on identi.ca/debian [2] (or fall
back to the non-official mirrors in other social networks).
2:
https://identi.ca/debian
One of the major changes is the removal of the DSA security advisories
from the newsletter. Debian's Security Team releases current advisories
on a daily basis (Security Advisories 2016 [3]), so please read them
carefully and take the proper measures.
3:
https://www.debian.org/security/2016/
If you need to be kept up to date about security advisories released by
the Debian Security Team, please subscribe to the security mailing
list [4] (and the separate backports list [5], stable updates list [6],
and long term support security updates list [7]) for announcements.
4:
https://lists.debian.org/debian-security-announce/
5:
https://lists.debian.org/debian-backports-announce/
6:
https://lists.debian.org/debian-stable-announce/
7:
https://lists.debian.org/debian-lts-announce/
We are simplifying and (we hope) improving the "help needed" section.
From now on, you will find:
* links to packages needing help,
* links to bug reports tagged "newcomer",
* calls for help from teams in coordination with the Welcome Team,
tailored for first-time contributors.
Internal News/Happenings
------------------------
Updated Debian 8: 8.3 released
The third update of Debian 8 'jessie' was released [8] last month,
addressing security concerns in the stable release along with updates.
8:
https://www.debian.org/News/2016/20160123
Debtags cleaned up
Enrico Zini announced [9] a cleanup to debtags.debian.org. Changes were
made to anonymous submissions, the recognition of tags as official contributions, and mailing lists.
9:
http://www.enricozini.org/2016/debian/debtags-cleanup/
Remembering Ian
As we are all aware Debian mourned the loss of its founder Ian Murdock.
For the month of January most Debian services and outward-facing visual elements kept with a darkened theme and ribbon in remembrance. Slowly
into this month we are changing the websites and services back to their original themes and colours.
The Debian Publicity Team is preparing a website that will gather many
of the blogposts, messages, and contributions made by community members
and the wider free software mourning Ian, as well as the tribute video
shown on 30 January 2016 in the session "Ian Murdock, in memoriam" [10]
at FOSDEM (the Free, Open Source Developers European Meeting). It will
be announced soon in bits.debian.org [11], the Debian blog.
10:
https://fosdem.org/2016/schedule/event/ian_murdock/
11:
https://bits.debian.org
We thank you all for grieving with us and for all these contributions,
and we hope these gestures have been able to speak to the community.
New Debian Pure Blends section in the website
Iain R. Learmonth together with the different Blend Teams is updating
and reorganising the information about Debian Pure Blends in our
website. Thanks! We all hope you like this new section about Pure
Blends [12], which is also listed in the homepage menu of
www.debian.org.
12:
https://www.debian.org/blends/
Tails installer is now in Debian
The Tails Installer is now in Debian, thanks to the Debian Privacy Tools Maintainers Team.
The Amnesic Incognito Live System (Tails) is a live OS based on Debian GNU/Linux which aims at preserving the user's privacy and anonymity.
The previous process for getting started with Tails was very complex,
but now it can now be done simply by installing Tails Installer in your existing Debian system, using sid, stretch or jessie-backports, and
plugging in a USB stick.
Read more about this news in this article in the Debian blog [13].
13:
https://bits.debian.org/2016/02/tails-installer-in-debian.html
DSA and service maintainers encrypting all the things
Let's Encrypt, the free, automated, and open Certificate Authority went
Public Beta in December 2015, and packages containing several utilities
to create and install these certificates have already entered Debian
unstable and testing.
Let's Encrypt is now enabling the Debian System Administrators (DSA)
team to expand its deployment of encryption for debian.org services,
which started a few years ago with friendly help from Gandi.
Thanks to the DSA, we can now communicate with these Debian services
using secure channels: debtags.debian.org, metadata.ftp-
master.debian.org, several syncproxies, planet-search.debian.org, cgi.debian.org, www-master.debian.org, search.debian.org,
i18n.debian.org, and l10n.debian.org.
Thanks to their maintainers, these other Debian services are also
secured: codesearch.debian.net, sources.debian.net, lava.debian.net, jenkins.debian.net, timeline.debian.net, dedup.debian.net,
news.debian.net (static copy), debaday.debian.net (static copy), plus
several debconf.org sites.
And the work of deploying certificates is still ongoing!
Miscellaneous
Neil McGovern writes "On ZFS in Debian [14]", sharing his insight on the process and discussion around compatible licensing in Debian.
14:
http://blog.halon.org.uk/2016/01/on-zfs-in-debian/
Upcoming Events
* miniDebConf: Curitiba The Brazilian community of users and Debian developers invites everyone to participate in the Mini-DebConf Curitiba
2016 [15] that will be held on March 5–6 at Aldeia Coworking in Curitiba
- Parana. The Mini-DebConf is open to all comers, regardless of their
level of knowledge about or in Debian. Most importantly we want to
gather the community to celebrate the biggest Free Software project in
the world, so we want to welcome users of all levels from inexperienced
to official Debian Developers. The program will consist of basic and intermediate level lectures for those participants who will have their
first contact with Debian or want to know more about certain subjects,
and intermediate and advanced level workshops for Debian users who want
to get their hands dirty during the meeting. The subscription to the Mini-DebConf 2016 Curitiba is completely free of charge and can be made
using the form available on the meeting website. Prior registration is important for us to plan it according to the number of participants.
* miniDebConf: Singapore At FOSSASIA [16], Debian Singapore users will
make use of generously offered space to hold a miniDebConf [17] March
18–20 2016 at the Singapore Science Centre. Multiple events are already planned including a Debian & Friends Meetup where new users and those interested in Debian can gather, several talks and workshops, a bug
squashing party, and other events. With enough participation and
attendees Debian may occupy a larger space and may be able to hold a
Sprint. This event is still in the planning phases [18] and open to
volunteers and suggestions. There is a community ticket of SGD35 which
includes lunches and a T-shirt.
15:
https://wiki.debian.org/DebianEvents/br/2016/MiniDebconfCuritiba/TextoDPN
16:
http://2016.fossasia.org/
17:
https://wiki.debian.org/FOSSASIA/MiniDebConf2016
18:
https://lists.debian.org/debian-devel-announce/2016/02/msg00002.%0Ahtml
You can find more information about how to sponsor Debian-related events
and talks on the events section [19] of the Debian website.
19:
https://www.debian.org/events
Once upon a time in Debian:
* 1997-02-01 Board of Directors elected [20]
* 1999-01-04 Joey Hess releases first issue of Debian Weekly News
* 2000-02-07 Debian wins "Most Deserving of $2000" award [21]
* 2000-02-12 Debian-kids (now "Debian Junior") announced
* 2002-01-21 Debian-Med announced
* 2004-01-03 planet.debian.org created
* 2004-01-07 Debian Perl group founded
* 2011-01-24 Derivatives Census announced [22]
20:
https://www.debian.org/News/1997/19970301
21:
http://slashdot.org/story/00/02/06/1950248/beanie-award-wrapup
22:
https://www.debian.org/News/2011/20110124
Contributors
Help needed
-----------
Packages needing help:
Currently [23] 710 packages are orphaned [24] and 190 packages are up
for adoption [25]: please visit the complete list of packages which need
your help [26].
23:
https://lists.debian.org/debian-devel/2016/02/msg00245.html
24:
https://www.debian.org/devel/wnpp/orphaned
25:
https://www.debian.org/devel/wnpp/rfa
26:
https://www.debian.org/devel/wnpp/help_requested
Newcomer bugs
More than just code
-------------------
Discussions
While the world focused on the finding of gravitational waves, a savvy
Daniel Pocock noticed something else when he asked, "does Debian help
detect gravitational waves? [27]" Discussion brings to light some of the efforts of several Debian teams focused on making Debian (and its
Blends) a better tool for researchers and scientific endeavours.
27:
https://lists.debian.org/debian-project/2016/02/msg00021.html
David Niklas asked a simple yet very serious question in debian-user
that we can all understand and possibly comment on when he asked, "is
this keyboard worth $220? [28]"
28:
https://lists.debian.org/debian-user/2016/02/msg00274.html
Tips and Tricks
Matthieu Caneill wrote a quick and easy one-liner to open the source
code [29] of any file on your Debian system; this marvel of code was
further modified by Orestis Loannou who tweaked it to use the debsources
API to determine a license [30].
29:
http://matthieu.io/blog/2015/08/16/one-liner-to-catch-em-all/
30:
http://oioannou.com/2016/blog/one-liner/
For the security minded, Petter Reinholdtsen shares a means of enabling
Tor to download Debian packages [31].
31:
http://people.skolelinux.org/pere/blog/%0AAlways_download_Debian_packages_using_Tor___the_simple_recipe.html
Reports
-------
Norbert Preining writes [32] about 10 years of TeX Live in Debian with reflections on the history of TeX, versions, and milestones of the
process. As development continues he gives the current state and plans
for the future.
32:
http://www.preining.info/blog/2016/01/10-years-tex-live-in-debian/
LTS status/updates
Squeeze-LTS [33] (Long Term Support) for Debian 6.0 'squeeze' will end
in February of 2016 (this month). LTS [34] is handled by a growing
community of volunteers, organisations, and sponsors who work toward
keeping a stable operating system in place with support, security, and
packages for an extended duration past new releases. LTS for squeeze ran
for 2 years. Look for an announcement soon from the LTS team reporting
on the end of support and the move to support Debian 7.0 'wheezy'.
33:
https://www.debian.org/News/2014/20140424
34:
https://wiki.debian.org/LTS
Freexian reported on its sponsored Debian Long Term Support. December of
2015 detailed 113.5 work hours distributed to 9 paid contributors, the
loss and reduction of 2 sponsors and the addition of 1 new sponsor.
Freexian is starting to look to the future as LTS begins support for
wheezy LTS which will include packages that were excluded from squeeze
LTS. Debian LTS is a critical area that really needs help, support, and contributions; if you can assist or know of a company that is willing to
become a sponsor please reach out to the team.
* Antoine Beaupré [35] worked on future support for Redmine [36] and a
patch proposal to ignore CVEs that affect unsupported software in the
future. Ben Hutchings [37] worked on a linux- 2.6 security update [38], backported several security fixes for Linux-2.6.32-longterm, sudo, and claws-mail. Chris Lamb [39] worked on libphp-phpmailer,
foomatic-filters, and a cacti SQL injection vulnerability as well as a
new upstream release for python-djano [40]. Guido Günther [41] worked on
the triaging of 16 CVEs and a fix for giflib. On his own unpaid time he introduced some usertags for tracking non DLA items. Raphaël
Hertzog [42] uploaded MySQL 5.5 compatibility fixes for phpmyadmin and postfix-policyd, updated the git repository for debian-security, worked
on dhcpd and arts CVEs, and worked the LTS frontdesk. Santiago Ruano
Rincón [43] worked on gnutls26, grub2, and MySQL- 5.5 [44] as well as frontdesk duties. Scott Kitterman [45] worked on Quassel but was instead educated on Quassel in attempting to resolve upstream code issues in
squeeze and wheezy. Thorsten Alteholz [46] did frontdesk duties and
worked on security updates for bind9, libxml2, and libpng. Reproducible
Build status/update Reproducible Builds weekly reports [47] on package
and toolchain fixes in the Stretch cycle. Week 35 [48] reports 30
packages were moved to reproducible state. 666 package reviews were
removed, 189 added, and 162 packages updated. 151 new packages have been identified as failing to build from source.
* Week 36 [49] reports 27 packages were moved to reproducible state.
131 package reviews were removed, 71 added, and 53 packages updated. 58
new packages have been identified as failing to build from source.
* Week 37 [50] reports 40 packages were moved to reproducible state.
134 package reveiws were removed, 30 added, and 37 packages updated. 20
new packages have been identified as failing to build from source.
* Week 38 [51] reports 30 packages were moved to reproducible state.
131 package reviews were removed, 85 added, and 32 packages updated. 29
new packages have been identified as failing to build from source.
* Week 39 [52] reports 12 packages were moved to reproducible state.
70 package reveiws were removed, 125 added, and 33 packages updated. 25
new packages have been identified as failing to build from source.
* Week 40 [53] reports 76 packages were moved to reproducible state.
54 package reveiws were removed, 36 added, and 17 packages updated. 30
new packages have been identified as failing to build from source.
* Week 41 [54] reports 21 packages were moved to reproducible state.
223 package reviews were removed, 111 added, and 86 packages updated. 36
new packages have been identified as failing to build from source.
* Week 42 [55] reports 45 packages were moved to reproducible state.
222 package reviews were removed, 110 added, and 50 packages updated. 35
new packages have been identified as failing to build from source.
35:
https://anarc.at/blog/2016-01-05-free-software-activities-december-2015/
36:
https://tracker.debian.org/redmine
37:
https://www.decadent.org.uk/ben/blog/debian-lts-work-december-2015.%0Ahtml
38:
https://lists.debian.org/debian-lts-announce/2015/12/msg00002.html
39:
https://chris-lamb.co.uk/posts/free-software-activities-in-december-%0A2015
40:
https://tracker.qa.debian.org/python-django
41:
http://honk.sigxcpu.org/con/Debian_Fun_in_December_2015.html
42:
https://raphaelhertzog.com/2015/12/31/my-free-software-activities-in-%0Adecember-2015/
43:
https://lists.debian.org/debian-lts/2016/01/msg00004.html
44:
https://lists.debian.org/debian-lts-announce/2015/12/msg00011.html
45:
https://skitterman.wordpress.com/2016/01/09/debian-lts-work-december-2015-%0A2/
46:
http://blog.alteholz.eu/2016/01/my-debian-activities-in-december-2015/
47:
https://people.debian.org/~lunar/blog/posts/
48:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_35/
49:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_36/
50:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_37/
51:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_38/
52:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_39/
53:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_40/
54:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_41/
55:
https://people.debian.org/~lunar/blog/posts/reproducible_builds_stretch_week_42/
Outside News
------------
Iain R. Learmonth shares [56] a great write up and summary of his time
at FOSDEM 2016, Jose M. Calhariz shares [57] a list of links to some of
the Talks offered that he attended and found interesting, and Steinar H. Gunderson relates [58] his time at FOSDEM 2016, his talk about
Nageru [59], and a shout-out to the networking team.
56:
http://iain.learmonth.me/after-fosdem-2016/
57:
http://blog.calhariz.com/post/2016/02/09/A-Selection-of-Talks-from-FOSDEM-2016
58:
http://blog.sesse.net/blog/tech/2016-01-31-22-48_back_from_fosdem.%0Ahtml
59:
https://nageru.sesse.net/
The Debian derivative HandyLinux [60] published its 2.3 " "Ian" [61]
release, so named in honour of Debian founder Ian Murdock.
60:
https://handylinux.org/
61:
http://blog.handylinux.org/article237/handylinux-2-3-ian-rajoute-une-%0Acouche-pour-l-hiver
Kali Linux [62], a penetration and testing Linux distribution
announced [63] its first rolling release. "After 5 months of testing our rolling distribution (and its supporting infrastructure), we're
confident in its reliability – giving our users the best of all worlds – the stability of Debian, together with the latest versions of the many outstanding penetration testing tools created and shared by the
information security community."
62:
https://www.kali.org/
63:
https://www.kali.org/releases/kali-linux-rolling-edition-2016-1/
Want to continue reading DPN?
-----------------------------
Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [64] to find out how to help. We're
looking forward to receiving your mail at
<
debian-publicity@lists.debian.org>.
64:
https://wiki.debian.org/ProjectNews/HowToContribute
This issue of Debian Project News was edited by The Publicity Team.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)
iQIcBAEBAgAGBQJWxrsgAAoJEOXsSsm9YnsFSxYP/3XtgY7FwWXL+fdp7cODMufO rgQsLDF723bkJsBVzszb7ez/UGdbVQ4rkUaZPUDZsBmARjq2OewPmgrio36kOVd+ hp3uRMAubfjHQFoEmCvETGZSO7HQ6FCf3Ei/LzVSbngNTSJyS5tNn2zVtpcvGO7q N6CcK0Bd2dxZckAXFRPf7ucVSS+ns75yqJR5w5gyDi0r7Q7x83KzCLvEAKvgu1YT w/XabH3ER52EqNUU9J/6zb5zWkJ5k4du3593CjTLVdl0DjODKpdnwp1zF0YAd1SP NRo691VPCy7etfiSxdGD8FXgCNHQUkQ0ziEBPTStw3boC+1hvJqVwGEdCLes6d4V FbOALt8Lqy6GbUi4eLzrSApBRKWb5IoqklcxHI2ye97cwsbhUzbJpXFnGZperEcu KFweKCh4CM6TnIbQ5JD1rh93sE1mhHFJbXyrBsTJwIvAHAlHf6wN93l8P4+hWEBW RTftboPt4F7VL4l7EEyloENh/GwQfAL3zRw/UcKVHJRIn0/WARw1eLPQdF8DSmbl aZkHlPxxHRyYvGwg5Ly2WCxUvznvhNtT/VqlHMpVI2iUgzbobAlvimp7xYVfsmu1 h9nPtcFUguPiezwu6r+Yzhyylkz9rtwjE5cSPX6BIffdlEGe4U6DU4eXyxx9YQMu xNnqz4ac8l/F1I26Ng6M
=U6LQ
-----END PGP SIGNATURE-----
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)