Changes

• myrepos: mention related software
• icns: OpenJPEG 2 fixes (1 2 3 4), fix minor buffer overrun
• check-all-the-things: fix cwd usage, dependencies updates (1, 2), increased verbosity, TODO items (for errcheck, coccinelle, DR.CHECKER, RATS, qmllint, xmlpatternsvalidator, gfapy-validate, phpstan, psalm, ansible-lint)
• spelling dictionaries:
  • codespell: delte, defualt, Debiab, aiffer, syntesis, reprociblbe, thether, suport, mimimum, isssue, reseting
  • lintian: delte, Debiab, aiffer, syntesis, reprociblbe
• Debian Planets: add BCCD, Pardus
• Debian derivatives census: improve db handling
• Debian PTS: fix backports issue
• Debian member portfolio: https (1, 2, 3), drop alioth files, fix duck & lists search
• Debian security tracker: BlueBourne NFUs, u-boot issues, kanboard CVE list fixes, fix version typo
• Debian puppet: SSL exception (1, 2), comment fixes
• Debian website: add missing section title
• Debian wiki pages: AutomaticPackagingTools, CrossCompiling, DebianDevelopment, DebianLive/buster, DebianYeeloong/ko, Derivatives/Census (QA, BCCD, EmmabuntusDE (1, 2), ev3dev, Netrunner (1, 2), Pardus), DeveloperNews, Diagrams, EmDebian/CrossDebootstrap, InstallingDebianOn/Asus/Transformer T300 Chi/Stretch, IRC, JamesAmontgomery, JensKorte/reportbug-by-mail, LocalGroupsTemplate, Mobile, MultimediaFetchingTools, OfflineMasterKey (1, 2), Outreachy/Round15 (Projects/SocialEventAndConferenceCalendars), PaulWise/InterestingSoftware, PortTemplate, qa.debian.org, research/publications, RISC-V, Sprints/2017/DebianCloudOct2017, SystemBuildTools, Teams (Dpkg/FAQ, Publicity/micronews, ReleaseTeam/ReleaseCheckList), template
• File Formats wiki pages: ZED (1, 2)

Issues

• Crashes in firefox-esr, lugaru, minetest-mod-animals
• Conffile removal in fonts-beng-extra
• Upstream renamed openggsn
• Strictness in ftp.d.o
• Features in unattended-upgrades
• Missing hashes in caffeine-developers PPA
• Missing conffile removal in di-netboot-assistant
• Incorrect upgrades in unattended-upgrades
• Incorrect URL in reproducible-check
• Verbosity in github-backup
• Minor issues in unattended-upgrades
• Usability issue in Firefox
• Upstreaming needed for Hone Linux-Sensor
• New upstream version of samba

Review

• Spam: reported 1 LWN comment, 5 Debian bug reports and 338 Debian mailing list posts
• Debian packages: sponsored minetest-mod-unifieddyes 20170925-1
• Debian wiki: RecentChanges for the month
• Debian screenshots:
  • approved banshee, blender, bsdgames, chromium, eficas, elpa-visual-fill-column, elpa-writegood-mode, glirc, gnome-builder, gnome-shell-extension-taskbar, gwenview, knocker, krita, ksysguard, masscan, mediainfo-gui, mousepad, mysql-workbench, nitrogen, ola, pavucontrol, qupzilla, tiger, transmission-gtk, virtualbox, vlc, wavemon, wfuzz
  • deleted mysql-workbench (ugly, Windows), udisks2 (of other software)
  • rejected elpa-* (MacOS and taken from upstream), 0ad (RPi logo), synaptic (weird overlaid stuff), dehydrated (hilarious but not a screenshot), di-netboot-assistant (of other software), wfuzz (help output)
  • approved deletion of udisks2 (of other software), scottfree (manual page), agenda.app (of other software)
  • rejected deletion of reportbug/abe/nlkt (bogus reason)

Administration

• icns: merged patches
• Debian: help guest user with access, investigate/escalate broken network, restart broken stunnels, investigate static.d.o storage, investigate weird RAID mails, ask hoster to investigate power issue,
• Debian mentors: lintian/security updates & reboot
• Debian wiki: merged & deployed patch, redirect DDTSS translator, redirect user support requests, whitelist email addresses, update email for accounts with bouncing email,
• Debian derivatives census: merged/deployed patches
• Debian PTS: debugged cron mails, deployed changes, reran scripts, fixed configuration file
• Openmoko: debug reboot issue, debug load issues

Communication

• Inform derivatives that are using Alioth about the pending shutdown
• Inquire about Netrunner, Pardus in the Debian derivatives census.
• Invite OB2D Linux to the Debian derivatives census
• Welcome Rohan Garg (of Netrunner), Aaron Weeden (of BCCD), Muhammet Kara (of Pardus) to the Debian derivatives census

Sponsors The samba bug was sponsored by my employer. All other work was done on a volunteer basis.

Changes

• myrepos: fix syntax error
• spelling dictionaries:
  • codespell: wipoing, formend, localation
  • lintian: wipoing, formend, localation
• Debian Planets: add GreenboneOS, Purism PureOS, update Kali logo
• Debian derivatives census: noise removal (1, 2)
• Debian debcheck: update for Debian Policy 4.0.1
• Debian security tracker: glibc CVE-2017-12133
• Debian TLS: video.d.n cert
• Debian puppet: deb.d.o & trailing slashes, video.d.n https
• Debian package uploads: gravitation, passage, primrose, glewmx
• Debian wiki config: drop blacklist for reading (got reverted later), whitespace
• Debian wiki pages: CarstenSchoenert, CrossGrading, Debtags/FAQ, dedup.debian.net, Derivatives (Meetings, Census (Template, BlankOn, CumulusLinux, EmmabuntusDE, GNUSTEP, GreenboneOS, PureOS, Purism (1, 2), SparkyLinux)), DeveloperNews (1, 2), DioPutra, fakechroot, Games, MasterBootRecord, Mobile (1, 2), PaulWise (InterestingSoftware), qa.debian.org, research/publications, SSH, Statistics, Steam, SystemBuildTools, Teams (DebianPerlGroup/OpenTasks, ReleaseTeam (ReleaseCheckList)), TedMarynicz
• Debian website scripts: whitespace fix
• DebConf wiki pages: DebConf17/Accommodation

Issues

• Crashes in mc, aspell, gnome-software
• Umask in cowbuilder
• Errors in confclerk
• Embedded code copies in samba
• Renaming of qupzilla
• Race conditions in gnome-shell-extension-show-ip
• Broken links in debian-policy
• Missing debtags in ftp.debian.org
• Configuration mixing in grub-pc
• Dependency issues in anarchism, fortune-anarchism
• Security issues in SKS keyserver network
• Conffile issues in libqt5gui5
• Weirdness in gdb

Review

• Spam: reported 1 Debian bug reports and 336 Debian mailing list posts
• Debian wiki: RecentChanges for the month
• Debian screenshots:
  • approved amule, audacious, bochs-wx, bochs-x, clipit, conkeror, drumgizmo, gfpoken, gtk-3-examples, julia, kmines, mnemosyne, nedit, pidgin-otr, qdirstat, scram-gui, scram, tcvt, wine, xli
  • rejected doom-wad-shareware (non-free), scram-gui (wrong software?)
  • approved deletion of gtk3-nocsd
  • rejected deletion of drumgizmo (we do not remove old screenshots)

Administration

• myrepos: get commit/admin access from joeyh at DebConf17, add commit/admin access for other patch submitters, apply my stack of patches
• Debian: fix weird log file issues, redirect hardware donor, cleaned up a weird dir, fix some OOB info, ask for TLS on meetings-archive.d.n, check an I/O error, restart broken stunnels, powercycle 1 borked machine,
• Debian mentors: lintian/security updates & reboot
• Debian wiki: remove some stray cache files, whitelist 3 email domains, whitelist some email addresses, disable 1 spammer account, disable 1 accounts with bouncing email,
• Debian QA: apply patch to fix PTS watch file errors, deploy changes
• Debian derivatives census: run scripts for Purism, remove some noise from logs, trigger a recheck, merge fix by Unit193, deploy changes
• Openmoko: security updates, reboots, enable unattended-upgrades

Communication

• Attended DebConf17 and provided some input in BoFs
• Sent Misc Dev News #44
• Invite Google gLinux (on IRC) to the Debian derivatives census
• Welcome Sven Haardiek (of GreenboneOS) to the Debian derivatives census
• Inquire about the status of Canaima

Sponsors The samba bug report was sponsored by my employer. All other work was done on a volunteer basis.

Changes

• apt: more flexible timing (1, 2, 3), /org to /srv
• apt-offline: remove generated files
• check-all-the-things: add more shell checks
• spelling dictionaries:
  • codespell: bettery, ciruit(s), debugginf, treshold, actuion(able), apendix, behaivior, confimred, meaningfull, registeres, sence, systen, tryed, infrasctructure, current(ly), defaut, pedning, variabele, upstreamedd, nework, ouput
  • lintian: resistence, bettery, ciruit(s), debugginf, actuion, actuionable, apendix, behaivior, confimred, finaly, meaningfull, registeres, sence, systen, tryed, infrasctructure, currnt(ly), defaut, pedning, variabele, upstreamedd
• Debian security tracker: add gsoap CVE-2017-9765
• Debian puppet: stretch fixes (1, 2), failed attempt to kill a mail flood, disable web cache backups
• Debian QA services: email update, https for lintian.d.o, fix issue with by-hash
• Debian build log scanner: https, html log links, ignore uploaders brokenness
• Debian Planets: https for Grml, add Zevenet, Deepin, remove HandyLinux
• Debian website: use ISO dates, no https for archive.d.o
• Debian package uploads: flasm 1.62-8
• Debian wiki pages: DebianDay/2017/Venezuela/Caracas, Derivatives/Census (Template, Deepin, Grml, HandyLinux, Proxmox, SELKS, xanadu, Zevenet), Hardware/Wanted, Infinity0, IRC, JavierFernandezSanguino, LocalGroups/Debian-CN, LTS/Team, MemberBenefits, Mobile, PaulWise/InterestingSoftware, qa.debian.org, ReleasePartyStretch/India/Hyderabad/MGIT, SystemBuildTools
• DebConf wiki pages: DebConf17/DebconfShirts

Issues

• Crashes in MoinMoin, aspell
• Missing sources in apt-offline (reported privately)
• Malformed data in ftp.d.o
• Debug symbols in perl
• Media playback in gstreamer
• Race condition in dehydrated
• Weird errors in translate-shell

Review

• Spam: reported several Debian bug reports and 359 Debian mailing list posts
• Debian wiki: RecentChanges for the month
• Debian screenshots:
  • approved baresip, blender, caja-dropbox, cups, fastnetmon, firetools, fonts-firacode, freecad, gemrb-baldurs-gate-2, gjiten, gscan2pdf, kdevelop, ketm, liguidsoap, lordsawar, mdadm, minizinc-ide, mupdf, musique, nautilus-dropbox, pcsxr, projectl, quiterss, rafkill, redis-server, redshift-gtk, residualvm, sigil, sqlitebrowser, surf, trigger-rally, virtualbox, vis, vizigrep, vokoscreen, xinv3d, yarssr
  • approved deletion of phototonic (Windows screenshot), pipebench (inappropriate background), autossh/gtk3-nocsd (not the package)
  • rejected deletion of muon-discover (we do not remove old screenshots), apt (not a bug reporting site)

Administration

• Debian: fsck/reboot a buildd, reboot a segfaulting buildd, report/fix broken hoster contact, ping hoster about down machines, forcibly reset backup machine, merged cache patch for network-test.d.o, do some samhain dances, fix two stunnel services, update an IP address in LDAP, fix /etc/aliases on one host, reboot 1 non-responsive VM
• Debian mentors: security updates, reboot
• Debian wiki: whitelist several email addresses
• Debian build log scanner: deploy my changes
• Debian PTS: deploy my changes
• Openmoko: security updates & reboots

Communication

• Ping Advogato users on Planet Debian about updating/removing their feeds since it shut down
• Invite deepin to the Debian derivatives census
• Welcome Deepin to the Debian derivatives census
• Inquire about the status of GreenboneOS, HandyLinux

Sponsors All work was done on a volunteer basis.

Changes

• popularity-contest: update links (1, 2)
• duck: more moved expressions, fix website moved code, fix error message
• check-all-the-things: add clamscan & update C TODO item
• switch from /org to /srv: devscripts: devscripts, dsa-puppet, userdir-ldap, wanna-build, debian-cd (incorrectly attributed), d-i, Debian keyring
• spelling dictionaries:
  • codespell: tomorrrow, tage, upgradingn, downgrate(d), keyworkd(s), encrytion, pyton, flie, developp(e/ement), criticial, colums
  • lintian: tomorrrow, tage, upgradingn, downgrate(d), keyworkd(s), pyton, developp(e), severly
• riscv-isa-manual: typos, update links
• Debian Planets: add AIMS Desktop (logo/feed), Zevenet logo, update Serbian Linux logo, Wazo logo
• Debian derivatives census: reduce warnings noise, add fixme to reduce noise
• Debian security tracker: glibc embeds unicode-data
• Debian portfolio: several changes, none merged yet
• Debian QA services: clean up backports (1, 2), update debian-policy versions, fix typo
• Debian package tracker: strip spaces (1, 2)
• Debian puppet: d-i install guide sudo, generic http service disable, UTF-8 for text files
• Debian website: link to unofficial merchandise, derivatives updates, say debian-www is public, https fixes (1, 2), indentation fixes
• Debian wiki pages: Alioth/GitNext, CrossGrading, DDPortfolio, DebianArt/RequestArtwork, DebianEdu/Documentation/Stretch/HowTo/Administration, DebianJessie, DebianLocations, DebianOldStable, DebianReleases, DebianStable, DebianStretch, DebianUpgrade, Derivatives/Census (AIMS_Desktop, SerbianLinux), DeveloperNews, Exploits, FreedomBox/LeavingTheCloud, Hardware/Wanted, InstallingDebianOn (Dell, Lenovo), manpages.debian.org, Merchandise, Mobile, MultimediaFetchingTools, OpenVPN, PaulWise/InterestingSoftware, ReleasePartyStretch, (Brasil/Parauapebas Greece/Thessaloniki, India/Cochin, Italy/Magione, Italy/Quiliano, Italy/Quiliano, Italy/Varese, UK/Oxford, USA/Atlanta, USA/WashingtonDC), Sprints/2017/OpenStack%20meeting%20and%20sprint%20at%20DebCamp17, SuitesAndReposExtension (1, 2), SystemBuildTools, Teams/Auditor/Organizations, Teams/DebianCD/ReleaseTesting/Stretch, Teams/ReleaseTeam/ReleaseCheckList (1, 2, 3)

Issues

• Viruses/spam/phishing in libmail-deliverystatus-bounceparser-perl
• Crash in gnome-shell
• Outdated docs in ftp.debian.org
• Encoding issues in ftp.debian.org
• Hardcoding in Config::Model::Dpkg
• Link updates in popularity-contest
• Features in debsources
• New versions of spark
• Conffile removal in openvpn
• Prebuilt files in VCS in riscv-isa-manual (1, 2)
• Embedded code copies in riscv-isa-manual
• Verbosity in spamassassin

Review

• Spam: reported 2 LWN comments, 3 Debian bug reports and 315 Debian mailing list posts
• Debian packages: sponsored acr, tudu
• Debian wiki: RecentChanges for the month
• Debian screenshots: tint2, smtube, plasma-discover, vim-gtk3, teeworlds-server, virtualbox, convertall, foxtrotgps, cyclograph-gtk3, gtk3-nocsd, redshift-gtk, pd-iem, gnome-dictionary, gnome, hatari, network-manager-l2tp, network-manager-l2tp-gnome, gnome-terminal, gnome-system-monitor, arandr, codelite, yelp, gnome-nibbles, dconf-editor, yakuake, cavepacker, solaar, figlet, slic3r, printrun, gtkhash
  • rejected aaphoto (manual page, usage text), ne (macOS screenshot), protracker (Amiga screenshot), lwm (upstream screenshot), mdadm (help output)
  • approved deletion of protracker (Amiga screenshot)
  • approved deletion (despite bogus reason) of phylip (logo not screenshot, reason not translatable from Spanish)
  • rejected deletion of tora/bsdgames/unity (bogus reason)

Administration

• Debian: redirect 2 users to support channels, redirect 1 person to the mirrors team, investigate SMTP TLS question, fix ACL issue, restart dead exim4 service
• Debian mentors: service restarts, security updates & reboot
• Debian QA: deploy my changes
• Debian website: release related rebuilds, rebuild installation-guide
• Debian wiki: whitelist several email addresses, whitelist 1 domain
• Debian package tracker: deploy my changes
• Debian derivatives census: deploy my changes
• Openmoko: security updates & reboots.

Communication

• Help with the live coverage of the Debian stretch release
• Invite Zevenet to the Debian derivatives census
• Welcome AIMS Desktop, Zevenet to the Debian derivatives census
• Inquire about the status of Inquisitor
• Inform Debian derivatives about the Debian stretch release, DebConf events

Sponsors All work was done on a volunteer basis.

When invoking this function, be careful not to interpolate arguments into the string run by the shell, such as Exec::shell(format!("sort ", filename)). Such code is prone to errors and, if filename comes from an untrusted source, to shell injection attacks. Instead, use Exec::cmd("sort").arg(filename).

fn copyright_fromgit(repo: &str) -> Result<Vec<String>>  
    let tempdir = TempDir::new_in(".", "debcargo")?;
    Exec::cmd("git")
     .args(&["clone", "--bare", repo, tempdir.path().to_str().unwrap()])
     .stdout(subprocess::NullFile)
     .stderr(subprocess::NullFile)
     .popen()?;
    let author_process =  
        Exec::shell(OsStr::new("git log --format=\"%an <%ae>\"")).cwd(tempdir.path())  
        Exec::shell(OsStr::new("sort -u"))
     .capture()?;
    let authors = author_process.stdout_str().trim().to_string();
    let authors: Vec<&str> = authors.split('\n').collect();
    let mut notices: Vec<String> = Vec::new();
    for author in &authors  
        let author_string = format!("--author= ", author);
        let first =  
            Exec::cmd("/usr/bin/git")
             .args(&["log", "--format=%ad",
                    "--date=format:%Y",
                    "--reverse",
                    &author_string])
             .cwd(tempdir.path())   Exec::shell(OsStr::new("head -n1"))
         .capture()?;
        let latest =  
            Exec::cmd("/usr/bin/git")
             .args(&["log", "--format=%ad", "--date=format:%Y", &author_string])
             .cwd(tempdir.path())   Exec::shell("head -n1")
         .capture()?;
        let start = i32::from_str(first.stdout_str().trim())?;
        let end = i32::from_str(latest.stdout_str().trim())?;
        let cnotice = match start.cmp(&end)  
            Ordering::Equal => format!(" ,  ", start, author),
            _ => format!(" - ,  ", start, end, author),
         ;
        notices.push(cnotice);
     
    Ok(notices)
 

Why not GitLab? While this may come as a surprise to some who would expect Debian to use the more popular GitLab project, the discussion and decision actually took place a while back. During a lengthy debate last year, Debian contributors discussed the relative merits of different code-hosting platforms, following the initiative of Debian Developer "Pirate" Praveen Arimbrathodiyil to package GitLab for Debian. At that time, Praveen also got a public GitLab instance running for Debian (gitlab.debian.net), which was sponsored by GitLab B.V. the commercial entity behind the GitLab project. The sponsorship was originally offered in 2015 by the GitLab CEO, presumably to counter a possible move to GitHub, as there was a discussion about creating a GitHub Organization for Debian at the time. The deployment of a Debian-specific GitLab instance then raised the question of the overlap with the already existing git.debian.org service, which is backed by Alioth's FusionForge deployment. It then seemed natural that the new GitLab instance would replace Alioth. But when Praveen directly proposed to move to GitLab, Wirt stepped in and explained that a migration plan was already in progress. The plan then was to migrate to a simpler gitolite-based setup, a decision that was apparently made in corridor discussions surrounding the Alioth Git replacement BoF held during Debconf 2015. The first objection raised by Wirt against GitLab was its "huge number of dependencies". Another issue Wirt identified was the "open core / enterprise model", preferring a "real open source system", an opinion which seems shared by other participants on the mailing list. Wirt backed his concerns with an hypothetical example:

Debian needs feature X but it is already in the enterprise version. We make a patch and, for commercial reasons, it never gets merged (they already sell it in the enterprise version). Which means we will have to fork the software and keep those patches forever. Been there done that. For me, that isn't acceptable.

This concern was further deepened when GitLab's Director of Strategic Partnerships, Eliran Mesika, explained the company's stewardship policy that explains how GitLab decides which features end up in the proprietary version. Praveen pointed out that:

[...] basically it boils down to features that they consider important for organizations with less than 100 developers may get accepted. I see that as a red flag for a big community like debian.

Since there are over 600 Debian Developers, the community seems to fall within the needs of "enterprise" users. The features the Debian community may need are, by definition, appropriate only to the "Enterprise Edition" (GitLab EE), the non-free version, and are therefore unlikely to end up in the "Community Edition" (GitLab CE), the free-software version. Interestingly, Mesika asked for clarification on which features were missing, explaining that GitLab is actually open to adding features to GitLab CE. The response from Debian Developer Holger Levsen was categorical: "It's not about a specific patch. Free GitLab and we can talk again." But beyond the practical and ethical concerns, some specific features Debian needs are currently only in GitLab EE. For example, debian.org systems use LDAP for authentication, which would obviously be useful in a GitLab deployment; GitLab CE supports basic LDAP authentication, but advanced features, like group or SSH-key synchronization, are only available in GitLab EE. Wirt also expressed concern about the Contributor License Agreement that GitLab B.V. requires contributors to sign when they send patches, which forces users to allow the release of their code under a non-free license. The debate then went on going through a exhaustive inventory of different free-software alternatives:

• GitLab, a Ruby-based GitHub replacement, dual-licensed MIT/Commercial
• Gogs, Go, MIT
• Gitblit, Java, Apache-licensed
• Kallithea, in Python, also supports Mercurial, GPLv3
• and finally, pagure, also written Python, GPLv2

A feature comparison between each project was created in the Debian wiki as well. In the end, however, Praveen gave up on replacing Alioth with GitLab because of the controversy and moved on to support the pagure migration, which resolved the discussion in July 2016. More recently, Wirt admitted in an IRC conversation that "on the technical side I like GitLab a lot more than pagure" and that "as a user, GitLab is much nicer than pagure and it has those nice CI [continuous integration] features". However, as he explained in his blog "GitLab is Opencore, [and] that it is not entirely opensource. I don't think we should use software licensed under such a model for one of our core services" which leaves pagure as the only stable candidate. Other candidates were excluded on technical grounds, according to Wirt: Gogs "doesn't scale well" and a quick security check didn't yield satisfactory results; "Gitblit is Java" and Kallithea doesn't have support for accessing repositories over SSH (although there is a pending pull request to add the feature). In an email interview, Sid Sijbrandij, CEO of GitLab, did say that "we want to make sure that our open source edition can be used by open source projects". He gave examples of features liberated following requests by the community, such as branded login pages for the VLC project and GitLab Pages after popular demand. He stressed that "There are no artificial limits in our open source edition and some organizations use it with more than 20.000 users." So if the concern of the Debian community is that features may be missing from GitLab CE, there is definitely an opening from GitLab to add those features. If, however, the concern is purely ethical, it's hard to see how an agreement could be reached. As Sijbrandij put it:

On the mailinglist it seemed that some Debian maintainers do not agree with our open core business model and demand that there is no proprietary version. We respect that position but we don't think we can compete with the purely proprietary software like GitHub with this model.

Working toward a pagure migration The issue of Alioth maintenance came up again last month when Boyuan Yang asked what would happen to Alioth when support for Debian LTS (Wheezy) ends next year. Wirt brought up the pagure migration proposal and the community tried to make a plan for the migration. One of the issues raised was the question of the non-Git repositories hosted on Alioth, as pagure, like GitLab, only supports Git. Indeed, Ben Hutchings calculated that while 90% (\~19,000) of the repositories currently on Alioth are Git, there are 2,400 SVN repositories and a handful of Mercurial, Bazaar (bzr), Darcs, Arch, and even CVS repositories. As part of an informal survey, however, most packaging teams explained they either had already migrated away from SVN to Git or were in the process of doing so. The largest CVS user, the web site team, also explained it was progressively migrating to Git. Mattia Rizzolo then proposed that older repository services like SVN could continue running even if FusionForge goes down, as FusionForge is, after all, just a web interface to manage those back-end services. Repository creation would be disabled, but older repositories would stay operational until they migrate to Git. This would, effectively, mean the end of non-Git repository support for new projects in the Debian community, at least officially. Another issue is the creation of a Debian package for pagure. Ironically, while Praveen and other Debian maintainers have been working for 5 years to package GitLab for Debian, pagure isn't packaged yet. Antonio Terceiro, another Debian Developer, explained this isn't actually a large problem for debian.org services: "note that DSA [Debian System Administrator team] does not need/want the service software itself packaged, only its dependencies". Indeed, for Debian-specific code bases like ci.debian.net or tracker.debian.org, it may not make sense to have the overhead of maintaining Debian packages since those tools have limited use outside of the Debian project directly. While Debian derivatives and other distributions could reuse them, what usually happens is that other distributions roll their own software, like Ubuntu did with the Launchpad project. Still, Paul Wise, a member of the DSA team, reasoned that it was better, in the long term, to have Debian packages for debian.org services:

Personally I'm leaning towards the feeling that all configuration, code and dependencies for Debian services should be packaged and subjected to the usual Debian QA activities but I acknowledge that the current archive setup (testing migration plus backporting etc) doesn't necessarily make this easy.

Wise did say that "DSA doesn't have any hard rules/policy written down, just evaluation on a case-by-case basis" which probably means that pagure packaging will not be a blocker for deployment. The last pending issue is the question of the mailing lists hosted on Alioth, as pagure doesn't offer mailing list management (nor does GitLab). In fact, there are three different mailing list services for the Debian project:

• the main service, lists.debian.org, running ~~Mailman 2~~ SmartList and managed by hand
• the Alioth service, lists.alioth.debian.org, running Mailman 2 and managed by FusionForge
• the Debconf service, lists.debconf.org, also running Mailman 2

Wirt, with his "list-master hat" on, explained that the main mailing list service is "not really suited as a self-service" and expressed concern at the idea of migrating the large number mailing lists hosted on Alioth. Indeed, there are around 1,400 lists on Alioth while the main service has a set of 300 lists selected by the list masters. No solution for those mailing lists was found at the time of this writing. In the end, it seems like the Debian project has chosen pagure, the simpler, less featureful, but also less controversial, solution and will use the same hosting software as their fellow Linux distribution, Fedora. Wirt is also considering using FreeIPA for account management on top of pagure. The plan is to migrate away from FusionForge one bit at a time, and pagure is the solution for the first step: the Git repositories. Lists, other repositories, and additional features of FusionForge will be dealt with later on, but Wirt expects a plan to come out of the upcoming sprint. It will also be interesting to see how the interoperability promises of pagure will play out in the Debian world. Even though the federation features of pagure are still at the early stages, one can already clone issues and pull requests as Git repositories, which allows for a crude federation mechanism. In any case, given the long history and the wide variety of workflows in the Debian project, it is unlikely that a single tool will solve all problems. Alioth itself has significant overlap with other Debian services; not only does it handle mailing lists and forums, but it also has its own issue tracker that overlaps with the Debian bug tracking system (BTS). This is just the way things are in Debian: it is an old project with lots of moving part. As Jonathan Dowland put it: "The nature of the project is loosely-coupled, some redundancy, lots of legacy cruft, and sadly more than one way to do it." Hopefully, pagure will not become part of that "legacy redundant cruft". But at this point, the focus is on keeping the services running in a simpler, more maintainable way. The discussions between Debian and GitLab are still going on as we speak, but given how controversial the "open core" model used by GitLab is for the Debian community, pagure does seem like a more logical alternative.

Note: this article first appeared in the Linux Weekly News.

Changes

• how-can-i-help: fix home dir handling
• apt: fix crashes in daily script (1, 2)
• autorevision: sed format, generate logo
• https-everywhere: add cdimage/get/cloud
• myrepos: fix home dir handling, vis: pass arguments to the commands
• whowatch: cleanups (1, 2, 3)
• coreboot: intelmetool cleanups (1, 2, 3)
• iotop: fix crash when time goes backwards (1, 2)
• check-all-the-things: add leaktracer, tmperamental, pycodestyle, remove ghc-mod, add MIME types, update docs (1, 2), embed-dirs, proselint, fix formatting, portability, wording, cmdline, extensions, no matching files remarks, safety (tmp flag, root flag, luacheck, puppet-lint, epubcheck, erl_tidy, complexity, rpmlint, ocaml-lintian), release (1, 2)
• spelling dictionaries:
  • codespell: merory, dislaimer, cleean, accets, accet, skept, beetwen, bracese, gettetx, acknoledge(d), alternarive, architecure(s), architeture(s), archtecture(s), automaitc, automaitcally, backupped, bitwise-orring, buil, buipd, checkum(s), commmand, conent(s), confict(s/ed), consitency, continuting, corerct(ly), critcial, custome, damge, databse, deaemon, decleration, defninition(s), depency, derefencing, derivaties, divertion(s), documemt, dowgrade, dulicate, efective(ly), excplicit(ly), exlicite(ly), extrac, extracing, homapage, hopefuly, initalized, initliaze(d/r),inoquous, instad, installe, interst(s), japanses, keyowrd, likewis, meanin, meaninful, multilpe, necessay, negatve, objump, obselete, obsure, outweight(s), overide, packge, paralellization, paritial, pasteing, pathnme, piority, popullate(d), portguese, positve, processig, promt(s), psaswd, reapper(ed/ing), recusion, refector(ing), referene(s), reoport, scritpt(s), selecton(s), seperator(s), serach, silenty, simulantaneous(ly), situtation, soure(s), specidic, specifyied, spectular(ly), srcipt(s), statictic(s), symbsol(s), triggerd, unued, updat(s), updgrade, vietnamesea, was't, temmporary, rouge, certficate, documetnation, verticies, bultin, additionnal, messge, inlcude(d), firts, thant, differents, positionn, positionned, ressources, softwares, foppy, geometrie, cleanpu, cleanpus, hadling, syncting, conrtib, delivative(s), skelton, appliction(s), catched, downlod(s/ing), informations, complet(ly), aligne(ment)
  • lintian: merory, dislaimer, cleean, accets, accet, skept, beetwen, bracese, gettetx, alternarive, architecure(s), architeture(s), archtecture(s), automaitc(ly), backupped, bitwise-orring, buil, buipd, checkum(s), confict(ed/s), consitency, continuting, corerct(ly), critcial, custome, damge, databse, deaemon, decleration, defninition(s), derefencing, derivaties, divertion(s), documemt, dowgrade, dulicate, efective(ly), excplicit(ly), exlicite(ly), extrac(ing), homapage, initalizer, initliaze(d/r), inoquous, instad, installe, interst(s), japanses, keyowrd, likewis, meanin(ful), multilpe, necessay, negatve, objump, obselete, outweight(s), paralellization, paritial, pasteing, pathnme, piority, popullate(d), portguese, processig, promt, promts, psaswd, reapper(ed/ing), recusion, refector(ing), referene(s), reoport, scritpt(s), selecton(s), seperators, serach, silenty, simulantaneous(ly), situtation, specidic, specifyied, spectular(ly), srcipt(s), statictic(s), symbsol(s), triggerd, unued, updat(s), updgrade, vietnamesea, was't, temmporary, rouge, documetnation, bultin, firts, thant, positionn, foppy, geometrie, cleanpu, cleanpus, hadling, syncting, ubutunu, conrtib, delivative(s), skelton, downlod(s/ing), complet, aligne
• Debian derivatives census: prefer long options, minimise diff output
• Debian QA: httpredir.d.o to deb.d.o
• Debian PTS: abbreviate newcomer to NC, add help to bugs panel, rework the patches panel (1, 2, 3, 4, 5), move Ubuntu items, add UbuntuDiff link, add derivs patches link (1, 2), add possible patches, strip bad white-space
• Debian DNS: add cloud.debian.org
• Debian admin wiki: fix path
• Debian meta-packages: fix debian.org-sources.debian.org
• Debian website: update merchandise information (1, 2, 3), update donations information, fix version for jessie ISOs, update an email address, enable release notes links (1, 2, 3), update cdimage links to https, update planeta links to planet es
• Debian userdir-ldap: fix default keyrings
• Debian DNS helpers: use yaml.safe_load
• Debian Fastly: use yaml.safe_load
• Debian mini-nag: use yaml.safe_load
• Debian DSA misc: use yaml.safe_load
• Debian nagios: use yaml.safe_load
• Debian ud: disable guest RTC accounts
• Debian userdir-ldap: disable guest RTC accounts
• Debian NM: fix graphs location
• Debian package uploads: check-all-the-things 2017.05.20
• Debian wiki pages: AlejandroRios, BrenoLeitao, CategoryPackaging, DataBase/Oracle, DebianDocumentation, (fr, it), DebianMentorsNet, DebianResources (es, zh_CN), DebianSpanish/Devel, DebianTaiwan/ocf.tw/TrustedOrganizationCriteria, Derivatives (Integration, Census Template, BlankOn, Parsix, VoyageLinux, VyOS), Exploits, Glossary (ja), Hardware/Certification (1, 2), HidekiYamane/memo, InstallingDebianOn, KevinMark, MaliGraphics, MemberBenefits, Mobile/BoF201708, NotSoFAQ, PaulWise/InterestingSoftware, PortsDocs/BootstrappingFPC, Promote/ButtonsAndBanners, ReleaseParty (SuiteTemplate, Stretch (Germany/Berlin, Germany/Darmstadt, USA/Atlanta), ReproducibleBuilds, ReproducibleInstalls, research/publications, SuitesAndReposExtension, tahoma, Teams (Auditor/Organizations, ReleaseTeam/ReleaseCheckList), UnofficialRepositories, ZRam

Issues

• Crashes in evolution, gnome-disk-utility
• Debian testing removal of check-all-the-things (1, 2)
• Move firefoxdriver from Debian non-free to main
• Normal issues in gnome-shell-timer
• Features in tmperamental, installation-birthday, multistrap, dnssec-trigger
• Broken source packages in Devuan (firejail)
• Broken bug handling in Devuan BTS
• Incorrect redirects in Devuan archive
• Typos in hadori
• Documentation issues in leaktracer, hlint
• Shell issues in leaktracer, tmperamental
• Security issues in cme (expanded from issues reported by Jakub Wilk), node-brace-expansion, MoinMoin Color2 macro, pastebinit
• Minor issues in dman
• Outdated info in www.debian.org
• Warnings in intelmetool
• Missing dependencies in samba-common-bin

Review

• Spam: reported 3 LWN comments, 4 Debian bug reports and 224 Debian mailing list posts
• Debian wiki: RecentChanges for the month
• Debian screenshots:
  • approved ansiweather, asunder, batmon.app, binstats, blinken, boomaga, caca-utils, camera.app, catimg, fontmanager.app, gnome-maps, gnunet-gtk, goldendict, handbrake, heaptrack-gui, iagno, irussian, kapman, katarakt, kolourpaint, kup-backup, lcrt, libts-bin, nuttcp, out-of-order, paris-traceroute, parole, pdmenu, pnmixer, polari, pong2, potool, psensor, qspeakers, quicktime-x11utils, qv4l2, radeontool, radeontop, read-edid, runlim, scram, screenfetch, silversearcher-ag, slmon, smem, smemcap, sndfile-programs, strace, subnetcalc, sweeper, symlinks, sysinfo, tiptop, trabucco, tree, unicode, wmfsm, wmgtemp, xara-gtk, xsysinfo,
  • deleted nsis (not a screenshot),
  • rejected gtkwave/gwave/jed/ktuberling/jaxe/irsim/algobox/qrouter/webcamoid/luminance-hdr/ricochet-im (copied from upstream), yosys (web page screenshot), xdu (not a useful screenshot), libts-bin (not a screenshot)
  • approved deletion of arandr (copied from upstream, also "Doesn't represent true program.") pennmush (logo not a screenshot)
  • approved deletion (despite bogus reason) of qspeakers (window decorations fine, duplicate)
  • rejected deletion (despite valid reason) of borgbackup (no other screenshots)
  • rejected deletion of synaptic (garbage in reason field)

Administration

• Debian: discuss mail bounces with a hoster, check perms of LE results, add 1 user to a group, re-sent some TLS cert expiry mail, clean up mail bounce flood, approve some debian.net TLS certs, do the samhain dance thrice, end 1 samhain mail flood, diagnose/fix LDAP update issue, relay DebConf cert expiry mails, reboot 2 non-responsive VM, merged patches for debian.org-sources.debian.org meta-package,
• Debian mentors: lintian/security updates & reboot
• Debian wiki: delete stray tmp file, whitelist 14 email addresses, disable 1 accounts with bouncing email, ping 3 persons with bouncing email
• Debian website: update/push index/CD/distrib
• Debian QA: deploy my changes, disable some removed suites in qadb
• Debian PTS: strip whitespace from existing pages, invalidate sigs so pages get a rebuild
• Debian derivatives census: deploy changes
• Openmoko: security updates & reboots.

Communication

• Invite Purism (on IRC), XBian (also on IRC), DuZeru to the Debian derivatives census
• Respond to the shutdown of Parsix
• Report BlankOn fileserver and Huayra webserver issues
• Organise a transition of Ubuntu/Endless Debian derivatives census maintainers
• Advocate against Debian having a monopoly on hardware certification
• Advocate working with existing merchandise vendors
• Start a discussion about Debian membership in other organisations
• Advocate for HPE to join the LVFS & support fwupd

Sponsors All work was done on a volunteer basis.

• Include Debian patches, re-introducing GNU/Hurd and GNU/kFreeBSD support. Thanks to various porters on #debian-ports and #debian-hurd for feedback (esp. Paul Wise, James Clark, and Samuel Thibault).
• Revert "Switch from using libNX_X11's deprecated XKeycodeToKeysym() function to using XGetKeyboardMapping()."
• Mark XKeycodeToKeysym() function as not deprecated in libNX_X11 as using XGetKeyboardMapping() (as suggested by X.org devs) in nxagent is no option for us. XGetKeyboardMapping() simply creates far too many round trips for our taste.

• Debian: deb http://packages.arctica-project.org/debian jessie,stretch,sid main
• Ubuntu: deb http://packages.arctica-project.org/ubuntu trusty,xenial main

 wget -qO - http://packages.arctica-project.org/archive.key   sudo apt-key add -

• [1] https://github.com/ArcticaProject/nx-libs/releases/tag/3.5.99.7
• [issues] https://github.com/ArcticaProject/nx-libs/issues

Changes

• myrepos: webcheckout considers https URLs as anonymous, switch URLs from http to https and fall back on terminal tools when X11 is gone
• fdupes: NUL separator option
• whohas: add more TODO sites
• apt: more flexibility in APT::Periodic interval options
• foxtrotgps: fix maps-for-free.com, httpsify website links (1, 2) and remove website comment
• lm-sensors: workaround RRD format inflexibility
• check-all-the-things: terminal fixes (1, 2, 3), Perl fixes (1, 2, 3, 4, 5, 6), grep fixes, more key checks, wrapping fixes (1, 2), release (1, 2) and TODO items for chap/Devel::Plumber
• youtube-dl: video downloader list
• devscripts: add support for running aptitude to chdist, add support for cgit URLs to debcheckout and fix issues when $HOME is unset (1, 2)
• Spelling:
  • codespell: sort dictionary, explot(ing), menue(s), mimimise, intall, cas, overrided, icluding, pleaes, interract(ing), interracts, deffered, upsteram, componet(s), depracated, annoncement, settting, pasword, post-morten, converion, verifyied and achive
  • lintian: explot(ing), menue(s), mimimise, intall, cas, icluding, interract(ing), interracts, deffered, upsteram, componet(s), depracated, annoncement, adminstration, inappropiate, pasword, post-morten and verifyied
• Debian wiki: Andrewsomething/Fonts/PackagingPolicy, AptitudeTodo, AudioVideo, BogdanPurcareata/PluggableAptBackend, BTS/NewcomerTag, DebianColombia (Eventos, MiniDebconf2017), DebianEdu/Status/Stretch, DebianEvents/br, (2017/MiniDebconfCuritiba), Debian_GNU/kFreeBSD/Jessie, DebianIndia/PackagingSessions, DebianInstaller/Qemu, DebianKernel/UserspaceTools, DebianMentorsFaq, DebianOnHandhelds/OpenPandora, DebianPackage (es, fr, ru, sv), DebianReleaseFAQ, DebianRepository (Setup), DebianScience/Debci, DebianSingleSignOn, DebianWomen/Projects/NewbieTasks, Derivatives/Census (QA, AstraLinux, CumulusLinux, CumulusLinux, Kali, Netrunner, Parsix, Tanglu, TurnKeyLinux, Ubuntu, Wazo), FreedomBox/LeavingTheCloud, fr (genisoimage, Quota), hal, Hardware/Wanted, HelpDebian (FAQ (it), TODO), how-can-i-help, (Ideas, fr), HP/ProLiant, Init, (fr), Initrd, (fr), InstallingDebianOn, (InstallingDebianOn/HP/EliteBook 820 G1, Razer/BladeStealth, it/Init, it/Initrd, Mempo/mempo-deb/tar, motd, (it, fr), MulheresBrasil (1, 2), MultimediaFetchingTools (1, 2), Packaging/BinaryPackage, PaulWise/InterestingSoftware, ReproducibleBuilds (BuildinfoInfrastructure, History), ru/ReposRelease, SecureApt, ServicesSSL (1, 2), SHA-1, Statistics, SuitesAndReposExtension, SystemBuildTools, Teams (Publicity, ReleaseTeam/ReleaseCheckList), UntrustedDebs, VideoDownloaders and WebBrowsers
• Debian wiki theme: remove last editor info
• Debian website: fix encoding issues, fix year issues and fix DPL update issue (1, 2)
• Debian mirrors: fix encoding issues
• Debian security tracker: encuentro embeds youtube-dl and add mediawiki issues (1, 2)
• Debian derivatives census: workaround apt issue with stretch, reduce max patch size to 5 MiB, document how to get large patches, ignore safe debian/changelog symlinks and add FIXMEs
• Debian Planets: Add Wazo, BunsenLabs RSS feed update, https for blog feeds and new Cumulus Linux/Netrunner logos
• Debian package uploads: python-debianbts, poppler, cruft, clamav-unofficial-sigs, config-package-dev, libarchive, talloc, tevent, libconfig-crontab-perl 1.42-1~bpo7+1 & 1.42-1~bpo8+1, openchange and check-all-the-things
• Debian puppet: switch from deprecated function, drop custom update-ca-certificates on stretch (1, 2) and support syslog-ng 3.8
• Debian meta-packages: www.d.o stretch updates and qa.d.o vcswatch deps
• Debian LDAP UI: use TLS for direct LDAP access
• Debian publicity: prefer verification to SHA-1
• Debian release: add latest two release updates
• Debian PTS: switch from gift to newcomer tags

Issues

• Crashes in remmina, liferea (1, 2) and diffoscope
• Non-distributable files in Ubuntu
• Debian testing migration unblocks of check-all-the-things
• Debian Policy violation in muttdown
• Move crash-whitepaper from Debian non-free to main
• Normal issues in needrestart (1, 2), liferea and git-crecord
• Features in needrestart, github-backup, systemctl, android-permissions, reprepro, freerdp, git-crecord (1, 2, 3), Debian manual pages, Debian sources browser, Debian Maintainer Dashboard and dman
• New versions of pyvmomi
• Typos in fenrir
• Code copy in encuentro
• Race conditions in git-hub
• Terminal handling in needrestart
• Bogus home directory handling in how-can-i-help, ruby, bash, dash and busybox sh
• CodePlex closing checks for lintian and duck
• Missing hashes in Ubuntu
• Weird spaces in evolution
• Verbosity in apt
• Security issue in nagstamon and a CSS injection attack elsewhere
• Minor issues in reportbug and debsources (1, 2)

Review

• Spam: reported 5 Debian bug reports and 246 Debian mailing list posts
• Debian wiki: RecentChanges for the month
• Debian packages: reviewed openscap-daemon, gsignond, qt5ct and sponsored open-ath9k-htc-firmware
• Debian screenshots:
  • approved 4pane, amiwm, btrfs-heatmap, cenon.app, desmume, fonts-atarismall, fonts-goudybookletter, fonts-junicode, fonts-ocr-a, fonts-ocr-b, gnome-paint, grafx2, higan (2), lm-sensors, lshw-gtk, mediathekview, mrboom, munin-plugins-btrfs, nano, openlugaru, project-x, protracker, software-properties-gtk (2), termit, torbrowser-launcher, wmaker, w-scan, caveexpress (2), telegram-desktop (2), gtimelog, taglog, gtimer, osmose-emulator (2), rox-filer, fonts-blankenburg, topcat, balsa (2), gnome-multi-writer (4), colorize, wine, mate-menu and mate-tweak
  • deleted osmose-emulator (6 screenshots of non-free games)
  • rejected xserver-xorg-video-amdgpu (drivers have no UI), eom (includes image of offensive historical figure), synaptic (includes non-free background image), osmose-emulator (6 screenshots of non-free games) and libomxil-bellagio0-components-xvideo (borked upload)
  • approved deletion of xserver-xephyr (includes image of non-free OS), perforate (image of the homepage) and openvas/lv2core (not screenshots)
  • rejected deletion of vkeybd (junk in reason field)

Administration

• Debian systems: quiet a logrotate warning, investigate issue with DNSSEC and alioth, deploy fix on our first stretch buildd, restore alioth git repo after history rewrite, investigate iptables segfaults on buildd and investigate time issues on a NAS
• Debian derivatives census: delete patches over 5 MiB, re-enable the service
• Debian wiki: investigate some 403 errors, fix alioth KGB config, deploy theme changes, close a bogus bug report, ping 1 user with bouncing email, whitelist 9 email addresses and whitelist 2 domains
• Debian QA: deploy my changes
• Debian mentors: security upgrades and service restarts
• Openmoko: debug mailing list issue, security upgrades and reboots

Communication

• Invite Wazo to the Debian derivatives census
• Welcome ubilinux, Wazo and Roopa Prabhu (of Cumulus Linux) to the Debian derivatives census
• Discuss HP/ProLiant wiki page with HPE folks
• Inform git history rewriter about the git mailmap feature

Sponsors The libconfig-crontab-perl backports and pyvmomi issue were sponsored by my employer. All other work was done on a volunteer basis.

Changes

• gitk: colour of remote refs
• myrepos: accumulated patches
• check-all-the-things: fix the yamllint cmd, add TODO items for haxelint and Dockerfile checkers, add checks for dodgy stuff, dead code, GIFs, Ruby (rubocop, roodi), Mono CIL binaries, FITS images and TeX
• gnome-shell-extension-show-ip: came up with the idea to fix the main blocker to deforking it, cleanups, show the primary IP address and show IP addresses in the menu
• Spelling:
  • codespell: broser, optionnal, optionnaly, reuest, ressource (hi samba folks), swtich, assumme(s), checg(ed), workes, accidentially, uninitalized, permision(s), whe, gruop(s), determing, imilar, tigthly, standar, iff, nott, technlogy, playble, redeable, diagnotic, langauage, mor, soundard, firmwware, containt(s), mazilla (hi malware authors), mozila, cilyndre(s), sepatae
  • lintian: broser, optionnaly, kenrel, swtich, assumme(s), checg(ed), workes, whe, gruops, imilar, tigthly, standar, iff, nott, technlogy, playble, debia, redeable, diagnotic, mor, soundard, firmwware, containt, mazilla, mozila, cilyndre(s), sepatae
• Wikipedia: Message-ID
• Debian wiki: AndroidTools, AppArmor/Contribute/Upstream, BSP/2017/05/ch/Zurich, CrossCompiling, DateTime, DebianEdu/Status/Stretch, DebianEvents/br/2017/MiniDebconfCuritiba/Atividades/CFP, DebianKernel/UserspaceTools, DebianMultimedia/FFmpeg (Unstripped), DebianRepository (Unofficial, UseThirdParty), DebianScience/UnofficialRepository, DebianUnofficial, dedup.debian.net, Derivatives/Census (QA (1, 2), Qubes, SparkyLinux), Exploits, fr/Simple-CDD, Games/Unsuitable, Hardening/RepoAndImages, Ideas/Ports, iMacG5, IRC, it/UltimateDebianDatabase, Merchandise, PaulWise/InterestingSoftware (1, 2), piuparts/FAQ, pkg-escience, qa.debian.org, QuickInstall, RepositoryLocal, Services/PublicUddMirror, Simple-CDD/Howto, SuitesAndReposExtension, SummerOfCode2006, SummerOfCode2014/Projects/DebianMetricsPortal, SummerOfCode2017/Projects/QA_BiologyApps, sv/IRC, SystemBuildTools, UltimateDebianDatabase, Vangelis Mouhtsis
• Debian website: Remove old unused and not working website hosting sponsor functionality (1 2 3 4 5 6 7), use correct SSL CA cert store, fix and https links to debian.ch and fix HTML entity escaping in the mirrors list (1 2)
• Debian ports: help rescue the #debian-ports IRC channel, remove dead mirror, update mirrors page, remove d-p.o reference, update bits.d.o and update packages.d.o
• Debian packages site: remove some git cruft
• Debian security tracker: remove NFU from webkit issue and add source link to DLAs
• Planet Debian derivatives: Add Qubes
• Debian package uploads: needrestart-session 0.3-4.1 and valgrind 1:3.10.0-4~bpo7+1

Issues

• Crashes in evolution, hexchat, gpaste, pidgin and eog
• Perl @INC issue in libthrift-perl
• Regression in samba-common-bin
• Debian migration unblocks of needrestart-session (1, 2)
• Debian Policy violation in selenium-firefoxdriver
• Important issue in needrestart-session
• Minor issues in gnupg and giflib-tools
• Features in file, debdelta, diffoscope, nss-passwords and linux

Review

• Spam: reported 5 Debian bug reports and 289 Debian mailing list posts
• Debian wiki: RecentChanges for the month
• Debian screenshots:
  • approved spectrwm (2), ranger, i3, kupfer, zathura (3), gimagereader, yubioath-desktop (3), fluxbox, libreoffice-writer, gtklp, terminator, wireshark-qt, wireshark-gtk, synaptic, empathy, gnome-control-center, shutter (2), gnome-online-accounts, gnome-documents, gnome-contacts, network-manager-openvpn-gnome, gnome-shell-extension-system-monitor, neofetch, octave-sparsersb, audacious, smplayer, bluefish, gpodder, delaboratory, geeqie, fracplanet and braillegraph
  • rejected hotssh (artefacts in screenshot), libsixel-bin (copied from elsewhere), spectrwm (not a screenshot) and geeqie (worse version of accepted image)
  • approved deletion (despite bogus reason) of snmp (screenshots site not a support forum, was a diagram not a screenshot)
  • rejected deletion of kupfer (we do not remove old versions), vlc (external UI in the screenshot is minimal), vokoscreen/fonts-ecolier-lignes-court (garbage in reason field), aptitude (discussing non-English screenshots with Christoph Haas), hydra-gtk (greetings are not valid reasons) and oxygen-icon-theme (the screenshot is not a reCAPTCHA)

Administration

• Debian systems: apply a patch to userdir-ldap, ask a local admin to reset a dead powerpc buildd, remove dead SH4 porterboxen from LDAP, fix perms on www.d.o OC static mirror, report false positives in an an automated abuse report, redirect 1 student to FAQs/support/DebianEdu, redirect 1 event organiser to partners/trademark/merchandise/DPL, redirect 1 guest account seeker to NM, redirect 1 @debian.org desirer to NM, redirect 1 email bounce to a changes@db.d.o user, redirect 2 people to the listmasters, redirect 1 person to Debian Pure Blends, redirect 1 user to a service admin and redirect 2 users to support
• Debian packages site: deploy my ports/cruft changes
• Debian wiki: poke at HP page history and advise a contributor, whitelist 13 email address, whitelist 1 domain, check out history of a banned IP, direct 1 hoster to DebConf17 sponsors team, direct 1 user to OpenStack packaging, direct 1 user to InstallingDebianOn and h-node.org, direct 2 users to different ways to help Debian and direct 1 emeritus DD on repository wiki page reorganisation
• Debian QA: fix an issue with the PTS news, remove some debugging cruft I left behind, fix the usertags on a QA bug and deploy some code fixes
• Debian mentors: security upgrades and service restarts
• Openmoko: security upgrades and reboots

Communication

• Invite GALPon MiniNo, Scibian, Roche Linux and ubilinux to the Debian derivatives census
• Welcome Qubes to the Debian derivatives census
• Start discussion about how many people contact the wrong part of Debian for their query

Sponsors The valgrind backport, samba and libthrift-perl bug reports were sponsored by my employer. All other work was done on a volunteer basis.

Changes

• gplenforced.org: mention copyleft.org, FSF and gpl-violations.org
• https-everywhere: fix & merge Debian updates
• Spelling:
  • iotop: alignement
  • codespell: pacakge, intregral, droppend, enforcmement, bood, everythin, temporarly, claaes, depricated, pluign(s), paramater(s), minimun, differrent, dekstop, impresive, mangementt, pusehd, pres, embdedded, captable, verifty(ing), alignement
  • lintian: droppend, enforcmement, bood, everythin, temporarly, claaes, pluign(s), differrent, debiab, dekstop, impresive, mangementt, pusehd, pres, embdedded, captable, verifty(ing), alignement
• Debian wiki: AutomateBackports, binNMU, CopyrightReview (Tools), CristianGreco, DebianArt (RequestArtwork), DebianGeoMirror, DebianLocations, DebianLogo, DebianSecurity/AdvisoryCreation/SecFull, Derivatives/Census (Armbian, Matriux), Exploits, gsoc, GSoC, LTS/Team, Mentors/Review (1, 2), PaulWise/InterestingSoftware, PlanetDebian, qa.debian.org, Services/MentorsDebianNet, Statistics, Teams/Publicity (Identica, micronews, Release), Teams/Webmaster (TODO), Year
• DebConf wiki: Timeline (DebConf16, DebConf17)
• Wikipedia: BugSat_1, Message-ID, PaulWise
• Debian website: Unix line endings, merged release team patches for stretch/buster, update links to removed pages (1 2 3 4)
• Debian QA: clang build logs (merged PTS patch, re-enabled & fixed in tracker)
• Debian security tracker: CVE updates (1, 2), update mirror, fix domain typo, avoid hard-coding years
• Debian nagios: update mirror-isc.d.o upstream
• Debian DNS: fix snapshot backup issue
• Debian package uploads: nvme-cli 1.0-3~bpo8+1, libesedb 20170121-2~bpo8+1

Issues

• Release-critical bugs in needrestart-session, dnssec-trigger
• Fix exit status in ipmievd
• TLS for links in bugs.debian.org emails, planet.gnome.org
• Password length in AbiSource Bugzilla
• Disabling ReportPage in apt-cacher-ng: wrong comment and breaks the cron job
• Features in adequate and git/github (light-weight pull requests)

Review

• Spam: reported 5 Debian bug reports and 158 Debian mailing list posts
• Debian wiki: RecentChanges for the month
• Debian packages: reviewed and sponsored gtranscribe 0.7.1-2
• Debian screenshots:
  • approved fbreader unity openlp wadc bosixnet-webui (2) ardour arc-theme terminix kget okular sl synergy musique screenfetch mercurial-crecord git-crecord libglpk-java rolo streamtuner2 muon limesuite endless-sky spectrwm
  • approved deletion of sshpass (website screenshot)
  • rejected reaver/pixiewps/golang (just a picture of the help output), git (Android browser screenshot with rude confused title), marble (not a screenshot), libcanberra0-dbg (no screenshot present)

Administration

• Debian: do the samhain dance, ask for new local contacts at one site, ask local admins to reset one machine, powercycle 2 dead machines, redirect 1 user to the support channels, redirect 1 user to a service admin, redirect 1 spam reporter to the right mechanisms, investigate mail logs for a missing bug report, ping bugs-search.d.o service admin about moving off glinka and remove data, poke cdimage-search.d.o service admin about moving off glinka, update a cron job on denis.d.o for the rename of letsencrypt.sh to dehydrated, debug planet.d.o issue and remove stray cron job lock file, check if ftp is used on a couple of security.d.o mirrors, discuss storage upgrade for LeaseWeb for snapshot.d.o/deriv.d.n/etc, investigate SSD SMART error and ignore the unknown attribute, ask 9 users to restart their processes, investigate apt-get update failure in nagios, swapoff/swapon a swap file to drain it, restart/disable some failed services, help restore the backup server, debug stretch /dev/log issue,
• Debian QA: deploy merged PTS/tracker patches,
• Debian wiki: answer 1 IP-blocked VPN user, pinged 1 user on IRC about their bouncing mail, disabled 4 accounts due to bouncing mail, redirect 1 person to documentation/lists, whitelist 5 email addresses, forward 1 password reset token, killed 1 spammer account, reverted 1 spammer edit,
• Debian mentors: security upgrades, check which email a user signed up with
• Openmoko: security upgrades, daemon restarts, reboot

Debian derivatives

• Turned off the census cron job because it ran out of disk space
• Update Armbian sources.list
• Ping siduction folks about updating their sources.list
• Start a discussion about DebConf17
• Notify the derivatives based on jessie or older that stretch is frozen
• Invite Rebellin Linux (again)

Sponsors The libesedb Debian backport was sponsored by my employer. All other work was done on a volunteer basis.

Changes

• gitk: colour of remote refs
• https-everywhere: Update Debian rules
• check-all-the-things: release, security fix, reset terminal modes, allow running removed checkers, regression fix (quote fix), TODO items (for deep-text-corrector, sblint, decopy, Coala Bear & dangerous Python checks)
• devscripts: fix grep-excuses warning
• autorevision: build correctness, tarball reproducibility (due to gzip & AUTHORS.txt)
• whowatch: parameter correctness (for NULL, int), spelling/grammar/typos, https, remove dead links & restore terminal status on exit
• spelling dictionaries:
  • codespell: recod, undefuned, normaly, uner, buid, stength, privide, decstiption(s), revrese, lightweigh, multible, asbtraction, resulution, meatadata, seriuos, transalte, interractive, timestan, partiton, databas, claculate, patern, substiution, freee, operatation(s), ambigous, clasified, coypright, previlege, gental, bacup & detction
  • lintian: recod, undefuned, uner, buid, stength, privide, dimentional, decstiption(s), revrese, lightweigh, asbtraction, resulution, FTBS, meatadata, seriuos, transalte, interractive, timestan, partiton, databas, claculate, patern, substiution, freee, operatation(s), previlege, gental, bacup & detction
• Debian timeline: latest bug milestones
• Debian bits: FOSDEM draft fixes
• Planet Debian derivatives: add Netrunner & update BlankOn logo
• Debian buildd website: plain text logs (1 2 3)
• Debian uscan multi-redirector: add github package.json/cmake checker & remove gitorious
• Debian packages website: update manual pages patch to use https, merge patches (1 2)
• Debian website: fix security Makefiles for DLAs (for 2017, 2016, 2015, 2014), derivatives (wording/formatting fixes 1, 2), build by default), link fixes (for CD brokenness, stability, gitweb to cgit)
• Debian wiki pages: AlejandroRios, ChrootOnAndroid, CopyrightReviewTools, CrossCompiling, CrossGrading, DebianBootstrap, DebianDay, (2017), DebianEvents (Asia, oc) DebianScience, DebianWiki/Browsing, dedup.debian.net, Derivatives/Census (AstraLinux, BlankOn, Netrunner, SalentOS, SerbianLinux, Symbiosis, Template), EmbeddedCodeCopies, ExternalEntities, Fonts, fr/GraphicsCard, fr/Intel HD Graphics, FrontPage, gobby.debian.org, HP/ProLiant, Ideas, InstallingDebianOn, TurrisOmnia (1 2), InterWikiMap, josch/notes, LVM, Merchandise/BoFDebConf10, Mobile (1 2), NewArchiveSections, PaulWise/InterestingSoftware, PortTemplate, ppc64el, PressCoverage2017, PressCoverage, redmine, ReproducibleBuilds/History, Services/Debian Packages, SponsorChecklist, Sprints (2017/DebianMed2017 (1 2)), SystemBuildTools, systemd, Teams/Dpkg/FAQ, ThisWeekInDebian, WhyDebian, Year
• File Formats wiki pages: ACE, File_identification_software, File_command
• Debian package uploads: autorevision 1.20-1, check-all-the-things 2017.01.15 & openchange 1:2.2-6+deb8u1

Issues

• Security migration for check-all-the-things
• GPL violations due to embedded copies of Liberation Fonts in emscripten, freedink, gargoyle-free, gcstar, manaplus, minetest, pcs & zygrib
• Outdated embedded unicode-data copies in boost1.62 & boost1.63
• Crash in liferea
• Regression in coreutils date
• Missing conffile removal in dnssec-trigger & xtightvncviewer
• gitorious redirector usage in fgrun & spectacle
• Annoying issues in hexchat autorejoin, totem & a podcast & gdb messages
• Cosmetic issues in parcimonie menu, gitk colours & aptitude debtags
• Features in duck, apt-file, needrestart, packages.debian.org & aptitude
• An already implemented feature in needrestart

Review

• Spam: report spam in 6 Debian bugs, 132 Debian mails and one LWN comment
• Patches: point out extraneous whitespace changes in a codespell PR
• Debian packages: reviewed and sponsored fsprotect 1.0.7
• Debian wiki: RecentChanges for the month, feedback on InstallDebianWithoutLiveCD article
• Debian screenshots:
  • Approved screenshots of ngraph-gtk lightdm-gtk-greeter-settings kalgebra qtile patat toilet sagemath (2) w3c-markup-validator pentobi pentobi-kde-thumbnailer zygrib (2) sauerbraten kmail aiscm (5) codeblocks lxqt libreoffice-help-es inkscape synaptic thunar gimp midori filezilla libreoffice pluma qupzilla gnome-2048 simplescreenrecorder gerbv keepassx gcstar confclerk onionshare blockout2 subuser dosbox zsnes dosemu lmarbles klickety geda-gattrib katomic kiki-the-nano-bot freedm frogatto (2)
  • Approved removal of screenshots: seaview screenshot contained advertising, mupen64plus/mupen64plus-audio-all were weird screenshots with multiple OS windows overlaid & mkgmap was a screenshot of the OSM wiki instead of the software
  • Rejected screenshots: gccgo looked like a Thai mobile phone screenshot, python-stem was a screenshot for OPENDIME USB, seaview was downloaded from elsewhere and not an authentic screenshot & fbreader contained non-free ebook contents

Administration

• Debian: reboot 1 non-responsive VM, redirect 2 users to support channels, redirect 1 contributor to xkb upstream, redirect 1 potential contributor, redirect 1 bug reporter to mirror team, ping 7 folks about restarting processes with upgraded libs, manually restart the sectracker process due to upgraded libs, restart the package tracker process due to upgraded libs, investigate failures connecting to the XMPP service, investigate /dev/shm issue on abel.d.o, clean up after rename of the fedmsg group.
• Debian mentors: lintian/security updates & reboot
• Debian packages: deploy 2 contributions to the live server
• Debian wiki: unblacklist 1 IP address, whitelist 10 email addresses, disable 18 accounts with bouncing email, update email for 2 accounts with bouncing email, reported 1 Debian member as MIA, redirect 1 user to support channels, add 4 domains to the whitelist.
• Reproducible builds: rescheduled Debian pyxplot:amd64/unstable for themill.
• Openmoko: security updates & reboots.

Debian derivatives

• Send the annual activity ping mail.
• Happy new year messages on IRC, forward to the list.
• Note that SerbianLinux does not provide source packages.
• Expand URL shortener on SerbianLinux page.
• Invite PelicanHPC, Netrunner, DietPi, Hamara Linux (on IRC), BitKey to the census.
• Add research publications link to the census template
• Fix Symbiosis sources.list
• Enquired about SalentOS downtime
• Fixed and removed some 404 BlankOn links (blog, English homepage)
• Fixed changes to AstraLinux sources.list
• Welcome Netrunner to the census

Sponsors I renewed my support of Software Freedom Conservancy. The openchange 1:2.2-6+deb8u1 upload was sponsored by my employer. All other work was done on a volunteer basis.

• We fixed an issue where apt-file would not show top-level files in source packages. (bug#676642). Thanks to Paul Wise for the proposed solution.
• Paul Wise also fixed a bug where apt-file list -I dsc <source-pkg> would fail to list all files in the source package if said file was also in other packages.
• We added filter-suites / filter-origins options that can be used to narrow the search space. Example: apt-file search --filter-suites unstable lintian/checks/

# echo 'apt-file::Search-Filter::Suite "unstable";' >> /etc/apt/apt-file.conf

• despinosa wrote a blog post on Vala and reproducibility
• h01ger and lynxis gave a talk called "From Reproducible Debian builds to Reproducible OpenWrt, LEDE" (video, slides) at the OpenWrt Summit 2016 held in Berlin, together with ELCE, held by the Linux Foundation.
• A discussion on debian-devel@ resulted in a nice quotable comment from Paul Wise: "(Reproducible) builds from source (with continuous rechecking) is the only way to have enough confidence that a Debian user has the freedoms promised to them by the Debian social contract."
• Chris Lamb will present a talk at Software Freedom Kosovo on reproducible builds on Saturday 22nd October.

• cobbler/2.6.6+dfsg1-13 by Thomas Goirand, original patch by Chris Lamb.
• collectd/5.6.1-1 by Marc Fournier.
• fonts-tiresias/0.1-3 by G rkan Myczko, original patch by Chris Lamb.
• fntsample/4.0-2 by , original patch by Chris Lamb.
• fpga-icestorm/0~20160913git266e758-2 by Ruben Undheim, original patch by Chris Lamb.
• frog/0.13.5-1 by Maarten van Gompel, original patch by Chris Lamb.
• lambda-align/1.0.0-2 by Sascha Steinbiss, original patch by Chris Lamb.
• pleiades/1.7.0-2 by Hideki Yamane, original patch by Chris Lamb.
• sweethome3d/5.2+dfsg-1 by Markus Koschany, original fix by Gabriele Giacone.
• trac-subtickets/0.2.0-2 by W. Martin Borgert.

• aodh/3.0.0-2 by Thomas Goirand.
• eog-plugins/3.16.5-1 by Michael Biebl.
• flam3/3.0.1-5 by Daniele Adriana Goulart Lopes.
• hyphy/2.2.7+dfsg-1 by Andreas Tille.
• libbson/1.4.1-1 by A. Jesse Jiryu Davis.
• libmongoc/1.4.1-1 by A. Jesse Jiryu Davis.
• lxc/1:2.0.5-1 by Evgeni Golov.
• spice-gtk/0.33-1 by Liang Guo.
• spice-vdagent/0.17.0-1 by Liang Guo.
• tnef/1.4.12-1 by Kevin Coyner.

• chktex/1.7.6-1 by Thorsten Alteholz, original patch by Sascha Steinbiss.
• dbus/1.10.12-1 by Simon McVittie.
• doomsday/1.15.8-3 by Markus Koschany, #839338 by Lucas Nussbaum.
• emacs25/25.1+1-1 by Rob Browning.
• gpgme1.0/1.7.0-3 by Daniel Kahn Gillmor.
• monkeysign/2.2.0 by Antoine Beaupr .
• python-attrs/16.2.0-1 by Tristan Seligmann, original patch by Chris Lamb.
• shotwell/0.24.0-1 by J rg Frings-F rst, original patch by Alexis Bienven e.
• supple/1.0.6-2 by Daniel Silverstone.
• why/2.36-1 by Ralf Treinen, original patch by Valentin Lorentz.

• palo/1.96 by Helge Deller, #778437 by Chris Lamb.
• rbdoom3bfg/1.1.0~preview3+dfsg+git20160807-1 by Tobias Frost.
• singular/4.0.3-p3+ds-1 by Jerome Benoit.
• varnish/5.0.0-3 by Stig Sandbeck Mathisen, original patch by Chris Lamb.
• yaml-cpp/0.5.2-4 by Paul Novotny, original patch by Reiner Herrmann.

• #840741 filed against http-icons by Chris Lamb.
• #840177 filed against qconf by Chris Lamb.
• #840845 filed against python-pygraphviz by Chris Lamb.
• #840346 filed against qjoypad by Chris Lamb.

• Added max_output_size_reached, ftbfs_due_to_jenkins_semaphore_setup, and build_id_differences_only.

• Anders Kaseorg (1)
• Chris Lamb (18)

• h01ger has turned off the "Scheduled in testing+unstable+experimental" regular IRC notifications and turned them into emails to those running jenkins.d.n.
• Re-add opi2a armhf node and 3 new builder jobs for a total of 60 build jobs for armhf. (h01ger and vagrant)
• vagrant suggested to add a variation of init systems effecting the build, and h01ger added it to the TODO list.
• Steven Chamberlain submitted a patch so that now all buildinfo files are collected (unsigned yet) at submit@buildinfo.kfreebsd.eu.
• Holger enabled CPU type variation (Intel Haswell or AMD Opteron 62xx) for i386. Thanks to Profitbricks.com for their great and continued support!

• Increase memory on the 2 build nodes from 12 to 16gb, thanks to profitbricks.com

No comment Liked this article? Click here. My blog is Flattr-enabled.

• ruby-ronn/0.7.3-5 by Antonio Terceiro, original patch by Chris Lamb.

• check-all-the-things/2016.09.03 by Paul Wise, original patch by Chris Lamb.
• e2fsprogs/1.43.2-2 by Theodore Y. Ts'o.
• gnupg1/1.4.21-1 by Daniel Kahn Gillmor, #834755 by Chris Lamb.
• gnupg2/2.1.15-2 by Daniel Kahn Gillmor.
• inform6-compiler/6.33-2 by Ben Finney.
• libhat-trie/0.0~git25f9e946-2 by Sascha Steinbiss.
• mrd6/0.9.6-13 by Thomas Preud'homme, original patch by Reiner Herrmann.
• safecat/1.13-3 by Teemu Hukkanen, original patch by Reiner Herrmann.
• shibboleth-sp2/2.6.0+dfsg1-1 by Ferenc W gner.
• sweethome3d-furniture-editor/1.15-2 by Markus Koschany, original patch by Reiner Herrmann.
• traceroute/1:2.1.0-2 by Laszlo Boszormenyi, original patch by Reiner Herrmann.
• wise/2.4.1-19 by Sascha Steinbiss.
• xmltooling/1.6.0-2 by Ferenc W gner.

• comitup/0.5-1 by David Steele.
• dita-ot/1.5.3-2 by Mathieu Malaterre.
• dput/0.10.2 by Ben Finney.
• gnome-settings-daemon/3.21.90-2 by Michael Biebl.
• libkf5kipi/4:16.08.0-1 by Pino Toscano.
• libmpc/2:0.1~r475-2 by James Cowgill.
• taurus/4.0.1+dfsg-1 by Picca Fr d ric-Emmanuel.
• tcpwatch-httpproxy/1.3.1-2 by Toni Mueller.

• djangorestframework
• roarplaylistd
• zope-maildrophost
• zope-replacesupport

• amanda/1:3.3.9-1 by Jose M Calhariz.
• dispcalgui/3.1.6.0-2 by Christian Marillat, original patch by Chris Lamb.
• fastqtl/2.184+dfsg-4 by Dylan A ssi.
• grass/7.0.5~rc1-1~exp1 by Bas Couwenberg.
• kdevplatform/5.0-1 by Pino Toscano, original patch by Scarlett Clark.
• leveldb/1.19-1 by Alessio Treglia.
• libdevel-cover-perl/1.23-2 by gregor herrmann, original patch by Chris Lamb.
• linux/4.7.2-1 by Ben Hutchings, #830268 by Reiner Herrmann.
• lmms/1.1.3-4 by Javier Serrano.
• mayavi2/4.4.3-2.2 by Anton Gladky.
• opensaml2/2.6.0-2 by Ferenc W gner.
• perl/5.22.2-4 by Dominic Hargreaves, original patch and original patch by Chris Lamb.
• radare2/0.10.5+dfsg-1 by Sebastian Reichel, original patch by Chris Lamb.
• splint/3.1.2.dfsg1-3 by Rapha l Hertzog, original patch by Chris Lamb.

• #835673 filed against dacs by Chris Lamb.
• #835805 filed against dh-python by Chris Lamb.
• #835985 filed against nmh by Chris Lamb.
• #836609 filed against nostalgy by Chris Lamb.
• #835807 filed against pygtksourceview by Chris Lamb.
• #836004 filed against python-gflags by Chris Lamb.
• #835816 filed against rt-extension-customfieldsonupdate by Chris Lamb.
• #835834 filed against ruby-compass by Chris Lamb.
• #836605 filed against torque by Chris Lamb.
• #833176 filed against trafficserver by Reiner Herrmann.

• timestamps_in_documentation_generated_by_ocamldoc
• timestamp_in_enc_files_added_by_texlive_fontinst
• cython_captures_build_path
• timestamps_in_perllocal_pod_manpages_generated_by_perl_extutils_mm_unix
• uname_output_in_python_debugging_symbols_caused_by_sysconfig_getplatform

• timestamp_in_enc_files_added_by_texlive_fontinst

• Chris Lamb (8)
• Lucas Nussbaum (3)

• Mattia Rizzolo:
  • Better and more thorough testing
  • Improvements to packaging
  • Improvements to the ppu comparator

• Chris Lamb:
  • Improve code quality of zip, jar, ar, png processors
• AYANOKOUZI, Ryuunosuke:
  • Preserve file attribute information of target file (#836075)

No comment Liked this article? Click here. My blog is Flattr-enabled.

• We (the Android Tools Maintainers and our three GSoC students) started our regular IRC meetings on Thursday.
• I am mostly involved in answering packaging questions, reviewing package updates and uploading them to the archive.
• I sponsored new versions of android-platform-build, android-platform-external-libselinux, android-platform-external-libunwind, android-platform-frameworks-base, android-platform-system-core and android-platform-system-extras.
• I sponsored a new revision of apktool prepared by Chirayu Desai and myself that fixed the decoding issue from last month and three other bugs. Thanks to Paul Wise for the reports and Chirayu for fixing two bugs and creating a separate android-framework-res binary package on which we could depend on. It seems decoding works now as intended but we still need to tackle the building problem.

• I packaged CaveExpress and CavePacker for Debian. CaveExpress is a remake of the old Amiga classic Ugh! In this game you control a pedal-powered flying machine and pick up packages from your clients. An interesting aspect of CaveExpress is its physics-based gameplay. The packages must be delivered to a collection point and their movement is quite realistic thanks to the excellent Box2d physics engine. The other game, CavePacker, based on the same engine as CaveExpress is a Sokoban-like game. Both games feature dozens of levels and if you have nothing better to do, you should definitely check them out.
• This month I also packaged a new upstream release of Netpanzer. Apparently there is new upstream activity.
• Blockattack 2.0 was released and is now available in Debian.
• I also updated the following packages: kball, pathogen, ceferino, slimevolley, pangzero and airstrike.
• I adopted abe, berusky and berusky-data, updated the packages to use modern debian helpers and also packaged version 1.7 of berusky, a great Sokoban-like game by the way.
• June also saw a new release of debian-games, several metapackages that make it much easier to install a subset of games or even the finest.
• I sponsored RC-bug fixes for parsec47, tumiki-fighters, mu-cade and tatan all prepared by Peter De Wachter who keeps our D (yes, that s a language) games alive. But we will face more issues in the post Stretch future. Apparently the D language people intend to remove parts of their API and of course all our D-based games are affected. Peter has announced more information about that. I think all these games are pretty unique and real gems. If you know a little D and want to help out, please get involved.

• I sponsored a new package for Tobias Ilte, stegosuite, a steganography tool to hide information in image files.
• I packaged new upstream releases of jboss-logmanager, jboss-modules, jboss-xnio, activemq and undertow.
• Together with Emmanuel Bourg I prepared a security update for Tomcat 8 fixing 8 CVEs. (DSA-3609-1)
• I backported the lastest stable release of mysql-connector-java to Jessie to fix CVE-2015-2575. A DSA is pending.
• I blogged about the default Java switch in Wheezy.

• DLA-501-1. Salvatore Bonaccorso from Debian s Security Team discovered that the original fix for CVE-2015-7552 (DLA-450-1) was incomplete. I prepared and uploaded a new revision of gdk-pixbuf and issued the DLA.
• DLA-502-1. Issued a security update for graphicsmagick fixing 1 CVE.
• DLA-504-1. Issued a security update for libxstream-java fixing 1 CVE which was prepared by Emmanuel Bourg.
• DLA-505-1. Issued a security update for libpdfbox-java fixing 1 CVE.
• DLA-508-1. Issued a security update for expat fixing 2 CVE.
• DLA-511-1. Issued a security update for libtorrent-rasterbar fixing 1 CVE.
• DLA-526-1. Issued a security update for mysql-connector-java fixing 1 CVE. I also prepared the update for Jessie which is still pending to be reviewed by the Security Team.
• DLA-528-1. Issued a security update for libcommons-fileupload-java fixing 1 CVE.
• DLA-529-1. Issued a security update for tomcat7 fixing 1 CVE.
• DLA-530-1. As previously announced I switched the default Java implementation from OpenJDK 6 to OpenJDK 7.
• DLA-537-1. Issued a security update for roundcube fixing 1 CVE. I triaged CVE-2016-5103, CVE-2015-2180 and CVE-2015-2181 and marked them as not-vulnerable .
• I triaged 22 CVEs for libarchive and marked two of them as not-vulnerable . You can find my preliminary work for libarchive on the wheezy branch in Debian s git repository. I expect a security update very soon.
• From 13 June to 19. June I was responsible for Wheezy s LTS frontdesk. It was a rather calm week on the debian-lts mailing list and in our IRC channel. I triaged CVE-2016-4970 (netty), CVE-2016-3189 (bzip2), CVE-2016-1621 (libvpx) and CVE-2016-4493, CVE-2016-4492, CVE-2016-4491, CVE-2016-4490, CVE-2016-4489, CVE-2016-4488, CVE-2016-4487, CVE-2016-2226 which were all minor issues in developer tools or in the gcc toolchain.
• I commented on Ola s question about open security issues in phpmyadmin.

• I fixed pygccxml that threatened to remove spring.
• I completely overhauled gl-117, fixed four bugs and closed two obsolete ones. gl-117 always reminds me a little of the Falcon series from the early 90ies.