2 January 2017

Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you re interested in Android, Java, Games and LTS topics, this might be interesting for you. Debian Android

• I sponsored a new package for Seamlik called android-platform-tools-analytics-library.

Debian Games

• We have entered the final straight for Stretch, so I kept a close eye on new game releases and bug reports in packages which I think should be part of the next stable release. Bzflag is certainly one of them, a tank battling game that can be played in the first-person perspective and which has arrived in version 2.4.8. I also packaged new releases of trigger-rally, a racing game, Renpy, pygame-sdl2 and Minetest.
• B lint R czey introduced libopenhmd to Debian a while ago and asked me in #845657 to enable OpenHMD support for neverball. Neverball is now the first game in the archive, at least as far as I know, that is ready for virtual reality. I have never tried it though because I don t own the necessary gear from Oculus myself but it sounds like a cool feature.
• A user of caveexpress reported a bug (#847147) in one level that prevented him from finishing it. I forwarded this one to upstream and he was able to quickly fix the issue and I could release 2.4+git20160609-3 later.
• I triaged several RC bugs which were reported against our D language games and it turned out that the bug was in gdc (#845377).
• I also made some small improvements to monopd s packaging and applied a patch from Laurent Bigonville to Freeciv that corrected a problem with AppData files (#848720).
• I worked around another RC FTBFS bug in spring (#846921) which is apparently a regression in binutils (#847356) but its maintainer does not consider this to be release critical.
• I tried to fix #848063 in ri-li but it seems to surface again under special circumstances. Since compilation works on all buildds for all release architectures and on my systems I downgraded the severity to important.
• I uploaded Bullet 2.85.1 to experimental. It is currently waiting in the NEW queue due to the SONAME bump and because I decided to simplify the packaging. I don t think it is longer worth it to provide several standalone binary packages. All Bullet 2 and 3 core libraries can be found in libbullet2.85 now while all the extra stuff is part of libbullet-extras2.85.
• Last but not least I released debian-games 1.7 and updated the list of games. Castle Combat was removed this month from Debian.

Debian Java

• I promised to complete my work on Netbeans and spent several hours on completing this goal. Although I am aware of the package s obstacles by now it never ceases to amaze me how many build failures occur due to the apparent mismatch between Debian (build-)dependencies and the ones upstream is using. This time I got stuck when several core modules could not be built from source because they required classes from OpenJDK 9. Since JDK 9 will not be released with Stretch I am afraid to say that Netbeans 8.2 won t be part of it. I worked around these issues by replacing the modules with versions from 8.1 but this is obviously just a very crude hack. Nevertheless the new package is available in experimental now.
• New upstream releases this month: activemq, netbeans, libnb-platform18-java, svnclientadapter, jackrabbit, jboss-xnio, undertow.
• Package updates: jboss-classfilewriter, jboss-logging, libpicocontainer-java.
• RC bug fixes: jruby-maven-plugins (#844841), vorbis-java (#844753), jackson-datatype-guava (#849449), triaged libhamcrest-java (#846116).
• I sponsored freeplane 1.5.18-1 for Felix Natter.

Debian LTS This was my tenth month as a paid contributor and I have been paid to work 13,5 hours on Debian LTS, a project started by Rapha l Hertzog. In that time I did the following:

• From 12. December until 18. December I was in charge of our LTS frontdesk. I triaged bugs in jasper, openjdk-6, bluez, game-music-emu, simplesamlphp, imagemagick, nagios3, most, rabbitmq-server, html5lib and dcmtk.
• DLA-742-1. Issued a security update for chrony fixing 1 CVE. This update was prepared by Vincent Blut.
• DLA-745-1. Issued a security update for most fixing 1 CVE.
• DLA-746-1. Issued a security update for tomcat6 fixing 1 CVE and two regressions from previous updates which were reported to Debian s bug tracker.
• DLA-747-1. Issued a security update for libupnp fixing 1 CVE.
• DLA-748-1. Issued a security update for libupnp4 fixing 1 CVE.
• DLA-746-2. Issued a regression update for tomcat6.
• DLA-753-1. Issued a security update for tomcat7 fixing 1 CVE and three regressions that were similar in nature to the ones fixed in Tomcat 6.
• DLA-761-1. Issued a security update for python-bottle fixing 1 CVE.
• DLA-763-1. Issued a security update for squid3 fixing 1 CVE.
• DLA-766-1. Issued a security update for libcrypto++ fixing 1 CVE.
• I also worked on two CVEs for Asterisk, an Open Source PBX and telephony toolkit. The work is done and can currently be found at this location. I asked on the debian-lts mailing list for feedback and testing and already got some positive feedback. I will wait a few more days before I release the security update.

Non-maintainer uploads

• I did two NMUs this month. I sponsored an upload of libtorrent for Peter Pentchev fixing #828414 and I fixed a trivial bug in gnash myself (#845847).