The mempo-deb is a subproject of ?Mempo that has goal of bringing fast fixes and patches into Debian in topic of security and privacy.

The work is part of Debian community and FOSS development.

Patches/fixes will be easy to apply quickly:

All the source (2 packages fixes, as of 2013-12 - we are just starting) are on github, git clone https://github.com/mempo/mempo-deb.git

Trust

In security&privacy project ?Mempo we assume you should always be vigilant, and it is wise to even verify this software (mempo-deb).

There are 2 ways for this.

Chain of trust for build-from-source:

Chain of trust for install-from-unofficial-deb:

Packages

dpkg

https://github.com/mempo/mempo-deb/tree/master/pack/dpkg

We take and build https://alioth.debian.org/anonscm/git/reproducible/dpkg.git

We used to patch it even more, however later it was not needed.

Needed for SameKernel and other ReproducibleBuilds.

libpoco

https://github.com/vyrly/mempo-deb/tree/master/pack/poco (rename to libpoco?)

libpoco-dev 1.3.6p1-4+mempo1.2

Fixed poco library against the lib pcre related bug

Program FMS_application was not working (hang/slowdown - sometimes) 671477

gnupg

https://github.com/vyrly/mempo-deb/tree/master/pack/gnupg

Improve GnuPG with more paranoid options: extend max keylength x4, use stronger entropy (read eg twice as much entropy).

Work in progress (2013-12-13)

Pack with script that automatically builds gnupg (reproducible way) with longer key generation support: https://github.com/mempo/mempo-deb

Changes were necessary only in key-generator. Gnupg fully supports keys to 16k bits (tested).

We've been inspired by this post: http://gagravarr.livejournal.com/137173.html

hardened kernel

Reproducible and hardened kernel - see ?ReproducibleBuildsKernel