[:DebianWiki/EditorGuide#translation:Translation(s)]: none

(!) [:/Discussion:Discussion]



Welcome to this year's 12th issue of DPN, the newsletter for the Debian community. Some of the topics covered in this issue include:

TODO:

Bits from the DPL

Steve ?McIntyre send out another [http://lists.debian.org/debian-devel-announce/2008/09/msg00009.html "Bits from the DPL"] mail. Some of the topics he covers are the recently finished eight Debian Conference in Argentinia. Even though many developers and contributors could travel there he considers it a succesfull conference. He especially thanks the video team: "However, the video team did an [http://wiki.debconf.org/wiki/DebConf8/Videoteam/Thanks amazing job this year] who worked very hard making most of the sessions available via stream and forwarding questions via Internet Relay Chat." Steve is already looking forward to next years Debian Conference, which will take place in the Junta Extremadura in Spain.

He also summarizes the results of this years "Google Summer of Code" where students can work on specific free software projects and beeing paid by Google. Debian got thirteen project slots. Eleven of these projects where completed successfully (the rest needed to drop out due to unforseen problems).

Steve closes with a short summary about the upcoming stable release "Lenny". Preperations for a release candidate of the debian-installer are on its way and the release notes are taking shape. But there still a lot release critical bug left to be fixed.

What you can to for "Lenny"

Since the Debian GNU/Linux 5.0 "Lenny" hasn't been released, yet, Alexander Reichle-Schmehl [http://lists.debian.org/debian-devel-announce/2008/10/msg00000.html explained the problems briefly] and showed some open issues which need to resolved before "Lenny" can be released. He especially points out, that even "simple user" (which he categorizes as "everyone") can help.

While most release blockers and release goals have been dealt with -- including transitions to newer compilers, libraries and other tools -- the development has reached the final phase, where the last release critical bugs need to be fixed, upgrade tests are perfomed and the release notes are written out. He gave a brief overview on how to perform upgrade tests, which he later [http://blog.schmehl.info/Debian/releasing-lenny updated] in his blog and showed other ways to help, for example writing and translating the release notes.

He later [http://blog.schmehl.info/Debian/releasing-lenny-2 categorized] the remaining bugs to give some numbers, while Lucas Nussbaum created a detailed list of the [http://lists.debian.org/debian-devel/2008/10/msg00072.html remaining bugs].

In related news, Franklin Piat [http://lists.debian.org/debian-devel/2008/10/msg00043.html created] created a [http://wiki.debian.org/TestDebian list of things] users could test in the long term.

500000th bug reported

Christian Perrier [http://www.perrier.eu.org/weblog/2008/09/24#bug-500000-now noted] that the 500000th [http://bugs.debian.org/500000 bug] has been reported to Debians bug tracking sytem. Nobuhiro Iwamatsu requested a feature for the common debian build system, a tool used to create debian packages, and even provided a patch.

Lucas Nussbaum [http://www.lucas-nussbaum.net/blog/?p=312 provided] some statistics. From these 500000 bugs, nearly 410000 have already been solved.

Christian notes, that the vitality of the Debian Bug Tracking system is a proof of the vitality of development in Debian (the current bug report rate is about 60,000 bugs per year for a total of 24000 packages in the distribution, so only 2.5 bugs per year and package).

Therefore, Debian developers are proud as they had 500,000 occasions to interact with their users. Of course, they are also proud that 410000 of these bugs are currently closed and only 250 are release critical for the upcoming Debian lenny release.

Valid-Until field in Release files

While the current implemented archive structure prevents injection of faked packages (e.g. at a "bad" mirror) through a digital trust path, it still had a small flaw. A potential attacker could use outdated Release-Information and force people to use an outdated mirror leaving out the latest security updates. To address this problem, Jörg Jasper [http://blog.ganneff.de/blog/2008/09/23/valid-until-field-in-release-f.html added a "valid until"] field to the Release-Information. Package-Management can so check, if the data available on the mirror is up to date additionally to the verification of the offered data itself. Work has already begun to integrate such a feature in the apt package maneger and tools based upon it, however [http://bugs.debian.org/499897 some questions] are still open.

Choosing language during NAS installations

Martin Michlmayr [http://www.cyrius.com/journal/debian/nas-localechooser reported] that due to changes of the internal structure of the debian-installer, it is now possible to choose the language of the installation (and the resulting system). Installations on headless NAS devices are typically done remotly via SSH and up until now the network was started after the language had been choosen, so this feature was completly disabled for such devices. Due to changes in the component responsible for choosing the locale this feature could now be enabled for these kind of devices, too.

m68k moved to debian-ports

After missing release criteria for Etch and Lenny the m68k port made the switch from using the wanna-build instance on Debian infrastructure to the one on [http://www.debian-ports.org/ Debian-Ports]. This is a necessary step before m68k will be removed from the Debian archive. [http://unstable.buildd.net/index-m68k.html Buildd.Net] still supports the m68k architecture and already adopted to the switch. The m68k port was the first official port beside i386 and was released with Debian 2.0.

Other news

Christian Perrier [http://www.perrier.eu.org/weblog/2008/09/21#di-freeze-lenny-final released] the final number of languages which will be supported in the debian-installer of the upcoming release. All in all 63 languages will be supported, which are 5 more than in the current release.

A long term goal, the move from documentation in /usr/doc to /usr/share/doc as recommended in the Filesystem hierachy standard, has been [http://bugs.debian.org/322762#1225 completed recently].

Linux Kongress 2008

From Thursday the 9th of October to Friday the 10th of October, the Debian Project will participate with a booth at the Linux-Kongress 2008 in Hamburg, Germany. Please see the respective [http://www.debian.org/events/2008/1009-linuxkongress events page] for further details.

Technical Dutch Open Source Event 2008

From Saturday the 25th of October to Sunday the 26th of October, the Debian Project will participate with a booth at the Technical Dutch Open Source Event (T-DOSE) in Eindhoven, Netherlands. Please see the respective [http://www.debian.org/events/2008/1025-t-dose events page] for further details.

New Developers

6 applicants [http://lists.debian.org/debian-newmaint/2008/09/msg00059.html have been] [http://lists.debian.org/debian-newmaint/2008/09/msg00029.html accepted] as Debian Developers since the prior issue of the Debian Project News. Please welcome Tobias Grimm, Chris Lamb, Manuel Prinz, Patrick Schoenfeld, Sandro Tosi, Jan Wagner and Barry deFreese in our project!

Important Debian Security Advisories

Debian's Security Team recently released advisories for these packages (among others): [http://www.debian.org/security/2008/dsa-1638 openssh], [http://www.debian.org/security/2008/dsa-1639 twiki], [http://www.debian.org/security/2008/dsa-1641 phpmyadmin], [http://www.debian.org/security/2008/dsa-1642 horde3], [http://www.debian.org/security/2008/dsa-1644 mplayer], [http://www.debian.org/security/2008/dsa-1645 lighttpd], [http://www.debian.org/security/2008/dsa-1646 squid] and [http://www.debian.org/security/2008/dsa-1646 php5]. Please read them carefully and take the proper measures.

Please note that these are a selection of the more important security advisories of the last two weeks. If you need to be kept up to date about security advisories released by the Debian Security Team, please subscribe to the [http://lists.debian.org/debian-security-announce/ security mailing list] for announcements.

New and noteworthy packages

The following packages were added to the unstable Debian archive recently ([http://packages.debian.org/unstable/main/newpkg among others]):

[http://debaday.debian.net/2008/09/28/ddclient-getting-access-to-home-servers-despite-having-a-dynamic-ip/ ddclient] (an utility to get access to home servers despite having a dynamic IP), [http://debaday.debian.net/2008/09/21/flamerobin-a-gui-to-administer-firebirdinterbase-sql-servers/ ?FlameRobin] (a GUI to Administer Firebird/Interbase SQL servers) and [http://debaday.debian.net/2008/10/05/logstalgia-pong-like-apache-log-viewer/ logstalgia] (a pong-like apache log viewer) where presented by Debian Package of the Day.

Work-needing packages

Currently 444 packages are orphaned and 125 packages are up for adoption. Please take a look at [http://lists.debian.org/debian-devel/2008/09/msg00574.html the] [http://lists.debian.org/debian-devel/2008/09/msg00714.html recent] [http://lists.debian.org/debian-devel/2008/10/msg00020.html reports] to see if there are packages you are interested in or view the complete list of [http://www.debian.org/devel/wnpp/help_requested packages which need your help].

Want to continue reading DPN?

Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the [http://wiki.debian.org/ProjectNews/HowToContribute contributing page] to find out how to help. We're looking forward to receiving your mail at debian-publicity@lists.debian.org.

Ingo Juergensmann, Christian Perrier and Alexander Reichle-Schmehl contributed to this issue of the Debian Project News.


CategoryProjectNews