My Debian Activities in September 2025

Debian LTS

This was my hundred-thirty-fifth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. During my allocated time I uploaded or worked on:

• [DLA 4168-2] openafs regression update to fix an incomplete patch in the previous upload.
• [DSA 5998-1] cups security update to fix two CVEs related to a authentication bypass and a denial of service.
• [DLA 4298-1] cups security update to fix two CVEs related to a authentication bypass and a denial of service.
• [DLA 4304-1] cjson security update to fix one CVE related to an out-of-bounds memory access.
• [DLA 4307-1] jq security update to fix one CVE related to a heap buffer overflow.
• [DLA 4308-1] corosync security update to fix one CVE related to a stack-based buffer overflow.

An upload of spim was not needed, as the corresponding CVE could be marked as ignored. I also started to work on an open-vm-tools and attended the monthly LTS/ELTS meeting.

Debian ELTS

This month was the eighty-sixth ELTS month. During my allocated time I uploaded or worked on:

• [ELA-1512-1] cups security update to fix two CVEs in Buster and Stretch, related to a authentication bypass and a denial of service.
• [ELA-1520-1] jq security update to fix one CVE in Buster and Stretch, related to a heap buffer overflow.
• [ELA-1524-1] corosync security update to fix one CVE in Buster and Stretch, related to a stack-based buffer overflow.
• [ELA-1527-1] mplayer security update to fix ten CVEs in Stretch, distributed all over the code.

The CVEs for open-vm-tools could be marked as not-affeceted as the corresponding plugin was not yet available. I also attended the monthly LTS/ELTS meeting.

Debian Printing

This month I uploaded a new upstream version or a bugfix version of:

• … ink to unstable to fix a gcc15 issue.
• … pnm2ppa to unstable to fix a gcc15 issue.
• … rlpr to unstable to fix a gcc15 issue.

This work is generously funded by Freexian!

Debian Astro

This month I uploaded a new upstream version or a bugfix version of:

• … supernovas to unstable (sponsored upload).
• … boinor to unstable.
• … einsteinpy to unstable.
• … libdfu-ahp to unstable to fix a cmake4 issue.
• … openvlbi to unstable to fix a cmake4 issue.
• … indi-aagcloudwatcher-ng to unstable to fix a cmake4 issue.
• … indi-astrolink4 to unstable to fix cmake4 issue.
• … indi-bresserexos2 to unstable to fix a cmake4 issue.
• … indi-apogee to unstable to fix cmake4 issue.
• … indi-dreamfocuser to unstable to fix a cmake4 issue.
• … indi-astromechfox to unstable to fix cmake4 issue.
• … indi-avalon to unstable to fix a cmake4 issue.
• … indi-armadillo-platypus to unstable to fix cmake4 issue.
• … indi-beefocus to unstable to fix a cmake4 issue.
• … indi-aok to unstable to fix a cmake4 issue.
• … indi-nexdome to unstable to fix a cmake4 issue.
• … indi-nightscape to unstable to fix a cmake4 issue.
• … indi-fli to unstable to fix a cmake4 issue.
• … indi-orion-ssg3 to unstable to fix a cmake4 issue.
• … indi-rtklib to unstable to fix a cmake4 issue.
• … indi-gpsd to unstable to fix a cmake4 issue.
• … indi-gige to unstable to fix a cmake4 issue.
• … indi-ffmv to unstable to fix a cmake4 issue.
• … indi-gpsnmea to unstable to fix a cmake4 issue.
• … indi-maxdomeii to unstable to fix a cmake4 issue.
• … indi-gphoto to unstable to fix a cmake4 issue.
• … indi-limesdr to unstable to fix a cmake4 issue.
• … indi-webcam to unstable to fix a cmake4 issue.
• … libahp-gt to unstable to fix a cmake4 issue.
• … indi-sx to unstable to fix a cmake4 issue.
• … libapogee3 to unstable to fix a cmake4 issue.
• … libpktriggercord to unstable to fix a cmake4 issue.
• … indi-sheylak to unstable to fix a cmake4 issue.
• … libfli to unstable to fix a cmake4 issue.
• … indi-talon6 to unstable to fix a cmake4 issue.
• … indi-starbook to unstable to fix a cmake4 issue.
• … indi-mgen to unstable to fix a cmake4 issue.
• … libahp-xc to unstable to fix a cmake4 issue.
• … indi-spectracyber to unstable to fix a cmake4 issue.
• … astronomical-almanac to unstable to fix a gcc15 issue.
• … indi-eqmod to unstable to fix a gcc15 issue.
• … indi-pentax to unstable

Debian IoT

This month I uploaded a new upstream version or a bugfix version of:

• … radlib to unstable, Joachim Zobel prepared a patch for a name collision of a binary.
• … pyicloud to unstable.

Debian Mobcom

This month I uploaded a new upstream version or a bugfix version of:

• … osmocom-dahdi-linux to unstable.

misc

The main topic of this month has been gcc15 and cmake4, so my upload rate was extra high. This month I uploaded a new upstream version or a bugfix version of:

• … readsb to unstable.
• … gcal to unstable. This was my first upload of a release where I am upstream as well.
• … libcds to unstable to fix a cmake4 issue.
• … pkcs11-proxy to unstable to fix cmake4 issue.
• … force-ip-protocol to unstable to fix a gcc15 issue.
• … httperf to unstable to fix a gcc15 issue.
• … otpw to unstable to fix a gcc15 issue.
• … rplay to unstable to fix a gcc15 issue.
• … uucp to unstable to fix a gcc15 issue.
• … spim to unstable to fix a gcc15 issue.
• … usb-modeswitch to unstable to fix a gcc15 issue.
• … gnucobol3 to unstable to fix a gcc15 issue.
• … gnucobol4 to unstable to fix a gcc15 issue.

I wonder what MBF will happen next, I guess the /var/lock-issue will be a good candidate.

On my fight against outdated RFPs, I closed 30 of them in September. Meanwhile only 3397 are still open, so don’t hesitate to help closing one or another.

FTP master

This month I accepted 294 and rejected 28 packages. The overall number of packages that got accepted was 294.