Tag Archives: DOPOM

Debian Orphaned Package Of the Month

My Debian Activities in March 2017

FTP assistant

This month I marked 111 packages for accept and sent four emails to maintainers asking questions. The bad number of the month are the 41 packages I had to reject. This rejection rate was the worst of all my NEW-months.

May I ask everybody to pay a bit more attention before uploading/sponsoring a package?

Debian LTS

This was my thirty-third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 14.75h. During that time I did uploads of

  • [DSA 3798-1] tnef security update for four CVEs
  • [DLA 839-2] tnef regression update
  • [DSA 3798-2] tnef regression update
  • tnef security update in unstable/testing for four CVEs
  • [DLA 878-1] libytnef security update for ten CVEs

I also took care of radare and marked all CVEs as not-affected in Wheezy. My next package on the list will be qbittorrent.

Other stuff

I uploaded a new version of entropybroker to fix a bug with the handling of return codes of ppoll. This version will also make it to Stretch. The same happens with a bug in alljoyn-services-1509. I don’t know why everybody talks about unblock-bugs that need to be filed!? The release team was always faster in granting the unblock than me in filing the corresponding bug.

As my DOPOM for this month I adopted httperf, took care of some bugs and sent patches upstream.

I also created a new project on Alioth that is called debian-mobcom (Alioth page), which shall be a place for all packages concerning mobile communication on the network part. I only uploaded libosmocore to experimental yet, so the package list is rather short.

My Debian Activities in February 2017

FTP assistant

This month you didn’t hear much of me, as I only marked 97 packages for accept and rejected 17 packages. I only sent one email to maintainers asking questions.

Nevertheless the NEW queue is down to 46 packages at the moment, so my fellows in misery do a really good job :-).

Debian LTS

This was my thirty-second month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 13.00h. During that time I did uploads of

  • [DLA 832-1] bitlbee security update for three CVEs
  • [DLA 837-1] radare2 security update for one CVE
  • [DLA 839-1] tnef security update for four CVEs
  • [DLA 843-1] bind9 security update for one CVE

Thanks again to all the people who complied with my requests to test a package!

I also prepared the Jessie DSA for tnef which resulted in DSA 3798-1.

At the end of the month I did another week of frontdesk work and among other things I filed some bugs against packages from [1].

[1] https://security-tracker.debian.org/tracker/status/unreported

Other stuff

Reading about openoverlayrouter in the German magazine c’t, I uploaded that software to Debian.

I also uploaded npd6, which helped me to reach github from a IPv6-only-machine.
Further I uploaded pyicloud.

As my DOPOM for this mont I adopted bottlerocket. Though you can’t buy the hardware anymore, there still seem to be some users around.

My Debian Activities in January 2017

FTP assistant

This month I only marked 146 packages for accept and rejected 25 packages. I only sent 3 emails to maintainers asking questions.

Nevertheless I could pass a big mark. All in all I accepted more than 10000 packages now!

Debian LTS

This was my thirty-first month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 12.75h. During that time I did uploads of

  • [DLA 805-1] bind9 security update for three CVEs
  • [DLA 806-1] zoneminder security update for one CVE

Unfortunately the upload of jasper had to be postponed, as there is no upstream fix for most of the open CVEs yet.
I also suggested to mark th slum-llnl CVE as , as the patch would be too invasive. Further I did another week of frontdesk work.

Last but not least I took care of about 140 items of the TODO list[1]. Ok, it was not that much work, but the enormous number is impressing :-). I also had a look at [2] and filed bugs against two packages. Within hours the maintainers responded to that bugs, clarified everything to mark the CVEs as not-affected and nobody has to care about them anymore. This is a good example of how the knowledge of the maintainer can help the security teams! So, if you have some time left, have a look at [3] and take care of something.

[1] https://security-tracker.debian.org/tracker/status/todo
[2] https://security-tracker.debian.org/tracker/status/unreported
[3] https://security-tracker.debian.org/tracker

Other stuff

This month I sponsored a new round of sidedoor and printrun. After advocating Dara Adib to become Debian Maintainer, I hope my activities as sponsor can be reduced again :-).

Further I uploaded another version of setserial, but as you can see in #850762 it does not seem to satisfy everybody. I also uploaded new upstream versions of duktape and pipexec.

As I didn’t do any DOPOM in December I adopted two packages in January: pescetti and salliere. I dedicate those uploads to my aunt Birgit, who was a passionate bridge player. You will never be forgotten.

DOPOM: gnupg-pkcs11-scd – GnuPG smart-card daemon with PKCS#11 support

According to the Work-Needing and Prospective Packages page 1002 packages are ophaned at the moment. Why is this number always tending upwards?

Anyway, this month I adopted gnupg-pkcs11-scd. It did not migrate to testing for 1881 days and meanwhile got an RC bug for the openssl transition. So this was an ideal victim for DOPOM (Debian Orphaned Package Of the Month).

DOPOM: libmatthew-java – Unix socket API and bindings for Java

While looking at the “action needed”-paragraph of one of my packages, I saw that a dependency was orphaned and needed a new maintainer. So I decided to restart DOPOM (Debian Orphaned Package Of the Month), that I started in 2012 with ent as the first package.

This month I adopted libmatthew-java. Sure it was not a big deal as the QA-team already did a good job and kept the package in shape. But now there is one burden lifted from their shoulders.

According to the Work-Needing and Prospective Packages page 956 packages are ophaned at the moment. If every Debian contributor grabs one of them, we could unwind the QA-team (no, just kidding). So similar to NEW which was down to 0 this year, can we get rid of the WNPP as well? At least for a short time?

IPv6 tunnel with Hurricane Electric (1.11 – 1.16)

Unfortunately Hurricane Electric (or tunnelbroker.net) uses 6in4 tunnels. In order to create a tunnel, my first obstacle is an IP address that answers pings. As I am captured behind a badly configured CGN of a German cable provider (Telecolumbus), I am afraid it is not possible to use the service of HE.

So for the rest of the experiment I will stick to the infrastructure provided by SixXS (of course I am pretty sure that the service of HE would be excellent as well).

DOPOM: scheme48 – A simple, modular, and lightweight Scheme implementation

Some years ago I heard about Scheme and was fascinated by the (at that time at least for me) strange syntax. As this was not yet the time of WWW, I even bought a book to learn more about it.
Unfortunately priorities changed and I needed to spend my time on other things. As I now found that orphaned package I would like to give it a second try and at least keep it rolling.

DOPOM: a56 – Motorola DSP56001 assembler

Since I first looked at the list of orphaned Debian packages (available at http://www.debian.org/devel/wnpp/orphaned) some time ago, the package a56 has been the lonely leader of the list.

This package contains a freeware assembler for the 56000 architecture. These chips have been very popular in the 1980s (used in NeXT, Atari Falcon and SGI Indigo Workstations).
Updated versions are still used in today’s devices like some mobile phones (-> http://www.freescale.com/webapp/sps/site/homepage.jsp?code=563XXGPDSP)

So, being a bit nostalgic, I adopted this package and brought it to shape. There was even a small bug that I was able to close.

DOPOM: greylistd – Greylisting daemon for use with Exim 4

I was really amazed that a package like greylistd does not have an active  maintainer anymore.

Further looking at popcon, this package is only installed on just a few computers. The reason might be that it is only installed on servers that do not take part in popcon.

Anyway, this package needs a maintainer and here I am.

My first upload to ‘experimental’ mainly takes care of lintian warnings and closes a few bugs:

  • #375504: don’t expire entries every check:  the fix was contributed by Steven A. Reisman and verified by Jason  Cormie.
  • #585231: do not use Python strings exceptions anymore

The next step will be to take care of bugs with patches and than reduce the number of other bugs.

Please feel free to help fixing bugs or volunteer for becoming a comaintainer :-).

Here you can find the PTS page.

DOPOM: setserial – controls configuration of serial ports

The DOPOM package for this month shall be setserial. Although the serial interface is more and more replaced by other things like USB or network interfaces, I know at least one application that depends on this oldfashioned stuff.

setserial has 14 bugs, some of them are rather old. So, here we go:

  •  #314219: package configure goes wrong
  •  #589620: Cannot set baud rate to 4800
  •  #589621: Cannot set baud rate to 4800
  •  #618630: setserial does not work with USB serial interfaces
  •  #618631: (no subject)
  •  #299933: ppp: Cannot convert to /etc/network/interfaces method while serial device
  •  #311813: setserial doesn’t work with serial device
  •  #410099: setserial dosen’t work in manual Mod.
  •  #468420: During install I get: “The update-modules command is deprecated and should not be used!”
  •  #518313: installs obsolete /etc/modutils/setserial
  •  #375276: don’t mislead by saying “loading saved-state” if none
  •  #459912: would be nice if one can disable a fifo via setserial
  •  #522622: setserial as a essential package
  •  #314963: init.d bails out on detecting /etc/serial.conf

#589620 and #589621 as well as #618630 and #618631 are the same. Great, two done, twelve left

#518313 is easy, since modutils is gone, don’t install that file

#468420 can be closed by not using update-modules

The solution to #375276 is mentioned in the bugreport. In case the serial line is handled by the kernel (= #KERNEL in the config file) just say so.

#589620 might be a misunderstaning. setserial is not meant to set the baudrate but only to set the base_baud. The base_baud depends on the hardware and
might not be set under certain circumstances. So this seems to be a feature instead of a bug.

#618630 might be a problem with strange hardware or the driver not supporting the needed ioctl(). At least with my usb serial devices I could not reproduce that bug

#299933 has been resolved by just waiting. Nowadays the order of init scripts is rearranged and this problem should not occur anymore

#311813 is again an ioctl() issue. setserial uses TIOCGSERIAL and statserial uses TIOCMGET so depending on the kernel one or the other feature might not work

So for the moment only five bugs out of 14 are still left (#314219, #410099, #459912, #522622, #314963), well done :-).