Posted on

My Debian Activities in May 2023

FTP master

This month I accepted 157 and rejected 22 packages. The overall number of packages that got accepted was 160.

Debian LTS

This was my hundred-seventh month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. 

This month my all in all workload has been 14h.

During that time I uploaded:

  • [DLA 3430-1] cups-filters security update for one CVE
  • [DSA 5407-1] cups-filters security update for one CVE
  • [unstable] upload of cups-filters to fix CVE-2023-24805
  • [#1036548] unblock bug to fix CVE-2023-24805 in bookworm
  • [unstable] upload of sniproxy to fix CVE-2023-25076
  • [DSA 5413-1] sniproxy security update in Bullseye for one CVE
  • [cups] working to fix CVE-2023-32324 in unstable, Bookworm, Bullseye, Buster

The CVEs for cups-filters and cups have been embargoed ones, so the work for cups was done in May but the uploads happen in June.

I also did some work on security-master to inject missing dependencies for hugo and gitlab-workhose.

Last but not least I did some days on frontdesk duties.

Debian ELTS

This month was the fifty eighth ELTS month.

  • [ELA-852-1] cups-filters security update in Jessie and Stretch for one CVE
  • [ELA-856-1] freetype security update in Jessie and Stretch for two CVEs
  • [ELA-857-1] libtasn1-6 security update in Jessie and Stretch for one CVE
  • [cups] working to fix CVE-2023-32324 in Jessie and Stretch

The CVEs for cups-filters and cups have been embargoed ones, so the work for cups was done in May but the uploads happen in June.

Last but not least I did some days on frontdesk duties.

Debian Astro

This month I uploaded some packages to fix RC bugs, that were
detected by one of many QA tools:

Thanks a lot to all the hardworking people who run these tools!

Debian Printing

This month I could fix RC bugs in:

This work is generously funded by Freexian!

Debian Mobcom

This month I could fix RC bugs in:

Other stuff

Some other packages also had last minute RC bugs:

I even did an upload of a new package force-ip-protocol. I finally had enough of people using IPv6 for their hosts but are unable to configure it. Now I can force firefox, or whatever software, to only use IPv4. One nuisance settled.

Posted on

My Debian Activities in April 2023

FTP master

This month I accepted 103 and rejected 11 packages. The overall number of packages that got accepted was 103.

Debian LTS

This was my hundred-sixth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. 

This month my all in all workload has been 14h.

During that time I uploaded:

  • [DLA 3405-1] libxml2 security update for two CVE
  • [DLA 3406-1] sniproxy security update for one CVE
  • [sniproxy] updates for Unstable + Bullseye prepared and debdiffs sent to maintainer
  • [1033759] pu-bug: duktape/bullseye uploaded and accepted
  • [1029976] pu-bug: libzen/bullseye uploaded and accepted

I also continued to work on ring in Buster and Bullseye, where some new CVEs appeared.

Debian ELTS

This month was the fifty seventh ELTS month.

Unfortunately I couldn’t use up all my allocated hours and I was only able to continue my work on openssl1.0. I plan to do an upload in May.

Debian Astro

Due to a change in numpy the planetary-system-stacker stopped working. I created a patch and uploaded a new package. Meanwhile it already arrived in testing and I could analyse some pictures of the sun again.

Other stuff

Looking at my notes, there is nothing to be reported here.

Posted on

My Debian Activities in March 2023

FTP master

This month I accepted 78 and rejected 12 packages. The overall number of packages that got accepted was 78.

I still love this calm and peaceful time now within the Debian project, when everybody only cares for RC bugs and NEW does not grow.

Debian LTS

This was my hundred-fifth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. 

This month my all in all workload has been 14h.

During that time I uploaded:

  • [DLA 3358-1] mpv security update for one CVE
  • [DLA 3372-1] xorg-server embargoed security update for one CVE
  • [DLA 3374-1] libmicrohttpd security update for one CVE
  • [DLA 3378-1] duktape security update for one CVE
  • [1033759] pu-bug for duktape/bullseye

I also participated in the monthly LTS-meeting.

Last but not least I did some days of frontdesk duties and took care of issues on security-master.

Debian ELTS

This month was the fifty sixth ELTS month.

  • [ELA-821-1] xorg-server embargoed security update of Jessie and Stretch for one CVE
  • [ELA-824-1] libmicrohttpd security update of Jessie and Stretch for one CVE

The duktape update in Stretch is more complicated than expected and I could not finish it this month.

I also started to work on openssl1.0

Last but not least I did some days of frontdesk duties

Debian Printing

This month I uploaded new versions or improved packages of:

  • hplip (bug fixing)
  • cups (update translations)

The unblock bug for hplip was already processed, the unblock bug for cups is still waiting. Hopefully the last minute work of the translators was not wasted.

Parts of this work is generously funded by Freexian!

Other stuff

Looking at my notes, there is nothing to be reported here.

Posted on

My Debian Activities in February 2023

FTP master

This month I accepted 284 and rejected 49 packages. The overall number of packages that got accepted was 286.

I love this calm and peaceful time now within the Debian project, when everybody only cares for RC bugs and NEW does not grow.

Debian LTS

This was my hundred-fourth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. 

This month my all in all workload has been 8h.

During that time I uploaded:

  • [DLA 3310-1] xorg-server security update for one CVE

As I added all missing ELA uploads to the git repository I also had a look at package-operations and added stuff to make my life a bit easier.

Debian ELTS

This month was the fifty fifth ELTS month.

  • [ELA-794-1] xorg-server security update of Jessie and Stretch for one CVE

I also made myself familiar with the mandatory git workflow and committed all my packages of this years ELA to the corresponding repository.

Debian Astro

This month I uploaded improved packages or new versions of:

Debian Printing

This month I uploaded new versions or improved packages of:

As ippsample does not build on i386, I filed a RM bug for this architecture. Maybe in a later upstream release it will be available again on all architectures.

I could also close lots of bugs that happen to be fixed upstream, but have not been closed with the upload of the new version.

Parts of this work is generously funded by Freexian!

Other stuff

This month I uploaded improved packages of:

The upload of feynmf could only happen due to the help of several people (please see #1029439). Thanks a lot!

Posted on

My Debian Activities in January 2023

FTP master

This month I accepted 419 and rejected 46 packages. The overall number of packages that got accepted was 429. Looking at these numbers and comparing them to the previous month, one can see: the freeze is near. Everybody wants to get some packages into the archive and I hope nobody is disappointed.

Debian LTS

This was my hundred-third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. 

This month my all in all workload has been 14h.

During that time I uploaded:

  • [DLA 3272-1] sudo (embargoed) security update for one CVE
  • [DLA 3286-1] tor security update for one CVE
  • [DLA 3290-1] libzen security update for one CVE
  • [libzen Bullseye] debdiff sent to maintainer
  • [DLA 3294-1] libarchive security update for one CVE

I also attended the monthly LTS meeting and did some days of frontdesk duties.

Debian ELTS

This month was the fifty fourth ELTS month.

  • [ELA-772-1] sudo security update of Jessie and Stretch for one CVE
  • [ELA-781-1] libzen security update of Stretch for one CVE
  • [ELA-782-1] xorg-server security update of Jessie and Stretch for six CVEs
  • [ELA-790-1] libarchive security update of Jessie and Stretch for one CVEs

Last but not least I did some days of frontdesk duties.

Debian Astro

This month I uploaded improved packages or new versions of:

I also uploaded new packages:

Debian IoT

This month I uploaded improved packages of:

Debian Printing

This month I uploaded new versions or improved packages of:

I also uploaded new packages:

Posted on

My Debian Activities in December 2022

FTP master

This month I accepted 276 and rejected 27 packages. The overall number of packages that got accepted was 288.

Debian LTS

This was my hundred-second month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. 

This month my all in all workload has been 14h but due to Christmas I managed only to do 10h.

During that time I uploaded:

  • [DLA 3256-1] xorg-server security update for six CVEs
  • [DLA 3255-1] mplayer security update for ten CVEs

Debian ELTS

This month was the fifty third ELTS month.

During my allocated time I marked all CVEs of the multipath-tools as not-affected and started to work on another snapd update. As I spend more time than expected with my family, I also failed to accomplish my ELTS workload.

Last but not least I did some days of frontdesk duties.

Debian Astro

This month I uploaded improved packages or new versions of:

I also updated almost all of the about 50 indi-3rdparty packages.

Debian Mobcom

This month I uploaded improved packages of:

Debian IoT

This month I uploaded improved packages of:

Debian Printing

This month I uploaded improved packages of:

Other stuff

This month I uploaded improved packages of:

Further I uploaded new versions of a bunch of golang packages.

Posted on

My Debian Activities in November 2022

FTP master

This month I accepted 292 and rejected 43 packages. The overall number of packages that got accepted was 295.

Debian LTS

This was my hundred-first month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian. 

This month my all in all workload has been 14h.

During that time I uploaded:

  • [DLA 3200-1] graphicsmagick security update for one CVE
  • [DLA 3201-1] ntfs-3g security update for one CVE
  • [inetutils]found unfixed CVE in latest DLA

I also started to work on ring, but this seems to be a pile of work. Not least because at the moment the package does not migrate to testing.

Further I started to investigate what packages are really affected by CVE-2018-17942. It looks like some upstreams and their corresponding maintainers did not care about that CVE in the embedded gnulib.

Last but not least I did some days of frontdesk duties.

Debian ELTS

This month was the fifty second ELTS month.

During my allocated time I uploaded:

  • [ELA-736-1] ntfs-3g security update of Jessie and Stretch for one CVE
  • [ELA-745-1] snapd security update of Jessie for two CVEs
  • [ELA-746-1] inetutils security update of Jessie for two CVEs

Last but not least I did some days of frontdesk duties.

Debian Mobcom

This month I uploaded improved packages of:

Other stuff

This month I uploaded improved packages of:

Posted on

My Debian Activities in October 2022

FTP master

This month I accepted 484 and rejected 55 packages. The overall number of packages that got accepted was 492.

Debian LTS

This was my hundredth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.  Woohoo, There is a party. (yes I am old). Unfortunately there are already 101 completed month listed in the debian-lts-announce archive, so I seem to have counted wrong once. *sigh*, yes I am old.

This month my all in all workload has been 14h.

During that time I uploaded:

  • [DLA 3168-1] openvswitch security update for one CVE
  • [DLA 3167-1] ncurses security update for one CVE
  • [#1020596] bullseye-pu: mod-wsgi/4.7.1-3+deb11u1 upload
  • [graphicsmagick] debdiff for Bullseye sent to security team (update as DLA or via PU?)
  • [graphicsmagick] prepared upload for Buster
  • [libvncserver] debdiff for Buster and Bullseye sent to maintainer (no upload yet :-()

I also started to work on virglrenderer.

Last but not least I took care of NEW packages on security-master.

Debian ELTS

This month was the fifty first ELTS month.

During my allocated time I uploaded:

  • [ELA-719-1] graphicsmagick security update of Jessie and Stretch for one CVE
  • [ELA-720-1] bluez security update of Jessie and Stretch for three CVEs
  • marked two CVEs of curl as not-affected for Jessie and Stretch
  • checked that all patches for dpdk need to be backported, unfortunately that was beyond my capabilities

I also started to work on snapd.

Last but not least I finally managed to become familiar with the git workflow and imported several packages to the salsa repository.

Debian Astro

This month I uploaded new upstream versions or improved packaging of:

I also uploaded a new package pysqm. This software supports the Sky Quality Meters made by Unihedron. I was kindly given an SQM-LU for USB and SQM-LE with network adapter. I plan to put a working Python3 version of the old PySQM software into Debian, package the UDM (Unihedron Device Manager) and finally check the support within Indi.

Debian IoT

This month I uploaded new upstream versions or improved packaging of:

Debian Mobcom

This month I finished the transition of the Osmocom packages, except
osmo-mgw and osmo-msc seem to have problems. I have no idea how I can solve this, so help is appreciated.

Other stuff

This month I uploaded new packages:

Posted on

My Debian Activities in September 2022

FTP master

This month I accepted 226 and rejected 33 packages. The overall number of packages that got accepted was 232.

All in all I addressed about 60 RM-bugs and either simply removed the package or added a moreinfo tag. In total I spent 5 hours for this task.

Anyway, I have to repeat my comment from last month: please have a look at the removal page and check whether the created dak command is really what you wanted. It would also help if you check the reverse dependencies and write a comment whether they are important or can be ignored or also file a new bug for them. Each removal must have one bug!

Debian LTS

This was my ninety-ninth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 14h.

During that time I uploaded:

  • [DLA 3111-1] mod-wsgi security update for one CVE
  • [#1020596] bullseye-pu: mod-wsgi/4.7.1-3+deb11u1
  • [DLA 3119-1] expat security update for one CVE
  • [DLA 3125-1] libvncserver security update for two CVEs
  • [DLA 3126-1] libsndfile security update for one CVE
  • [DLA 3127-1] libhttp-daemon-perl security update for one CVE
  • [DLA 3130-1] tinyxml security update for one CVE

I also started to work on frr.

Last but not least I did some days of frontdesk duties and took care of issues on security-master.

Debian ELTS

This month was the fiftieth ELTS month.

During my allocated time I uploaded:

  • [ELA-685-1] ntfs-3g security update of Stretch for eight CVE
  • [ELA-686-1] expat security update of Jessie and Stretch for one CVE
  • [ELA-690-1] libvncserver security update of Stretch for one CVE

Last but not least I did some days of frontdesk duties.

Debian Printing

This month I uploaded new upstream versions or improved packaging of:

Debian IoT

This month I uploaded new upstream versions or improved packaging of:

Debian Mobcom

This month I started another upload session for new upstrea versions:

Other stuff

This month I uploaded new packages:

Posted on

My Debian Activities in August 2022

FTP master

This month I accepted 375 and rejected 25 packages. The overall number of packages that got accepted was 386.

I also had a closer look at the RM-bugs. All in all I addressed about 90 of them and either simply removed the package or added a moreinfo tag. In total I spent 13 hours for this task.

Anyway, if you want to have your RM-bug processed in a timely manner, please have a look at the removal page and check whether the created dak command is really what you wanted. It would also help if you check the reverse dependencies and write a comment whether they are important or can be ignored or also file a new bug for them. Each removal must have one bug!

Debian LTS

This was my ninety-eighth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 30.00h. As I started to become a Freexian collaborator in this month, I only worked 17h on the LTS project.

During that time I uploaded:

  • [#1010380] buster-pu: flac/1.3.2-3+deb10u2, upload
  • [#1009076] buster-pu: minidlna/1.2.1+dfsg-2+deb10u3, upload
  • [#1009251] buster-pu: fribidi/1.0.5-3.1+deb10u2, upload
  • [#1008578] buster-pu: golang-github-russellhaering-goxmldsig/0.0~git20170911.b7efc62-1+deb10u1, upload
  • [#1016391] bullseye-pu: libhttp-daemon-perl/6.12-1+deb11u1, upload
  • [DLA 3088-1] net-snmp security update for six CVEs
  • [unstable] mod-wsgi for one CVE

I also started to work on upx-ucl.

Debian ELTS

This month was the forty-ninth ELTS month.

During my allocated time I uploaded:

  • [ELA-655-1] libhttp-daemon-perl security update of Jessie and Stretch for one CVE
  • [ELA-659-1] mod-wsgi security update of Stretch for one CVE
  • [ELA-667-1] gst-plugins-good1.0 security update of Jessie and Stretch for seven CVEs
  • [ELA-668-1] net-snmp security update of Jessie and Stretch for six CVEs

Debian Printing

This month I uploaded new upstream versions or improved packaging of:

Debian Astro

This month I uploaded new upstream versions or improved packaging of: