Tag Archives: ftpmaster

My Debian Activities in August 2018

FTP master

This month was again dominated by warm weather and spending time outside is more enjoyable than spending time in NEW. So I only accepted 177 packages and rejected 2 uploads. The overall number of packages that got accepted this month was 400. Unfortunately it is becoming cold outside, so expect more REJECTS!

Debian LTS

This was my fiftieth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 23.75h. During that time I did LTS uploads of:

    [DLA 1468-1] fuse security update one CVE
    [DLA 1471-1] kamailio security update one CVE
    [DLA 1477-1] libgit2 security update three CVEs
    [DLA 1485-1] bind9 security update one CVE
    [DLA 1487-1] libtirpc security update one CVE

I also sent a debdiff for libgit2 in Stretch to the security team, which was not yet processed.

This month it was not that hard to understand the patches, but I had to struggle with different testing frameworks. One always crashed due to API changes and one made funny things when run as root. Nevertheless I am still glad about software that does at least some kind of testing!

Anyway, I also started looking at the CVEs of suricata and symfony and I am afraid it is not going to be easier …

Last but not least I did some days of frontdesk duties.

Debian ELTS

This month was the third ELTS month.

During my allocated time I uploaded:

  • ELA-25-1 for libcgroup
  • ELA-26-1 for libxcursor
  • ELA-31-1 for bind9
  • ELA-33-1 for libtirpc

As like in LTS, I also did some days of frontdesk duties.

Other stuff

I uploaded a new upstream version of …

.. and fixed a lot of bugs.

I improved packaging of …

The DOPOM (Debian Orphaned Package Of the Month) of this month has been mdns-scan. As it was abandoned by upstream, I intend to become that as well.

My Debian Activities in July 2018

FTP master

This month was dominated by warm weather and I spent more time in a swimming pool than in the NEW queue. So I only accepted 149 packages and rejected 5 uploads. The overall number of packages that got accepted this month was 380.

Debian LTS

This was my forty ninth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 30.00h. During that time I did LTS uploads of:

    [DLA 1428-1] 389-ds-base security update for 5 CVEs
    [DLA 1430-1] taglib security update for one CVE
    [DLA 1433-1] openjpeg2 security update for two CVEs
    [DLA 1437-1] slurm-llnl security update for two CVEs
    [DLA 1438-1] opencv security update for 17 CVEs
    [DLA 1439-1] resiprocate security update for two CVEs
    [DLA 1444-1] vim-syntastic security update for one CVE
    [DLA 1451-1] wireshark security update for 7 CVEs

Further I started to work on libgit and fuse. Last but not least I did some days of frontdesk duties.

Debian ELTS

This month was the second ELTS month.

During my allocated time I uploaded:

  • ELA-23-1 for wireshark
  • ELA-24-1 for fuse

I also tried to work on qemu but had to confess that those CVEs are far beyond my capabilities. Luckily qemu is no longer on the list of supported packages for ELTS. As there seemed to be some scheduling difficulties I stepped in and did 1.5 weeks of frontdesk duties.

Other stuff

This month I uploaded new packages of

  • pywws, a software to obtain data from some wheather stations
  • osmo-msc, a software from Osmocom

Further I continued to sponsor some glewlwyd packages for Nicolas Mora.

I also uploaded a new upstream version of …

I improved packaging of …

and fixed some bugs in …

The DOPOM (Debian Orphaned Package Of the Month) of this month has been sockstat. As there was a BUG about IPv6 support and upstream doesn’t seem to be active anymore, I revived it on github.

My Debian Activities in June 2018

FTP master

This month I accepted 166 packages and rejected only 7 uploads. The overall number of packages that got accepted this month was 216.

Debian LTS

This was my forty eighth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 23.75h. During that time I did LTS uploads of:

  • [DLA 1404-1] lava-server security update for one CVE
  • [DLA 1403-1] zendframework security update for one CVE
  • [DLA 1409-1] mosquitto security update for two CVE
  • [DLA 1408-1] simplesamlphp security update for two CVE

I also prepared a test package for slurm-llnl but got no feadback yet *hint* *hint*.

This month has been the end of Wheezy LTS and the beginning of Jessie LTS. After asking Ansgar, I did the reconfiguration of the upload queues on seger to remove the embargoed queue for Jessie and reduce the number of supported architectures.

Further I started to work on opencv.

Unfortunately the normal locking mechanism for work on packages by claiming the package in dla-needed.txt did not really work during the transition. As a result I worked on libidn and mercurial parallel to others. There seems to be room for improvement for the next transition.

Last but not least I did one week of frontdesk duties.

Debian ELTS

This month was the first ELTS month.

During my allocated time I made the first CVE triage in my week of frontdesk duties, extended the check-syntax part in the ELTS security tracker and uploaded:

  • ELA-3-1 for file
  • ELA-4-1 for openssl

Other stuff

During June I continued the libosmocore transition but could not finish it. I hope I can upload all missing packages in July.

Further I continued to sponsor some glewlwyd packages for Nicolas Mora.

The DOPOM package for this month was dvbstream.

I also upload a new upstream version of …

My Debian Activities in May 2018

FTP master

This month I accepted 304 packages and rejected 20 uploads. The overall number of packages that got accepted this month was 420.

Debian LTS

This was my forty seventh month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 24.25h. During that time I did LTS uploads of:

    [DLA 1387-1] cups security update for one CVE
    [DLA 1388-1] wireshark security update for 9 CVEs

I continued to work on the bunch of wireshark CVEs and sorted all out that did not affect Jessie or Stretch. At the end I sent my dediff with patches for 20 Jessie CVEs and 38 CVES for Stretch to Moritz so that he could compare them with his own work. Unfortunately he didn’t use all of them.

The CVEs for krb5 were marked as no-dsa by the security team, so there was no upload for Wheezy. Building the package for cups was a bit annoying as the test suite didn’t want to run in the beginning.

I also tested the apache2 package from Roberto twice and let the package do a second round before the final upload.

Last but not least I did a week of frontdesk duties and prepared my new working environment for Jessie LTS and Wheezy ELTS.

Other stuff

During May I did uploads of …

  • libmatthew-java to fix a FTBFS with Java 9 due to a disappearing javah. In the end it resulted in a new upstream version.

I also prepared the next libosmocore transistion by uploading several osmocom packages to experimental. This has to continue in June.

Further I sponsored some glewlwyd packages for Nicolas Mora. He is right on his way to become a Debian Maintainer.

Last but not least I uploaded the new package libterm-readline-ttytter-per, which is needed to bring readline functionality to oysttyer, a command line twitter client.

My Debian Activities in May 2018

FTP master

This month I accepted 304 packages and rejected 20 uploads. The overall number of packages that got accepted this month was 420.

Debian LTS

This was my forty seventh month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 24.25h. During that time I did LTS uploads of:

    [DLA 1387-1] cups security update for one CVE
    [DLA 1388-1] wireshark security update for 9 CVEs

I continued to work on the bunch of wireshark CVEs and sorted all out that did not affect Jessie or Stretch. At the end I sent my dediff with patches for 20 Jessie CVEs and 38 CVES for Stretch to Moritz so that he could compare them with his own work. Unfortunately he didn’t use all of them.

The CVEs for krb5 were marked as no-dsa by the security team, so there was no upload for Wheezy. Building the package for cups was a bit annoying as the test suite didn’t want to run in the beginning.

I also tested the apache2 package from Roberto twice and let the package do a second round before the final upload.

Last but not least I did a week of frontdesk duties and prepared my new working environment for Jessie LTS and Wheezy ELTS.

Other stuff

During May I did uploads of …

  • libmatthew-java to fix a FTBFS with Java 9 due to a disappearing javah. In the end it resulted in a new upstream version.

I also prepared the next libosmocore transistion by uploading several osmocom packages to experimental. This has to continue in June.

Further I sponsored some glewlwyd packages for Nicolas Mora. He is right on his way to become a Debian Maintainer.

Last but not least I uploaded the new package libterm-readline-ttytter-per, which is needed to bring readline functionality to oysttyer, a command line twitter client.

My Debian Activities in April 2018

FTP master

This month I accepted 145 packages and rejected 5 uploads. The overall number of packages that got accepted this month was 260.

Debian LTS

This was my forty sixth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 16.25h. During that time I did LTS uploads of:

    [DLA 1353-1] wireshark security update for 12 CVEs
    [DLA 1364-1] openslp-dfsg security update for one CVE
    [DLA 1367-1] slurm-llnl security update for one CVE

I also started to work on the next bunch of wireshark CVEs and I intend to upload packages for Jessie and Stretch as well.
Other packages I started are krb5 and cups.

Last but not least I did a week of frontdesk duties, where I check lots of CVEs for their impact on Wheezy.

Other stuff

During April I did uploads of …

  • pescetti to fix a FTBFS with Java 9 due to -source/-target only
  • salliere to fix a FTBFS with Java 9 due to -source/-target only
  • libb64 to fix a FTCBFS
  • chktex to fix a FTBFS with TeX Live 2018

Thanks to all the people who sent patches!

I also finished the libosmocore transistion this month by uploading the following osmocom packages to unstable and alongside fixing some bugs that our tireless QA tools detected:

Further I uploaded osmo-fl2k already two days after release. It is a nice software that enables an USB-VGA converter to be used as transmitter for all kind of signals. Of course just use it in a shielded room!

As Nicolas Mora, the upstream author of the oauth2 server glewlwyd, wanted to be more involved in Debian packaging, I sponsored some of his first packages. They are all new versions of his software:

I also uploaded a new upstream version of dateutils.

Last but not least I worked on some apcupsd bugs and I am down to 16 bugs now.

My Debian Activities in March 2018

FTP master

This month I accepted 252 packages and rejected 23 uploads. The overall number of packages that got accepted this month was 308.

I also took care of #890944.

Debian LTS

This was my forty fifth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 23.25h. During that time I did LTS uploads of:

    [DLA 1313-1] isc-dhcp security update for two CVEs
    [DLA 1312-1] libvorbisidec security update for one CVE
    [DLA 1333-1] dovecot security update for three CVEs
    [DLA 1334-1] mosquitto security update two CVEs
    [DSA 4152-1] mupdf security update for two Jessie CVEs and two Stretch CVEs

I also prepared a test package for wireshark, fixing 12 CVEs. I am still waiting for feedback :-).

The issues for mupdf did not affect Wheezy, so there has been no DLA. Instead the security team accepted my debdiff for Jessie and Stretch and published a DSA. Thanks to Luciano for doing this.
As it turned out, the patch I found for icu last month had been the correct one. But as it did not affect Wheezy, there has been no DLA as well.

Last but not least I did one week of frontdesk duties.

Other stuff

During march I did uploads of …

  • libctl to fix a FTBFS during binary-indep-only build

I also moved all oauth2 related packages as well as cd5 to salsa.

Last but not least I took care of some old bugs in apcupsd that no longer seem to be relevant.

My Debian Activities in February 2018

FTP master

This month everything came back to normal and I accepted 272 packages and rejected 30 uploads. The overall number of packages that got accepted this month was 423.

Debian LTS

This was my forty fourth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 23.75h. During that time I did LTS uploads of:

  • [DLA 1279-1] clamav security update for two CVEs
  • [DLA 1286-1] quagga security update for three CVEs
  • [DLA 1290-1] libvpx security update for one CVE
  • [DSA 4125-1] wavpack security update for three Jessie CVEs and three Stretch CVEs

The issues for wavpack did not affect Wheezy, so there has been no DLA. Instead the security team accepted my debdiff for Jessie and Stretch and published a DSA. Thanks to Sebastien for doing this.
I also started to work on a fix for ICU. Unfortunately Moritz did not agree with me on the correct patch for this. As upstream did not respond to my query yet, I did not do an upload.
I also did not finish my work on opencv, I am still searching for the correct C++ template. On the other hand I finished work on 12 of 22 CVEs for wireshark. The rest will be done in March.

Other stuff

During February I uploaded new upstream versions of …

I also moved all alljoyn packages as well as a56 to salsa.

My Debian Activities in January 2018

FTP master

This month I was distracted from NEW by private stuff, so I only accepted 141 packages and rejected 4 uploads. The overall number of packages that got accepted this month was 361.

Almost two years ago Moritz filed #817286. After some time of inactivity, this bug draw CIP’s attention. Civil Infrastructure Platform is a project under the umbrella of the Linux Foundation. Their basic goal is to provide security support for a very long time (10 years for software and 15 years for the kernel).

As this bugs meets one of their goals, they would like to support Debian and are going to sponsor my work on this bug. So hopefully in the near future staging repositories will be available in Debian.

Debian LTS

This was my forty third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 18.25h. During that time I did LTS uploads of:

  • [DLA 1235-1] opencv security update for two CVEs
  • [DLA 1252-1] couchdb security update for two CVEs
  • [DLA 1255-1] bind9 security update one CVE
  • [DLA 1258-1] wireshark security update for three CVEs
  • [DSA 4101-1] wireshark security update for three Jessie CVEs and three Stretch CVEs
  • [DLA 1263-1] curl security update one CVE

Unfortunately my debdiffs for opencv have not yet been processed by the security team. But as I also started to work on another round of CVEs for opencv, there will be another chance …

Last but not least I did one week of frontdesk duties.

Other stuff

During January I uploaded new upstream versions of …

My Debian Activities in December 2017

FTP master

This month I accepted 222 packages and rejected 39 uploads. The overall number of packages that got accepted this month was 348.

According to the statistic I now passed the mark of 12000 accepted packages.

Debian LTS

This was my forty second month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 14h. During that time I did LTS uploads of:

  • [DLA 1211-1] libxml2 security update for one CVE
  • [DLA 1213-1] openafs security update for one CVE
  • [DLA 1218-1] rsync security update for three CVEs
  • [DLA 1226-1] wireshark security update for four CVEs

I also started to work on opencv.

Last but not least I did one week of frontdesk duties.

Other stuff

During December I uploaded new upstream versions of …

I also did uploads of …

  • libosmocore to reintroduce the correct version of the library
  • gnupg-pkcs11-scd to finally depend on libssl-dev and libgcrypt20-dev
  • openbsc to fix a bug with libdbi
  • libsmpp34 to move the package to debian-mobcom
  • osmo-mgw to introduce the package to Debian
  • osmo-pcu to introduce the package to Debian
  • osmo-hlr to introduce the package to Debian
  • osmo-libasn1c to introduce the package to Debian
  • osmo-ggsn to introduce the package to Debian
  • libmatthew-java to fix a bug with java9 (thanks to Markus Koschany for the patch)

I also sponsored …

  • printrun, which really is a new upstream version!