Posted on

My Debian Activities in December 2017

FTP master

This month I accepted 222 packages and rejected 39 uploads. The overall number of packages that got accepted this month was 348.

According to the statistic I now passed the mark of 12000 accepted packages.

Debian LTS

This was my forty second month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 14h. During that time I did LTS uploads of:

  • [DLA 1211-1] libxml2 security update for one CVE
  • [DLA 1213-1] openafs security update for one CVE
  • [DLA 1218-1] rsync security update for three CVEs
  • [DLA 1226-1] wireshark security update for four CVEs

I also started to work on opencv.

Last but not least I did one week of frontdesk duties.

Other stuff

During December I uploaded new upstream versions of …

I also did uploads of …

  • libosmocore to reintroduce the correct version of the library
  • gnupg-pkcs11-scd to finally depend on libssl-dev and libgcrypt20-dev
  • openbsc to fix a bug with libdbi
  • libsmpp34 to move the package to debian-mobcom
  • osmo-mgw to introduce the package to Debian
  • osmo-pcu to introduce the package to Debian
  • osmo-hlr to introduce the package to Debian
  • osmo-libasn1c to introduce the package to Debian
  • osmo-ggsn to introduce the package to Debian
  • libmatthew-java to fix a bug with java9 (thanks to Markus Koschany for the patch)

I also sponsored …

  • printrun, which really is a new upstream version!
Posted on

My Debian Activities in November 2017

FTP master

As you might have read elsewhere, I am no longer an FTP assistant. I am very delighted about my new delegation as FTP master.

So this month I almost doubled the number of accepted packages to 385 packages and rejected 60 uploads. The overall number of packages that got accepted this month was 448.

Debian LTS

This was my forty first month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 13h. During that time I did LTS uploads of:

  • [DLA 1188-1] libxml2 security update one CVE
  • [DLA 1191-1] python-werkzeug security update one CVE
  • [DLA 1192-1] libofx security update two CVEs
  • [DLA 1195-1] curl security update one CVE
  • [DLA 1194-1] libxml2 security update two CVEs

I also took care of an rsync issue and continued to work on wireshark.

Other stuff

During November I uploaded new upstream versions of …

I also did uploads of …

  • openoverlayrouter to change the source package Section: and fix some problems in Ubuntu
  • duktape to not only provide a shared library but also a pkg-config file
  • astronomical-almanac to make Helmut happy and fix a FTCBFS where he also provided the patch

Last month I wrote about apcupsd as the DOPOM of October. Unfortunately in November was the next power outage due to some malfunction in a transformer station. I never would have guessed that such a malfunction can do so much harm within the power grid. Anyway, the power was back after 31 minutes and my batteries would have lasted 34 minutes before turning off all computer. At least my spec was correct :-).

The DOPOM for this month has been dateutils.

As it is again this time of the year, I would also like to draw some attention to the Debian Med Advent Calendar. Like the past years, the Debian Med team starts a bug squashing event from the December 1st to 24th. Every bug that is closed will be registered in the calendar. So instead of taking something from the calendar, this special one will be filled and at Christmas hopefully every Debian Med related bug is closed. Don’t hestitate, start to squash :-).

Last but not least I sponsored the upload of evqueue-core.

Posted on

My Debian Activities in September 2017

FTP assistant

This month almost the same numbers as last month appeared in the statistics. I accepted 213 packages and rejected 15 uploads. The overall number of packages that got accepted this month was 425.

Debian LTS

This was my thirty-ninth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 15.75h. During that time I did LTS uploads of:

  • [DLA 1109-1] libraw security update for one CVE
  • [DLA 1117-1] opencv security update for 13 CVEs

I also took care of libstrusts1.2-java and marked all CVEs as not-affected and I marked all CVEs for jasper as no-dsa. I also started to work on sam2p.

Just as I wanted to upload a new version of libofx, a new CVE was discovered that was not closed in time. I tried to find a patch on my own but had difficulties in reproducing this issue.

Other stuff

This month I made myself familiar with glewlwyd and according to upstream, the Debian packages work out-of-the box. However upstream does not stop working on that software, so I uploaded new versions of hoel, ulfius and glewlwyd.

As libjwt needs libb64, which was orphanded, I used it as DOPOM and adopted it.

Does anybody still know the Mayhem-bugs? I could close one by uploading an updated version of siggen.

I also went through my packages and looked for patches that piled up in the BTS. As a result i uploaded updated versions of radlib, te923con, node-starttls, harminv and uucp.

New upstream versions of openoverlayrouter and fasttree also made it into the archive.

Last but not least I moved several packages to the debian-mobcom group.

Posted on

My Debian Activities in August 2017

FTP assistant

This month I accepted 217 packages and rejected 16 uploads. Though this might seem to be a low number this month, I am very pleased about the total number of packages that have been accepted: 558.

Debian LTS

This was my thirty-eight month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 20.25h. During that time I did LTS uploads of:

  • [DLA 1055-1] libgd2 security update for one CVE
  • [DLA 1060-1] libxml2 security update for two CVEs
  • [DLA 1062-1] curl security update for one CVE
  • [DLA 1063-1] extplorer security update for one CVE
  • [DLA 1065-1] fontforge security update for 8 CVEs
  • [DLA 1082-1] graphicsmagick security update for 8 CVEs

I also did the upload and sent the DLA for [DLA 1061-1] newsbeuter security update

Last but not least I also spent some time for frontdesk duties.

Other stuff

As announced last month I finished uploading all dependencies of glewlwyd and now we have an oauth2 server available in Debian. This month I am trying to really use it and will tell you about my experiences.

As the severity of the gcc-7 bugs have been raised, I took care of: #853501, #853304, #853305, #853306, #853307, #853308 and #871088

I also uploaded a new version of duktape and now try to also provide a library that can be used in other packages.

Last but not least my DOPOM of this month has been oysttyer. Actually it is a new package, but as ttytter has been abandonded upstream, this is the replacement. It is a fork so you should only get a new authorization key and simply use it as ttytter before.

Posted on

My Debian Activities in July 2017

FTP assistant

This month I am back to normal numbers and accepted 319 packages. I also kept the promise from last month and rejected 26 uploads.

Debian LTS

This was my thirty-seventh month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload went up to 23.5h. During that time I did LTS uploads of:

  • [DLA 1025-1] bind9 security update for two CVEs
  • [DLA 1038-1] libtasn1-3 security update for one CVE
  • [DLA 1025-2] bind9 regression update
  • [DLA 1039-1] rkhunter security update for one CVE
  • [DLA 1040-1] resiprocate security update for one CVE
  • [DLA 1041-1] nasm security update for two CVEs
  • [DLA 1042-1] libquicktime security update for seven CVEs

I could also remove libtorrent-rasterbar and pspp from dla-needed.txt as the affected code was not in the Wheezy version or it was just a simple bug.

Last but not least I also had a few days of frontdesk duties.

Other stuff

This month I uploaded a new version of entropybroker with a revised set of systemd service files. At the moment there is public instance of entropybroker running at eb.debian.net. Its entropy is fed by several Entropy Keys made by Simtec Electronics. Though it is public, it is not yet anonymous, so if you need some entropy please drop me a line. At the moment there are two consumers, but the buffers are still filled.

I also uploaded several new packages, orcania, yder, hoel and ulfius. If everything works as expected, there will be soon an oauth2 server available in Debian.

Last but not least my DOPOM of this month has been ptunnel.

Posted on

My Debian Activities in June 2017

FTP assistant

This month I marked 100 packages for accept and rejected zero packages. I promise, I will reject more in July!

Debian LTS

This was my thirty-sixth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload went down again to 16h. During that time I did LTS uploads of:

  • [DLA 994-1] zziplib security update for seven CVEs
  • [DLA 995-1] swftools security update for two CVEs
  • [DLA 998-1] c-ares security update for one CVE
  • [DLA 1008-1] libxml2 security update for five CVEs

I also tested the proposed apache2 package prepared by Roberto and started to work on a new bind9 upload

Last but not least I had five days of frontdesk duties.

Other stuff

This month was filled with updating lots of machines to Stretch. Everything went fine, so thanks a lot to everybody involved in that release.

Nevertheless I also did a DOPOM upload and now take care of otpw. Luckily most of the accumulated bugs already contained a patch, so that I just had to upload a new version and close them.

Posted on

My Debian Activities in May 2017

FTP assistant

This month I only marked 39 packages for accept and rejected 5 packages.

Debian LTS

This was my thirty-fifth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 27.25h. During that time I did LTS uploads or prepared one for Jessie/Sid:

  • [DLA 934-1] radicale security update for one CVE
  • [DLA 942-1] jbig2dec security update for three CVEs
  • [DLA 947-1] icu security update for two CVEs
  • [DLA 950-1] libtasn1-3 security update for one CVE
  • [DSA 3861-1] libtasn1-6 security update for one CVE
  • [DLA 956-1] libsndfile security update for four CVE
  • [DLA 957-1] bind9 security update for three CVEs
  • [DLA 962-1] tnef security update for one CVE
  • [DSA 3869-1] tnef security update for one CVE

For [DLA 948-1] dropbear and [DLA 958-1] libonig I only did the LTS bookkeeping and sent the DLA.

The icu upload would not have been possible without the help of Roberto.

I also tried to work on jasper, libxml2, libytnef and swftools but unfortunately all upstreams did not finish their respective patches this month, so maybe there will be an upload in June.

Other stuff

Again this has been a busy LTS month, so I only uploaded a new version of smstools, which closed most of its bugs and adopted adopted ptpd as DOPOM.

As a prerequisite of wview I uploaded radlib. Unfortunately I could not do anything for wview, so work on this has to be postponed. Another new package is te923con, which I hope is able to read data from my weather station.

Last but no least I fixed an RC bug in alljoyn-services-1504.

Posted on

My Debian Activities in April 2017

FTP assistant

This month I marked 72 packages for accept and sent one email to a maintainer asking questions. The number of rejections went down to 15. I would name that a good level again.

Debian LTS

This was my thirty-fourth month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

As others reduced their workload for this month, my all in all workload has been 23.75h. During that time I did uploads of

    [DLA 897-1] qbittorrent security update for two CVEs
    [DLA 898-1] libosip2 security update for four CVEs
    [DLA 901-1] radare2 security update for one CVE
    [DLA 914-1] minicom security update for one CVE
    [DLA 915-1] botan1.10 security update for one CVE
    [DLA 920-1] jasper security update for two CVEs

In addition I had one week of frontdesk duties.

I also started to work on icu and bind9. The patches for icu applied fine but the corresponding test did not work but stopped somewhere in the middle!? I am open for any suggestions why this could happen.

Other stuff

This has been a busy LTS month, so I only created node-tunein and adopted smstools as DOPOM.

Posted on

My Debian Activities in March 2017

FTP assistant

This month I marked 111 packages for accept and sent four emails to maintainers asking questions. The bad number of the month are the 41 packages I had to reject. This rejection rate was the worst of all my NEW-months.

May I ask everybody to pay a bit more attention before uploading/sponsoring a package?

Debian LTS

This was my thirty-third month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 14.75h. During that time I did uploads of

  • [DSA 3798-1] tnef security update for four CVEs
  • [DLA 839-2] tnef regression update
  • [DSA 3798-2] tnef regression update
  • tnef security update in unstable/testing for four CVEs
  • [DLA 878-1] libytnef security update for ten CVEs

I also took care of radare and marked all CVEs as not-affected in Wheezy. My next package on the list will be qbittorrent.

Other stuff

I uploaded a new version of entropybroker to fix a bug with the handling of return codes of ppoll. This version will also make it to Stretch. The same happens with a bug in alljoyn-services-1509. I don’t know why everybody talks about unblock-bugs that need to be filed!? The release team was always faster in granting the unblock than me in filing the corresponding bug.

As my DOPOM for this month I adopted httperf, took care of some bugs and sent patches upstream.

I also created a new project on Alioth that is called debian-mobcom (Alioth page), which shall be a place for all packages concerning mobile communication on the network part. I only uploaded libosmocore to experimental yet, so the package list is rather short.

Posted on

My Debian Activities in February 2017

FTP assistant

This month you didn’t hear much of me, as I only marked 97 packages for accept and rejected 17 packages. I only sent one email to maintainers asking questions.

Nevertheless the NEW queue is down to 46 packages at the moment, so my fellows in misery do a really good job :-).

Debian LTS

This was my thirty-second month that I did some work for the Debian LTS initiative, started by Raphael Hertzog at Freexian.

This month my all in all workload has been 13.00h. During that time I did uploads of

  • [DLA 832-1] bitlbee security update for three CVEs
  • [DLA 837-1] radare2 security update for one CVE
  • [DLA 839-1] tnef security update for four CVEs
  • [DLA 843-1] bind9 security update for one CVE

Thanks again to all the people who complied with my requests to test a package!

I also prepared the Jessie DSA for tnef which resulted in DSA 3798-1.

At the end of the month I did another week of frontdesk work and among other things I filed some bugs against packages from [1].

[1] https://security-tracker.debian.org/tracker/status/unreported

Other stuff

Reading about openoverlayrouter in the German magazine c’t, I uploaded that software to Debian.

I also uploaded npd6, which helped me to reach github from a IPv6-only-machine.
Further I uploaded pyicloud.

As my DOPOM for this mont I adopted bottlerocket. Though you can’t buy the hardware anymore, there still seem to be some users around.