Debian-news is about one simple thing - news about Debian GNU/Linux and the top free distributions based on Debian GNU/Linux.


 

Debian Project News – January 7th, 2013

Welcome to this year’s first issue of DPN, the newsletter for the Debian community. Topics covered in this issue include: * wiki.debian.org security breach: global passwords reset * Bits from the DPL * Other news * New Debian Contributors * Release-Critical bugs statistics for the upcoming release * Important Debian Security Advisories * Work-needing packages * Want to continue reading DPN?

wiki.debian.org security breach: global passwords reset
——————————————————-

Steve McIntyre, administrator of the Debian wiki, announced that due to
a security breach, all wiki.debian.org account passwords are being
reset [1]. In order to regain access to your wiki account, you’ll need
to follow the password recovery process [2]. In the mail, Steve
explained that the Debian Security Team recently found a
vulnerability [3] in the moin package which had been succesfully
exploited for wiki.debian.org. The wiki has already been moved to
another server and an audit of the old server is ongoing.

1: http://lists.debian.org/debian-devel-announce/2013/01/msg00000.html
2: http://wiki.debian.org/FrontPage?action=recoverpass
3: http://www.debian.org/security/2012/dsa-2593

Bits from the DPL
—————–

Stefano Zacchiroli sent his monthly report of DPL activities for
December 2012 [4]. Stefano reported about progress in the “DPL helpers”
experiment, as well as collaborations with external projects such as the
Open Source Initiative (OSI) and Free Software Foundation (FSF). In
addition, Stefano reported that the debian.eu domain is finally under
control of the Debian System Administrators.

4: http://lists.debian.org/debian-devel-announce/2013/01/msg00001.html

Other news
———-

The thirty-first issue of the miscellaneous news for developers [5] has
been released and covers the following topics:

* amd64 most popular architecture according to popcon
* Register your media types to the IANA
* First release of dput-ng in “unstable”
* Recent changes on the Debian QA front
* Fancy graphs on lintian.debian.org

5: http://lists.debian.org/debian-devel-announce/2012/12/msg00002.html

Andreas Tille announced that the statistics about selected Debian
teams [6] have been updated, and now include all of 2012.

6: http://blends.debian.net/liststats/

New Debian Contributors
———————–

1 people have started to maintain packages [7] since the previous issue
of the Debian Project News. Please welcome David Smith into our project!

7: http://udd.debian.org/cgi-bin/new-maintainers.cgi

Release-Critical bugs statistics for the upcoming release
———————————————————

According to the Bugs Search interface of the Ultimate Debian
Database [8], the upcoming release, Debian “Wheezy”, is currently
affected by 171 Release-Critical bugs. Ignoring bugs which are easily
solved or on the way to being solved, roughly speaking, about 116
Release-Critical bugs remain to be solved for the release to happen.

8: http://udd.debian.org/bugs.cgi

There are also more detailed statistics [9] as well as some hints on how
to interpret [10] these numbers.

9: http://richardhartmann.de/blog/posts/2013/01/05-Debian_Release_Critical_Bug_report_for_Week_01/
10: http://wiki.debian.org/ProjectNews/RC-Stats

Important Debian Security Advisories
————————————

Debian’s Security Team recently released advisories for these packages
(among others): wireshark [11], mahara [12], elinks [13], moin [14],
virtualbox-ose [15], ghostscript [16], mediawiki-extensions [17],
rails [18], weechat [19], nss [20], cups [21], gnupg, and gnupg2 [22].
Please read them carefully and take the proper measures.

11: http://www.debian.org/security/2012/dsa-2590
12: http://www.debian.org/security/2012/dsa-2591
13: http://www.debian.org/security/2012/dsa-2592
14: http://www.debian.org/security/2012/dsa-2593
15: http://www.debian.org/security/2012/dsa-2594
16: http://www.debian.org/security/2012/dsa-2595
17: http://www.debian.org/security/2012/dsa-2596
18: http://www.debian.org/security/2013/dsa-2597
19: http://www.debian.org/security/2013/dsa-2598
20: http://www.debian.org/security/2013/dsa-2599
21: http://www.debian.org/security/2013/dsa-2600
22: http://www.debian.org/security/2013/dsa-2601

Please note that these are a selection of the more important security
advisories of the last weeks. If you need to be kept up to date about
security advisories released by the Debian Security Team, please
subscribe to the security mailing list [23] (and the separate backports
list [24], and stable updates list [25]) for announcements.

23: http://lists.debian.org/debian-security-announce/
24: http://lists.debian.org/debian-backports-announce/
25: http://lists.debian.org/debian-stable-announce/

Work-needing packages
———————

Currently [26] 519 packages are orphaned [27] and 141 packages are up
for adoption [28]: please visit the complete list of packages which need
your help [29].

26: http://lists.debian.org/debian-devel/2013/01/msg00101.html
27: http://www.debian.org/devel/wnpp/orphaned
28: http://www.debian.org/devel/wnpp/rfa
29: http://www.debian.org/devel/wnpp/help_requested

Want to continue reading DPN?
—————————–

Please help us create this newsletter. We still need more volunteer
writers to watch the Debian community and report about what is going on.
Please see the contributing page [30] to find out how to help. We’re
looking forward to receiving your mail at
.

30: http://wiki.debian.org/ProjectNews/HowToContribute

This issue of Debian Project News was edited by Cédric Boutillier,
Francesca Ciceri and Justin B Rye.

No Response to “Debian Project News – January 7th, 2013” »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Debian-News is not related to the Debian Project.
All logos and trademarks on this site are property of their respective owners.