Free software activities in July 2016

Datetime:2016-08-23 01:51:59          Topic: Debian  HTML           Share

Here is my monthly update covering a large part of what I have been doing in the free software world (previously):

  • Worked on ensuring that the web kiosk operating system Webconverger builds reproducibly. I may rework some of the patches to libisoburn and libisofs before sending them upstream.
  • Fixed an issue in django-enumfield , a custom Django web development field for type-safe named constants, to make the Enum.get interface more consistent. ( #36 )
  • Proposed a pull request for Regex Replace (a Chrome extension to automatically replace text on webpages) to ensure that the rules were correctly HTML encoded on the options page. ( #3 )
  • Proposed a change to ronn , a documentation generator that "is the opposite of roff", to make the output reproducible. ( #98 )
  • Proposed a change to txt2tags to make the output use SOURCE_DATE_EPOCH and non-timezone timestamps. ( #204 ).

Debian

  • Improved the NEW queue HTML report to display absolute timestamps when placing the cursor over relative times as well as to tidy the underlying HTML generation.
  • Tidied a patch for dak to also send mails to the signer of an uploaded upload if a package is rejected or accepted on security-master . ( #796784 )
  • Created a proof-of-concept wrapper for pymysql to reduce the diff between Ubuntu and Debian's packaging of python-django . ( tree )

LTS

This month I have been paid to work 14 hours on Debian Long Term Support (LTS ). In that time I did the following:

  • "Frontdesk" duties, triaging CVEs, etc.
  • Improved the bin/lts-cve-triage.py script to ignore packages that have been marked as unsupported.
  • Improved the bin/contact-maintainers script to print a nicer error message if you mistype the package name.
  • Issued the following advisories:
    • DLA 541-1 for libvirt making the password policy consistent across the QEMU and VNC backends with respect to empty passwords.
    • DLA 574-1 for graphicsmagick fixing two denial-of-service vulnerabilities.
    • DLA 548-1 and DLA 550-1 for drupal7 fixing an open HTTP redirect vulnerability and a privilege escalation issue respectfully.
    • DLA 557-1 for dietlibc removing the current directory from the current path.
    • DLA 577-1 for redis preventing the redis-cli tool creating world-readable history files.

Uploads

  • redis :
    • 3.2.1-2 — Avoiding race conditions in upstream test suite.
    • 3.2.1-3 — Correcting world_readable ~/.rediscli_history files.
    • 3.2.1-4 — Preventing a race condition in the previous upload's patch.
    • 3.2.2-1 — New upstream release.
    • 3.2.1-4~bpo8+1 — Backport to jessie-backports .
  • strip-nondeterminism :
    • 0.020-1 — Improved the PNG handler to not blindly trust chunk sizes, rewriting most of the existing code.
    • 0.021-1 — Correcting a regression in the PNG handler where it would leave temporary files in the generated binaries.
    • 0.022-1 — Correcting a further regression in the PNG handler with respect to IEND chunk detection.
  • python-redis (2.10.5-1~bpo8+1) — Backport to jessie-backports .
  • reprotest (0.2) — Sponsored upload.

Patches contributed

I submitted patches to fix faulty initscripts in lm-sensors , rsync , sane-backends & vsftpd .

In addition, I submitted 7 patches to fix typos in debian/rules against cme: , gnugk: `incorrect reference to dh_install_init , php-sql-formatter , python-django-crispy-forms , libhook-lexwrap-perl , mknbi & ruby-unf-ext .

I also submitted 6 patches to fix reproducible toolchain issues (ie. ensuring the output is reproducible rather than the package itself) against libextutils-parsexs-perl: `Please make the output reproducible , perl , naturaldocs , python-docutils , ruby-ronn & txt2tags .

Lastly, I submitted 65 patches to fix specific reproducibility issues in amanda , boolector , borgbackup , cc1111 , cfingerd , check-all-the-things , cobbler , ctop , cvs2svn , eb , eurephia , ezstream , feh , fonts-noto , fspy , ftplib , fvwm , gearmand , gngb , golang-github-miekg-pkcs11 , gpick , gretl , hibernate , hmmer , hocr , idjc , ifmail , ironic , irsim , lacheck , libmemcached-libmemcached-perl , libmongoc , libwebsockets , minidlna , mknbi , nbc , neat , nfstrace , nmh , ntopng , pagekite , pavuk , proftpd-dfsg , pxlib , pysal , python-kinterbasdb , python-mkdocs , sa-exim , speech-tools , stressapptest , tcpflow , tcpreen , ui-auto , uisp , uswsusp , vtun , vtwm , why3 , wit , wordgrinder , xloadimage , xmlcopyeditor , xorp , xserver-xorg-video-openchrome & yersinia .

RC bugs

I also filed 68 RC bugs for packages that access the internet during build against betamax , curl , django-localflavor , django-polymorphic , dnspython , docker-registry , elasticsearch-curator , elib.intl , elib.intl , elib.intl , fabulous , flask-restful , flask-restful , flask-restful , foolscap , gnucash-docs , golang-github-azure-go-autorest , golang-github-fluent-fluent-logger-golang , golang-github-franela-goreq , golang-github-mesos-mesos-go , golang-github-shopify-sarama , golang-github-unknwon-com , golang-github-xeipuuv-gojsonschema , htsjdk , lemonldap-ng , libanyevent-http-perl , libcommons-codec-java , libfurl-perl , libgravatar-url-perl , libgravatar-url-perl , libgravatar-url-perl , libgravatar-url-perl , libgravatar-url-perl , libhttp-async-perl , libhttp-oai-perl , libhttp-proxy-perl , libpoe-component-client-http-perl , libuv , libuv1 , licenseutils , licenseutils , licenseutils , musicbrainzngs , node-oauth , node-redis , nodejs , pycurl , pytest , python-aiohttp , python-asyncssh , python-future , python-guacamole , python-latexcodec , python-pysnmp4 , python-qtawesome , python-simpy , python-social-auth , python-structlog , python-sunlight , python-webob , python-werkzeug , python-ws4py , testpath , traitlets , urlgrabber , varnish-modules , webtest & zurl .

Finally, I filed 100 FTBFS bugs against abind , backup-manager , boot , bzr-git , cfengine3 , chron , cloud-sptheme , cookiecutter , date , django-uwsgi , djangorestframework , docker-swarm , ekg2 , evil-el , fasianoptions , fassets , fastinfoset , fest-assert , fimport , ftrading , gdnsd , ghc-testsuite , golang-github-magiconair-properties , golang-github-mattn-go-shellwords , golang-github-mitchellh-go-homedir , gplots , gregmisc , highlight.js , influxdb , jersey1 , jflex , jhdf , kimwitu , libapache-htpasswd-perl , libconfig-model-itself-perl , libhtml-tidy-perl , liblinux-prctl-perl , libmoox-options-perl , libmousex-getopt-perl , libparanamer-java , librevenge , libvirt-python , license-reconcile , louie , mako , mate-indicator-applet , maven-compiler-plugin , mgt , mgt , mgt , misc3d , mnormt , nbd , ngetty , node-xmpp , nomad , perforate , pyoperators , pyqi , python-activipy , python-bioblend , python-cement , python-gevent , python-pydot-ng , python-requests-toolbelt , python-ruffus , python-scrapy , r-cran-digest , r-cran-getopt , r-cran-lpsolve , r-cran-rms , r-cran-timedate , resteasy , ruby-berkshelf-api-client , ruby-fog-libvirt , ruby-grape-msgpack , ruby-jquery-rails , ruby-kramdown-rfc2629 , ruby-moneta , ruby-parser , ruby-puppet-forge , ruby-rbvmomi , ruby-redis-actionpack , ruby-unindent , ruby-web-console , scalapack-doc , scannotation , snow , sorl-thumbnail , svgwrite , systemd-docker , tiles-request , torcs , utf8proc , vagrant-libvirt , voms-api-java , wcwidth , xdffileio , xmlgraphics-commons & yorick .

FTP Team

As a Debian FTP assistant I ACCEPTed 114 packages: apertium-isl-eng , apertium-mk-bg , apertium-urd-hin , apprecommender , auto-apt-proxy , beast-mcmc , caffe , caffe-contrib , debian-edu , dh-make-perl , django-notification , dpkg-cross , elisp-slime-nav , evil-el , fig2dev , file , flightgear-phi , friendly-recovery , fwupd , gcc-5-cross , gdbm , gnustep-gui , golang-github-cznic-lldb , golang-github-dghubble-sling , golang-github-docker-leadership , golang-github-rogpeppe-fastuuid , golang-github-skarademir-naturalsort , golang-glide , gtk+2.0 , gtranscribe , kdepim4 , kitchen , lepton , libcgi-github-webhook-perl , libcypher-parser , libimporter-perl , liblist-someutils-perl , liblouis , liblouisutdml , libneo4j-client , libosinfo , libsys-cpuaffinity-perl , libtest2-suite-perl , linux , linux-grsec , lua-basexx , lua-compat53 , lua-fifo , lua-http , lua-lpeg-patterns , lua-mmdb , lua-openssl , mash , mysql-5.7 , node-quickselect , nsntrace , nvidia-graphics-drivers , nvidia-graphics-drivers-legacy-304xx , nvidia-graphics-drivers-legacy-340xx , openorienteering-mapper , oslo-sphinx , p4est , patator , petsc , php-mailparse , php-yaml , pykdtree , pypass , python-bioblend , python-cotyledon , python-jack-client , python-mido , python-openid-cla , python-os-api-ref , python-pydotplus , python-qtconsole , python-repoze.sphinx.autointerface , python-vispy , python-zenoss , r-cran-bbmle , r-cran-corpcor , r-cran-ellipse , r-cran-minpack.lm , r-cran-rglwidget , r-cran-rngtools , r-cran-scatterd3 , r-cran-shinybs , r-cran-tibble , reproject , retext , ring , ruby-github-api , ruby-rails-assets-jquery-ui , ruby-swd , ruby-url-safe-base64 , ruby-vmstat , ruby-webfinger , rustc , shadowsocks-libev , slepc , staticsite , steam , straight.plugin , svgwrite , tasksh , u-msgpack-python , ufo2otf , user-mode-linux , utf8proc , vizigrep , volk , wchartype , websockify & wireguard .





About List