My Free Software Activities in September 2016

Welcome to Here is my monthly report that covers what I have been doing for Debian. If you're interested in Android, Java, Games and LTS topics, this might be interesting for you.

Debian Android

Debian Games

  • I packaged a new upstream release of hyperrogue, a rogue-like game settled in a non-euclidian world, fixing one RC bug (#811991). I uploaded two more revisions later that addressed  build failures on arm64 and hppa.
  • I fixed more RC bugs (build failures with GCC-6) in torus-trooper (#835712) and fife (#811858).
  • I packaged new upstream releases of pygame-sdl2, renpy, freeorion, netrek-client-cow, redeclipse, redeclipse-data, hitori, atomix, adonthell and adonthell-data.
  • I updated gtkballs and fixed a documentation bug (#820588) but also a /usr/share/locale issue that prevented the actual use of the translations.
  • I raised the severity of #797998 to grave in unknown-horizons because the game cannot be started currently. In order to fix this issue I packaged a new build-dependency, fifechan, which is currently awaiting approval by the FTP team. As soon as fifechan got accepted I will upload new upstream releases of fife and unknown-horizons.
  • I released debian-games 1.5, a Debian blend and collection of games metapackages.
  • Hardening-wrapper has been deprecated for some time and this issue became release critical now. I updated cookietool, alex4 and netrek-client-cow to use dpkg-buildflags instead.
  • Together with Russel Coker I packaged a new upstream release of warzone2100. This package would benefit from a new regular uploader. If you are interested in it, please get involved. (Same story for hyperrogue, redeclipse, renpy and unknown-horizons and many other games.)
  • I started a new Bullet transition (#839243). The package is currently waiting in the NEW queue and I hope to complete this work in October.
  • I triaged #838199 and reassigned the issue to fonts-roboto. Initially I prepared an NMU but eventually the maintainer uploaded a new revision himself. It is now possible to install the hinted and unhinted versions of fonts-roboto together which also resolved former installation problems with kodi and freeorion.

Debian Java

  • I packaged new upstream releases of undertow, activemq and jackrabbit.
  • I fixed RC bugs in libphonenumber (#836768), wagon2 (#837022) and activemq (#839244).
  • I updated syncany in experimental and simplified the packaging a little. Unfortunately upstream has been on hiatus for the past year and we haven't seen new releases in the meantime. Nevertheless give it a try, even though it is still alpha software, it's an useful cloud-storage and synchronization tool.
  • I sponsored a new upstream release of freeplane for Felix Natter.
  • I prepared and uploaded security updates for jackrabbit and zookeeper in Jessie.

Debian LTS

This was my eight month as a paid contributor and I have been paid to work 12,25 hours on Debian LTS, a project started by Raphaël Hertzog. In that time I did the following:

  • From 12. September until 19. September I was in charge of our LTS frontdesk. I triaged bugs in tiff3, mysql-5.5, curl, dropbear, mantis, icu, dwarfutils, jackrabbit, zendframework, zookeeper and graphicsmagick. For the latter I skimmed through all commits since the last version to identify the patches that fix the recent issues in graphicsmagick. I also answered questions on the mailing list and contacted Diego Biurrun again about his progress with libav. It is now anticipated that Hugo Lefeuvre and Diego will issue a new libav security release this month.
  • I reviewed and tested a patch by Raphaël Hertzog for roundcube.
  • DLA-629-1. Issued a security update for jackrabbit fixing 1 CVE.
  • DLA-630-1. Issued a security update for zookeeper fixing 1 CVE.
  • DLA-633-1. Issued a security update for wordpress fixing 7 CVE. This one also required backports of certain functions from newer releases and a database upgrade that required careful testing.
  • I also issued DLA-622-1 and DLA-623-1, two security issues that I already mentioned last month. It was discovered that Debian's versions of Tomcat were vulnerable to a root privilege escalation issue. However it was also necessary that another exploit, for instance in a web application, could be used to gain write access as the tomcat user. Former security issues were already fixed and new ones are not known. Nevertheless since a zero-day exploit could not be ruled out, the issue was embargoed for a month to give other distributions time to fix this issue as well. You can read more about this topic at

Non-maintainer uploads


  • I packaged a new upstream release of MediathekView.
  • I uploaded a new revision of xarchiver and applied a patch from Helmut Grohne that made it possible to cross-build the package.

2 Replies to “My Free Software Activities in September 2016”

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.