My Free Software Activities in November 2019

Welcome to gambaru.de. Here is my monthly report that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.

Debian Games

  • Simon Schmeisser prepared a new upstream version of Ogre 1.12, a 3D object-oriented graphics rendering engine. I reviewed his work and gave some advice but he hasn’t had the time to work on the package again.
  • Auralquiz failed to build from source related to phonon4qt5. (#943870)
  • I packaged a new upstream Git snapshot of Berusky2, a 3D logic game with bugs (lalala). Asher Gordon and Bernhard Übelacker prepared patches to fix crashes which partially surfaced because of the switch to GCC 9.
  • Drascula, the evil vampire adventure game, didn’t want to start anymore and needed an update because of an engine change in ScummVM 2.10.
  • After I had updated armagetronad, the tron-like lightcycle game, a relocation error appeared due to changes in GCC 9 and prevented the game from starting. Thanks to boffi and Bernhard Übelacker we could identify the correct patch to address the problem.
  • After more than six years upstream released a new version of burgerspace again, a neat clone of burgertime, and its corresponding flatzebra library.
  • I packaged Minetest 5.1.0 and intend to backport this version to stable-backports soon.
  • Last but not least I decided to package the latest released version of caveexpress, which has a rather odd version number and contains only minor changes but I had to do it. 🙂

Debian Java

  • This month I packaged new releases of jboss-modules, intellij-annotations, easymock, undertow, activemq and jboss-xnio.
  • In order to let easymock migrate to testing I had to rebuild junit5, apiguardian, opentest4j and univocity-parsers and do source-only uploads. Currently all newly introduced packages to Debian have to be uploaded with all binaries included. Once the package has been approved, it is stuck in unstable and can’t migrate to testing and needs another source-only rebuild. I believe we should find a better way to reduce this kind of make-work when there is actually nothing to improve from the initial upload.
  • I have been working on a security update for Tomcat 8 in Stretch and hope to finish it soon.

Misc

  • As usual I updated some Firefox addons and packaged new upstream releases for privacybadger, https-everywhere and dispmua. The latter is actually a Thunderbird addon and displays what kind of email software (MUA) your correspondent uses (which can tell you a lot about someone’s personality 😉 ) I intend to prepare a stretch/buster-pu for it too.

Debian LTS

This was my 45. month as a paid contributor and I have been paid to work 24,5 hours on Debian LTS, a project started by Raphaël Hertzog. In that time I did the following:

  • DLA-1996-1. Issued a security update for libapache2-mod-auth-openidc fixing 1 CVE.
  • DLA-2023-1. Issued a security update for openjdk-7 fixing 16 CVE.
  • DLA-2027-1. Issued a security update for jruby fixing 4 CVE.
  • DLA-2028-1. Issued a security update for squid3 fixing 4 CVE.
  • DLA-2030-1. Issued a security update for jackson-databind fixing 2 CVE.

ELTS

Extended Long Term Support (ELTS) is a project led by Freexian to further extend the lifetime of Debian releases. It is not an official Debian project but all Debian users benefit from it without cost. The current ELTS release is Debian 7 „Wheezy“. This was my eightteenth month and I have been assigned to work 15 hours on ELTS.

  • I was in charge of our ELTS frontdesk from 25.11.2019 until 01.12.2019 and I triaged CVE in jetty, gnupg, rabbitmq-server, netkit-telnet and nss.
  • ELA-190-1. Issued a security update for linux fixing 2 CVE.
  • ELA-199-1. Issued a security update for intel-microcode fixing 2 CVE.
  • ELA-200-1. Issued a security update for openjdk-7 fixing 16 CVE. In order to improve the test coverage, I investigated together with Roberto Sanchez how to backport and use autopkgtests for OpenJDK 7. The idea is to catch changes in OpenJDK that are actually a regression in Debian but may not be an actual test failure. The previous release suddenly required to build the SunEC security provider in order to provide the same cryptographic classes to users as before and hopefully an autopkgtest is able to find such a regression earlier. The tests are currently not integrated in the package and only available locally but the intention is to make them available with the next security update.

Thanks for reading and see you next time.

Schreibe einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.

Diese Website verwendet Akismet, um Spam zu reduzieren. Erfahre mehr darüber, wie deine Kommentardaten verarbeitet werden.