Welcome to gambaru.de. Here is my monthly report (+ the first week in August) that covers what I have been doing for Debian. If you’re interested in Java, Games and LTS topics, this might be interesting for you.
- Last month GCC 10 became the new default compiler for Debian 11 and compilation errors are now release critical. The change affected dozens of games in the archive but fortunately most of them are rather easy to fix and a quick workaround is available. I uploaded several packages with patches from Reiner Herrmann including blastem, freegish, gngb, phlipple, xaos, xboard, gamazons and freesweep. I could add to this list atomix, teg, neverball and biniax2. I am quite confident we can fix the rest of those FTBFS bugs before the freeze.
- Finally freeorion 0.4.10 was released last month. Among new gameplay changes and bug fixes, freeorion’s Python 2 code was ported to Python 3.
- Due to the ongoing Python 2 removal pygame-sdl2 in unstable could no longer be built from source and I had to upload the new Python 3 version from experimental. This in turn breaks renpy, a framework for developing visual-novel type games. At the moment it is uncertain if there will be a Python 3 version of renpy for Debian 11 in time while this issue is still being worked on upstream.
- I uploaded a new upstream release of mgba, a Game Boy Advance emulator, for Ryan Tandy.
- I packaged a new upstream release of libtwelvemonkeys-java and prepared the security update of tomcat9 together with Emmanuel Bourg released as DSA-4627-1.
- I fixed the GCC 10 FTBFS in iftop and packaged a new upstream release of osmo, a lean and lightweight personal organizer.
- New versions of privacybadger, binaryen, wabt and most importantly ublock-origin are also available now. Since the new binary packages webext-ublock-origin-firefox and webext-ublock-origin-chromium were finally accepted into the archive, I am planning to package version 1.29.0 now.
- DLA-2278-2. Issued a regression update for squid3. It was discovered that the patch for CVE-2019-12523 interrupted the communication between squid and icap or ecap services. The setup is most commonly used with clamav or similar antivirus scanners. I debugged the problem and created a new patch to address the error. In this process I also updated the patch for CVE-2019-12529 to use more code from Debian’s cryptographic nettle library. I also enabled the test suite by default now and corrected a failing test.
- I have been working on fixing CVE-2020-15049 in squid3. The upstream patch for the 4.x series appears to be simple but to completely address the underlying problem, squid3 requires a backport of the new HttpHeader parsing code which has improved a lot over the last couple of years. The patch is complete but requires more testing. A new update will follow soon.
Extended Long Term Support (ELTS) is a project led by Freexian to further extend the lifetime of Debian releases. It is not an official Debian project but all Debian users benefit from it without cost. The current ELTS release is Debian 8 „Jessie“. This was my 26. month and I have been paid to work 13,25 hours on ELTS.
- ELA-242-1. Issued a security update for tomcat7 fixing 1 CVE.
- ELA-243-1. Issued a security update for tomcat8 fixing 1 CVE.
- ELA-253-1. Issued a security update for imagemagick fixing 18 CVE.
- ELA-254-1. Issued a security update for libssh fixing 1 CVE.
Thanks for reading and see you next time.