{"id":11141,"date":"2020-02-10T23:57:58","date_gmt":"2020-02-10T22:57:58","guid":{"rendered":"https:\/\/gambaru.de\/blog\/?p=11141"},"modified":"2020-02-11T00:00:07","modified_gmt":"2020-02-10T23:00:07","slug":"my-free-software-activities-in-january-2020","status":"publish","type":"post","link":"https:\/\/gambaru.de\/blog\/2020\/02\/10\/my-free-software-activities-in-january-2020\/","title":{"rendered":"My Free Software Activities in January 2020"},"content":{"rendered":"\n<p>Welcome to gambaru.de. Here is my monthly report (+ the first week in February) that covers what I have been doing for Debian. If you're interested in Java, Games and LTS topics, this might be interesting for you.<\/p>\n\n\n\n<h2>Debian Games<\/h2>\n\n\n\n<ul><li>Again Reiner Herrman did a very good job with updating some of the most famous FOSS games in Debian. I reviewed and sponsored <a href=\"https:\/\/tracker.debian.org\/pkg\/supertux\">supertux<\/a> 0.6.1.1, <a href=\"https:\/\/tracker.debian.org\/pkg\/supertuxkart\">supertuxkart<\/a> 1.1 and <a href=\"https:\/\/tracker.debian.org\/pkg\/love\">love<\/a> 11.3, also several updates to fix build failures with the latest version of scons in Debian.  Reiner Herrmann, Moritz M\u00fchlenhoff and Phil Wyett contributed patches to fix release critical bugs in <a href=\"https:\/\/tracker.debian.org\/pkg\/netpanzer\">netpanzer<\/a>, <a href=\"https:\/\/tracker.debian.org\/pkg\/boswars\">boswars<\/a>, <a href=\"https:\/\/tracker.debian.org\/pkg\/btanks\">btanks<\/a>, and <a href=\"https:\/\/tracker.debian.org\/pkg\/xboxdrv\">xboxdrv<\/a>.<\/li><li>I packaged new upstream versions of <a href=\"https:\/\/tracker.debian.org\/pkg\/minetest\">minetest<\/a> 5.1.1, <a href=\"https:\/\/tracker.debian.org\/pkg\/empire\">empire<\/a> 1.15 and <a href=\"https:\/\/tracker.debian.org\/pkg\/bullet\">bullet<\/a> 2.89.<\/li><li>I backported <a href=\"https:\/\/tracker.debian.org\/pkg\/freeciv\">freeciv<\/a> 2.6.1 to buster-backports and<\/li><li>applied a patch by Asher Gordon to fix a teleporter bug in <a href=\"https:\/\/tracker.debian.org\/pkg\/berusky2\">berusky2<\/a>. He also submitted another patch to address even more bugs and I hope to review and upload a new revision soon.<\/li><\/ul>\n\n\n\n<h2>Debian Java<\/h2>\n\n\n\n<ul><li>This month I packaged new releases of <a href=\"https:\/\/tracker.debian.org\/pkg\/libpdfbox2-java\">libpdfbox2-java<\/a>, <a href=\"https:\/\/tracker.debian.org\/pkg\/undertow\">undertow<\/a>, <a href=\"https:\/\/tracker.debian.org\/pkg\/easymock\">easymock<\/a>, <a href=\"https:\/\/tracker.debian.org\/pkg\/lombok-patcher\">lombok-patcher<\/a>, <a href=\"https:\/\/tracker.debian.org\/pkg\/libtwelvemonkeys-java\">libtwelvemonkeys-java<\/a>, <a href=\"https:\/\/tracker.debian.org\/pkg\/wildfly-common\">wildfly-common<\/a> and <a href=\"https:\/\/tracker.debian.org\/pkg\/checkstyle\">checkstyle<\/a> (CVE-2019-10782). <\/li><li>I requested the removal of <a href=\"https:\/\/tracker.debian.org\/pkg\/libxmlrpc3-java\">libxmlrpc3-java<\/a> from Debian and prepared DSA-4619-1 to fix CVE-2019-17570.<\/li><li>I fixed CVE-2019-17571 in <a href=\"https:\/\/tracker.debian.org\/pkg\/apache-log4j1.2\">apache-log4j1.2<\/a> and intend to address the same problem in Buster and Stretch soon.<\/li><\/ul>\n\n\n\n<h2>Misc<\/h2>\n\n\n\n<ul><li>As the maintainer I requested the removal of pyblosxom, a web blog engine written in Python 2. Unfortunately <a href=\"https:\/\/tracker.debian.org\/pkg\/pyblosxom\">pyblosxom<\/a> is no longer actively maintained and the port to Python 3 has never been finished. I thought it would be better to remove the package now since we have a couple of good alternatives like <a href=\"https:\/\/tracker.debian.org\/pkg\/hugo\">Hugo<\/a> or <a href=\"https:\/\/tracker.debian.org\/pkg\/jekyll\">Jekyll<\/a>.<\/li><li>I packaged new upstream versions of <a href=\"https:\/\/tracker.debian.org\/pkg\/wabt\">wabt<\/a> and <a href=\"https:\/\/tracker.debian.org\/pkg\/privacybadger\">privacybadger<\/a>.<\/li><\/ul>\n\n\n\n<h2>Debian LTS<\/h2>\n\n\n\n<p>This was my 47. month as a paid contributor and I have been paid to work 15 hours on <a href=\"https:\/\/wiki.debian.org\/LTS\/\">Debian LTS<\/a>, a project started by <a href=\"https:\/\/raphaelhertzog.com\">Rapha\u00ebl Hertzog<\/a>. In that time I did the following:<\/p>\n\n\n\n<ul><li><a href=\"https:\/\/lists.debian.org\/debian-lts-announce\/2020\/01\/msg00008.html\">DLA-2065-1<\/a>. Issued a security update for apache-log4j1.2 fixing 1 CVE.<\/li><li><a href=\"https:\/\/lists.debian.org\/debian-lts-announce\/2020\/01\/msg00024.html\">DLA-2077-1<\/a>. Issued a security update for tomcat7 fixing 2 CVE.<\/li><li><a href=\"https:\/\/lists.debian.org\/debian-lts-announce\/2020\/01\/msg00033.html\">DLA-2078-1<\/a>. Issued a security update for libxmlrpc3-java fixing 1 CVE.<\/li><li><a href=\"https:\/\/lists.debian.org\/debian-lts-announce\/2020\/02\/msg00005.html\">DLA-2097-1<\/a>. Issued a security update for ppp fixing 1 CVE.<\/li><li><a href=\"https:\/\/lists.debian.org\/debian-lts-announce\/2020\/02\/msg00006.html\">DLA-2098-1<\/a>. Issued a security update for ipmitool fixing 1 CVE.<\/li><li><a href=\"https:\/\/lists.debian.org\/debian-lts-announce\/2020\/02\/msg00008.html\">DLA-2099-1<\/a>. Issued a security update for checkstyle fixing 1 CVE.<\/li><\/ul>\n\n\n\n<p><\/p>\n\n\n\n<h2>ELTS<\/h2>\n\n\n\n<p>Extended Long Term Support (<a href=\"https:\/\/wiki.debian.org\/LTS\/Extended\">ELTS<\/a>) is a project led by <a href=\"https:\/\/www.freexian.com\/\">Freexian<\/a> to further extend the lifetime of Debian releases. It is not an official Debian project but all Debian users benefit from it without cost. The current ELTS release is Debian 7 \"Wheezy\". This was my twentieth month and I have been paid to work 10 hours on ELTS.<\/p>\n\n\n\n<ul><li><a href=\"https:\/\/deb.freexian.com\/extended-lts\/updates\/ela-208-1-tomcat7\/\">ELA-208-1<\/a>. Issued a security update for tomcat7 fixing 2 CVE.<\/li><li><a href=\"https:\/\/deb.freexian.com\/extended-lts\/updates\/ela-209-1-linux\/\">ELA-209-1<\/a>. Issued a security update for linux fixing 41 CVE.<\/li><li>Investigated CVE-2019-17023 in nss which is needed to build and run OpenJDK 7. I found that the vulnerability did not affect this version of nss because of the incomplete and experimental support for TLS 1.3.<\/li><\/ul>\n\n\n\n<p>Thanks for reading and see you next time.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Welcome to gambaru.de. Here is my monthly report (+ the first week in February) that covers what I have been doing for Debian. If you&#8217;re interested in Java, Games and LTS topics, this might be interesting for you. Debian Games Again Reiner Herrman did a very good job with updating some of the most famous &hellip; <\/p>\n<p class=\"link-more\"><a href=\"https:\/\/gambaru.de\/blog\/2020\/02\/10\/my-free-software-activities-in-january-2020\/\" class=\"more-link\"><span class=\"screen-reader-text\">\u201eMy Free Software Activities in January 2020\u201c<\/span> weiterlesen<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[5],"tags":[53,68,155],"_links":{"self":[{"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/posts\/11141"}],"collection":[{"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/comments?post=11141"}],"version-history":[{"count":3,"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/posts\/11141\/revisions"}],"predecessor-version":[{"id":11145,"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/posts\/11141\/revisions\/11145"}],"wp:attachment":[{"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/media?parent=11141"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/categories?post=11141"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/gambaru.de\/blog\/wp-json\/wp\/v2\/tags?post=11141"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}