My monthly report covers a large part of what I have been doing in the free software world. I write it for my donators (thanks to them!) but also for the wider Debian community because it can give ideas to newcomers and it’s one of the best ways to find volunteers to work with me on projects that matter to me.
This month I have been paid to work 10.25 hours on Debian LTS. In that time I did the following:
- CVE triage: I pushed 28 commits to the security tracker.
- Reviewed an exactimage update and an imagemagick update (prepared by their respective maintainers).
- Prepared and released DLA-229-1 on libnokogiri-ruby fixing one CVE.
- Prepared and released DLA-230-1 on eglibc fixing one CVE.
Other Debian work
Package Tracker. The Debian system administrators upgraded the machine hosting tracker.debian.org to jessie and I dealt with the fallout. Fixing the Apache configuration was easy but DACS also broke and I had to disable it (thus breaking login via sso.debian.org). Fortunately Enrico Zini and Martin Zobel-Helas debugged the problem and restored it.
Sponsorship. I sponsored a dolibarr upload and many tryton-modules-* uploads to bring Tryton 3.6 to Debian (and granted DM rights on the newly introduced packages to Matthias Behrle who is maintaining those packages).
Packaging. I uploaded a new upstream version of cpputest. I did that twice actually because the first version had failing tests (see #784674). I also filed #784959 on blhc because I saw what looked like a false positive report for a missing hardening flag.
I uploaded Django 1.8 to experimental. This is a major upstream release and shall ideally only be uploaded to sid after having reported problems on reverse dependencies. I doubt we will have the time to do this…
I started working on Publican 4.3.0 but the test suite fails and it’s not even the fault of publican for once. It’s a bug in libxml apparently.
See you next month for a new summary of my activities.