Language Selection

English French German Italian Portuguese Spanish


Freedombone version 4.0

Filed under

The Freedombone project is pleased to announce the launch of version 4.0, based upon Debian 10. At the end of the second decade of the 21st century the shattered remains of the open web are a site of ongoing struggle. The freedom to communicate with others securely and in a manner of your own choosing, and to own your data, is increasingly threatened.

Superficially, decentralized systems appear to be gaining ground, but the harsh reality is that the internet has become highly concentrated around a few companies with unprecedented political influence.

There is no freedom without freedom of association. That is, having the ability to define who you are and what kind of community you want to live in. This release includes Community Networks as an initial step towards networks run by and for the people who use them.

Read more

Also: Freedomebone 4.0 released

Bits from the [Debian] Stable Release Managers

Filed under



The Stable Release Managers, with the support of the rest of the
Release Team, are responsible for updates to the stable release (and
oldstable while that suite is also being supported by the Security
Team), via point releases and the stable-updates mechanism [STABLE-

You can see the current status of proposed updates to stable via our
BTS pseudo-package [BTS] and our tracking website. [QUEUE-VIEWER]

First 'buster' point release

The first point release for Debian 10 has been scheduled for 7th
September 2019. That is slightly later after buster's initial release 
than we would normally aim for, but an earlier date has proved
difficult with DebConf and holidays.

A point release for 'stretch', Debian 9.10, will also take place on the
same day.

Following the release of 10.1, we will continue to aim for stable point
releases on an approximately two-month basis, and oldstable every three
to four months.

As always, the first update to a new release is very busy, so we ask
for your patience if you are still awaiting a reply to an upload
request. It may be that an update to your package is deferred to a
later point release purely from a workload perspective; more serious or
more urgent fixes will be prioritised.


Uploads to a supported stable release should target their suite name in
the changelog, i.e. 'buster' or 'stretch'. You should normally use
reportbug and the pseudo-package to send a *source*
debdiff, rationale and associated bug numbers to the Stable Release
Managers, and await a request to upload or further information.

If you are confident that the upload will be accepted without changes,
please feel free to upload at the same time as filing the bug. However if you are new to the process, we would
recommend getting approval before uploading so you get a chance to see
if your expectations align with ours.

Either way, there must be an accompanying bug for tracking, and your
upload must comply with the acceptance criteria below.

Update criteria

Here's a reminder of our usual criteria for accepting fixes. These are
designed to help the process be as smooth and frustration-free as
possible for both you and us.

   * The bug you want to fix in stable must be fixed in unstable
     already (and not waiting in NEW or the delayed queue)
   * The bug should be of severity "important" or higher
   * Bug meta-data - particularly affected versions - must be
     up to date
   * Fixes must be minimal and relevant and include a sufficiently
     detailed changelog entry
   * A source debdiff of the proposed change must be included
     in your request (not just the raw patches or "a debdiff
     can be found at $URL")
   * The proposed package must have a correct version number
     (e.g. ...+deb10u1 for buster or +deb9u1 for stretch) and you
     should be able to explain what testing it has had
   * The update must be built in an (old)stable environment or chroot
   * Fixes for security issues should be co-ordinated with the
     Security Team, unless they have explicitly stated that they
     will not issue an DSA for the bug (e.g. via a "no-dsa" marker
     in the Security Tracker) [SECURITY-TRACKER]

Please don't post a message on the debian-release mailing list and
expect it not to get lost - there must be a bug report against

We make extensive use of usertags to sort and manage requests, so
unless you particularly enjoy crafting bug meta-data, reportbug is
generally the best way of generating your request. Incorrectly tagged
reports may take longer to be noticed and processed.


for the SRMs

Read more

Also: Debian 10.1 Expected For Release In One Month

Debian: Resilient Linux, Debian Activities and Debian Upgrade

Filed under
  • Review: Resilient Linux, PrimeOS and BlueLight

    The first project on my experimental list is Resilient Linux. Resilient is based on Debian 9 "Stretch" and is designed to run with the operating system on a read-only partition. A second partition, referred to as the persistence partition, includes system updates and user data. This arrangement offers a few benefits. One is that we can backup the entire system by taking a snapshot or archive of the persistence partition. Another is that attackers cannot directly corrupt or compromise the main operating system partition since they cannot write to it. Finally, it should be very easy to restore or transfer an existing system by installing Resilient and then copying the persistence partition to the new operating system.

    The Resilient website reports that the persistence partition can be encrypted for additional security and the distribution is available in Desktop and Server editions. At the moment, Resilient is available for 64-bit computers (x86_64) only. The distribution's Desktop edition is available as a 3.2GB Zip file, which unpacks to a 4.3GB image file.

    I tried booting off the image file and, each time, the system began to boot and then dropped me to an initramfs prompt. After trying a few different boot options, I had to admit defeat. While Resilient is not working for me yet, I think the idea of a read-only operating system partition makes sense. It sounds similar to openSUSE's Transactional Server or Fedora's Silverblue operating system, but with a Debian base. I am hoping the next release runs for me so I can give this concept a try.

  • Thorsten Alteholz: My Debian Activities in July 2019

    After the release of Buster I could start with real work in NEW again. Even the temperature could not hinder me to reject something. So this month I accepted 279 packages and rejected 15. The overall number of packages that got accepted was 308.

  • Emmanuel Kasper: Debian 9 -> 10 Ugrade report

    I upgraded my laptop and VPS to Debian 10, as usual in Debian everything worked out of the box, the necessary daemons restarted without problems.


    I was a bit unsure at first, as I thought I would need to fight my way through the nine different config files of the dokuwiki debian package in /etc/dokuwiki

    However the issue was not so complicated: as the apache2 php module was disabled, apache2 was outputting the source code of dokuwiki instead of executing it. As you see, I don't php that often.

Ubuntu and Debian: Stephan Fabel, DebConf, Debian's Kotlin and MATE 1.22

Filed under
  • Open Source: Where is it going? – Global Banking & Finance Review

    By Stephan Fabel, Director of Product at Canonical – the publisher of Ubuntu.

  • Debian's DebConf 19 Slides & Video Presentations

    Debian's annual developer conference, DebConf, wrapped up last week in Curitiba, Brasil. The slide decks and video recordings for many of those presentations are now available.

    DebConf 19 featured talks ranging from Spectre/Meltdown concerns to Debian containers and cloud, the state of RDMA support within Debian, music and games, and a variety of other topics.

    There is a Git repository collecting the slides from DebConf 2019 but sadly many of the talks do not have their material uploaded yet.

  • Debian GSoC Kotlin project blog: Packaging Dependencies Part 2; and plan on how to.

    Hey all, I had my exams during weeks 8 ad 9 so I couldn't update my blog nor get much accomplished; but last week was completely free so I managed to finish packaging all the dependencies from pacakging dependencies part 1. Since some of you may not remember how I planned to tackle pacakging dependencies I'll mention it here one more time.

    "I split this task into two sub tasks that can be done independently. The 2 subtasks are as follows:
    ->part 1: make the entire project build successfully without :buildSrc:prepare-deps:intellij-sdk:build
    --->part1.1:package these dependencies
    ->part 2: package the dependencies in :buildSrc:prepare-deps:intellij-sdk:build ; i.e try to recreate whatever is in it."

    This is taken from my last blog which was specifically on packaging dependencies in part 1. Now I am happy to tell all of you that packaging dependencies for part 1 is now complete and all the needed pacakges are either in the new queue or already in sid archive as of 04 August 2019. I would like to thank ebourg, seamlik and andrewsh for helping me with this.

  • MATE 1.22 landed in Debian unstable

    Last week, I did a bundle upload of (nearly) all MATE 1.22 related components to Debian unstable. Packages should have been built by now for most of the 24 architectures supported by Debian (I just fixed an FTBFS of mate-settings-daemon on non-Linux host archs). The current/latest build status can be viewed on the DDPO page of the Debian+Ubuntu MATE Packaging Team [1].

New Debian Developers and Maintainers (May and June 2019)

Filed under

The following contributors got their Debian Developer accounts in the last two months:

Jean-Philippe Mengual (jpmengual)
Taowa Munene-Tardif (taowa)
Georg Faerber (georg)
Kyle Robbertze (paddatrapper)
Andy Li (andyli)
Michal Arbet (kevko)
Sruthi Chandran (srud)
Alban Vidal (zordhak)
Denis Briand (denis)
Jakob Haufe (sur5r)
The following contributors were added as Debian Maintainers in the last two months:

Bobby de Vos
Jongmin Kim
Bastian Germann
Francesco Poli

Read more

Sparky 2019.08

Filed under

There are new live/install media of SparkyLinux 2019.08 “Po Tolo” available to download. This is the 1st snapshot of the new (semi-)rolling line, which is based on the testing branch of Debian “Bullseye”.

Read more

IBM/Red Hat and Debian Leftovers

Filed under
Red Hat
  • With the acquisition closed, IBM goes all in on Red Hat

    IBM’s massive $34 billion acquisition of Red Hat closed a few weeks ago and today, the two companies are now announcing the first fruits of this process. For the most part, today’s announcement furthers IBM’s ambitions to bring its products to any public and private cloud. That was very much the reason why IBM acquired Red Hat in the first place, of course, so this doesn’t come as a major surprise, though most industry watchers probably didn’t expect this to happen this fast.

    Specifically, IBM is announcing that it is bringing its software portfolio to Red Hat OpenShift, Red Hat’s Kubernetes-based container platform that is essentially available on any cloud that allows its customers to run Red Hat Enterprise Linux.

  • IBM To Offer Cloud Native Software on Red Hat OpenShift

    Post the completion of Red Hat acquisition, IBM has started building bridges between the product and services of the two companies. IBM has reengineered its software portfolio to now be "cloud-native and optimized to run on Red Hat OpenShift."

  • Debian Buster Arrives; IBM Acquires Red Hat;

    Debian Buster Arrives; IBM Acquires Red Hat; Raspberry Pi 4 Is Here; Ubuntu Takes a U-Turn with 32-Bit Support: OpenSSH Fixes Side Channel Attacks; Firefox Fixes Error that Crashed HTTPS Pages; and Altair Releases HyperWorks 2019


    The Debian community has announced the release of Debian 10 "Buster" ( Debian is one of the most popular GNU/Linux-based distributions. Buster will be supported for the next five years.

    Buster ships with several desktop environments including Cinnamon 3.8, GNOME 3.30, KDE Plasma 5.14, LXDE 0.99.2, LXQt 0.14, MATE 1.20, and Xfce 4.12. In this release, GNOME will default to using the Wayland display server instead of Xorg. "The Xorg display server is still installed by default and the default display manager allows users to choose Xorg as the display server for their next session," according to a blog post from the Debian project.

  • [Sparky] July 2019 donation report

    Many thanks to all of you for supporting our open-source projects!

  • Goodbye,

    I started running an SKS keyserver a couple of years ago (don't really remember, but I think it was around 2014). I am, as you probably expect me to be given my lines of work, a believer of the Web-of-Trust model upon which the PGP network is built. I have published a couple of academic papers (Strengthening a Curated Web of Trust in a Geographically Distributed Project, with Gina Gallegos, Cryptologia 2016, and Insights on the large-scale deployment of a curated Web-of-Trust: the Debian project’s cryptographic keyring, with Victor González Quiroga, Journal of Internet Services and Applications, 2018) and presented several conferences regarding some aspects of it, mainly in relation to the Debian project.

Debian: Developers' Updates and Sparky News

Filed under
  • Sylvain Beucler: Debian LTS - July 2019
  • Paul Wise: FLOSS Activities July 2019

    The File::LibMagic, purple-discord, librecaptcha & harmony work was sponsored by my employer. All other work was done on a volunteer basis.

  • Kurt Kremitzki: Summer Update for FreeCAD & Debian Science Work

    Hello, and welcome to my "summer update" on my free software work on FreeCAD and the Debian Science team. I call it a summer update because it was winter when I last wrote, and quite some time has elapsed since I fell out of the monthly update habit. This is a high-level summary of what I've been working on since March.

  • Jonathan Carter: Free Software Activities (2019-07)

    There is really too much to write about that happened at DebConf, I hope to get some time and write seperate blog entries on those really soon.

  • Sparky news 2019/07

    A few years ago, Sparky was releasing as a Rolling edition only, with no additional changes at its repositories required; it used just Debian & Sparky ‘testing’ repos.

    After added Sparky ‘stable’ line, the rolling/testing edition automatically becomes ‘stable’ when ready, so there is manual installation of ‘testing’ repos back required now. With this fact, make sure, Sparky Rolling is a Semi-Rolling edition now.

Daniel Pocock: Mollamby, Conflicts of Interest vs Privacy

Filed under

As the Mollamby affair has emerged, some people have rushed to defend the privacy of Chris Lamb and Molly de Blanc or dismissed it as mere innuendo without understanding the ethical issues.

What is the difference between innuendo and incrimination? Evidence.

Privacy is a valid consideration, but it is not the only one. I delayed publishing my own blog about the subject while weighing the privacy implications against the ethical issues.

Let's consider some of the evidence backing up the facts about Mollamby. Parts of the evidence have been redacted for the privacy of third parties but the material presented here accurately reflects the situation.


Notice that de Blanc does not mention her conflict of interest (romantic relationship with the DPL, Chris Lamb) in that email. Lamb never mentioned it either. Neither of them recused themselves. I was travelling that weekend and couldn't make time to join a hastily organized meeting. As boyfriend and girlfriend, they had a meeting without the rest of the Debian GSoC admin team. When the boyfriend is also the leader of the project and when the girlfriend's conduct is in question, is it any surprise that another volunteer is blamed and the girlfriend takes over the team?

That email is the smoking gun: two people at the very top of the free software ecosystem (Debian and OSI) using a volunteer as a scapegoat for mistakes one of them had been party to.

This farce is further compounded by the fact the original complaint was about conflicts of interest.

Read more

Debian Progress/Work From Sylvain Beucler, Michael Prokop and Chris Lamb

Filed under
  • Sylvain Beucler: Debian LTS - July 2019

    Here is my transparent report for my work on the Debian Long Term Support (LTS) project, which extends the security support for past Debian releases, as a paid contributor.

    In July, the monthly sponsored hours were split evenly among contributors depending on their max availability - I declared max 30h and got 18.5h.

  • Michael Prokop: Some useful bits about Linux hardware support and patched Kernel packages

    Now that we identified the relevant change, what’s the easiest way to test this change? There’s an easy way how to build a custom Debian package, based on the official Debian kernel but including further patch(es), thanks to Ben Hutchings. Make sure to have a Debian system available (I was running this inside an amd64 system, building for amd64), with according deb-src entries in your apt’s sources.list and enough free disk space, then run...

  • Chris Lamb: Free software activities in July 2019

    Here is my monthly update covering what I have been doing in the free software world during July 2019 (previous month)...

Syndicate content

More in Tux Machines

CAN-Bus HAT for Raspberry Pi 4 offers RTC and wide-range power

Copperhill’s third-gen, $65 “PiCAN3” HAT features Raspberry Pi 4 support and a SocketCAN-ready CAN-Bus 2.0B port. The HAT has an RTC and is powered by a 3A, 6-20V Switch Mode Power Supply that can also power the Pi. Copperhill Technologies has launched a CAN-Bus HAT for the Raspberry Pi 4 Model B designed for industrial and automotive applications. Like the PiCAN2. which we briefly covered last year as part of our report on Network Sorcery’s UCAN software for CAN-equipped Raspberry Pi boards, the HAT is equipped with a Microchip MCP2515 CAN controller and MCP2551 CAN transceiver. Read more

Android Leftovers

FreeBSD 12 & DragonFlyBSD 5.6 Running Well On The AMD Ryzen 7 3700X + MSI X570 GODLIKE

For those wondering how well FreeBSD and DragonFlyBSD are handling AMD's new Ryzen 3000 series desktop processors, here are some benchmarks on a Ryzen 7 3700X with MSI MEG X570 GODLIKE where both of these popular BSD operating systems were working out-of-the-box. For some fun mid-week benchmarking, here are those results of FreeBSD 12.0 and DragonFlyBSD 5.6.2 up against openSUSE Tumbleweed and Ubuntu 19.04. Back in July I looked at FreeBSD 12 on the Ryzen 9 3900X but at that time at least DragonFlyBSD had troubles booting on that system. When trying out the Ryzen 7 3700X + MSI GODLIKE X570 motherboard on the latest BIOS, everything "just worked" without any compatibility issues for either of these BSDs. Read more

How to break out of a hypervisor: Abuse Qemu-KVM on-Linux pre-5.3 – or VMware with an AMD driver

A pair of newly disclosed security flaws could allow malicious virtual machine guests to break out of their hypervisor's walled gardens and execute malicious code on the host box. Both CVE-2019-14835 and CVE-2019-5049 are not particularly easy to exploit as they require specific types of hardware or events to occur. However, if successful, either could allow a miscreant to run malware on the host from a VM instance. CVE-2019-14835 was discovered and reported by Peter Pi, a member of the Tencent Blade Team. It is found in the Linux kernel versions 2.6.34 up to version 5.3, where it is patched. Read more