Here is my monthly update covering what I have been doing in the world of free software world during December 2021 (previous month):
As part of my duties of being on the board of directors of the Software in the Public Interest I attended its respective monthly meetings and participated in various licensing and other discussions occurring on the internet, as well as the usual internal discussions regarding logistics and policy etc.
The motivation behind the Reproducible Builds effort is to ensure no flaws have been introduced during compilation processes by promising that identical results are always generated from a given source, therefore allowing multiple third-parties to come to a consensus on whether a build was compromised.
This month, I:
Categorised a very large number of packages and issues in the Reproducible Builds
Filed a bug against the
perl6-readlineDebian package to report and enquire about 'strange' files installed under
Drafted, published and publicised our monthly report for November 2021.
I also made the following changes to diffoscope, including preparing and uploading versions
198 to Debian:
- Support showing Ordering differences only within
.dscfield values. [...]
- Add support for 'XMLb' files. [...]
- Also add, for example,
/usr/lib/x86_64-linux-gnuto our local binary search path. [...]
- Support OCaml versions 4.11, 4.12 and 4.13. [...]
- Drop some unnecessary
has_same_content_aslogging calls. [...]
tokenvariable with an anonymously-named variable instead to remove extra lines. [...]
- Don't use the runtime platform's native endianness when unpacking
.pycfiles. This fixes test failures on big-endian machines. [...]
2.3-1) — New upstream release.
This month I have worked 18 hours on Debian Long Term Support (LTS) and 12 hours on its sister Extended LTS project. This included:
Investigating and triaging
privoxy(CVE-2021-44540, CVE-2021-44541, CVE-2021-44542 & CVE-2021-44543),
pdns-bouncer(CVE-2020-25829 & CVE-2020-14196) &
Frontdesk duties, responding to user/developer questions, reviewing others' packages.
Removing a number of entries marked '
end-of-life' for newly-supported packages. [...]
Participating in mailing list discussions about an upcoming survey as well as attending our monthly meeting.
You can find out more about the project via the following video:
You can subscribe to new posts via email or RSS.