TL;DR; please help localizing Mailman3 [1]. You can find it on hosted Weblate [2].The next component releases are planned in 1-2 weeks from now. Thanks for your contribution! If you can't make it now, please consider working on Mailman3 translations at some later point of time. Thanks!
Time has come for Mailman3
Over the last months I have found an interest in Mailman3. Given the EOL of Python2 in January 2020 and also being a heavy Mailman2 provider for various of my projects and also for customers, I felt it was time to look at Mailman2's successor: Mailman3 [1].
One great novelty in Mailman3 is the strict split up between backend (Mailman Core), and the frontend components (django-mailman3, Postorius, Hyperkitty). All three are Django applications. Postorius is the list management web frontend whereas Hyperkitty is an archive viewer. Other than in Mailman2, you can also drop list posts into Hyperkitty directly (instead of sending a mail to the list). This makes Hyperkitty also some sort of forum software with a mailing list core in the back. The django-mailman3 module knits the previous two together (and handles account management, login dialog, profile settings, etc.).
Looking into Mailman3 Upstream Code
Some time back in midst 2019 I decided to deploy Mailman3 at a customer's site and also for my own business (which still is the test installation). Living and working in Germany, my customers' demand often is a fully localized WebUI. And at that time, Mailman3 could not provide this.
Most of us IT people should be in home office by now. If not, make sure you'll arrange that with your employers, cooperation partners, contractors, etc. Please help flatten the curve.
X2Go as your Home Office solution
If your computer at work runs a GNU/Linux desktop and you can SSH into it, then it might be time for you to try out X2Go [1]. Remote desktop access under GNU/Linux.
Free Support for simple Client-Server Setups
If your daily work is related to health care, municipal work, medical research, etc. (all those fields that are currently working under very high demands), please join the #x2go IRC channel on Freenode [2] and I'll do my very best to help you with setting up X2Go.
Professional Support for Large Scale Setups
If you run a business and need X2Go support site-wide, brokerage support, etc. please consider asking for professional support [3].
References
In February 2020, I have worked on the Debian LTS project only for 5.75 hours (of 20 hours planned). I gave back 12 hours to the pool and reduced my availability to 8 hours per month.
Unfortunately, last month I got too distracted by other interesting and challenging projects, and also by some intense personal topics.
I herewith send my apology to all LTS team members and all Debian LTS users for not having completed my planned LTS workload.
LTS Work
- Take a deeper look at cacti and mark cacti Debian jessie LTS as not affected by CVE-2020-8813
- Study open vulnerability reports in ansible (no fixes available, yet, as of end of February 2020)
- Work on fixing CVE-2015-9541 in qtbase-opensource-src (still work in progress)
light+love
Mike
It is my pleasure to spread the word about the new name of Unity8 (UI running on the Ubuntu Phone and the Ubuntu Tablet) and its related projects: Lomiri (low-mee-ree).
Lomiri: New Name, Same Great Unity8
Lomiri is the operating environment for everywhere: phone, tablet, laptop, and desktop. It features a slick and easy-to-use interface based on the design of its predecessor, Canonical's Unity desktop environment.
Change is never Easy
I was honoured to witness the process of the long outstanding name change +/- in real time over the last couple of days / weeks. I was touched by the gentleness of the discussion and the weighing of pros and cons, this name and that name; also by the jokes being injected into the discussions.
Dalton Durst, release manager on the UBports [2] team, explains in depth [1] about the reasoning and necessities behind the name change. Please (esp. if you feel sad or irritated by the name change), read the official announcement and detailled explanation. If you need time to adjust, Dalton's explanations will help.
References
light+love
Mike
Last week, Martin Wimpress (from Ubuntu MATE) and I did a 2.5-day packaging sprint and after that I bundle-uploaded all MATE 1.24 related components to Debian unstable. Thus, MATE 1.24 landed in Debian unstable only four days after the upstream release. I think this was the fastest version bump of MATE in Debian ever.
Packages should have been built by now for most of the 22 architectures supported by Debian. The current/latest build status can be viewed on the DDPO page of the Debian+Ubuntu MATE Packaging Team [1].
Please also refer to the MATE 1.24 upstream release notes for details on what's new and what's changed [2].
Credits
One big thanks goes to Martin Wimpress. Martin and I worked on all the related packages hand in hand. Only this team work made this very fast upload possible. Martin especially found the fix for a flaw in Python Caja that caused all Python3 based Caja extensions to fail in Caja 1.24 / Python Caja 1.24. Well done!
Another big thanks goes to the MATE upstream team. You again did an awesome job, folks. Much, much appreciated.
Last but not least, a big thanks goes to Svante Signell for providing Debian architecture specific patches for Debian's non-Linux distributions (GNU/Hurd, GNU/kFreeBSD). We will wait now until all MATE 1.24 packages have initially migrated to Debian testing and then follow-up upload his fixes. As in the past, MATE shall be available on as many Debian architectures as possible (ideally: all of them).
Before and during FOSDEM 2020, I agreed with the people (developers, supporters, managers) of the UBports Foundation to package the Unity8 Desktop Environment for Debian.
Why the hack???
Why Unity8? Because of its convergent desktop feature: Just one code base, usable on a phone, tablet and desktop. Unity8 currently is very well tested on the Ubuntu phone and on various tablet devices. The desktop implementation is lagging a bit behind, but that will be amended soonish, too.
Why Unity8 for Debian? Because there is no real good solution for tablets in Debian at the moment. If I see this wrong, please correct me.
Why Unity8 for Debian derivatives? Uploading software to Debian is always the best approach for bringing software into other distributions that are constantly derived from Debian (e.g. just like Ubuntu).
Making Progress
The progress documentation of the packaging work (something around 40 packages need to be touched / uploaded / adopted, at least, to get this task done) I will publish in +/- regular intervals on my blog (aggregated on https://planet.debian.org).
In January 2020, I have worked on the Debian LTS project for 20 hours (of 20 hours planned).
Due to a reduced need of developers in Freexian's ELTS project for Debian wheezy, I have moved my activity completely over to the LTS project (and also took the amount of assigned hours with me).
LTS Work
- LTS: Frontdesk: Follow-up on emails, send out DLAs on behalf of Utkarsh Gupta (due to keyring issues).
- LTS: CVE Bug Triaging for Debian jessie LTS: puppet, openjpeg2, suricata, hiredis, ksh, python-pysaml2, qemu, salt, wireshark, wordpress.
- Upload to jessie-security: openjpeg2 (DLA-2081-1 [1], 1 CVE).
- Upload to jessie-security: suricata (DLA-2087-1 [2], 1 CVE).
- Upload to jessie-security: libsolv (DLA-2088-1 [3], 1 CVE).
- Upload to jessie-security: openjpeg2 (DLA-2089-1 [4], 1 CVE).
- Upload to jessie-security: qtbase-opensource-src (DLA-2092-1 [5], 1 CVE).
- CVE Bug Triaging / Introspection spamassassin, prepare upstream backport for jessie LTS (not yet clear, if that is the way to go) [6].
Other security related work for Debian
- Prepare libsolv oldstable-pu and stable-pu uploads (1 CVE).
- Do an italc oldstable-pu upload (14 CVEs) [package prepared earlier].
References
In December 2019, I have worked on the Debian LTS project for 15 hours (of 15 hours planned) and on the Debian ELTS project for 5 hours (of 5 hours planned) as a paid contributor.
LTS Work
- Triage 14 packages during my frontdesk week (tomcat7, tomcat8, lout, apache-log4j1.2, x2goclient (libssh regression), nethack, nethack, cyrus-sasl2, php5, libjpeg-turbo, transfig, ruby-rack, ruby-excon)
- Upload to jessie-security: cyrus-sasl2 (DLA-2044-1 [1]), 1 CVE
- Deeply dive into tightvnc CVE issue hunting and help matching various CVEs between src:libvncserver and src:tightvnc, digging out patches, etc.
- Upload to jessie-security: tightvnc (DLA-2045-1 [2]), 9 CVEs
- Upload to jessie-security: x2goclient (DLA-2038-2 [7]) (fixing a regression caused by a recent libssh security upload; see DLA_2038-1 / CVE-2019-14889) [3]
- Ping DLange and ggings about getting the libssh regression regarding x2goclient fixed in Ubuntu (LTS) [4]
- Ping the release team on security update status regarding CVE-2019-14889/libssh (bundled with an X2Go Client update) for stretch + buster.
- NMU-upload (to DELAYED/10) tightvnc targetting Debian unstable [5]. Waiting for the former maintainer to ACK the NMU or re-do it himself.
|