close
  • chevron_right

    Debian bullseye fully frozen

    debacle · Saturday, 17 July - 21:43

#Debian #bullseye fully frozen

https://lists.debian.org/debian-devel-announce/2021/07/msg00002.html

We have just reached the next milestone in the bullseye release: full freeze.

Time to check what is #newinbullseye

E.g. https://xmpp-team.pages.debian.net/blog/2021/07/xmpp-novelties-in-debian-11-bullseye.html

  • favorite

    2 Like

    boxwithahat , abhai

  • chevron_right

    Backtrace mit einem Debugger

    DebXWoody · Sunday, 27 June - 09:41 · 1 minute

Was tun, wenn ein Programm abbricht bzw. man den Entwicklern bei der Analyse eines Fehlers helfen möchte? Hier kann ein Backtrace sehr hilfreich sein.

Hat man das Programm nicht selber kompiliert, benötigt man die Debug-Symbole, diese lassen sich über die Debug-Symbolpakete installieren.

Möchte man eine Anwendung selber kompilieren, so gibt man beim kompilieren die Option -g -Og mit.

Debug-Symbolpakete

In der Konfigurationsdatei /etc/apt/sources.list trägt man folgendes ein:

deb http://deb.debian.org/debian-debug/ bullseye-debug main

Danach führt man ein apt update aus und bekommt jetzt neben den Paketen auch die debug-symbole (-dbgsym) angeboten.

Beispielsweise lassen sich die Symbole für die Anwendung profanity wie folgt installieren:

        apt install profanity-dbgsym

Im Debugger sieht man jetzt den unterschied wie folgt. Ohne Debug-Symbole:

Reading symbols from neomutt...
(No debugging symbols found in neomutt)
(gdb) break main              
Function "main" not defined.  

Mit Debug-Symbole sieht es wie folgt aus

Reading symbols from neomutt...
Reading symbols from /usr/lib/debug/.build-id/d8/6e3cd58e273b8aab160f05f7f1ff65e33ae357.debug...
(gdb) break main              
Breakpoint 1 at 0x22ee0: file ../main.c, line 369.

Debugger und Anwendung starten

Eine Anwendung lässt sich jetzt mit gdb neomutt oder gdb profanity in den Debugger laden..
Mit dem Befehl run oder r kann man den Anwendung im Debugger startet:

    (gdb) run

Kommt es z.b. zu einem Segmentation fault (core dumped), so wird die Anwendung im Debugger abgefangen.

Program received signal SIGSEGV, Segmentation fault.
0x000055555555513e in main () 

Mit dem Befehl backtrace oder bt kann man sich den backtrace anzeigen lassen.

Reading symbols from ./test...
(gdb) r
Starting program: /tmp/test 

Program received signal SIGSEGV, Segmentation fault.
0x000055555555512c in y (b=3, b@entry=2) at test.c:6
6		*x = "1";
(gdb) bt
#0  0x000055555555512c in y (b=3, b@entry=2) at test.c:6
#1  0x000055555555513e in x (a=2, a@entry=1) at test.c:11
#2  0x0000555555555149 in main () at test.c:15
(gdb) bt full
#0  0x000055555555512c in y (b=3, b@entry=2) at test.c:6
        f = 2
        x = 0x0
#1  0x000055555555513e in x (a=2, a@entry=1) at test.c:11
        z = 1
#2  0x0000555555555149 in main () at test.c:15
No locals.
(gdb) 

#gcc #gdb #debian

  • chevron_right

    This is where Movim is made GEAR

    Timothée Jaussoin · Wednesday, 9 June - 19:29 edit

Just a small picture of my desk.

I'm writting the Movim sourcecode since 2013 on this #Thinkpad T430. It's a wonderful computer that I'm planning to keep as long as possible. A really nice keyboard, replaceable battery, 1Tb of SSD, Full HD IPS screen, 8Gb of RAM… and a nice dock to easily switch to a triple FullHD screens setup.

Everything is running on #Debian Testing with #XFCE 💕

It's also funny to see what you can do today with a small setup like that.

  • favorite

    7 Like

    Jorge Luis , Romina Nix , chrisalzo , Seer , Czar Chunk of Asteroid 29 , DebXWoody , Mathias Poujol-Rost 🇫🇷 ✅

  • 5 Comments

  • 13 June chrisalzo

    awesome setup good job on movim very impressive
    app

  • 15 June Seer

    The space where cyber magic happens :)

  • 15 June Seer

    I really like Movim

  • 21 June Czar Chunk of Asteroid 29

    I really want to learn how xmpp pubsub works and movim is such a cool and unique things <3

  • 29 June Mathias Poujol-Rost 🇫🇷 ✅

    <3

  • chevron_right

    Helpful advisory in job description

    debacle · Thursday, 27 May - 08:00 edit

In some work environments it is - unfortunately - not yet possible to avoid the use of certain shady, non-free services. Even in the area of #freesoftware. Of course, many of us would prefer not to use #Zoom or #Slack etc.

Still, many #job description do not contain any hint, that such tools are used at work. (I'm not looking for a job, so I might have missed a new trend here.) Therefore kudos to #OTS (Open Tech Strategies) for including this warning in their job posting on the #Debian jobs mailing list:

Please note that some of our clients use proprietary communications tools, e.g., Zoom, Google Docs, Slack, etc, and therefore applicants need to be willing to use such tools when interacting with those clients.

https://lists.debian.org/debian-jobs/2021/05/msg00001.html

Nice!

  • favorite

    1 Like

    ags-solutions

  • Pl chevron_right

    FOSS Activites in April 2021

    pubsub.slavino.sk / planetdebian · Saturday, 8 May - 13:30 · 7 minutes

Here’s my (nineteenth) monthly update about the activities I’ve done in the F/L/OSS world.

Debian

debian-logo-small.png

This was my 28th month of active contributing to Debian . I became a DM in late March 2019 and a DD on Christmas ‘19! \o/

Crazy month, as always. Lots of things happening and lots of moving parts.
Now that I am working on Ubuntu-full time, I barely get much time to do any extra stuff. Then the massive COVID wave that has plunged India had made this month further crazier. More on that later, maybe. IDK.

Anyway, I did some Debian stuff, thanks to Salzburg BSP (more down below). I worked on the following stuff:

Uploads and bug fixes:

Other $things:

  • Mentoring for newcomers and assisting people in BSP.
  • Moderation of -project mailing list.

Salzburg BSP 2021

This was my first virtual BSP and the first BSP in Salzburg and it was absolutely amazing!
Many kudos to Bernd Zeimetz for organizing it so smoothly and wonderfully, for real! \o/

We had a bunch of amazing sessions, besides hacking, of course, like:

  • yoga,
  • sports,
  • games, and
  • datacenter tour -> which was super!

We also had lots of things happening at #debian-bsp-2021-szg and did a lot of work.
Whilst everything we did is available on the pad , I work on the following things:

  • [deki/utkarsh]: CVE-2021-28421/fluidsynth (sid); cf: #987168/#987471.
  • [deki/utkarsh]: CVE-2021-28421/fluidsynth (buster); cf: #987168/#987494.
  • [utkarsh]: 18 CVEs for jackson-databind (buster); cf: #987489.
  • [utkarsh]: fix for ruby-librarian/#987113 (unblock request: #987501).
  • [utkarsh]: 17 CVEs for jackson-databind (stretch); LTS upload.
  • [utkarsh]: CVE-2020-12460/opendmarc (stretch); LTS upload.
  • [utkarsh]: CVE-2020-12460/opendmarc (buster); cf: #987531.
  • [deki/utkarsh]: libpam-alreadyloggedin, broken autopkgtest; #958224
  • [deki/utkarsh]: libpam-alreadyloggedin, installed in wrong directory; #986247
  • [deki/utkarsh]: libpam-alreadyloggedin, FTCBFS; #969122
  • [donfede/utkarsh] 10 CVEs for salt (buster)
  • [donfede/utkarsh] 10 CVEs for salt (bullseye)

And finally, we clicked a picture! \o/


Debian (E)LTS

debian-lts-small.png

Debian Long Term Support (LTS) is a project to extend the lifetime of all Debian stable releases to (at least) 5 years. Debian LTS is not handled by the Debian security team, but by a separate group of volunteers and companies interested in making it a success.

And Debian Extended LTS (ELTS) is its sister project, extending support to the Jessie release (+2 years after LTS support).

This was my nineteenth month as a Debian LTS and tenth month as a Debian ELTS paid contributor.
I was assigned 60.00 hours for LTS and 60.00 hours for ELTS and worked on the following things:

LTS CVE Fixes and Announcements:

ELTS CVE Fixes and Announcements:

Other (E)LTS Work:

  • Front-desk duty from 29-03 until 04-04 and then from 26-04 until 02-05 for both LTS and ELTS.
  • Triaged spamassassin , codemirror-js , jackson-databind , wordpress , gstreamer , underscore , python-bleach , plinth , libpano13 , salt , dojo , ruby2.7 , firefox-esr , clamav , composter , courier-authlib , opendmarc , openexr , libimage-exiftool-perl , tomcat7 , libjs-handlebars , libnet-netmask-perl , network-manager , and curl .
  • Mark CVE-2021-20297/network-manager as not-affected for jessie.
  • Mark CVE-2021-22890/curl as not-affected for jessie and stretch.
  • Mark CVE-2020-7760/codemirror-js as not-affected for jessie.
  • Mark CVE-2021-25122/tomcat8 as not-affected for jessie.
  • Mark CVE-2021-XXXX/plinth as no-dsa for stretch.
  • Mark CVE-2021-29424/libnet-netmask-perl as no-dsa for stretch.
  • Mark CVE-2021-28374/courier-authlib as fixed in 0.58-3.1 for jessie.
  • Mark CVE-2021-1252/clamav as not-affected for jessie.
  • Mark CVE-2021-1404/clamav as not-affected for jessie.
  • Mark CVE-2020-4051/dojo as no-dsa for jessie.
  • Mark CVE-2021-29447/wordpress as not-affected for jessie.
  • Mark CVE-2021-29450/wordpress as not-affected for jessie.
  • Mark CVE-2019-20920/libjs-handlebars as ignored for stretch and jessie.
  • Mark CVE-2021-23369/libjs-handlebars as ignored for stretch and jessie.
  • Mark CVE-2020-4051/dojo as fixed in 1.15.4+dfsg1-1 for sid and bullseye.
  • Mark CVE-2021-28965/ruby2.7 fixed in 2.7.3-1 for sid.
  • Mark CVE-2020-12272/opendmarc as postponed for jessie.
  • Mark CVE-2021-20296, CVE-2021-3475, CVE-2021-3476, CVE-2021-3477, CVE-2021-3478, and CVE-2021-3479, affecting openexr, as no-dsa for jessie and stretch.
  • Suggest proposed fixes for CVE-2021-22876/curl on LTS public list .
  • Publish the missing DLA update for website on behalf of the community contribution. Thread here .
  • Help suggest and unblock work if FD is missing or something. Thread here .
  • Suggest marking CVE-2021-23369/{node,libjs}-handlebars as no-dsa/ignored for all suites. Thread here .
  • Help unblock Anton with the failed python2.7 build on i386 by co-ordinating with the sec team. Thread here .
  • Private ELTS-related discussion on the ELTS list (+ w/ Raphael).
  • Auto EOL’ed webkit2gtk, python-bleach, tika, linux, ircii, spice-vdagent, libspring-security-2.0-java, file-roller, rustc, python-django-registration, gsoap, thunderbird, mosquitto, ruby-sidekiq, gnuchess, libpodofo, unbound, drupal7, 389-ds-base, and scrollz for jessie.
  • Answered questions (& discussions) on IRC (#debian-lts and #debian-elts).
  • General and other discussions on LTS private and public mailing list .

Until next time.
:wq for today.


Značky: #Debian

Happy Free Software Day!

#iloveFS

  • favorite

    4 Like

    Gnullalo Jim Jr , tallship , Arne , littleme

  • 3 Comments

  • 14 February DebXWoody

    Es sind einfach zu viele,...

  • 24 April tallship

    And..... A very merry unbirthday to you!!

    I've got a similar take...

    #gnu - A collection of UNIX-like tools (Gnu's Not UNIX)
    #Linux - a UNIX like multi-user, multi-processing kernel
    #Debian GNU/Linux - a Linux distribution (2nd oldest)
    #mutt - MUA
    #Gajim - a Jabber client
    #Movim - I'm still trying to figure this out... Gimme a little time man! :)
    #profanity - something I use to offend the sensibility of others for my own amusement :P
    #gpg - fricken' rocks! Umm... oh yeah, FOSS implementation of OpenPGP
    #tmux - Orange is the new.... no, wait! tmux is the new screen! Byobu is the pretender, and merely a skin for tmux
    #ejabberd - a spade's a spade, it's a **Jabber** server :P
    #jitsi - Secure, FOSS based video conferencing
    #Nextcloud Talk - Secure, FOSS based video conferencing
    #Big_Blue_Button - Secure, FOSS based video conferencing
    #SchildeChat - nicely skinned Matrix client, chat/voice/video communications
    #i3wm - aside from Twin, second best WM next to ALT+F2|F3|F4.... https://devo.linboard.org/tallship/twin
    #notmuch - really? I'mma have to give that a go looksee. thanks for that!
    #FSF - um.... I love RMS the cult of personality, the icon, but the dude himself, I just no longer abides. He's really gotta give up the reigns and become the elder statesman. Serio bro.

    You forgot sum....

    #bitwarden_rs - rust and MariaDB based alternative to .kdbx with all the mACR0sf0t shit ripped out of it.
    #mcabber (this one's just for you) - a CLI Jabber client (WTF is Loudmouth?) - https://mcabber.com (but alas, no OMEMO yet

  • 24 April tallship

    Got it :) I'll respond from tallship@Pleroma.Cloud but in a nutshell, I'm still trying to get on board with the modern impplementations of Jabber. I appreciate the invite to 404.city, and I'll certainly recommend it to others, but for my longstanding, existing account for about twenty years with jabber.org, how do I fit in?

    Thanks, and kindest regards,

    - tallship

    .