needed to go about putting crypto in main. This was the final policy
issue I'd been waiting on to move the freeze onward, so, voila, the
freeze moves onward."
Hello world, As of the weekend just past we've finally obtained the legal advice we needed to go about putting crypto in main. This was the final policy issue I'd been waiting on to move the freeze onward, so, voila, the freeze moves onward. As of today, policy is frozen. Any further changes to packages need to be made by unanimous agreement amongst all the maintainers the change will affect. Some important changes to debian-policy are documented at http://people.debian.org/~ajt/woody_policy_addenda.txt These shouldn't affect most poeople directly, but I'd encourage you to give it a quick skim. Further, as of today, no new packages will be being added to base. This especially means maintainers of base packages should definitely avoid fiddling with their dependencies, or compiling against new libraries. Additionally, base packages should not be bumping shlibs versions from this point, under any circumstances (Hi BenC!). The freeze goals as of now are to make sure standard, boot-floppies, and debian-cd are releasable, and to fix up any remaining bugs in base. Remaining RC base bugs are: console-data 116022: broken on PPC (3 weeks old, patch) cyrus-sasl 115708: FSH non-compliances (3 weeks old) 118004: security bug (under a week old, patch) debianutils 113453: poor behaviour of rotatelog (over a month old, not RC?) gcc-2.96 115978: broken stringstream behaviour (3 weeks old) manpages 90901: copyright doesn't list upstream source (7 months old, patch) openldap2 112499: remote crash bug in openldap (over a month old) pcmcia-cs 109903: unresolved symbols (2.2.19-pmac) 116479: user build problems; user error? 116603: user build problems; not RC? 97188: uninstallable (2.2.19-pmac) ppp 117497: unversioned build-depends (a week old, patch) slang 115376: slang-utf8 severely broken (four weeks old) 118003: overflow bug with large windows (under a week, not RC?) util-linux 118367: embedded ppc breaks util-linux (under a week, not RC?) There are large numbers of non-RC bugs in base packages too, that should be being worked on over the next couple of weeks if possible. The emphasis is on making base packages work though, not on doing risky things that will make them better in the long term. Additionally, two new architectures, hppa and S/390 are having significant problems: hppa's toolchain has been completely broken recently, but seems like it will be fixed by the end of the week; and S/390 needs some support in some packages due to its different environment compared to most ports: db2/db3 114574: S/390 support (over a month old, patch) db3 98918: S/390 support (over 5 months old, patch) openldap2 98039: S/390 support (over 5 months old, patch) hppa and S/390 will be dropped from woody if these aren't resolved in an adequate amount of time. Boot-floppies on some architectures are having issues with sysvinit and glibc invoking "init q" when debootstrap unpacks them. This could be a busybox bug (it appears to be giving it's init a PID other than 1), or a sysvinit bug ("init q" possibly should be a no-op if PID 1 isn't sysvinit's init), or it could need to be worked around in debootstrap somehow (ensuring that /sbin/init is a no-op). See also bug 116829. RC bugs in packages in standard and tasks are: apache 113900: PHP and LDAP problems (over a month, help!) 114826: PHP problems (almost a month, help!) 117616: -dev package should Depend: on libdb2-dev (a week) cxterm 94631: doesn't build on arm (6 months) gnuplot 100612: includes some non-DFSG-free code (4 months) gpm 85551,110112: libgpm segfaults if gpm not running (9 months) 102031: format string bugs (4 months, security, patch) 118033: doesn't cooperate with X (under a week, user error) kdeutils 110707: doesn't build on alpha (2 months, not true?) libtool 66135: LIBTOOL_IS_A_FOOL broken (16 months, fix available but not uploaded or confirmed to work) lincity 104852: missing build-depends (almost 4 months) mc 103102: upgrade breaks due to old data in ~/.gnome (4 months) 108375: gmc dies (over 2 months; not RC?) 111142: gmc dies (2 months; Ximian bug) 112235: gpm bug (see 85551) mime-support 94869: security problems in run-mailcap (6 months, security,=20 patch) 115401: configuration ordering bug (almost a month) mutt 118294: build-depends on non-US (fixed in non-US incoming?) openssh 115228: built against bad libc (almost a month) 117396: ssh dies (user error) pdl 104630: doesn't build on hppa (over 3 months) plotutils 111846: missing build-depends (almost 2 months) postgresql 118362: upgrade breaks (a day) python-gnome 118378: strange breakage (a day, not RC?) python-imaging 117859: needs update to new python policy (under a week) python-ldap 76717: doesn't work with openldap2 (almost 12 months) python-xml 118442: needs update to new python policy (a day) strace 117218: doesn't build on ppc (a week, will be fixed in glibc) tetex-base 111284: non-DFSG-free files in tetex-extra (2 months) 113899: install problem (1 month) tetex-bin 117500: note needed in copyright file (under a week) The deadlines, at this point, are that all the bugs in base packages that are going to be fixed need to be fixed (and in testing) by Saturday the 8th of December. If they're not correctly fixed and uploaded during November, they probably won't make it. Similarly, standard packages, tasks, boot-floppies and debian-cd need to be in a releasable state by the same time. Most of the bugs above have been around for a long time, and as such, many of them will be just ignored if they're not fixed, making for a substantially lower quality release than we might want or hope for. To emphasise: if you want a pleasant, consistent, bug-free woody release, please start looking at the bugs in your favourite packages and sending the maintainer patches for them now. A number of the bugs above will need some real analysis, not a five minute tweak. This coming weekend is a bugsquash party, so hopefully many of the above will end up fixed soon. Otherwise, we could have some hold ups due to archive maintenance issues (implementing the necessary changes to support crypto-in-main and woody-proposed-updates), however these are mostly implemented already, and should be done in enough time: implementing technical solutions is a lot easier and faster than finding an answer to political/legal problems which've been the major hold up of late. Our major risks at this point are no longer schedule related, but quality related. Please help fixing bugs. Cheers, aj (woody release manager) --=20 Anthony Towns I don't speak for anyone save myself. GPG signed mail preferred. "Security here. Yes, maam. Yes. Groucho glasses. Yes, we're on it. C'mon, guys. Somebody gave an aardvark a nose-cut: somebody who can't deal with deconstructionist humor. Code Blue." -- Mike Hoye, see http://azure.humbug.org.au/~aj/armadillos.txt --J2SCkAp4GZ/dPZZf Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iQCVAwUBO+jRa+RRvX9xctrtAQGVyQQAgrCmXPyi9NmDRD52B/1toduOcMcI+dAg O2jOaNC6T6A6mALmmIq9HTe8rWuZeqCBd+N6VkMpjHl5fuCUtmLsgYPKRyCfFuoO Z/naVx7xqB5dA3aBtRbxV+IjjOtAy7+9jWzrmMA00pWAUHQhckqooeMP499SNXdT 82BqiPoqgZs= =TUVk -----END PGP SIGNATURE-----