And now for your kind attention, the devuan-dev meet notes for
Wednesday, August 7th, 2019.
plasma41
------------------------------------------------------------------------
# Devuan meet Aug. 07 @20:30 UTC
Pad is here:
https://pad.dyne.org/code/#/2/code/edit/FcDQ5xdCda2HojLwHvh-nZiw/
Meet here: https://vdc.dyne.org/devuan
* Please post notes prior to the meet.
* Please add your name as 'Present' below when you get to the
meet.
* When adding a comment in someone else's notes, please
pre-pend your name like this: (whoever) whatever . . .
Present: blinkdog, rrq, plasma41, golinux, fsmithred, Centurion Dan
## Old Business
## Old Actions
- Point release
- Update point release notes.
### rrq
- hands-on to amprolla, which had "locked up" again
- added MTA dummy for capturing any error messages
- found lots of version differences between amd64 and i386
that's a nuisance for multiarch
- rrq make list of the Devuan problem packages
- Centurion_Dan look at patch to dak to avoid this arising
## New Business
### golinux
- with (mostly) fsmithred have put together notes for the point release.
This for the desktop-live:
```
Changes in this Desktop-Live point release:
- All Devuan packages to the date of this iso including:
- policykit-1 to fix CVE-2019-6133 and CVE-2018-19788
- dbus patch to generate new dbus machine-id on boot. This behavior
is configurable in /etc/default/dbus
- All Debian packages to the date of this iso including:
- apt to fix CVE-2019-3462.
- linux-image-4.9.0-9 (4.9.168-1+deb9u4) to fix multiple vulnerabilities
- firefox-esr 60.8.0esr-1~deb9u1 to fix multiple vulnerabilities
- Desktop-Live
- Added memtest86+ to live isos
- Added lvm2 and mdadm
```
And this for ascii 2.1 Release Notes:
```
### What's new in ascii 2.1
- All Devuan packages to the date of this iso including:
- policykit-1 to fix CVE-2019-6133 and CVE-2018-19788.
- dbus patch to generate new dbus machine-id on boot. This behavior
is configurable in /etc/default/dbus.
- All Debian packages to the date of this iso including:
- apt to fix CVE-2019-3462.
- linux-image-4.9.0-9 (4.9.168-1+deb9u4) to fix multiple vulnerabilities.
- firefox-esr 60.8.0esr-1~deb9u1 to fix multiple vulnerabilities.
```
After I double check the formatting I will post links to the entire
documents here.
### fsr's Thursday rewrite of the above:
(This will work for both release notes)
```
What's new in ascii 2.1
Security udates:
- apt (1.4.9) to fix CVE-2019-3462.
- linux-image-4.9.0-9 (4.9.168-1+deb9u4) to fix multiple vulnerabilities
- firefox-esr (60.8.0esr-1~deb9u1) to fix multiple vulnerabilities
- policykit-1 to fix CVE-2018-19788 and CVE-2019-6133
- Many more. (See
https://www.debian.org/security/2019/)
Other changes:
- dbus patch to generate new dbus machine-id on boot. This behavior
is configurable in /etc/default/dbus.
- memtest86+, lvm2 and mdadm added to desktop-live isos.
```
(gl) looks good to me.
## New Actions
- Let's get the point release out the door!
- Build point release isos
- Make reportbug direct the bug report to Debian or Devuan by virtue of
which package is chosen.
- Address version code diff problem
- rrq make list of the Devuan problem packages
- Centurion_Dan look at patch to dak to avoid this arising
- (someone) possibly look at patching dpkg for this