Development procedures Debian

-




each software package has maintainer may either 1 person or team of debian developers , non-developer maintainers. maintainer keeps track of upstream releases, , ensures package coheres rest of distribution , meets standards of quality of debian. packages may include modifications introduced debian achieve compliance debian policy, fix non-debian specific bugs, although coordination upstream developers advised.


the maintainer releases new version uploading package incoming system, verifies integrity of packages , digital signatures. if package found valid, installed in package archive area called pool , distributed every day hundreds of mirrors worldwide. upload must signed using openpgp-compatible software. debian developers have individual cryptographic key pairs. developers responsible package upload if packaging prepared contributor.


initially, accepted package available in unstable branch. package become candidate next release, must migrate testing branch meeting following:



it has been in unstable length of time depends on urgency of changes.
it not have release-critical bugs, except ones present in testing. release-critical bugs considered serious enough make package unsuitable release.
there no outdated versions in unstable release ports.
the migration not break packages in testing.
its dependencies can satisfied packages in testing or packages being migrated @ same time.
the migration not blocked freeze.

thus, release-critical bug in new version of shared library on many packages depend may prevent packages entering testing, because updated library must meet requirements too. branch viewpoint, migration process happens twice per day, rendering testing in perpetual beta.


periodically, release team publishes guidelines developers in order ready release. new release occurs after freeze, when important software reasonably up-to-date in testing branch , other significant issues solved. @ time, packages in testing branch become new stable branch. although freeze dates time-based, release dates not, announced release managers couple of weeks beforehand.


a version of package can belong more 1 branch, testing , unstable. possible package keep same version between stable releases , part of oldstable, stable, testing , unstable @ same time. each branch can seen collection of pointers package pool mentioned above.


security

the debian project handles security through public disclosure rather through obscurity. debian security advisories compatible common vulnerabilities , exposures dictionary, coordinated other free software vendors , published same day vulnerability made public. there used security audit project focused on packages in stable release looking security bugs; steve kemp, started project, retired in 2011 resumed activities , applied rejoin in 2014.


the stable branch supported debian security team; oldstable supported 1 year. although squeeze not officially supported, debian coordinating effort provide long-term support (lts) until february 2016, 5 years after initial release, ia-32 , x86-64 platforms. testing supported testing security team, not receive updates in timely manner stable. unstable s security left package maintainers.


the debian project offers documentation , tools harden debian installation both manually , automatically. security-enhanced linux , apparmor support available disabled default. debian provides optional hardening wrapper, , not harden of software default using gcc features such pie , buffer overflow protection, unlike operating systems such openbsd, tries build many packages possible hardening flags.


2008 openssl vulnerability

in may 2008, revealed debian developer discovered openssl package distributed debian , derivatives such ubuntu, made variety of security keys vulnerable random number generator attack, since 32,767 different keys generated. security weakness caused changes made in 2006 debian developer in response memory debugger warnings. complete resolution procedure cumbersome because patching security hole not enough; involved regenerating affected keys , certificates.








Comments

Post a Comment

Popular posts from this blog

Prosodic bootstrapping Bootstrapping (linguistics)

-
1 prosodic bootstrapping 1.1 prosodic cues syntactic structure 1.2 prosodic cues clauses , phrases 1.3 criticism prosodic bootstrapping even before infants can comprehend word meaning, prosodic details assist them in discovering syntactic boundaries. prosodic bootstrapping or phonological bootstrapping investigates how prosodic information — includes stress, rhythm, intonation, pitch, pausing, dialectal features — can assist child in discovering grammatical structure of language or acquiring. in general, prosody introduces features reflect either attributes of speaker or of utterance type. speaker attributes include emotional state, presence of irony or sarcasm. utterance-level attributes used mark questions, statements, , commands, , can used mark contrast. prosodic features associated speaker: emotional state, irony, sarcasm prosodic features associate utterance type: question, statement, command, contrast similarly, in sign language, prosody includes facial expression, mouthing, , r...
Read more

Principal leitmotifs Music of The Lord of the Rings film series

-
1 principal leitmotifs 1.1 first appearance in fellowship of ring 1.2 first appearance in 2 towers 1.3 first appearance in return of king 1.4 reprised themes hobbit 1.5 themes of hobbit principal leitmotifs howard shore s composition not carry motifs on either other scores of career or passages of existing film or stage music, exception of 1 intentional nod richard wagner on end-credits of third film. shore wrote long series of interrelated leitmotifs used, developed, combined or fragmented throughout 3 scores. motifs attached places, cultures, characters, objects , occurrences. while stage , film composers deviated meaning of themes , used them romantically (i.e. suggestion of mood) shore refrains using technique. several pieces feature intriguing thematic choices choosing history of 1 ring theme passage of argonath or ringwraith theme orc armies in prologue (and again azog in hobbit) neither outright romantic in application , can explained. history of ring being main theme o...
Read more

List of masters Devon and Somerset Staghounds

-
1 list of masters 1.1 north devon staghounds 1.2 chichester s hounds 1.3 devon , somerset staghounds list of masters hugh pollard , master in 1598. (sir hugh ii pollard of king s nympton, father of sir lewis pollard, 1st baronet (c. 1578–c.  1645)) edward ii dyke (d. 1746), portrait circa 1741 attributed thomas hudson (1701–1779), national trust, collection of dunster castle edward dyke (d. 1746), of pixton, in somerset, (eldest brother of thomas dyke (d. 1745) of tetton , of john dyke (d. 1732) of holnicote, in somerset), warden , lesee of royal forest of exmoor , master of staghounds, office held warder. married margaret trevelyan, daughter of sir john trevelyan, 2nd baronet (1670–1755), of nettlecombe in somerset, , widow of alexander luttrell (1705–1737) of dunster castle. edward inherited holnicote , estates in bampton brother john dyke (d. 1732), died without progeny. died without progeny , bequeathed pixton , holnicote niece elizabeth dyke (d. 1753), whom appointed sole executo...
Read more