debian

This was a particularly busy month for me in terms of Debian contributions.

It started with a week in Hamburg for the MiniDebConf. I talked to many colleagues face-to-face and worked on various bugs and maintenance tasks. I'm pleased to have finally found the time to reproduce and fix the boot-time crashes in the parallel port subsystem that have been reported many times recently.

A series of easily exploited kernel LPE (local privilege execution) issues were published this month, mostly with very little coordination with distributions. Salvatore and I had to upload fixes for these at roughly weekly intervals. All of these fixes needed to be applied to 4 different upstream branches (currently 5.10, 6.1, 6.12, and 7.0) and 7 Debian branches (including backports).

Debian packages:
- cis-tools:
  - Bugs:
    - replied to #1135267: pack_cis should be installed in /usr/bin
- dracut:
  - Bugs:
    - replied to #1131809: dracut: ppc64el autopkgtest are flaky and take 7 hours per run (and discussed it in-person in Hamburg)
- firmware-free:
  - Bugs:
    - closed #1122755: firmware-free: Please remove/replace usage of dh_movetousr
  - Merge requests:
    - opened !11: Apply relevant changes from firmware-nonfree
- firmware-nonfree:
  - Merge requests:
    - closed !68: Draft: Update bullseye in line with buster
    - reviewed and merged !146: gencontrol: s/initramfs-tools/update-initramfs/
    - merged !147: control: stop suggesting initramfs-tools
    - opened and merged !148: Update to 20260519
    - opened and merged !149: Include more firmware in binary packages
    - opened !150: Update and remove obsolete package relations
- gnome-shell:
  - Bugs:
    - replied to and reassigned #1135951: linux-image-6.12.85+deb13-amd64: secure data is visible when waking from suspsend
- initramfs-tools:
  - Bugs:
    - closed #1108924: initramfs-tools: Cannot boot Trixie d-i rc2 USB storage target riscv64 MODULES=most (missing: cdns3 cdns3_starfive)
  - Merge requests:
  - Uploads:
    - uploaded version 0.148.4 to trixie
- ktls-utils:
  - Merge requests:
    - merged !5: Update to 1.4.0
  - Uploads:
    - uploaded version 1.4.0-1 to unstable
- linux:
  - Bugs:
    - replied to #1130365: linux-image-6.18.15+deb14-amd64: kernel panic during startup
    - replied to #1136800: linux-image-7.0.4+deb14-amd64: fails to boot
    - replied to #1136894: linux-image-7.0.4+deb14-amd64: Kernel Panic - AMDGPU crash
    - replied to #1136978: linux-image-7.0.4+deb14-amd64: kernel NULL pointer dereference
    - replied to and closed #1137202: linux-image-7.1-amd64: Kernel panic on boot
    - replied to #1137203: bnx2: ifupdown-hotplug fails at boot, no network, regression from 5.10.0-42
    - replied to #1137642: linux-image-7.0.7+deb13-amd64: Failed to load Bluetooth driver
  - Merge requests:
    - closed !1720: arm64: Enable Renesas RZ/G2L features
    - merged !1759: [arm64] Enable AIR_EN8811H_PHY as module
    - merged !1792: [arm64] Enable BST platform support
    - closed !1817: [sparc64] Add patches to fix user stack sync and add clone3() syscall
    - merged !1837: [arm64] Enable configs for Qualcomm RB1 boards
    - reviewed !1845: [amd64,arm64] Enable KEXEC_HANDOVER and LIVEUPDATE
    - merged !1878: [riscv64] Enable CMA and DMA_CMA. Set CMA_SIZE_MBYTES=64
    - merged !1884: [amd64] Enable Intel USBIO bridge driver and submodules
    - opened !1904: Improve package descriptions for most of the kernel packages
    - reviewed and merged !1906: Enable SND_SOC_SDCA_CLASS and SND_SOC_SDCA_{FDL, HID, IRQ} for Panther Lake audio support
    - opened and merged !1910: Add backported patches for Dirty Frag attack
    - merged !1911: Qualcomm Monaco and Talos support
    - merged !1913: d/watch: migrate to version 5
    - reviewed !1936: [sparc64] Add nvme module to scsi-modules udeb
    - reviewed !1948: [amd64] Enable Intel Platform Hardware Support Drivers
    - opened and merged !1951: Fix dirtying of the source tree when building tools
    - merged !1954: 7.0 backport 'Fix for "fragnesia" (CVE-2026-46300) and variants'
    - merged !1955: 6.12 backport 'Fix for "fragnesia" (CVE-2026-46300) and variants'
    - opened !1956: Draft: Enable a fully parallel build
  - Uploads:
    - (LTS) uploaded versions 5.10.251-2, 5.10.251-3, 5.10.251-4, 5.10.251-5, 5.10.257-1 to bullseye-security
    - uploaded versions 6.12.85-1~bpo12+1, 6.12.86-1~bpo12+1, 6.12.88-1~bpo12+1, 6.12.90-1~bpo12+1, 6.12.90-2~bpo12+1 to bookworm-backports
    - uploaded versions 6.19.14-1~bpo13+1, 7.0.10-1~bpo13+1, 7.0.4-1~bpo13+1, 7.0.7-1~bpo13+1, 7.0.9-1~bpo13+1 to trixie-backports
- (LTS) linux-6.1:
  - Uploads:
    - uploaded versions 6.1.170-1~deb11u1, 6.1.170-3~deb11u1, 6.1.172-1~deb11u1, 6.1.174-1~deb11u1 to bullseye-security
- miniramfs:
  - Bugs:
    - replied to #1132532: miniramfs: Missing cpio dependency
- nfs-utils:
  - Bugs:
    - replied to and closed #1138209: nfs-kernel-server: Parameter RPCNFSDCOUNT from /etc/default/nfs-kernel-server is ignored after Upgrade from Deb12
- wireless-regdb:
  - Uploads:
    - uploaded version 2026.03.18-1 to unstable
Debian non-package bugs:
- release.debian.org:
  - opened #1135902: trixie-pu: package initramfs-tools/0.148.4
Mailing lists:

02 Jun 2026 2:17pm GMT

Hello and welcome to my May 2026 free software activities report. A lot's been going on in my life offline so I took a bit of a hiatus from doing these reports, but I've had a fairly productive month of May so I thought it'd be nice to do another one for this month.

GNU & FSF

GNU Emacs:
- ffs-0.2.2: I finally polished and published my ffs package for GNU Emacs on GNU ELPA. Many thanks to Protesilaos for rounds of code review and feedback for improving and polishing the package in preparation for submission to GNU ELPA.
- bug#81101: Trying to visit https://www.emacswiki.org in EWW I noticed it fails with a Somebody wants you to give them money error due to the anti-bot challenge being served with a HTTP 402 (Payment Required) response. So I landed a patch 12eec781ed6 to no longer do that. Thanks to Emacs comaintainer Sean Whitton for reviewing and approving my proposed patch.
- bug#81107: I noticed that in EWW, unlike <input type="submit"> HTML buttons, <button> elements were not tab-stoppable, leading to poorer usability and accessibility. So I landed a patch ec3d662de0b to fix that. Thanks to Emacs comaintainer Eli Zaretskii for reviewing, providing feedback, and accepting my proposed change.
- Emacs Chat with Sacha Chua: I joined Sacha for a new episode of her Emacs Chat podcast, where we talked about Emacs and life. I gave a quick tour of my Emacs configuration, discussing at length my configurations for EXWM (Emacs X Window Manager) among other topics like Emacs's facility for visually indicating buffer boundaries in the fringe by setting indicate-buffer-boundaries and my convenience configuration macros.
maintainers@: I started the next long-overdue round of emails to GNU package maintainers to confirm the contact information we have on file for them and get a brief status update about their packages. Emails are sent in small batches to keep the workload of handling the responses manageable for assistant GNUisances.
GNU Spotlight: I prepared and sent the May GNU Spotlight to the FSF campaigns team for publication on the FSF's community blog and the monthly Free Software Supporter newsletter.

Debian

I've begun the work toward updating the Jami package in Debian unstable again, which means I need to package new releases of its direct and indirect dependencies. For OpenDHT, I need to update RESTinio, and to do that I first need to package expected-lite and sobjectizer for Debian:

#1120837: ITP: expected-lite - expected objects for C++11 and later
#1137609: ITP: sobjectizer - C++ implementation of Actor, Publish-Subscribe, and CSP models

I've been working on packaging both and hope to have them uploaded to the archive in the next days and weeks.

That's it for this month's report.

Take care, and so long for now.

01 Jun 2026 2:30am GMT

Ron Garrett wrote an interesting blog post about the mathematical possibility of abiogenesis [1].

Cory Doctorow wrote an interesting blog post about the way the current antics of right wing extremists are forcing permanent changes in society away from the old systems [2].

William Angel wrote an insightful blog post comparing the costs of a Macbook and the Openrouter hosted service for LLMs [3].

The Register has an informative article about the threat that management systems built in to Intel and AMD CPUs pose to data sovereignty in EU owned cloud providers [4]. But this is just the first stage of building sovereign clouds, all significaant cloud services run at least 2 types of CPU and adding EU manufactured CPUs at a future time will be easy.

Benn Jordan made an interesting YouTube video about the infrasound problems caused by data centers, we need FOSS to measure infrasound [5].

amarok on the Purism forum made a great post about how to setup profiles in Firefox for different uses [6].

fralb5 wrote an informative post on the Purism forum about how to use a Librem 5 (or any other FOSS Linux phone) to firewall spyware on an Android phone [7].

Michael Prokop wrote an interesting blog post about debugging input event problems on Linux which turned out to be due to an analogue headphone connection [8]. This gave me some useful pointers to investigating an input device problem which is probably very different.