FOSS activity in 2025

This was a particularly busy month for me in terms of Debian contributions.

It started with a week in Hamburg for the MiniDebConf. I talked to many colleagues face-to-face and worked on various bugs and maintenance tasks. I’m pleased to have finally found the time to reproduce and fix the boot-time crashes in the parallel port subsystem that have been reported many times recently.

A series of easily exploited kernel LPE (local privilege execution) issues were published this month, mostly with very little coordination with distributions. Salvatore and I had to upload fixes for these at roughly weekly intervals. All of these fixes needed to be applied to 4 different upstream branches (currently 5.10, 6.1, 6.12, and 7.0) and 7 Debian branches (including backports).

Debian packages:
- cis-tools:
  - Bugs:
    - replied to #1135267: pack_cis should be installed in /usr/bin
- dracut:
  - Bugs:
    - replied to #1131809: dracut: ppc64el autopkgtest are flaky and take 7 hours per run (and discussed it in-person in Hamburg)
- firmware-free:
  - Bugs:
    - closed #1122755: firmware-free: Please remove/replace usage of dh_movetousr
  - Merge requests:
    - opened !11: Apply relevant changes from firmware-nonfree
- firmware-nonfree:
  - Merge requests:
    - closed !68: Draft: Update bullseye in line with buster
    - reviewed and merged !146: gencontrol: s/initramfs-tools/update-initramfs/
    - merged !147: control: stop suggesting initramfs-tools
    - opened and merged !148: Update to 20260519
    - opened and merged !149: Include more firmware in binary packages
    - opened !150: Update and remove obsolete package relations
- gnome-shell:
  - Bugs:
    - replied to and reassigned #1135951: linux-image-6.12.85+deb13-amd64: secure data is visible when waking from suspsend
- initramfs-tools:
  - Bugs:
    - closed #1108924: initramfs-tools: Cannot boot Trixie d-i rc2 USB storage target riscv64 MODULES=most (missing: cdns3 cdns3_starfive)
  - Merge requests:
  - Uploads:
    - uploaded version 0.148.4 to trixie
- ktls-utils:
  - Merge requests:
    - merged !5: Update to 1.4.0
  - Uploads:
    - uploaded version 1.4.0-1 to unstable
- linux:
  - Bugs:
    - replied to #1130365: linux-image-6.18.15+deb14-amd64: kernel panic during startup
    - replied to #1136800: linux-image-7.0.4+deb14-amd64: fails to boot
    - replied to #1136894: linux-image-7.0.4+deb14-amd64: Kernel Panic - AMDGPU crash
    - replied to #1136978: linux-image-7.0.4+deb14-amd64: kernel NULL pointer dereference
    - replied to and closed #1137202: linux-image-7.1-amd64: Kernel panic on boot
    - replied to #1137203: bnx2: ifupdown-hotplug fails at boot, no network, regression from 5.10.0-42
    - replied to #1137642: linux-image-7.0.7+deb13-amd64: Failed to load Bluetooth driver
  - Merge requests:
    - closed !1720: arm64: Enable Renesas RZ/G2L features
    - merged !1759: [arm64] Enable AIR_EN8811H_PHY as module
    - merged !1792: [arm64] Enable BST platform support
    - closed !1817: [sparc64] Add patches to fix user stack sync and add clone3() syscall
    - merged !1837: [arm64] Enable configs for Qualcomm RB1 boards
    - reviewed !1845: [amd64,arm64] Enable KEXEC_HANDOVER and LIVEUPDATE
    - merged !1878: [riscv64] Enable CMA and DMA_CMA. Set CMA_SIZE_MBYTES=64
    - merged !1884: [amd64] Enable Intel USBIO bridge driver and submodules
    - opened !1904: Improve package descriptions for most of the kernel packages
    - reviewed and merged !1906: Enable SND_SOC_SDCA_CLASS and SND_SOC_SDCA_{FDL, HID, IRQ} for Panther Lake audio support
    - opened and merged !1910: Add backported patches for Dirty Frag attack
    - merged !1911: Qualcomm Monaco and Talos support
    - merged !1913: d/watch: migrate to version 5
    - reviewed !1936: [sparc64] Add nvme module to scsi-modules udeb
    - reviewed !1948: [amd64] Enable Intel Platform Hardware Support Drivers
    - opened and merged !1951: Fix dirtying of the source tree when building tools
    - merged !1954: 7.0 backport ‘Fix for “fragnesia” (CVE-2026-46300) and variants’
    - merged !1955: 6.12 backport ‘Fix for “fragnesia” (CVE-2026-46300) and variants’
    - opened !1956: Draft: Enable a fully parallel build
  - Uploads:
    - (LTS) uploaded versions 5.10.251-2, 5.10.251-3, 5.10.251-4, 5.10.251-5, 5.10.257-1 to bullseye-security
    - uploaded versions 6.12.85-1~bpo12+1, 6.12.86-1~bpo12+1, 6.12.88-1~bpo12+1, 6.12.90-1~bpo12+1, 6.12.90-2~bpo12+1 to bookworm-backports
    - uploaded versions 6.19.14-1~bpo13+1, 7.0.10-1~bpo13+1, 7.0.4-1~bpo13+1, 7.0.7-1~bpo13+1, 7.0.9-1~bpo13+1 to trixie-backports
- (LTS) linux-6.1:
  - Uploads:
    - uploaded versions 6.1.170-1~deb11u1, 6.1.170-3~deb11u1, 6.1.172-1~deb11u1, 6.1.174-1~deb11u1 to bullseye-security
- miniramfs:
  - Bugs:
    - replied to #1132532: miniramfs: Missing cpio dependency
- nfs-utils:
  - Bugs:
    - replied to and closed #1138209: nfs-kernel-server: Parameter RPCNFSDCOUNT from /etc/default/nfs-kernel-server is ignored after Upgrade from Deb12
- wireless-regdb:
  - Uploads:
    - uploaded version 2026.03.18-1 to unstable
Debian non-package bugs:
- release.debian.org:
  - opened #1135902: trixie-pu: package initramfs-tools/0.148.4
Mailing lists: