#use wml::debian::projectnews::header PUBDATE="2013-01-07" SUMMARY="<tt>wiki.debian.org</tt> security breach, bits from the DPL"
#use wml::debian::translation-check translation="1.1"

# $Rev: 4529 $
# Status: [frozen]

<intro issue="first" />
<toc-display/>


<toc-add-entry name="wiki"><tt>wiki.debian.org</tt> security breach: global
passwords reset</toc-add-entry>

<p>
Steve McIntyre, administrator of the Debian wiki, announced that 
due to a security breach,
<a
href="http://lists.debian.org/debian-devel-announce/2013/01/msg00000.html">all
<tt>wiki.debian.org</tt> account passwords are being reset</a>.
In order to regain access to your wiki account, you'll need to
follow the
<a href="http://wiki.debian.org/FrontPage?action=recoverpass">password
recovery process</a>.
In the mail, Steve explained that the Debian Security Team recently
found a
<a href="http://www.debian.org/security/2012/dsa-2593">vulnerability</a>
in the moin package which had been succesfully exploited for
<tt>wiki.debian.org</tt>.
The wiki has already been moved to another server and an audit of the old
server is ongoing.
</p>


<toc-add-entry name="dplbits">Bits from the DPL</toc-add-entry>

<p>
Stefano Zacchiroli sent his <a
href="http://lists.debian.org/debian-devel-announce/2013/01/msg00001.html">\
monthly report of DPL activities for December 2012</a>.
Stefano reported about progress in the <q>DPL helpers</q>
experiment, as well as collaborations with external projects such as
the Open Source Initiative (OSI) and Free Software Foundation (FSF).
In addition, Stefano reported that the <tt>debian.eu</tt> domain is
finally under control of the Debian System Administrators.
</p>



<toc-add-entry name="other">Other news</toc-add-entry>

<other-devel-news-intro
	issue-devel-news="thirty-first"
	url-devel-news="http://lists.debian.org/debian-devel-announce/2012/12/msg00002.html"
/>
<ul>
  <li>amd64 most popular architecture according to popcon</li>
  <li>Register your media types to the IANA</li>
  <li>First release of dput-ng in <q>unstable</q></li>
  <li>Recent changes on the Debian QA front</li>
  <li>Fancy graphs on <tt>lintian.debian.org</tt></li>
</ul>


<p>
Andreas Tille announced that the 
<a href="http://blends.debian.net/liststats/">statistics
about selected Debian teams</a>
have been updated, and now include all of 2012.
</p>

<toc-add-entry name="newcontributors">New Debian Contributors</toc-add-entry>
## dd-url is always the same;
## dm-url is the url of the message on debian-project with the keys added
## to the archive;
## uploader url is always the same;
## post-name is always the same

<newcontributors
	dd-url="https://nm.debian.org/public/nmlist#done"
	dm-url="http://lists.debian.org/E1Sta5X-0005lb-Ap@franck.debian.org"
	uploader-url="http://udd.debian.org/cgi-bin/new-maintainers.cgi"
	post-name=""
>
## here the name of the new dds, dms, uploaders
<newcontributors-uploader
	"David Smith" 
/></newcontributors>


<toc-add-entry name="rcstats">Release-Critical bugs statistics for the upcoming release</toc-add-entry>

<rcstatslink release="Wheezy"
	url="http://richardhartmann.de/blog/posts/2013/01/05-Debian_Release_Critical_Bug_report_for_Week_01/"
	testing="171"
	tobefixed="116" />


<toc-add-entry name="dsa">Important Debian Security Advisories</toc-add-entry>

	<p>Debian's Security Team recently released
	advisories for these packages (among others):
<a href="$(HOME)/security/2012/dsa-2590">wireshark</a>,
<a href="$(HOME)/security/2012/dsa-2591">mahara</a>,
<a href="$(HOME)/security/2012/dsa-2592">elinks</a>,
<a href="$(HOME)/security/2012/dsa-2593">moin</a>,
<a href="$(HOME)/security/2012/dsa-2594">virtualbox-ose</a>,
<a href="$(HOME)/security/2012/dsa-2595">ghostscript</a>,
<a href="$(HOME)/security/2012/dsa-2596">mediawiki-extensions</a>,
<a href="$(HOME)/security/2013/dsa-2597">rails</a>,
<a href="$(HOME)/security/2013/dsa-2598">weechat</a>,
<a href="$(HOME)/security/2013/dsa-2599">nss</a>,
<a href="$(HOME)/security/2013/dsa-2600">cups</a>,
<a href="$(HOME)/security/2013/dsa-2601">gnupg, and gnupg2</a>.

	Please read them carefully and take the proper measures.</p>

<dsa-ml-guide
	url-dsa="http://lists.debian.org/debian-security-announce/"
	url-bpo="http://lists.debian.org/debian-backports-announce/"
	url-stable-announce="http://lists.debian.org/debian-stable-announce/"
/>


<toc-add-entry name="wnpp">Work-needing packages</toc-add-entry>
<wnpp link="http://lists.debian.org/debian-devel/2013/01/msg00101.html"
	orphaned="519"
	rfa="141" />

<toc-add-entry name="continuedpn">Want to continue reading DPN?</toc-add-entry>

<continue-dpn />

#use wml::debian::projectnews::footer editor="Cédric Boutillier, Francesca Ciceri, Justin B Rye"
# Translators may also add a translator="foo, bar, baz" to the previous line