Free software activity in April 2026
My Debian contributions this month were all sponsored by Freexian.
You can also support my work directly via Liberapay or GitHub Sponsors.
dput-ng
Ian Jackson reported that dput-ng could lose data when using the local install method (relevant in tests of other packages, for instance) and filed an initial merge request to fix it. I improved this to isolate its tests properly, and uploaded it.
groff
I upgraded from 1.23.0 to 1.24.1. 1.24.0 and 1.24.1 were the first upstream releases since 2023, and had extensive changes; I’d had the corresponding packaging changes in the works since January, but it took me a while to get round to finishing them off. It was good to get this off my list.
OpenSSH
I released bookworm and trixie fixes for CVE-2026-3497, and issued the corresponding BSA-130 for trixie-backports.
I upgraded from 10.2p1 to 10.3p1.
parted
I upgraded from 3.6 to 3.7. 3.7 was the first upstream release since 2023, but the changes were nowhere near as extensive as groff, so this was a fairly quick job. I also fixed the parted-doc package to ship proper API documentation.
Python packaging
New upstream versions:
- django-modeltranslation
- nbconvert (fixing CVE-2026-39377 and CVE-2026-39378)
- pydantic-extra-types
- pydantic-settings
- python-agate (fixing file conflicts)
- python-nacl
- zope.configuration
- zope.interface
I started an upstream discussion about how best to handle the pydantic and pydantic-core packages now that they share an upstream git repository.
Other bug fixes:
Rust packaging
New upstream versions:
- rust-jiter
- rust-minijinja
YubiHSM packaging
I upgraded from 2.7.2 to 2.7.3.
Code reviews
- libfido2 1.17.0-1 (sponsored upload for Patrick Winnertz, since their key had expired)
- python-backports.zstd: Obsolete with Python 3.14 (sponsored upload for YOKOTA Hiroshi)
- python-better-exceptions 0.4.0-2 (sponsored upload for Seyed Mohamad Amin Modaresi)