A few days ago it was announced general resolution vote results (GR) carried out by the Debian project developers involved in package maintenance and infrastructure maintenance, which approved the possibility of holding secret ballots that do not reveal the choice of the participants (Until now, after the GR vote, complete lists were published with information on the options chosen by each voter).
The need for secret ballots emerged last year during the adoption of a resolution on Richard Stallman because not all were willing to openly express their position, since expressing their opinion could lead to further harassment by supporters or opponents of Stallman.
During the vote on GR_2021_002, several developers said they felt uncomfortable voting because, under the process at the time, their name and rank on the ballot would be public. Several discussion participants believe that we will get election results that more accurately reflect the will of the developers if we do not make public the name associated with a particular vote on the tally sheet. Several people believed that classified votes without names attached would still be valuable public information.
This proposal would treat all elections as DPL elections. At the same time, it relaxes the requirement that the secretary must vote by email. If the requirement to vote by email is removed, then an experiment with at least the voting system is planned.
During this vote the possibility of depersonalizing the opinions of the participants was approved (hide information about who voted, why), but allowing verification to exclude vote counting abuses.
Besides that secret ballots will be held (GR) similar to the annual elections of the project leader, the lists of the participants who voted and the selected positions will also be published separately, without it being possible to determine which participant belongs to one or the other option.
To exclude abuse by the person responsible for counting the votes, the possibility of a new independent verification is determined of votes and developers are required to create a mechanism to confirm that their vote was taken into account when calculating the results (when choosing a project leader, a cryptographic hash is used, with which a participant can verify the inclusion of your vote, but this method is not protected from value enumeration and requires modernization, for example, the use of hidden codes generated by the voting system for each developer when calculating the hash).
Moreover, also talking about Debian, too worth highlighting which was announced a few days ago the release of the third corrective update of the Debian 11 distribution, which includes cumulative package updates and fixes bugs in the installer.
The launch includes 92 stability updates and 83 security updates. Of the changes in Debian 11.3, we can point out the update to the latest stable versions of the apache2, clamav, dpdk, galera, openssl and rust-cbindgen packages, as well as the removal of the deprecated angular-maven-plugin and minify-packages. maven plugins.
Installation builds will be prepared for download and installation from scratch, as well as live iso-hybrid with Debian 11.3. Pre-installed and updated systems receive the updates that are present in Debian 11.3 through the native update system.
Security fixes included in new versions of Debian are made available to users as updates are released via the security.debian.org service.
At the same time, it is available a new version of the previous stable branch of Debian 10.12, which includes 78 stability updates and 50 vulnerability updates. The angular-maven-plugin and minify-maven-plugin packages have been removed from the repository.
OpenSSL includes verification that the requested digital signature algorithm matches the selected security level. For example, if you try to use RSA+SHA1 with the security level set to 2, an error will be returned, since this algorithm is not supported at level 2. If necessary, the level can be overridden by specifying the '-cipher option 'ALL:@SECLEVEL=1″' on the command line or by changing the settings in the /etc/ssl/openssl.cnf file.
Finally if you are interested in knowing more about it, you can consult the details in the following link.