Debian

Debian - An operating system consisting of both free and open source software and closed components. In primary form, Debian GNU/Linux is one of the most popular Linux distributions, having a significant impact on the development of this type of OS as a whole. There are also projects based on other cores: Debian GNU/Hurd, Debian GNU/kNetBSD and Debian GNU/kFreeBSD. Debian can be used for both server and workstation operating systems.

Debian has the largest package store among all distributions - ready-to-use programs - and, if not even by the number of them, by the number of architectures supported: starting with ARM used in embedded devices, the most popular x86 and PowerPC, the new 64-bit AMD, and ending with IBM S/390 used in mainframes. Different tools have been developed for working with storage, the most popular of which is APT.

Debian has become the basis of a number of distributions (over 100). The most famous of them Adamantix Bioknoppix Dreamlinux Clusterix are,,,,,,,,,, and Gnoppix Knoppix. Ubuntu Libranet Linspire MEPIS Xandros Desktop OS

The name "Debian" is composed of the names of the founder of the project, Ian Murdock, and his girlfriend (later - wife, now - former) Debra.

History

The creation of Debian was started in August 1993 by Ian Murdoch. He was guided by the desire to create a distribution, the process of which will, on the one hand, be open and free in the spirit of Linux and GNU, and at the same time extremely thorough and conscientious. At first, a small close-knit group of hackers from the free software world worked on the project, which gradually grew, becoming a large organized community of developers and users.

2023

Debian: EC's Secure Development Requirements Could Harm Open Source Projects

The Debian Project Community has adopted a joint statement^[1] on the dangers of the Cyber Resilience Act (CRA) planned for adoption in the European Union and changes to the Product Liability Directive (PLD). Moreover, three parts of this statement were put up for voting, and the project developers voted for the most general approval "The CRA and PLD proposals include provisions that damage free and open source software (Free & Open-Source Software - FOSS)." At the same time, the requirements for the application of CRA and PLD only to commercial enterprises and non-interference in existing open licenses were not accepted by the community.

The Cyber Resilience Act (CRA) is a regulation on for cyber security companies in the EU proposed on 15 September 2022 by the European Commission to improve cybersecurity and provide cyber resilience based on common cybersecurity standards for products with digital elements. It establishes the responsibility of developers for the safety of the products developed by him at all stages of the life cycle and is already at the final stage of development and adoption.

The consequences of the CRA adopted by the European Union may affect open source projects around the world

A little later, on September 28, 2022, the European Commission published its proposal to change the product liability directive adopted almost 40 years ago. Lawmakers propose bringing the EU product liability regime through PLDs in line with the digital age, business models of the circular economy, global value chains, and the need to ease the burden of proof for consumers demanding compensation for damages suffered due to defects in products. As part of the planned changes in the PLD, developers may be responsible for software defects in the amount of up to 15 million euros, or 2.5% of the company's annual turnover.

The main provisions of the statement adopted by the Debian developers are as follows:

1. Free software has always been free, freely provided to society, so that it can take and use it at its discretion, for any purpose. Free software has proven its value in our digital age and the EU's proposed cyber resilience law will harm it. 2. Debian is known for its reputation in the field of security due to the practice of responsible disclosure of information and coordination with end developers and other free software projects. We strive to fulfill the obligations made in the Debian social contract: "We will not hide the problems." 3. While proprietary software is developed behind closed doors, free software development is open and transparent to all. In order to maintain parity with proprietary software, the open-source development process must be completely exempt from CRA requirements, as well as the development of software by individuals. The issue of "go-to-market" can only be considered after software development and release is completed. 4. Even if the scope of the CRA includes only "commercial activities," the free software community - and, as a result, everyone - will lose many small projects. CRA will force many small businesses, and most likely all individual developers, out of business because they simply will not be able to meet the requirements of CRA. Debian and other Linux distributions depend on their operation. Embracing the CRA as it is would undermine not only an established community but a thriving market. CRA needs an exception for small businesses and at least individual entrepreneurs.

Two additional parts of the requirements were also put up for a community vote: "The CRA and PLD proposals should only apply to commercial businesses" and "the EU should not revoke the DFSG 6 and FOSS licences." The first expresses concern that in the draft law developments with open codes are not separated into a separate category, which would allow them to be relieved of responsibility for free software. And the second emphasizes that the PLD requirements eliminate traditional disclaimers that exist in all open licenses, making their use legally more risky. However, not many developers voted for these, tougher formulations, so they were not included in the final statement.

Voting scheme for various application options

It should be noted that Russia they went the other way. Mandatory requirements have been introduced for secure software development, which is delivered only under government contracts, and not for the entire market. Moreover, both the customer and the integrator can check the safety of products as part of the implementation process. This allows small projects to exist and develop within the framework of contractual relationships. In addition, the state funded the creation of technical center a Linux kernel security study and actually formed a community of specialists who conduct security studies open source of software created in projects.

Now this technical center is expanding its powers to check significant projects of open source software. That is, the Russian state has assumed the starting costs of ensuring the security of the most significant projects with open codes, forming a community of code auditors and gradually building the process of secure software development, and not shifting the financial burden of ensuring code security to the developers themselves.

Debian 12.4 with linux-image-6.1.0-15 kernel

On December 11, 2023, a corrective update of the Debian 12.4 distribution was formed, which includes accumulated package updates and added fixes to the installer. The release includes 94 updates to fix stability issues and 65 updates to fix. vulnerabilities It was decided to skip the release of Debian 12.3 due to the detection at the final stage of its preparation of an error in the package with - kernel linux image-6.1.0-14, which could lead to damage data in the Ext4 file system.

Debian 12.4 comes with a package with the linux-image-6.1.0-15 kernel, based on kernel version 6.1.66 and including a fix for the problem. Among the changes in Debian 12.4, one can also note the update to the latest stable versions of the gnome-shell, mutter, nvidia-graphics-drivers, postgresql-15, qemu, systemd, xen, tbsync, gosa, lastpass-cli packages. Removed the gimp-dds package, which is no longer required, since its functionality is now built into GIMP.

The llvm-toolchain-16 package based on LLVM/Clang 16 has been added, which is necessary to build the latest versions of the Chromium browser. Gnome-characters and fonts-noto-color-emoji added support for Unicode 15.1. Libsolv includes support for the zstd compression algorithm. In qbittorrent, UPnP is disabled by default when using the web interface.

Installation builds with Debian 12.4 have been prepared for download and installation from scratch. Previously installed and up-to-date systems receive updates present in Debian 12.4 through the standard^[2] Update installation system].

Discontinuing Mipsel Architecture Support

The developers of the Debian project announced the removal of the port for the mipsel architecture from the unstable/experimental repositories. This became known on September 3, 2023. Mipsel was one of the oldest supported Debian ports, older than only the i386 processor port. It is likely that Debian 12 will be the last release with mipsel support. The change does not apply to the mips64 architecture, which continues to be supported.

A number of technical problems are mentioned as reasons for the termination of mipsel support, including:

• Limit the amount of memory in the user's space in the 2Gb.
• The architecture is subject to the 2038 problem (32-bit time_t). The fix will break ABI and require, in fact, a complete re-bootstrap of the system with the loss of compatibility with binary programs.
• There is no more or less powerful mipsel-based hardware for the build system.
• Some packages have assembly problems with the mipsel architecture.
• Modern instrumentation typically uses a different floating point representation of NaN. Fixing this will require a full re-bootstrap with loss of compatibility with existing^[3] binary programs^[4].

Debian 12.1 Addressing Vulnerabilities and Stability Issues

The first corrective update of the Debian 12 distribution was formed, which includes package updates released a month and a half after the release of the last branch, and fixes the shortcomings in the installer. This became known on July 22, 2023. The release includes 89 updates that fix stability issues and 26 updates that fix vulnerabilities. Among the changes in Debian 12.1, we can note the update to the latest stable versions of the libreoffice, dbus, dpdk, gnome-control-center, gnome-maps, gnome-shell, gnome-software, mutter, nvidia-graphics-drivers, postfix, qemu, systemd packages.

Installation builds with Debian 12.1 have been prepared for download and installation from scratch. Previously installed and up-to-date systems receive updates present in Debian 12.1 through the standard update installation system. Security fixes included in the latest Debian releases are available to users as updates are released through the service security.debian.org.

For Debian 12, the bookworm-backports repository has been put into operation with backports of updated versions of packages from the Testing^[5] branch].

End of GNU kFreeBSD port support

The kfreebsd-amd64 and kfreebsd-i386 ports are removed from the Debian-ports archive. However, GNU/kFreeBSD packages can still be downloaded from the server with snapshots. This became known on July 14, 2023. The only actively developed Debian platform based on a kernel other than Linux remains Debian GNU/Hurd, which continues to form unofficial assemblies.

The Debian GNU/kFreeBSD port, which combines the FreeBSD kernel with user environments based on glibc and GNU utilities, was one of the officially supported ports in Debian 6 and Debian 7, but was excluded in Debian 8 and has since been in a semi-abandoned state. For example, the last build load for kfreebsd-amd64 and kfreebsd-i386 was made more than a year ago. In 2022, ports for kfreebsd-i386 were not loaded once, and for kfreebsd-amd64 only 11 times. The total number of current packages for GNU/kFreeBSD has decreased to 30%^[6].

2022

Start testing the alpha version of "Bookworm"

September 22, 2022 it became known about the start of testing the first alpha version of the installer of the next significant release of Debian - "Bookworm." The release is expected in the summer of 2023.

Major changes:

• Apt-setup provides the installation of certificate certification centers for the organization of certificate verification when loading packets using the HTTPS protocol.
• The busybox includes awk, base64, less and stty apps.
• Cdrom-detect implements the definition of installation images on ordinary disks.
• Choose-mirror has added the loading of the list of mirrors from the host mirror-master.debian.org.
• Kernel Linux updated to issue 5.19.
• The boot menu is unified for UEFI (grub) and BIOS (syslinux).
• The conversion of Debian 11 installations with a separate/usr partition to a different view has been implemented, in which the/bin ,/sbin and/lib * directories are designed as symbolic references to the corresponding directories inside/usr.
• Improved definition of multipath devices.
• nvme-cli-udeb package added.
• The definition of Windows 11 and Exherbo Linux is implemented.
• Experimental support for dmraid has been discontinued.
• Added support for Bananapi_M2_Ultra, ODROID-C4, ODROID-HC4, ODROID-N2, ODROID-N2Plus, Librem5r4, SiFive HiFive Unmatched A00, BeagleV Starlight, Microchip PolarFire-SoC Icon Kit and MNT Reform 2^[7]

81 changes in Debian 11.4

The fourth corrective update of the Debian 11 distribution has been published, which includes accumulated package updates and fixes shortcomings in the installer. The release includes 81 updates that address stability issues and 79 updates that address vulnerabilities. This became known on July 9, 2022.

Among the changes in Debian 11.4, we can note the update to the latest stable versions of apache2, clamav, postfix, network-manager, ganeti, libtgowt, nvidia-graphics-drivers, nvidia-persistenced, nvidia-settings, nvidia-xconfig, telegram-desktop, ublock-origin, usb.ids, wireless-regdb. Removed elog and python-hbmqtt packages that are unaccompanied and have security and health problems.

Installation builds and live iso-hybrid with Debian 11.4 will be prepared for download and installation from scratch in the near future. Previously installed and up-to-date systems receive updates present in Debian 11.4 through the standard update installation system. Security fixes included in the latest Debian releases are available to users as updates are released through the security.debian.org^[8] service].

Discontinuing LTS support for Debian 9.0

The maintenance period for the LTS branch of the Debian 9 Stretch distribution, formed in 2017, has come to an end. The release of updates for the LTS branch was carried out by a separate LTS Team development team, created from enthusiasts and representatives of companies interested in the long-term delivery of updates for Debian. This became known on July 1, 2022.

In the near future, the initiative group will begin to form another LTS-branch based on Debian 10 "Buster," the full-time support of which expires on July 7, 2022. The LTS Team will take the baton from the Security Team and continue to accompany without interruption. The release of updates for Debian 10 will be extended until June 30, 2024 (in the future, LTS support will be provided for Debian 11, updates for which will be released until 2026). As with Debian 9, LTS support for Debian 10 and Debian 11 will only apply to i386, amd64, armel, armhf and arm64 architectures, and the total support period will be 5 years.

At the same time, the end of LTS support does not mean the end of the life cycle of Debian 9.0 - as part of the Extended LTS program, Freexian has expressed its readiness to release updates on its own by June 30, 2027, eliminating vulnerabilities in a limited set of packages for amd64, armel and i386 architectures. Support will not cover many packages, including the Linux 4.9 kernel, which will be replaced by the 4.19 kernel backported from Debian 10. Updates are distributed through an external repository supported by Freexian. Access is free for everyone, and the range of supported packages depends on the total number of sponsors and packages of interest to them.

The short and unpredictable support period for Debian, which averaged three years and depended on the development activity of the next release, was one of the main obstacles to the implementation of Debian in enterprises. With the introduction of the LTS and Extended LTS initiatives, this obstacle has been eliminated and the support time for Debian has been brought to seven years from the date of release, which is more than the five-year LTS releases of Ubuntu, but three years less than Red Hat Enterprise Linux and SUSE Linux Enterprise, which are supported for 10 years^[9].

2019: Debian Linux OS ranked second in terms of vulnerabilities

In the course of analyzing the statistics of vulnerabilities in various operating systems and software products at the end of 2019, it turned out that Debian Linux was in second place (360 vulnerabilities). Read more here.

2018: 1,197 vulnerabilities detected in Debian GNU/Linux

In 2018, the largest number of vulnerabilities were discovered - 16,556, 1,197 of which were contained in the free Debian GNU/Linux OS. Read more here.

2016

Debian 8.6

September 17, 2016 it became known about the publication of the corrective release of Debian 8.6.

As part of the release, all released package updates have been eliminated, flaws in the installer have been eliminated - 77 updates with the elimination of stability problems and 93 updates with the elimination of vulnerabilities.

Debian 8.6 Desktop Screenshot, (2016)

Changes to Debian 8.6 - removing minit (not supported) and trn (replaced by trn4) packages. Updated to new releases adblock-plus, firegestures, gnome-maps, greasemonkey, intel-microcode, mariadb, mozilla-noscript, tabmixplus, tzdata^[10].

Debian 8.6 installation builds are formed. Previously installed and up-to-date systems receive updates present in Debian 8.6 through the standard update installation system. Security fixes included in the new Debian releases are available to users as updates are released through the service security.debian.org.

Debian-Edu 8

On July 2, 2016, the Debian project announced the release of the Debian Edu 8 distribution, focused on use in educational institutions, it is known as Skolelinux^[11].

Debian Edu 8 Desktop Screenshot "Skolelinux," (2016)

This version has switched to the Debian 8 "Jessie" package base, added MATE to the list of proposed desktops and implemented automatic firmware installation when installing the system over the network. 655 MB and 4.9 GB assemblies have been prepared for download.

The distribution kit includes a complex of tools integrated into one installation image for quick deployment of both servers and workstations in schools, while supporting stationary workplaces in computer classrooms and portable systems. Debian Edu out of the box is adapted to organize computer classes on the platform of diskless workstations and thin clients booting over the network.

There are several types of working environment that allow you to use Debian Edu, both on the latest PCs and on outdated equipment. There is a choice of working environment on the platform KDE Plasma, GNOME, LXDE, MATE and Xfce. The basic delivery contains more than 60 training packages.

Removing NVIDIA drivers

On February 27, 2016, it became known about the results of the proceedings initiated by the Software Freedom Conservancy (SFC) regarding the delivery of a module with a ZFS file system implementation as part of Ubuntu Linux^[12].

The very fact of the proceedings drew attention to the issue of the legality of the supply of proprietary drivers as part of distributions. The developers of the Debian project considered placing proprietary NVIDIA drivers in the project repositories and came to the conclusion that a possible violation of the GPLv2 license, according to which the Linux kernel is distributed, when supplying ready-made assemblies in the distribution kit.

The nvidia-graphics-modules package and all packages based on it with nvidia-kernel- * kernel modules have been removed from the Debian non-free repository (packages have been manually removed from Unstable, they will be removed from Testing and other branches or replaced with stubs after verification).

Nvidia-kernel-dkms and nvidia-kernel-source packages are left as part of the distribution and can be used to assemble the module for NVIDIA drivers from the source code. The distribution also contains an nvidia-graphics-drivers package with a script that downloads and installs drivers from the NVIDIA website. When trying to install the nvidia-driver package, nvidia-kernel-dkms will be automatically selected.

To comply with the requirements of the GPL license, manufacturers of proprietary drivers load a layered module into the kernel, the code of which is open and distributed under the GPLv2 license, but the functions are limited to loading closed driver components designed in the form of a binary blob. Until now, such a bypass maneuver was considered acceptable and suited all interested parties, both kernel developers and driver manufacturers. The court is examining the case against VMware, in which the Software Freedom Conservancy is trying to prove the illegality of embedding components in the Linux kernel through binding modules under the GPL license.

In the case of VMware, the vmklinux layer module is used to organize access of proprietary components to the kernel API related to the EXPORT_SYMBOL_GPL area, the use of calls in which is perceived as creating a derivative of the work that should be supplied under the GPL. In the case of NVIDIA, the layered module loaded into the kernel is used to translate binary blob access to such kernel tools (not related to EXPORT_SYMBOL_GPL) as procfs, CPU and seq_file hot-plug tracking mechanisms, as well as to create bindings over console_lock and console_unlock calls.

The Debian solution is only related to the delivery of ready-made binary assemblies of proprietary drivers. There is no talk of GPL violation at the source code distribution level of the binding module. If we compare the situation with the delivery of the zfs.ko module, it is distributed under the CDDL license, which imposes requirements that differ from the GPL and does not allow the replacement of the final product license for the GPL, which makes it impossible to jointly distribute the zfs.ko module and the Linux kernel. In relation to the NVIDIA driver, its license prohibits decompiling, does not give the right to access the code and does not allow replacing the license of the final product - by analogy with ZFS, the license for the NVIDIA driver does not allow legally organizing the supply of a combined product with the GPL.

Debian 8.3

On January 23, 2016, the third Debian 8.3 correction update was released, which included all released package updates, and bugs in the installer were eliminated. It includes 108 updates that fix stability problems and 101 updates - fix vulnerabilities^[13].

Debian 8.3 installation builds are available for download. Previously installed and up-to-date systems receive updates present in Debian 8.3 through the standard update installation system. Security fixes included in Debian 8.3 are available to users as updates are released through the service security.debian.org.

Some changes

• Compared to the previous update, the following packages are excluded from the list:
  • core-network - deleted due to security issues;
  • elasticsearch - no longer supported;
  • googlecl - not working, as it is tied to an outdated API;
  • libnsbmp - not supported, security issues;
  • libnsgif - not supported, security issues;
  • vimperator - not compatible with new versions of iceweasel browser.

• The installer has resumed support for QNAP TS-x09 network drives, added images from u-boot for embedded computers, added a part_gpt module module to grub, added a hot key "s" to go to the UEFI x86 boot menu;
• The set of certification center certificates supported by the Mozilla project has been updated to issue 2.6;
• Exim4 fixed the crash when processing MIME ACL and solved problems with duplicate deliveries when using TLS;
• In exfat-utils and fuse-exfat, looping is eliminated;
• Updated microcode for Intel processors;
• Iptables-persistent rules are no longer readable by all users;
• The hyperv-daemons package has been added to linux-tools;
• mdadm fixes problems encountered when booting from degraded RAID;
• Updated versions of proprietary NVIDIA drivers;
• When calling openvpn from if-up.d, the "--no-block" flag is used, which solves problems with freezing at boot, if it is impossible to raise the VPN;
• PHP updated to release 5.6.17;
• PostgreSQL updated to release 9.1.19;
• VLC updated to release 2.2.1;
• WebKitGTK has been updated to release 2.4.9.

2015

Debian 8.0 "Jessie" is scheduled for release on April 25, 2015

On March 31, 2015, the Debian project developers approved the release date for Debian 8.0 "Jessie."^[14].

The release is scheduled for April 25, 2015. The date can only be changed if really critical problems are identified, the text of the press release emphasizes.

As of March 31, 2015, 44 RC errors in key packages and 23 errors in regular packages remain uncorrected (if the problems are not resolved by April 18, 2015, these packages will not be included in the release), the developers said.

Screenshot of the user's desktop in Debian 8.0 "Jessie," 2014

Debian 8.1 corrective release released

June 8, 2015 introduced the first corrective update - Debian 8.1^[15].

It includes all released package updates and fixes flaws in the installer.

Starting with Debian Wheezy, the release numbering scheme has been changed - the first digit in the version number is now associated with significant releases, the second with corrective updates. Debian 8.1 includes 75 updates that fix stability problems and 38 updates that fix vulnerabilities.

Changes:

• adding a hardware description of SheevaPlug, SheevaPlug eSATA, and GuruPlug devices to the installer.

• Updating the Linux kernel to build 3.16.7-ctk11 to fix the problem with data corruption in the ext4 file system.

• Updating the libata blacklist to exclude the use of TRIM on Samsung SSD 850 Pro.
• APM Mustang provides support for the XHCI USB controller.
• Tasksel for task-xfce-desktop has the choice of evince-gtk or evince, which allows you to use GNOME and Xfce sets at the same time.
• The DBus configuration has been changed to use only external authentication on the session bus (passing authentication parameters through kernel tools), as is done for the system bus.

Debian 8.1 installation builds are available for download. Previously installed and up-to-date systems receive updates present in Debian 8.1 through a standard update installation system.

Security fixes included in Debian 8.1 are available to users as updates are released through the service security.debian.org.

Debian will not support SPARC architecture

On July 27, 2015, it became known that Debian GNU/Linux developers refused to support the SPARC^[16].

Debian GNU/Linux developers announced the end of support for the SPARC architecture and its removal from the Debian package archive, including from the unstable, experimental and jessie-updates repositories. The changes relate only to the sparc architecture abandoned and not included in Debian Jessie, the development of the sparc64 architecture will continue in full (sparc will be replaced by the sparc64 port).

Features

Many distributions are based on Debian, including Ubuntu, MEPIS, Dreamlinux, Damn Small Linux, Xandros, Knoppix, BackTrack, Linspire, sidux, Kanotix, Parsix and among others LinExothers.

Debian has a wealth of capabilities. The current stable version includes over twenty-five thousand software packages for twelve architectures from Intel/AMD 32-bit/64-bit, widely used in personal computers, to ARM, usually used in embedded systems and IBM System z. The distinctive features of Debian are the APT Package Management System, repositories with a huge number of packages, a strict policy towards packages, and the high quality of released versions. This made it possible to easily upgrade between versions, as well as automatically install and uninstall packages.

The standard Debian installation uses the GNOME desktop environment, which includes a set of popular programs such as OpenOffice.org, Iceweasel (Firefox modification), Evolution mail program, CD/DVD recording programs, music and video players, image viewing and editing programs and PDF document viewing programs. There are also CD images collected from KDE, Xfce and LXDE. [6] Installation discs (in the amount of five DVDs or more than thirty CDs) contain all available and not necessarily necessary packages for standard installation. The network installation method uses a CD that is smaller than a regular installation CD/DVD. It contains only what is necessary to start the installer and download the packages selected during installation through APT. CD/DVD images can be freely downloaded through BitTorrent, jigdo, or purchased from one of the Debian CD vendors.

Supported architectures

The current stable version is officially ported to the following architectures:

• i386 - x86 architecture, designed for Intel-compatible 32-bit processors
  * amd64 - x86-64 architecture designed for Intel/AMD 64-bit processors *
  alpha - DEC Alpha *
  sparc architecture - Sun SPARC architecture for Sun4m systems, Sun4u and Sun4v *
  arm, armel - ARM architecture for Risc PC and various embedded systems *
  powerpc - PowerPC architecture *
  hppa - HP PA-RISC architecture * ia64
  - Intel Itanium architecture (IA-64) * mips,
  mipsel - MIPS architecture (big-endian and little-endian) * s390
  - IBM ESA/390 * m68k architecture -
  Motorola 68k architecture for Amiga, Atari, Macintosh and other embedded VME systems
  

Terms

Debian's social contract, first concluded in 1997 and updated in 2004, includes the Debian Criteria for determining free software. It allows us to argue that Debian GNU/Linux is one of the most free of the popular operating systems.

Debian's criteria for freedom do not fully match those of the Free Software Foundation (FSF).

For example, in the Debian project, it is accepted that the GNU FDL license is not free if it is used with unchanged sections, and the Free Art license, which FSF considers free licenses for documentation and works of art [14]. At the same time, Debian, like OSI, considers Artistic License 1.0, which FSF considers to be poorly written, and therefore not free, to be free.

FSF does not allow significant help in using proprietary software, and Debian provides users of non-free software with space for, servers mailing lists, etc. At the same time, FSF does not require complete freedom for non-functional content (for example, graphics in a game or political speech), and Debian places such non-free content in a section with other non-free components.

Sometimes Debian votes to decide what to do with non-free components:

• 2004: On discontinuing support for the non-free section for the next release: left
  . * 2006: On solving the firmware problem without source code (blob) in the kernel, and Etch release date: Release not delayed. *
  2008: On solving the firmware problem without source code and Lenny release date: Consider blobs non-violating the GPL until proven otherwise.
  

Iz‐za these differences, some free software adherents believe that Debian operating systems are unworthy of the title of free, and instead support gNewSense

Notes

Links

Official International Website