Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-gwn

From: Chris Gianelloni <wolf31o2@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 27 November 2006
Date: Fri, 01 Dec 2006 03:41:40
Message-Id: 1164937868.9838.10.camel@inertia.twi-31o2.org
1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2 Gentoo Weekly Newsletter
3 http://www.gentoo.org/news/en/gwn/20061127-newsletter.xml
4 This is the Gentoo Weekly Newsletter for the week of 27 November 2006.
5 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
6
7 ==============
8 1. Gentoo News
9 ==============
10
11 x86/i586 stages available
12 -------------------------
13
14 The Gentoo Release Engineering[1] project is proud to announce that new
15 stages for x86 have been released. These stages are currently only available
16 via the Gentoo mirrors[2], but plans are underway to add them to the torrent
17 tracker, also. These new stages include stages 2 and 3 for both the x86
18 (i386) and i586 subarchitectures built against the default-linux/x86/no-nptl
19 profile, as well as stages 2 and 3 for i586 built against the
20 default-linux/x86/2006.1 profile.
21
22 1. http://www.gentoo.org/proj/en/releng
23 2. http://www.gentoo.org/main/en/mirrors.xml
24
25 You can find these new stages under /releases/x86/2006.1/stages on your
26 local Gentoo mirror.
27
28 Experimental LiveCD images for Alpha/PPC
29 ----------------------------------------
30
31 Along with the new stages for x86, Release Engineering has also released two
32 experimental ISO images. These images are built in the same manner as the
33 x86 and amd64 LiveCD for 2006.1, using the same snapshot. The images should
34 be fully-functional LiveCDs for both platforms. If you're wanting to try
35 these out, please grab them from your local mirror under /experimental and
36 file bugs, as always, to the Gentoo bug tracker[3].
37
38 3. http://bugs.gentoo.org/enter_bug.cgi?product=Gentoo%20Release%20Media
39
40 Note: We are aware that the Gentoo Linux Installer is not functional on
41 these LiveCD images, as the Installer had not yet been ported to them. The
42 main purpose of these images is as a testing ground and development platform
43 for the Installer, as well as testing for the LiveCD process on new
44 architectures.
45
46 GNOME 2.16 stable
47 -----------------
48
49 The Gentoo GNOME team[4] is working to stabilize GNOME-2.16.2. This is an
50 upgrade from the current 2.14 stable version of GNOME. Please consult the
51 GNOME 2.16 Upgrade Guide[5] before upgrading. If you wish to track the
52 stabilization efforts, you can follow bug 156572[6] for gtk+-2.10
53 stabilization and bug 156662[7] for GNOME-2.16 stabilization.
54
55 4. http://www.gentoo.org/proj/en/desktop/gnome
56 5. http://www.gentoo.org/proj/en/desktop/gnome/howtos/gnome-2.16-upgrade.xml
57 6. http://bugs.gentoo.org/show_bug.cgi?id=156572
58 7. http://bugs.gentoo.org/show_bug.cgi?id=156662
59
60 There are several major improvements in this upgrade:
61
62 * powerful new note-taking application
63 * enhanced menu editing
64 * tool to get a better overview of your hard disk space
65 * improved integrated power management support
66 * improved media web browsing
67 * improved themes
68 * improved memory usage
69
70 To find out in detail what coolness you can expect from this major upgrade,
71 head over to the GNOME 2.16 page[8] and read the Release Notes.
72
73 8. http://www.gnome.org/start/2.16/
74
75 virtual/mysql Introduced
76 ------------------------
77
78 In order to adjust to changes in upstream release policies, the former
79 dev-db/mysql has been split into dev-db/mysql-community and dev-db/mysql.
80 The new virtual/mysql depends on the presence of either
81 dev-db/mysql-community or dev-db/mysql.
82
83 If emerge complains about needing virtual/mysql, just install it. Assuming
84 you already have mysql or mysql-community installed, there's no compiling
85 required.
86
87 If you don't want the greatest stable version, but want to stay at mysql
88 4.x, for example, be sure to mask >=virtual/mysql-4.1, >=dev-db/mysql-4.1
89 and >=dev-db/mysql-community-4.1 in /etc/portage/package.mask.
90
91 If you want to compile mysql client-only, you need to use the minimal USE
92 flag.
93
94 =========================
95 2. Heard in the community
96 =========================
97
98 gentoo-user
99 -----------
100
101 Coldplug deprecated by udev-103 update? / udev and coldplug blocking each
102 other!
103
104 Two different users found themselves concerned by the recent demise of
105 coldplug, the package which formerly handled devices which are already
106 connected at the time the system is booted. Peter K was assured that he'd
107 read his emerge --sync output correctly and that, as of udev 103, coldplug
108 was indeed gone.
109
110 Hans de Hertog found himself more concerned by the mutual blocks that udev
111 and coldplug seemed to have thrown up:
112
113 +---------------------------------------------------------------------------+
114 | Code Listing 2.1 |
115 | blocker output |
116 +---------------------------------------------------------------------------+
117 | [blocks B ] >=sys-fs/udev-089 (is blocking sys-apps/coldplug-20040920-r1) |
118 | [blocks B ] sys-apps/coldplug (is blocking sys-fs/udev-103) |
119 | [ebuild U ] sys-fs/udev-103 [087-r1] USE="(-selinux)" 195 kB |
120 +---------------------------------------------------------------------------+
121
122 Hans was assured that the recently stabilized udev 103 was an entire
123 replacement for coldplug. Plucking up his courage, he unmerged coldplug,
124 merged udev 103 and cleaned up by deleting /etc/init.d/coldplug and running
125 rc-update del coldplug. As a bonus, he discovered it was no longer necessary
126 to edit /lib/rcscripts/addons/udev-start.sh to have udev handle
127 coldplugging.
128
129 * http://archives.gentoo.org/gentoo-user/msg_104287.xml
130 * http://archives.gentoo.org/gentoo-user/msg_104286.xml
131
132 Where is DISPLAYMANAGER="gdm" now?
133
134 Mark Knecht had just completed his GCC 4 upgrade and discovered that the
135 DISPLAYMANAGER="gdm" statement was no longer in /etc/rc.conf. To what file
136 it had been spirited away?
137
138 To /etc/conf.d/xdm although (as noted in /etc/conf.d/xdm) setting
139 DISPLAYMANAGER in /etc/rc.conf overrides /etc/conf.d/xdm.
140
141 Mark thanked all the responders and noted that he'd be using /etc/conf.d/xdm
142 as he wanted to do it the Gentoo way.
143
144 * http://archives.gentoo.org/gentoo-user/msg_104230.xml
145
146 gentoo-amd64
147 ------------
148
149 Interrupting portage gracefully
150
151 Peter Humphreys wanted to know if there was a command to make portage stop
152 compiling at the end of the current package. He'd been running compiles
153 overnight, but was bothered by the fan noise.
154
155 Christoph Mende suggested terminating the compile with Control-C and running
156 emerge --resume the next day. Various readers proposed using suspend to disk
157 or suspend to RAM and picking up right where you left off the next morning.
158
159 Peter Davoust uses emerge [package] && init 0, although conceding it leaves
160 the machine running if the package fails to compile. Others suggested emerge
161 [package] ; shutdown -h now. This has the opposite problem to Peter's
162 solution, since the machine will shutdown even if the package fails to
163 compile. It thus requires review of logs in the morning to know whether the
164 package was built or not.
165
166 * http://archives.gentoo.org/gentoo-amd64/msg_14306.xml
167
168 =========================
169 3. Gentoo developer moves
170 =========================
171
172 Moves
173 -----
174
175 The following developers recently left the Gentoo project:
176
177 * Anders Rune Jensen (arj)
178
179 Adds
180 ----
181
182 The following developers recently joined the Gentoo project:
183
184 * Charlie Shepherd (masterdriverz) kernel team
185
186 Changes
187 -------
188
189 The following developers recently changed roles within the Gentoo project:
190
191 * none this week
192
193 ==================
194 4. Gentoo security
195 ==================
196
197 TikiWiki: Multiple vulnerabilities
198 ----------------------------------
199
200 TikiWiki allows for the disclosure of MySQL database authentication
201 credentials and for cross-site scripting attacks.
202
203 For more information, please see the GLSA Announcement[9]
204
205 9. http://www.gentoo.org/security/en/glsa/glsa-200611-11.xml
206
207 Ruby: Denial of Service vulnerability
208 -------------------------------------
209
210 The Ruby cgi.rb CGI library is vulnerable to a Denial of Service attack.
211
212 For more information, please see the GLSA Announcement[10]
213
214 10. http://www.gentoo.org/security/en/glsa/glsa-200611-12.xml
215
216 Avahi: "netlink" message vulnerability
217 --------------------------------------
218
219 Avahi fails to verify the origin of netlink messages, which could allow
220 local users to spoof network changes.
221
222 For more information, please see the GLSA Announcement[11]
223
224 11. http://www.gentoo.org/security/en/glsa/glsa-200611-13.xml
225
226 TORQUE: Insecure temporary file creation
227 ----------------------------------------
228
229 TORQUE creates temporary files in an insecure manner which could lead to the
230 execution of arbitrary code with elevated privileges.
231
232 For more information, please see the GLSA Announcement[12]
233
234 12. http://www.gentoo.org/security/en/glsa/glsa-200611-14.xml
235
236 qmailAdmin: Buffer overflow
237 ---------------------------
238
239 qmailAdmin is vulnerable to a buffer overflow that could lead to the remote
240 execution of arbitrary code.
241
242 For more information, please see the GLSA Announcement[13]
243
244 13. http://www.gentoo.org/security/en/glsa/glsa-200611-15.xml
245
246 Texinfo: Buffer overflow
247 ------------------------
248
249 Texinfo is vulnerable to a buffer overflow that could lead to the execution
250 of arbitrary code.
251
252 For more information, please see the GLSA Announcement[14]
253
254 14. http://www.gentoo.org/security/en/glsa/glsa-200611-16.xml
255
256 fvwm: fvwm-menu-directory fvwm command injection
257 ------------------------------------------------
258
259 A flaw in fvwm-menu-directory may permit a local attacker to execute
260 arbitrary commands with the privileges of another user.
261
262 For more information, please see the GLSA Announcement[15]
263
264 15. http://www.gentoo.org/security/en/glsa/glsa-200611-17.xml
265
266 TIN: Multiple buffer overflows
267 ------------------------------
268
269 Multiple buffer overflows have been reported in TIN, possibly leading to the
270 execution of arbitrary code.
271
272 For more information, please see the GLSA Announcement[16]
273
274 16. http://www.gentoo.org/security/en/glsa/glsa-200611-18.xml
275
276 ImageMagick: PALM and DCM buffer overflows
277 ------------------------------------------
278
279 ImageMagick improperly handles PALM and DCM images, potentially resulting in
280 the execution of arbitrary code.
281
282 For more information, please see the GLSA Announcement[17]
283
284 17. http://www.gentoo.org/security/en/glsa/glsa-200611-19.xml
285
286 GNU gv: Stack overflow
287 ----------------------
288
289 GNU gv improperly handles user-supplied data possibly allowing for the
290 execution of arbitrary code.
291
292 For more information, please see the GLSA Announcement[18]
293
294 18. http://www.gentoo.org/security/en/glsa/glsa-200611-20.xml
295
296 ============================
297 5. Upcoming package removals
298 ============================
299
300 This is a list of packages that have been announced to be removed in the
301 future. The package removals come from many locations, including the
302 Treecleaners[19] and various developers.
303
304 19. http://www.gentoo.org/proj/en/qa/treecleaners
305
306 Last Rites:
307 -----------
308
309 Package: Removal date: Contact:
310 dev-perl/Msql-Mysql-modules 20 Dec 06 Michael Cummings[20]
311 net-nds/migrationtools 21 Dec 06 Robin H. Johnson[21]
312 net-ftp/kbear 25 Dec 06 Charlie Shepherd[22]
313
314 20. mcummings@g.o
315 21. robbat2@g.o
316 22. masterdriverz@g.o
317
318 ===========
319 6. Bugzilla
320 ===========
321
322 Summary
323 -------
324
325 * Statistics
326 * Closed bug ranking
327 * New bug rankings
328
329 Statistics
330 ----------
331
332 The Gentoo community uses Bugzilla (bugs.gentoo.org[23]) to record and track
333 bugs, notifications, suggestions and other interactions with the development
334 team. Between 19 November 2006 and 26 November 2006, activity on the site
335 has resulted in:
336
337 23. http://bugs.gentoo.org
338
339 * 632 new bugs during this period
340 * 352 bugs closed or resolved during this period
341 * 21 previously closed bugs were reopened this period
342 * 114 closed as NEEDINFO/WONTFIX/CANTFIX/INVALID/UPSTREAM during this
343 period
344 * 172 bugs marked as duplicates during this period
345
346 Of the 10878 currently open bugs: 27 are labeled 'blocker', 107 are labeled
347 'critical', and 478 are labeled 'major'.
348
349 Closed bug rankings
350 -------------------
351
352 The developers and teams who have closed the most bugs during this period
353 are:
354
355 * AMD64 Project[24], with 28 closed bugs[25]
356 * Gentoo KDE team[26], with 25 closed bugs[27]
357 * Default Assignee for Orphaned Packages[28], with 19 closed bugs[29]
358 * Java team[30], with 18 closed bugs[31]
359 * Gentoo Security[32], with 16 closed bugs[33]
360 * Hanno Boeck[34], with 11 closed bugs[35]
361 * Gentoo Linux Gnome Desktop Team[36], with 11 closed bugs[37]
362 * PPC Porters[38], with 8 closed bugs[39]
363
364 24. amd64@g.o
365 25. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=amd64@g.o
366 26. kde@g.o
367 27. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=kde@g.o
368 28. maintainer-needed@g.o
369 29. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=maintainer-needed@g.o
370 30. java@g.o
371 31. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=java@g.o
372 32. security@g.o
373 33. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=security@g.o
374 34. hanno@g.o
375 35. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=hanno@g.o
376 36. gnome@g.o
377 37. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=gnome@g.o
378 38. ppc@g.o
379 39. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-11-19&chfieldto=2006-11-26&resolution=FIXED&assigned_to=ppc@g.o
380
381 New bug rankings
382 ----------------
383
384 The developers and teams who have been assigned the most new bugs during
385 this period are:
386
387 * Default Assignee for New Packages[40], with 26 new bugs[41]
388 * AMD64 Project[24], with 10 new bugs[42]
389 * Gentoo Sound Team[43], with 8 new bugs[44]
390 * Gentoo Toolchain Maintainers[45], with 7 new bugs[46]
391 * Default Assignee for Orphaned Packages[28], with 7 new bugs[47]
392 * Gentoo Games[48], with 7 new bugs[49]
393 * Jan Kundrát[50], with 6 new bugs[51]
394 * Java team[30], with 6 new bugs[52]
395
396 24. amd64@g.o
397 28. maintainer-needed@g.o
398 30. java@g.o
399 40. maintainer-wanted@g.o
400 41. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=maintainer-wanted@g.o
401 42. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=amd64@g.o
402 43. sound@g.o
403 44. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=sound@g.o
404 45. toolchain@g.o
405 46. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=toolchain@g.o
406 47. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=maintainer-needed@g.o
407 48. games@g.o
408 49. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=games@g.o
409 50. jkt@g.o
410 51. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=jkt@g.o
411 52. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-11-19&chfieldto=2006-11-26&assigned_to=java@g.o
412
413 ===============
414 7. GWN feedback
415 ===============
416
417 The GWN is staffed by volunteers and members of the community who submit
418 ideas and articles. If you are interested in writing for the GWN, have
419 feedback on an article that we have posted, or just have an idea or article
420 that you would like to submit to the GWN, please send us your feedback[53]
421 and help make the GWN better.
422
423 53. gwn-feedback@g.o
424
425 ===============================
426 8. GWN subscription information
427 ===============================
428
429 To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
430 gentoo-gwn+subscribe@g.o.
431
432 To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
433 gentoo-gwn+unsubscribe@g.o from the e-mail address you are subscribed
434 under.
435
436 ==================
437 9. Other languages
438 ==================
439
440 The Gentoo Weekly Newsletter is also available in the following languages:
441
442 * Chinese (Simplified)[54]
443 * Danish[55]
444 * Dutch[56]
445 * English[57]
446 * German[58]
447 * Greek[59]
448 * French[60]
449 * Korean[61]
450 * Japanese[62]
451 * Italian[63]
452 * Polish[64]
453 * Portuguese (Brazil)[65]
454 * Portuguese (Portugal)[66]
455 * Russian[67]
456 * Slovak[68]
457 * Spanish[69]
458 * Turkish[70]
459
460 54. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml
461 55. http://www.gentoo.org/news/da/gwn/gwn.xml
462 56. http://www.gentoo.org/news/nl/gwn/gwn.xml
463 57. http://www.gentoo.org/news/en/gwn/gwn.xml
464 58. http://www.gentoo.org/news/de/gwn/gwn.xml
465 59. http://www.gentoo.org/news/el/gwn/gwn.xml
466 60. http://www.gentoo.org/news/fr/gwn/gwn.xml
467 61. http://www.gentoo.org/news/ko/gwn/gwn.xml
468 62. http://www.gentoo.org/news/ja/gwn/gwn.xml
469 63. http://www.gentoo.org/news/it/gwn/gwn.xml
470 64. http://www.gentoo.org/news/pl/gwn/gwn.xml
471 65. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
472 66. http://www.gentoo.org/news/pt/gwn/gwn.xml
473 67. http://www.gentoo.org/news/ru/gwn/gwn.xml
474 68. http://www.gentoo.org/news/sk/gwn/gwn.xml
475 69. http://www.gentoo.org/news/es/gwn/gwn.xml
476 70. http://www.gentoo.org/news/tr/gwn/gwn.xml
477
478 Ulrich Plate <plate@g.o> - Editor
479 Chris Atkinson <thirtyyearswar@××××××××××.com> - Author
480 Mart Raudsepp <leio@g.o> - Author
481 Chris Gianelloni <wolf31o2@g.o> - Author
482
483
484 --
485 gentoo-gwn@g.o mailing list
Report Message
Find on MARC Find on Google Groups