Gentoo Archives: gentoo-gwn

From: Chris Gianelloni <wolf31o2@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 14 August 2006
Date: Thu, 24 Aug 2006 12:42:45
Message-Id: 1156371936.9229.34.camel@inertia.twi-31o2.org
1 ---------------------------------------------------------------------------
2 Gentoo Weekly Newsletter
3 http://www.gentoo.org/news/en/gwn/current.xml
4 This is the Gentoo Weekly Newsletter for the week of 14 August 2006.
5 ---------------------------------------------------------------------------
6
7 ==============
8 1. Gentoo news
9 ==============
10
11 Linux World Conference and Expo - San Francisco
12 -----------------------------------------------
13
14 The Linux World Conference and Expo[1] kicks off this week in San
15 Francisco. As usual, Gentoo will have a booth in the '.Org Pavillion'.
16 The
17 booth will be located between the GNOME and KDE projects. Gentoo will
18 be
19 showing the upcoming 2006.1 release as well as several architectures.
20 This
21 is a good opportunity to meet several Gentoo developers from across the
22 United States.
23
24 1. http://www.linuxworldexpo.com/live/12/events/12SFO06A
25
26 The Expo floor is open from 15 August 2006 through 17 August 2006.
27
28 OSL Rackathon
29 -------------
30
31 The Oregon State University Open Source Lab[2] is conducting a
32 fundraiser,
33 called Rackathon[3], to raise money for the project. The OSL hosts a
34 large
35 portion of the Gentoo infrastructure, several developer boxes, and
36 provides the primary Gentoo mirror. They also host many other open
37 source
38 projects. Gentoo was the OSL's first client and is among the largest.
39 Money raised will help cover the costs of this free hosting as well as
40 other costs incurred by the project. Donations of 20 USD gets your name
41 on
42 a rack in the OSL for an entire year!
43
44 2. http://osuosl.org
45 3. http://osuosl.org/contribute/rackathon
46
47 Donations to the OSL will help fund further Gentoo hosting and many
48 other
49 open source projects.
50
51 PyBugz - Python interface to Bugzilla
52 -------------------------------------
53
54 Gentoo developer Alastair Tse[4] has created a Python-based command
55 line
56 interface to the Bugzilla issue tracking system. First conceived as a
57 tool
58 to speed up the workflow for Gentoo developers, PyBugz[5] has been
59 tested
60 on the XenSource and GNOME Bugzilla trackers, also.
61
62 4. liquidx@g.o
63 5. http://www.liquidx.net
64
65 Gentoo users can install PyBugz by simply using emerge pybugz.
66
67 ======================
68 2. Gentoo in the press
69 ======================
70
71 Linux.com (11 Aug 2006)
72 -----------------------
73
74 Linux.com[6] has published an article, entitled 'Gentoo Portage
75 Secrets[7]'. The article gives some helpful hints on how to utilize new
76 features in portage 2.1 to optimize your Gentoo usage.
77
78 6. http://www.linux.com
79 7. http://www.linux.com/article.pl?sid=06/08/07/1952207
80
81 =========================
82 3. Gentoo developer moves
83 =========================
84
85 Moves
86 -----
87
88 The following developers recently left the Gentoo project:
89
90 * none this week
91
92 Adds
93 ----
94
95 The following developers recently joined the Gentoo project:
96
97 * none this week
98
99 Changes
100 -------
101
102 The following developers recently changed roles within the Gentoo
103 project:
104
105 * none this week
106
107 ==================
108 4. Gentoo security
109 ==================
110
111 x11vnc: Authentication bypass in included LibVNCServer code
112 -----------------------------------------------------------
113
114 VNC servers created with x11vnc accept insecure protocol types, even
115 when
116 the server does not offer it, resulting in the possibility of
117 unauthorized
118 access to the server.
119
120 For more information, please see the GLSA Announcement[8]
121
122 8. http://www.gentoo.org/security/en/glsa/glsa-200608-12.xml
123
124 ClamAV: Heap buffer overflow
125 ----------------------------
126
127 ClamAV is vulnerable to a heap-based buffer overflow resulting in a
128 Denial
129 of Service and potentially remote execution of arbitrary code.
130
131 For more information, please see the GLSA Announcement[9]
132
133 9. http://www.gentoo.org/security/en/glsa/glsa-200608-13.xml
134
135 DUMB: Heap buffer overflow
136 --------------------------
137
138 A heap-based buffer overflow in DUMB could result in the execution of
139 arbitrary code.
140
141 For more information, please see the GLSA Announcement[10]
142
143 10. http://www.gentoo.org/security/en/glsa/glsa-200608-14.xml
144
145 MIT Kerberos 5: Multiple local privilege escalation vulnerabilities
146 -------------------------------------------------------------------
147
148 Some applications shipped with MIT Kerberos 5 are vulnerable to local
149 privilege escalation.
150
151 For more information, please see the GLSA Announcement[11]
152
153 11. http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml
154
155 Warzone 2100 Resurrection: Multiple buffer overflows
156 ----------------------------------------------------
157
158 Warzone 2100 Resurrection server and client are vulnerable to separate
159 buffer overflows, potentially allowing remote code execution.
160
161 For more information, please see the GLSA Announcement[12]
162
163 12. http://www.gentoo.org/security/en/glsa/glsa-200608-16.xml
164
165 libwmf: Buffer overflow vulnerability
166 -------------------------------------
167
168 libwmf is vulnerable to an integer overflow potentially resulting in
169 the
170 execution of arbitrary code.
171
172 For more information, please see the GLSA Announcement[13]
173
174 13. http://www.gentoo.org/security/en/glsa/glsa-200608-17.xml
175
176 Net::Server: Format string vulnerability
177 ----------------------------------------
178
179 A format string vulnerability has been reported in Net::Server which
180 can
181 be exploited to cause a Denial of Service.
182
183 For more information, please see the GLSA Announcement[14]
184
185 14. http://www.gentoo.org/security/en/glsa/glsa-200608-18.xml
186
187 WordPress: Privilege escalation
188 -------------------------------
189
190 A flaw in WordPress allows registered WordPress users to elevate
191 privileges.
192
193 For more information, please see the GLSA Announcement[15]
194
195 15. http://www.gentoo.org/security/en/glsa/glsa-200608-19.xml
196
197 ===========
198 5. Bugzilla
199 ===========
200
201 Summary
202 -------
203
204 * Statistics
205 * Closed bug ranking
206 * New bug rankings
207
208 Statistics
209 ----------
210
211 The Gentoo community uses Bugzilla (bugs.gentoo.org[16]) to record and
212 track bugs, notifications, suggestions and other interactions with the
213 development team. Between 06 August 2006 and 13 August 2006, activity
214 on
215 the site has resulted in:
216
217 16. http://bugs.gentoo.org
218
219 * 780 new bugs during this period
220 * 385 bugs closed or resolved during this period
221 * 32 previously closed bugs were reopened this period
222
223 Of the 10879 currently open bugs: 47 are labeled 'blocker', 138 are
224 labeled 'critical', and 539 are labeled 'major'.
225
226 Closed bug rankings
227 -------------------
228
229 The developers and teams who have closed the most bugs during this
230 period
231 are:
232
233 * Gentoo Security[17], with 29 closed bugs[18]
234 * Gentoo Games[19], with 17 closed bugs[20]
235 * Portage team[21], with 16 closed bugs[22]
236 * GNU Emacs Herd[23], with 15 closed bugs[24]
237 * AMD64 Project[25], with 15 closed bugs[26]
238 * Xavier Neys[27], with 14 closed bugs[28]
239 * Michal Januszewski[29], with 11 closed bugs[30]
240 * Perl Devs @ Gentoo[31], with 11 closed bugs[32]
241 17. security@g.o
242 18.
243 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=security@g.o
244 19. games@g.o
245 20.
246 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=games@g.o
247 21. dev-portage@g.o
248 22.
249 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=dev-portage@g.o
250 23. emacs@g.o
251 24.
252 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=emacs@g.o
253 25. amd64@g.o
254 26.
255 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=amd64@g.o
256 27. neysx@g.o
257 28.
258 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=neysx@g.o
259 29. spock@g.o
260 30.
261 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=spock@g.o
262 31. perl@g.o
263 32.
264 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=perl@g.o
265
266
267 New bug rankings
268 ----------------
269
270 The developers and teams who have been assigned the most new bugs
271 during
272 this period are:
273
274 * Default Assignee for New Packages[33], with 46 new bugs[34]
275 * AMD64 Project[35], with 14 new bugs[36]
276 * Java team[37], with 12 new bugs[38]
277 * Gentoo Linux Gnome Desktop Team[39], with 10 new bugs[40]
278 * Default Assignee for Orphaned Packages[41], with 8 new bugs[42]
279 * Gentoo KDE team[43], with 7 new bugs[44]
280 * Perl Devs @ Gentoo[45], with 6 new bugs[46]
281 * X11 External Driver Maintainers[47], with 5 new bugs[48]
282 33. maintainer-wanted@g.o
283 34.
284 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=maintainer-wanted@g.o
285 35. amd64@g.o
286 36.
287 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=amd64@g.o
288 37. java@g.o
289 38.
290 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=java@g.o
291 39. gnome@g.o
292 40.
293 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=gnome@g.o
294 41. maintainer-needed@g.o
295 42.
296 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=maintainer-needed@g.o
297 43. kde@g.o
298 44.
299 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=kde@g.o
300 45. perl@g.o
301 46.
302 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=perl@g.o
303 47. x11-drivers@g.o
304 48.
305 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=x11-drivers@g.o
306
307
308 ===============
309 6. GWN feedback
310 ===============
311
312 Please send us your feedback[49] and help make the GWN better.
313
314 49. gwn-feedback@g.o
315
316 ===============================
317 7. GWN subscription information
318 ===============================
319
320 To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
321 gentoo-gwn+subscribe@g.o.
322
323 To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
324 gentoo-gwn+unsubscribe@g.o from the e-mail address you are
325 subscribed under.
326
327 ==================
328 8. Other languages
329 ==================
330
331 The Gentoo Weekly Newsletter is also available in the following
332 languages:
333
334 * Chinese (Simplified)[50]
335 * Danish[51]
336 * Dutch[52]
337 * English[53]
338 * German[54]
339 * French[55]
340 * Korean[56]
341 * Japanese[57]
342 * Italian[58]
343 * Polish[59]
344 * Portuguese (Brazil)[60]
345 * Portuguese (Portugal)[61]
346 * Russian[62]
347 * Spanish[63]
348 * Turkish[64]
349 50. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml
350 51. http://www.gentoo.org/news/da/gwn/gwn.xml
351 52. http://www.gentoo.org/news/nl/gwn/gwn.xml
352 53. http://www.gentoo.org/news/en/gwn/gwn.xml
353 54. http://www.gentoo.org/news/de/gwn/gwn.xml
354 55. http://www.gentoo.org/news/fr/gwn/gwn.xml
355 56. http://www.gentoo.org/news/ko/gwn/gwn.xml
356 57. http://www.gentoo.org/news/ja/gwn/gwn.xml
357 58. http://www.gentoo.org/news/it/gwn/gwn.xml
358 59. http://www.gentoo.org/news/pl/gwn/gwn.xml
359 60. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
360 61. http://www.gentoo.org/news/pt/gwn/gwn.xml
361 62. http://www.gentoo.org/news/ru/gwn/gwn.xml
362 63. http://www.gentoo.org/news/es/gwn/gwn.xml
363 64. http://www.gentoo.org/news/tr/gwn/gwn.xml
364
365
366 Ulrich Plate <plate@g.o> - Editor
367 Chris Gianelloni <wolf31o2@g.o> - Author
368
369
370
371 --
372 gentoo-gwn@g.o mailing list