Gentoo Archives: gentoo-gwn

From: Kurt Lieber <klieber@g.o>
To: gentoo-gwn@g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter -- Volume 2, Issue 14
Date: Mon, 07 Apr 2003 09:26:21
Message-Id: 20030407092258.GK7585@mail.lieber.org
1 ---------------------------------------------------------------------------
2 Gentoo Weekly Newsletter
3 http://www.gentoo.org/news/en/gwn/current.xml
4 This is the Gentoo Weekly Newsletter for the week of April 7th, 2003.
5 ---------------------------------------------------------------------------
6
7 ==============
8 1. Gentoo News
9 ==============
10
11 Summary
12 -------
13
14 * Yes, it was a joke
15 * Portage moves to a new, more secure format
16
17 Yes, it was a joke
18 ------------------
19
20 Last week's issue, which was conveniently delayed a day so it could be
21 released on April 1, contained a story about the adoption of the RPM
22 format for package management. The results of this April Fools' Joke were
23 far more successful than we had hoped for. (Some might argue it was too
24 successful) Needless to say, it was a joke and the Gentoo development team
25 has no plans to move away from the ebuild format as its standard means of
26 package management.
27
28 Now please stop sending us hate mail.
29
30 Portage moves to a new, more secure format
31 ------------------------------------------
32
33 As part of an overall effort to improve the security of Gentoo Linux, the
34 Portage development team is starting to implement some new features in
35 Portage which will allow for increased security in our package management
36 and distribution systems. One of the first new features that users will
37 notice is digests of every file involved in the merge process, including
38 ebuilds, patches and source tarballs. In addition to offering increased
39 security, these digests will help isolate and track down corrupt ebuilds
40 or other files on our rsync and source mirrors.
41
42 The next step in the process will be signing these digest files with a GPG
43 key to ensure non-repudiation. While there is still some discussion
44 amongst the development team on the best way to achieve this, the current
45 leading solution involves each developer signing ebuilds individually, and
46 then one master Gentoo "uberkey" signing all of the developer keys to
47 establish a Gentoo "web of trust". Developer keys will be made available
48 through public keyservers, as well as on www.gentoo.org[1]
49
50 1. http://www.gentoo.org
51
52 The goal of what has come to be known as "Secure Portage" is to provide a
53 robust package management system that offers end-to-end security in the
54 emerge process. As yet, there is no confirmed timeline on when the entire
55 system will become available, but the digesting portion is in testing now
56 and the rest will soon follow.
57
58 ==================
59 2. Gentoo Security
60 ==================
61
62 Summary
63 -------
64
65 * GLSA: sendmail
66 * GLSA: krb5 and mit-krb5
67 * GLSA: openafs
68 * GLSA: dietlibc
69 * New Security Bug Reports
70 * gentoo-security
71
72 GLSA: sendmail
73 --------------
74
75 The sendmail MTA has a stack overflow vulnerability in the way that it
76 checks email addresses. This vulnerability could be exploited remotely to
77 execute a DoS attack, gain control of the sendmail server, or potentially
78 execute arbitrary code under the privileges of the server (typically
79 root).
80
81 * Severity: Critical - Potential remote root compromise.
82 * Packages Affected: net-mail/sendmail versions prior to sendmail-8.12.9
83 * Rectification: Synchronize and emerge sendmail, emerge clean.
84 * GLSA Announcement[2]
85 * Advisory[3]
86
87 2. http://forums.gentoo.org/viewtopic.php?t=44892
88 3. http://www.cert.org/advisories/CA-2003-12.html
89
90
91 GLSA: krb5 and mit-krb5
92 -----------------------
93
94 Multiple vulnerabilities in the krb5 and mit-krb5 implementations of the
95 Kerberos authentication protocol have been identified. These include a
96 buffer overrun that permits a DoS attack on he Kerberos administration
97 daemon, a chosen-plaintext attack that permits impersonation of other
98 principals, and buffer overrun and underrun problems that permit unusual
99 names and hosts (which could be used in other attacks).
100
101 * Severity: Critical - Authentication compromise.
102 * Packages Affected: app-crypt/krb5 versions prior to krb5-1.2.7-r2 and
103 app-crypt/mit-krb5 versions prior to mit-krb5-1.2.7
104 * Rectification: Synchronize and emerge krb5 and/or mit-krb5, emerge
105 clean.
106 * GLSA Announcement[4]
107 * Advisory[5]
108
109 4. http://forums.gentoo.org/viewtopic.php?t=44893
110 5. http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-003-xdr.txt
111
112
113 GLSA: openafs
114 -------------
115
116 A cryptographic weakness in Kerberos 4 permits a chosen-plaintext attack
117 to impersonate other principals in the realm. The openafs distributed file
118 system uses Kerberos 4, and is consequently vulnerable to an impersonation
119 attack.
120
121 * Severity: Critical - Authentication compromise.
122 * Packages Affected: net-fs/openafs versions prior to openafs-1.3.2-r1
123 * Rectification: Synchronize and emerge openafs, emerge clean.
124 * GLSA Announcement[6]
125 * Advisory[7]
126
127 6. http://forums.gentoo.org/viewtopic.php?t=44890
128 7. http://www.openafs.org/pages/security/OPENAFS-SA-2003-001.txt
129
130
131 GLSA: dietlibc
132 --------------
133
134 The xdrmem_getbytes() function included in dietlibc contains an integer
135 overflow vulnerability that could be used by a remote attacker to execute
136 an rpc call that permits an exploit on the vulnerable service.
137
138 * Severity: High - Remote service exploit.
139 * Packages Affected: dev-libs/dietlibc versions prior to dietlibc-0.22-r1
140 * Rectification: Synchronize and emerge dietlibc, emerge clean.
141 * GLSA Announcement[8]
142 * Advisory[9]
143
144 8. http://forums.gentoo.org/viewtopic.php?t=44894
145 9. http://www.eeye.com/html/Research/Advisories/AD20030318.html
146
147
148 New Security Bug Reports
149 ------------------------
150
151 There were no new security bugs this week that are still outstanding.
152
153
154 gentoo-security
155 ---------------
156
157 Marcus Martin posted an idea[10] about including "emerge security"
158 functionality that would automatically update packages for which a GLSA
159 had been released. This prompted a fair bit of discussion, with the
160 consensus being that it was a good idea (albeit one that might not be
161 trivially easy to implement) and had already been documented as bug
162 #5835[11].
163
164 10. http://marc.theaimsgroup.com/?l=gentoo-security&m=104920408624890&w=2
165 11. http://bugs.gentoo.org/show_bug.cgi?id=5835
166
167 Chris Frey posted[12] a script for providing a set of md5sums on the
168 master portage server to allow gentooers to check for trojaned ebuilds.
169 This was proposed as a stopgap measure while we wait for signed ebuilds.
170 The post prompted some discussion, including criticism that it might
171 overburden servers and their administrators as well as potentially
172 redirect developer resources from a more robust final solution in portage.
173 The discussion was brought to a conclusion by Nicholas Jones' post[13]
174 which pointed out that the problem was moot because we would begin to see
175 a solution as early as portage-2.0.47.
176
177 12. http://marc.theaimsgroup.com/?l=gentoo-security&m=104873935409280&w=2
178 13. http://marc.theaimsgroup.com/?l=gentoo-security&m=104879793011018&w=2
179
180
181 =================================
182 3. Featured Developer of the Week
183 =================================
184
185 Seth Chandler
186
187 Everyone likes to complain about how slow OpenOffice[14] is, but it's
188 still one of the most full-featured and MS Office-compatible suites out
189 there. This week's featured developer, Seth Chandler[15], is in charge of
190 the openoffice and openoffice-bin packages, and also maintains keychain,
191 writes some docs, and is also one of the three PPC co-leads. His primary
192 duty - fixing bugs that crop up with OpenOffice - takes up most of his
193 time, but he also helps take up the slack when other developers go
194 missing. Seth began using Gentoo about two years ago, and was invited to
195 the Gentoo development team five months ago by Spanky, whom he knew from
196 school, because they needed someone to be in charge of OpenOffice. Through
197 his work with Gentoo, he has become a regular of IRC channels and mailing
198 lists related to OpenOffice, and has been contributing to OpenOffice's
199 IssueZilla[16] because Gentoo's bleeding-edge nature means that problems
200 are often noticed here before they are on other distributions.
201
202 14. http://www.OpenOffice.org/
203 15. sethbc@g.o
204 16. http://www.openoffice.org/project_issues.html
205
206 During the day, Seth is a student at Worcester Polytechnic Institute[17],
207 and will go to Cornell Law School once he graduates. His three computers
208 (a Dual P3, a Dual Athlon MP 2100, and a 15.2-inch Powerbook) all run
209 Gentoo, although the Mac dual boots with OS X. He runs Waimea-cvs and
210 qmail on all of his boxen, and his favorite apps include gaim-cvs,
211 xchat-2, kmail, aterm, and gkrellm. Both of his x86 machines run the
212 latest sources, which at the time of the interview was 2.5.65-mm2, but
213 when he's feeling spicy he'll run off a live BitKeeper repo.
214
215 17. http://www.wpi.edu/
216
217 Seth is a member of the Atlanta Braves[18] ground crew and has been
218 enjoying working down there for 15 years; his father is the team doctor.
219 He says he goes to school in the offseason.
220
221 18. http://atlanta.braves.mlb.com/
222
223 =========================
224 4. Heard In The Community
225 =========================
226
227 Web Forums
228 ----------
229
230 Slithering Along the Bleeding Edge
231
232 The development tree of the Linux kernel is advancing towards 2.6 rapidly,
233 and several threads in the forums are making clear that Gentooists are
234 pretty much following the development as closely as possible. Not without
235 the occasional problem, apparently...
236
237
238 * development kernel 2.5.66 what works / doesn't work for you?[19]
239 * Patches for mm-sources 2.5.66r3[20]
240
241 19. http://forums.gentoo.org/viewtopic.php?t=44859
242 20. http://forums.gentoo.org/viewtopic.php?t=45637
243
244 Best April Fool's Joke Ever
245
246 Check the first link in our list: The forums had actually predicted that
247 this would happen... But the threat of Portage's disappearance hit a nerve
248 in many faithful Gentoo users, and many went into shock for anything
249 between a split-second to several hours. They shouted abuse at their
250 screens or room mates, and threatened to start deleting their portage tree
251 before it dawned on them: They'd been had... And amidst the outrage over
252 Gentoo's alleged move to RPM, only a handful of Germans found the second
253 false news in last week's GWN.
254
255
256 * No GWN today?[21]
257 * Portage 2.1 moving to RPM[22]
258 * emerge -> rpm?[23] (German)
259 * Portage 2.1 e lsb[24] (Italian)
260 * Gentoo basé sur les rpm ???[25] (French)
261
262 21. http://forums.gentoo.org/viewtopic.php?t=44880
263 22. http://forums.gentoo.org/viewtopic.php?t=44980
264 23. http://forums.gentoo.org/viewtopic.php?t=45028
265 24. http://forums.gentoo.org/viewtopic.php?t=45646
266 25. http://forums.gentoo.org/viewtopic.php?t=45039
267      
268 gentoo-user
269 -----------
270      
271 Gentoo Corporate Usage?
272
273 With over 60 responses so far, this week's busiest thread on gentoo-user
274 asks about companies (preferably large ones) that are using Gentoo in a
275 production environment. Many people responded indicating they didn't feel
276 Gentoo was appropriate for a production environment, noting too many
277 problems with their own personal systems. Others indicated that Gentoo ran
278 quite happily in a production role, often serving upwards of 150,000
279 clients. The responses are obviously quite varied and, in many cases,
280 off-topic, but the thread does contain quite a few interesting insights
281 into the trials and tribulations of using Gentoo Linux in a production
282 environment.
283
284 * Survey: Gentoo Corporate Usage?[26]
285
286 26. http://marc.theaimsgroup.com/?t=104930176600004&r=3&w=2
287
288
289 Package management for non-ebuild software
290
291 Jan Drugowitsch asked about managing software packages installed outside
292 of Portage on a Gentoo Linux system. Responses were varied and helpful,
293 pointing to several open source projects which might fit the bill.
294
295 * Package management for non-ebuild software[27]
296
297 27.
298 http://marc.theaimsgroup.com/?l=gentoo-user&w=2&r=1&s=package+management+fo
299 r+non-ebuild&q=b
300
301
302 gentoo-dev
303 ----------
304
305 Portage Programming Question
306
307 Robin H. Johnson asked[28] about the availability of some documentation on
308 the Portage DB API and he received a nice surprise when he was told to
309 type python [RETURN] help() [RETURN] portage to get to Python's
310 interactive help.
311
312 28. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104900613027231&w=2
313
314 ACCEPT_KEYWORDS="~arch" equivalent?
315
316 Jani Monoses was wondering[29] if there is a more simple solution to the
317 use of the long ACCEPT_KEYWORDS="~arch" emerge package_name. Thomas M.
318 Beaudry chipped in[30] with the suggestion to use Bash aliases (see man
319 bash). And another Thomas contributed[31] with his alias definition alias
320 expmerge='ACCEPT_KEYWORDS="~x86" emerge'.
321
322 29. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104877565711737&w=2
323 30. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104877651312869&w=2
324 31. http://marc.theaimsgroup.com/?l=gentoo-dev&m=104877594312098&w=2
325
326 =======================
327 5. Gentoo International
328 =======================
329
330 A French Meta-Project for the Meta-Distribution
331
332 Gentoo France is re-emerging itself: After the establishment of
333 gentoofr.org[32] in July last year (and carefully maintaining their good
334 relations with the older project), a new organisation founded by Baptiste
335 Simon, Guillaume Morin and Mark Krauth called frgentoo.net is now
336 gathering supporters and activists willing to help with a new initiative
337 for French translations of Gentoo documentation and tutorials, organising
338 IRC channels and mailing lists, and generally wanting to round up more
339 than just the usual suspects. The new club wants to provide a whole range
340 of services around Gentoo Linux in France, and is determined to do things
341 right by the community from day one. frgentoo's first elections for all
342 posts in the association are going to be held by the end of the month,
343 candidate submissions for coordinator and project leader roles are
344 possible until 11 April, with the elections to be held by electronic vote
345 between 14 and 20 April.
346
347 32. http://gentoofr.org/
348
349 International Event Calender
350
351 While the Köln-Bonn community is still publicly discussing the agenda for
352 their first meeting, two events in the US have emerged at somewhat shorter
353 notice:
354
355 * USA: The University of Southern Mississippi in Hattiesburg is having a
356 "Gentoo Saturday" on 12 April. Development kernel performance and general
357 installation help will be at the center of the event, held on the
358 University's campus in the Bobby Chain Technology Building, Room 202
359 starting from 10:00 to 14:00. Check the corresponding forum thread[33],
360 further details are here[34].
361
362 * USA: If you happen to live in places with names like Metuchen, Old
363 Bridge or Hackensack, the first meeting of the New Jersey Gentoo Linux User
364 Group may well be what you've been waiting for. The happy NJ-GLUG lot has
365 agreed on the Cafe52 on Easton Avenue in New Brunswick as their venue for
366 the initial get-together, on 16 April at 20:00. Coordination for this
367 meeting is done via this forum thread[35].
368
369 * Germany14 May is now the official date for Gentoo users in the
370 Köln/Bonn region, and now they also have decided on a time (17:00) and a
371 venue: Hellers Brauhaus, Roonstrasse. Tell the others about your intentions
372 to come right here[36].
373
374 33. http://forums.gentoo.org/viewtopic.php?t=45616
375 34. http://www.99b.org/lug/gentoo.html
376 35. http://forums.gentoo.org/viewtopic.php?t=42874
377 36. http://forums.gentoo.org/viewtopic.php?t=40510
378
379
380 ================
381 6. Portage Watch
382 ================
383
384 The following stable packages were added to portage this week
385 -------------------------------------------------------------
386
387 * app-games/tetrix : A GNU TetriNET server
388 http://tetrinetx.sourceforge.net/
389
390
391 Updates to notable packages
392 ---------------------------
393
394 * sys-apps/portage - portage-2.0.47-r13.ebuild;
395 * sys-kernel/* - gs-sources-2.4.21_pre6.ebuild;
396 hardened-sources-2.4.20.ebuild; mm-sources-2.5.66-r2.ebuild;
397 mm-sources-2.5.66-r3.ebuild; ppc-sources-2.4.20-r4.ebuild;
398 selinux-sources-2.4.20-r3.ebuild; sparc-sources-2.4.20-r7.ebuild;
399
400 New USE variables
401 -----------------
402
403 * debug - Tells configure and the makefiles to build for debugging.
404 Effects vary accross packages, but generally it will at least add -g to
405 CFLAGS. Remeber to set FEATURES+=nostrip too.
406 * emacs - Adds support for GNU Emacs
407
408 ===========
409 7. Bugzilla
410 ===========
411
412 Summary
413 -------
414
415 * Statistics
416 * Closed Bug Ranking
417 * New Bug Rankings
418
419 Statistics
420 ----------
421
422 The Gentoo community uses Bugzilla (bugs.gentoo.org[37]) to record and
423 track bugs, notifications, suggestions and other interactions with the
424 development team. In the last 7 days, activity on the site has resulted
425 in:
426
427 37. http://bugs.gentoo.org
428
429 * 288 new bugs this week
430 * 751 bugs closed or resolved this week
431 * 3 previously closed bugs were reopened this week.
432 * 2386 total bugs currently marked 'new'
433 * 450 total bugs currently assigned to developers
434
435 There are currently 2895 bugs open in bugzilla. Of these: 63 are labeled
436 'blocker', 107 are labeled 'critical', and 227 are labeled 'major'.
437
438 Closed Bug Rankings
439 -------------------
440
441 The developers and teams who have closed the most bugs this week are:
442
443 * The Gnome Team[38], with 64 closed bugs[39]
444 * Daniel Robbins[40], with 29 closed bugs[41]
445 * Nick Hadaway[42], with 28 closed bugs[43]
446 * George Shapovalov[44], with 26 closed bugs[45]
447 * Martin Schlemmer[46], with 21 closed bugs[47]
448 * Martin Holzer[48], with 21 closed bugs[49]
449 38. gnome@g.o
450 39.
451 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
452 field=bug_status&chfieldfrom=2003-03-28&chfieldto=Now&resolution=FIXED&assi
453 gned_to=gnome%40gentoo.org
454 40. drobbins@g.o
455 41.
456 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
457 field=bug_status&chfieldfrom=2003-03-28&chfieldto=Now&resolution=FIXED&assi
458 gned_to=drobbins%40gentoo.org
459 42. raker@g.o
460 43.
461 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
462 field=bug_status&chfieldfrom=2003-03-28&chfieldto=Now&resolution=FIXED&assi
463 gned_to=raker%40gentoo.org
464 44. george@g.o
465 45.
466 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
467 field=bug_status&chfieldfrom=2003-03-28&chfieldto=Now&resolution=FIXED&assi
468 gned_to=george%40gentoo.org
469 46. azarah@g.o
470 47.
471 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
472 field=bug_status&chfieldfrom=2003-03-28&chfieldto=Now&resolution=FIXED&assi
473 gned_to=azarah%40gentoo.org
474 48. mholzer@g.o
475 49.
476 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
477 field=bug_status&chfieldfrom=2003-03-28&chfieldto=Now&resolution=FIXED&assi
478 gned_to=mholzer%40gentoo.org
479
480
481 New Bug Rankings
482 ----------------
483
484 The developers and teams who have been assigned the most new bugs this
485 week are:
486
487
488 * Nick Hadaway[50], with 23 new bugs[51]
489 * Martin Schlemmer[52], with 19 new bugs[53]
490 * The x86-kernel Team[54], with 17 new bugs[55]
491 * Matthew Kennedy[56], with 16 new bugs[57]
492 * Bob Johnson[58], with 15 new bugs[59]
493
494 50. raker@g.o
495 51.
496 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
497 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-28&chfieldto=Now&=&a
498 ssigned_to=raker%40gentoo.org
499 52. azarah@g.o
500 53.
501 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
502 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-28&chfieldto=Now&=&a
503 ssigned_to=azarah%40gentoo.org
504 54. x86-kernel@g.o
505 55.
506 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
507 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-28&chfieldto=Now&=&a
508 ssigned_to=x86-kernel%40gentoo.org
509 56. mkennedy@g.o
510 57.
511 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
512 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-28&chfieldto=Now&=&a
513 ssigned_to=mkennedy%40gentoo.org
514 58. livewire@g.o
515 59.
516 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
517 tatus=REOPENED&chfield=assigned_to&chfieldfrom=2003-03-28&chfieldto=Now&=&a
518 ssigned_to=livewire%40gentoo.org
519
520
521 ==================
522 8. Tips and Tricks
523 ==================
524
525 Changing File Attributes
526
527 This week's tip explains how to use chattr to keep important system files
528 secure. The "change attribute" command, or chattr, can be used to add or
529 change existing file attributes for things such as synchronous updates,
530 tighter file security, and more. However, this command is only available
531 on ext2 or ext3 partitions.
532
533 A list of common attributes and their associated flags is listed below.
534 For a more complete list see man chattr.
535
536 * (A) Don't update atime
537 * (S) synchronous updates
538 * (a) append only
539 * (d) no dump
540 * (i) immutable
541 * (j) data journalling
542 * (t) no tail-merging
543
544 The 'j' option can only be used with ext3. The 'j', 'a' and 'i'
545 options are only available to the superuser
546
547 First make sure that you have chattr installed by emerging e2fsprogs.
548
549 ---------------------------------------------------------------------------
550 | Code Listing 8.1: |
551 | Installing Required Files |
552 ---------------------------------------------------------------------------
553 | |
554 |# emerge e2fsprogs |
555 | |
556 ---------------------------------------------------------------------------
557
558 To set attributes on files, use the chattr command and to view attributes,
559 use the lsattr command.
560
561 ---------------------------------------------------------------------------
562 | Code Listing 8.2: |
563 |Examples of using chattr and lsattr |
564 ---------------------------------------------------------------------------
565 | |
566 |Set the immutable bit on a file so it cannot be changed or removed |
567 |# chattr +i myfile |
568 |# lsattr myfile |
569 |----i-------- myfile |
570 |Testing the immutable flag by attempting to delete the file |
571 |# rm myfile |
572 |rm: cannot remove `myfile': Operation not permitted |
573 |Set myfile to append-only |
574 |# chattr +a myfile |
575 |# lsattr myfile |
576 |-----a------- myfile |
577 |# echo testing > myfile |
578 |myfile: Operation not permitted |
579 |# echo testing >> myfile |
580 |no errors - file was appended to |
581 | |
582 ---------------------------------------------------------------------------
583
584 Some instances where this may be useful is keeping important files safe
585 from deletion. Remember that even root can't delete a file that is
586 immutable or append-only without first explicitly removing that attribute.
587 Using this flag on /etc/passwd or /etc/shadow files keeps them safe from
588 an accidental rm -f and also ensures no new accounts can be added in the
589 event of an exploit. Keeping other files append-only means once they are
590 written, that data can't be changed. Logs are a good candidate for this to
591 keep them from being tampered with. With chattr and lsattr, you now have a
592 few new tools to keep your system secure.
593
594 ==========================
595 9. Moves, Adds and Changes
596 ==========================
597
598 Moves
599 -----
600
601 The following developers recently left the Gentoo team:
602
603 * Peter Brown (rendhalver)
604
605 Adds
606 ----
607
608 The following developers recently joined the Gentoo Linux team:
609
610 * Makoto Yamakura (yakina) -- Japanese documentation
611 * Peter Bilitch (hsinhsin) -- Gentoo documentation
612 * John Mylchreest (johnm) -- Gentoo documentation
613 * Joe Kallar (blademan) -- Sparc documentation
614 * Ashton Mills (martigen) -- Gentoo documentation
615 * Thomas Pedley (shallax) -- Gentoo xbox
616 * Robin Johnson (robbat2) -- ufed, mysql, php
617
618 Changes
619 -------
620
621 The following developers recently changed roles within the Gentoo Linux
622 project.
623
624 * none this week
625
626 =====================
627 10. Contribute to GWN
628 =====================
629
630 Interested in contributing to the Gentoo Weekly Newsletter? Send us an
631 email[60].
632
633 60. gwn-feedback@g.o
634
635 ================
636 11. GWN Feedback
637 ================
638
639 Please send us your feedback[61] and help make GWN better.
640
641 61. gwn-feedback@g.o
642
643 ===================
644 12. Other Languages
645 ===================
646
647 The Gentoo Weekly Newsletter is also available in the following languages:
648
649 * Dutch[62]
650 * English[63]
651 * German[64]
652 * French[65]
653 * Japanese[66]
654 * Italian[67]
655 * Portuguese (Brazil)[68]
656 * Portuguese (Portugal)[69]
657 * Spanish[70]
658
659 62. http://www.gentoo.org/news/be/gwn/gwn.xml
660 63. http://www.gentoo.org/news/en/gwn/gwn.xml
661 64. http://www.gentoo.org/news/de/gwn/gwn.xml
662 65. http://www.gentoo.org/news/fr/gwn/gwn.xml
663 66. http://www.gentoo.org/news/ja/gwn/gwn.xml
664 67. http://www.gentoo.org/news/it/gwn/gwn.xml
665 68. http://www.gentoo.org/news/br/gwn/gwn.xml
666 69. http://www.gentoo.org/news/pt/gwn/gwn.xml
667 70. http://www.gentoo.org/news/es/gwn/gwn.xml
668
669
670 Kurt Lieber <klieber@g.o> - Editor
671 AJ Armstrong <aja@×××××××××××××.com> - Contributor
672 Brice Burgess <nesta@×××××××.net> - Contributor
673 Yuji Carlos Kosugi <carlos@g.o> - Contributor
674 Rafael Cordones Marcos <rcm@×××××××.net> - Contributor
675 David Narayan <david@×××××××.net> - Contributor
676 Ulrich Plate <plate@g.o> - Contributor
677 Peter Sharp <mail@××××××××××××××.net> - Contributor
678 Kim Tingkaer <kim@×××××××.dk> - Contributor
679 Mathy Vanvoorden <matje@×××××××.be> - Dutch Translation
680 Tom Van Laerhoven <tom.vanlaerhoven@××××××.be> - Dutch Translation
681 Peter Dijkstra <phj.dijkstra@××××.nl> - Dutch Translation
682 Bernard Bernieke <bernieke@××××××××.com> - Dutch Translation
683 Vincent Verleye <zu@×××××××.be> - Dutch Translation
684 Jochen Maes <linux@××××.be> - Dutch Translation
685 Ben De Groot <yngwin@××××××.nl> - Dutch Translation
686 Jelmer Jaarsma <j.jaarsma@××××××××××××××××××.nl> - Dutch Translation
687 Nicolas Ledez <nicolas.ledez@××××.fr> - French Translation
688 Guillaume Plessis <gui@×××××××××.com> - French Translation
689 John Berry <anfini@××××.fr> - French Translation
690 Martin Prieto <riverdale@×××××××××.org> - French Translation
691 Michael Kohl <citizen428@g.o> - German Translation
692 Steffen Lassahn <madeagle@g.o> - German Translation
693 Matthias F. Brandstetter <haim@g.o> - German Translation
694 Thomas Raschbacher <lordvan@g.o> - German Translation
695 Klaus-J. Wolf <yanestra@×××.de> - German Translation
696 Marco Mascherpa <mush@××××××.net> - Italian Translation
697 Claudio Merloni <paper@×××××××.it> - Italian Translation
698 Daniel Ketel <kage-chan@g.o> - Japanese Translation
699 Yoshiaki Hagihara <hagi@×××.com> - Japanese Translation
700 Andy Hunne <andy@×××××××××.com> - Japanese Translation
701 Yuji Carlos Kosugi <carlos@g.o> - Japanese Translation
702 Yasunori Fukudome <yasunori@××××××××××××××××.uk> - Japanese Translation
703 Ventura Barbeiro <venturasbarbeiro@××××××.br> - Portuguese (Brazil)
704 Translation
705 Bruno Ferreira <blueroom@××××××××××××.net> - Portuguese (Portugal)
706 Translation
707 Gustavo Felisberto <gustavo@××××××××××.net> - Portuguese (Portugal)
708 Translation
709 Ricardo Jorge Louro <rjlouro@×××××××.org> - Portuguese (Portugal)
710 Translation
711 Lanark <lanark@××××××××××.ar> - Spanish Translation
712 Rafael Cordones Marcos <rcm@×××××××.net> - Spanish Translation
713 Julio Castillo <julio@×××××××××××××.com> - Spanish Translation
714 Sergio Gómez <s3r@××××××××××××.ar> - Spanish Translation
715 Pablo Pita Leira <pablo.leira@×××××××××.com> - Spanish Translation
716 Carlos Castillo <carlos@×××××××××××××.com> - Spanish Translation
717 Tirant <tirant@×××××.net> - Spanish Translation
718 Jaime Freire <jfreire@××.com> - Spanish Translation
719 Lucas Sallovitz <krusty_ar@×××××.com> - Spanish Translation