Get Gentoo!
gentoo.org sites
gentoo.org Wiki Bugs Forums Packages
Planet Archives Sources
Infra Status

Gentoo Archives: gentoo-gwn

From: Ulrich Plate <plate@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 2 May 2005
Date: Mon, 02 May 2005 23:53:53
Message-Id: 20050503015526.7ae11dd5.plate@gentoo.org
1 ---------------------------------------------------------------------------
2 Gentoo Weekly Newsletter
3 http://www.gentoo.org/news/en/gwn/current.xml
4 This is the Gentoo Weekly Newsletter for the week of 2 May 2005.
5 ---------------------------------------------------------------------------
6
7 ==============
8 1. Gentoo News
9 ==============
10
11 Officially unofficial developer documentation
12 ---------------------------------------------
13
14 Ciaran McCreesh[1] has published a collection of developer-oriented
15 documentation[2]. With the intent of creating an "unofficial alternative
16 to the devrel handbook[3]," the document is actually quite canonical in
17 purpose, content and presentation. The "Unofficial Gentoo Development
18 Guide" contains ebuild and eclass writing instructions, help with
19 Portage's structure and files typically dealt with when developing for
20 Gentoo Linux, and many more practical tips and tricks for the aspiring
21 Gentooist. Contributors include Gentoo developers Grant Goodyear[4],
22 Robert Coie[5], Aaron Walker[6] and Tom Martin[7], others are encouraged
23 to add their input. "The target audience is existing developers and
24 potential recruits -- an existing knowledge of Gentoo from the user
25 perspective is assumed," says Ciaran in the announcement[8] posted to
26 Gentoo's developer mailing list last Sunday.
27
28 1. ciaranm@g.o
29 2. http://www.firedrop.org.uk/devmanual/
30 3. http://www.gentoo.org/proj/en/devrel/handbook/handbook.xml
31 4. g2boojum@g.o
32 5. rac@g.o
33 6. ka0ttic@g.o
34 7. slarti@g.o
35 8. http://article.gmane.org/gmane.linux.gentoo.devel/27562
36
37 Speed bumps on the way to OpenLDAP 2.2
38 --------------------------------------
39
40 Robin Johnson[9] has just put the latest version of OpenLDAP[10], v2.2.26,
41 into the Portage tree: "I don't see anything that is now holding back the
42 2.2 series from ~arch. In two weeks, I plan to move it to ~arch, from its
43 present package.mask status. It shouldn't cause any problems for people
44 who have OpenLDAP installed as a client only, but it'll be a bit bumpy for
45 those running OpenLDAP servers. The ebuild will exit if it detects the
46 server data files from previous versions of OpenLDAP, and display
47 instructions on how to upgrade safely." Robbat2 warns against bypassing
48 them "at your own peril, as you will end up with a badly corrupted
49 database. Also note that the slapd.conf syntax has had some minor but
50 annoying changes that will block slapd from starting until they are
51 updated."
52
53 9. robbat2@g.o
54 10. http://www.openldap.org/
55
56 =========================
57 2. Heard in the community
58 =========================
59
60 gentoo-dev
61 ----------
62
63 ebuild cruft?
64
65 A rather unconventional proposal to potentially speed up portage (by
66 removing all unneeded ebuilds) started this thread about the slowness of
67 Portage, alternative architectures and all the other little annoying
68 things that can happen with Portage.
69
70 * Ebuild cruft? [11]
71 11. http://thread.gmane.org/gmane.linux.gentoo.devel/27470
72
73
74 Headhunter spam
75
76 As Gentoo becomes more and more popular, it also becomes the target of
77 headhunters that scout for inexpensive labour. One of the more prominent
78 examples started a nice thread about why you should know your audience,
79 why you shouldn't spam development mailinglists and why Debian is not
80 Gentoo ...
81
82 * Headhunter spam [12]
83 12. http://thread.gmane.org/gmane.linux.gentoo.devel/27424
84
85
86 Supporting Commercial Software in Gentoo
87
88 Since (obviously) Gentoo is the best thing that happened since sliced
89 bread, more and more "commercial" vendors show interest. As they prefer a
90 stable environment while Gentoo is generally a moving target, Matthew
91 Marlowe[13] asks if a dedicated profile (in this case for MySQL
92 certification) could be made available.
93
94 13. mattm@g.o
95
96 * Commercial support[14]
97 14. http://thread.gmane.org/gmane.linux.gentoo.devel/27282
98
99
100 =======================
101 3. Gentoo International
102 =======================
103
104 Germany: KDE-look.org migration to Gentoo Linux host
105 ----------------------------------------------------
106
107 It's a smallish individual project, but it has quite an impact on many
108 desktop environment users of the KDE, XFCE and Gnome flavors whenever
109 they're looking for some artwork to embellish their work environment: Page
110 impressions on kde-look.org, kde-apps.org, gnome-look.org and
111 xfce-look.org have grown to 25 million a month, representing 2 terabyte of
112 traffic. The site[15] is one of the most important sources for wallpapers
113 or desktop themes available.
114
115 15. http://www.kde-look.org
116
117 No wonder its master Frank Karlitschek's expectations towards performance
118 and security have been growing at a similar pace. His main server had been
119 running Redhat 8 for the past two year, but support was running out, and
120 since no security updates are available for this version any longer, it
121 became impossible to keep the system safe from attacks. Frank decided to
122 move on: The new kde-look.org has migrated from a Celeron 1.2GHz with
123 512MB RAM to a Pentium 4 sporting a 3.2GHz CPU and twice as much memory:
124 "The load average fell from 30 to 1.1," says Frank Karlitschek. "And I
125 don't know whether that's just the hardware, or because I decided to run
126 the site on a Gentoo Linux host now."
127
128 His decision to build a Gentoo environment for the popular site was driven
129 by the ease and thrift of its installation: "I can manage with very few
130 packages, an optimized, lean installation is much easier with Gentoo than
131 other distributions," says Karlitschek, whose webserver is now spinning on
132 a base system of just a few megabytes. "The other reason is the way Gentoo
133 is making it easy to keep it current. Updates even of the kernel, the
134 glibc or a new gcc are so easy, and just as easy is maintaining a Gentoo
135 system up-to-date and secure."
136
137 Austria: Grazer Linuxtage
138 -------------------------
139
140 Forum administrator Wernfried Haas[16] successfully avoided showing his
141 face to Austrian paparazzi at the Grazer LinuxTage last year[17] (sitting
142 behind someone right under the window on the right) -- this year he will
143 be unable to hide from the cameras: Accompanied by several Gentoo-users,
144 Amne and friends will be representing Gentoo Linux at Austria's most
145 prominent Linux and open-source event. They will be answering questions
146 all day long, serving those in need of LiveCDs (bringing along all
147 permutations of LiveCD images and a sufficient amount of blank media).
148 Aside from the exhibition floor, there will be many lectures and workshops
149 at the Grazer LinuxTage, more information can be found on their
150 website[18].
151
152 16. amne@g.o
153 17.
154 http://dufo.tugraz.at/glt04/20040507_13h/.tmp/2004-05-07_16h53_img_0015.jpg
155 .html
156 18. http://linuxtage.at/
157
158 USA: Pluckerized Gentoo handbook
159 --------------------------------
160
161 Despite being mostly a Debian and FreeBSD user himself, David A.
162 Desrosiers from New London, Connecticut has thoughtfully converted the
163 official Gentoo handbook to Plucker[19] format, useful for people who'd
164 like to browse the installation manual on their Palm OS devices. Using
165 appropriately plucker-conformant ebook readers, the Gentoo handbook can
166 also be viewed on other handheld platforms, including WinCE- and
167 Linux-based PDAs. David's converted Gentoo handbook[20] is available for
168 eight architectures and 12 languages from his website, and the Plucker
169 maintainer even has plans to offer Gentoo's RSS feed (of posts to the
170 official Gentoo website) via his new "Plucker Syndication Server" as an
171 online service soon.
172
173 19. http://packages.gentoo.org/ebuilds/?plucker-1.8-r1
174 20. http://code.plkr.org/gentoo/
175
176 Figure 3.1: Pluckerized and tilted: Palm-size Gentoo handbook
177 http://www.gentoo.org/images/gwn/20050502_plucker.png
178
179 Germany: Upcoming Gentoo user meetings in Berlin and Oberhausen
180 ---------------------------------------------------------------
181
182 Two GUMs at different locations, but sharing date and time:
183
184 * Berlin: 6 May 2005, from 18:00, at the Weinerei[21] (Veteranenstraße)
185 * Oberhausen: 6 May 2005, 18:00, at Gasthof Harlos[22] as usual
186 21. http://www.weinerei.com/
187 22. http://www.gasthof-harlos.de/
188
189
190 ======================
191 4. Gentoo in the press
192 ======================
193
194 Newsforge (28 April 2005)
195 -------------------------
196
197 Ututo-e[23], the Argentinian Gentoo spin-off by Diego Saravia and David
198 Oliveira, was thoroughly reviewed[24] by Newsforge author Bruce Byfield
199 last week. "The only free distribution" (as in: 100 percent conformant to
200 the ideals of the Free Software Foundation) gets good marks for acting "as
201 a reminder of how far the free software community has come -- and of how
202 small a price users need to pay today to support its principles." As a
203 Linux distribution totally void of non-FSF-approved software, ututo-e is
204 lacking a Java runtime environment and other "non-free" software, which
205 the author seems to find not unpleasant. On the other hand, his article
206 has triggered a storm of protest from Debianists who use the talkback
207 function at the Newsforge site to debate Richard Stallman's endorsement of
208 Ututo-e.
209
210 23. https://e.ututo.org.ar/indexee.html
211 24. http://os.newsforge.com/os/05/04/21/195224.shtml?tid=2&tid=150
212
213 KDE.news (28 April 2005)
214 ------------------------
215
216 KDE developer Jakub Stachowski gave an interview about Zeroconf's service
217 discovery[25] at the KDE.news website last Thursday. After an introduction
218 about what Zeroconf actually does ("Relevant applications can advertise
219 their services, such as shared folders or networked games, which can then
220 be browsed with the zeroconf:/ ioslave."), Jakub explains the status of
221 Zeroconf support in KDE, the relationship to Apple's Rendezvous, and --
222 being asked which Linux distributions carry Zeroconf at the moment, simply
223 answers: "First was as usual Gentoo - you need to add 'zeroconf' to USE
224 flags in order to enable it.
225
226 25. http://dot.kde.org/1114696139/
227
228 Slashdot (27 April 2005)
229 ------------------------
230
231 A Slashdot article[26] about Gentoo's GUI installer project[27] has
232 received the usual mix of benevolent attention and fuming hatred from
233 readers last Wednesday. Author Jon Latane finds the current installation
234 process "notorious for scaring off potential users before they even get to
235 try it," but some of his readers seem more concerned about losing their
236 "bragging rights for being able to install Gentoo using only a bash
237 shell..." Innocent Slashdot fun time again.
238
239 26. http://linux.slashdot.org/article.pl?sid=05/04/27/1836227
240 27. http://www.gentoo.org/proj/en/releng/installer/
241
242 ===========================
243 5. Moves, adds, and changes
244 ===========================
245
246 Moves
247 -----
248
249 The following developers recently left the Gentoo team:
250
251 * None this week
252
253 Adds
254 ----
255
256 The following developers recently joined the Gentoo Linux team:
257
258 * Omkhar Arasaratnam (omkhar) - PPC64
259
260 Changes
261 -------
262
263 The following developers recently changed roles within the Gentoo Linux
264 project:
265
266 * None this week
267
268 ==================
269 6. Gentoo security
270 ==================
271
272 eGroupWare: XSS and SQL injection vulnerabilities
273 -------------------------------------------------
274
275 eGroupWare is affected by several SQL injection and cross-site scripting
276 (XSS) vulnerabilities.
277
278 For more information, please see the GLSA Announcement[28]
279
280 28. http://www.gentoo.org/security/en/glsa/glsa-200504-24.xml
281
282 Rootkit Hunter: Insecure temporary file creation
283 ------------------------------------------------
284
285 Rootkit Hunter is vulnerable to symlink attacks, potentially allowing a
286 local user to overwrite arbitrary files.
287
288 For more information, please see the GLSA Announcement[29]
289
290 29. http://www.gentoo.org/security/en/glsa/glsa-200504-25.xml
291
292 Convert-UUlib: Buffer overflow
293 ------------------------------
294
295 A buffer overflow has been reported in Convert-UUlib, potentially
296 resulting in the execution of arbitrary code.
297
298 For more information, please see the GLSA Announcement[30]
299
300 30. http://www.gentoo.org/security/en/glsa/glsa-200504-26.xml
301
302 xine-lib: Two heap overflow vulnerabilities
303 -------------------------------------------
304
305 Two vulnerabilities have been found in xine-lib which could lead to the
306 remote execution of arbitrary code.
307
308 For more information, please see the GLSA Announcement[31]
309
310 31. http://www.gentoo.org/security/en/glsa/glsa-200504-27.xml
311
312 Heimdal: Buffer overflow vulnerabilities
313 ----------------------------------------
314
315 Buffer overflow vulnerabilities have been found in the telnet client in
316 Heimdal which could lead to execution of arbitrary code.
317
318 For more information, please see the GLSA Announcement[32]
319
320 32. http://www.gentoo.org/security/en/glsa/glsa-200504-28.xml
321
322 Pound: Buffer overflow vulnerability
323 ------------------------------------
324
325 Pound is vulnerable to a buffer overflow that could lead to the remote
326 execution of arbitrary code.
327
328 For more information, please see the GLSA Announcement[33]
329
330 33. http://www.gentoo.org/security/en/glsa/glsa-200504-29.xml
331
332 phpMyAdmin: Insecure SQL script installation
333 --------------------------------------------
334
335 phpMyAdmin leaves the SQL install script with insecure permissions,
336 potentially leading to a database compromise.
337
338 For more information, please see the GLSA Announcement[34]
339
340 34. http://www.gentoo.org/security/en/glsa/glsa-200504-30.xml
341
342 Horde Framework: Multiple XSS vulnerabilities
343 ---------------------------------------------
344
345 Various modules of the Horde Framework are vulnerable to multiple
346 cross-site scripting (XSS) vulnerabilities.
347
348 For more information, please see the GLSA Announcement[35]
349
350 35. http://www.gentoo.org/security/en/glsa/glsa-200505-01.xml
351
352 ===========
353 7. Bugzilla
354 ===========
355
356 Summary
357 -------
358
359 * Statistics
360 * Closed bug ranking
361 * New bug rankings
362
363 Statistics
364 ----------
365
366 The Gentoo community uses Bugzilla (bugs.gentoo.org[36]) to record and
367 track bugs, notifications, suggestions and other interactions with the
368 development team. Between 24 April 2005 and 01 May 2005, activity on the
369 site has resulted in:
370
371 36. http://bugs.gentoo.org
372
373 * 815 new bugs during this period
374 * 487 bugs closed or resolved during this period
375 * 29 previously closed bugs were reopened this period
376
377 Of the 8572 currently open bugs: 93 are labeled 'blocker', 229 are labeled
378 'critical', and 627 are labeled 'major'.
379
380 Closed bug rankings
381 -------------------
382
383 The developers and teams who have closed the most bugs during this period
384 are:
385
386 * Gentoo's Team for Core System packages[37], with 29 closed bugs[38]
387 * media-video herd[39], with 23 closed bugs[40]
388 * Mobile Herd[41], with 17 closed bugs[42]
389 * Gentoo Games[43], with 17 closed bugs[44]
390 * Perl Devs @ Gentoo[45], with 16 closed bugs[46]
391 * Gentoo Linux Gnome Desktop Team[47], with 16 closed bugs[48]
392 * Gentoo Sound Team[49], with 15 closed bugs[50]
393 * Portage team[51], with 15 closed bugs[52]
394 37. base-system@g.o
395 38.
396 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=base-system@g.o
397 39. media-video@g.o
398 40.
399 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=media-video@g.o
400 41. mobile@g.o
401 42.
402 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=mobile@g.o
403 43. games@g.o
404 44.
405 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=games@g.o
406 45. perl@g.o
407 46.
408 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=perl@g.o
409 47. gnome@g.o
410 48.
411 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=gnome@g.o
412 49. sound@g.o
413 50.
414 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=sound@g.o
415 51. dev-portage@g.o
416 52.
417 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-24&chfieldto=2005-05-01&resolution=FIXED&assigned_to=dev-portage@g.o
418
419
420 New bug rankings
421 ----------------
422
423 The developers and teams who have been assigned the most new bugs during
424 this period are:
425
426 * X11 External Driver Maintainers[53], with 54 new bugs[54]
427 * Gentoo Toolchain Maintainers[55], with 18 new bugs[56]
428 * Gentoo Sound Team[57], with 17 new bugs[58]
429 * AMD64 Porting Team[59], with 16 new bugs[60]
430 * web-apps Herd[61], with 13 new bugs[62]
431 * Gentoo Linux Gnome Desktop Team[63], with 13 new bugs[64]
432 * media-video herd[65], with 12 new bugs[66]
433 * Perl Devs @ Gentoo[67], with 11 new bugs[68]
434 53. x11-drivers@g.o
435 54.
436 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=x11-drivers@g.o
437 55. toolchain@g.o
438 56.
439 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=toolchain@g.o
440 57. sound@g.o
441 58.
442 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=sound@g.o
443 59. amd64@g.o
444 60.
445 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=amd64@g.o
446 61. webapps-request@g.o
447 62.
448 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=webapps-request@g.o
449 63. gnome@g.o
450 64.
451 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=gnome@g.o
452 65. media-video@g.o
453 66.
454 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=media-video@g.o
455 67. perl@g.o
456 68.
457 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-24&chfieldto=2005-05-01&assigned_to=perl@g.o
458
459
460 ===============
461 8. GWN feedback
462 ===============
463
464 Please send us your feedback[69] and help make the GWN better.
465
466 69. gwn-feedback@g.o
467
468 ===============================
469 9. GWN subscription information
470 ===============================
471
472 To subscribe to the Gentoo Weekly Newsletter, send a blank email to
473 gentoo-gwn-subscribe@g.o.
474
475 To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
476 gentoo-gwn-unsubscribe@g.o from the email address you are
477 subscribed under.
478
479 ===================
480 10. Other languages
481 ===================
482
483 The Gentoo Weekly Newsletter is also available in the following languages:
484
485 * Danish[70]
486 * Dutch[71]
487 * English[72]
488 * German[73]
489 * French[74]
490 * Japanese[75]
491 * Italian[76]
492 * Polish[77]
493 * Portuguese (Brazil)[78]
494 * Portuguese (Portugal)[79]
495 * Russian[80]
496 * Spanish[81]
497 * Turkish[82]
498 70. http://www.gentoo.org/news/da/gwn/gwn.xml
499 71. http://www.gentoo.org/news/nl/gwn/gwn.xml
500 72. http://www.gentoo.org/news/en/gwn/gwn.xml
501 73. http://www.gentoo.org/news/de/gwn/gwn.xml
502 74. http://www.gentoo.org/news/fr/gwn/gwn.xml
503 75. http://www.gentoo.org/news/ja/gwn/gwn.xml
504 76. http://www.gentoo.org/news/it/gwn/gwn.xml
505 77. http://www.gentoo.org/news/pl/gwn/gwn.xml
506 78. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
507 79. http://www.gentoo.org/news/pt/gwn/gwn.xml
508 80. http://www.gentoo.org/news/ru/gwn/gwn.xml
509 81. http://www.gentoo.org/news/es/gwn/gwn.xml
510 82. http://www.gentoo.org/news/tr/gwn/gwn.xml
511
512
513 Ulrich Plate <plate@g.o> - Editor
514 Wernfried Haas <amne@g.o> - Author
515 Patrick Lauer <patrick@g.o> - Author
516
517 --
518 gentoo-gwn@g.o mailing list
Report Message
Find on MARC Find on Google Groups