Gentoo Archives: gentoo-gwn

From: Ulrich Plate <plate@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 26 September 2005
Date: Mon, 26 Sep 2005 20:36:09
Message-Id: 20050926221503.62e063fc.plate@gentoo.org
1 ---------------------------------------------------------------------------
2 Gentoo Weekly Newsletter
3 http://www.gentoo.org/news/en/gwn/current.xml
4 This is the Gentoo Weekly Newsletter for the week of 26 September 2005.
5 ---------------------------------------------------------------------------
6
7 ==============
8 1. Gentoo news
9 ==============
10
11 New IRC channel for ebuilders
12 -----------------------------
13
14 A new IRC channel, #gentoo-dev-help, is being officially announced as a
15 place for prospective developers, ebuild authors, bug hunters, and the
16 like to gather and trade tips and tricks about Gentoo's best practices.
17 This channel has been newly established on irc.freenode.net since many
18 people don't have a voice in #gentoo-dev, and to relieve the questions
19 that are being posed in #gentoo-portage. The creators hope to attract
20 Gentoo users, potential developers, and prospective arch testers who have
21 questions that are more in-depth than a high volume channel like #gentoo
22 can answer, without distracting the busy Gentoo developers from their core
23 activities. Any developers interested in passing on their skills are
24 welcome to come and join the new channel. In the interest of staying on
25 topic all installation questions will be referred back to #gentoo, but all
26 other Gentoo-related issues are fair game.
27
28 =========================
29 2. Heard in the community
30 =========================
31
32 Web forums
33 ----------
34
35 Apache blowout
36
37 Forum regular loki99[1] had a busy Saturday trying to contain the fury of
38 those who got angered by the latest Apache upgrade in Gentoo Linux.
39 Whether you agree with its provocative title or not, the thread is
40 definitely worth watching as it has Gentoo developer Bryan Østergaard[2]
41 chiming in with a thorough explanation of what went up and why:
42 1. https://forums.gentoo.org/profile.php?mode=viewprofile&u=32005
43 2. kloeri@g.o
44
45 * Gentoo Apache2 Config Change Idiocy[3]
46 3. https://forums.gentoo.org/viewtopic-t-384368.html
47
48 KDE 3.5 beta-ebuilds test thread
49
50 Gentoo developer Chris White[4] rounds up a group of testers for the
51 release of KDE 3.5, check the sticky mini-HOWTO for details on how to
52 participate:
53 4. chriswhite@g.o
54
55 * Testing kde-3.5_beta1 small howto[5]
56 5. https://forums.gentoo.org/viewtopic-t-380632.html
57
58 gentoo-dev
59 ----------
60
61 Marking packages stable on x86
62
63 As a consequence of GLEP40 and the new x86 arch team the policy for
64 stabling packages on x86 has changed. For endusers this will most likely
65 have no side-effects except that packages are expected to become stable in
66 a more timely fashion.
67
68 * Marking packages stable on x86[6]
69 6. http://thread.gmane.org/gmane.linux.gentoo.devel/31758
70
71 Vice and virtues of static libraries
72
73 A long thread about the pros and cons of having static libraries around,
74 also some packages that show "unexpected" behaviour ("if static ncurses is
75 unavailable, the bash ebuild will use the bundled gnutermcap (which is
76 bad)"). You will also find a short discussion on whether to use a new
77 USE-flag for it (or maybe abuse USE="minimal"?).
78
79 * Say no to static libraries! (?)[7]
80 7. http://thread.gmane.org/gmane.linux.gentoo.devel/31726
81
82 "Commercial" software in portage
83
84 Every now and then GLEP 23 gets resurrected - which means that some people
85 want to be able to disallow packagess based on the license. Especially
86 non-free software with restrictions on the data files would be nice to
87 have a warning ("You need the original Game-CD to install this!"), but as
88 long as portage doesn't implement GLEP 23 any changes to current behaviour
89 will be a bit patchy. Some ideas like overlays (split out all non-free
90 ebuilds) were discussed and mostly dismissed.
91
92 * Commercial software in Portage[8]
93 8. http://thread.gmane.org/gmane.linux.gentoo.devel/
94
95 =======================
96 3. Gentoo international
97 =======================
98
99 Germany: Gentoo developer conference call for papers
100 ----------------------------------------------------
101
102 A reminder for all those actively considering a paper presentation at the
103 European conference for Gentoo developers[9] in November: please submit
104 your proposals before 30 September. The same form used for registering to
105 the event[10] can be used for submissions of topics and brief outlines of
106 planned presentation.
107 9. http://conference.gentoo.org
108 10. http://conference.gentoo.org/cgi-bin/registration.pl
109
110 ======================
111 4. Gentoo in the press
112 ======================
113
114 The Register (23 September 2005)
115 --------------------------------
116
117 In a letter to the editor[11], weathered sysadmin Eoin refutes the idea of
118 a Windows-only standard for operating systems on USB sticks that the The
119 Register had been reporting about earlier. "Your article regarding the new
120 U3 standard was mostly correct, baring your final assertion that Linux
121 does not support this. As far as I can tell the idea actually evolved from
122 the Linux heads," writes Eoin, happily acknowledging that whenever one of
123 those Linux heads with distros on a stick visits his offices, they
124 generally know what they're doing: "These people are using 2-4GB USB
125 drives with almost complete versions of Gentoo and Red Hat running on them
126 - all very impressive and thankfully I don't need to attempt (and fail) to
127 support them if something goes wrong."
128 11. http://www.theregister.co.uk/2005/09/23/letters_2309/
129
130 ===========================
131 5. Moves, adds, and changes
132 ===========================
133
134 Moves
135 -----
136
137 The following developers recently left the Gentoo team:
138
139 * None this week
140
141 Adds
142 ----
143
144 The following developers recently joined the Gentoo Linux team:
145
146 * None this week
147
148 Changes
149 -------
150
151 The following developers recently changed roles within the Gentoo Linux
152 project:
153
154 * Daniel Gryniewicz (dang) - operational lead for AMD64 arch testers
155
156 ==================
157 6. Gentoo Security
158 ==================
159
160 Apache, mod_ssl: Multiple vulnerabilities
161 -----------------------------------------
162
163 mod_ssl and Apache are vulnerable to a restriction bypass and a potential
164 local privilege escalation.
165
166 For more information, please see the GLSA Announcement[12]
167 12. http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml
168
169 Clam AntiVirus: Multiple vulnerabilities
170 ----------------------------------------
171
172 Clam AntiVirus is subject to vulnerabilities ranging from Denial of
173 Service to execution of arbitrary code when handling compressed
174 executables.
175
176 For more information, please see the GLSA Announcement[13]
177 13. http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml
178
179 Zebedee: Denial of Service vulnerability
180 ----------------------------------------
181
182 A bug in Zebedee allows a remote attacker to perform a Denial of Service
183 attack.
184
185 For more information, please see the GLSA Announcement[14]
186 14. http://www.gentoo.org/security/en/glsa/glsa-200509-14.xml
187
188 util-linux: umount command validation error
189 -------------------------------------------
190
191 A command validation error in umount can lead to an escalation of
192 privileges.
193
194 For more information, please see the GLSA Announcement[15]
195 15. http://www.gentoo.org/security/en/glsa/glsa-200509-15.xml
196
197 Mantis: XSS and SQL injection vulnerabilities
198 ---------------------------------------------
199
200 Mantis is affected by an SQL injection and several cross-site scripting
201 (XSS) vulnerabilities.
202
203 For more information, please see the GLSA Announcement[16]
204 16. http://www.gentoo.org/security/en/glsa/glsa-200509-16.xml
205
206 Webmin, Usermin: Remote code execution through PAM authentication
207 -----------------------------------------------------------------
208
209 If Webmin or Usermin is configured to use full PAM conversations, it is
210 vulnerable to the remote execution of arbitrary code with root privileges.
211
212 For more information, please see the GLSA Announcement[17]
213 17. http://www.gentoo.org/security/en/glsa/glsa-200509-17.xml
214
215 ===========
216 7. Bugzilla
217 ===========
218
219 Summary
220 -------
221
222 * Statistics
223 * Closed bug ranking
224 * New bug rankings
225
226 Statistics
227 ----------
228
229 The Gentoo community uses Bugzilla (bugs.gentoo.org[18]) to record and
230 track bugs, notifications, suggestions and other interactions with the
231 development team. Between 18 September 2005 and 25 September 2005,
232 activity on the site has resulted in:
233 18. http://bugs.gentoo.org
234
235 * 798 new bugs during this period
236 * 366 bugs closed or resolved during this period
237 * 39 previously closed bugs were reopened this period
238
239 Of the 8405 currently open bugs: 98 are labeled 'blocker', 189 are labeled
240 'critical', and 554 are labeled 'major'.
241
242 Closed bug rankings
243 -------------------
244
245 The developers and teams who have closed the most bugs during this period
246 are:
247
248 * AMD64 Porting Team[19], with 23 closed bugs[20]
249 * Gentoo KDE team[21], with 22 closed bugs[22]
250 * Gentoo Linux Gnome Desktop Team[23], with 18 closed bugs[24]
251 * Gentoo for Mac OS X[25], with 17 closed bugs[26]
252 * Gentoo Security[27], with 13 closed bugs[28]
253 * Gentoo Team for the ML programming language family[29], with 13 closed
254 bugs[30]
255 * PPC Porters[31], with 12 closed bugs[32]
256 * Gentoo net-p2p team[33], with 12 closed bugs[34]
257 19. amd64@g.o
258 20.
259 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=amd64@g.o
260 21. kde@g.o
261 22.
262 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=kde@g.o
263 23. gnome@g.o
264 24.
265 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=gnome@g.o
266 25. ppc-macos@g.o
267 26.
268 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=ppc-macos@g.o
269 27. security@g.o
270 28.
271 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=security@g.o
272 29. ml@g.o
273 30.
274 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=ml@g.o
275 31. ppc@g.o
276 32.
277 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=ppc@g.o
278 33. net-p2p@g.o
279 34.
280 http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=net-p2p@g.o
281
282 New bug rankings
283 ----------------
284
285 The developers and teams who have been assigned the most new bugs during
286 this period are:
287
288 * Default Assignee for New Packages[35], with 30 new bugs[36]
289 * Perl Devs @ Gentoo[37], with 20 new bugs[38]
290 * Gentoo Sound Team[39], with 9 new bugs[40]
291 * Gentoo KDE team[41], with 9 new bugs[42]
292 * Gentoo Linux Gnome Desktop Team[43], with 8 new bugs[44]
293 * Text-Markup Team[45], with 7 new bugs[46]
294 * Gentoo Games[47], with 7 new bugs[48]
295 * Gentoo X-windows packagers[49], with 6 new bugs[50]
296 35. maintainer-wanted@g.o
297 36.
298 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=maintainer-wanted@g.o
299 37. perl@g.o
300 38.
301 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=perl@g.o
302 39. sound@g.o
303 40.
304 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=sound@g.o
305 41. kde@g.o
306 42.
307 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=kde@g.o
308 43. gnome@g.o
309 44.
310 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=gnome@g.o
311 45. text-markup@g.o
312 46.
313 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=text-markup@g.o
314 47. games@g.o
315 48.
316 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=games@g.o
317 49. x11@g.o
318 50.
319 http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=x11@g.o
320
321 ===============
322 8. GWN feedback
323 ===============
324
325 Please send us your feedback[51] and help make the GWN better.
326 51. gwn-feedback@g.o
327
328 ===============================
329 9. GWN subscription information
330 ===============================
331
332 To subscribe to the Gentoo Weekly Newsletter, send a blank email to
333 gentoo-gwn+subscribe@g.o.
334
335 To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
336 gentoo-gwn+unsubscribe@g.o from the email address you are
337 subscribed under.
338
339 ===================
340 10. Other languages
341 ===================
342
343 The Gentoo Weekly Newsletter is also available in the following languages:
344
345 * Danish[52]
346 * Dutch[53]
347 * English[54]
348 * German[55]
349 * French[56]
350 * Japanese[57]
351 * Italian[58]
352 * Polish[59]
353 * Portuguese (Brazil)[60]
354 * Portuguese (Portugal)[61]
355 * Russian[62]
356 * Spanish[63]
357 * Turkish[64]
358 52. http://www.gentoo.org/news/da/gwn/gwn.xml
359 53. http://www.gentoo.org/news/nl/gwn/gwn.xml
360 54. http://www.gentoo.org/news/en/gwn/gwn.xml
361 55. http://www.gentoo.org/news/de/gwn/gwn.xml
362 56. http://www.gentoo.org/news/fr/gwn/gwn.xml
363 57. http://www.gentoo.org/news/ja/gwn/gwn.xml
364 58. http://www.gentoo.org/news/it/gwn/gwn.xml
365 59. http://www.gentoo.org/news/pl/gwn/gwn.xml
366 60. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
367 61. http://www.gentoo.org/news/pt/gwn/gwn.xml
368 62. http://www.gentoo.org/news/ru/gwn/gwn.xml
369 63. http://www.gentoo.org/news/es/gwn/gwn.xml
370 64. http://www.gentoo.org/news/tr/gwn/gwn.xml
371
372 Ulrich Plate <plate@g.o> - Editor
373 Patrick Lauer <patrick@g.o> - Author
374 Tres Melton <tres@××××××××××.com> - Author
375
376 --
377 gentoo-gwn@g.o mailing list