1 |
--------------------------------------------------------------------------- |
2 |
Gentoo Weekly Newsletter |
3 |
http://www.gentoo.org/news/en/gwn/current.xml |
4 |
This is the Gentoo Weekly Newsletter for the week of 26 September 2005. |
5 |
--------------------------------------------------------------------------- |
6 |
|
7 |
============== |
8 |
1. Gentoo news |
9 |
============== |
10 |
|
11 |
New IRC channel for ebuilders |
12 |
----------------------------- |
13 |
|
14 |
A new IRC channel, #gentoo-dev-help, is being officially announced as a |
15 |
place for prospective developers, ebuild authors, bug hunters, and the |
16 |
like to gather and trade tips and tricks about Gentoo's best practices. |
17 |
This channel has been newly established on irc.freenode.net since many |
18 |
people don't have a voice in #gentoo-dev, and to relieve the questions |
19 |
that are being posed in #gentoo-portage. The creators hope to attract |
20 |
Gentoo users, potential developers, and prospective arch testers who have |
21 |
questions that are more in-depth than a high volume channel like #gentoo |
22 |
can answer, without distracting the busy Gentoo developers from their core |
23 |
activities. Any developers interested in passing on their skills are |
24 |
welcome to come and join the new channel. In the interest of staying on |
25 |
topic all installation questions will be referred back to #gentoo, but all |
26 |
other Gentoo-related issues are fair game. |
27 |
|
28 |
========================= |
29 |
2. Heard in the community |
30 |
========================= |
31 |
|
32 |
Web forums |
33 |
---------- |
34 |
|
35 |
Apache blowout |
36 |
|
37 |
Forum regular loki99[1] had a busy Saturday trying to contain the fury of |
38 |
those who got angered by the latest Apache upgrade in Gentoo Linux. |
39 |
Whether you agree with its provocative title or not, the thread is |
40 |
definitely worth watching as it has Gentoo developer Bryan Østergaard[2] |
41 |
chiming in with a thorough explanation of what went up and why: |
42 |
1. https://forums.gentoo.org/profile.php?mode=viewprofile&u=32005 |
43 |
2. kloeri@g.o |
44 |
|
45 |
* Gentoo Apache2 Config Change Idiocy[3] |
46 |
3. https://forums.gentoo.org/viewtopic-t-384368.html |
47 |
|
48 |
KDE 3.5 beta-ebuilds test thread |
49 |
|
50 |
Gentoo developer Chris White[4] rounds up a group of testers for the |
51 |
release of KDE 3.5, check the sticky mini-HOWTO for details on how to |
52 |
participate: |
53 |
4. chriswhite@g.o |
54 |
|
55 |
* Testing kde-3.5_beta1 small howto[5] |
56 |
5. https://forums.gentoo.org/viewtopic-t-380632.html |
57 |
|
58 |
gentoo-dev |
59 |
---------- |
60 |
|
61 |
Marking packages stable on x86 |
62 |
|
63 |
As a consequence of GLEP40 and the new x86 arch team the policy for |
64 |
stabling packages on x86 has changed. For endusers this will most likely |
65 |
have no side-effects except that packages are expected to become stable in |
66 |
a more timely fashion. |
67 |
|
68 |
* Marking packages stable on x86[6] |
69 |
6. http://thread.gmane.org/gmane.linux.gentoo.devel/31758 |
70 |
|
71 |
Vice and virtues of static libraries |
72 |
|
73 |
A long thread about the pros and cons of having static libraries around, |
74 |
also some packages that show "unexpected" behaviour ("if static ncurses is |
75 |
unavailable, the bash ebuild will use the bundled gnutermcap (which is |
76 |
bad)"). You will also find a short discussion on whether to use a new |
77 |
USE-flag for it (or maybe abuse USE="minimal"?). |
78 |
|
79 |
* Say no to static libraries! (?)[7] |
80 |
7. http://thread.gmane.org/gmane.linux.gentoo.devel/31726 |
81 |
|
82 |
"Commercial" software in portage |
83 |
|
84 |
Every now and then GLEP 23 gets resurrected - which means that some people |
85 |
want to be able to disallow packagess based on the license. Especially |
86 |
non-free software with restrictions on the data files would be nice to |
87 |
have a warning ("You need the original Game-CD to install this!"), but as |
88 |
long as portage doesn't implement GLEP 23 any changes to current behaviour |
89 |
will be a bit patchy. Some ideas like overlays (split out all non-free |
90 |
ebuilds) were discussed and mostly dismissed. |
91 |
|
92 |
* Commercial software in Portage[8] |
93 |
8. http://thread.gmane.org/gmane.linux.gentoo.devel/ |
94 |
|
95 |
======================= |
96 |
3. Gentoo international |
97 |
======================= |
98 |
|
99 |
Germany: Gentoo developer conference call for papers |
100 |
---------------------------------------------------- |
101 |
|
102 |
A reminder for all those actively considering a paper presentation at the |
103 |
European conference for Gentoo developers[9] in November: please submit |
104 |
your proposals before 30 September. The same form used for registering to |
105 |
the event[10] can be used for submissions of topics and brief outlines of |
106 |
planned presentation. |
107 |
9. http://conference.gentoo.org |
108 |
10. http://conference.gentoo.org/cgi-bin/registration.pl |
109 |
|
110 |
====================== |
111 |
4. Gentoo in the press |
112 |
====================== |
113 |
|
114 |
The Register (23 September 2005) |
115 |
-------------------------------- |
116 |
|
117 |
In a letter to the editor[11], weathered sysadmin Eoin refutes the idea of |
118 |
a Windows-only standard for operating systems on USB sticks that the The |
119 |
Register had been reporting about earlier. "Your article regarding the new |
120 |
U3 standard was mostly correct, baring your final assertion that Linux |
121 |
does not support this. As far as I can tell the idea actually evolved from |
122 |
the Linux heads," writes Eoin, happily acknowledging that whenever one of |
123 |
those Linux heads with distros on a stick visits his offices, they |
124 |
generally know what they're doing: "These people are using 2-4GB USB |
125 |
drives with almost complete versions of Gentoo and Red Hat running on them |
126 |
- all very impressive and thankfully I don't need to attempt (and fail) to |
127 |
support them if something goes wrong." |
128 |
11. http://www.theregister.co.uk/2005/09/23/letters_2309/ |
129 |
|
130 |
=========================== |
131 |
5. Moves, adds, and changes |
132 |
=========================== |
133 |
|
134 |
Moves |
135 |
----- |
136 |
|
137 |
The following developers recently left the Gentoo team: |
138 |
|
139 |
* None this week |
140 |
|
141 |
Adds |
142 |
---- |
143 |
|
144 |
The following developers recently joined the Gentoo Linux team: |
145 |
|
146 |
* None this week |
147 |
|
148 |
Changes |
149 |
------- |
150 |
|
151 |
The following developers recently changed roles within the Gentoo Linux |
152 |
project: |
153 |
|
154 |
* Daniel Gryniewicz (dang) - operational lead for AMD64 arch testers |
155 |
|
156 |
================== |
157 |
6. Gentoo Security |
158 |
================== |
159 |
|
160 |
Apache, mod_ssl: Multiple vulnerabilities |
161 |
----------------------------------------- |
162 |
|
163 |
mod_ssl and Apache are vulnerable to a restriction bypass and a potential |
164 |
local privilege escalation. |
165 |
|
166 |
For more information, please see the GLSA Announcement[12] |
167 |
12. http://www.gentoo.org/security/en/glsa/glsa-200509-12.xml |
168 |
|
169 |
Clam AntiVirus: Multiple vulnerabilities |
170 |
---------------------------------------- |
171 |
|
172 |
Clam AntiVirus is subject to vulnerabilities ranging from Denial of |
173 |
Service to execution of arbitrary code when handling compressed |
174 |
executables. |
175 |
|
176 |
For more information, please see the GLSA Announcement[13] |
177 |
13. http://www.gentoo.org/security/en/glsa/glsa-200509-13.xml |
178 |
|
179 |
Zebedee: Denial of Service vulnerability |
180 |
---------------------------------------- |
181 |
|
182 |
A bug in Zebedee allows a remote attacker to perform a Denial of Service |
183 |
attack. |
184 |
|
185 |
For more information, please see the GLSA Announcement[14] |
186 |
14. http://www.gentoo.org/security/en/glsa/glsa-200509-14.xml |
187 |
|
188 |
util-linux: umount command validation error |
189 |
------------------------------------------- |
190 |
|
191 |
A command validation error in umount can lead to an escalation of |
192 |
privileges. |
193 |
|
194 |
For more information, please see the GLSA Announcement[15] |
195 |
15. http://www.gentoo.org/security/en/glsa/glsa-200509-15.xml |
196 |
|
197 |
Mantis: XSS and SQL injection vulnerabilities |
198 |
--------------------------------------------- |
199 |
|
200 |
Mantis is affected by an SQL injection and several cross-site scripting |
201 |
(XSS) vulnerabilities. |
202 |
|
203 |
For more information, please see the GLSA Announcement[16] |
204 |
16. http://www.gentoo.org/security/en/glsa/glsa-200509-16.xml |
205 |
|
206 |
Webmin, Usermin: Remote code execution through PAM authentication |
207 |
----------------------------------------------------------------- |
208 |
|
209 |
If Webmin or Usermin is configured to use full PAM conversations, it is |
210 |
vulnerable to the remote execution of arbitrary code with root privileges. |
211 |
|
212 |
For more information, please see the GLSA Announcement[17] |
213 |
17. http://www.gentoo.org/security/en/glsa/glsa-200509-17.xml |
214 |
|
215 |
=========== |
216 |
7. Bugzilla |
217 |
=========== |
218 |
|
219 |
Summary |
220 |
------- |
221 |
|
222 |
* Statistics |
223 |
* Closed bug ranking |
224 |
* New bug rankings |
225 |
|
226 |
Statistics |
227 |
---------- |
228 |
|
229 |
The Gentoo community uses Bugzilla (bugs.gentoo.org[18]) to record and |
230 |
track bugs, notifications, suggestions and other interactions with the |
231 |
development team. Between 18 September 2005 and 25 September 2005, |
232 |
activity on the site has resulted in: |
233 |
18. http://bugs.gentoo.org |
234 |
|
235 |
* 798 new bugs during this period |
236 |
* 366 bugs closed or resolved during this period |
237 |
* 39 previously closed bugs were reopened this period |
238 |
|
239 |
Of the 8405 currently open bugs: 98 are labeled 'blocker', 189 are labeled |
240 |
'critical', and 554 are labeled 'major'. |
241 |
|
242 |
Closed bug rankings |
243 |
------------------- |
244 |
|
245 |
The developers and teams who have closed the most bugs during this period |
246 |
are: |
247 |
|
248 |
* AMD64 Porting Team[19], with 23 closed bugs[20] |
249 |
* Gentoo KDE team[21], with 22 closed bugs[22] |
250 |
* Gentoo Linux Gnome Desktop Team[23], with 18 closed bugs[24] |
251 |
* Gentoo for Mac OS X[25], with 17 closed bugs[26] |
252 |
* Gentoo Security[27], with 13 closed bugs[28] |
253 |
* Gentoo Team for the ML programming language family[29], with 13 closed |
254 |
bugs[30] |
255 |
* PPC Porters[31], with 12 closed bugs[32] |
256 |
* Gentoo net-p2p team[33], with 12 closed bugs[34] |
257 |
19. amd64@g.o |
258 |
20. |
259 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=amd64@g.o |
260 |
21. kde@g.o |
261 |
22. |
262 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=kde@g.o |
263 |
23. gnome@g.o |
264 |
24. |
265 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=gnome@g.o |
266 |
25. ppc-macos@g.o |
267 |
26. |
268 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=ppc-macos@g.o |
269 |
27. security@g.o |
270 |
28. |
271 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=security@g.o |
272 |
29. ml@g.o |
273 |
30. |
274 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=ml@g.o |
275 |
31. ppc@g.o |
276 |
32. |
277 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=ppc@g.o |
278 |
33. net-p2p@g.o |
279 |
34. |
280 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-09-18&chfieldto=2005-09-25&resolution=FIXED&assigned_to=net-p2p@g.o |
281 |
|
282 |
New bug rankings |
283 |
---------------- |
284 |
|
285 |
The developers and teams who have been assigned the most new bugs during |
286 |
this period are: |
287 |
|
288 |
* Default Assignee for New Packages[35], with 30 new bugs[36] |
289 |
* Perl Devs @ Gentoo[37], with 20 new bugs[38] |
290 |
* Gentoo Sound Team[39], with 9 new bugs[40] |
291 |
* Gentoo KDE team[41], with 9 new bugs[42] |
292 |
* Gentoo Linux Gnome Desktop Team[43], with 8 new bugs[44] |
293 |
* Text-Markup Team[45], with 7 new bugs[46] |
294 |
* Gentoo Games[47], with 7 new bugs[48] |
295 |
* Gentoo X-windows packagers[49], with 6 new bugs[50] |
296 |
35. maintainer-wanted@g.o |
297 |
36. |
298 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=maintainer-wanted@g.o |
299 |
37. perl@g.o |
300 |
38. |
301 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=perl@g.o |
302 |
39. sound@g.o |
303 |
40. |
304 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=sound@g.o |
305 |
41. kde@g.o |
306 |
42. |
307 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=kde@g.o |
308 |
43. gnome@g.o |
309 |
44. |
310 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=gnome@g.o |
311 |
45. text-markup@g.o |
312 |
46. |
313 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=text-markup@g.o |
314 |
47. games@g.o |
315 |
48. |
316 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=games@g.o |
317 |
49. x11@g.o |
318 |
50. |
319 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-09-18&chfieldto=2005-09-25&assigned_to=x11@g.o |
320 |
|
321 |
=============== |
322 |
8. GWN feedback |
323 |
=============== |
324 |
|
325 |
Please send us your feedback[51] and help make the GWN better. |
326 |
51. gwn-feedback@g.o |
327 |
|
328 |
=============================== |
329 |
9. GWN subscription information |
330 |
=============================== |
331 |
|
332 |
To subscribe to the Gentoo Weekly Newsletter, send a blank email to |
333 |
gentoo-gwn+subscribe@g.o. |
334 |
|
335 |
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to |
336 |
gentoo-gwn+unsubscribe@g.o from the email address you are |
337 |
subscribed under. |
338 |
|
339 |
=================== |
340 |
10. Other languages |
341 |
=================== |
342 |
|
343 |
The Gentoo Weekly Newsletter is also available in the following languages: |
344 |
|
345 |
* Danish[52] |
346 |
* Dutch[53] |
347 |
* English[54] |
348 |
* German[55] |
349 |
* French[56] |
350 |
* Japanese[57] |
351 |
* Italian[58] |
352 |
* Polish[59] |
353 |
* Portuguese (Brazil)[60] |
354 |
* Portuguese (Portugal)[61] |
355 |
* Russian[62] |
356 |
* Spanish[63] |
357 |
* Turkish[64] |
358 |
52. http://www.gentoo.org/news/da/gwn/gwn.xml |
359 |
53. http://www.gentoo.org/news/nl/gwn/gwn.xml |
360 |
54. http://www.gentoo.org/news/en/gwn/gwn.xml |
361 |
55. http://www.gentoo.org/news/de/gwn/gwn.xml |
362 |
56. http://www.gentoo.org/news/fr/gwn/gwn.xml |
363 |
57. http://www.gentoo.org/news/ja/gwn/gwn.xml |
364 |
58. http://www.gentoo.org/news/it/gwn/gwn.xml |
365 |
59. http://www.gentoo.org/news/pl/gwn/gwn.xml |
366 |
60. http://www.gentoo.org/news/pt_br/gwn/gwn.xml |
367 |
61. http://www.gentoo.org/news/pt/gwn/gwn.xml |
368 |
62. http://www.gentoo.org/news/ru/gwn/gwn.xml |
369 |
63. http://www.gentoo.org/news/es/gwn/gwn.xml |
370 |
64. http://www.gentoo.org/news/tr/gwn/gwn.xml |
371 |
|
372 |
Ulrich Plate <plate@g.o> - Editor |
373 |
Patrick Lauer <patrick@g.o> - Author |
374 |
Tres Melton <tres@××××××××××.com> - Author |
375 |
|
376 |
-- |
377 |
gentoo-gwn@g.o mailing list |