1 |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
2 |
Gentoo Weekly Newsletter |
3 |
http://www.gentoo.org/news/en/gwn/20070409-newsletter.xml |
4 |
This is the Gentoo Weekly Newsletter for the week of 9 April 2007. |
5 |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
6 |
|
7 |
======================== |
8 |
1. Developer of the Week |
9 |
======================== |
10 |
|
11 |
Camille Huot, aka cam |
12 |
--------------------- |
13 |
|
14 |
Figure 1.1: Camille Huot, aka cam |
15 |
http://www.gentoo.org/images/gwn/20070409_cam.jpg |
16 |
|
17 |
26 year old Camille Huot[1] is one of our French developers. He lives and |
18 |
works in Paris, France, but was born in La Ciotat, which is near Marseilles |
19 |
in southern France. Camille lives together with his brother, who has |
20 |
recently finished school and started working as a C++ developer. |
21 |
|
22 |
1. cam@g.o |
23 |
|
24 |
Cam studied at the University of Montpellier, and graduated with a Bachelor |
25 |
in 'Telecommunications and Network'. Later on he completed his studies with |
26 |
a Masters degree. He was employed some time back as Linux Systems |
27 |
Administrator, but got promoted recently to Oracle DB Administration. He's |
28 |
currently in charge of ~150 servers at the Wanadoo hosting platform. |
29 |
|
30 |
Camille learned Linux (Red Hat and Debian) at school. Later on, he switched |
31 |
to FreeBSD, which he kept for some years, but finally 'had' to come back to |
32 |
Linux due to a DSL driver. Gérald Fenoy[2] convinced Camille to try Gentoo, |
33 |
and he liked it :-) |
34 |
|
35 |
2. djay@g.o |
36 |
|
37 |
Within Gentoo, Camille leads the French translation team. They currently |
38 |
have a well-oiled team, and translate quite a few documents. He's also |
39 |
interested in joining the Gentoo/FreeBSD team. Camille was recruited in |
40 |
January '04 by Xavier Neys[3], who has recently turned over the torch of |
41 |
French Lead translator to Camille. |
42 |
|
43 |
3. neysx@g.o |
44 |
|
45 |
When Camille fires up his desktop, he uses: openbox, psi, opera, urxvt, |
46 |
claws-mail, mplayer, gvim and some Google apps. |
47 |
|
48 |
================== |
49 |
2. Tips and Tricks |
50 |
================== |
51 |
|
52 |
Removing Specific Dependencies |
53 |
------------------------------ |
54 |
|
55 |
Have you ever installed something with a lot of dependencies? Have you ever |
56 |
wanted to remove that package along with all of its dependencies? Instinct |
57 |
may tell us that we can run emerge --depclean, however there is a different, |
58 |
perhaps better way. |
59 |
|
60 |
Lets say that we want to compare OpenOffice.org and koffice. Our plan is to |
61 |
install both, try them out, and remove one of them. First, do: |
62 |
|
63 |
+--------------------------------------------------------------------------------+ |
64 |
| Code Listing 2.1 | |
65 |
| Creating .deps files | |
66 |
+--------------------------------------------------------------------------------+ |
67 |
| # emerge openoffice -p | sed -ne \ | |
68 |
| '/^\[ebuild[^]]*N[^]]*\]/{s/^\[ebuild[^]]\+\] \([^[:space:]]\+\).*$/=\1/;p}' \ | |
69 |
| > openoffice.deps | |
70 |
| # emerge koffice-meta -p | sed -ne \ | |
71 |
| '/^\[ebuild[^]]*N[^]]*\]/{s/^\[ebuild[^]]\+\] \([^[:space:]]\+\).*$/=\1/;p}' \ | |
72 |
| > koffice.deps | |
73 |
+--------------------------------------------------------------------------------+ |
74 |
|
75 |
This will ensure that we do not record any packages that are being updated. |
76 |
Proceed to install and try the programs. Once you chose which one you want |
77 |
to keep, simply do the following: |
78 |
|
79 |
+---------------------------------------------------------------------------+ |
80 |
| Code Listing 2.2 | |
81 |
| Removing unused package/dependencies | |
82 |
+---------------------------------------------------------------------------+ |
83 |
| # emerge -aC $(<openoffice.deps) | |
84 |
+---------------------------------------------------------------------------+ |
85 |
|
86 |
This week's Tips and Tricks was inspired by the following posting on the |
87 |
forums: |
88 |
|
89 |
* http://forums.gentoo.org/viewtopic-t-531232.html |
90 |
|
91 |
========================= |
92 |
3. Gentoo developer moves |
93 |
========================= |
94 |
|
95 |
Moves |
96 |
----- |
97 |
|
98 |
The following developers recently left the Gentoo project: |
99 |
|
100 |
* Alec Warner (antarus) |
101 |
* Simon Stelling (blubb) |
102 |
|
103 |
Adds |
104 |
---- |
105 |
|
106 |
The following developers recently joined the Gentoo project: |
107 |
|
108 |
* none this week |
109 |
|
110 |
Changes |
111 |
------- |
112 |
|
113 |
The following developers recently changed roles within the Gentoo project: |
114 |
|
115 |
* none this week |
116 |
|
117 |
================== |
118 |
4. Gentoo security |
119 |
================== |
120 |
|
121 |
Asterisk: Two SIP Denial of Service vulnerabilities |
122 |
--------------------------------------------------- |
123 |
|
124 |
Asterisk is vulnerable to two Denial of Service issues in the SIP channel. |
125 |
|
126 |
For more information, please see the GLSA Announcement[4] |
127 |
|
128 |
4. http://www.gentoo.org/security/en/glsa/glsa-200704-01.xml |
129 |
|
130 |
MIT Kerberos 5: Arbitrary remote code execution |
131 |
----------------------------------------------- |
132 |
|
133 |
Multiple vulnerabilities in MIT Kerberos 5 could potentially result in |
134 |
unauthenticated remote root code execution. |
135 |
|
136 |
For more information, please see the GLSA Announcement[5] |
137 |
|
138 |
5. http://www.gentoo.org/security/en/glsa/glsa-200704-02.xml |
139 |
|
140 |
OpenAFS: Privilege escalation |
141 |
----------------------------- |
142 |
|
143 |
OpenAFS is subject to a design flaw that could allow privilege escalation on |
144 |
the client. |
145 |
|
146 |
For more information, please see the GLSA Announcement[6] |
147 |
|
148 |
6. http://www.gentoo.org/security/en/glsa/glsa-200704-03.xml |
149 |
|
150 |
OpenPBS: Multiple vulnerabilities |
151 |
--------------------------------- |
152 |
|
153 |
OpenPBS contains unspecified vulnerabilities which may allow for the remote |
154 |
execution of arbitrary code or a Denial of Service. |
155 |
|
156 |
For more information, please see the GLSA Announcement[7] |
157 |
|
158 |
7. http://www.gentoo.org/security/en/glsa/glsa-200704-04.xml |
159 |
|
160 |
zziplib: Buffer Overflow |
161 |
------------------------ |
162 |
|
163 |
The zziplib library contains a buffer overflow vulnerability that could lead |
164 |
to user-assisted remote execution of arbitrary code. |
165 |
|
166 |
For more information, please see the GLSA Announcement[8] |
167 |
|
168 |
8. http://www.gentoo.org/security/en/glsa/glsa-200704-05.xml |
169 |
|
170 |
Evince: Stack overflow in included gv code |
171 |
------------------------------------------ |
172 |
|
173 |
Evince improperly handles user-supplied data possibly allowing for the |
174 |
execution of arbitrary code. |
175 |
|
176 |
For more information, please see the GLSA Announcement[9] |
177 |
|
178 |
9. http://www.gentoo.org/security/en/glsa/glsa-200704-06.xml |
179 |
|
180 |
libwpd: Multiple vulnerabilities |
181 |
-------------------------------- |
182 |
|
183 |
libwpd is vulnerable to several heap overflows and an integer overflow. |
184 |
|
185 |
For more information, please see the GLSA Announcement[10] |
186 |
|
187 |
10. http://www.gentoo.org/security/en/glsa/glsa-200704-07.xml |
188 |
|
189 |
======================= |
190 |
5. Gentoo package moves |
191 |
======================= |
192 |
|
193 |
This section lists packages that have either been moved or added to the tree |
194 |
and packages that have had their "last rites" announcement given to be |
195 |
removed in the future. The package removals come from many locations, |
196 |
including the Treecleaners[11] and various developers. Most packages which |
197 |
are listed under the Last Rites section are in need of some love and care |
198 |
and can remain in the tree if proper maintainership is established. |
199 |
|
200 |
11. http://www.gentoo.org/proj/en/qa/treecleaners |
201 |
|
202 |
Removals: |
203 |
--------- |
204 |
|
205 |
Package: Removal date: Contact: |
206 |
games-board/pysol-cardsets 02 Apr 2007 Alfredo Tupone[12] |
207 |
net-news/hellanzb 05 Apr 2007 Alexis Ballier[13] |
208 |
x11-misc/klineakconfig 06 Apr 2007 Stefan Schweizer[14] |
209 |
net-print/foomatic 07 Apr 2007 Stefan Schweizer[14] |
210 |
dev-util/ecletex 07 Apr 2007 Petteri Räty[15] |
211 |
dev-util/eclipse-cdt 07 Apr 2007 Petteri Räty[15] |
212 |
|
213 |
12. tupone@g.o |
214 |
13. aballier@g.o |
215 |
14. genstef@g.o |
216 |
15. betelgeuse@g.o |
217 |
|
218 |
Additions: |
219 |
---------- |
220 |
|
221 |
Package: Addition date: Contact: |
222 |
games-sports/toycars[16] 02 Apr 2007 Alfredo Tupone[12] |
223 |
dev-util/duma[17] 03 Apr 2007 Steve Arnold[18] |
224 |
perl-core/Math-BigRat[19] 03 Apr 2007 Michael Cummings[20] |
225 |
perl-core/bignum[21] 03 Apr 2007 Michael Cummings[20] |
226 |
net-misc/italc[22] 03 Apr 2007 Markus Ullmann[23] |
227 |
net-nntp/hellanzb[24] 05 Apr 2007 Alexis Ballier[13] |
228 |
media-video/mplayerthumbs[25] 06 Apr 2007 Stefan Schweizer[14] |
229 |
net-wireless/aircrack-ptw[26] 06 Apr 2007 Lars Weiler[27] |
230 |
net-misc/x-lite[28] 07 Apr 2007 Markus Ullmann[23] |
231 |
kde-misc/metamonitor[29] 07 Apr 2007 Markus Ullmann[23] |
232 |
sys-auth/pam_abl[30] 07 Apr 2007 Markus Ullmann[23] |
233 |
sys-auth/pam_sha512[31] 07 Apr 2007 Markus Ullmann[23] |
234 |
net-analyzer/zniper[32] 07 Apr 2007 Markus Ullmann[23] |
235 |
dev-libs/liblazy[33] 08 Apr 2007 Stefan Schweizer[14] |
236 |
dev-python/pkipplib[34] 08 Apr 2007 Bryan Østergaard[35] |
237 |
|
238 |
12. tupone@g.o |
239 |
13. aballier@g.o |
240 |
14. genstef@g.o |
241 |
16. http://packages.gentoo.org/packages/?category=games-sports;name=toycars |
242 |
17. http://packages.gentoo.org/packages/?category=dev-util;name=duma |
243 |
18. nerdboy@g.o |
244 |
19. http://packages.gentoo.org/packages/?category=perl-core;name=Math-BigRat |
245 |
20. mcummings@g.o |
246 |
21. http://packages.gentoo.org/packages/?category=perl-core;name=bignum |
247 |
22. http://packages.gentoo.org/packages/?category=net-misc;name=italc |
248 |
23. jokey@g.o |
249 |
24. http://packages.gentoo.org/packages/?category=net-nntp;name=hellanzb |
250 |
25. http://packages.gentoo.org/packages/?category=media-video;name=mplayerthumbs |
251 |
26. http://packages.gentoo.org/packages/?category=net-wireless;name=aircrack-ptw |
252 |
27. pylon@g.o |
253 |
28. http://packages.gentoo.org/packages/?category=net-misc;name=x-lite |
254 |
29. http://packages.gentoo.org/packages/?category=kde-misc;name=metamonitor |
255 |
30. http://packages.gentoo.org/packages/?category=sys-auth;name=pam_abl |
256 |
31. http://packages.gentoo.org/packages/?category=sys-auth;name=pam_sha512 |
257 |
32. http://packages.gentoo.org/packages/?category=net-analyzer;name=zniper |
258 |
33. http://packages.gentoo.org/packages/?category=dev-libs;name=liblazy |
259 |
34. http://packages.gentoo.org/packages/?category=dev-python;name=pkipplib |
260 |
35. kloeri@g.o |
261 |
|
262 |
Last Rites: |
263 |
----------- |
264 |
|
265 |
Package: Removal date: Contact: |
266 |
dev-java/aterm-java[36] 06 May 2007 Petteri Räty[15] |
267 |
dev-db/c-jdbc[37] 08 May 2007 Petteri Räty[15] |
268 |
|
269 |
15. betelgeuse@g.o |
270 |
36. http://packages.gentoo.org/packages/?category=dev-java;name=aterm-java |
271 |
37. http://packages.gentoo.org/packages/?category=dev-db;name=c-jdbc |
272 |
|
273 |
=========== |
274 |
6. Bugzilla |
275 |
=========== |
276 |
|
277 |
Summary |
278 |
------- |
279 |
|
280 |
* Statistics |
281 |
* Closed bug ranking |
282 |
* New bug rankings |
283 |
|
284 |
Statistics |
285 |
---------- |
286 |
|
287 |
The Gentoo community uses Bugzilla (bugs.gentoo.org[38]) to record and track |
288 |
bugs, notifications, suggestions and other interactions with the development |
289 |
team. Between 01 April 2007 and 08 April 2007, activity on the site has |
290 |
resulted in: |
291 |
|
292 |
38. http://bugs.gentoo.org |
293 |
|
294 |
* 513 new bugs during this period |
295 |
* 441 bugs closed or resolved during this period |
296 |
* 23 previously closed bugs were reopened this period |
297 |
* 161 closed as NEEDINFO/WONTFIX/CANTFIX/INVALID/UPSTREAM during this |
298 |
period |
299 |
* 87 bugs marked as duplicates during this period |
300 |
|
301 |
Of the 10000 currently open bugs: 14 are labeled 'blocker', 97 are labeled |
302 |
'critical', and 353 are labeled 'major'. |
303 |
|
304 |
Closed bug rankings |
305 |
------------------- |
306 |
|
307 |
The developers and teams who have closed the most bugs during this period |
308 |
are: |
309 |
|
310 |
* Java team[39], with 22 closed bugs[40] |
311 |
* Gentoo KDE team[41], with 21 closed bugs[42] |
312 |
* Gentoo Security[43], with 15 closed bugs[44] |
313 |
* Gentoo's Team for Core System packages[45], with 15 closed bugs[46] |
314 |
* Printing Team[47], with 14 closed bugs[48] |
315 |
* TeX herd[49], with 12 closed bugs[50] |
316 |
* Hanno Boeck[51], with 12 closed bugs[52] |
317 |
* Development Tools Herd[53], with 12 closed bugs[54] |
318 |
|
319 |
39. java@g.o |
320 |
40. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=java@g.o |
321 |
41. kde@g.o |
322 |
42. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=kde@g.o |
323 |
43. security@g.o |
324 |
44. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=security@g.o |
325 |
45. base-system@g.o |
326 |
46. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=base-system@g.o |
327 |
47. printing@g.o |
328 |
48. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=printing@g.o |
329 |
49. tex@g.o |
330 |
50. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=tex@g.o |
331 |
51. hanno@g.o |
332 |
52. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=hanno@g.o |
333 |
53. dev-tools@g.o |
334 |
54. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2007-04-01&chfieldto=2007-04-08&resolution=FIXED&assigned_to=dev-tools@g.o |
335 |
|
336 |
New bug rankings |
337 |
---------------- |
338 |
|
339 |
The developers and teams who have been assigned the most new bugs during |
340 |
this period are: |
341 |
|
342 |
* Default Assignee for New Packages[55], with 21 new bugs[56] |
343 |
* Default Assignee for Orphaned Packages[57], with 9 new bugs[58] |
344 |
* AMD64 Project[59], with 9 new bugs[60] |
345 |
* PHP Bugs[61], with 5 new bugs[62] |
346 |
* Alpha Porters[63], with 5 new bugs[64] |
347 |
* Robin Johnson[65], with 4 new bugs[66] |
348 |
* Gentoo Kernel Bug Wranglers and Kernel Maintainers[67], with 4 new |
349 |
bugs[68] |
350 |
* Java team[39], with 4 new bugs[69] |
351 |
|
352 |
39. java@g.o |
353 |
55. maintainer-wanted@g.o |
354 |
56. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=maintainer-wanted@g.o |
355 |
57. maintainer-needed@g.o |
356 |
58. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=maintainer-needed@g.o |
357 |
59. amd64@g.o |
358 |
60. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=amd64@g.o |
359 |
61. php-bugs@g.o |
360 |
62. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=php-bugs@g.o |
361 |
63. alpha@g.o |
362 |
64. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=alpha@g.o |
363 |
65. robbat2@g.o |
364 |
66. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=robbat2@g.o |
365 |
67. kernel@g.o |
366 |
68. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=kernel@g.o |
367 |
69. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2007-04-01&chfieldto=2007-04-08&assigned_to=java@g.o |
368 |
|
369 |
=============== |
370 |
7. GWN feedback |
371 |
=============== |
372 |
|
373 |
The GWN is staffed by volunteers and members of the community who submit |
374 |
ideas and articles. If you are interested in writing for the GWN, have |
375 |
feedback on an article that we have posted, or just have an idea or article |
376 |
that you would like to submit to the GWN, please send us your feedback[70] |
377 |
and help make the GWN better. |
378 |
|
379 |
70. gwn-feedback@g.o |
380 |
|
381 |
=============================== |
382 |
8. GWN subscription information |
383 |
=============================== |
384 |
|
385 |
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to |
386 |
gentoo-gwn+subscribe@g.o. |
387 |
|
388 |
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to |
389 |
gentoo-gwn+unsubscribe@g.o from the e-mail address you are subscribed |
390 |
under. |
391 |
|
392 |
================== |
393 |
9. Other languages |
394 |
================== |
395 |
|
396 |
The Gentoo Weekly Newsletter is also available in the following languages: |
397 |
|
398 |
* Chinese (Simplified)[71] |
399 |
* Dutch[72] |
400 |
* English[73] |
401 |
* German[74] |
402 |
* Greek[75] |
403 |
* French[76] |
404 |
* Korean[77] |
405 |
* Japanese[78] |
406 |
* Italian[79] |
407 |
* Polish[80] |
408 |
* Portuguese (Brazil)[81] |
409 |
* Portuguese (Portugal)[82] |
410 |
* Russian[83] |
411 |
* Slovak[84] |
412 |
* Spanish[85] |
413 |
* Turkish[86] |
414 |
|
415 |
71. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml |
416 |
72. http://www.gentoo.org/news/nl/gwn/gwn.xml |
417 |
73. http://www.gentoo.org/news/en/gwn/gwn.xml |
418 |
74. http://www.gentoo.org/news/de/gwn/gwn.xml |
419 |
75. http://www.gentoo.org/news/el/gwn/gwn.xml |
420 |
76. http://www.gentoo.org/news/fr/gwn/gwn.xml |
421 |
77. http://www.gentoo.org/news/ko/gwn/gwn.xml |
422 |
78. http://www.gentoo.org/news/ja/gwn/gwn.xml |
423 |
79. http://www.gentoo.org/news/it/gwn/gwn.xml |
424 |
80. http://www.gentoo.org/news/pl/gwn/gwn.xml |
425 |
81. http://www.gentoo.org/news/pt_br/gwn/gwn.xml |
426 |
82. http://www.gentoo.org/news/pt/gwn/gwn.xml |
427 |
83. http://www.gentoo.org/news/ru/gwn/gwn.xml |
428 |
84. http://www.gentoo.org/news/sk/gwn/gwn.xml |
429 |
85. http://www.gentoo.org/news/es/gwn/gwn.xml |
430 |
86. http://www.gentoo.org/news/tr/gwn/gwn.xml |
431 |
|
432 |
Chris Gianelloni <wolf31o2@g.o> - Editor |
433 |
Dimitry Bradt <diox@g.o> - Author |
434 |
Andrey Falko <andrey@××××××××××××××××.net> - Author |
435 |
|
436 |
-- |
437 |
gentoo-gwn@g.o mailing list |