Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-gwn
Navigation:
Lists: gentoo-gwn: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-gwn@g.o
From: Ulrich Plate <plate@g.o>
Subject: Gentoo Weekly Newsletter 28 November 2005
Date: Mon, 28 Nov 2005 09:58:02 +0100
---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 28 November 2005.
---------------------------------------------------------------------------
 
==============
1. Gentoo news
==============
  
Wireless security: wpa_supplicant vs. xsupplicant
-------------------------------------------------
  
Wi-Fi Protected Access (WPA and WPA2) is supported in Portage by two 
applications that do the exact same job, wpa_supplicant and xsupplicant. 
Developer Henrik Brix Andersen[1] now calls for comments on his plans for 
deprecating the latter, which is currently neither entirely up to date nor 
integrated into Gentoo's new baselayout. Since wpa_supplicant appears to 
have more frequent releases and much more wide spread usage than 
xsupplicant, users who'd like to keep it in Portage nonetheless are asked 
to write him an email explaining why they prefer its use over 
wpa_supplicant. 
 1. brix@g.o
    
=========================
2. Heard in the community
=========================
  
gentoo-dev
----------
  
Decision to remove stage1/2 from installation documentation
 
The documentation project decided to move the stage 1/2 install 
documentation out of the default installation documentation. While this 
was meant to reduce installation errors and help new users by simplifying 
the documentation it caused many questions on the dev mailinglist wether 
stage 1/2 are still supported. In short, stage 1 and stage 2 will still be 
provided, but should no longer be used for a default installation as they 
provide little benefit and are the source of many avoidable bugs. 
 
 *  Decision to remove stage1/2 from installation documentation [2] 
 2. http://thread.gmane.org/gmane.linux.gentoo.devel/33245
 
status of http://wwwredesign.gentoo.org
 
The website redesign project is coming along quite well. Curtis Napier[3] 
asked for some feedback on his work and got a huge number of replies. Many 
changes were incorporated, and still the new site[4] is being improved so 
that it can hopefully replace the "old" website soon. 
 3. curtis119@g.o
 4. http://wwwredesign.gentoo.org
 
 * status of http://wwwredesign.gentoo.org [5] 
 5. http://thread.gmane.org/gmane.linux.gentoo.devel/33150
 
Split ELF debug
 
Ned Ludd[6] presents a portage feature that will most likely be 
implemented in 2.0.54: split debug info. This mildly obscure feature will 
split executables into the executable and debug information in a way that 
reduces executable size and still retains as much debug information as 
possible. 
 6. solar@g.o
 
 * Split ELF Debug (defult or not?) [7] 
 7. http://thread.gmane.org/gmane.linux.gentoo.devel/33521
    
=======================
3. Gentoo international
=======================
  
India: FOSS.IN conference with Gentoo participation
---------------------------------------------------
  
The only Gentoo developer in India, Shyam Mani[8], a resident of 
Bangalore, has organized a Gentoo booth at the FOSS.IN 2005[9], a four-day 
conference starting tomorrow, 29 November until 2 December 2005. Fellow 
developer Seemant Kulleen[10] is traveling to India for the event and will 
give an introductory talk on Gentoo's "What and Why?", followed by Shyam 
and local Gentoo enthusiast Arun Raghavan with their presentations to fill 
an entire Gentoo afternoon on 30 November. 
 8. fox2mike@g.o
 9. http://foss.in/2005/schedules/
 10. seemant@g.o
    
Japan: Bonenkai year-end party in Yokohama
------------------------------------------
  
On 15 December, the Japanese Gentooists will meet for their annual 
Bonenkai, the traditional year-end outing no Japanese organisation with 
more than three members could possibly skip. GWN lead translator Tomoyuki 
Sakurai chose the area around JR Sekiuchi station in Yokohama for this 
year's event, a change from the usual Tokyo, but within an hour from the 
Big Mikan's center. The venue will yet have to be decided, participation 
will set you back 4000 JPY. Please register with the 
gentoojp-misc@... mailing list if you intend to come. 
    
======================
4. Gentoo in the press
======================
  
Newsforge (24 November 2005)
----------------------------
  
Bruce Byfield makes mention of Gentoo and Portage in an article inspired 
by Terry Pratchett's flat Discworld that resides on the back of a giant 
turtle. "It's turtles and modules all the way down"[11] compares Linux to 
the neo-scholastic beliefs in Pratchett's fantasy universe, namely the 
introductin of components which "although some [of them] are not exactly 
hot-swappable, developers act as though they were, swapping out parts of 
the operating system and replacing them with improved versions." To 
Byfield, surprisingly enough, the absence of fixed parts in the Linux 
operating system turns out to be a good thing, not least because "unlike 
the turtles, the assumption of modularity happens to be verifiable." 
 11. http://os.newsforge.com/os/05/11/22/1814254.shtml?tid=2
    
O3 Magazine (Issue #1, November 2005)
-------------------------------------
  
The premier issue of a new magazine, O3[12], is available for download at 
no cost. Inside the "open-source enterprise data networking magazine", an 
article about lighttpd by Mathew J. Burford benchmarks this lightweight 
webserver "with a focus on performance, security and flexibility" on a 
Gentoo Linux system. 
 12. http://www.o3magazine.com/current.html
    
PR Web (21 November 2005)
-------------------------
  
Sumo Computer[13], mentioned in earlier GWNs[14] for their choice of 
Gentoo as the operating system for the hardware they ship, has announced a 
new LAMP server[15]. Based on the Kuro-Box[16], the system comes 
pre-configured and at a significantly lower price than its predecessor at 
Sumo Computer, 399 USD instead of 549 USD for the older model. 
 13. http://www.sumocomputer.com
 14. 
http://www.gentoo.org/news/en/gwn/20050523-newsletter.xml#doc_chap6_sect2
 15. http://www.prweb.com/releases/2005/11/prweb313026.htm
 16. http://www.gentoo.org/news/en/gwn/20050221-newsletter.xml#doc_chap2
    
Securesystems (18 November 2005)
--------------------------------
  
Developer Chris White has written an article about his Hardened 
installation on Gentoo sponsor Genesi's ODW platform. "Setting Up My 
PPC/Hardened/uClibc/RSBAC/PaX Kernel"[17] describes in detail how he went 
about installing Hardened PPC, motivated because he "had heard support for 
it was fairly questionable." 
 17. http://www.securesystem.info/tiki-read_article.php?articleId=10
    
=========================
5. Gentoo developer moves
=========================
  
Moves
-----
  
The following developers recently left the Gentoo project: 
 
 * None this week 
    
Adds
----
  
The following developers recently joined the Gentoo project: 
 
 * Marien Zwart (marienz) - Python, twisted, Portage 
 * Jeroen Roovers (JeR) - HPPA 
    
Changes
-------
  
The following developers recently changed roles within the Gentoo project:
 
 * None this week 
    
==================
6. Gentoo Security
==================
   
GNUMP3d: Directory traversal and insecure temporary file creation
-----------------------------------------------------------------
  
Two vulnerabilities have been identified in GNUMP3d allowing for limited 
directory traversal and insecure temporary file creation. 
 
For more information, please see the GLSA Announcement[18] 
 18. http://www.gentoo.org/security/en/glsa/glsa-200511-16.xml
    
FUSE: mtab corruption through fusermount
----------------------------------------
  
The fusermount utility from FUSE can be abused to corrupt the /etc/mtab 
file contents, potentially allowing a local attacker to set unauthorized 
mount options. 
 
For more information, please see the GLSA Announcement[19] 
 19. http://www.gentoo.org/security/en/glsa/glsa-200511-17.xml
    
phpSysInfo: Multiple vulnerabilities
------------------------------------
  
phpSysInfo is vulnerable to multiple issues, including a local file 
inclusion leading to information disclosure and the potential execution of 
arbitrary code. 
 
For more information, please see the GLSA Announcement[20] 
 20. http://www.gentoo.org/security/en/glsa/glsa-200511-18.xml
    
eix: Insecure temporary file creation
-------------------------------------
  
eix has an insecure temporary file creation vulnerability, potentially 
allowing a local user to overwrite arbitrary files. 
 
For more information, please see the GLSA Announcement[21] 
 21. http://www.gentoo.org/security/en/glsa/glsa-200511-19.xml
    
Horde Application Framework: XSS vulnerability
----------------------------------------------
  
The Horde Application Framework is vulnerable to a cross-site scripting 
vulnerability which could lead to the compromise of the victim's browser 
content. 
 
For more information, please see the GLSA Announcement[22] 
 22. http://www.gentoo.org/security/en/glsa/glsa-200511-20.xml
    
Macromedia Flash Player: Remote arbitrary code execution
--------------------------------------------------------
  
A vulnerability has been identified that allows arbitrary code execution 
on a user's system via the handling of malicious SWF files. 
 
For more information, please see the GLSA Announcement[23] 
 23. http://www.gentoo.org/security/en/glsa/glsa-200511-21.xml
     
===========
7. Bugzilla
===========
  
Statistics
----------
  
The Gentoo community uses Bugzilla (bugs.gentoo.org[24]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 20 November 2005 and 27 November 2005, activity 
on the site has resulted in: 
 24. http://bugs.gentoo.org
 
 * 623 new bugs during this period 
 * 451 bugs closed or resolved during this period 
 * 32 previously closed bugs were reopened this period 
 
Of the 9020 currently open bugs: 104 are labeled 'blocker', 200 are 
labeled 'critical', and 556 are labeled 'major'. 
    
Closed bug rankings
-------------------
  
The developers and teams who have closed the most bugs during this period 
are: 
 
 * Gentoo X-windows packagers[25], with 39 closed bugs[26]  
 * Gentoo Security[27], with 29 closed bugs[28]  
 * Xavier Neys[29], with 20 closed bugs[30]  
 * AMD64 Porting Team[31], with 19 closed bugs[32]  
 * AMD64 Testing Team[33], with 19 closed bugs[34]  
 * Gentoo Games[35], with 17 closed bugs[36]  
 * Gentoo's Team for Core System packages[37], with 16 closed bugs[38]  
 * Gentoo Developer Relations Team[39], with 15 closed bugs[40]  
 25. x11@g.o
 26. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=x11@g.o
 27. security@g.o
 28. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=security@g.o
 29. neysx@g.o
 30. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=neysx@g.o
 31. amd64@g.o
 32. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=amd64@g.o
 33. amd64-test@g.o
 34. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=amd64-test@g.o
 35. games@g.o
 36. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=games@g.o
 37. base-system@g.o
 38. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=base-system@g.o
 39. devrel@g.o
 40. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-11-20&chfieldto=2005-11-27&resolution=FIXED&assigned_to=devrel@g.o
    
New bug rankings
----------------
  
The developers and teams who have been assigned the most new bugs during 
this period are: 
 
 * Default Assignee for New Packages[41], with 25 new bugs[42]  
 * Gentoo Linux Gnome Desktop Team[43], with 11 new bugs[44]  
 * Gentoo Sound Team[45], with 9 new bugs[46]  
 * Java team[47], with 8 new bugs[48]  
 * Default Assignee for Orphaned Packages[49], with 7 new bugs[50]  
 * AMD64 Porting Team[51], with 6 new bugs[52]  
 * AMD64 Testing Team[53], with 6 new bugs[54]  
 * media-video herd[55], with 5 new bugs[56]  
 41. maintainer-wanted@g.o
 42. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=maintainer-wanted@g.o
 43. gnome@g.o
 44. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=gnome@g.o
 45. sound@g.o
 46. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=sound@g.o
 47. java@g.o
 48. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=java@g.o
 49. maintainer-needed@g.o
 50. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=maintainer-needed@g.o
 51. amd64@g.o
 52. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=amd64@g.o
 53. amd64-test@g.o
 54. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=amd64-test@g.o
 55. media-video@g.o
 56. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-11-20&chfieldto=2005-11-27&assigned_to=media-video@g.o
    
===============
8. GWN feedback
===============
   
Please send us your feedback[57] and help make the GWN better. 
 57. gwn-feedback@g.o
    
===============================
9. GWN subscription information
===============================
   
To subscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn+subscribe@g.o. 
 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn+unsubscribe@g.o from the email address you are 
subscribed under.
    
===================
10. Other languages
===================
   
The Gentoo Weekly Newsletter is also available in the following languages:
 
 * Danish[58]  
 * Dutch[59]  
 * English[60]  
 * German[61]  
 * French[62]  
 * Korean[63]  
 * Japanese[64]  
 * Italian[65]  
 * Polish[66]  
 * Portuguese (Brazil)[67]  
 * Portuguese (Portugal)[68]  
 * Russian[69]  
 * Spanish[70]  
 * Turkish[71]  
 58. http://www.gentoo.org/news/da/gwn/gwn.xml
 59. http://www.gentoo.org/news/nl/gwn/gwn.xml
 60. http://www.gentoo.org/news/en/gwn/gwn.xml
 61. http://www.gentoo.org/news/de/gwn/gwn.xml
 62. http://www.gentoo.org/news/fr/gwn/gwn.xml
 63. http://www.gentoo.org/news/ko/gwn/gwn.xml
 64. http://www.gentoo.org/news/ja/gwn/gwn.xml
 65. http://www.gentoo.org/news/it/gwn/gwn.xml
 66. http://www.gentoo.org/news/pl/gwn/gwn.xml
 67. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
 68. http://www.gentoo.org/news/pt/gwn/gwn.xml
 69. http://www.gentoo.org/news/ru/gwn/gwn.xml
 70. http://www.gentoo.org/news/es/gwn/gwn.xml
 71. http://www.gentoo.org/news/tr/gwn/gwn.xml
   
Ulrich Plate <plate@g.o> - Editor
Patrick Lauer <patrick@g.o> - Author

-- 
gentoo-gwn@g.o mailing list


Navigation:
Lists: gentoo-gwn: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Gentoo Weekly Newsletter 21 November 2005
Next by thread:
Gentoo Weekly Newsletter 12 December 2005
Previous by date:
Gentoo Weekly Newsletter 21 November 2005
Next by date:
Gentoo Weekly Newsletter 12 December 2005


Updated Jun 17, 2009

Summary: Archive of the gentoo-gwn mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.