---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 13 June 2005.
---------------------------------------------------------------------------
==============
1. Gentoo News
==============
New PegasosPPC Open Desktop Workstations with Gentoo preinstalled
-----------------------------------------------------------------
Figure 1.1: New design, performance boost, Gentoo inside: The new Open
Desktop Workstation
http://www.gentoo.org/images/gwn/20050613_odw.jpg
Back in January we reported on Genesi's PegasosPPC, the PowerPC-based
platform marketed as the "Open Desktop Workstation" (ODW) -- and being
sold with Gentoo preinstalled. In order to better match Apple's Mac Mini
the Open Desktop Workstation has just received a face lift, not only in
case design but also in terms of hardware inside, and at a lower price
than before. The ODW now sports twice the RAM, double the storage space of
the previous model, and it includes a dual-layer DVD±RW drive, all for 799
USD (650 EUR). For each unit sold via Gentoo's vendors page[1], 50 USD is
donated to the Gentoo Foundation.
1. http://vendors.gentoo.org/
With Apple turning their back on a growing community of PowerPC users,
Genesi[2] and remain committed to shelling out affordable, high-quality
PowerPC machines for desktop and server use.
2. http://www.genesi.lu/
* Pegasos II with 1GHz G4 processor
* 512MB DDR RAM
* 80GB Hard Disk
* Dual-Layer DVD±RW Drive
* ATI Radeon 9250 graphics
* Low Profile Small Footprint Case - Tower or Desktop Orientation
The system comes with one AGP slot, in use by the Radeon 9250, and three
PCI slots. The CPU-card is replaceable and CPU-upgrades will be made
available at a later date.
A few of the new ODWs have found their way to Gentoo developers already,
with one machine donated to Oregon State University currently being used
by the Hardened Gentoo team, and yet another donated mainboard assembled
to serve by Corey Shields[3]. A second board is scheduled to be put in a
crystal case and displayed at the Gentoo booth in San Francisco at the
Linux World Expo in August. Another of the double RAM, double HDD space
machines went to PPC developer Joseph Jezak[4], bringing the total number
of donated Genesi ODWs of both generations that have been brought to use
in Gentoo development to almost twenty.
3. cshields@g.o
4. josejx@g.o
New Gentoo/MIPS SGI LiveCD
--------------------------
The first iteration of the SGI LiveCD worked only on a few assorted
systems. Several months down the line, Joshua Kinard[5] now has the
pleasure of announcing a new one that not only supports most SGI hardware
available, but also autodetects what system and CPU is present, loads the
right kernel and passes every parameter needed to get your Indy, Indigo2,
Octane or O2 booted successfully.
5. kumba@g.o
While still being labeled experimental, the new CD benefits from the
awesome new bootloader for SGI systems called ARCLoad, developed by
Stanislaw Skowronek[6], replacing the older arcboot. ARCLoad itself will
be made available in Portage soon those wanting to boot directly off their
hard disks. The compressed LiveCD image is slim enough to fit in 15MB of
Kumba's devspace[7] where it's available for download along with
instructions for the different types of SGI machines.
6. sskowron@...
7. http://dev.gentoo.org/~kumba/mips/releases/livecd-rc4/
GuideXML editor released
------------------------
Christian Hartmann[8] (ian!) has released a new version of his Perl-driven
WYSIWIG editor for Gentoo's documentation, gendocedit. Originally written
to help ease the process of translating documents from English to other
languages, the current version is able to output clean GuideXML that's fit
for inclusion on the Gentoo website. Since accurate, up-to-date
documentation is one of the most valuable assets for the Gentoo project, a
tool that helps authoring it is a welcome addition by anyone's standard.
Speaking of documentation, a user manual for gendocedit isn't available
yet, but it's pretty much self-explanatory, and is entirely governed by a
GPL2 license, free for anyone to mend and bend and make better in the
process. Downloads for version 0.4 can be made from ian!'s own website[9].
Currently not for the faint at heart yet, since dependencies require
highly unstable environments, including a package-masked MySQL version.
8. ian@g.o
9. http://download.iansview.com/gendocedit/releases/gendocedit-0.40.tar.gz
========================
2. Developer of the week
========================
"Gentoo is LinuxFromScratch on acid" -- Michael Cummings
--------------------------------------------------------
Figure 2.1: Michael Cummings aka mcummings
http://www.gentoo.org/images/gwn/20050613_mcummings.jpg
This week's victim for the featured developer column is Michael
Cummings[10], a self-proclaimed prankster and Gentoo Perl Monkey. The
latter has him hacking all things Perl (especially the package splits in
perl-*), the former mostly making fun of users in ways that don't offend
them. He's had quite some competition for that role lately, so Michael has
to do more Perl work to compensate for that.
10. mcummings@g.o
Like most other devs Michael got pulled in through fixing a few bugs and
trying to help with things that were not working as planned - Gentoo is
his first open-source project. Some of the things that came from working
on Perl are "bugger" (a command-line bugzilla tool) and g-cpan, a Perl
module managment tool for Gentoo.
In real life Michael graduated in 97 from Virginia Tech with a degree in
Political Science (with a minor in Philosophy), from where he got to his
job of "web application administration, installation, troubleshooting,
securing, fixing breaking" for an undisclosed employer. Surprisingly he
uses Perl a lot, but after a long time of using blackbox he has recently
changed to KDE 3.4 because the integration of applications is just right
for him. Unsurprisingly his main computer is a run-of-the-mill Pentium4
box, and there's also a SPARC machine doing a few things.
Outside of Gentoo his greatest hobby is his family: a wife, two daughters
and a dog. They live in the US-state of Virginia, on the "south side" of
Fredericksburg. His work is about 45 minutes to an hour away, meaning he
gets up, drives for a long time, slacks and works a bit, drives back and
plays with the kids. That doesn't leave very much time, but the progress
in Perl he's made for Gentoo is still more than respectable. His choice of
favourite quotes shows a high degree of reliability, too: "If the
apocalypse comes, page me," as Buffy the vampire slayer puts it.
=========================
3. Heard in the community
=========================
Web forums
----------
Having fun with automation
Bekker, a new user on the Gentoo Forums, saw a Ubuntu feature he liked and
tried to reproduce the experience in Gentoo: on insertion of a memory
stick an icon appears on the desktop, without even mounting it. One way to
get this to work is with udev, d-bus, HAL and gnome-volume-manager, says
the friendly helper crowd. The thread is in Dutch, but setting this up is
quite easy, and documentation exists in many other places.
* Having fun with automation[11] (in Dutch)
11. http://forums.gentoo.org/viewtopic-t-347194.html
gentoo-dev
----------
Minimal perl install
Michael Cummings[12] tells of a reduced-size Perl base package. It's
experimental right now and doesn't play nice with the rest of perl, but at
930k (instead of 12300) it might be a nice alternative for LiveCDs and
other constrained areas of Gentoo.
12. mcummings@g.o
* Minimal perl install [13]
* Bug with a minimal perl ebuild[14]
13. http://thread.gmane.org/gmane.linux.gentoo.devel/28648
14. http://bugs.gentoo.org/show_bug.cgi?id=95038
Where goes Gentoo?
Aron Griffis[15] starts a really long thread about where Gentoo is today,
where it might go in the future and all the other questions that pop up in
Gentooland. Parts of it might be inflammatory, but it's a recurring theme
that never got fully answered in previous discussions.
15. agriffis@g.o
* Where goes Gentoo? [16]
16. http://thread.gmane.org/gmane.linux.gentoo.devel/28633
ekeyword and ordering
In the past the policy on keyword ordering in ebuilds was never fully
agreed on and formalized. So while at one point the keywords were added in
chronological order, others were added in alphabetical order. What happens
when those two ideas clash is this amazingly long thread that elaborates
all advantages and disadvantages that could arise from a change in policy.
* ekeyword and ordering [17]
17. http://thread.gmane.org/gmane.linux.gentoo.devel/28628
=======================
4. Gentoo International
=======================
Brazil:
--------
As happened last year, the Brazilian Gentooists held a meeting during the
6th edition of International Free Software Forum[18], in Porto Alegre,
south of Brazil. Thanks to their big banner, the Gentooists' booth could
be easily indentified in the middle of the crowd thus making it easy for
the visitors to come and get support, installation CDs and chat with the
local Gentoo community.
18. http://fisl.softwarelivre.org/6.0/
Figure 4.1: Brazilian Gentooists mounting the booth at FISL
http://www.gentoo.org/images/gwn/20050613_fisl.jpg
Note: Left to right: Gustavo R. Piske (AngusYoung), Diego R. Grein
(AngrA), Vanessa Sabino (Bani), Wagner Martins (Chatoo), Eric Raymond,
Luiz Agostinho (fl0cker) and Santos (santos). Photo credit: Vanessa Sabino
======================
5. Gentoo in the press
======================
Linux Magazine Brazilian Edition (June 2005)
--------------------------------------------
The Brazilian edition of Linux Magazine[19] has an i686 Gentoo Linux
2005.0 installation CD (with stages) in its brandnew June issue. Not only
that, but they also provide a step-by-step stage1 installation tutorial
written by Marcelo V. Lima and William Ferraz.
19. http://www.linux-magazine.com.br/
PC Magazin (8 June 2005)
------------------------
In an interview[20] with the German general interest computing magazine PC
Magazin, former Debian project leader Martin Michlmayer speaks out about
the reasons for the longish Sarge delay, the relationship with Ubuntu, and
other things over at Debian that could use some refurbishing. "Gentoo has
a number of good ideas," acknowledges the Debian veteran of ten years,
"For example the easy adaptation of configuration variables to the user's
needs will hopefully find their way into Debian, too."
20. http://www.pc-magazin.de/common/nws/einemeldung.php?id=38503
Linuxfr.org (8 June 2005)
-------------------------
The French Linux site posted an announcement[21] for a reverse proxy based
on Apache and mod_perl called "VultureNG", mentioning that it's already in
Portage. The proxy integrates authentication at remote sites and makes
them available to various applications.
21. http://linuxfr.org/2005/06/12/19095.html
Process of Elimination (4 June 2005)
------------------------------------
Matt T. Proud shares a few of his KDE 3.5 observations[22], including
plenty of screenshots. For the purpose of checking out the new features in
the upcoming version of KDE, he built it from the latest subversion
snapshots on a "Gentoo stable" host.
22. http://process-of-elimination.net/?q=kde_3_5_observations
===========================
6. Moves, adds, and changes
===========================
Moves
-----
The following developers recently left the Gentoo team:
* None this week
Adds
----
The following developers recently joined the Gentoo Linux team:
* Shyam Mani (fox2mike) - Documentation
* Chris Hotchkiss (chotchki) - Installer project
Changes
-------
The following developers recently changed roles within the Gentoo Linux
project:
* None this week
==================
7. Gentoo security
==================
Mailutils: SQL Injection
------------------------
GNU Mailutils is vulnerable to SQL command injection attacks.
For more information, please see the GLSA Announcement[23]
23. http://www.gentoo.org/security/en/glsa/glsa-200506-02.xml
Dzip: Directory traversal vulnerability
---------------------------------------
Dzip is vulnerable to a directory traversal attack.
For more information, please see the GLSA Announcement[24]
24. http://www.gentoo.org/security/en/glsa/glsa-200506-03.xml
Wordpress: Multiple vulnerabilities
-----------------------------------
Wordpress contains SQL injection and XSS vulnerabilities.
For more information, please see the GLSA Announcement[25]
25. http://www.gentoo.org/security/en/glsa/glsa-200506-04.xml
SilverCity: Insecure file permissions
-------------------------------------
Executable files with insecure permissions can be modified causing an
unsuspecting user to run arbitrary code.
For more information, please see the GLSA Announcement[26]
26. http://www.gentoo.org/security/en/glsa/glsa-200506-05.xml
libextractor: Multiple overflow vulnerabilities
-----------------------------------------------
libextractor is affected by several overflow vulnerabilities in the PDF,
Real and PNG extractors, making it vulnerable to execution of arbitrary
code.
For more information, please see the GLSA Announcement[27]
27. http://www.gentoo.org/security/en/glsa/glsa-200506-06.xml
Ettercap: Format string vulnerability
-------------------------------------
A format string vulnerability in Ettercap could allow a remote attacker to
execute arbitrary code.
For more information, please see the GLSA Announcement[28]
28. http://www.gentoo.org/security/en/glsa/glsa-200506-07.xml
GNU shtool, ocaml-mysql: Insecure temporary file creation
---------------------------------------------------------
GNU shtool and ocaml-mysql are vulnerable to symlink attacks, potentially
allowing a local user to overwrite arbitrary files.
For more information, please see the GLSA Announcement[29]
29. http://www.gentoo.org/security/en/glsa/glsa-200506-08.xml
gedit: Format string vulnerability
----------------------------------
gedit suffers from a format string vulnerability that could allow
arbitrary code execution.
For more information, please see the GLSA Announcement[30]
30. http://www.gentoo.org/security/en/glsa/glsa-200506-09.xml
LutelWall: Insecure temporary file creation
-------------------------------------------
LutelWall is vulnerable to symlink attacks, potentially allowing a local
user to overwrite arbitrary files.
For more information, please see the GLSA Announcement[31]
31. http://www.gentoo.org/security/en/glsa/glsa-200506-10.xml
Gaim: Denial of Service vulnerabilities
---------------------------------------
Gaim contains two remote Denial of Service vulnerabilities.
For more information, please see the GLSA Announcement[32]
32. http://www.gentoo.org/security/en/glsa/glsa-200506-11.xml
===========
8. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[33]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 05 June 2005 and 12 June 2005, activity on the
site has resulted in:
33. http://bugs.gentoo.org
* 746 new bugs during this period
* 437 bugs closed or resolved during this period
* 28 previously closed bugs were reopened this period
Of the 8435 currently open bugs: 86 are labeled 'blocker', 214 are labeled
'critical', and 599 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* Printing Team[34], with 29 closed bugs[35]
* Gentoo KDE team[36], with 21 closed bugs[37]
* Gentoo Security[38], with 19 closed bugs[39]
* Gentoo Games[40], with 18 closed bugs[41]
* Gentoo Linux Gnome Desktop Team[42], with 15 closed bugs[43]
* Gentoo's Team for Core System packages[44], with 12 closed bugs[45]
* Mobile Herd[46], with 10 closed bugs[47]
* Xavier Neys[48], with 9 closed bugs[49]
34. printing@g.o
35.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=printing@g.o
36. kde@g.o
37.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=kde@g.o
38. security@g.o
39.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=security@g.o
40. games@g.o
41.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=games@g.o
42. gnome@g.o
43.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=gnome@g.o
44. base-system@g.o
45.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=base-system@g.o
46. mobile@g.o
47.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=mobile@g.o
48. neysx@g.o
49.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-06-05&chfieldto=2005-06-12&resolution=FIXED&assigned_to=neysx@g.o
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* Gentoo Sound Team[50], with 16 new bugs[51]
* AMD64 Porting Team[52], with 13 new bugs[53]
* Gentoo Linux Gnome Desktop Team[54], with 11 new bugs[55]
* Gentoo Toolchain Maintainers[56], with 9 new bugs[57]
* Gentoo Science Related Packages[58], with 9 new bugs[59]
* Sergey Kuleshov[60], with 8 new bugs[61]
* X11 External Driver Maintainers[62], with 6 new bugs[63]
* Robin Johnson[64], with 6 new bugs[65]
50. sound@g.o
51.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=sound@g.o
52. amd64@g.o
53.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=amd64@g.o
54. gnome@g.o
55.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=gnome@g.o
56. toolchain@g.o
57.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=toolchain@g.o
58. sci@g.o
59.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=sci@g.o
60. svyatogor@g.o
61.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=svyatogor@g.o
62. x11-drivers@g.o
63.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=x11-drivers@g.o
64. robbat2@g.o
65.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-06-05&chfieldto=2005-06-12&assigned_to=robbat2@g.o
===============
9. GWN feedback
===============
Please send us your feedback[66] and help make the GWN better.
66. gwn-feedback@g.o
================================
10. GWN subscription information
================================
To subscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn+subscribe@g.o.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn+unsubscribe@g.o from the email address you are
subscribed under.
===================
11. Other languages
===================
The Gentoo Weekly Newsletter is also available in the following languages:
* Danish[67]
* Dutch[68]
* English[69]
* German[70]
* French[71]
* Japanese[72]
* Italian[73]
* Polish[74]
* Portuguese (Brazil)[75]
* Portuguese (Portugal)[76]
* Russian[77]
* Spanish[78]
* Turkish[79]
67. http://www.gentoo.org/news/da/gwn/gwn.xml
68. http://www.gentoo.org/news/nl/gwn/gwn.xml
69. http://www.gentoo.org/news/en/gwn/gwn.xml
70. http://www.gentoo.org/news/de/gwn/gwn.xml
71. http://www.gentoo.org/news/fr/gwn/gwn.xml
72. http://www.gentoo.org/news/ja/gwn/gwn.xml
73. http://www.gentoo.org/news/it/gwn/gwn.xml
74. http://www.gentoo.org/news/pl/gwn/gwn.xml
75. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
76. http://www.gentoo.org/news/pt/gwn/gwn.xml
77. http://www.gentoo.org/news/ru/gwn/gwn.xml
78. http://www.gentoo.org/news/es/gwn/gwn.xml
79. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@g.o> - Editor
David Holm <dholm@g.o> - Author
Patrick Lauer <patrick@g.o> - Author
Otavio R. Piske <angusyoung@g.o> - Author
--
gentoo-gwn@g.o mailing list
|
