Gentoo Logo
Gentoo Spaceship




Note: Due to technical difficulties, the Archives are currently not up to date. GMANE provides an alternative service for most mailing lists.
c.f. bug 424647
List Archive: gentoo-gwn
Navigation:
Lists: gentoo-gwn: < Prev By Thread Next > < Prev By Date Next >
Headers:
To: gentoo-gwn@g.o
From: Yuji Kosugi <carlos@g.o>
Subject: Gentoo Weekly Newsletter - Volume 3, Issue 13
Date: Tue, 30 Mar 2004 11:17:00 -0500
---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of March 29th, 2004.
---------------------------------------------------------------------------
 
==============
1. Gentoo News
==============
  
Support for multiple MTAs with mailwrapper
------------------------------------------
  
Since 17 March 2004, Gentoo has slowly been gaining support for having 
multiple mail transfer agents (MTAs) installed simultaneously by using a 
version of mailwrapper[1] that has been ported from {Free,Open,Net}BSD to 
Linux.

 1. 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mail-changingmta.
html
 
The problem is an old one. Because sendmail was the MTA of choice for so 
long, many mail clients just expect a /usr/sbin/sendmail program to exist 
on the system that does the "right thing" when invoked with the usual 
sendmail command flags. Consequently, every modern MTA installs either a 
/usr/sbin/sendmail binary or a symbolic link that points 
/usr/sbin/sendmail to the actual MTA binary. Installing more than one MTA 
then becomes rather difficult, since each MTA will want to install its own 
version of /usr/sbin/sendmail (and, in the process, clobbering any 
already-existing version of /usr/sbin/sendmail).
 
The solution to this problem that mailwrapper provides is to have 
/usr/sbin/sendmail be a binary that executes the true MTA binary by 
looking up the location of the desired MTA in an /etc/mailer.conf text 
file. For example, somebody who has both sendmail and postfix installed 
might have an /etc/mailer.conf file that contains:
 
---------------------------------------------------------------------------
| Code Listing 1.1:                                                       |
| Example /etc/mailer.conf                                                |
---------------------------------------------------------------------------
|                                                                         |
|# Postfix                                                                |
|sendmail        /usr/sbin/sendmail.postfix                               |
|send-mail       /usr/sbin/sendmail.postfix                               |
|mailq           /usr/sbin/sendmail.postfix                               |
|newaliases      /usr/sbin/sendmail.postfix                               |
|# Sendmail                                                               |
|#sendmail       /usr/sbin/sendmail.sendmail                              |
|#send-mail      /usr/sbin/sendmail.sendmail                              |
|#mailq          /usr/sbin/sendmail.sendmail                              |
|#newaliases     /usr/sbin/sendmail.sendmail                              |
|#hoststat       /usr/sbin/sendmail.sendmail                              |
|#purgestat      /usr/sbin/sendmail.sendmail                              |
|                                                                         |
---------------------------------------------------------------------------
 
With this version of /etc/mailer.conf, any attempt to run 
/usr/sbin/sendmail would actually run /usr/sbin/sendmail.postfix. 
Switching from postfix to sendmail, on the other hand, whould require 
nothing more than commenting out the postfix lines and uncommenting the 
sendmail lines in /etc/mailer.conf.
 
Right now the latest unstable (~arch) versions of ssmtp, postfix, exim, 
and sendmail have been modified to take advantage of mailwrapper. Since 
each new MTA ebuild installs a default version of /etc/mailer.conf with 
the lines for that mailer uncommented, most users will be able to upgrade 
or install one of these mailwrapper-enabled MTA packages without ever 
having to worry about mailwrapper. For users who want to try out various 
MTAs, however, support for doing so rather painlessly is either available 
already, or it will be there soon. 
 
Users who have installed or upgraded a recent unstable versions of ssmtp, 
postfix, exim, or sendmail might have noticed that net-mail/mailwrapper 
was pulled in as a dependency. The mailwrapper package has been ported to 
linux from {free,open,net}BSD[2] and it provides a /usr/sbin/sendmail 
binary that checks /etc/mailer.conf to see which program should actually 
get executed when /usr/sbin/sendmail (or a symlink to /usr/sbin/sendmail) 
is called. 

 2. 
http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/mail-changingmta.
html
    
Apache2 upgrade
---------------
  
Apache 2.0.49 has been added to Portage, and marked stable; see below for 
a GLSA about some security holes in 2.0.48. Users upgrading from 
apache-2.0.48-r1 and earlier need to note that some files have been moved 
from /etc/apache2 to /usr/lib/apache2. Specifically, users will need to 
manually remove these directories once they have emerged apache-2.0.49: 
 
---------------------------------------------------------------------------
| Code Listing 1.1:                                                       |
| Directories that need to be manually removed                            |
---------------------------------------------------------------------------
|                                                                         |
|/etc/apache2/lib                                                         |
|/etc/apache2/logs                                                        |
|/etc/apache2/modules                                                     |
|/etc/apache2/extramodules                                                |
|                                                                         |
---------------------------------------------------------------------------
    
Gentoo Linux seeking a dedicated Apache maintainer
--------------------------------------------------
  
The Gentoo Linux Project is seeking a dedicated Apache maintainer. As this 
week's GLSA has shown, it's clear that there needs to be at least one 
Gentoo developer whose main responsibility is to look after the Apache 
ebuilds and the associated modules in the Portage tree. We're looking for 
a dedicated developer with a good knowledge of Apache and modules, as well 
as general development experience. If you're interested, send an email to 
Stuart Herbert[3] with some background information. 

 3. stuart@g.o
    
==================
2. Gentoo Security
==================
  
Multiple security vulnerabilities in Apache 2
---------------------------------------------
  
A memory leak in mod_ssl allows a remote denial of service attack against 
an SSL-enabled server via plain HTTP requests. Another flaw was found when 
arbitrary client-supplied strings can be written to the error log, 
allowing the exploit of certain terminal emulators. A third flaw exists 
with the mod_disk_cache module. 
 
For more information, please see the GLSA Announcement[4] 

 4. http://www.gentoo.org/security/en/glsa/glsa-200403-04.xml
    
UUDeview MIME Buffer Overflow
-----------------------------
  
A specially-crafted MIME file (.mim, .uue, .uu, .b64, .bhx, .hqx, and .xxe 
extensions) may cause UUDeview to crash or execute arbitrary code. 
 
For more information, please see the GLSA Announcement[5] 

 5. http://www.gentoo.org/security/en/glsa/glsa-200403-05.xml
    
Multiple remote buffer overflow vulnerabilities in Courier
----------------------------------------------------------
  
Remote buffer overflow vulnerabilites have been found in Courier-IMAP and 
Courier MTA. These exploits may allow the execution of abritrary code, 
allowing unauthorized access to a vulnerable system. 
 
For more information, please see the GLSA Announcement[6] 

 6. http://www.gentoo.org/security/en/glsa/glsa-200403-06.xml
    
Multiple remote overflows and vulnerabilities in Ethereal
---------------------------------------------------------
  
Mulitple overflows and vulnerabilities exist in Ethereal which may allow 
an attacker to crash the program or run arbitrary code. 
 
For more information, please see the GLSA Announcement[7] 

 7. http://www.gentoo.org/security/en/glsa/glsa-200403-07.xml
    
oftpd DoS vulnerability
-----------------------
  
A remotely-exploitable overflow exists in oftpd, allowing an attacker to 
crash the oftpd daemon. 
 
For more information, please see the GLSA Announcement[8] 

 8. http://www.gentoo.org/security/en/glsa/glsa-200403-08.xml
    
Buffer overflow in Midnight Commander
-------------------------------------
  
A remotely-exploitable buffer overflow in Midnight Commander allows 
arbitrary code to be run on a user's computer 
 
For more information, please see the GLSA Announcement[9] 

 9. http://www.gentoo.org/security/en/glsa/glsa-200403-09.xml
    
=========================
3. Heard in the Community
=========================
  
gentoo-user
-----------
  
Saving space in /usr
 
It can be easy to underestimate how much space /usr/portage may take up, 
and occasionally moving /usr/portage[10] can be a quick and painless 
solution!

 10. http://thread.gmane.org/gmane.linux.gentoo.user/72590
 
Console Eye Candy
 
Check out some of the things some other Gentoo users have done with their 
shell prompts as well as a handy escape code color table in this 
thread[11]! 

 11. http://thread.gmane.org/gmane.linux.gentoo.user/72360
    
gentoo-dev
----------
  
Shell choices.
 
Although bash tends to be the overwhelming standard, perhaps there is some 
room for choice. Despite some bash dependancies in rc-scripts, there are 
ways around this.Here[12] is a thread discussing the option of giving a 
little more choice in this area.

 12. http://article.gmane.org/gmane.linux.gentoo.devel/17010/
 
Secure Portage.
 
Something that we are all in great expectation is the securing of our 
favorite tree with gpg-signatures. However we will have to wait a little 
longer as some issues have come up that need to be resolved first. To 
check out what's going on in the process, have a look here[13]. But watch 
out! It's a long one!

 13. http://article.gmane.org/gmane.linux.gentoo.devel/16876/
    
===========
4. Bugzilla
===========
  
Summary
-------
  
 * Statistics 
 * Closed Bug Ranking 
 * New Bug Rankings 
    
Statistics
----------
  
The Gentoo community uses Bugzilla (bugs.gentoo.org[14]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 19 March 2004 and 25 March 2004, activity on the 
site has resulted in: 

 14. http://bugs.gentoo.org
 
 * 571 new bugs during this period 
 * 327 bugs closed or resolved during this period 
 * 14 previously closed bugs were reopened this period 
 
Of the 5446 currently open bugs: 129 are labeled 'blocker', 216 are 
labeled 'critical', and 447 are labeled 'major'. 
    
Closed Bug Rankings
-------------------
  
The developers and teams who have closed the most bugs during this period 
are: 
 
 * Jeremy Huddleston[15], with 34 closed bugs[16]  
 * AMD64 Porting Team[17], with 30 closed bugs[18]  
 * Gentoo LiveCD Team[19], with 19 closed bugs[20]  
 * Gentoo Gnome Desktop Team[21], with 16 closed bugs[22]  
 * Gentoo KDE Team[23], with 12 closed bugs[24]  
 15. eradicator@g.o
 16. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-03-19&chfieldto=2004-03-25&resolution=FIX
ED&assigned_to=eradicator@g.o
 17. amd64@g.o
 18. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-03-19&chfieldto=2004-03-25&resolution=FIX
ED&assigned_to=amd64@g.o
 19. livecd@g.o
 20. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-03-19&chfieldto=2004-03-25&resolution=FIX
ED&assigned_to=livecd@g.o
 21. gnome@g.o
 22. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-03-19&chfieldto=2004-03-25&resolution=FIX
ED&assigned_to=gnome@g.o
 23. kde@g.o
 24. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-03-19&chfieldto=2004-03-25&resolution=FIX
ED&assigned_to=kde@g.o
    
New Bug Rankings
----------------
  
The developers and teams who have been assigned the most new bugs during 
this period are: 
 
 * x86 Kernel Team[25], with 25 new bugs[26]  
 * Gentoo Gnome Desktop Team[27], with 17 new bugs[28]  
 * Gentoo KDE Team[29], with 14 new bugs[30]  
 * Core System Packages Team[31], with 14 new bugs[32]  
 * AMD64 Porting Team[33], with 12 new bugs[34]  
 25. x86-kernel@g.o
 26. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-03-19&chfieldto=2004-03
-25&assigned_to=x86-kernel@g.o
 27. gnome@g.o
 28. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-03-19&chfieldto=2004-03
-25&assigned_to=gnome@g.o
 29. kde@g.o
 30. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-03-19&chfieldto=2004-03
-25&assigned_to=kde@g.o
 31. base-system@g.o
 32. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-03-19&chfieldto=2004-03
-25&assigned_to=base-system@g.o
 33. amd64@g.o
 34. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-03-19&chfieldto=2004-03
-25&assigned_to=amd64@g.o

    
==================
5. Tips and Tricks
==================
  
Timezone conversion using date
------------------------------
  
Many users may already use date to check the time from a console, but this 
week we're going to show you how it can be used to convert timezones. For 
example, most Gentoo announcements are timestamped in UTC. To convert a 
time to your timezone, use the following, which uses /etc/localtime to 
determine the target timezone:
 
---------------------------------------------------------------------------
| Code Listing 5.1:                                                       |
| Converting to the local timezone                                        |
---------------------------------------------------------------------------
|                                                                         |
|% date -d '17:00 UTC'                                                    |
|Sun Mar 28 12:00:00 EST 2004                                             |
|                                                                         |
---------------------------------------------------------------------------
 
If you want to convert to a different timezone, you can set the TZ 
enviornment variable to the appropriate timezone. There's a pitfall here: 
if GNU date doesn't find TZ in /usr/share/zoneinfo, it'll fall back to 
/etc/localtime without warning or error, so be careful. Here's an example 
of doing the reverse conversion from the previous example:
 
---------------------------------------------------------------------------
| Code Listing 5.2:                                                       |
| Converting to UTC                                                       |
---------------------------------------------------------------------------
|                                                                         |
|% TZ=UTC date -d '12:00 EST'                                             |
|Sun Mar 28 17:00:00 EST 2004                                             |
---------------------------------------------------------------------------
    
===========================
6. Moves, Adds, and Changes
===========================
  
Moves
-----
  
The following developers recently left the Gentoo team: 
 * none this week 
 
Adds
----
  
The following developers recently joined the Gentoo Linux team:
 
 * Jodok Batlogg (batlogg) - net-zope, plone 
 * Jason Cox (steel300) - kernel 
 * Jochen Maes (sejo) - ppc 
 * James Maynard (jmaynard) - alpha 
    
Changes
-------
  
The following developers recently changed roles within the Gentoo Linux 
project:
 
 * none this week 
    
====================
7. Contribute to GWN
====================
   
Interested in contributing to the Gentoo Weekly Newsletter? Send us an 
email[35].

 35. gwn-feedback@g.o
    
===============
8. GWN Feedback
===============
   
Please send us your feedback[36] and help make the GWN better.

 36. gwn-feedback@g.o
    
===============================
9. GWN Subscription Information
===============================
   
To subscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn-subscribe@g.o.
 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn-unsubscribe@g.o from the email address you are 
subscribed under.
    
===================
10. Other Languages
===================
   
The Gentoo Weekly Newsletter is also available in the following languages:
 
 * Dutch[37] 
 * English[38] 
 * German[39] 
 * French[40] 
 * Japanese[41] 
 * Italian[42] 
 * Polish[43] 
 * Portuguese (Brazil)[44] 
 * Portuguese (Portugal)[45] 
 * Russian[46] 
 * Spanish[47] 
 * Turkish[48] 
 37. http://www.gentoo.org/news/be/gwn/gwn.xml
 38. http://www.gentoo.org/news/en/gwn/gwn.xml
 39. http://www.gentoo.org/news/de/gwn/gwn.xml
 40. http://www.gentoo.org/news/fr/gwn/gwn.xml
 41. http://www.gentoo.org/news/ja/gwn/gwn.xml
 42. http://www.gentoo.org/news/it/gwn/gwn.xml
 43. http://www.gentoo.org/news/pl/gwn/gwn.xml
 44. http://www.gentoo.org/news/br/gwn/gwn.xml
 45. http://www.gentoo.org/news/pt/gwn/gwn.xml
 46. http://www.gentoo.org/news/ru/gwn/gwn.xml
 47. http://www.gentoo.org/news/es/gwn/gwn.xml
 48. http://www.gentoo.org/news/tr/gwn/gwn.xml
   
Yuji Carlos Kosugi <carlos@g.o> - Editor
AJ Armstrong <aja@...> - Contributor
Brian Downey <bdowney@...> - Contributor
Luke Giuliani <cold_flame@...> - Contributor
Grant Goodyear <g2boojum@g.o> - Contributor
Aron Griffis <agriffis@g.o> - Contributor
Stuart Herbert <stuart@g.o> - Contributor
Kurt Lieber <klieber@g.o> - Contributor
Rafael Cordones Marcos <rcm@...> - Contributor
David Narayan <david@...> - Contributor
David Nielsen <Lovechild@...> - Contributor
Ulrich Plate <plate@g.o> - Contributor
Hendrik Eeckhaut <Hendrik.Eeckhaut@...> - Dutch Translation
Jorn Eilander <sephiroth@...> - Dutch Translation
Bernard Kerckenaere <bernieke@...> - Dutch Translation
Peter ter Borg <peter@...> - Dutch Translation
Jochen Maes <linux@...> - Dutch Translation
Roderick Goessen <rgoessen@...> - Dutch Translation
Gerard van den Berg <gerard@...> - Dutch Translation
Matthieu Montaudouin <mat@...> - French Translation
Xavier Neys <neysx@g.o> - French Translation
Martin Prieto <riverdale@...> - French Translation
Antoine Raillon <cabec2@...> - French Translation
Sebastien Cevey <seb@...> - French Translation
Jean-Christophe Choisy <mabouya@...> - French Translation
Thomas Raschbacher <lordvan@g.o> - German Translation
Steffen Lassahn <madeagle@g.o> - German Translation
Matthias F. Brandstetter <haim@g.o> - German Translation
Lukas Domagala <Cyrik@g.o> - German Translation
Tobias Scherbaum <dertobi123@g.o> - German Translation
Daniel Gerholdt <Sputnik1969@g.o> - German Translation
Marc Herren <dj-submerge@g.o> - German Translation
Tobias Matzat <SirSeoman@g.o> - German Translation
Marco Mascherpa <mush@...> - Italian Translation
Claudio Merloni <paper@...> - Italian Translation
Christian Apolloni <bsolar@...> - Italian Translation
Stefano Lucidi <stefano.lucidi@...> - Italian Translation
Katuyuki Konno <katuyuki@...> - Japanese Translation
Hiroyuki Takeda <hiro@...> - Japanese Translation
Masato Hatakeyama <hatake@...> - Japanese Translation
Masayoshi Nakamura <masayang@...> - Japanese Translation
Yasunori Fukudome <yasunori@...> - Japanese Translation
Tomoyuki Sakurai <web-gentoo-doc-jp@...> - Japanese Translation
Radoslaw Janeczko <sototh@...> - Polish Translation
Lukasz Strzygowski <lucass.home@...> - Polish Translation
Michal Drobek <veng@...> - Polish Translation
Adam Lyjak <apo@...> - Polish Translation
Krzysztof Klimonda <cthulhu@...> - Polish Translation
Atila "Jedi" Bohlke Vasconcelos <bohlke@...> - Portuguese 
(Brazil) Translation
Eduardo Belloti <dudu@...> - Portuguese (Brazil) Translation
Jo??o Rafael Moraes Nicola <joaoraf@...> - Portuguese (Brazil) 
Translation
Marcelo Gon??alves de Azambuja <mgazambuja@...> - Portuguese 
(Brazil) Translation
Otavio Rodolfo Piske <angusy@...> - Portuguese (Brazil) 
Translation
Pablo N. Hess -- NatuNobilis <natunobilis@...> - Portuguese 
(Brazil) Translation
Pedro de Medeiros <pzilla@...> - Portuguese (Brazil) Translation
Ventura Barbeiro <venturasbarbeiro@...> - Portuguese (Brazil) 
Translation
Bruno Ferreira <blueroom@...> - Portuguese (Portugal) 
Translation
Gustavo Felisberto <humpback@...> - Portuguese (Portugal) 
Translation
Jos?? Costa <jose_costa@...> - Portuguese (Portugal) Translation
Luis Medina <metalgodin@...> - Portuguese (Portugal) Translation
Ricardo Loureiro <rjlouro@...> - Portuguese (Portugal) Translation
Aleksandr Martyncev <amncorp@...> - Russian Translator
Sergey Galkin <gals_home@...> - Russian Translator
Sergey Kuleshov <svyatogor@g.o> - Russian Translator
Alex Spirin <asp13@...> - Russian Translator
Denis Zaletov <dzaletov@...> - Russian Translator
Lanark <lanark@...> - Spanish Translation
Fernando J. Pereda <ferdy@...> - Spanish Translation
Lluis Peinado Cifuentes <lpeinado@...> - Spanish Translation
Zephryn Xirdal T <ZEPHRYNXIRDAL@...> - Spanish Translation
Guillermo Juarez <katossi@...> - Spanish Translation
Jes??s Garc??a Crespo <correo@...> - Spanish Translation
Carlos Castillo <carlos@...> - Spanish Translation
Julio Castillo <julio@...> - Spanish Translation
Sergio G??mez <s3r@...> - Spanish Translation
Aycan Irican <aycan@...> - Turkish Translation
Bugra Cakir <bugra@...> - Turkish Translation
Cagil Seker <cagils@...> - Turkish Translation
Emre Kazdagli <emre@...> - Turkish Translation
Evrim Ulu <evrim@...> - Turkish Translation
Gursel Kaynak <gurcell@...> - Turkish Translation
Attachment:
pgp9jaNIMvJCE.pgp (PGP signature)
Navigation:
Lists: gentoo-gwn: < Prev By Thread Next > < Prev By Date Next >
Previous by thread:
Gentoo Weekly Newsletter - Volume 3, Issue 12
Next by thread:
Gentoo Weekly Newsletter - Volume 3, Issue 14
Previous by date:
Gentoo Weekly Newsletter - Volume 3, Issue 12
Next by date:
Gentoo Weekly Newsletter - Volume 3, Issue 14


Updated Jun 17, 2009

Summary: Archive of the gentoo-gwn mailing list.

Donate to support our development efforts.

Copyright 2001-2013 Gentoo Foundation, Inc. Questions, Comments? Contact us.