| 1 |
--------------------------------------------------------------------------- |
| 2 |
Gentoo Weekly Newsletter |
| 3 |
http://www.gentoo.org/news/en/gwn/current.xml |
| 4 |
This is the Gentoo Weekly Newsletter for the week of January 20th, 2003. |
| 5 |
--------------------------------------------------------------------------- |
| 6 |
|
| 7 |
============== |
| 8 |
1. Gentoo News |
| 9 |
============== |
| 10 |
|
| 11 |
Summary |
| 12 |
------- |
| 13 |
|
| 14 |
* Next Release of Gentoo Linux to be 1.4_rc3 |
| 15 |
* Gentoo PPC developer presents at MIT |
| 16 |
|
| 17 |
|
| 18 |
Next Release of Gentoo Linux to be 1.4_rc3 |
| 19 |
------------------------------------------ |
| 20 |
|
| 21 |
The next release of Gentoo Linux is expected to be released as 1.4_rc3, |
| 22 |
rather than 1.4_final. This decision was based on a number of factors, |
| 23 |
including: |
| 24 |
|
| 25 |
* KDE 3.1 is not yet released, but is expected to be released imminently |
| 26 |
* The 2.4.20 kernel is experiencing IDE problems on x86. While patches |
| 27 |
are in the pipeline to fix these issues, they require more testing before |
| 28 |
being declared "stable" |
| 29 |
* gcc-3.2.1-r6 has been recently released and requires additional testing |
| 30 |
* Recent upgrades to XFree86 require additional testing |
| 31 |
|
| 32 |
And, most importantly, any final release of Gentoo Linux needs to be as |
| 33 |
stable as possible before being released to our users. |
| 34 |
|
| 35 |
Gentoo PPC developer presents at MIT |
| 36 |
------------------------------------ |
| 37 |
|
| 38 |
The following was a late addition to this week's GWN and therefore may not |
| 39 |
appear in all translated versions. |
| 40 |
|
| 41 |
Rajiv Manglani, one of Gentoo's developers for the PowerPC platform (and |
| 42 |
an alumni of the Massachusetts Institute of Technology himself), is going |
| 43 |
to give a presentation featuring an overview of Gentoo Linux and a demo of |
| 44 |
a finished system. Curtains go up at the MIT (building no. 4[1], room 237) |
| 45 |
on Tuesday, 21 January 2003, from 19:00-20:00, and if you plan on |
| 46 |
attending, please RSVP to sipb-iap-gentoo@×××.edu. |
| 47 |
|
| 48 |
1. http://whereis.mit.edu/bin/map?locate=bldg_4 |
| 49 |
|
| 50 |
================== |
| 51 |
2. Gentoo Security |
| 52 |
================== |
| 53 |
|
| 54 |
Summary |
| 55 |
------- |
| 56 |
|
| 57 |
* GLSA: dhcp |
| 58 |
* GLSA: fnord |
| 59 |
* GLSA: mod_php php |
| 60 |
* New Security Bug Reports |
| 61 |
|
| 62 |
|
| 63 |
GLSA: dhcp |
| 64 |
---------- |
| 65 |
|
| 66 |
ISC's dhcp package has several buffer overflow vulnerabilities which could |
| 67 |
permit an attacker to remotely execute arbitrary code. No exploits have |
| 68 |
been reported. |
| 69 |
|
| 70 |
* Severity: high - remote execution of code. |
| 71 |
* Packages Affected: net-misc/dhcp versions prior to dhcp-3.0_p2 (3.0_p2 |
| 72 |
is the fix package) |
| 73 |
* Rectification: Synchronize and emerge -u dhcp |
| 74 |
* GLSA Announcement[2] |
| 75 |
* Advisory[3] |
| 76 |
|
| 77 |
|
| 78 |
2. http://forums.gentoo.org/viewtopic.php?t=30721 |
| 79 |
3. http://www.cert.org/advisories/CA-2003-01.html |
| 80 |
|
| 81 |
GLSA: fnord |
| 82 |
----------- |
| 83 |
|
| 84 |
A buffer overrun in fnord's CGI code has been discovered. However, the |
| 85 |
affected function does not return, so it is unlikely that an exploit could |
| 86 |
be developed. |
| 87 |
|
| 88 |
* Severity: low - probably unexploitable. |
| 89 |
* Packages Affected: net-www/fnord-1.6 |
| 90 |
* Rectification: Synchronize and emerge -u fnord |
| 91 |
* GLSA Announcement[4] |
| 92 |
* Advisory[5] |
| 93 |
|
| 94 |
|
| 95 |
4. http://forums.gentoo.org/viewtopic.php?t=30720 |
| 96 |
5. http://www.fefe.de/fnord/ |
| 97 |
|
| 98 |
GLSA: mod_php php |
| 99 |
----------------- |
| 100 |
|
| 101 |
A flaw in php's wordwrap() function could, if used against user input, be |
| 102 |
subject to a buffer overfolow. No exploit has been reported. |
| 103 |
|
| 104 |
* Severity: moderate - difficult to exploit. |
| 105 |
* Packages Affected: dev-php/php-4.2.3 and earlier; dev-php/mod_php-4.2.3 |
| 106 |
and earlier |
| 107 |
* Rectification: Synchronize and emerge -u php and/or mod_php |
| 108 |
* GLSA Announcement[6] |
| 109 |
* Advisory[7] |
| 110 |
|
| 111 |
|
| 112 |
6. http://forums.gentoo.org/viewtopic.php?t=30004 |
| 113 |
7. http://marc.theaimsgroup.com/?|=bugtraq&m=104102689503192&w=2 |
| 114 |
|
| 115 |
New Security Bug Reports |
| 116 |
------------------------ |
| 117 |
|
| 118 |
New security bug reports this week include: |
| 119 |
|
| 120 |
* media-sound/mpg123[8] |
| 121 |
* app-editors/vim[9] |
| 122 |
|
| 123 |
|
| 124 |
8. http://bugs.gentoo.org/show_bug.cgi?id=14076 |
| 125 |
9. http://bugs.gentoo.org/show_bug.cgi?id=14088 |
| 126 |
|
| 127 |
========================= |
| 128 |
3. Heard In The Community |
| 129 |
========================= |
| 130 |
|
| 131 |
Web Forums |
| 132 |
---------- |
| 133 |
|
| 134 |
Gentoo on Laptops |
| 135 |
|
| 136 |
Anybody who's ever tried to put Linux from a Firewire or PCMCIA CD drive |
| 137 |
onto their notebook PC will instantly recognise the need for support, no |
| 138 |
matter how Linux-savvy you thought you were: This is the grand art of |
| 139 |
dealing with hardware that's been misconfigured by vendors and BIOS |
| 140 |
manglers for use with pre-installed operating systems beyond the point |
| 141 |
where a simple "install from CD" manual can bail you out. Fortunately, the |
| 142 |
forums are full of threads dealing with the peculiarities of portable PCs. |
| 143 |
There's even a Gentoo-driven movement to set up an alternative to |
| 144 |
Linux-on-Laptops.net, the most famous, but infrequently updated resource |
| 145 |
for anybody looking to install Linux on something they can carry about. |
| 146 |
Here's a collection of some of the more active threads in this field, |
| 147 |
topmost the pointer to Gentoo's own "Linux-on-the-go": |
| 148 |
|
| 149 |
* Linux On the Go[10] |
| 150 |
* Software suspend[11] |
| 151 |
* /proc/cpuinfo shows incorrect MHz for Pentium 800[12] |
| 152 |
* Is there a way to sync my laptop with my desktop?[13] |
| 153 |
* Vaio R505 w/ Slimdock[14] |
| 154 |
* LCD Screen X problems [15] |
| 155 |
|
| 156 |
|
| 157 |
10. http://forums.gentoo.org/viewtopic.php?t=28691 |
| 158 |
11. http://forums.gentoo.org/viewtopic.php?t=29159 |
| 159 |
12. http://forums.gentoo.org/viewtopic.php?t=29904 |
| 160 |
13. http://forums.gentoo.org/viewtopic.php?t=30247 |
| 161 |
14. http://forums.gentoo.org/viewtopic.php?t=29527 |
| 162 |
15. http://forums.gentoo.org/viewtopic.php?t=28563 |
| 163 |
|
| 164 |
Forum Surveys |
| 165 |
|
| 166 |
As the forum user base is steadily growing, the results of opinion polls |
| 167 |
are becoming more and more representative. The average Gentoo user seems |
| 168 |
to pay between 30 and 60 USD a month for a 500+ kbit/s Internet |
| 169 |
connection, lack proper chairs for their computer desks and drive around |
| 170 |
in Japanese pickup trucks. Most of these polls lack any sort of scientific |
| 171 |
value, but some of them are fun to watch. Impossible to list them all, |
| 172 |
check these popular ones and search yourself for others: |
| 173 |
|
| 174 |
* How much do you pay for your internet?[16] |
| 175 |
* How fast is your internet connection?[17] |
| 176 |
* Post a picture of your actual desktop[18] |
| 177 |
* What cars do you drive?[19] |
| 178 |
* So, what did you name YOUR computer(s)?[20] |
| 179 |
|
| 180 |
|
| 181 |
16. http://forums.gentoo.org/viewtopic.php?t=30510 |
| 182 |
17. http://forums.gentoo.org/viewtopic.php?t=26364 |
| 183 |
18. http://forums.gentoo.org/viewtopic.php?t=21997 |
| 184 |
19. http://forums.gentoo.org/viewtopic.php?t=30505 |
| 185 |
20. http://forums.gentoo.org/viewtopic.php?t=3300 |
| 186 |
|
| 187 |
Linux PDAs: Sharp Zaurus and Gentoo |
| 188 |
|
| 189 |
A fair number of threads deal with configuration issues to connect the |
| 190 |
currently best-known Linux PDAs, the Sharp Zaurus series, via |
| 191 |
USB-networking to their Gentoo desktops. Given the growing range of models |
| 192 |
and the rather cumbersome tuning necessities of the usbdnet driver, this |
| 193 |
is hardly astonishing, but in spite of all the tools being present in the |
| 194 |
kernel sources, many people in the forums have been unable to get it to |
| 195 |
run. If you have managed and remember how you did it, here's where you |
| 196 |
could make a few people very happy: |
| 197 |
|
| 198 |
* Zaurus network problem reward if your advice is successful![21] |
| 199 |
* usbdnet patch[22] |
| 200 |
* Zaurus and Gentoo[23] |
| 201 |
* Is the Sharp Zaurus any good?[24] |
| 202 |
|
| 203 |
|
| 204 |
21. http://forums.gentoo.org/viewtopic.php?t=29368 |
| 205 |
22. http://forums.gentoo.org/viewtopic.php?t=24718 |
| 206 |
23. http://forums.gentoo.org/viewtopic.php?t=29579 |
| 207 |
24. http://forums.gentoo.org/viewtopic.php?t=25370 |
| 208 |
|
| 209 |
gentoo-user |
| 210 |
----------- |
| 211 |
|
| 212 |
Research solves problems |
| 213 |
|
| 214 |
A recent thread[25] about portage 2.0.46-r6 accidently overwriting |
| 215 |
/etc/make.conf triggered some heat amongst the audience. Gentoo developer |
| 216 |
Nicholas Jones insisted that this was not an accident (bug), but rather |
| 217 |
that the poster failed to mention his unique circumstances and assumed |
| 218 |
that portage 2.0.46-r6 was at fault. It has been resolved that portage |
| 219 |
copied the original /etc/make.conf to /etc/.cfg0000_make.conf as it should |
| 220 |
with all config files residing in the /etc directory. This default |
| 221 |
behavior is configured via "CONFIG_PROTECT" in the environment settings. |
| 222 |
The thread also makes it clear that Gentoo developers encourage research |
| 223 |
before accusations. |
| 224 |
|
| 225 |
25. http://marc.theaimsgroup.com/?l=gentoo-user&m=104272726519197&w=2 |
| 226 |
|
| 227 |
KMail with S/MIME and PGP/MIME support |
| 228 |
|
| 229 |
Stephen Boulet posted a message[26] asking how to get KMail and OpenPGP to |
| 230 |
work properly together. Paul de Vrieze responded[27] and noted a bug[28] |
| 231 |
he had filed regarding the topic. A lengthy discussion[29] ensued about |
| 232 |
the various intricacies associated with key management and signatures in |
| 233 |
general. This thread is a great resource for anyone attempting to get PGP |
| 234 |
and/or S/MIME working in KMail. Users looking for a more general HOWTO on |
| 235 |
using GnuPG to sign emails should see this week's Tips and Tricks section. |
| 236 |
|
| 237 |
26. http://article.gmane.org/gmane.linux.gentoo.user/20132 |
| 238 |
27. http://article.gmane.org/gmane.linux.gentoo.user/20136 |
| 239 |
28. http://bugs.gentoo.org/show_bug.cgi?id=13573 |
| 240 |
29. |
| 241 |
http://news.gmane.org/onethread.php?group=gmane.linux.gentoo.user&root=%3C2 |
| 242 |
00301120812.30686.stephen%40theboulets.net%3E |
| 243 |
|
| 244 |
gentoo-dev |
| 245 |
---------- |
| 246 |
|
| 247 |
Little Tool for Portage. |
| 248 |
|
| 249 |
Alastair Tse wrote[30]: "A couple of months ago, I wrote a small tool to |
| 250 |
help me view changelogs for packages in the portage. After a while, I |
| 251 |
added various features I thought were useful, like calculating the size of |
| 252 |
a installed package, and viewing the enabled USE variables for an ebuild." |
| 253 |
The tool is called etcat[31]: Portage Information Extractor. Nick Jones |
| 254 |
said[32] that recent versions of portage do also provide information on |
| 255 |
Changelog entries with the --changelog command-line option. |
| 256 |
|
| 257 |
30. http://article.gmane.org/gmane.linux.gentoo.devel/6637 |
| 258 |
31. http://www.liquidx.net/projects/etcat/ |
| 259 |
32. http://article.gmane.org/gmane.linux.gentoo.devel/6641 |
| 260 |
|
| 261 |
======================= |
| 262 |
4. Gentoo International |
| 263 |
======================= |
| 264 |
|
| 265 |
Akemashite Omedetou Gozaimasu |
| 266 |
|
| 267 |
...or happy new year in Japanese. Friday night saw the first GentooJP New |
| 268 |
Year's Celebration, an event that is almost certain to become a tradition, |
| 269 |
at least for this year's 15 inaugural participants. Everybody who's |
| 270 |
anybody in Tokyo's bustling Gentoo scene was there, downing large |
| 271 |
quantities of beer and sake while trying hard not to spill anything on the |
| 272 |
laptops lying around, munching happily away at Kimchi-Nabe (fish of all |
| 273 |
denominations swimming in a bowl of Korean spicy cabbage...) and talking |
| 274 |
shop, of course, what else is there. Sadly missing were Gentooists from |
| 275 |
the Kansai area, including a number of prominent ebuilders from Osaka and |
| 276 |
Kyoto, who are of course much more seriously working people and never seem |
| 277 |
to make it to drinking events in Tokyo. [NB: The GWN team invites you to |
| 278 |
keep us informed about similar events in your countries.] |
| 279 |
|
| 280 |
A Forum for Gentoo Users in China |
| 281 |
|
| 282 |
While the mainstream user base on the official Gentoo Forums is slowly |
| 283 |
growing out of proportion, the inability to display Chinese has lead to a |
| 284 |
few frustrated comments by Gentooists from China. Until the official |
| 285 |
forums can add support for CJK character sets, Chinese Gentooists may want |
| 286 |
to check out the bustling community active in a Chinese Gentoo forum[33] |
| 287 |
on LinuxSir.com. Combining what they like to call "DIY Linux", the forum |
| 288 |
gathers users of both Gentoo and Linux-from-scratch under one umbrella. It |
| 289 |
is hosted on Linux,Sir!, one of the larger Chinese-language techie |
| 290 |
communities, emanating that typical BBS-style mix of technical support and |
| 291 |
entertainment centered around various Linux distributions. LinuxSir |
| 292 |
currently accomodates roughly 7500 users, predominantly from Shanghai, |
| 293 |
Chengdu, Dalian, but also from outside mainland China, of course. The |
| 294 |
popularity of the Gentoo forum is second only to Redhat, but towering over |
| 295 |
Debian, SuSE, Mandrake and Turbolinux, in spite of their better-known CJK |
| 296 |
support and adaptability to Chinese users. The software used for |
| 297 |
Linux,Sir! (vBulletin)[34] is MySQL-based just like forums.gentoo.org, and |
| 298 |
defaults to GB2312 encoding (Simplified Chinese character set). |
| 299 |
|
| 300 |
33. |
| 301 |
http://www.linuxsir.com/bbs/forumdisplay.php?s=7fd36e0dd0f21fe72b435d5fe4d9 |
| 302 |
6e4e&forumid=58 |
| 303 |
34. http://www.vbulletin.com |
| 304 |
|
| 305 |
================ |
| 306 |
5. Portage Watch |
| 307 |
================ |
| 308 |
|
| 309 |
The following stable packages were added to portage this week |
| 310 |
------------------------------------------------------------- |
| 311 |
|
| 312 |
|
| 313 |
* app-emulation/win4lin : Win4Lin allows you run Windows applications |
| 314 |
somewhat natively http://www.netraverse.com/ |
| 315 |
* app-games/gxmame : GXMame is a frontend for XMame using the GTK |
| 316 |
library, the goal is to provide the same GUI as mame32 |
| 317 |
http://gmame.sourceforge.net |
| 318 |
* app-misc/mime-types : Provides mime.types file http://www.gentoo.org/ |
| 319 |
* app-misc/xnc : A ile manager for X Window system very similar to Norton |
| 320 |
Commander, with a lot of features. http://xnc.dubna.su/ |
| 321 |
* app-sci/tbass : Balsa is both a framework for synthesising asynchronous |
| 322 |
hardware systems and the language for describing such systems |
| 323 |
http://www.cs.man.ac.uk/amulet/projects/balsa/ |
| 324 |
* app-sci/systemc : A C++ based modeling platform for VLSI and |
| 325 |
system-level co-design http://www.systemc.org/ |
| 326 |
* app-sci/vstgl : Visual Signal Transition Graph Lab |
| 327 |
http://vstgl.sourceforge.net/ |
| 328 |
* app-text/mftrace : traces TeX fonts to PFA or PFB fonts (formerly |
| 329 |
pktrace) http://www.cs.uu.nl/~hanwen/mftrace/ |
| 330 |
* dev-lang/stratego : Stratego term-rewriting language |
| 331 |
http://www.stratego-language.org |
| 332 |
* dev-lang/erlang : Erlang programming language, runtime environment, and |
| 333 |
large collection of libraries http://www.erlang.org/ |
| 334 |
* dev-lang/bigwig : a high-level programming language for developing |
| 335 |
interactive Web services. http://www.brics.dk/bigwig/ |
| 336 |
* dev-libs/cgicc : A C++ class library for writing CGI applications |
| 337 |
http://www.cgicc.org |
| 338 |
* dev-libs/libevent : A library to execute a function when a specific |
| 339 |
event occurs on a file descriptor http://monkey.org/~provos/libevent/ |
| 340 |
* dev-util/cproto : generate C function prototypes from C source code |
| 341 |
http://cproto.sourceforge.net/ |
| 342 |
* media-gfx/icoutils : A set of programs for extracting and converting |
| 343 |
images in Microsoft Windows icon and cursor files (.ico, .cur). |
| 344 |
http://www.student.lu.se/~nbi98oli |
| 345 |
* media-gfx/pfaedit : postscript font editor and converter |
| 346 |
http://pfaedit.sourceforge.net/ |
| 347 |
* net-analyzer/nagios-core : Nagios 1.0 core - Host and service monitor |
| 348 |
cgi, docs etc... http://www.nagios.org/ |
| 349 |
* net-analyzer/nagios-imagepack : Nagios imagepacks - Icons and pictures |
| 350 |
for Nagios http://www.nagios.org |
| 351 |
* net-mail/sylpheed-claws : Bleeding edge version of Sylpheed |
| 352 |
http://sylpheed-claws.sf.net |
| 353 |
* net-misc/arpd : ARP reply daemon enables a single host to claim all |
| 354 |
unassigned addresses on a LAN for network monitoring or simulation |
| 355 |
http://www.citi.umich.edu/u/provos/honeyd/ |
| 356 |
* net-www/adzapper : redirector for squid that intercepts advertising, |
| 357 |
page counters and some web bugs http://adzapper.sourceforge.net/ |
| 358 |
* net-www/squirm : A redirector for Squid http://squirm.foote.com.au |
| 359 |
* sys-devel/cc-config : Utility to change the gcc compiler being used. |
| 360 |
http://www.gentoo.org/ |
| 361 |
* sys-libs/lrmi : LRMI is a library for calling real mode BIOS routines |
| 362 |
under Linux. http://www.sourceforge.net/projects/lrmi/ |
| 363 |
|
| 364 |
|
| 365 |
Updates to notable packages |
| 366 |
--------------------------- |
| 367 |
|
| 368 |
* sys-apps/portage - portage-2.0.46-r6.ebuild; portage-2.0.46-r8.ebuild; |
| 369 |
portage-2.0.46-r9.ebuild; |
| 370 |
* x11-base/xfree - xfree-4.2.99.3-r2.ebuild; |
| 371 |
* sys-kernel/* - ac-sources-2.4.21_pre3-r2.ebuild; |
| 372 |
ac-sources-2.4.21_pre3-r3.ebuild; ac-sources-2.4.21_pre3-r4.ebuild; |
| 373 |
alpha-sources-2.4.20-r2.ebuild; development-sources-2.5.55.ebuild; |
| 374 |
development-sources-2.5.56.ebuild; development-sources-2.5.57.ebuild; |
| 375 |
development-sources-2.5.58.ebuild; gentoo-sources-2.4.20-r1.ebuild; |
| 376 |
gs-sources-2.4.21_pre3.ebuild; lolo-sources-2.4.20.1.ebuild; |
| 377 |
lolo-sources-2.4.20.1_rc3.ebuild; sparc-sources-2.4.20-r2.ebuild; |
| 378 |
xfs-sources-2.4.20_pre4.ebuild; xfs-sources-2.4.20_pre5.ebuild; |
| 379 |
* dev-php/php - php-4.3.0-r2.ebuild; |
| 380 |
* sys-devel/perl - perl-5.8.0-r9.ebuild; |
| 381 |
* app-admin/gentoolkit - gentoolkit-0.1.17-r9.ebuild; |
| 382 |
|
| 383 |
|
| 384 |
=========== |
| 385 |
6. Bugzilla |
| 386 |
=========== |
| 387 |
|
| 388 |
Summary |
| 389 |
------- |
| 390 |
|
| 391 |
* Statistics |
| 392 |
* Closed Bug Ranking |
| 393 |
* New Bug Rankings |
| 394 |
|
| 395 |
|
| 396 |
Statistics |
| 397 |
---------- |
| 398 |
|
| 399 |
The Gentoo community uses Bugzilla (bugs.gentoo.org[35]) to record and |
| 400 |
track bugs, notifications, suggestions and other interactions with the |
| 401 |
development team. In the last 7 days, activity on the site has resulted |
| 402 |
in: |
| 403 |
|
| 404 |
* 265 new bugs this week |
| 405 |
* 1382 total bugs currently marked 'new' |
| 406 |
* 548 total bugs curently assigned to developers |
| 407 |
* 54 bugs that were previously closed have been reopened. |
| 408 |
|
| 409 |
There are currently 1984 bugs open in bugzilla. Of these: 36 are labelled |
| 410 |
'blocker', 72 are labelled 'critical', and 120 are labelled 'major'. |
| 411 |
|
| 412 |
35. http://bugs.gentoo.org |
| 413 |
|
| 414 |
The current list of developers' open bugs may be found at the Gentoo Bug |
| 415 |
Count Report[36]. |
| 416 |
|
| 417 |
36. |
| 418 |
http://bugs.gentoo.org/reports.cgi?product=-All-&output=most_doomed&links=1 |
| 419 |
&banner=1&quip=0 |
| 420 |
|
| 421 |
Closed Bug Rankings |
| 422 |
------------------- |
| 423 |
|
| 424 |
The developers and teams who have closed the most bugs this week are: |
| 425 |
|
| 426 |
* The Gnome Team[37], with 13 closed bugs[38] |
| 427 |
* Martin Schlemmer[39], with 13 closed bugs[40] |
| 428 |
* John P. Davis[41], with 12 closed bugs[42] |
| 429 |
* Mike Frysinger[43], with 10 closed bugs[44] |
| 430 |
* Michael Cummings[45], with 8 closed bugs[46] |
| 431 |
|
| 432 |
|
| 433 |
37. mailto://gnome@g.o |
| 434 |
38. |
| 435 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
| 436 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
| 437 |
mailtype1=exact&email1=gnome%40gentoo.org&chfield=bug_status&chfieldfrom=20 |
| 438 |
03-01-10 |
| 439 |
39. mailto://azarah@g.o |
| 440 |
40. |
| 441 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
| 442 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
| 443 |
mailtype1=exact&email1=azarah%40gentoo.org&chfield=bug_status&chfieldfrom=2 |
| 444 |
003-01-10 |
| 445 |
41. mailto://zhen@g.o |
| 446 |
42. |
| 447 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
| 448 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
| 449 |
mailtype1=exact&email1=zhen%40gentoo.org&chfield=bug_status&chfieldfrom=200 |
| 450 |
3-01-10 |
| 451 |
43. mailto://vapier@g.o |
| 452 |
44. |
| 453 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
| 454 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
| 455 |
mailtype1=exact&email1=vapier%40gentoo.org&chfield=bug_status&chfieldfrom=2 |
| 456 |
003-01-10 |
| 457 |
45. mailto://mcummings@g.o |
| 458 |
46. |
| 459 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=RESOLVED&bug_s |
| 460 |
tatus=CLOSED&resolution=FIXED&resolution=TEST-REQUEST&emailassigned_to1=1&e |
| 461 |
mailtype1=exact&email1=mcummings%40gentoo.org&chfield=bug_status&chfieldfro |
| 462 |
m=2003-01-10 |
| 463 |
|
| 464 |
New Bug Rankings |
| 465 |
---------------- |
| 466 |
|
| 467 |
The developers and teams who have been assigned the most new bugs this |
| 468 |
week are: |
| 469 |
|
| 470 |
* Michael Cummings[47], with 25 new bugs[48] |
| 471 |
* Daniel Robbins[49], with 12 new bugs[50] |
| 472 |
* Martin Schlemmer[51], with 11 new bugs[52] |
| 473 |
* The Gnome Team[53], with 9 new bugs[54] |
| 474 |
|
| 475 |
|
| 476 |
47. mailto://mcummings@g.o |
| 477 |
48. |
| 478 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
| 479 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=mcummings%40gent |
| 480 |
oo.org&chfield=bug_status&chfieldfrom=2003-01-10 |
| 481 |
49. mailto://drobbins@g.o |
| 482 |
50. |
| 483 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
| 484 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=drobbins%40gento |
| 485 |
o.org&chfield=bug_status&chfieldfrom=2003-01-10 |
| 486 |
51. mailto://azarah@g.o |
| 487 |
52. |
| 488 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
| 489 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=azarah%40gentoo. |
| 490 |
org&chfield=bug_status&chfieldfrom=2003-01-10 |
| 491 |
53. mailto://gnome@g.o |
| 492 |
54. |
| 493 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s |
| 494 |
tatus=REOPENED&emailassigned_to1=1&emailtype1=exact&email1=gnome%40gentoo.o |
| 495 |
rg&chfield=bug_status&chfieldfrom=2003-01-10 |
| 496 |
|
| 497 |
================== |
| 498 |
7. Tips and Tricks |
| 499 |
================== |
| 500 |
|
| 501 |
Using GnuPG to digitally sign emails |
| 502 |
|
| 503 |
GNU Privacy Guard (GnuPG) is an open source version of the commercial |
| 504 |
Pretty Good Privacy (PGP) software for creating digital signatures. This |
| 505 |
weeks Tips and Tricks will cover the creation of a key, exporting your key |
| 506 |
to a public keyserver, and finally adding your digital signature to email. |
| 507 |
|
| 508 |
--------------------------------------------------------------------------- |
| 509 |
| Code Listing 7.1: | |
| 510 |
|Installing GnuPG | |
| 511 |
--------------------------------------------------------------------------- |
| 512 |
| | |
| 513 |
|# emerge gnupg | |
| 514 |
| | |
| 515 |
|//Create the .gnupg directory | |
| 516 |
|# mkdir $HOME/.gnupg | |
| 517 |
| | |
| 518 |
--------------------------------------------------------------------------- |
| 519 |
|
| 520 |
--------------------------------------------------------------------------- |
| 521 |
| Code Listing 7.2: | |
| 522 |
|Creating a new key | |
| 523 |
--------------------------------------------------------------------------- |
| 524 |
| | |
| 525 |
|# gpg --gen-key | |
| 526 |
|gpg (GnuPG) 1.2.1; Copyright (C) 2002 Free Software Foundation, Inc. | |
| 527 |
|This program comes with ABSOLUTELY NO WARRANTY. | |
| 528 |
|This is free software, and you are welcome to redistribute it | |
| 529 |
|under certain conditions. See the file COPYING for details. | |
| 530 |
| | |
| 531 |
|Please select what kind of key you want: | |
| 532 |
| (1) DSA and ElGamal (default) | |
| 533 |
| (2) DSA (sign only) | |
| 534 |
| (5) RSA (sign only) | |
| 535 |
|Your selection? 1 | |
| 536 |
| | |
| 537 |
|About to generate a new ELG-E keypair. | |
| 538 |
| minimum keysize is 768 bits | |
| 539 |
| default keysize is 1024 bits | |
| 540 |
| highest suggested keysize is 2048 bits | |
| 541 |
|What keysize do you want? (1024) 1024 | |
| 542 |
| | |
| 543 |
|Please specify how long the key should be valid. | |
| 544 |
| 0 = key does not expire | |
| 545 |
| <n> = key expires in n days | |
| 546 |
| <n>w = key expires in n weeks | |
| 547 |
| <n>m = key expires in n months | |
| 548 |
| <n>y = key expires in n years | |
| 549 |
|Key is valid for? (0) 0 | |
| 550 |
|Key does not expire at all | |
| 551 |
|Is this correct (y/n)? y | |
| 552 |
| | |
| 553 |
|You need a User-ID to identify your key; the software constructs the user| |
| 554 |
|id from Real Name, Comment and Email Address in this form: | |
| 555 |
| "Heinrich Heine (Der Dichter) <heinrichh@×××××××××××.de>" | |
| 556 |
| | |
| 557 |
|Real name: John Doe | |
| 558 |
|Email address: john.doe@×××××××.com | |
| 559 |
|Comment: | |
| 560 |
| | |
| 561 |
|You selected this USER-ID: | |
| 562 |
| "John Doe <john.doe@×××××××.com>" | |
| 563 |
| | |
| 564 |
|Change (N)ame, (C)omment, (E)mail or (O)kay/(Q)uit? o | |
| 565 |
|You need a Passphrase to protect your secret key. | |
| 566 |
| | |
| 567 |
|//Make sure you pick a good password and DON'T FORGET IT | |
| 568 |
|Enter passphrase: secret | |
| 569 |
|Repeat passphrase: secret | |
| 570 |
| | |
| 571 |
|We need to generate a lot of random bytes. It is a good idea to perform | |
| 572 |
|some other action (type on the keyboard, move the mouse, utilize the | |
| 573 |
|disks) during the prime generation; this gives the random number | |
| 574 |
|generator a better chance to gain enough entropy. | |
| 575 |
| | |
| 576 |
|gpg: /home/johndoe/.gnupg/trustdb.gpg: trustdb created | |
| 577 |
|public and secret key created and signed. | |
| 578 |
|key marked as ultimately trusted. | |
| 579 |
| | |
| 580 |
|//The eight character string is your Key ID (in this case, A268D066) | |
| 581 |
|pub 1024D/A268D066 2003-01-17 John Doe <john.doe@×××××××.com> | |
| 582 |
| Key fingerprint = D435 4979 610B 0BAB F107 64F8 FAF5 94E0 A268 D066| |
| 583 |
|sub 1024g/AB3B30AF 2003-01-17 | |
| 584 |
| | |
| 585 |
--------------------------------------------------------------------------- |
| 586 |
|
| 587 |
Now that your key has been made, it needs to be exported to a public |
| 588 |
keyserver. While this is not required, it's the easiest way for others to |
| 589 |
get your public key information and verify your information. To send your |
| 590 |
key, you'll first need to know your Key ID. |
| 591 |
|
| 592 |
--------------------------------------------------------------------------- |
| 593 |
| Code Listing 7.3: | |
| 594 |
|Finding your Key ID | |
| 595 |
--------------------------------------------------------------------------- |
| 596 |
| | |
| 597 |
|//Your Key ID is the eight character string after 1024D/ | |
| 598 |
|# gpg --list-keys | |
| 599 |
|/home/johndoe/.gnupg/pubring.gpg | |
| 600 |
|------------------------------- | |
| 601 |
|pub 1024D/A268D066 2003-01-17 John Doe <john.doe@×××××××.com> | |
| 602 |
|sub 1024g/AB3B30AF 2003-01-17 | |
| 603 |
| | |
| 604 |
--------------------------------------------------------------------------- |
| 605 |
|
| 606 |
Now you can export your key. |
| 607 |
|
| 608 |
--------------------------------------------------------------------------- |
| 609 |
| Code Listing 7.4: | |
| 610 |
|Export your key to a public keyserver | |
| 611 |
--------------------------------------------------------------------------- |
| 612 |
| | |
| 613 |
|# gpg --send-keys --keyserver wwwkeys.pgp.net A268D066 | |
| 614 |
|gpg: success sending to `wwwkeys.pgp.net' (status=200) | |
| 615 |
| | |
| 616 |
--------------------------------------------------------------------------- |
| 617 |
|
| 618 |
Now that your key has been created and published, you can start using it |
| 619 |
to sign emails. You'll need to remember your Key ID for this step. If you |
| 620 |
don't remember it, see the above code listing (Finding your Key ID). |
| 621 |
|
| 622 |
Use the following steps to set up encryption in Evolution: |
| 623 |
|
| 624 |
* Click on Tools->Settings. |
| 625 |
* Select the Mail Accounts button and the account that will be using the |
| 626 |
key. |
| 627 |
* Click Edit and then the Security tab. Enter your Key ID in the field |
| 628 |
entitled PGP/GPG Key ID. |
| 629 |
* Click OK. Now when you compose a message, select Security->PGP Sign to |
| 630 |
add your digital signature to your email. |
| 631 |
|
| 632 |
To set up encryption in Mutt, add the following options to your |
| 633 |
$HOME/.muttrc file. |
| 634 |
--------------------------------------------------------------------------- |
| 635 |
| Code Listing 7.5: | |
| 636 |
|GPG settings in ~/.muttrc | |
| 637 |
--------------------------------------------------------------------------- |
| 638 |
| | |
| 639 |
| | |
| 640 |
|set pgp_decode_command="gpg %?p?--passphrase-fd 0? \ | |
| 641 |
| --no-verbose --batch --output - %f" | |
| 642 |
|set pgp_verify_command="gpg --no-verbose --batch --output \ | |
| 643 |
| - --verify %s %f" | |
| 644 |
|set pgp_decrypt_command="gpg --passphrase-fd 0 --no-verbose \ | |
| 645 |
| --batch --output - %f" | |
| 646 |
|set pgp_sign_command="gpg --no-verbose --batch --output \ | |
| 647 |
| - --passphrase-fd 0 --armor --detach-sign --textmode %?a?-u %a? %f" | |
| 648 |
|set pgp_clearsign_command="gpg --no-verbose --batch --output - \ | |
| 649 |
| --passphrase-fd 0 --armor --textmode --clearsign %?a?-u %a? %f" | |
| 650 |
| | |
| 651 |
|//Insert your Key ID after the --encrypt-to option prefixed by 0x | |
| 652 |
|set pgp_encrypt_only_command="gpg --batch --quiet --no-verbose \ | |
| 653 |
| --output - --encrypt --textmode --armor --always-trust \ | |
| 654 |
| --encrypt-to 0x<your key ID> -- -r %r -- %f" | |
| 655 |
|set pgp_encrypt_sign_command="gpg --passphrase-fd 0 --batch --quiet \ | |
| 656 |
| --no-verbose --textmode --output - --encrypt --sign %?a?-u %a? \ | |
| 657 |
| --armor --always-trust --encrypt-to 0x<your key ID> -- -r %r -- %f" | |
| 658 |
|set pgp_import_command="gpg --no-verbose --import -v %f" | |
| 659 |
|set pgp_export_command="gpg --no-verbose --export --armor %r" | |
| 660 |
|set pgp_verify_key_command="gpg --no-verbose --batch --fingerprint \ | |
| 661 |
| --check-sigs %r" | |
| 662 |
|set pgp_list_pubring_command="gpg --no-verbose --batch --with-colons \ | |
| 663 |
| --list-keys %r" | |
| 664 |
|set pgp_list_secring_command="gpg --no-verbose --batch --with-colons | |
| 665 |
| --list-secret-keys %r" | |
| 666 |
|set pgp_autosign=yes | |
| 667 |
|set pgp_sign_as=0x<your key ID> | |
| 668 |
|set pgp_replyencrypt=yes | |
| 669 |
|set pgp_timeout=1800 | |
| 670 |
|set pgp_good_sign="^gpg: Good signature from" | |
| 671 |
| | |
| 672 |
--------------------------------------------------------------------------- |
| 673 |
|
| 674 |
When you compose a message, press p to sign or encrypt. To only sign your |
| 675 |
email, select s. Then you can send your message and it will be signed with |
| 676 |
your digital signature. |
| 677 |
|
| 678 |
The above tips will help you get up and running with gpg, but it is not by |
| 679 |
any means a complete guide. You should also read GnuPG's excellent |
| 680 |
documentation[55] section to learn more about important concepts like key |
| 681 |
revocation, key signing and webs of trust. |
| 682 |
|
| 683 |
55. http://www.gnupg.org/(en)/documentation/index.html |
| 684 |
|
| 685 |
========================== |
| 686 |
8. Moves, Adds and Changes |
| 687 |
========================== |
| 688 |
|
| 689 |
Moves |
| 690 |
----- |
| 691 |
|
| 692 |
The following developers recently left the Gentoo team: |
| 693 |
|
| 694 |
* none this week |
| 695 |
|
| 696 |
|
| 697 |
Adds |
| 698 |
---- |
| 699 |
|
| 700 |
The following developers recently joined the Gentoo team: |
| 701 |
|
| 702 |
* Alain Penders (RexOrient) -- Subversion and nforce2 kernel hacking |
| 703 |
|
| 704 |
|
| 705 |
Changes |
| 706 |
------- |
| 707 |
|
| 708 |
The following developers recently changed roles within the Gentoo project. |
| 709 |
|
| 710 |
* none this week |
| 711 |
|
| 712 |
|
| 713 |
==================================== |
| 714 |
9. Subscribe to the GWN mailing list |
| 715 |
==================================== |
| 716 |
|
| 717 |
Subscribe to our mailing list by sending a blank email to |
| 718 |
gentoo-gwn-subscribe@g.o. |
| 719 |
|
| 720 |
===================== |
| 721 |
10. Contribute to GWN |
| 722 |
===================== |
| 723 |
|
| 724 |
Interested in contributing to the Gentoo Weekly Newsletter? Send us an |
| 725 |
email[56]. |
| 726 |
|
| 727 |
56. gwn-feedback@g.o |
| 728 |
|
| 729 |
================ |
| 730 |
11. GWN Feedback |
| 731 |
================ |
| 732 |
|
| 733 |
Please send us your feedback[57] and help make GWN better. |
| 734 |
|
| 735 |
57. gwn-feedback@g.o |
| 736 |
|
| 737 |
=================== |
| 738 |
12. Other Languages |
| 739 |
=================== |
| 740 |
|
| 741 |
The Gentoo Weekly Newsletter is also available in the following languages: |
| 742 |
|
| 743 |
* Dutch |
| 744 |
* English |
| 745 |
* German |
| 746 |
* French |
| 747 |
* Japanese |
| 748 |
* Italian |
| 749 |
* Portuguese (Brazil) |
| 750 |
* Portuguese (Portugal) |
| 751 |
* Spanish |
| 752 |
|
| 753 |
Kurt Lieber <klieber@g.o> - Editor |
| 754 |
AJ Armstrong <aja@×××××××××××××.com> - Contributor |
| 755 |
Brice Burgess <nesta@×××××××.net> - Contributor |
| 756 |
Yuji Carlos Kosugi <carlos@g.o> - Contributor |
| 757 |
Rafael Cordones Marcos <rcm@×××××××.net> - Contributor |
| 758 |
David Narayan <david@×××××××.net> - Contributor |
| 759 |
Ulrich Plate <plate@×××.com> - Contributor |
| 760 |
Peter Sharp <mail@××××××××××××××.net> - Contributor |
| 761 |
Mathy Vanvoorden <matje@×××××××.be> - Dutch Translation |
| 762 |
Tom Van Laerhoven <tom.vanlaerhoven@××××××.be> - Dutch Translation |
| 763 |
Roel Adriaans <roel@××××××××.cx> - Dutch Translation |
| 764 |
Nicolas Ledez <nicolas.ledez@××××.fr> - French Translation |
| 765 |
Guillaume Plessis <gui@×××××××××.com> - French Translation |
| 766 |
Eric St-Georges <thevedge@××××××××.net> - French Translation |
| 767 |
John Berry <anfini@××××.fr> - French Translation |
| 768 |
Martin Prieto <riverdale@×××××××××.org> - French Translation |
| 769 |
Michael Kohl <citizen428@g.o> - German Translation |
| 770 |
Steffen Lassahn <madeagle@g.o> - German Translation |
| 771 |
Matthias F. Brandstetter <haim@g.o> - German Translation |
| 772 |
Thomas Raschbacher <lordvan@g.o> - German Translation |
| 773 |
Marco Mascherpa <mush@××××××.net> - Italian Translation |
| 774 |
Claudio Merloni <paper@×××××××.it> - Italian Translation |
| 775 |
Daniel Ketel <kage-chan@g.o> - Japanese Translation |
| 776 |
Yoshiaki Hagihara <hagi@×××.com> - Japanese Translation |
| 777 |
Andy Hunne <andy@×××××××××.com> - Japanese Translation |
| 778 |
Yuji Carlos Kosugi <carlos@g.o> - Japanese Translation |
| 779 |
Ventura Barbeiro <venturasbarbeiro@××××××.br> - Portuguese (Brazil) |
| 780 |
Translation |
| 781 |
Bruno Ferreira <blueroom@××××××××××××.net> - Portuguese (Portugal) |
| 782 |
Translation |
| 783 |
Lanark <lanark@××××××××××.ar> - Spanish Translation |
| 784 |
Rafael Cordones Marcos <rcm@×××××××.net> - Spanish Translation |
| 785 |
Julio Castillo <julio@×××××××××××××.com> - Spanish Translation |
| 786 |
Jaime Freire <jfreire@××.com> - Spanish Translation |
| 787 |
Sergio Gómez <s3r@××××××××××××.ar> - Spanish Translation |
Archives