| 1 |
--------------------------------------------------------------------------- |
| 2 |
Gentoo Weekly Newsletter |
| 3 |
http://www.gentoo.org/news/en/gwn/current.xml |
| 4 |
This is the Gentoo Weekly Newsletter for the week of 12 June 2006. |
| 5 |
--------------------------------------------------------------------------- |
| 6 |
|
| 7 |
============== |
| 8 |
1. Gentoo news |
| 9 |
============== |
| 10 |
|
| 11 |
Portage 2.1 Released |
| 12 |
-------------------- |
| 13 |
|
| 14 |
After many months in development, the Portage team has released |
| 15 |
Portage-2.1. This new release sees a great many new features, fixed bugs, |
| 16 |
and performance improvements. A detailed description of changes can be |
| 17 |
found in the release notes[1] and NEWS file[2]. Some highlights, |
| 18 |
however, are: |
| 19 |
|
| 20 |
1. http://sources.gentoo.org/viewcvs.py/portage/main/trunk/RELEASE-NOTES?view=markup |
| 21 |
2. http://sources.gentoo.org/viewcvs.py/portage/main/trunk/NEWS?view=markup |
| 22 |
|
| 23 |
* confcache integration: In combination with the |
| 24 |
dev-util/confcachepackage, users can now benefit from cached configure |
| 25 |
checks, speeding up build times for many packages. |
| 26 |
* New cache framework: The Portage cache has been completely overhauled, |
| 27 |
leading to massive speed improvements when updating cache after sync, as |
| 28 |
well as in other areas. |
| 29 |
* New elog functionality: In the past, important messages from ebuilds |
| 30 |
were delivered by means of the einfo, ewarn, and eerror functions, which |
| 31 |
print messages to the standard output. However, in a length multi-package |
| 32 |
merge, it is very easy for these messages to get lost. The new elog |
| 33 |
function allows them to be collected in one place for later inspection, |
| 34 |
and should greatly ease the process of upgrading many packages at one |
| 35 |
time. |
| 36 |
* New hooks framework: Using /etc/portage/bashrc, users can now define |
| 37 |
bash functions to be executed before and after any given ebuild phase. |
| 38 |
This can be used to make almost arbitrary customisations to the build |
| 39 |
environment, and is a powerful tool for those who need functionality or |
| 40 |
behaviour that stock Portage cannot provide. |
| 41 |
* Digest improvements: Portage can now use SHA256 and RMD160 digests in |
| 42 |
addition to MD5 for checking the integrity of downloaded files. This |
| 43 |
release also introduces support for a new Manifest2 format that should |
| 44 |
allow the current Manifest and digest-* files to be unified into one much |
| 45 |
more efficient file format. |
| 46 |
* Improved debugging support: using FEATURES="splitdebug" it is now |
| 47 |
possible to keep the performance improvements from using stripped |
| 48 |
binaries, while still having the debug information around on disk should |
| 49 |
it be needed. This should make filing useful bug reports much easier. |
| 50 |
* Colour remappings: Using the /etc/portage/color.map file, you can now |
| 51 |
remap the colours that Portage will use in its output. Have you ever |
| 52 |
wanted a pretty pink portage? Well now you can, without having to change |
| 53 |
the source code. |
| 54 |
* Configuration improvements: Certain config files can now be made into |
| 55 |
directories, for easier management (for example, |
| 56 |
/etc/portage/package.unmask/kde, /etc/portage/package.unmask/xorg will be |
| 57 |
combined to make the old /etc/portage/package.unmask). /etc/portageitself |
| 58 |
can also be loaded from different locations, making certain tasks much |
| 59 |
simpler. |
| 60 |
* Various other improvements: Certain types of binary security issues can |
| 61 |
now be fixed automatically. The initial import of the Portage module |
| 62 |
should now be faster in certain circumstances, meaning that external |
| 63 |
scripts which import it should see speed improvements. Emerge now supports |
| 64 |
a -q or 'really quiet mode' option, reducing its output to a minimum. |
| 65 |
|
| 66 |
There is a stabilisation bug[3] open, where you can track the progress of |
| 67 |
this new release towards the stable tree. As of this writing, stable users |
| 68 |
on x86, Sparc, HPPA and PPC platforms can use the new release; other |
| 69 |
architecture teams should be following in the near future. |
| 70 |
|
| 71 |
3. https://bugs.gentoo.org/show_bug.cgi?id=136198 |
| 72 |
|
| 73 |
Thanks to Alec Warner[4] and Ned Ludd[5] for taking the time to talk to |
| 74 |
the GWN about this release. |
| 75 |
|
| 76 |
4. antarus@g.o |
| 77 |
5. solar@g.o |
| 78 |
|
| 79 |
Status report: Gentoo/Alpha |
| 80 |
--------------------------- |
| 81 |
|
| 82 |
The Gentoo/Alpha team is responsible for making sure that Gentoo runs |
| 83 |
smoothly on the Alpha architecture. The team has recently grown to include |
| 84 |
Thomas Cort[6] and Christel Dahlskjaer[7]. In the past few months we have |
| 85 |
been very productive. Stephen Bennett[8] has continued his work with |
| 86 |
SELinux. hardened-sources is now keyworded for alpha. Thanks to the work |
| 87 |
of Stefaan De Roeck[9]and others, modular X has been keyworded and is |
| 88 |
working well. The Gentoo/Alpha team is also pleased to announce that we |
| 89 |
have stabilized gnome-2.12.3 and kde-3.5.2. |
| 90 |
|
| 91 |
6. tcort@g.o |
| 92 |
7. christel@g.o |
| 93 |
8. spb@g.o |
| 94 |
9. stefaan@g.o |
| 95 |
|
| 96 |
Thomas Cort has produced two documents, the Alpha Porting Guide and the |
| 97 |
Gentoo/Alpha FAQ. A guide to using the SRM console is on the way. Jose |
| 98 |
Luis Rivero[10], Fernando Pereda[11], and the rest of the Gentoo/Alpha |
| 99 |
team completely revamped the project page. Fernando Pereda has also been |
| 100 |
busy setting up the Alpha Arch Testers project. If you want to learn more |
| 101 |
about this excellent opportunity to give back to Gentoo, please check out |
| 102 |
the Alpha Arch Testers Project page[12]. |
| 103 |
|
| 104 |
10. yoswink@g.o |
| 105 |
11. ferdy@××××××.org |
| 106 |
12. http://www.gentoo.org/proj/en/base/alpha/AT/index.xml |
| 107 |
|
| 108 |
Tetex changes |
| 109 |
------------- |
| 110 |
|
| 111 |
Tetex's upstream maintainer Thomas Esser hass announced that he won't make |
| 112 |
any further tetex releases. This will have some mid- to long-term effects |
| 113 |
on how tetex is maintained in Gentoo. Gentoo developer Martin Ehmsen[13] |
| 114 |
shows the possible methods for handling this – while it seems to be |
| 115 |
undecided for now how to proceed there will be changes in the future. Stay |
| 116 |
tuned… |
| 117 |
|
| 118 |
13. ehmsen@g.o |
| 119 |
|
| 120 |
* Tetex change announcement[14] |
| 121 |
14. http://thread.gmane.org/gmane.linux.gentoo.devel/38615 |
| 122 |
|
| 123 |
|
| 124 |
The shadow and pam-login conflict |
| 125 |
--------------------------------- |
| 126 |
|
| 127 |
Many users may have seen that new versions of pam-login and shadow block |
| 128 |
each other. The reason for that is that the file /bin/login used to be |
| 129 |
provided by pam-login for mostly historical reasons. Now shadow 4.0 |
| 130 |
started also providing this file, to reduce confusion this file is now |
| 131 |
provided by shadow. Also the rest of pam-login has been folded into shadow |
| 132 |
too, so when you see these two packages blocking each other please unmerge |
| 133 |
pam-login and emerge the updated shadow package in its place. |
| 134 |
|
| 135 |
Further information can be found in Diego Pettenò's[15] weblog: |
| 136 |
|
| 137 |
15. flameeyes@g.o |
| 138 |
|
| 139 |
* Shadow and pam-login conflict[16] |
| 140 |
16. http://farragut.flameeyes.is-a-geek.org/articles/2006/06/01/refreshing-the-pam-login-and-shadow-problem |
| 141 |
|
| 142 |
|
| 143 |
Ukrainian IRC channels |
| 144 |
---------------------- |
| 145 |
|
| 146 |
The relatively new and still small Ukrainian Gentoo community has opened |
| 147 |
an official IRC channel: #gentoo-ua channel on irc.freenode.net. If you |
| 148 |
want to discuss all thing Gentoo in Ukrainian or want to help in the |
| 149 |
localization effort just join the team around George Shapovalov[17]. For |
| 150 |
now there is no Ukrainian Subforum, but if that community continues to |
| 151 |
grow that is a distinct possibility – for now "Other languages" is the |
| 152 |
correct forum for Ukrainian questions. |
| 153 |
|
| 154 |
17. george@g.o |
| 155 |
|
| 156 |
Gentoo Women |
| 157 |
------------ |
| 158 |
|
| 159 |
Geek girls are almost the stuff of legend. Women make up only 30% of |
| 160 |
regular computer users, and as little as 2% of Linux users. |
| 161 |
|
| 162 |
But why should this be the case? The reason for this can be as elusive as |
| 163 |
the Linux-using women themselves – for every survey or paper saying that |
| 164 |
they are not given the same chances or opportunities, there is another one |
| 165 |
saying exactly the opposite. Lost in the midst of all this controversy, |
| 166 |
however, is the fact that little if anything is being done to interest |
| 167 |
women in computing, in Linux, or in Gentoo. |
| 168 |
|
| 169 |
Groups such as the Debian project are seeking to change that. Debian |
| 170 |
Women, founded in 2004, was set up to encourage women to become more |
| 171 |
involved with Linux. The group maintains an IRC channel and a mailing list |
| 172 |
for the discussion of technical issues, as well as maintaining a public |
| 173 |
presence at Linux-related conferences and events. They also run an |
| 174 |
extensive mentoring program whereby women are paired up with a mentor who |
| 175 |
will spend the time to help them find answers to their questions, and get |
| 176 |
to know the distribution, as well as the community and Linux in general. |
| 177 |
This mentoring program adds a personal element to the process, and helps |
| 178 |
to guide people towards working more effectively with Linux. Unfortunately |
| 179 |
though, as the name implies, their efforts focus very much on encouraging |
| 180 |
their members to use Debian. |
| 181 |
|
| 182 |
The idea was recently floated of starting a similar project for the women |
| 183 |
of Gentoo, and we would like your thoughts on the matter. Would such a |
| 184 |
project be welcome within the community, and would people take advantage |
| 185 |
of it? What would you like to see the project do, and how? Would you |
| 186 |
volunteer your time and/or money to encourage people, not just women, to |
| 187 |
use Gentoo, and to mentor and help users? |
| 188 |
|
| 189 |
All groups, regardless of their origins, need 'fresh blood' to survive – |
| 190 |
members will inevitably depart, and without a steady stream of people |
| 191 |
joining the group will diminish with time. If we do not reach out to the |
| 192 |
community, we miss out on a lot of good ideas and talented people that are |
| 193 |
out there. Let's make the effort to do so, rather than wallowing in |
| 194 |
complacency and resisting any change. |
| 195 |
|
| 196 |
* Gentoo Women Forums thread[18] |
| 197 |
* Gentoo Userrel email alias[19] |
| 198 |
18. http://forums.gentoo.org/viewtopic-p-3375197.html#3375197 |
| 199 |
19. userrel@g.o |
| 200 |
|
| 201 |
|
| 202 |
========================== |
| 203 |
2. Summer of Code - Update |
| 204 |
========================== |
| 205 |
|
| 206 |
Summer of Code -- One Month Along |
| 207 |
--------------------------------- |
| 208 |
|
| 209 |
It's a month now since the start of this year's Summer of Code, and |
| 210 |
Gentoo's projects have been progressing rapidly. Our students have been |
| 211 |
hard at work with their projects, and making good progress. The Summer of |
| 212 |
Code was originally mentioned in the GWN of May 1st.[20]. If you are |
| 213 |
interested to know what all the fuss is about, read on. |
| 214 |
|
| 215 |
20. http://www.gentoo.org/news/en/gwn/20060501-newsletter.xml#doc_chap1 |
| 216 |
|
| 217 |
The Summer of Code[21], now in its second year, is a program run by Google |
| 218 |
which sponsors students to work on open source projects during the summer |
| 219 |
holidays. Last year's program was a great success, with a long list of |
| 220 |
results[22] including some great projects. This year's version is even |
| 221 |
bigger, containing over twice as many mentoring organisations, and a list |
| 222 |
of student projects to match. |
| 223 |
|
| 224 |
21. http://code.google.com/soc |
| 225 |
22. http://code.google.com/soc-results.html |
| 226 |
|
| 227 |
This year Gentoo is participating as a mentoring organisation, and we were |
| 228 |
lucky enough to be allocated 14 projects, including this year's most |
| 229 |
in-demand student – Anant Narayanan had applications accepted by a total |
| 230 |
of 4 organisations, and chose to work with us rather than any of the |
| 231 |
others. For a while it was uncertain whether we would be accepted, given |
| 232 |
the number of other Linux distributions and operating systems already |
| 233 |
accepted, but we were eventually chosen, and allocated a higher than |
| 234 |
normal number of projects. |
| 235 |
|
| 236 |
"I like how Gentoo has built a community around the distro in such a short |
| 237 |
time. To me, that is emblematic of a good community, and is what SoC needs |
| 238 |
for mentoring great OSS developers" said Greg Stein from Google, talking |
| 239 |
about why he chose to accept Gentoo over other projects on the hold list. |
| 240 |
"As one example, Gentoo got included into the program because I've liked |
| 241 |
how they came from pretty much nowhere into one of the stronger Linux |
| 242 |
distributions. Out of the thousand distros out there, they rose to one of |
| 243 |
the primaries in pretty short order. I believe that is due to a strong |
| 244 |
community focus, which is exactly something that I believe is good for an |
| 245 |
SoC organization." |
| 246 |
|
| 247 |
A full list of Gentoo's accepted applications with some basic information |
| 248 |
can be found at Google's Gentoo page[23]; more updates about many of the |
| 249 |
projects can be found on the students' blogs, which are aggregated as part |
| 250 |
of Planet Gentoo[24] as well as making up Planet Gentoo SoC[25]. However, |
| 251 |
we would like to highlight a few individual projects here, with some more |
| 252 |
information about the projects and their current status. |
| 253 |
|
| 254 |
23. http://code.google.com/soc/gentoo/about.html |
| 255 |
24. http://planet.gentoo.org |
| 256 |
25. http://planet.gentoo.org/soc/ |
| 257 |
|
| 258 |
Michael Kelly[26]has been working on a unified user/group management |
| 259 |
framework, with the intention of integrating it into package managers and |
| 260 |
the Gentoo tree to provide an implementation of GLEP 27[27], which was |
| 261 |
approved long ago but has not yet been implemented. His code can be found |
| 262 |
in his public Subversion repository, accessible through the web with |
| 263 |
ViewVC[28]. As his initial proposal[29] outlines, this should provide |
| 264 |
some great improvements in the way user and group accounts are handled by |
| 265 |
ebuilds – the current system, while it works in the vast majority of |
| 266 |
cases, is relatively limited in its capability and scalability. The code |
| 267 |
seems to be progressing nicely, and when finished should provide a simple, |
| 268 |
flexible, and portable means to manage users and groups in package |
| 269 |
managers and elsewhere. |
| 270 |
|
| 271 |
26. http://www.pioto.org/~pioto/gentoo/soc2006/blog/ |
| 272 |
27. http://www.gentoo.org/proj/en/glep/glep-0027.html |
| 273 |
28. http://svn.pioto.org/viewvc |
| 274 |
29. http://svn.pioto.org/viewvc/glep27-proposal.txt?view=co |
| 275 |
|
| 276 |
Alex Martinez[30]has been working on porting Gentoo's "sandbox" utility to |
| 277 |
run on FreeBSD systems. The Gentoo/*BSD project[31] has been increasingly |
| 278 |
active in recent months, and is rapidly becoming a viable platform for |
| 279 |
real-world use. However, due to differences between the FreeBSD and GNU C |
| 280 |
libraries, the sandbox utility, used primarily for ebuild QA purposes, |
| 281 |
still does not work properly. Alex's SoC project sets out to change this, |
| 282 |
and involves looking into the most fundamental libraries on the system to |
| 283 |
find out just what is causing the problems. While the project is currently |
| 284 |
on hold due to the exam season, progress just before this was extremely |
| 285 |
promising. When completed, this should bring the various Gentoo/*BSD ports |
| 286 |
much closer to having all the package management functionality available |
| 287 |
on Gentoo Linux, a major milestone in their development. |
| 288 |
|
| 289 |
30. http://unleashed.amule.org/soc/ |
| 290 |
31. http://www.gentoo.org/proj/en/gentoo-alt/bsd/index.xml |
| 291 |
|
| 292 |
All in all, the Summer of Code is a fantastic opportunity for students to |
| 293 |
get more involved in their favourite open source projects and to let them |
| 294 |
spend the summer doing what they enjoy without hindrance. Of course, it |
| 295 |
also provides the projects with some great code that perhaps would not |
| 296 |
have been written otherwise, as well as a fruitful source of potential new |
| 297 |
contributors. This sentiment was echoed by Christel Dahlskjaer, Gentoo's |
| 298 |
administrative contact for the summer of code, talking to the GWN earlier |
| 299 |
this month: "I am doing my best to ensure that we give the students the |
| 300 |
support they need, we also aim to make these summer months a time of fun |
| 301 |
for them and we hope that at the end of their 'internship' they'll not |
| 302 |
only have provided us with contributions in form of code, but will |
| 303 |
hopefully have decided that they want to come on board and work on Gentoo |
| 304 |
as developers." |
| 305 |
|
| 306 |
========================= |
| 307 |
3. Heard in the community |
| 308 |
========================= |
| 309 |
|
| 310 |
forums |
| 311 |
------ |
| 312 |
|
| 313 |
Genetic - A New Portage Frontend |
| 314 |
|
| 315 |
Over the past two weeks, a discussion of a new ncurses and wxWidgets |
| 316 |
portage frontend has been happening on the Gentoo Forums. The project is |
| 317 |
still in its infancy and is asking for XML/Python/Ncurses experts to help. |
| 318 |
|
| 319 |
* Genetic Forum Thread[32] |
| 320 |
* Genetic Homepage[33] |
| 321 |
32. http://forums.gentoo.org/viewtopic-t-463518.html |
| 322 |
33. http://genetic.sourceforge.net/ |
| 323 |
|
| 324 |
|
| 325 |
GEMS - Gentoo Enterprise Management System |
| 326 |
|
| 327 |
An announcement of a new management system in the style of "Red Hat |
| 328 |
Network" designed for Gentoo has been announced on the forums. It aims to |
| 329 |
ease the management of a large number of Gentoo computers and currently |
| 330 |
includes features such as: inventory of installed software, GLSAs |
| 331 |
associated with them, monitoring deployments status and more. GEMS is |
| 332 |
licensed under the GPL and is freely available on its website. |
| 333 |
|
| 334 |
* GEMS Forum thread[34] |
| 335 |
* GEMS homepage[35] |
| 336 |
34. http://forums.gentoo.org/viewtopic-t-468071.html |
| 337 |
35. http://www.gamehound.net/gems/index.php |
| 338 |
|
| 339 |
|
| 340 |
Decreasing chances of making mistakes while installing Gentoo |
| 341 |
|
| 342 |
new_to_non_X86, a forum user notes how currently it is very easy for users |
| 343 |
to make simple mistakes such as typos or missing steps while following the |
| 344 |
handbook. How do you think the quality of Gentoo documentation could be |
| 345 |
improved so that mistakes are less prone to happening? |
| 346 |
|
| 347 |
* Forum Thread[36] |
| 348 |
36. https://forums.gentoo.org/viewtopic-t-469616.html |
| 349 |
|
| 350 |
|
| 351 |
gentoo-dev |
| 352 |
---------- |
| 353 |
|
| 354 |
GLEP 49 - take 2 |
| 355 |
|
| 356 |
After the long discussion about alternative package managers in the last |
| 357 |
weeks Paul de Vrieze[37] and Grant Goodyear[38] offer two competing GLEPs |
| 358 |
for discussion that define the capabilities, license and other managerial |
| 359 |
issues that a package manager has to offer to be supported. This might |
| 360 |
focus future discussions about portage replacements on technical instead |
| 361 |
of social issues. |
| 362 |
|
| 363 |
37. pauldv@g.o |
| 364 |
38. g2boojum@g.o |
| 365 |
|
| 366 |
* GLEP 49 - take 2[39] |
| 367 |
39. http://thread.gmane.org/gmane.linux.gentoo.devel/38476 |
| 368 |
|
| 369 |
|
| 370 |
Security/QA Spring Cleaning |
| 371 |
|
| 372 |
Every now and then a security problem is found. When this affects a Gentoo |
| 373 |
package a GLSA is released, but until now the affected packages were not |
| 374 |
directly unkeyworded or removed from the tree. This leaves some vulnerable |
| 375 |
ebuilds in place, so Ned Ludd[40] in cooperation with Brian Harring[41] |
| 376 |
has started a cleanup of the tree. This should not affect users, only |
| 377 |
vulnerable, insecure and unmaintained ebuilds will be removed. |
| 378 |
|
| 379 |
40. solar@g.o |
| 380 |
41. ferringb@×××××.com |
| 381 |
|
| 382 |
* Security/QA Spring Cleaning[42] |
| 383 |
42. http://thread.gmane.org/gmane.linux.gentoo.devel/38472 |
| 384 |
|
| 385 |
|
| 386 |
Spring Cleanup, part 2 |
| 387 |
|
| 388 |
A cleanup of unmaintained broken ebuilds has started. As they were already |
| 389 |
known to not work no functionality is lost for users. This is part of a |
| 390 |
general QA strategy to increase the overall quality of Gentoo. |
| 391 |
|
| 392 |
* app-editors/gnotepad+[43] |
| 393 |
* ipkg-utils[44] |
| 394 |
* media-libs/nurbs++[45] |
| 395 |
* dev-libs/nana[46] |
| 396 |
* sys-fs/convertfs[47] |
| 397 |
* net-misc/powerd[48] |
| 398 |
* www-client/prozilla[49] |
| 399 |
* sys-libs/ldetect{,-lst}[50] |
| 400 |
43. http://thread.gmane.org/gmane.linux.gentoo.devel/38698 |
| 401 |
44. http://thread.gmane.org/gmane.linux.gentoo.devel/38685 |
| 402 |
45. http://thread.gmane.org/gmane.linux.gentoo.devel/38661 |
| 403 |
46. http://thread.gmane.org/gmane.linux.gentoo.devel/38657 |
| 404 |
47. http://thread.gmane.org/gmane.linux.gentoo.devel/38641 |
| 405 |
48. http://thread.gmane.org/gmane.linux.gentoo.devel/38640 |
| 406 |
49. http://thread.gmane.org/gmane.linux.gentoo.devel/38636 |
| 407 |
50. http://thread.gmane.org/gmane.linux.gentoo.devel/38633 |
| 408 |
|
| 409 |
|
| 410 |
[RFC Maintainer-Wanted Bugs/Cleaning] |
| 411 |
|
| 412 |
For user-submitted and unmaintained ebuilds the maintainer-wanted alias |
| 413 |
was created. What seemed like a good idea has ended in almost 2000 bugs |
| 414 |
assigned to that alias, most of them without any changes. Alec Warner[51] |
| 415 |
asks for input how to handle these bugs in the future. Some ideas like a |
| 416 |
central overlay for these ebuilds or closing them after a pre-set time are |
| 417 |
discussed in this thread, but no resolution has been found. |
| 418 |
|
| 419 |
51. antarus@g.o |
| 420 |
|
| 421 |
* [RFC Maintainer-Wanted Bugs/Cleaning][52] |
| 422 |
52. http://thread.gmane.org/gmane.linux.gentoo.devel/38663 |
| 423 |
|
| 424 |
|
| 425 |
planet.gentoo.org |
| 426 |
----------------- |
| 427 |
|
| 428 |
Gentoo Overlays Project needs a logo |
| 429 |
|
| 430 |
Gentoo Overlays[53] is a project designed to bring social workspaces to |
| 431 |
Gentoo. It provides a place for Gentoo projects and developers to host |
| 432 |
their overlays. If you can help the Overlays project by creating a logo |
| 433 |
drop by #gentoo-overlays on irc.freenode.net. |
| 434 |
|
| 435 |
53. http://www.gentoo.org/proj/en/overlays/ |
| 436 |
|
| 437 |
* Gentoo Overlays Project needs a logo[54] |
| 438 |
54. http://blog.stuartherbert.com/gentoo.php/2006/06/03/gentoo_overlays_project_needs_a_logo |
| 439 |
|
| 440 |
|
| 441 |
KDE 3.5.3 unmasked |
| 442 |
|
| 443 |
KDE 3.5.3 got unmasked and provides decreased startup times. Also over 800 |
| 444 |
minor issues were fixed and small new features implemented in Akregator, |
| 445 |
KMail and KAlarm. |
| 446 |
|
| 447 |
* KDE 3.5.3 unmasked[55] |
| 448 |
55. http://farragut.flameeyes.is-a-geek.org/articles/2006/06/02/unmasked |
| 449 |
|
| 450 |
|
| 451 |
net-setup enhancements |
| 452 |
|
| 453 |
Naming of network interfaces sometimes differs between a live system and |
| 454 |
the installed Gentoo system. To help in configuring the network interfaces |
| 455 |
net-setup has been expanded by two additional dialogs which displays the |
| 456 |
interface name, interface caption and additional information. The new |
| 457 |
net-setup will be included in the next livecd-tools release. |
| 458 |
|
| 459 |
* net-setup enhancements[56] |
| 460 |
56. http://www.reactivated.net/weblog/archives/2006/06/net-setup-enhancements/ |
| 461 |
|
| 462 |
|
| 463 |
======================= |
| 464 |
4. Gentoo International |
| 465 |
======================= |
| 466 |
|
| 467 |
Gentoo UK 2006 |
| 468 |
-------------- |
| 469 |
|
| 470 |
A little later than anticipated, organisation of the Gentoo UK 2006 |
| 471 |
users-and-developers conference is nearing completion. The conference will |
| 472 |
take place on Saturday July 8th in Central London, and will feature a few |
| 473 |
talks from Gentoo developers plus possibly some guest speakers. There will |
| 474 |
also be some social activities taking place around the event. |
| 475 |
|
| 476 |
Numbers are limited, so we do require people to pre-register (no cost) by |
| 477 |
leaving a name and email address. Registration is open now. |
| 478 |
|
| 479 |
For more info, see the conference website[57]. We look forward to seeing |
| 480 |
you there! |
| 481 |
|
| 482 |
57. http://dev.gentoo.org/~dsd/gentoo-uk-2006/ |
| 483 |
|
| 484 |
================== |
| 485 |
5. Tips and Tricks |
| 486 |
================== |
| 487 |
|
| 488 |
Searching the portage tree with eix |
| 489 |
----------------------------------- |
| 490 |
|
| 491 |
eix is a handy utility that indexes your portage tree and quickly searches |
| 492 |
it. The latest stable version, 0.55, is also compatible with Portage 2.1's |
| 493 |
new metadata backend. |
| 494 |
|
| 495 |
To get started, emerge the package, and then build your index: |
| 496 |
|
| 497 |
+-------------------------------------------------------------------------+ |
| 498 |
| Code Listing 5.1: | |
| 499 |
| Installing eix | |
| 500 |
+-------------------------------------------------------------------------+ |
| 501 |
| | |
| 502 |
|# emerge eix | |
| 503 |
|# update-eix | |
| 504 |
| | |
| 505 |
+-------------------------------------------------------------------------+ |
| 506 |
|
| 507 |
update-eixwill index your ebuilds in your PORTDIR_OVERLAY in addition to |
| 508 |
the main portage tree. |
| 509 |
|
| 510 |
Once finished you are ready to do some searches. Use eix foo to search for |
| 511 |
a package, or eix -S bar to search package descriptions. To search for a |
| 512 |
specific package, use eix -e packagename. You can also use regular |
| 513 |
expressions in your search parameters by default. |
| 514 |
|
| 515 |
The output of eix displays each package version available. Versions |
| 516 |
prefixed with ~ are marked unstable, while !indicates the version is hard |
| 517 |
masked. |
| 518 |
|
| 519 |
+-------------------------------------------------------------------------+ |
| 520 |
| Code Listing 5.2: | |
| 521 |
| eix firefox | |
| 522 |
+-------------------------------------------------------------------------+ |
| 523 |
| | |
| 524 |
|$ eix firefox | |
| 525 |
|* www-client/mozilla-firefox | |
| 526 |
|Available versions: 1.0.7-r4 ~1.0.8 ~1.5-r9 ~1.5.0.1-r2 ~1.5.0.1-r3 | |
| 527 |
|~1.5.0.1-r4 1.5.0.2 ~1.5.0.2-r1 1.5.0.3 1.5.0.4 | |
| 528 |
|Installed: none | |
| 529 |
|Homepage: http://www.mozilla.org/projects/firefox/ | |
| 530 |
|Description: Firefox Web Browser | |
| 531 |
| | |
| 532 |
|* www-client/mozilla-firefox-bin | |
| 533 |
|Available versions: 1.0.7 ~1.0.8 1.5.0.2 1.5.0.3 1.5.0.4 | |
| 534 |
|Installed: 1.5.0.3 | |
| 535 |
|Homepage: http://www.mozilla.org/projects/firefox | |
| 536 |
|Description: Firefox Web Browser | |
| 537 |
| | |
| 538 |
| | |
| 539 |
|Found 2 matches | |
| 540 |
| | |
| 541 |
+-------------------------------------------------------------------------+ |
| 542 |
|
| 543 |
Finally, one last tip. If you want to run emerge --sync and update-eix all |
| 544 |
in one step, just run eix-sync instead. |
| 545 |
|
| 546 |
Note: If you have tips and tricks you would like to share with the Gentoo |
| 547 |
community please drop us a mail at gwn-feedback@g.o |
| 548 |
|
| 549 |
========================= |
| 550 |
6. Gentoo developer moves |
| 551 |
========================= |
| 552 |
|
| 553 |
Moves |
| 554 |
----- |
| 555 |
|
| 556 |
The following developers recently left the Gentoo project: |
| 557 |
|
| 558 |
* Dan Armak |
| 559 |
* Ryan Phillips |
| 560 |
|
| 561 |
Adds |
| 562 |
---- |
| 563 |
|
| 564 |
The following developers recently joined the Gentoo project: |
| 565 |
|
| 566 |
* Chris Parrott (haskell) |
| 567 |
|
| 568 |
Changes |
| 569 |
------- |
| 570 |
|
| 571 |
The following developers recently changed roles within the Gentoo project: |
| 572 |
|
| 573 |
* None this week |
| 574 |
|
| 575 |
================== |
| 576 |
7. Gentoo Security |
| 577 |
================== |
| 578 |
|
| 579 |
CherryPy: Directory traversal vulnerability |
| 580 |
------------------------------------------- |
| 581 |
|
| 582 |
CherryPy is vulnerable to a directory traversal that could allow attackers |
| 583 |
to read arbitrary files. |
| 584 |
|
| 585 |
For more information, please see the GLSA Announcement[58] |
| 586 |
|
| 587 |
58. http://www.gentoo.org/security/en/glsa/glsa-200605-16.xml |
| 588 |
|
| 589 |
libTIFF: Multiple vulnerabilities |
| 590 |
--------------------------------- |
| 591 |
|
| 592 |
Multiple vulnerabilities in libTIFF could lead to the execution of |
| 593 |
arbitrary code or a Denial of Service. |
| 594 |
|
| 595 |
For more information, please see the GLSA Announcement[59] |
| 596 |
|
| 597 |
59. http://www.gentoo.org/security/en/glsa/glsa-200605-17.xml |
| 598 |
|
| 599 |
Opera: Buffer overflow |
| 600 |
---------------------- |
| 601 |
|
| 602 |
Opera contains an integer signedness error resulting in a buffer overflow |
| 603 |
which may allow a remote attacker to execute arbitrary code. |
| 604 |
|
| 605 |
For more information, please see the GLSA Announcement[60] |
| 606 |
|
| 607 |
60. http://www.gentoo.org/security/en/glsa/glsa-200606-01.xml |
| 608 |
|
| 609 |
shadow: Privilege escalation |
| 610 |
---------------------------- |
| 611 |
|
| 612 |
A security issue in shadow allows a local user to perform certain actions |
| 613 |
with escalated privileges. |
| 614 |
|
| 615 |
For more information, please see the GLSA Announcement[61] |
| 616 |
|
| 617 |
61. http://www.gentoo.org/security/en/glsa/glsa-200606-02.xml |
| 618 |
|
| 619 |
Dia: Format string vulnerabilities |
| 620 |
---------------------------------- |
| 621 |
|
| 622 |
Format string vulnerabilities in Dia may lead to the execution of |
| 623 |
arbitrary code. |
| 624 |
|
| 625 |
For more information, please see the GLSA Announcement[62] |
| 626 |
|
| 627 |
62. http://www.gentoo.org/security/en/glsa/glsa-200606-03.xml |
| 628 |
|
| 629 |
Tor: Several vulnerabilities |
| 630 |
---------------------------- |
| 631 |
|
| 632 |
Tor is vulnerable to a possible buffer overflow, a Denial of Service, |
| 633 |
information disclosure and information leak. |
| 634 |
|
| 635 |
For more information, please see the GLSA Announcement[63] |
| 636 |
|
| 637 |
63. http://www.gentoo.org/security/en/glsa/glsa-200606-04.xml |
| 638 |
|
| 639 |
Pound: HTTP request smuggling |
| 640 |
----------------------------- |
| 641 |
|
| 642 |
Pound is vulnerable to HTTP request smuggling, which could be exploited to |
| 643 |
bypass security restrictions or poison web caches. |
| 644 |
|
| 645 |
For more information, please see the GLSA Announcement[64] |
| 646 |
|
| 647 |
64. http://www.gentoo.org/security/en/glsa/glsa-200606-05.xml |
| 648 |
|
| 649 |
AWStats: Remote execution of arbitrary code |
| 650 |
------------------------------------------- |
| 651 |
|
| 652 |
AWStats contains a bug in the sanitization of the input parameters which |
| 653 |
can lead to the remote execution of arbitrary code. |
| 654 |
|
| 655 |
For more information, please see the GLSA Announcement[65] |
| 656 |
|
| 657 |
65. http://www.gentoo.org/security/en/glsa/glsa-200606-06.xml |
| 658 |
|
| 659 |
Vixie Cron: Privilege Escalation |
| 660 |
-------------------------------- |
| 661 |
|
| 662 |
Vixie Cron allows local users to execute programs as root. |
| 663 |
|
| 664 |
For more information, please see the GLSA Announcement[66] |
| 665 |
|
| 666 |
66. http://www.gentoo.org/security/en/glsa/glsa-200606-07.xml |
| 667 |
|
| 668 |
WordPress: Arbitrary command execution |
| 669 |
-------------------------------------- |
| 670 |
|
| 671 |
WordPress fails to sufficiently check the format of cached username data. |
| 672 |
|
| 673 |
For more information, please see the GLSA Announcement[67] |
| 674 |
|
| 675 |
67. http://www.gentoo.org/security/en/glsa/glsa-200606-08.xml |
| 676 |
|
| 677 |
SpamAssassin: Execution of arbitrary code |
| 678 |
----------------------------------------- |
| 679 |
|
| 680 |
SpamAssassin, when running with certain options, could allow local or even |
| 681 |
remote attackers to execute arbitrary commands, possibly as the root user. |
| 682 |
|
| 683 |
For more information, please see the GLSA Announcement[68] |
| 684 |
|
| 685 |
68. http://www.gentoo.org/security/en/glsa/glsa-200606-09.xml |
| 686 |
|
| 687 |
Cscope: Many buffer overflows |
| 688 |
----------------------------- |
| 689 |
|
| 690 |
Cscope is vulnerable to multiple buffer overflows that could lead to the |
| 691 |
execution of arbitrary code. |
| 692 |
|
| 693 |
For more information, please see the GLSA Announcement[69] |
| 694 |
|
| 695 |
69. http://www.gentoo.org/security/en/glsa/glsa-200606-10.xml |
| 696 |
|
| 697 |
JPEG library: Denial of Service |
| 698 |
------------------------------- |
| 699 |
|
| 700 |
The JPEG library is vulnerable to a Denial of Service. |
| 701 |
|
| 702 |
For more information, please see the GLSA Announcement[70] |
| 703 |
|
| 704 |
70. http://www.gentoo.org/security/en/glsa/glsa-200606-11.xml |
| 705 |
|
| 706 |
Mozilla Firefox: Multiple vulnerabilities |
| 707 |
----------------------------------------- |
| 708 |
|
| 709 |
Vulnerabilities in Mozilla Firefox allow privilege escalations for |
| 710 |
JavaScript code, cross site scripting attacks, HTTP response smuggling and |
| 711 |
possibly the execution of arbitrary code. |
| 712 |
|
| 713 |
For more information, please see the GLSA Announcement[71] |
| 714 |
|
| 715 |
71. http://www.gentoo.org/security/en/glsa/glsa-200606-12.xml |
| 716 |
|
| 717 |
MySQL: SQL Injection |
| 718 |
-------------------- |
| 719 |
|
| 720 |
MySQL is vulnerable to an SQL Injection flaw in the multi-byte encoding |
| 721 |
process. |
| 722 |
|
| 723 |
For more information, please see the GLSA Announcement[72] |
| 724 |
|
| 725 |
72. http://www.gentoo.org/security/en/glsa/glsa-200606-13.xml |
| 726 |
|
| 727 |
=========== |
| 728 |
8. Bugzilla |
| 729 |
=========== |
| 730 |
|
| 731 |
Summary |
| 732 |
------- |
| 733 |
|
| 734 |
* Statistics |
| 735 |
* Closed bug ranking |
| 736 |
* New bug rankings |
| 737 |
|
| 738 |
Statistics |
| 739 |
---------- |
| 740 |
|
| 741 |
The Gentoo community uses Bugzilla (bugs.gentoo.org[73]) to record and |
| 742 |
track bugs, notifications, suggestions and other interactions with the |
| 743 |
development team. Between 28 May 2006 and 11 June 2006, activity on the |
| 744 |
site has resulted in: |
| 745 |
|
| 746 |
73. http://bugs.gentoo.org |
| 747 |
|
| 748 |
* 1756 new bugs during this period |
| 749 |
* 812 bugs closed or resolved during this period |
| 750 |
* 54 previously closed bugs were reopened this period |
| 751 |
|
| 752 |
Of the 10196 currently open bugs: 53 are labeled 'blocker', 144 are |
| 753 |
labeled 'critical', and 549 are labeled 'major'. |
| 754 |
|
| 755 |
Closed bug rankings |
| 756 |
------------------- |
| 757 |
|
| 758 |
The developers and teams who have closed the most bugs during this period |
| 759 |
are: |
| 760 |
|
| 761 |
* Gentoo Games[74], with 49 closed bugs[75] |
| 762 |
* Gentoo Security[76], with 28 closed bugs[77] |
| 763 |
* Printing Team[78], with 28 closed bugs[79] |
| 764 |
* Gentoo KDE team[80], with 28 closed bugs[81] |
| 765 |
* Apache Herd - Bugzilla Reports[82], with 26 closed bugs[83] |
| 766 |
* Gentoo's Team for Core System packages[84], with 25 closed bugs[85] |
| 767 |
* Portage team[86], with 21 closed bugs[87] |
| 768 |
* Diego Pettenò[88], with 19 closed bugs[89] |
| 769 |
74. games@g.o |
| 770 |
75. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=games@g.o |
| 771 |
76. security@g.o |
| 772 |
77. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=security@g.o |
| 773 |
78. printing@g.o |
| 774 |
79. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=printing@g.o |
| 775 |
80. kde@g.o |
| 776 |
81. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=kde@g.o |
| 777 |
82. apache-bugs@g.o |
| 778 |
83. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=apache-bugs@g.o |
| 779 |
84. base-system@g.o |
| 780 |
85. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=base-system@g.o |
| 781 |
86. dev-portage@g.o |
| 782 |
87. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=dev-portage@g.o |
| 783 |
88. flameeyes@g.o |
| 784 |
89. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-05-28&chfieldto=2006-06-11&resolution=FIXED&assigned_to=flameeyes@g.o |
| 785 |
|
| 786 |
|
| 787 |
New bug rankings |
| 788 |
---------------- |
| 789 |
|
| 790 |
The developers and teams who have been assigned the most new bugs during |
| 791 |
this period are: |
| 792 |
|
| 793 |
* Default Assignee for New Packages[90], with 54 new bugs[91] |
| 794 |
* Mozilla Gentoo Team[92], with 16 new bugs[93] |
| 795 |
* Gentoo Games[94], with 15 new bugs[95] |
| 796 |
* Default Assignee for Orphaned Packages[96], with 14 new bugs[97] |
| 797 |
* Diego Pettenò[98], with 14 new bugs[99] |
| 798 |
* Chris White[100], with 14 new bugs[101] |
| 799 |
* AMD64 Project[102], with 13 new bugs[103] |
| 800 |
* Gentoo KDE team[104], with 12 new bugs[105] |
| 801 |
90. maintainer-wanted@g.o |
| 802 |
91. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=maintainer-wanted@g.o |
| 803 |
92. mozilla@g.o |
| 804 |
93. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=mozilla@g.o |
| 805 |
94. games@g.o |
| 806 |
95. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=games@g.o |
| 807 |
96. maintainer-needed@g.o |
| 808 |
97. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=maintainer-needed@g.o |
| 809 |
98. flameeyes@g.o |
| 810 |
99. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=flameeyes@g.o |
| 811 |
100. chriswhite@g.o |
| 812 |
101. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=chriswhite@g.o |
| 813 |
102. amd64@g.o |
| 814 |
103. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=amd64@g.o |
| 815 |
104. kde@g.o |
| 816 |
105. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-05-28&chfieldto=2006-06-11&assigned_to=kde@g.o |
| 817 |
|
| 818 |
|
| 819 |
=============== |
| 820 |
9. GWN feedback |
| 821 |
=============== |
| 822 |
|
| 823 |
Please send us your feedback[106]and help make the GWN better. |
| 824 |
|
| 825 |
106. gwn-feedback@g.o |
| 826 |
|
| 827 |
================================ |
| 828 |
10. GWN subscription information |
| 829 |
================================ |
| 830 |
|
| 831 |
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to |
| 832 |
gentoo-gwn+subscribe@g.o[107]. |
| 833 |
|
| 834 |
107. gentoo-gwn+subscribe@g.o |
| 835 |
|
| 836 |
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to |
| 837 |
gentoo-gwn+unsubscribe@g.o[108] from the e-mail address you are |
| 838 |
subscribed under. |
| 839 |
|
| 840 |
108. gentoo-gwn+unsubscribe@g.o |
| 841 |
|
| 842 |
=================== |
| 843 |
11. Other languages |
| 844 |
=================== |
| 845 |
|
| 846 |
The Gentoo Weekly Newsletter is also available in the following languages: |
| 847 |
|
| 848 |
* Danish[109] |
| 849 |
* Dutch[110] |
| 850 |
* English[111] |
| 851 |
* German[112] |
| 852 |
* French[113] |
| 853 |
* Korean[114] |
| 854 |
* Japanese[115] |
| 855 |
* Italian[116] |
| 856 |
* Polish[117] |
| 857 |
* Portuguese (Brazil)[118] |
| 858 |
* Portuguese (Portugal)[119] |
| 859 |
* Russian[120] |
| 860 |
* Spanish[121] |
| 861 |
* Turkish[122] |
| 862 |
109. http://www.gentoo.org/news/da/gwn/gwn.xml |
| 863 |
110. http://www.gentoo.org/news/nl/gwn/gwn.xml |
| 864 |
111. http://www.gentoo.org/news/en/gwn/gwn.xml |
| 865 |
112. http://www.gentoo.org/news/de/gwn/gwn.xml |
| 866 |
113. http://www.gentoo.org/news/fr/gwn/gwn.xml |
| 867 |
114. http://www.gentoo.org/news/ko/gwn/gwn.xml |
| 868 |
115. http://www.gentoo.org/news/ja/gwn/gwn.xml |
| 869 |
116. http://www.gentoo.org/news/it/gwn/gwn.xml |
| 870 |
117. http://www.gentoo.org/news/pl/gwn/gwn.xml |
| 871 |
118. http://www.gentoo.org/news/pt_br/gwn/gwn.xml |
| 872 |
119. http://www.gentoo.org/news/pt/gwn/gwn.xml |
| 873 |
120. http://www.gentoo.org/news/ru/gwn/gwn.xml |
| 874 |
121. http://www.gentoo.org/news/es/gwn/gwn.xml |
| 875 |
122. http://www.gentoo.org/news/tr/gwn/gwn.xml |
| 876 |
|
| 877 |
|
| 878 |
Ulrich Plate <plate@g.o> - Editor |
| 879 |
Patrick Lauer <patrick@g.o> - Author |
| 880 |
Christel Dahlskjaer <christel@g.o> - Author |
| 881 |
Tobias Scherbaum <dertobi123@g.o> - Author |
| 882 |
Mark Kowarsky <mark_alec@g.o> - Author |
| 883 |
Thomas Cort <tcort@g.o> - Author |
| 884 |
Steve Dibb <beandog@g.o> - Author |
| 885 |
Alec Warner <antarus@g.o> - Author |
| 886 |
Ned Ludd <solar@g.o> - Author |
| 887 |
Lars Weiler <pylon@g.o> - Author |
| 888 |
|
| 889 |
-- |
| 890 |
gentoo-gwn@g.o mailing list |
Archives