1 |
--------------------------------------------------------------------------- |
2 |
Gentoo Weekly Newsletter |
3 |
http://www.gentoo.org/news/en/gwn/current.xml |
4 |
This is the Gentoo Weekly Newsletter for the week of 29 August 2005. |
5 |
--------------------------------------------------------------------------- |
6 |
|
7 |
============== |
8 |
1. Gentoo news |
9 |
============== |
10 |
|
11 |
Gentoo documentation updates |
12 |
---------------------------- |
13 |
|
14 |
The Gentoo documentation has been amazing users ever since the project |
15 |
started five years ago, but even for an impressive collection it |
16 |
represents today, there's still plenty of room for growth. Even when |
17 |
everything else is somewhat slowing down over the summer, the |
18 |
documentation team does some catching up with development and continues to |
19 |
publish and update texts left and right. Among other things, two entirely |
20 |
new guides have been contributed last week: |
21 |
|
22 |
* Ioannis Aslanidis[1], Shyam Mani[2] and Douglas Russell[3] wrote most |
23 |
of the new Gentoo Bluetooth guide[4], explaining how to install the |
24 |
devices, configure the kernel, and show the whole diversity of Bluetooth. |
25 |
* Chris White[5] has written a complete introductory tutorial on setting |
26 |
up MySQL[6] |
27 |
1. deathwing00@g.o |
28 |
2. fox2mike@g.o |
29 |
3. puggy@g.o |
30 |
4. http://www.gentoo.org/doc/en/bluetooth-guide.xml |
31 |
5. chriswhite@g.o |
32 |
6. http://www.gentoo.org/doc/en/mysql-howto.xml |
33 |
|
34 |
|
35 |
Tim Yamin's[7] guide on genkernel has been updated again, too, reflecting |
36 |
changes that have been introduced for the 2005.1 release. Equally updated |
37 |
was the page that collects articles published by Gentoo authors[8] in |
38 |
different media, many of them on the IBM developer works pages. By the |
39 |
way, if you're interested in popularity statistics of the different items |
40 |
on offer at the documentation project, check the Topdocs page[9] once in a |
41 |
while! |
42 |
|
43 |
7. plasmaroo@g.o |
44 |
8. http://www.gentoo.org/doc/en/articles/ |
45 |
9. http://www.gentoo.org/proj/en/gdp/tests/topdocs.xml |
46 |
|
47 |
========================= |
48 |
2. Heard in the community |
49 |
========================= |
50 |
|
51 |
gentoo-dev |
52 |
---------- |
53 |
|
54 |
Fixing the TERM mess |
55 |
|
56 |
Ciaran McCreesh[10] gives an exhaustive explanation of the differences |
57 |
between different terminals (e.g. xterm, konsole, Gnome Terminal) and why |
58 |
the current behaviour is mostly broken. He also explains the two competing |
59 |
methods for finding terminal capabilities (termcap and terminfo) and their |
60 |
differences. There are a few possibilities for sorting out this suboptimal |
61 |
situation - read on to find out all the details! |
62 |
|
63 |
10. ciaranm@g.o |
64 |
|
65 |
* Fixing the TERM mess [11] |
66 |
11. http://thread.gmane.org/gmane.linux.gentoo.devel/30624 |
67 |
|
68 |
|
69 |
Multiple portage threads |
70 |
|
71 |
While on the surface Portage development seems to have come to a |
72 |
standstill much is happening behind the scenes. Some of the design |
73 |
decisions for the upcoming new-and-improved Portage are rather radical or |
74 |
will change existing behaviour dramatically enough for multiple threads |
75 |
discussing Portage internals and changes this week: |
76 |
|
77 |
* stripping implementation in portage [12] |
78 |
* future restrictions to DISTDIR access from the ebuild env [13] |
79 |
* proposed shift of files in the tree of non profiles files into seperate |
80 |
dir [14] |
81 |
* [RFC] EAPI [15] |
82 |
12. http://thread.gmane.org/gmane.linux.gentoo.devel/30656 |
83 |
13. http://thread.gmane.org/gmane.linux.gentoo.devel/30738 |
84 |
14. http://thread.gmane.org/gmane.linux.gentoo.devel/30786 |
85 |
15. http://thread.gmane.org/gmane.linux.gentoo.devel/30776 |
86 |
|
87 |
|
88 |
[RFC] autotools support eclass |
89 |
|
90 |
There is a lot of black magic in the build tools known as "autotools". |
91 |
While many developers try to stay away from them, some are forced to work |
92 |
with them and try to improve the handling of autotools in Gentoo. A |
93 |
proposal by Diego Pettenò[16] for an autotools support eclass to help with |
94 |
autotools magic is discussed in much detail in this thread. |
95 |
|
96 |
16. flameeyes@g.o |
97 |
|
98 |
* [RFC] autotools support eclass [17] |
99 |
17. http://thread.gmane.org/gmane.linux.gentoo.devel/30794 |
100 |
|
101 |
|
102 |
======================= |
103 |
3. Gentoo international |
104 |
======================= |
105 |
|
106 |
Sweden: Gentoo-based Mupper rescue CD for PegasosPPC |
107 |
---------------------------------------------------- |
108 |
|
109 |
Figure 3.1: Mupper logo |
110 |
http://www.gentoo.org/images/gwn/20050829_mupper.png |
111 |
|
112 |
Last Saturday Mikael Karlsson, known as lisardman to his local Linux User |
113 |
Group[18] and others, released version 0.3 of his "Mupper"[19] project. A |
114 |
rescue system similar to Dolphin[20] or SystemRescueCd[21], Mupper is also |
115 |
based on Gentoo Linux, but designed especially for PegasosPPCs, namely for |
116 |
Gentoo sponsor Genesi's Open Desktop Workstations[22]. Mupper carries |
117 |
several tools like parted to be expected in rescue media, and offers |
118 |
support for the AmigaFFS and many other filesystems. |
119 |
|
120 |
18. http://hjolug.org |
121 |
19. http://www.mupper.org |
122 |
20. http://bugs.gentoo.org/show_bug.cgi?id=90053 |
123 |
21. http://www.sysresccd.org |
124 |
22. http://vendors.gentoo.org/index.cgi?page=1&comGroup=1 |
125 |
|
126 |
====================== |
127 |
4. Gentoo in the press |
128 |
====================== |
129 |
|
130 |
Linux Journal (25 August 2005) |
131 |
------------------------------ |
132 |
|
133 |
Just in case you've always wanted to set up and run a call center, Michael |
134 |
George's article in Linux Journal[23] tells you how to do it, with a |
135 |
little help from his friends Gentoo, the Linux Terminal Server Project, |
136 |
soft-phone application kphone, and a few terminals and headsets. The |
137 |
result leaves nothing to desire in terms of comfort and usability compared |
138 |
to expensive commercial solutions, but the use of readily available |
139 |
open-source solutions keeps the project from outgrowing the tight budget |
140 |
of the not-for-profit association it's being set up for. |
141 |
|
142 |
23. http://www.linuxjournal.com/article/8165 |
143 |
|
144 |
Linux.com (26 August 2005) |
145 |
-------------------------- |
146 |
|
147 |
The Puerto-Rican commercial Gentoo spin-off Vidalinux has released a new |
148 |
version 1.2 recently, and Linux.com author Jem Matzan wrote a review of |
149 |
VLOS 1.2[24] that couldn't possibly be any less indulgent. Vidalinux |
150 |
(basically Gentoo with Red Hat's Anaconda installer screwed on top) pretty |
151 |
much evolves along the same lines as Gentoo itself, but Matzan compares it |
152 |
to other commercial vendors, and consequently isn't impressed at all: "The |
153 |
changes and enhancements to this edition are significant, but not good |
154 |
enough to save this conceptually astute operating system from failure." |
155 |
Vidalinux apparently did put some effort into the modification of one of |
156 |
the Portage GUI projects -- Porthole[25] -- and rebaptized it Yukiyu, but |
157 |
"while it's no trouble to use the preinstalled applications, you'll run |
158 |
into problems trying to update current packages or install new software |
159 |
through Yukiyu." |
160 |
|
161 |
24. http://www.linux.com/article.pl?sid=05/08/19/1552220 |
162 |
25. |
163 |
http://packages.gentoo.org/packages/?category=app-portage;name=porthole |
164 |
|
165 |
=========================== |
166 |
5. Moves, adds, and changes |
167 |
=========================== |
168 |
|
169 |
Moves |
170 |
----- |
171 |
|
172 |
The following developers recently left the Gentoo team: |
173 |
|
174 |
* Michael Cummings |
175 |
|
176 |
Adds |
177 |
---- |
178 |
|
179 |
The following developers recently joined the Gentoo Linux team: |
180 |
|
181 |
* None this week |
182 |
|
183 |
Changes |
184 |
------- |
185 |
|
186 |
The following developers recently changed roles within the Gentoo Linux |
187 |
project: |
188 |
|
189 |
* None this week |
190 |
|
191 |
================== |
192 |
6. Gentoo Security |
193 |
================== |
194 |
|
195 |
Evolution: Format string vulnerabilities |
196 |
---------------------------------------- |
197 |
|
198 |
Evolution is vulnerable to format string vulnerabilities which may result |
199 |
in remote execution of arbitrary code. |
200 |
|
201 |
For more information, please see the GLSA Announcement[26] |
202 |
|
203 |
26. http://www.gentoo.org/security/en/glsa/glsa-200508-12.xml |
204 |
|
205 |
PEAR XML-RPC, phpxmlrpc: New PHP script injection vulnerability |
206 |
--------------------------------------------------------------- |
207 |
|
208 |
The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to execute |
209 |
arbitrary PHP script commands. |
210 |
|
211 |
For more information, please see the GLSA Announcement[27] |
212 |
|
213 |
27. http://www.gentoo.org/security/en/glsa/glsa-200508-13.xml |
214 |
|
215 |
TikiWiki, eGroupWare: Arbitrary command execution through XML-RPC |
216 |
----------------------------------------------------------------- |
217 |
|
218 |
TikiWiki and eGroupWare both include PHP XML-RPC code vulnerable to |
219 |
arbitrary command execution. |
220 |
|
221 |
For more information, please see the GLSA Announcement[28] |
222 |
|
223 |
28. http://www.gentoo.org/security/en/glsa/glsa-200508-14.xml |
224 |
|
225 |
Apache 2.0: Denial of Service vulnerability |
226 |
------------------------------------------- |
227 |
|
228 |
A bug in Apache may allow a remote attacker to perform a Denial of Service |
229 |
attack. |
230 |
|
231 |
For more information, please see the GLSA Announcement[29] |
232 |
|
233 |
29. http://www.gentoo.org/security/en/glsa/glsa-200508-15.xml |
234 |
|
235 |
Tor: Information disclosure |
236 |
--------------------------- |
237 |
|
238 |
A flaw in Tor leads to the disclosure of information and the loss of |
239 |
anonymity, integrity and confidentiality. |
240 |
|
241 |
For more information, please see the GLSA Announcement[30] |
242 |
|
243 |
30. http://www.gentoo.org/security/en/glsa/glsa-200508-16.xml |
244 |
|
245 |
libpcre: Heap integer overflow |
246 |
------------------------------ |
247 |
|
248 |
libpcre is vulnerable to a heap integer overflow, possibly leading to the |
249 |
execution of arbitrary code. |
250 |
|
251 |
For more information, please see the GLSA Announcement[31] |
252 |
|
253 |
31. http://www.gentoo.org/security/en/glsa/glsa-200508-17.xml |
254 |
|
255 |
PhpWiki: Arbitrary command execution through XML-RPC |
256 |
---------------------------------------------------- |
257 |
|
258 |
PhpWiki includes PHP XML-RPC code which is vulnerable to arbitrary command |
259 |
execution. |
260 |
|
261 |
For more information, please see the GLSA Announcement[32] |
262 |
|
263 |
32. http://www.gentoo.org/security/en/glsa/glsa-200508-18.xml |
264 |
|
265 |
=========== |
266 |
7. Bugzilla |
267 |
=========== |
268 |
|
269 |
Summary |
270 |
------- |
271 |
|
272 |
* Statistics |
273 |
* Closed bug ranking |
274 |
* New bug rankings |
275 |
|
276 |
Statistics |
277 |
---------- |
278 |
|
279 |
The Gentoo community uses Bugzilla (bugs.gentoo.org[33]) to record and |
280 |
track bugs, notifications, suggestions and other interactions with the |
281 |
development team. Between 21 August 2005 and 28 August 2005, activity on |
282 |
the site has resulted in: |
283 |
|
284 |
33. http://bugs.gentoo.org |
285 |
|
286 |
* 791 new bugs during this period |
287 |
* 391 bugs closed or resolved during this period |
288 |
* 51 previously closed bugs were reopened this period |
289 |
|
290 |
Of the 8038 currently open bugs: 103 are labeled 'blocker', 198 are |
291 |
labeled 'critical', and 529 are labeled 'major'. |
292 |
|
293 |
Closed bug rankings |
294 |
------------------- |
295 |
|
296 |
The developers and teams who have closed the most bugs during this period |
297 |
are: |
298 |
|
299 |
* AMD64 Porting Team[34], with 47 closed bugs[35] |
300 |
* PHP Bugs[36], with 29 closed bugs[37] |
301 |
* Gentoo Science Related Packages[38], with 18 closed bugs[39] |
302 |
* Gentoo Security[40], with 16 closed bugs[41] |
303 |
* Xavier Neys[42], with 15 closed bugs[43] |
304 |
* Gentoo net-p2p team[44], with 15 closed bugs[45] |
305 |
* Gentoo KDE team[46], with 15 closed bugs[47] |
306 |
* Gentoo Games[48], with 15 closed bugs[49] |
307 |
34. amd64@g.o |
308 |
35. |
309 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=amd64@g.o |
310 |
36. php-bugs@g.o |
311 |
37. |
312 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=php-bugs@g.o |
313 |
38. sci@g.o |
314 |
39. |
315 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=sci@g.o |
316 |
40. security@g.o |
317 |
41. |
318 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=security@g.o |
319 |
42. neysx@g.o |
320 |
43. |
321 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=neysx@g.o |
322 |
44. net-p2p@g.o |
323 |
45. |
324 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=net-p2p@g.o |
325 |
46. kde@g.o |
326 |
47. |
327 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=kde@g.o |
328 |
48. games@g.o |
329 |
49. |
330 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-08-21&chfieldto=2005-08-28&resolution=FIXED&assigned_to=games@g.o |
331 |
|
332 |
|
333 |
New bug rankings |
334 |
---------------- |
335 |
|
336 |
The developers and teams who have been assigned the most new bugs during |
337 |
this period are: |
338 |
|
339 |
* Default Assignee for New Packages[50], with 22 new bugs[51] |
340 |
* Perl Devs @ Gentoo[52], with 20 new bugs[53] |
341 |
* media-video herd[54], with 13 new bugs[55] |
342 |
* Gentoo Linux Gnome Desktop Team[56], with 11 new bugs[57] |
343 |
* AMD64 Porting Team[58], with 8 new bugs[59] |
344 |
* Gentoo Toolchain Maintainers[60], with 7 new bugs[61] |
345 |
* Gentoo Sound Team[62], with 7 new bugs[63] |
346 |
* Net-Mail Packages[64], with 7 new bugs[65] |
347 |
50. maintainer-wanted@g.o |
348 |
51. |
349 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=maintainer-wanted@g.o |
350 |
52. perl@g.o |
351 |
53. |
352 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=perl@g.o |
353 |
54. media-video@g.o |
354 |
55. |
355 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=media-video@g.o |
356 |
56. gnome@g.o |
357 |
57. |
358 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=gnome@g.o |
359 |
58. amd64@g.o |
360 |
59. |
361 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=amd64@g.o |
362 |
60. toolchain@g.o |
363 |
61. |
364 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=toolchain@g.o |
365 |
62. sound@g.o |
366 |
63. |
367 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=sound@g.o |
368 |
64. net-mail@g.o |
369 |
65. |
370 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-08-21&chfieldto=2005-08-28&assigned_to=net-mail@g.o |
371 |
|
372 |
|
373 |
=============================== |
374 |
8. GWN subscription information |
375 |
=============================== |
376 |
|
377 |
To subscribe to the Gentoo Weekly Newsletter, send a blank email to |
378 |
gentoo-gwn+subscribe@g.o. |
379 |
|
380 |
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to |
381 |
gentoo-gwn+unsubscribe@g.o from the email address you are |
382 |
subscribed under. |
383 |
|
384 |
================== |
385 |
9. Other languages |
386 |
================== |
387 |
|
388 |
The Gentoo Weekly Newsletter is also available in the following languages: |
389 |
|
390 |
* Danish[66] |
391 |
* Dutch[67] |
392 |
* English[68] |
393 |
* German[69] |
394 |
* French[70] |
395 |
* Japanese[71] |
396 |
* Italian[72] |
397 |
* Polish[73] |
398 |
* Portuguese (Brazil)[74] |
399 |
* Portuguese (Portugal)[75] |
400 |
* Russian[76] |
401 |
* Spanish[77] |
402 |
* Turkish[78] |
403 |
66. http://www.gentoo.org/news/da/gwn/gwn.xml |
404 |
67. http://www.gentoo.org/news/nl/gwn/gwn.xml |
405 |
68. http://www.gentoo.org/news/en/gwn/gwn.xml |
406 |
69. http://www.gentoo.org/news/de/gwn/gwn.xml |
407 |
70. http://www.gentoo.org/news/fr/gwn/gwn.xml |
408 |
71. http://www.gentoo.org/news/ja/gwn/gwn.xml |
409 |
72. http://www.gentoo.org/news/it/gwn/gwn.xml |
410 |
73. http://www.gentoo.org/news/pl/gwn/gwn.xml |
411 |
74. http://www.gentoo.org/news/pt_br/gwn/gwn.xml |
412 |
75. http://www.gentoo.org/news/pt/gwn/gwn.xml |
413 |
76. http://www.gentoo.org/news/ru/gwn/gwn.xml |
414 |
77. http://www.gentoo.org/news/es/gwn/gwn.xml |
415 |
78. http://www.gentoo.org/news/tr/gwn/gwn.xml |
416 |
|
417 |
|
418 |
Ulrich Plate <plate@g.o> - Editor |
419 |
Patrick Lauer <patrick@g.o> - Author |
420 |
-- |
421 |
gentoo-gwn@g.o mailing list |