Gentoo Archives: gentoo-gwn

From: Yuji Kosugi <carlos@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter - Volume 3, Issue 24
Date: Tue, 15 Jun 2004 12:26:35
Message-Id: 20040615121446.GA3293@sparda.dyndns.org
---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of May 31st, 2004.
---------------------------------------------------------------------------
 
==============
1. Gentoo News
==============
  
Gentoo Not-For-Profit Paperwork complete
----------------------------------------
  
The paperwork for the Gentoo Not-For-Profit entity was approved by the 
State of New Mexico today. This means that as of today, the Gentoo 
Foundation is an official Not-For-Profit Corporation in the United States. 
The process of becoming a Federally-recognized not-for-profit entity, 
which will take about six months for approval, can now begin. Sven 
Vermeulen has been tasked with drafting a charter for the newly approved 
Gentoo Foundation. Assets of Gentoo Technologies, Inc. such as the 
gentoo.org domain, can now be transferred to the Gentoo Foundation. We're 
glad to see all the hard work that has been put into this process giving 
some positive results and would like to thank Daniel Robbins[1] and all of 
the trustees for their hard work. 

 1. drobbins@g.o
    
Ways to get involved: Introducing webapps-request@g.o
------------------------------------------------------------
  
Developer Stuart Herbert[2] has created a new bugzilla user 
(webapps-request@g.o), to which he is assigning all bugs about new 
packages. Some of these bugs are requests for ebuilds. Some of the bugs 
include ebuilds that need testing (and maybe fixing). 

 2. stuart@g.o
 
If you want to get involved with Gentoo, and can spare the time, this 
would be a great way - especially if you know any of the packages 
involved. This will free up some time for the developers to concentrate on 
real bugs reported against packages already in Portage. 
 
If you want to be notified when new bugs are added to the webapps-request 
list, you can setup a watch in your Bugzilla account. Simply go to this 
page[3] and in the "Users to watch:" box, type in 
'webapps-request@g.o'. 

 3. http://bugs.gentoo.org/userprefs.cgi?tab=email
    
==================
2. Gentoo Security
==================
  
Mailman: Member password disclosure vulnerability
-------------------------------------------------
  
Mailman contains a bug allowing 3rd parties to retrieve member passwords. 
 
For more information, please see the GLSA Announcement[4] 

 4. http://www.gentoo.org/security/en/glsa/glsa-200406-04.xml
    
Apache: Buffer overflow in mod_ssl
----------------------------------
  
A bug in mod_ssl may allow a remote attacker to execute remote code when 
Apache is configured a certain way. 
 
For more information, please see the GLSA Announcement[5] 

 5. http://www.gentoo.org/security/en/glsa/glsa-200406-05.xml
    
CVS: additional DoS and arbitrary code execution vulnerabilities
----------------------------------------------------------------
  
Several serious new vulnerabilities have been found in CVS, which may 
allow an attacker to remotely compromise a CVS server. 
 
For more information, please see the GLSA Announcement[6] 

 6. http://www.gentoo.org/security/en/glsa/glsa-200406-06.xml
    
Subversion: Remote heap overflow
--------------------------------
  
Subversion is vulnerable to a remote Denial of Service that may be 
exploitable to execute arbitrary code on the server running svnserve. 
 
For more information, please see the GLSA Announcement[7] 

 7. http://www.gentoo.org/security/en/glsa/glsa-200406-07.xml
    
=========================
3. Heard in the Community
=========================
  
Web Forums
----------
  
Linux Memory Management 
 
A concise and very useful tutorial about memory management in Linux has 
made its way into the Documentation, Tips & Tricks section, paying special 
attention to things peculiar in 2.6 kernels: 
 
 * Linux Memory Management or 'Why is there no free RAM?'[8] 
 8. http://forums.gentoo.org/viewtopic.php?t=175419
    
gentoo-user
-----------
  
Deadlocking Kernels 
 
A vulnerability that apparently affects all x86 2.4 and 2.6 series kernels 
was shared on gentoo-user  here[9] with exploit code in tow. 

 9. http://article.gmane.org/gmane.linux.gentoo.user/84302
 
The GWN and RSS 
 
This[10] thread covered reading the GWN via an RSS feed, as well as 
preferred applications to do so. 

 10. http://article.gmane.org/gmane.linux.gentoo.user/84115
    
=======================
4. Gentoo International
=======================
   
Germany: LPI 101 Certification in German at the LinuxTag in Karlsruhe 
 
The German branch of the Linux Professional Institute[11] has announced 
that they will offer certification in German for the first time at the 
LinuxTag in Karlsruhe[12] this year. For 30 Euros, visitors to the fair 
(and some of the German devs at the Gentoo booth are known to go as well) 
can sit for the LPI 101 in German or English, or the LPI 201 in English 
only, on 24 to 26 June 2004. Details here.[13].

 11. http://www.lpi-german.de
 12. http://www.linuxtag.de
 13. http://www.lpi-german.de/presse/20040609.html
    
===========
5. Bugzilla
===========
  
Summary
-------
  
 * Statistics 
 * Closed Bug Ranking 
 * New Bug Rankings 
    
Statistics
----------
  
The Gentoo community uses Bugzilla (bugs.gentoo.org[14]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 04 June 2004 and 10 June 2004, activity on the 
site has resulted in: 

 14. http://bugs.gentoo.org
 
 * 537 new bugs during this period 
 * 305 bugs closed or resolved during this period 
 * 14 previously closed bugs were reopened this period 
 
Of the 6461 currently open bugs: 131 are labeled 'blocker', 189 are 
labeled 'critical', and 524 are labeled 'major'. 
    
Closed Bug Rankings
-------------------
  
The developers and teams who have closed the most bugs during this period 
are: 
 
 * Gentoo Games[15], with 18 closed bugs[16]  
 * Gentoo's Team for Core System packages[17], with 12 closed bugs[18]  
 * Net-Mail Packages[19], with 11 closed bugs[20]  
 * Thomas Raschbacher[21], with 9 closed bugs[22]  
 * Gentoo KDE team[23], with 8 closed bugs[24]  
 15. games@g.o
 16. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-06-04&chfieldto=2004-06-10&resolution=FIX
ED&assigned_to=games@g.o
 17. base-system@g.o
 18. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-06-04&chfieldto=2004-06-10&resolution=FIX
ED&assigned_to=base-system@g.o
 19. net-mail@g.o
 20. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-06-04&chfieldto=2004-06-10&resolution=FIX
ED&assigned_to=net-mail@g.o
 21. lordvan@g.o
 22. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-06-04&chfieldto=2004-06-10&resolution=FIX
ED&assigned_to=lordvan@g.o
 23. kde@g.o
 24. 
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&ch
field=bug_status&chfieldfrom=2004-06-04&chfieldto=2004-06-10&resolution=FIX
ED&assigned_to=kde@g.o

New Bug Rankings
----------------
  
The developers and teams who have been assigned the most new bugs during 
this period are: 
 
 * Gentoo Toolchain Maintainers[25], with 19 new bugs[26]  
 * Gentoo Linux Gnome Desktop Team[27], with 17 new bugs[28]  
 * AMD64 Porting Team[29], with 16 new bugs[30]  
 * Gentoo Web Application Packages Maintainers[31], with 12 new bugs[32]  
 * Gentoo Perl Devs[33], with 12 new bugs[34]  
 * Gentoo KDE team[35], with 12 new bugs[36]  
 25. toolchain@g.o
 26. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-06-04&chfieldto=2004-06
-10&assigned_to=toolchain@g.o
 27. gnome@g.o
 28. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-06-04&chfieldto=2004-06
-10&assigned_to=gnome@g.o
 29. amd64@g.o
 30. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-06-04&chfieldto=2004-06
-10&assigned_to=amd64@g.o
 31. web-apps@g.o
 32. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-06-04&chfieldto=2004-06
-10&assigned_to=web-apps@g.o
 33. perl@g.o
 34. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-06-04&chfieldto=2004-06
-10&assigned_to=perl@g.o
 35. kde@g.o
 36. 
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_s
tatus=REOPENED&chfield=assigned_to&chfieldfrom=2004-06-04&chfieldto=2004-06
-10&assigned_to=kde@g.o
    
==================
6. Tips and Tricks
==================
   
Protecting files with noclobber
 
This tip is for people who have ever hosed important files by using > when 
they meant to use >>. Add the following line to .bashrc: set -o noclobber. 
The noclobber option prevents you from overwriting existing files with the 
> operator.
--------------------------------------------------------------------------- | Code Listing 6.1: | |-------------------------------------------------------------------------| | | |% program > file2 | |bash: file2: cannot overwrite existing file | --------------------------------------------------------------------------- In some cases you may really want to overwrite the file. In this case, instead of turning noclobber off, you can use >| to force the file to be written. --------------------------------------------------------------------------- | Code Listing 6.2: | |-------------------------------------------------------------------------| | | |% program >| file2 | --------------------------------------------------------------------------- =========================== 7. Moves, Adds, and Changes =========================== Moves ----- The following developers recently left the Gentoo team: * None this week Adds ---- The following developers recently joined the Gentoo Linux team: * None this week Changes ------- The following developers recently changed roles within the Gentoo Linux project: * None this week ==================== 8. Contribute to GWN ==================== Interested in contributing to the Gentoo Weekly Newsletter? Send us an email[37]. 37. gwn-feedback@g.o =============== 9. GWN Feedback =============== Please send us your feedback[38] and help make the GWN better. 38. gwn-feedback@g.o ================================ 10. GWN Subscription Information ================================ To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@g.o. To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@g.o from the email address you are subscribed under. =================== 11. Other Languages =================== The Gentoo Weekly Newsletter is also available in the following languages: * Danish[39] * Dutch[40] * English[41] * German[42] * French[43] * Japanese[44] * Italian[45] * Polish[46] * Portuguese (Brazil)[47] * Portuguese (Portugal)[48] * Russian[49] * Spanish[50] * Turkish[51] 39. http://www.gentoo.org/news/da/gwn/gwn.xml 40. http://www.gentoo.org/news/be/gwn/gwn.xml 41. http://www.gentoo.org/news/en/gwn/gwn.xml 42. http://www.gentoo.org/news/de/gwn/gwn.xml 43. http://www.gentoo.org/news/fr/gwn/gwn.xml 44. http://www.gentoo.org/news/ja/gwn/gwn.xml 45. http://www.gentoo.org/news/it/gwn/gwn.xml 46. http://www.gentoo.org/news/pl/gwn/gwn.xml 47. http://www.gentoo.org/news/br/gwn/gwn.xml 48. http://www.gentoo.org/news/pt/gwn/gwn.xml 49. http://www.gentoo.org/news/ru/gwn/gwn.xml 50. http://www.gentoo.org/news/es/gwn/gwn.xml 51. http://www.gentoo.org/news/tr/gwn/gwn.xml Yuji Carlos Kosugi <carlos@g.o> - Editor AJ Armstrong <aja@×××××××××××××.com> - Contributor Brian Downey <bdowney@×××××××××××.net> - Contributor Kurt Lieber <klieber@g.o> - Contributor David Narayan <david@×××××××.net> - Contributor Ulrich Plate <plate@g.o> - Contributor Sven Vermeulen <swift@g.o> - Contributor Simon Holm Thagersen <simon@××××××.net> - Danish Translation Jesper Brodersen <broeman@g.o> - Danish Translation Arne Mejlholm <aaby@g.o> - Danish Translation Hendrik Eeckhaut <Hendrik.Eeckhaut@×××××.be> - Dutch Translation Jorn Eilander <sephiroth@××××××××.nl> - Dutch Translation Bernard Kerckenaere <bernieke@××××××××.com> - Dutch Translation Peter ter Borg <peter@××××××.nl> - Dutch Translation Jochen Maes <linux@××××.be> - Dutch Translation Roderick Goessen <rgoessen@××××.nl> - Dutch Translation Gerard van den Berg <gerard@××××××.net> - Dutch Translation Matthieu Montaudouin <mat@××××××××.com> - French Translation Xavier Neys <neysx@g.o> - French Translation Martin Prieto <riverdale@×××××××××.org> - French Translation Antoine Raillon <cabec2@××××××.net> - French Translation Sebastien Cevey <seb@×××××.net> - French Translation Jean-Christophe Choisy <mabouya@××××××××××××.org> - French Translation Thomas Raschbacher <lordvan@g.o> - German Translation Steffen Lassahn <madeagle@g.o> - German Translation Matthias F. Brandstetter <haim@g.o> - German Translation Lukas Domagala <Cyrik@g.o> - German Translation Tobias Scherbaum <dertobi123@g.o> - German Translation Daniel Gerholdt <Sputnik1969@g.o> - German Translation Marc Herren <dj-submerge@g.o> - German Translation Tobias Matzat <SirSeoman@g.o> - German Translation Marco Mascherpa <mush@××××××.net> - Italian Translation Claudio Merloni <paper@×××××××.it> - Italian Translation Stefano Lucidi <stefano.lucidi@×××××××××××××.org> - Italian Translation Katuyuki Konno <katuyuki@××××××××.jp> - Japanese Translation Hiroyuki Takeda <hiro@××××××××××××××.jp> - Japanese Translation Masato Hatakeyama <hatake@×××××××××××.jp> - Japanese Translation Masayoshi Nakamura <masayang@×××××××××.com> - Japanese Translation Yasunori Fukudome <yasunori@××××××××××××××××.uk> - Japanese Translation Tomoyuki Sakurai <web-gentoo-doc-jp@××××××××××××.nu> - Japanese Translation Lukasz Strzygowski <lucass@××××××.pl> - Polish Translation Karol Goralski <gooroo@××××××.pl> - Polish Translation Atila "Jedi" Bohlke Vasconcelos <bohlke@×××××××××.br> - Portuguese (Brazil) Translation Eduardo Belloti <dudu@××××××××.net> - Portuguese (Brazil) Translation Jo??o Rafael Moraes Nicola <joaoraf@×××××××××.br> - Portuguese (Brazil) Translation Marcelo Gon??alves de Azambuja <mgazambuja@×××××××××.br> - Portuguese (Brazil) Translation Otavio Rodolfo Piske <angusy@××××××××.org> - Portuguese (Brazil) Translation Pablo N. Hess -- NatuNobilis <natunobilis@××××××××.org> - Portuguese (Brazil) Translation Pedro de Medeiros <pzilla@××××××××.br> - Portuguese (Brazil) Translation Ventura Barbeiro <venturasbarbeiro@××××××.br> - Portuguese (Brazil) Translation Bruno Ferreira <blueroom@××××××××××××.net> - Portuguese (Portugal) Translation Gustavo Felisberto <humpback@××××××××××.net> - Portuguese (Portugal) Translation Jos?? Costa <jose_costa@×××××××.pt> - Portuguese (Portugal) Translation Luis Medina <metalgodin@×××××××××.org> - Portuguese (Portugal) Translation Ricardo Loureiro <rjlouro@×××××××.org> - Portuguese (Portugal) Translation Aleksandr Martyncev <amncorp@××.ru> - Russian Translator Sergey Galkin <gals_home@××××.ru> - Russian Translator Sergey Kuleshov <svyatogor@g.o> - Russian Translator Alex Spirin <asp13@××××.ru> - Russian Translator Denis Zaletov <dzaletov@×××××××.ru> - Russian Translator Lanark <lanark@××××××××××.ar> - Spanish Translation Fernando J. Pereda <ferdy@××××××.org> - Spanish Translation Lluis Peinado Cifuentes <lpeinado@×××.edu> - Spanish Translation Zephryn Xirdal T <ZEPHRYNXIRDAL@××××××××××.net> - Spanish Translation Guillermo Juarez <katossi@××××××××××××××××.es> - Spanish Translation Jes??s Garc??a Crespo <correo@××××××.com> - Spanish Translation Carlos Castillo <carlos@×××××××××××××.com> - Spanish Translation Julio Castillo <julio@×××××××××××××.com> - Spanish Translation Sergio G??mez <s3r@××××××××××××.ar> - Spanish Translation Aycan Irican <aycan@××××××××.tr> - Turkish Translation Bugra Cakir <bugra@×××××××××.com> - Turkish Translation Cagil Seker <cagils@××××××××××.tr> - Turkish Translation Emre Kazdagli <emre@××××××××.tr> - Turkish Translation Evrim Ulu <evrim@××××××××.tr> - Turkish Translation Gursel Kaynak <gurcell@××××××××.tr> - Turkish Translation