Gentoo Archives: gentoo-gwn

From: Kurt Lieber <klieber@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter -- Volume 3, Issue 32
Date: Mon, 09 Aug 2004 22:36:32
Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of August 9th, 2004.
1. Gentoo News
Gentoo at Linux World Expo
Marking our fourth consecutive Linux World Expo, Gentoo Linux was on hand 
at the recent San Francisco event. As with previous shows, the Gentoo 
booth was located in the .org pavillion. Nominated for the Best Open 
Source Solution (though beaten out by Firefox), the Gentoo booth was quite 
busy throughout the show. With a mixture of new people wanting to find out 
more about Gentoo and veteran users thanking the developers for their hard 
work, the show allowed Gentoo to reach out to users new and old. Another 
benefit was the chance for many of the Gentoo developers to meet 
face-to-face for the first time. 
Also at the show, a Birds of a Feather meeting was held, which is an 
informal, after-hours meeting where users had a chance to interact with 
the developers on a one-to-one basis. This meeting drew far larger numbers 
than were originally expected, with over 50 people in attendance.
To all the folks who stopped by the Gentoo booth, thank you for showing 
your support. To anyone who was unable to make it, we'll be at the next 
Linux World Expo in Boston, February 14th through 17th! 
Update on the Gentoo Website Redesign
As an update to the previously announced[1] website redesign contest, a 
number of excellent submissions were received from our users. Overall, we 
had more than two dozen responses from which five have been selected as 
finalists. We are currently awaiting confirmation from those finalists 
that they are indeed willing to complete their design and participate in 
the actual project. As soon as we have those confirmations, we will post 
the five finalists and allow the community to select a winner. 

2. Gentoo Security
Courier: Cross-site scripting vulnerability in SqWebMail 
The SqWebMail web application, included in the Courier suite, is 
vulnerable to cross-site scripting attacks.
For more information, please see the GLSA Announcement[2]

libpng: Numerous vulnerabilities 
libpng contains numerous vulnerabilities potentially allowing an attacker 
to perform a Denial of Service attack or even execute arbitrary code.
For more information, please see the GLSA Announcement[3]

PuTTY: Pre-authentication arbitrary code execution 
PuTTY contains a vulnerability allowing a SSH server to execute arbitrary 
code on the connecting client.
For more information, please see the GLSA Announcement[4]

Opera: Multiple new vulnerabilities 
Several new vulnerabilities were found and fixed in Opera, including one 
allowing an attacker to read the local filesystem remotely.
For more information, please see the GLSA Announcement[5]

3. Featured Developer of the Week
Featured Developer is on hiatus this week. 
4. Heard in the Community
DVD Burning under Linux
DVD burning under Linux has become easier and easier in the past months 
due to the enhancements in the 2.6 kernel series. Yet, the issues are 
still there--but now due to the myriad of DVD-burning drives. DVD+R, 
DVD-R, single-layer, dual-layer, etc. Scott Taylor did the list a favor 
with a great write up that sums up the differences, as well as a 
recommendation on the type of drive he prefers. Also check out the related 
thread on dual-layer burners. 
 * Good DVD burner?[6] 
 * dual layer DVD burners[7] 

"Weird" Executables in /bin
What's that left-bracket doing there in /bin? If you're curious, check out 
this thread[8]. 

Upgrading Perl
Do you rebuild your perl libraries after an upgrade? You should! Although 
indispensable as a scripting and admin tool, upgrading perl involves a 
good number of reverse dependencies. Gentoo provides the libperl_rebuilder 
script (/usr/portage/dev-lang/perl/files/libperl_rebuilder) which can 
allieviate some of the issues and keep your perl running smoothly. 
However, if you happen to be using "ACCEPT_KEYWORDS" there may experience 
some problems. List member Holly Bostick and our resident developer 
Spider, help clear up the confusion and make the upgrade process easier. 
 * Upgrading Perl[9] 

Web Forums
For Real: Realplayer 10 
Real Networks[10] announced last Monday that their latest release, 
RealPlayer 10 Gold, is now available to Linux users. RealPlayer 10 is 
identical to the fully open-sourced Helix Player 1.0[11] (released on the 
same day), but has added support for Real's own audio and video formats, 
MP3 and Flash playback. While Gentoo users in the Forum have greeted the 
news with excitement, an official RealPlayer ebuild will have to wait for 
Gentoo develeoper Chris White do quality checks and get Real's endorsement 
for inclusion of their flagship application in the Portage tree. If you 
want to help Chris conducting the necessary tests, contact him by 

 * Realplayer 10[13] 
 12. chriswhite@g.o
Useful USE Tools 
Italian Forum user xchris[14] has written a handy bash script that 
analyzes which packages have been compiled with or without a supported USE 
flag, available for download at his own website. In case you forgot to 
include an important feature in several packages, you might like to simply 
redirect the output of "usetool -nu [use flag] -nc" straight to emerge. 
And if you'd like to know what USE flags actually are being supported by 
packages first, try singular[15]'s concise Python script (based on 
gentoolkit) that puts an end to the old recursive grepping routine people 
had to rely on so far: 
 * TOOL - Usetool for useflag analisys[16] 
 * finduse Python script[17] 


5. Gentoo International
Italy: MOCA Reminder, 20-22 August 
Ten days before MOCA, the Italian geek camp[18], opens its 
doo^H^H^Hflysheets in Pescara, and as many as seventeen Gentoo users have 
confirmed their participation in this event organised by Metro Olografix 
activists on the Adriatic coast. If you're interested in joining in the 
fun, check our earlier report[19] for details, and let the others know 
you're coming at this forum thread[20] (in Italian, preferrably). 

At DEFCON 12 this past weekend, several Gentoo Linux machines were sighted 
in the RootFu[21] competition. Gentoo's "less is more" attitude for Stage1 
installs makes it advantageous for security-minded folks. There were other 
Gentoo sightings as well: Several of the conferences used Gentoo machines 
for demonstrations, and many were sighted on user's laptops. 

6. Bugzilla
 * Statistics 
 * Closed Bug Ranking 
 * New Bug Rankings 
The Gentoo community uses Bugzilla ([22]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 31 July 2004 and 06 August 2004, activity on the 
site has resulted in: 

 * 615 new bugs during this period 
 * 356 bugs closed or resolved during this period 
 * 18 previously closed bugs were reopened this period 
Of the 7016 currently open bugs: 134 are labeled 'blocker', 201 are 
labeled 'critical', and 549 are labeled 'major'. 
Closed Bug Rankings
The developers and teams who have closed the most bugs during this period 
 * Portage Team[23], with 35 closed bugs[24]  
 * Sven Vermeulen[25], with 32 closed bugs[26]  
 * AMD64 Porting Team[27], with 22 closed bugs[28]  
 * Heinrich Wendel[29], with 12 closed bugs[30]  
 * Gentoo Linux Gnome Desktop Team[31], with 12 closed bugs[32]  
 23. dev-portage@g.o
 25. swift@g.o
 27. amd64@g.o
 29. lanius@g.o
 31. gnome@g.o

New Bug Rankings
The developers and teams who have been assigned the most new bugs during 
this period are: 
 * AMD64 Porting Team[33], with 47 new bugs[34]  
 * OSX Porters[35], with 17 new bugs[36]  
 * Gentoo Linux Gnome Desktop Team[37], with 14 new bugs[38]  
 * Perl Devs[39], with 10 new bugs[40]  
 * Java team[41], with 10 new bugs[42]  
 33. amd64@g.o
 35. osx@g.o
 37. gnome@g.o
 39. perl@g.o
 41. java@g.o

7. Tips and Tricks
Tips and Tricks is looking for a new owner. If you're interested in taking 
over this section of the GWN, please email gwn-feedback@g.o[43]. 

 43. mailto:gwn-feedback@g.o
8. Moves, Adds, and Changes
The following developers recently left the Gentoo team:
 * None this week 
The following developers recently joined the Gentoo Linux team:
 * None this week 
The following developers recently changed roles within the Gentoo Linux 
 * None this week 
9. Contribute to GWN
Interested in contributing to the Gentoo Weekly Newsletter? Send us an 

 44. gwn-feedback@g.o
10. GWN Feedback
Please send us your feedback[45] and help make the GWN better.

 45. gwn-feedback@g.o
11. GWN Subscription Information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to 
gentoo-gwn-unsubscribe@g.o from the email address you are 
subscribed under.
12. Other Languages
The Gentoo Weekly Newsletter is also available in the following languages:
 * Danish[46] 
 * Dutch[47] 
 * English[48] 
 * German[49] 
 * French[50] 
 * Japanese[51] 
 * Italian[52] 
 * Polish[53] 
 * Portuguese (Brazil)[54] 
 * Portuguese (Portugal)[55] 
 * Russian[56] 
 * Spanish[57] 
 * Turkish[58] 

Yuji Carlos Kosugi <carlos@g.o> - Editor
AJ Armstrong <aja@g.o> - Contributor
Brian Downey <bdowney@×××××××××××.net> - Contributor
Kurt Lieber <klieber@g.o> - Contributor
Ulrich Plate <plate@g.o> - Contributor
Sven Vermeulen <swift@g.o> - Contributor
Simon Holm Thagersen <simon@××××××.net> - Danish Translation
Jesper Brodersen <broeman@g.o> - Danish Translation
Arne Mejlholm <aaby@g.o> - Danish Translation
Hendrik Eeckhaut <Hendrik.Eeckhaut@×××××.be> - Dutch Translation
Jorn Eilander <sephiroth@××××××××.nl> - Dutch Translation
Bernard Kerckenaere <bernieke@××××××××.com> - Dutch Translation
Peter ter Borg <peter@××××××.nl> - Dutch Translation
Jochen Maes <linux@××××.be> - Dutch Translation
Roderick Goessen <rgoessen@××××.nl> - Dutch Translation
Gerard van den Berg <gerard@××××××.net> - Dutch Translation
Matthieu Montaudouin <mat@××××××××.com> - French Translation
Xavier Neys <neysx@g.o> - French Translation
Martin Prieto <riverdale@×××××××××.org> - French Translation
Antoine Raillon <cabec2@××××××.net> - French Translation
Sebastien Cevey <seb@×××××.net> - French Translation
Jean-Christophe Choisy <mabouya@××××××××××××.org> - French Translation
Thomas Raschbacher <lordvan@g.o> - German Translation
Steffen Lassahn <madeagle@g.o> - German Translation
Matthias F. Brandstetter <haim@g.o> - German Translation
Lukas Domagala <Cyrik@g.o> - German Translation
Tobias Scherbaum <dertobi123@g.o> - German Translation
Daniel Gerholdt <Sputnik1969@g.o> - German Translation
Marc Herren <dj-submerge@g.o> - German Translation
Tobias Matzat <SirSeoman@g.o> - German Translation
Marco Mascherpa <mush@××××××.net> - Italian Translation
Claudio Merloni <paper@×××××××.it> - Italian Translation
Stefano Lucidi <stefano.lucidi@×××××××××××××.org> - Italian Translation
Katuyuki Konno <katuyuki@××××××××.jp> - Japanese Translation
Hiroyuki Takeda <hiro@××××××××××××××.jp> - Japanese Translation
Masato Hatakeyama <hatake@×××××××××××.jp> - Japanese Translation
Shigehiro Idani <datam@×××××××.jp> - Japanese Translation
Masayoshi Nakamura <masayang@×××××××××.com> - Japanese Translation
Tomoyuki Sakurai <web-gentoo-doc-jp@××××××××××××.nu> - Japanese Translation
Lukasz Strzygowski <lucass@××××××.pl> - Polish Translation
Karol Goralski <gooroo@××××××.pl> - Polish Translation
Atila "Jedi" Bohlke Vasconcelos <bohlke@×××××××××.br> - Portuguese 
(Brazil) Translation
Eduardo Belloti <dudu@××××××××.net> - Portuguese (Brazil) Translation
João Rafael Moraes Nicola <joaoraf@×××××××××.br> - Portuguese (Brazil) 
Marcelo Gonçalves de Azambuja <mgazambuja@×××××××××.br> - Portuguese 
(Brazil) Translation
Otavio Rodolfo Piske <angusy@××××××××.org> - Portuguese (Brazil) 
Pablo N. Hess -- NatuNobilis <natunobilis@××××××××.org> - Portuguese 
(Brazil) Translation
Pedro de Medeiros <pzilla@××××××××.br> - Portuguese (Brazil) Translation
Ventura Barbeiro <venturasbarbeiro@××××××.br> - Portuguese (Brazil) 
Bruno Ferreira <blueroom@××××××××××××.net> - Portuguese (Portugal) 
Gustavo Felisberto <humpback@××××××××××.net> - Portuguese (Portugal) 
José Costa <jose_costa@×××××××.pt> - Portuguese (Portugal) Translation
Luis Medina <metalgodin@×××××××××.org> - Portuguese (Portugal) Translation
Ricardo Loureiro <rjlouro@×××××××.org> - Portuguese (Portugal) Translation
Aleksandr Martyncev <amncorp@××.ru> - Russian Translator
Sergey Galkin <gals_home@××××.ru> - Russian Translator
Sergey Kuleshov <svyatogor@g.o> - Russian Translator
Alex Spirin <asp13@××××.ru> - Russian Translator
Denis Zaletov <dzaletov@×××××××.ru> - Russian Translator
Guillermo Juarez <guillermo.juarez@××××××××××.es> - Spanish Translation
Fernando J. Pereda <ferdy@××××××.org> - Spanish Translation
Juan Diego Gutiérrez Gallardo <andy@××××××.com> - Spanish Translation
Nicolas Silva <nsilva@××××××.edu> - Spanish Translation
Aycan Irican <aycan@××××××××.tr> - Turkish Translation
Bugra Cakir <bugra@×××××××××.com> - Turkish Translation
Cagil Seker <cagils@××××××××××.tr> - Turkish Translation
Emre Kazdagli <emre@××××××××.tr> - Turkish Translation
Evrim Ulu <evrim@××××××××.tr> - Turkish Translation
Gursel Kaynak <gurcell@××××××××.tr> - Turkish Translation