1 |
--------------------------------------------------------------------------- |
2 |
Gentoo Weekly Newsletter |
3 |
http://www.gentoo.org/news/en/gwn/current.xml |
4 |
This is the Gentoo Weekly Newsletter for the week of 20 February 2006. |
5 |
--------------------------------------------------------------------------- |
6 |
|
7 |
============== |
8 |
1. Gentoo news |
9 |
============== |
10 |
|
11 |
FOSDEM to open gates on Saturday |
12 |
-------------------------------- |
13 |
|
14 |
Europe's finest and grandest open-source developer conference, FOSDEM, |
15 |
will be held this coming weekend (25 and 26 February) in Brussels. Gentoo |
16 |
has a booth in the exhibition area with various architectures on display |
17 |
on both Saturday and Sunday. For the second year in a row, Gentoo will |
18 |
underline its role in development with its own "devroom", featuring an |
19 |
entire day of presentations by Gentoo developers, most of them open to the |
20 |
public, except for an internal Gentoo dev meeting around lunch time. The |
21 |
Gentoo Devroom will be held on Sunday, 26 February, and the schedule[1] -- |
22 |
subject to change on short notice, but reasonably stable as of today -- |
23 |
spans from 9:00 to 16:30 hours. |
24 |
|
25 |
1. http://fosdem.org/2006/index/dev_room_gentoo/schedule |
26 |
|
27 |
The European Gentoo devs are particularly happy about three overseas |
28 |
visitors, release engineering lead and x86 release coordinator Chris |
29 |
Gianelloni[2] and AMD64 developer Mike Doty[3] from the US, and CJK |
30 |
maintainer Mamoru Komachi[4] from Japan will join their European |
31 |
colleagues in the dev room. |
32 |
|
33 |
2. wolf31o2@g.o |
34 |
3. kingtaco@g.o |
35 |
4. usata@g.o |
36 |
|
37 |
A social event for the Gentoo developers in Brussels is scheduled for |
38 |
Saturday night, if you would like to participate in the dinner, please |
39 |
send a message to organizer Patrick Lauer[5]. |
40 |
|
41 |
5. patrick@g.o |
42 |
|
43 |
Request for comments: Qmail to move on |
44 |
-------------------------------------- |
45 |
|
46 |
The Qmail team is investigating ongoing maintenance of qmail in the |
47 |
Portage tree, and moving towards netqmail. They are considering changing |
48 |
their patching policy to move towards having a single large combined patch |
49 |
which would be the result of merging all the existing patches used. In |
50 |
attempting to undertake this, they are also interested in which of qmail's |
51 |
functionality is unused and which ones are missing. The Qmail team is |
52 |
investigating ongoing maintenance of qmail in the Portage tree, and moving |
53 |
towards netqmail. They are considering changing their patching policy to |
54 |
move towards having a single large combined patch which would be the |
55 |
result of merging all the existing patches used. |
56 |
|
57 |
In attempting to undertake this, they are also interested in which of |
58 |
qmail's functionality is unused and which ones are missing. |
59 |
|
60 |
* Do you use something other than qmail to handle the SMTP frontend? |
61 |
Qsmtp, qpsmtp, mailfront? Additional scripts from qmail-spp? |
62 |
* Are there any users of qmail-mysql at all? The last bug dates from late |
63 |
2003. If there is no demand for the package, we wish to drop it from the |
64 |
tree. |
65 |
* Any users experienced with maintaining and modifying qmail-ldap? Please |
66 |
contact them, since they need more qmail-ldap experience as the original |
67 |
developer handling it has moved on. |
68 |
|
69 |
Note: Please contact them at qmail-bugs@g.o, they would love to |
70 |
hear from you. |
71 |
|
72 |
========================= |
73 |
2. Heard in the community |
74 |
========================= |
75 |
|
76 |
gentoo-dev |
77 |
---------- |
78 |
|
79 |
Berlios-hosted SRC_URI components |
80 |
|
81 |
The Berlios project offers hosting for Open Source projects, including CVS |
82 |
and file mirrors. After a restructuring of their (often overloaded) |
83 |
servers the download source location has changed - direct URIs are no |
84 |
longer used, instead a URI with a "magic key" is used. Also each download |
85 |
tarball seems to have an extra "garbage" byte, effectively breaking |
86 |
digests as they are used for Gentoo downloads. This means that as long as |
87 |
Berlios does not change their policy all SRC_URIs in ebuilds need to be |
88 |
changed and fetching files may fail due to digest mismatches. Discussion |
89 |
is still ongoing as to how the situation should be handled. |
90 |
|
91 |
* Berlios-hosted SRC_URI components [6] |
92 |
6. http://thread.gmane.org/gmane.linux.gentoo.devel/36077 |
93 |
|
94 |
|
95 |
Bugzilla etiquette suggestions |
96 |
|
97 |
As there are often incomplete or duplicate bugs filed on our bugzilla the |
98 |
bugwranglers (the persons sorting and assigning bugs) sometimes respond in |
99 |
ways that are perceived to be very negative by the person filing the bug. |
100 |
Especially the INVALID bug resolution can often cause a very emotional |
101 |
response. Daniel Drake[7] offers some suggestions for developers to avoid |
102 |
unneeded conflicts with bugs, but the following discussion also has some |
103 |
hints for users that wish to file bugs. |
104 |
|
105 |
7. dsd@g.o |
106 |
|
107 |
* Bugzilla etiquette suggestions [8] |
108 |
8. http://thread.gmane.org/gmane.linux.gentoo.devel/35968 |
109 |
|
110 |
|
111 |
Gentoo Council Meeting Summary (20060209) |
112 |
|
113 |
The monthly meeting of the Gentoo Council happened on February 9th. The |
114 |
only point on the regular agenda was GLEP 44 (Manifest2 support) which was |
115 |
delayed until some technical issues are resolved. |
116 |
|
117 |
* Gentoo Council Meeting Summary (20060209)[9] |
118 |
9. http://thread.gmane.org/gmane.linux.gentoo.devel/35878 |
119 |
|
120 |
|
121 |
======================= |
122 |
3. Gentoo international |
123 |
======================= |
124 |
|
125 |
UK: Kaboot, a Gentoo-based distribution |
126 |
--------------------------------------- |
127 |
|
128 |
Kaboot[10] is a Gentoo-based Linux-LiveCD distribution. Currently |
129 |
available in four flavours, Recovery, Lite, Science and -- just released |
130 |
-- Kaboot Komplete, Kaboot aims to provide an OS on a CD or USB which you |
131 |
can take anywhere with you and will boot any system. Development is |
132 |
progressing steadily, and the author Hanni Ali[11] hopes to release the |
133 |
first USB versions in early March. The ISOs of the currently available |
134 |
versions vary in size from just over 80MB to around 550MB. |
135 |
|
136 |
10. http://kaboot.ainkaboot.co.uk/ |
137 |
11. http://kaboot.ainkaboot.co.uk/contact.php |
138 |
|
139 |
====================== |
140 |
4. Gentoo in the press |
141 |
====================== |
142 |
|
143 |
Mactel Linux (16 February 2006) |
144 |
------------------------------- |
145 |
|
146 |
Various online media including Slashdot[12], engadget[13] and PC |
147 |
Magazine[14] were quick to pick up the success story of Edgar Hucek's |
148 |
Linux installation on one of the new Intel-driven Macintosh PCs, a 17" |
149 |
iMac with dual core. "Using elilo and a modified Linux kernel, we can boot |
150 |
from a USB hard disk on the 17" iMac Core Duo. We are using the hacked |
151 |
vesafb driver to inherit the bootloader's framebuffer. Gentoo runs and can |
152 |
compile the Linux kernel," states the project's website[15]. |
153 |
Congratulations! |
154 |
|
155 |
12. http://linux.slashdot.org/article.pl?sid=06/02/16/2025243 |
156 |
13. http://cellphones.engadget.com/2006/02/16/linux-boots-on-intel-imacs/ |
157 |
14. http://www.pcmag.com/article2/0,1895,1928357,00.asp |
158 |
15. http://www.mactel-linux.org |
159 |
|
160 |
PC Web (7 February 2006, in Japanese) |
161 |
------------------------------------- |
162 |
|
163 |
Gentoo's BSD project got an honorable mention in one of Japan's most |
164 |
important online computer magazines, PC Web. Quoting from a thread in the |
165 |
BSD mailing list, author Daichi Goto points to "Gentoo GNU/kFreeBSD" as |
166 |
using the best of both worlds: userland from Gentoo, kernel from FreeBSD. |
167 |
Interesting even to those unable to read Japanese, the article carries |
168 |
four screenshots of a working installation. |
169 |
|
170 |
========================= |
171 |
5. Gentoo developer moves |
172 |
========================= |
173 |
|
174 |
Moves |
175 |
----- |
176 |
|
177 |
The following developers recently left the Gentoo project: |
178 |
|
179 |
* None this week |
180 |
|
181 |
Adds |
182 |
---- |
183 |
|
184 |
The following developers recently joined the Gentoo project: |
185 |
|
186 |
* None this week |
187 |
|
188 |
Changes |
189 |
------- |
190 |
|
191 |
The following developers recently changed roles within the Gentoo project: |
192 |
|
193 |
* None this week |
194 |
|
195 |
================== |
196 |
6. Gentoo Security |
197 |
================== |
198 |
|
199 |
Xpdf, Poppler: Heap overflow |
200 |
---------------------------- |
201 |
|
202 |
Xpdf and Poppler are vulnerable to a heap overflow that may be exploited |
203 |
to execute arbitrary code. |
204 |
|
205 |
For more information, please see the GLSA Announcement[16] |
206 |
|
207 |
16. http://www.gentoo.org/security/en/glsa/glsa-200602-04.xml |
208 |
|
209 |
KPdf: Heap based overflow |
210 |
------------------------- |
211 |
|
212 |
KPdf includes vulnerable Xpdf code to handle PDF files, making it |
213 |
vulnerable to the execution of arbitrary code. |
214 |
|
215 |
For more information, please see the GLSA Announcement[17] |
216 |
|
217 |
17. http://www.gentoo.org/security/en/glsa/glsa-200602-05.xml |
218 |
|
219 |
ImageMagick: Format string vulnerability |
220 |
---------------------------------------- |
221 |
|
222 |
A vulnerability in ImageMagick allows attackers to crash the application |
223 |
and potentially execute arbitrary code. |
224 |
|
225 |
For more information, please see the GLSA Announcement[18] |
226 |
|
227 |
18. http://www.gentoo.org/security/en/glsa/glsa-200602-06.xml |
228 |
|
229 |
Sun JDK/JRE: Applet privilege escalation |
230 |
---------------------------------------- |
231 |
|
232 |
Sun's Java Development Kit (JDK) and Java Runtime Environment (JRE) do not |
233 |
adequately constrain applets from privilege escalation and arbitrary code |
234 |
execution. |
235 |
|
236 |
For more information, please see the GLSA Announcement[19] |
237 |
|
238 |
19. http://www.gentoo.org/security/en/glsa/glsa-200602-07.xml |
239 |
|
240 |
libtasn1, GNU TLS: Security flaw in DER decoding |
241 |
------------------------------------------------ |
242 |
|
243 |
A flaw in the parsing of Distinguished Encoding Rules (DER) has been |
244 |
discovered in libtasn1, potentially resulting in the execution of |
245 |
arbitrary code. |
246 |
|
247 |
For more information, please see the GLSA Announcement[20] |
248 |
|
249 |
20. http://www.gentoo.org/security/en/glsa/glsa-200602-08.xml |
250 |
|
251 |
BomberClone: Remote execution of arbitrary code |
252 |
----------------------------------------------- |
253 |
|
254 |
BomberClone is vulnerable to a buffer overflow which may lead to remote |
255 |
execution of arbitrary code. |
256 |
|
257 |
For more information, please see the GLSA Announcement[21] |
258 |
|
259 |
21. http://www.gentoo.org/security/en/glsa/glsa-200602-09.xml |
260 |
|
261 |
GnuPG: Incorrect signature verification |
262 |
--------------------------------------- |
263 |
|
264 |
Applications relying on GnuPG to authenticate digital signatures may |
265 |
incorrectly believe a signature has been verified. |
266 |
|
267 |
For more information, please see the GLSA Announcement[22] |
268 |
|
269 |
22. http://www.gentoo.org/security/en/glsa/glsa-200602-10.xml |
270 |
|
271 |
=========== |
272 |
7. Bugzilla |
273 |
=========== |
274 |
|
275 |
Statistics |
276 |
---------- |
277 |
|
278 |
The Gentoo community uses Bugzilla (bugs.gentoo.org[23]) to record and |
279 |
track bugs, notifications, suggestions and other interactions with the |
280 |
development team. Between 12 February 2006 and 19 February 2006, activity |
281 |
on the site has resulted in: |
282 |
|
283 |
23. http://bugs.gentoo.org |
284 |
|
285 |
* 815 new bugs during this period |
286 |
* 442 bugs closed or resolved during this period |
287 |
* 28 previously closed bugs were reopened this period |
288 |
|
289 |
Of the 9341 currently open bugs: 75 are labeled 'blocker', 152 are labeled |
290 |
'critical', and 526 are labeled 'major'. |
291 |
|
292 |
Closed bug rankings |
293 |
------------------- |
294 |
|
295 |
The developers and teams who have closed the most bugs during this period |
296 |
are: |
297 |
|
298 |
* Gentoo Linux Gnome Desktop Team[24], with 17 closed bugs[25] |
299 |
* Xavier Neys[26], with 15 closed bugs[27] |
300 |
* Gentoo's Team for Core System packages[28], with 15 closed bugs[29] |
301 |
* AMD64 Porting Team[30], with 13 closed bugs[31] |
302 |
* Gentoo KDE team[32], with 12 closed bugs[33] |
303 |
* Roy Marples[34], with 11 closed bugs[35] |
304 |
* Daniel Goller[36], with 11 closed bugs[37] |
305 |
* Gentoo Games[38], with 11 closed bugs[39] |
306 |
24. gnome@g.o |
307 |
25. |
308 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=gnome@g.o |
309 |
26. neysx@g.o |
310 |
27. |
311 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=neysx@g.o |
312 |
28. base-system@g.o |
313 |
29. |
314 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=base-system@g.o |
315 |
30. amd64@g.o |
316 |
31. |
317 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=amd64@g.o |
318 |
32. kde@g.o |
319 |
33. |
320 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=kde@g.o |
321 |
34. uberlord@g.o |
322 |
35. |
323 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=uberlord@g.o |
324 |
36. morfic@g.o |
325 |
37. |
326 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=morfic@g.o |
327 |
38. games@g.o |
328 |
39. |
329 |
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-02-12&chfieldto=2006-02-19&resolution=FIXED&assigned_to=games@g.o |
330 |
|
331 |
|
332 |
New bug rankings |
333 |
---------------- |
334 |
|
335 |
The developers and teams who have been assigned the most new bugs during |
336 |
this period are: |
337 |
|
338 |
* Default Assignee for New Packages[40], with 29 new bugs[41] |
339 |
* AMD64 Porting Team[42], with 14 new bugs[43] |
340 |
* Perl Devs @ Gentoo[44], with 10 new bugs[45] |
341 |
* Gentoo Sound Team[46], with 8 new bugs[47] |
342 |
* media-video herd[48], with 7 new bugs[49] |
343 |
* Default Assignee for Orphaned Packages[50], with 7 new bugs[51] |
344 |
* Java team[52], with 6 new bugs[53] |
345 |
* Gentoo X-windows packagers[54], with 5 new bugs[55] |
346 |
40. maintainer-wanted@g.o |
347 |
41. |
348 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=maintainer-wanted@g.o |
349 |
42. amd64@g.o |
350 |
43. |
351 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=amd64@g.o |
352 |
44. perl@g.o |
353 |
45. |
354 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=perl@g.o |
355 |
46. sound@g.o |
356 |
47. |
357 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=sound@g.o |
358 |
48. media-video@g.o |
359 |
49. |
360 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=media-video@g.o |
361 |
50. maintainer-needed@g.o |
362 |
51. |
363 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=maintainer-needed@g.o |
364 |
52. java@g.o |
365 |
53. |
366 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=java@g.o |
367 |
54. x11@g.o |
368 |
55. |
369 |
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-02-12&chfieldto=2006-02-19&assigned_to=x11@g.o |
370 |
|
371 |
|
372 |
=============== |
373 |
8. GWN feedback |
374 |
=============== |
375 |
|
376 |
Please send us your feedback[56] and help make the GWN better. |
377 |
|
378 |
56. gwn-feedback@g.o |
379 |
|
380 |
=============================== |
381 |
9. GWN subscription information |
382 |
=============================== |
383 |
|
384 |
To subscribe to the Gentoo Weekly Newsletter, send a blank email to |
385 |
gentoo-gwn+subscribe@g.o. |
386 |
|
387 |
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to |
388 |
gentoo-gwn+unsubscribe@g.o from the email address you are |
389 |
subscribed under. |
390 |
|
391 |
=================== |
392 |
10. Other languages |
393 |
=================== |
394 |
|
395 |
The Gentoo Weekly Newsletter is also available in the following languages: |
396 |
|
397 |
* Danish[57] |
398 |
* Dutch[58] |
399 |
* English[59] |
400 |
* German[60] |
401 |
* French[61] |
402 |
* Korean[62] |
403 |
* Japanese[63] |
404 |
* Italian[64] |
405 |
* Polish[65] |
406 |
* Portuguese (Brazil)[66] |
407 |
* Portuguese (Portugal)[67] |
408 |
* Russian[68] |
409 |
* Spanish[69] |
410 |
* Turkish[70] |
411 |
57. http://www.gentoo.org/news/da/gwn/gwn.xml |
412 |
58. http://www.gentoo.org/news/nl/gwn/gwn.xml |
413 |
59. http://www.gentoo.org/news/en/gwn/gwn.xml |
414 |
60. http://www.gentoo.org/news/de/gwn/gwn.xml |
415 |
61. http://www.gentoo.org/news/fr/gwn/gwn.xml |
416 |
62. http://www.gentoo.org/news/ko/gwn/gwn.xml |
417 |
63. http://www.gentoo.org/news/ja/gwn/gwn.xml |
418 |
64. http://www.gentoo.org/news/it/gwn/gwn.xml |
419 |
65. http://www.gentoo.org/news/pl/gwn/gwn.xml |
420 |
66. http://www.gentoo.org/news/pt_br/gwn/gwn.xml |
421 |
67. http://www.gentoo.org/news/pt/gwn/gwn.xml |
422 |
68. http://www.gentoo.org/news/ru/gwn/gwn.xml |
423 |
69. http://www.gentoo.org/news/es/gwn/gwn.xml |
424 |
70. http://www.gentoo.org/news/tr/gwn/gwn.xml |
425 |
|
426 |
|
427 |
Ulrich Plate <plate@g.o> - Editor |
428 |
Robin H. Johnson <robbat2@g.o> - Author |
429 |
Patrick Lauer <patrick@g.o> - Author |
430 |
-- |
431 |
gentoo-gwn@g.o mailing list |