Gentoo Archives: gentoo-gwn

From: Ulrich Plate <plate@g.o>
To: gentoo-gwn@l.g.o
Subject: [gentoo-gwn] Gentoo Weekly Newsletter 17 April 2006
Date: Mon, 17 Apr 2006 14:14:49
Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of 17 April 2006.
1. Gentoo news
Gentoo on the Linux World Expo in Boston
The Linux World Conference and Expo is one of the biggest Linux events in 
the United States. The venue for its East Coast edition was the Boston 
Convention and Exposition Center in Boston, Mass., from 4 to 6 April. 
Gentoo had a strong presence at the show with 14 developers in attendance 
over three days. The booth staff showed several fun and experimental 
packages at the show, including Enlightenment E17 on Mike Frysinger[1]'s 
quad-core PowerMac G5 and Xgl on Josh Nichols[2]' Athlon64 X2. Mike also 
brought an ARM-based machine and a LanTank[3], a SuperH-based NAS device 
with Gentoo Linux on it. Gentoo was located in the .Org Pavilion between 
the Slashdot Lounge and the Linux Test Project. 

 1. vapier@g.o
 2. nichoj@g.o
Figure 1.1: Eight of the 14 Gentoo devs at Boston LWE
Note:  From left to right: Rajiv Manglani, Joseph Jezak, Daniel Ostrow, 
Michael Sterrett, Chris Gianelloni, Mark Loeser, Josh Nichols, and Mike 
Frysinger (front) 
During the show, Mark Stephenson, Director of Sales at i*hydra[4] 
approached the Gentoo developers about doing a Gentoo Linux installation 
on one of their demo machines, an 8-CPU dual-core AMD Opteron 875 system 
with 64GB of RAM and over 1.2TB of disk space. With the assistance of Ryan 
Rice, Operations Manager, and the blessing of David Stapp, President, 
Gentoo Linux was soon booting in 16-core goodness. The installation, with 
a complete Gnome environment, took approximately 20 minutes, using the 
experimental 2006.0 AMD64 Installer LiveCD. The machine is an i*hydra 
Galaxy, based on the Tyan Transport VX50 platform. And of course, they 
slapped a "Powered i by Gentoo Linux" sticker on the machine to let 
everyone know what was under the hood. 

Figure 1.2: Chris Gianelloni with Ryan Rice and Marc Stephenson of i*hydra
Gentoo Forums internationalization and phpBB 2.0.20
A lot of effort by Forums staff and users has been put into translating 
all the text that was generated in English by the custom mods of the 
Forums into many languages (Chinese (simplified and traditional), Danish, 
Dutch, Esperanto, Finnish, French, German, Greek, Italian, Norwegian, 
Polish, Portuguese, Russian, Spanish, and Swedish). The translations 
committed so far have already been implemented in the Forums along with 
the new 2.0.20 phpBB patch set, others are still in testing. Some 
languages still need help with translation, so please have a look at the 
Gentoo Forums Translator Guidelines[5] and subscribe to the Forums 
translations mailing list if you're able and willing to contribute. 

Python 2.4.3 now in Portage
Python 2.4.3 is now in Portage but masked for testing. 2.4.3 is a bugfix 
release and fixes quite a few UTF-8 issues as well as a few memory leaks 
and segfaults. A detailed changelog[6] is available. As always, remember 
to run /usr/sbin/python-updater after updating Python. Python 2.4.3 will 
be unmasked on 28 April if no major bugs are found. 

Old-style PHP packages vanishing
The PHP Herd announces that the old-style PHP packages, which were 
unsupported and deprecated for months, are finally going away. After 
months of work, the team considers the new dev-lang/php package and the 
related dev-php[4,5]/ categories fully ready for production use, and 
encourage all users to upgrade. Helpful informations can be found at the 
PHP project's pages[7], along with a HOWTO[8] regarding the migration to 
dev-lang/php. The old-style PHP packages (dev-php/php, dev-php/php-cgi, 
dev-php/mod_php, dev-php/PECL-*, and older dev-php/PEAR-* packages) will 
be package.masked on Wednesday, 19 April 2006, and removed from the 
Portage tree about a month later. 

2. Heard in the community
Web forums
Every Show Sucks in Gentoo!
ciaran27[9] explains in our Forums how easy it is to use Mplayer and the 
XMMPlayer plugin to watch ESS in Gentoo. Wanna enjoy the show as well? 

 * Linux HOWTO[10] 

Should we remove FEATURES="candy"
Gentoo Developer antarus[11] has started a thread asking Forum users if 
they would like to keep the Portage feature that changes the output 
spinner from a -\|/- to a random string of characters that form a 
sentence. Vote on the poll and state your opinion! 

 * FEATURES="candy"[12] 

Is gcc 4.1.0 safe yet?
Forum user Kidel Fastro[13] has started a new thread asking if gcc 4.1.0 
is safe to use at this point and if the upgrade would be worth it. If you 
have a look at the answers of other forum users in the thread, you will 
notice that it looks promising! 

 * GCC 4.1.0 - is it safe/worth ?[14] 

3. Gentoo international
Japan: Kosmikus in Tokyo
Last Wednesday, five local Gentooists organized a welcome party for Gentoo 
developer Andres Loeh[15] in Tokyo's Shibuya district. Japanese and other 
Asian beer was sampled with some mixed reactions by those from the top 
beer drinking countries in the world, various topics were discussed, and 
everybody was pleasantly surprised to see a usually quiet scientist 
talking passionately about his love for Haskell. The lively discussions 
were interrupted by restaurant staff bringing a huge ice-cream accompanied 
by songs and crackers -- a birthday special treat for one 
not-yet-a-Gentoo-dev. Since GentooJP can always use an excuse for 
gatherings like these, please let them know if you have a plan to visit 

 15. kosmikus@g.o
Figure 3.1: Kosmikus (left) and Kalin Kozhukarov munching the latter's 
birthday ice-cream
4. Gentoo in the press
Daemonnews (12 April 2006)
David Stanford of Daemon News, the Ezine for BSD users, conducted an 
interview[16] with Gentoo/ALT lead developer Diego Pettenò[17] last week, 
giving ample space to the "relatively unheard-of" Gentoo/BSD for a 
complete outline of the project and its protagonists. 

 17. flameeyes@g.o (16 April 2006)
OnMac is having all sorts of fun[18] with exploring the possibilities of a 
triple-boot setup for Mac OS X, Windows XP and Linux on a Mac Mini -- 
using a 2006.0 Gentoo LiveCD installation to complement the best of the 
other worlds, and jumping through all the hoops of a Gentoo installation. 

5. Gentoo developer moves
The following developers recently left the Gentoo project: 
 * Corey Shields 
 * Ciaran McCreesh 
 * Sergey Kuleshov 
The following developers recently joined the Gentoo project: 
 * Benigno B. Júnior (bbj) - Gentoo/*BSD 
 * Denis Dupeyron (calchan) - sci-electronics 
 * Keri Harris (keri) - Prolog 
The following developers recently changed roles within the Gentoo project:
 * Curtis Napier (curtis119) - New Infra team member 
 * Xavier Neys (neysx) - New Infra team member 
 * Mike Doty (kingtaco) - New Infra team member 
 * Christian Hartmann (ian) - adds ebuild development to his duties as a 
Forum admin 
 * Ioannis Aslanidis (deathwing00) - joined the KDE herd 
6. Gentoo Security
MediaWiki: Cross-site scripting vulnerability
MediaWiki is vulnerable to a cross-site scripting attack that could allow 
arbitrary JavaScript code execution. 
For more information, please see the GLSA Announcement[19] 

Horde Application Framework: Remote code execution
The help viewer of the Horde Framework allows attackers to execute 
arbitrary remote code. 
For more information, please see the GLSA Announcement[20] 

FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module
The EAP-MSCHAPv2 module of FreeRADIUS is affected by a validation issue 
which causes some authentication checks to be bypassed. 
For more information, please see the GLSA Announcement[21] 

Kaffeine: Buffer overflow
Kaffeine is vulnerable to a buffer overflow that could lead to the 
execution of arbitrary code. 
For more information, please see the GLSA Announcement[22] 

Doomsday: Format string vulnerability
Format string vulnerabilities in Doomsday may lead to the execution of 
arbitrary code. 
For more information, please see the GLSA Announcement[23] 

ClamAV: Multiple vulnerabilities
ClamAV contains multiple vulnerabilities that could lead to remote 
execution of arbitrary code or cause an application crash. 
For more information, please see the GLSA Announcement[24] 

Cacti: Multiple vulnerabilities in included ADOdb
Multiple vulnerabilities have been discovered in the ADOdb layer included 
in Cacti, potentially resulting in the execution of arbitrary code. 
For more information, please see the GLSA Announcement[25] 

7. Bugzilla
The Gentoo community uses Bugzilla ([26]) to record and 
track bugs, notifications, suggestions and other interactions with the 
development team. Between 02 April 2006 and 16 April 2006, activity on the 
site has resulted in: 

 * 1646 new bugs during this period 
 * 859 bugs closed or resolved during this period 
 * 56 previously closed bugs were reopened this period 
Of the 9886 currently open bugs: 65 are labeled 'blocker', 156 are labeled 
'critical', and 538 are labeled 'major'. 
Closed bug rankings
The developers and teams who have closed the most bugs during this period 
 * Gentoo KDE team[27], with 32 closed bugs[28]  
 * Gentoo Games[29], with 32 closed bugs[30]  
 * Gentoo Security[31], with 29 closed bugs[32]  
 * Perl Devs @ Gentoo[33], with 29 closed bugs[34]  
 * Gentoo Science Related Packages[35], with 28 closed bugs[36]  
 * AMD64 Project[37], with 22 closed bugs[38]  
 * Gentoo X-windows packagers[39], with 19 closed bugs[40]  
 * Portage team[41], with 18 closed bugs[42]  
 27. kde@g.o
 29. games@g.o
 31. security@g.o
 33. perl@g.o
 35. sci@g.o
 37. amd64@g.o
 39. x11@g.o
 41. dev-portage@g.o

New bug rankings
The developers and teams who have been assigned the most new bugs during 
this period are: 
 * Default Assignee for New Packages[43], with 58 new bugs[44]  
 * Portage team[45], with 21 new bugs[46]  
 * Default Assignee for Orphaned Packages[47], with 19 new bugs[48]  
 * AMD64 Project[49], with 19 new bugs[50]  
 * Gentoo KDE team[51], with 17 new bugs[52]  
 * media-video herd[53], with 16 new bugs[54]  
 * Gentoo X-windows packagers[55], with 14 new bugs[56]  
 * Gentoo Sound Team[57], with 14 new bugs[58]  
 43. maintainer-wanted@g.o
 45. dev-portage@g.o
 47. maintainer-needed@g.o
 49. amd64@g.o
 51. kde@g.o
 53. media-video@g.o
 55. x11@g.o
 57. sound@g.o

8. GWN feedback
Please send us your feedback[59] and help make the GWN better. 

 59. gwn-feedback@g.o
9. GWN subscription information
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to 
gentoo-gwn+unsubscribe@g.o from the e-mail address you are 
subscribed under.
10. Other languages
The Gentoo Weekly Newsletter is also available in the following languages:
 * Danish[60]  
 * Dutch[61]  
 * English[62]  
 * German[63]  
 * French[64]  
 * Korean[65]  
 * Japanese[66]  
 * Italian[67]  
 * Polish[68]  
 * Portuguese (Brazil)[69]  
 * Portuguese (Portugal)[70]  
 * Russian[71]  
 * Spanish[72]  
 * Turkish[73]  

Ulrich Plate <plate@g.o> - Editor
Ioannis Aslanidis <deathwing00@g.o> - Author
Chris Gianelloni <wolf31o2@g.o> - Author
Kalin Kozhukarov <kalin@××××××××.net> - Author
Luca Longinotti <chtekk@g.o> - Author
Bryan Østergaard <kloeri@g.o> - Author

gentoo-gwn@g.o mailing list