Gentoo Weekly Newsletter 17 April 2006

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view

Gentoo Weekly Newsletter 17 April 2006

Ulrich Plate
Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of 17 April 2006.
1. Gentoo news
Gentoo on the Linux World Expo in Boston
The Linux World Conference and Expo is one of the biggest Linux events in
the United States. The venue for its East Coast edition was the Boston
Convention and Exposition Center in Boston, Mass., from 4 to 6 April.
Gentoo had a strong presence at the show with 14 developers in attendance
over three days. The booth staff showed several fun and experimental
packages at the show, including Enlightenment E17 on Mike Frysinger[1]'s
quad-core PowerMac G5 and Xgl on Josh Nichols[2]' Athlon64 X2. Mike also
brought an ARM-based machine and a LanTank[3], a SuperH-based NAS device
with Gentoo Linux on it. Gentoo was located in the .Org Pavilion between
the Slashdot Lounge and the Linux Test Project.

 1. [hidden email]
 2. [hidden email]
Figure 1.1: Eight of the 14 Gentoo devs at Boston LWE
Note:  From left to right: Rajiv Manglani, Joseph Jezak, Daniel Ostrow,
Michael Sterrett, Chris Gianelloni, Mark Loeser, Josh Nichols, and Mike
Frysinger (front)
During the show, Mark Stephenson, Director of Sales at i*hydra[4]
approached the Gentoo developers about doing a Gentoo Linux installation
on one of their demo machines, an 8-CPU dual-core AMD Opteron 875 system
with 64GB of RAM and over 1.2TB of disk space. With the assistance of Ryan
Rice, Operations Manager, and the blessing of David Stapp, President,
Gentoo Linux was soon booting in 16-core goodness. The installation, with
a complete Gnome environment, took approximately 20 minutes, using the
experimental 2006.0 AMD64 Installer LiveCD. The machine is an i*hydra
Galaxy, based on the Tyan Transport VX50 platform. And of course, they
slapped a "Powered i by Gentoo Linux" sticker on the machine to let
everyone know what was under the hood.

Figure 1.2: Chris Gianelloni with Ryan Rice and Marc Stephenson of i*hydra
Gentoo Forums internationalization and phpBB 2.0.20
A lot of effort by Forums staff and users has been put into translating
all the text that was generated in English by the custom mods of the
Forums into many languages (Chinese (simplified and traditional), Danish,
Dutch, Esperanto, Finnish, French, German, Greek, Italian, Norwegian,
Polish, Portuguese, Russian, Spanish, and Swedish). The translations
committed so far have already been implemented in the Forums along with
the new 2.0.20 phpBB patch set, others are still in testing. Some
languages still need help with translation, so please have a look at the
Gentoo Forums Translator Guidelines[5] and subscribe to the Forums
translations mailing list if you're able and willing to contribute.

Python 2.4.3 now in Portage
Python 2.4.3 is now in Portage but masked for testing. 2.4.3 is a bugfix
release and fixes quite a few UTF-8 issues as well as a few memory leaks
and segfaults. A detailed changelog[6] is available. As always, remember
to run /usr/sbin/python-updater after updating Python. Python 2.4.3 will
be unmasked on 28 April if no major bugs are found.

Old-style PHP packages vanishing
The PHP Herd announces that the old-style PHP packages, which were
unsupported and deprecated for months, are finally going away. After
months of work, the team considers the new dev-lang/php package and the
related dev-php[4,5]/ categories fully ready for production use, and
encourage all users to upgrade. Helpful informations can be found at the
PHP project's pages[7], along with a HOWTO[8] regarding the migration to
dev-lang/php. The old-style PHP packages (dev-php/php, dev-php/php-cgi,
dev-php/mod_php, dev-php/PECL-*, and older dev-php/PEAR-* packages) will
be package.masked on Wednesday, 19 April 2006, and removed from the
Portage tree about a month later.

2. Heard in the community
Web forums
Every Show Sucks in Gentoo!
ciaran27[9] explains in our Forums how easy it is to use Mplayer and the
XMMPlayer plugin to watch ESS in Gentoo. Wanna enjoy the show as well?

 * Linux HOWTO[10]

Should we remove FEATURES="candy"
Gentoo Developer antarus[11] has started a thread asking Forum users if
they would like to keep the Portage feature that changes the output
spinner from a -\|/- to a random string of characters that form a
sentence. Vote on the poll and state your opinion!

 * FEATURES="candy"[12]

Is gcc 4.1.0 safe yet?
Forum user Kidel Fastro[13] has started a new thread asking if gcc 4.1.0
is safe to use at this point and if the upgrade would be worth it. If you
have a look at the answers of other forum users in the thread, you will
notice that it looks promising!

 * GCC 4.1.0 - is it safe/worth ?[14]

3. Gentoo international
Japan: Kosmikus in Tokyo
Last Wednesday, five local Gentooists organized a welcome party for Gentoo
developer Andres Loeh[15] in Tokyo's Shibuya district. Japanese and other
Asian beer was sampled with some mixed reactions by those from the top
beer drinking countries in the world, various topics were discussed, and
everybody was pleasantly surprised to see a usually quiet scientist
talking passionately about his love for Haskell. The lively discussions
were interrupted by restaurant staff bringing a huge ice-cream accompanied
by songs and crackers -- a birthday special treat for one
not-yet-a-Gentoo-dev. Since GentooJP can always use an excuse for
gatherings like these, please let them know if you have a plan to visit

 15. [hidden email]
Figure 3.1: Kosmikus (left) and Kalin Kozhukarov munching the latter's
birthday ice-cream
4. Gentoo in the press
Daemonnews (12 April 2006)
David Stanford of Daemon News, the Ezine for BSD users, conducted an
interview[16] with Gentoo/ALT lead developer Diego Pettenò[17] last week,
giving ample space to the "relatively unheard-of" Gentoo/BSD for a
complete outline of the project and its protagonists.

 17. [hidden email] (16 April 2006)
OnMac is having all sorts of fun[18] with exploring the possibilities of a
triple-boot setup for Mac OS X, Windows XP and Linux on a Mac Mini --
using a 2006.0 Gentoo LiveCD installation to complement the best of the
other worlds, and jumping through all the hoops of a Gentoo installation.

5. Gentoo developer moves
The following developers recently left the Gentoo project:
 * Corey Shields
 * Ciaran McCreesh
 * Sergey Kuleshov
The following developers recently joined the Gentoo project:
 * Benigno B. Júnior (bbj) - Gentoo/*BSD
 * Denis Dupeyron (calchan) - sci-electronics
 * Keri Harris (keri) - Prolog
The following developers recently changed roles within the Gentoo project:
 * Curtis Napier (curtis119) - New Infra team member
 * Xavier Neys (neysx) - New Infra team member
 * Mike Doty (kingtaco) - New Infra team member
 * Christian Hartmann (ian) - adds ebuild development to his duties as a
Forum admin
 * Ioannis Aslanidis (deathwing00) - joined the KDE herd
6. Gentoo Security
MediaWiki: Cross-site scripting vulnerability
MediaWiki is vulnerable to a cross-site scripting attack that could allow
arbitrary JavaScript code execution.
For more information, please see the GLSA Announcement[19]

Horde Application Framework: Remote code execution
The help viewer of the Horde Framework allows attackers to execute
arbitrary remote code.
For more information, please see the GLSA Announcement[20]

FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module
The EAP-MSCHAPv2 module of FreeRADIUS is affected by a validation issue
which causes some authentication checks to be bypassed.
For more information, please see the GLSA Announcement[21]

Kaffeine: Buffer overflow
Kaffeine is vulnerable to a buffer overflow that could lead to the
execution of arbitrary code.
For more information, please see the GLSA Announcement[22]

Doomsday: Format string vulnerability
Format string vulnerabilities in Doomsday may lead to the execution of
arbitrary code.
For more information, please see the GLSA Announcement[23]

ClamAV: Multiple vulnerabilities
ClamAV contains multiple vulnerabilities that could lead to remote
execution of arbitrary code or cause an application crash.
For more information, please see the GLSA Announcement[24]

Cacti: Multiple vulnerabilities in included ADOdb
Multiple vulnerabilities have been discovered in the ADOdb layer included
in Cacti, potentially resulting in the execution of arbitrary code.
For more information, please see the GLSA Announcement[25]

7. Bugzilla
The Gentoo community uses Bugzilla ([26]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 02 April 2006 and 16 April 2006, activity on the
site has resulted in:

 * 1646 new bugs during this period
 * 859 bugs closed or resolved during this period
 * 56 previously closed bugs were reopened this period
Of the 9886 currently open bugs: 65 are labeled 'blocker', 156 are labeled
'critical', and 538 are labeled 'major'.
Closed bug rankings
The developers and teams who have closed the most bugs during this period
 * Gentoo KDE team[27], with 32 closed bugs[28]  
 * Gentoo Games[29], with 32 closed bugs[30]  
 * Gentoo Security[31], with 29 closed bugs[32]  
 * Perl Devs @ Gentoo[33], with 29 closed bugs[34]  
 * Gentoo Science Related Packages[35], with 28 closed bugs[36]  
 * AMD64 Project[37], with 22 closed bugs[38]  
 * Gentoo X-windows packagers[39], with 19 closed bugs[40]  
 * Portage team[41], with 18 closed bugs[42]  
 27. [hidden email]
 29. [hidden email]
 31. [hidden email]
 33. [hidden email]
 35. [hidden email]
 37. [hidden email]
 39. [hidden email]
 41. [hidden email]

New bug rankings
The developers and teams who have been assigned the most new bugs during
this period are:
 * Default Assignee for New Packages[43], with 58 new bugs[44]  
 * Portage team[45], with 21 new bugs[46]  
 * Default Assignee for Orphaned Packages[47], with 19 new bugs[48]  
 * AMD64 Project[49], with 19 new bugs[50]  
 * Gentoo KDE team[51], with 17 new bugs[52]  
 * media-video herd[53], with 16 new bugs[54]  
 * Gentoo X-windows packagers[55], with 14 new bugs[56]  
 * Gentoo Sound Team[57], with 14 new bugs[58]  
 43. [hidden email]
 45. [hidden email]
 47. [hidden email]
 49. [hidden email]
 51. [hidden email]
 53. [hidden email]
 55. [hidden email]
 57. [hidden email]

8. GWN feedback
Please send us your feedback[59] and help make the GWN better.

 59. [hidden email]
9. GWN subscription information
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
[hidden email].
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
[hidden email] from the e-mail address you are
subscribed under.
10. Other languages
The Gentoo Weekly Newsletter is also available in the following languages:
 * Danish[60]  
 * Dutch[61]  
 * English[62]  
 * German[63]  
 * French[64]  
 * Korean[65]  
 * Japanese[66]  
 * Italian[67]  
 * Polish[68]  
 * Portuguese (Brazil)[69]  
 * Portuguese (Portugal)[70]  
 * Russian[71]  
 * Spanish[72]  
 * Turkish[73]  

Ulrich Plate <[hidden email]> - Editor
Ioannis Aslanidis <[hidden email]> - Author
Chris Gianelloni <[hidden email]> - Author
Kalin Kozhukarov <[hidden email]> - Author
Luca Longinotti <[hidden email]> - Author
Bryan Østergaard <[hidden email]> - Author

[hidden email] mailing list