Gentoo Weekly Newsletter 24 April 2006

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Gentoo Weekly Newsletter 24 April 2006

Ulrich Plate
---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 24 April 2006.
---------------------------------------------------------------------------
 
==============
1. Gentoo news
==============
 
Major OpenLDAP upgrade ahead
----------------------------
 
OpenLDAP Version 2.3 will be unmasked during this week. There are many new
features and some incompatibilities:
 
 * The slurpd sync method has been deprecated in favour of syncrepl
 * Existing databases need to be manually upgraded or they may get
trashed, instructions can be found in the ebuilds.
 * Although the libraries from 2.1 or 2.2 are kept if installed, a
revdep-rebuild is highly recommended
 * The dbm backend has been deprecated and is already removed in new
upstream version (2.4alpha), migrating to a different backend (bdb or hdb)
is recommended.
   
Subforums layout for forums.gentoo.org
--------------------------------------
 
Subforums have been in use on forums.gentoo.org for a while now, but
before creating further subforums we are looking to see if the layout
could be improved. There are some alternative layout proposals and the
forums team would like to get some input on what people prefer. A
thread[1] showing some examples of possible implementations including a
poll has been set up on the forums. Please take some time to review them,
vote and/or comment on them.

 1. http://forums.gentoo.org/viewtopic-t-455911.html
   
=========================
2. Heard in the community
=========================
 
Web forums
----------
 
Gentoo Forums Improvements
 
Since the last upgrade of the Gentoo Forums announced in the GWN of the
previous week, the internationalization of the Gentoo Forums continues,
with even more languages translated, as well as many more parts that until
now were in English. Apart from that, some security enhancements and
restrictions have been incorporated into the current stable version of the
Gentoo Forums. Finally, a very significant bug that was affecting the
moderators was finally dispatched. You can see the full update log if you
follow the appropiate link below.
 
 * Gentoo Forums Improvements[2]
 * Merging threads while others reply breaks[3]
 2. http://forums.gentoo.org/viewtopic-t-456404.html
 3. http://bugs.gentoo.org/128097

 
Is Gentoo more expensive than Red Hat?
 
One of our users, drakkan[4], who has been a fellow Gentoo User for over
two years, explains that he is afraid that it is more expensive to
maintain Gentoo servers than Red Hat ones. Two important reasons are the
constant need of recompilation of packages which takes some time, but also
the change in configuration files. Find out more about this in the thread
below.

 4. http://forums.gentoo.org/profile.php?mode=viewprofile&u=59756
 
 * Is gentoo more expensive than red hat?[5]
 5. http://forums.gentoo.org/viewtopic.php?t=456081

 
Documentation, Tips & Tricks: Trackball configuration in modular xorg
 
davidgurvich[6] has started a very nice tricks thread where he explains
that there is no longer any need to use xmodmap with xorg-x11 7 to modify
which buttons point where as there seems to be a new option for that
within xorg.conf, "ButtonMapping". Get into the discussion and read more
about this topic in the thread below.

 6. http://forums.gentoo.org/profile.php?mode=viewprofile&u=134507
 
 * Trackball configuration in modular xorg[7]
 7. http://forums.gentoo.org/viewtopic.php?t=455793

   
gentoo-dev
----------
 
Automatically killing invalid CFLAGS/warning about bad CFLAGS
 
The AMD64 team has been testing an addition to the profile.bashrc that
filters CFLAGS that are unrecognized by gcc. As it seems to work quite
well it could be implemented globally to reduce the number of bugs and
errors due to bad CFLAGS, potentially at the cost of flexibility.
 
 * automatically killing invalid CFLAGS/warning about bad CFLAGS [8]
 8. http://thread.gmane.org/gmane.linux.gentoo.devel/37376

 
Enroll users for testing packages
 
In the quest for better testing of packages Eldad Zack[9] proposes to
allow users to give more feedback on testing packages. The Arch Tester
program tries to fill that niche, but it is still hard for users to get
involved without spending too much of their time for Gentoo.

 9. [hidden email]
 
 * enroll users for testing packages [10]
 10. http://thread.gmane.org/gmane.linux.gentoo.devel/37348

 
Gentoo theming during bootup
 
In one of the bigger threads of the last weeks Donnie Berkholz[11] asks
for some help in creating an easy-to-install Gentoo theme for bootup. From
this start the thread goes into a heated debate on branding - should
Gentoo offer things as they are shipped by upstream or patch them to have
a Gentoo look?

 11. [hidden email]
 
 * Gentoo theming during bootup [12]
 12. http://thread.gmane.org/gmane.linux.gentoo.devel/37238

   
======================
3. Gentoo in the press
======================
 
Gentoo Wiki (23 April 2006)
---------------------------
 
Steve Dibb has written a nice Howto on dynamic DNS to point to a host
residing anywhere on a DSL or other access line with changing IP
addresses. Hosted on the inofficial Gentoo Wiki, the article[13] goes into
great detail explaining the entire process, from registering a domain name
to using the services of a dynamic domain name resolver -- EveryDNS in his
example -- to follow an ISP's dynamic IP address allocation.

 13. http://gentoo-wiki.com/HOWTO_Dynamic_DNS_with_EveryDNS
   
=========================
4. Gentoo developer moves
=========================
 
Moves
-----
 
The following developers recently left the Gentoo project:
 
 * None this week
   
Adds
----
 
The following developers recently joined the Gentoo project:
 
 * Thilo Bangert (bangert) - net-mail herd
   
Changes
-------
 
The following developers recently changed roles within the Gentoo project:
 
 * Denis Dupeyron (calchan) - joined the embedded herd
   
==================
5. Gentoo Security
==================
   
libapreq2: Denial of Service vulnerability
------------------------------------------
 
A vulnerability has been reported in libapreq2 which could lead to a
Denial of Service.
 
For more information, please see the GLSA Announcement[14]

 14. http://www.gentoo.org/security/en/glsa/glsa-200604-08.xml
   
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
-----------------------------------------------------------
 
Cyrus-SASL contains a vulnerability in the DIGEST-MD5 process that could
lead to a Denial of Service.
 
For more information, please see the GLSA Announcement[15]

 15. http://www.gentoo.org/security/en/glsa/glsa-200604-09.xml
   
zgv, xzgv: Heap overflow
------------------------
 
xzgv and zgv attempt to decode JPEG images within the CMYK/YCCK colour
space incorrectly, potentially resulting in the execution of arbitrary
code.
 
For more information, please see the GLSA Announcement[16]

 16. http://www.gentoo.org/security/en/glsa/glsa-200604-10.xml
   
Crossfire server: Denial of Service and potential arbitrary code execution
--------------------------------------------------------------------------
 
The Crossfire game server is vulnerable to a Denial of Service and
potentially to the execution of arbitrary code.
 
For more information, please see the GLSA Announcement[17]

 17. http://www.gentoo.org/security/en/glsa/glsa-200604-11.xml
   
Mozilla Firefox: Multiple vulnerabilities
-----------------------------------------
 
Several vulnerabilities in Mozilla Firefox allow attacks ranging from
execution of script code with elevated privileges to information leaks.
 
For more information, please see the GLSA Announcement[18]

 18. http://www.gentoo.org/security/en/glsa/glsa-200604-12.xml
   
fbida: Insecure temporary file creation
---------------------------------------
 
fbida is vulnerable to linking attacks, potentially allowing a local user
to overwrite arbitrary files.
 
For more information, please see the GLSA Announcement[19]

 19. http://www.gentoo.org/security/en/glsa/glsa-200604-13.xml
   
Dia: Arbitrary code execution through XFig import
-------------------------------------------------
 
Buffer overflows in Dia's XFig import could allow remote attackers to
execute arbitrary code.
 
For more information, please see the GLSA Announcement[20]

 20. http://www.gentoo.org/security/en/glsa/glsa-200604-14.xml
     
===========
6. Bugzilla
===========
 
Statistics
----------
 
The Gentoo community uses Bugzilla (bugs.gentoo.org[21]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 16 April 2006 and 23 April 2006, activity on the
site has resulted in:

 21. http://bugs.gentoo.org
 
 * 799 new bugs during this period
 * 470 bugs closed or resolved during this period
 * 38 previously closed bugs were reopened this period
 
Of the 9766 currently open bugs: 60 are labeled 'blocker', 144 are labeled
'critical', and 520 are labeled 'major'.
   
Closed bug rankings
-------------------
 
The developers and teams who have closed the most bugs during this period
are:
 
 * Gentoo KDE team[22], with 26 closed bugs[23]  
 * Gentoo's Team for Core System packages[24], with 23 closed bugs[25]  
 * Gentoo Games[26], with 22 closed bugs[27]  
 * Portage team[28], with 22 closed bugs[29]  
 * media-video herd[30], with 18 closed bugs[31]  
 * Gentoo Toolchain Maintainers[32], with 17 closed bugs[33]  
 * Gentoo Linux Gnome Desktop Team[34], with 17 closed bugs[35]  
 * Gentoo Security[36], with 16 closed bugs[37]  
 22. [hidden email]
 23.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=kde@...
 24. [hidden email]
 25.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=base-system@...
 26. [hidden email]
 27.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=games@...
 28. [hidden email]
 29.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=dev-portage@...
 30. [hidden email]
 31.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=media-video@...
 32. [hidden email]
 33.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=toolchain@...
 34. [hidden email]
 35.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=gnome@...
 36. [hidden email]
 37.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-04-16&chfieldto=2006-04-23&resolution=FIXED&assigned_to=security@...

   
New bug rankings
----------------
 
The developers and teams who have been assigned the most new bugs during
this period are:
 
 * Default Assignee for New Packages[38], with 27 new bugs[39]  
 * AMD64 Project[40], with 12 new bugs[41]  
 * Jon Hood[42], with 10 new bugs[43]  
 * media-video herd[44], with 10 new bugs[45]  
 * Default Assignee for Orphaned Packages[46], with 9 new bugs[47]  
 * Gentoo KDE team[48], with 9 new bugs[49]  
 * SpanKY[50], with 7 new bugs[51]  
 * Gentoo Games[52], with 7 new bugs[53]  
 38. [hidden email]
 39.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=maintainer-wanted@...
 40. [hidden email]
 41.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=amd64@...
 42. [hidden email]
 43.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=squinky86@...
 44. [hidden email]
 45.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=media-video@...
 46. [hidden email]
 47.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=maintainer-needed@...
 48. [hidden email]
 49.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=kde@...
 50. [hidden email]
 51.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=vapier@...
 52. [hidden email]
 53.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-04-16&chfieldto=2006-04-23&assigned_to=games@...

   
===============
7. GWN feedback
===============
   
Please send us your feedback[54] and help make the GWN better.

 54. [hidden email]
   
===============================
8. GWN subscription information
===============================
   
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
[hidden email].
 
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
[hidden email] from the e-mail address you are
subscribed under.
   
==================
9. Other languages
==================
   
The Gentoo Weekly Newsletter is also available in the following languages:
 
 * Danish[55]  
 * Dutch[56]  
 * English[57]  
 * German[58]  
 * French[59]  
 * Korean[60]  
 * Japanese[61]  
 * Italian[62]  
 * Polish[63]  
 * Portuguese (Brazil)[64]  
 * Portuguese (Portugal)[65]  
 * Russian[66]  
 * Spanish[67]  
 * Turkish[68]  
 55. http://www.gentoo.org/news/da/gwn/gwn.xml
 56. http://www.gentoo.org/news/nl/gwn/gwn.xml
 57. http://www.gentoo.org/news/en/gwn/gwn.xml
 58. http://www.gentoo.org/news/de/gwn/gwn.xml
 59. http://www.gentoo.org/news/fr/gwn/gwn.xml
 60. http://www.gentoo.org/news/ko/gwn/gwn.xml
 61. http://www.gentoo.org/news/ja/gwn/gwn.xml
 62. http://www.gentoo.org/news/it/gwn/gwn.xml
 63. http://www.gentoo.org/news/pl/gwn/gwn.xml
 64. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
 65. http://www.gentoo.org/news/pt/gwn/gwn.xml
 66. http://www.gentoo.org/news/ru/gwn/gwn.xml
 67. http://www.gentoo.org/news/es/gwn/gwn.xml
 68. http://www.gentoo.org/news/tr/gwn/gwn.xml

   
Ulrich Plate <[hidden email]> - Editor
Ioannis Aslanidis <[hidden email]> - Author
Wernfried Haas <[hidden email]> - Author
Patrick Lauer <[hidden email]> - Author
Markus Ullmann <[hidden email]> - Author

--
[hidden email] mailing list