Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Gentoo: GWN

Gentoo Weekly Newsletter 14 August 2006

 

 

Gentoo gwn RSS feed   Index | Next | Previous | View Threaded


wolf31o2 at gentoo

Aug 23, 2006, 3:25 PM

Post #1 of 1 (480 views)
Permalink
Gentoo Weekly Newsletter 14 August 2006

---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 14 August 2006.
---------------------------------------------------------------------------

==============
1. Gentoo news
==============

Linux World Conference and Expo - San Francisco
-----------------------------------------------

The Linux World Conference and Expo[1] kicks off this week in San
Francisco. As usual, Gentoo will have a booth in the '.Org Pavillion'.
The
booth will be located between the GNOME and KDE projects. Gentoo will
be
showing the upcoming 2006.1 release as well as several architectures.
This
is a good opportunity to meet several Gentoo developers from across the
United States.

1. http://www.linuxworldexpo.com/live/12/events/12SFO06A

The Expo floor is open from 15 August 2006 through 17 August 2006.

OSL Rackathon
-------------

The Oregon State University Open Source Lab[2] is conducting a
fundraiser,
called Rackathon[3], to raise money for the project. The OSL hosts a
large
portion of the Gentoo infrastructure, several developer boxes, and
provides the primary Gentoo mirror. They also host many other open
source
projects. Gentoo was the OSL's first client and is among the largest.
Money raised will help cover the costs of this free hosting as well as
other costs incurred by the project. Donations of 20 USD gets your name
on
a rack in the OSL for an entire year!

2. http://osuosl.org
3. http://osuosl.org/contribute/rackathon

Donations to the OSL will help fund further Gentoo hosting and many
other
open source projects.

PyBugz - Python interface to Bugzilla
-------------------------------------

Gentoo developer Alastair Tse[4] has created a Python-based command
line
interface to the Bugzilla issue tracking system. First conceived as a
tool
to speed up the workflow for Gentoo developers, PyBugz[5] has been
tested
on the XenSource and GNOME Bugzilla trackers, also.

4. liquidx [at] gentoo
5. http://www.liquidx.net

Gentoo users can install PyBugz by simply using emerge pybugz.

======================
2. Gentoo in the press
======================

Linux.com (11 Aug 2006)
-----------------------

Linux.com[6] has published an article, entitled 'Gentoo Portage
Secrets[7]'. The article gives some helpful hints on how to utilize new
features in portage 2.1 to optimize your Gentoo usage.

6. http://www.linux.com
7. http://www.linux.com/article.pl?sid=06/08/07/1952207

=========================
3. Gentoo developer moves
=========================

Moves
-----

The following developers recently left the Gentoo project:

* none this week

Adds
----

The following developers recently joined the Gentoo project:

* none this week

Changes
-------

The following developers recently changed roles within the Gentoo
project:

* none this week

==================
4. Gentoo security
==================

x11vnc: Authentication bypass in included LibVNCServer code
-----------------------------------------------------------

VNC servers created with x11vnc accept insecure protocol types, even
when
the server does not offer it, resulting in the possibility of
unauthorized
access to the server.

For more information, please see the GLSA Announcement[8]

8. http://www.gentoo.org/security/en/glsa/glsa-200608-12.xml

ClamAV: Heap buffer overflow
----------------------------

ClamAV is vulnerable to a heap-based buffer overflow resulting in a
Denial
of Service and potentially remote execution of arbitrary code.

For more information, please see the GLSA Announcement[9]

9. http://www.gentoo.org/security/en/glsa/glsa-200608-13.xml

DUMB: Heap buffer overflow
--------------------------

A heap-based buffer overflow in DUMB could result in the execution of
arbitrary code.

For more information, please see the GLSA Announcement[10]

10. http://www.gentoo.org/security/en/glsa/glsa-200608-14.xml

MIT Kerberos 5: Multiple local privilege escalation vulnerabilities
-------------------------------------------------------------------

Some applications shipped with MIT Kerberos 5 are vulnerable to local
privilege escalation.

For more information, please see the GLSA Announcement[11]

11. http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml

Warzone 2100 Resurrection: Multiple buffer overflows
----------------------------------------------------

Warzone 2100 Resurrection server and client are vulnerable to separate
buffer overflows, potentially allowing remote code execution.

For more information, please see the GLSA Announcement[12]

12. http://www.gentoo.org/security/en/glsa/glsa-200608-16.xml

libwmf: Buffer overflow vulnerability
-------------------------------------

libwmf is vulnerable to an integer overflow potentially resulting in
the
execution of arbitrary code.

For more information, please see the GLSA Announcement[13]

13. http://www.gentoo.org/security/en/glsa/glsa-200608-17.xml

Net::Server: Format string vulnerability
----------------------------------------

A format string vulnerability has been reported in Net::Server which
can
be exploited to cause a Denial of Service.

For more information, please see the GLSA Announcement[14]

14. http://www.gentoo.org/security/en/glsa/glsa-200608-18.xml

WordPress: Privilege escalation
-------------------------------

A flaw in WordPress allows registered WordPress users to elevate
privileges.

For more information, please see the GLSA Announcement[15]

15. http://www.gentoo.org/security/en/glsa/glsa-200608-19.xml

===========
5. Bugzilla
===========

Summary
-------

* Statistics
* Closed bug ranking
* New bug rankings

Statistics
----------

The Gentoo community uses Bugzilla (bugs.gentoo.org[16]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 06 August 2006 and 13 August 2006, activity
on
the site has resulted in:

16. http://bugs.gentoo.org

* 780 new bugs during this period
* 385 bugs closed or resolved during this period
* 32 previously closed bugs were reopened this period

Of the 10879 currently open bugs: 47 are labeled 'blocker', 138 are
labeled 'critical', and 539 are labeled 'major'.

Closed bug rankings
-------------------

The developers and teams who have closed the most bugs during this
period
are:

* Gentoo Security[17], with 29 closed bugs[18]
* Gentoo Games[19], with 17 closed bugs[20]
* Portage team[21], with 16 closed bugs[22]
* GNU Emacs Herd[23], with 15 closed bugs[24]
* AMD64 Project[25], with 15 closed bugs[26]
* Xavier Neys[27], with 14 closed bugs[28]
* Michal Januszewski[29], with 11 closed bugs[30]
* Perl Devs @ Gentoo[31], with 11 closed bugs[32]
17. security [at] gentoo
18.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=security [at] gentoo
19. games [at] gentoo
20.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=games [at] gentoo
21. dev-portage [at] gentoo
22.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=dev-portage [at] gentoo
23. emacs [at] gentoo
24.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=emacs [at] gentoo
25. amd64 [at] gentoo
26.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=amd64 [at] gentoo
27. neysx [at] gentoo
28.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=neysx [at] gentoo
29. spock [at] gentoo
30.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=spock [at] gentoo
31. perl [at] gentoo
32.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=perl [at] gentoo


New bug rankings
----------------

The developers and teams who have been assigned the most new bugs
during
this period are:

* Default Assignee for New Packages[33], with 46 new bugs[34]
* AMD64 Project[35], with 14 new bugs[36]
* Java team[37], with 12 new bugs[38]
* Gentoo Linux Gnome Desktop Team[39], with 10 new bugs[40]
* Default Assignee for Orphaned Packages[41], with 8 new bugs[42]
* Gentoo KDE team[43], with 7 new bugs[44]
* Perl Devs @ Gentoo[45], with 6 new bugs[46]
* X11 External Driver Maintainers[47], with 5 new bugs[48]
33. maintainer-wanted [at] gentoo
34.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=maintainer-wanted [at] gentoo
35. amd64 [at] gentoo
36.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=amd64 [at] gentoo
37. java [at] gentoo
38.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=java [at] gentoo
39. gnome [at] gentoo
40.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=gnome [at] gentoo
41. maintainer-needed [at] gentoo
42.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=maintainer-needed [at] gentoo
43. kde [at] gentoo
44.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=kde [at] gentoo
45. perl [at] gentoo
46.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=perl [at] gentoo
47. x11-drivers [at] gentoo
48.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=x11-drivers [at] gentoo


===============
6. GWN feedback
===============

Please send us your feedback[49] and help make the GWN better.

49. gwn-feedback [at] gentoo

===============================
7. GWN subscription information
===============================

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+subscribe [at] gentoo

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+unsubscribe [at] gentoo from the e-mail address you are
subscribed under.

==================
8. Other languages
==================

The Gentoo Weekly Newsletter is also available in the following
languages:

* Chinese (Simplified)[50]
* Danish[51]
* Dutch[52]
* English[53]
* German[54]
* French[55]
* Korean[56]
* Japanese[57]
* Italian[58]
* Polish[59]
* Portuguese (Brazil)[60]
* Portuguese (Portugal)[61]
* Russian[62]
* Spanish[63]
* Turkish[64]
50. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml
51. http://www.gentoo.org/news/da/gwn/gwn.xml
52. http://www.gentoo.org/news/nl/gwn/gwn.xml
53. http://www.gentoo.org/news/en/gwn/gwn.xml
54. http://www.gentoo.org/news/de/gwn/gwn.xml
55. http://www.gentoo.org/news/fr/gwn/gwn.xml
56. http://www.gentoo.org/news/ko/gwn/gwn.xml
57. http://www.gentoo.org/news/ja/gwn/gwn.xml
58. http://www.gentoo.org/news/it/gwn/gwn.xml
59. http://www.gentoo.org/news/pl/gwn/gwn.xml
60. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
61. http://www.gentoo.org/news/pt/gwn/gwn.xml
62. http://www.gentoo.org/news/ru/gwn/gwn.xml
63. http://www.gentoo.org/news/es/gwn/gwn.xml
64. http://www.gentoo.org/news/tr/gwn/gwn.xml


Ulrich Plate <plate [at] gentoo> - Editor
Chris Gianelloni <wolf31o2 [at] gentoo> - Author



--
gentoo-gwn [at] gentoo mailing list

Gentoo gwn RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.