Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Gentoo: GWN

Gentoo Weekly Newsletter 14 August 2006



Gentoo gwn RSS feed   Index | Next | Previous | View Threaded

wolf31o2 at gentoo

Aug 23, 2006, 3:25 PM

Post #1 of 1 (646 views)
Gentoo Weekly Newsletter 14 August 2006

Gentoo Weekly Newsletter
This is the Gentoo Weekly Newsletter for the week of 14 August 2006.

1. Gentoo news

Linux World Conference and Expo - San Francisco

The Linux World Conference and Expo[1] kicks off this week in San
Francisco. As usual, Gentoo will have a booth in the '.Org Pavillion'.
booth will be located between the GNOME and KDE projects. Gentoo will
showing the upcoming 2006.1 release as well as several architectures.
is a good opportunity to meet several Gentoo developers from across the
United States.

1. http://www.linuxworldexpo.com/live/12/events/12SFO06A

The Expo floor is open from 15 August 2006 through 17 August 2006.

OSL Rackathon

The Oregon State University Open Source Lab[2] is conducting a
called Rackathon[3], to raise money for the project. The OSL hosts a
portion of the Gentoo infrastructure, several developer boxes, and
provides the primary Gentoo mirror. They also host many other open
projects. Gentoo was the OSL's first client and is among the largest.
Money raised will help cover the costs of this free hosting as well as
other costs incurred by the project. Donations of 20 USD gets your name
a rack in the OSL for an entire year!

2. http://osuosl.org
3. http://osuosl.org/contribute/rackathon

Donations to the OSL will help fund further Gentoo hosting and many
open source projects.

PyBugz - Python interface to Bugzilla

Gentoo developer Alastair Tse[4] has created a Python-based command
interface to the Bugzilla issue tracking system. First conceived as a
to speed up the workflow for Gentoo developers, PyBugz[5] has been
on the XenSource and GNOME Bugzilla trackers, also.

4. liquidx [at] gentoo
5. http://www.liquidx.net

Gentoo users can install PyBugz by simply using emerge pybugz.

2. Gentoo in the press

Linux.com (11 Aug 2006)

Linux.com[6] has published an article, entitled 'Gentoo Portage
Secrets[7]'. The article gives some helpful hints on how to utilize new
features in portage 2.1 to optimize your Gentoo usage.

6. http://www.linux.com
7. http://www.linux.com/article.pl?sid=06/08/07/1952207

3. Gentoo developer moves


The following developers recently left the Gentoo project:

* none this week


The following developers recently joined the Gentoo project:

* none this week


The following developers recently changed roles within the Gentoo

* none this week

4. Gentoo security

x11vnc: Authentication bypass in included LibVNCServer code

VNC servers created with x11vnc accept insecure protocol types, even
the server does not offer it, resulting in the possibility of
access to the server.

For more information, please see the GLSA Announcement[8]

8. http://www.gentoo.org/security/en/glsa/glsa-200608-12.xml

ClamAV: Heap buffer overflow

ClamAV is vulnerable to a heap-based buffer overflow resulting in a
of Service and potentially remote execution of arbitrary code.

For more information, please see the GLSA Announcement[9]

9. http://www.gentoo.org/security/en/glsa/glsa-200608-13.xml

DUMB: Heap buffer overflow

A heap-based buffer overflow in DUMB could result in the execution of
arbitrary code.

For more information, please see the GLSA Announcement[10]

10. http://www.gentoo.org/security/en/glsa/glsa-200608-14.xml

MIT Kerberos 5: Multiple local privilege escalation vulnerabilities

Some applications shipped with MIT Kerberos 5 are vulnerable to local
privilege escalation.

For more information, please see the GLSA Announcement[11]

11. http://www.gentoo.org/security/en/glsa/glsa-200608-15.xml

Warzone 2100 Resurrection: Multiple buffer overflows

Warzone 2100 Resurrection server and client are vulnerable to separate
buffer overflows, potentially allowing remote code execution.

For more information, please see the GLSA Announcement[12]

12. http://www.gentoo.org/security/en/glsa/glsa-200608-16.xml

libwmf: Buffer overflow vulnerability

libwmf is vulnerable to an integer overflow potentially resulting in
execution of arbitrary code.

For more information, please see the GLSA Announcement[13]

13. http://www.gentoo.org/security/en/glsa/glsa-200608-17.xml

Net::Server: Format string vulnerability

A format string vulnerability has been reported in Net::Server which
be exploited to cause a Denial of Service.

For more information, please see the GLSA Announcement[14]

14. http://www.gentoo.org/security/en/glsa/glsa-200608-18.xml

WordPress: Privilege escalation

A flaw in WordPress allows registered WordPress users to elevate

For more information, please see the GLSA Announcement[15]

15. http://www.gentoo.org/security/en/glsa/glsa-200608-19.xml

5. Bugzilla


* Statistics
* Closed bug ranking
* New bug rankings


The Gentoo community uses Bugzilla (bugs.gentoo.org[16]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 06 August 2006 and 13 August 2006, activity
the site has resulted in:

16. http://bugs.gentoo.org

* 780 new bugs during this period
* 385 bugs closed or resolved during this period
* 32 previously closed bugs were reopened this period

Of the 10879 currently open bugs: 47 are labeled 'blocker', 138 are
labeled 'critical', and 539 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this

* Gentoo Security[17], with 29 closed bugs[18]
* Gentoo Games[19], with 17 closed bugs[20]
* Portage team[21], with 16 closed bugs[22]
* GNU Emacs Herd[23], with 15 closed bugs[24]
* AMD64 Project[25], with 15 closed bugs[26]
* Xavier Neys[27], with 14 closed bugs[28]
* Michal Januszewski[29], with 11 closed bugs[30]
* Perl Devs @ Gentoo[31], with 11 closed bugs[32]
17. security [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=security [at] gentoo
19. games [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=games [at] gentoo
21. dev-portage [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=dev-portage [at] gentoo
23. emacs [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=emacs [at] gentoo
25. amd64 [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=amd64 [at] gentoo
27. neysx [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=neysx [at] gentoo
29. spock [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=spock [at] gentoo
31. perl [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-08-06&chfieldto=2006-08-13&resolution=FIXED&assigned_to=perl [at] gentoo

New bug rankings

The developers and teams who have been assigned the most new bugs
this period are:

* Default Assignee for New Packages[33], with 46 new bugs[34]
* AMD64 Project[35], with 14 new bugs[36]
* Java team[37], with 12 new bugs[38]
* Gentoo Linux Gnome Desktop Team[39], with 10 new bugs[40]
* Default Assignee for Orphaned Packages[41], with 8 new bugs[42]
* Gentoo KDE team[43], with 7 new bugs[44]
* Perl Devs @ Gentoo[45], with 6 new bugs[46]
* X11 External Driver Maintainers[47], with 5 new bugs[48]
33. maintainer-wanted [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=maintainer-wanted [at] gentoo
35. amd64 [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=amd64 [at] gentoo
37. java [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=java [at] gentoo
39. gnome [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=gnome [at] gentoo
41. maintainer-needed [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=maintainer-needed [at] gentoo
43. kde [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=kde [at] gentoo
45. perl [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=perl [at] gentoo
47. x11-drivers [at] gentoo
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-08-06&chfieldto=2006-08-13&assigned_to=x11-drivers [at] gentoo

6. GWN feedback

Please send us your feedback[49] and help make the GWN better.

49. gwn-feedback [at] gentoo

7. GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+subscribe [at] gentoo

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+unsubscribe [at] gentoo from the e-mail address you are
subscribed under.

8. Other languages

The Gentoo Weekly Newsletter is also available in the following

* Chinese (Simplified)[50]
* Danish[51]
* Dutch[52]
* English[53]
* German[54]
* French[55]
* Korean[56]
* Japanese[57]
* Italian[58]
* Polish[59]
* Portuguese (Brazil)[60]
* Portuguese (Portugal)[61]
* Russian[62]
* Spanish[63]
* Turkish[64]
50. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml
51. http://www.gentoo.org/news/da/gwn/gwn.xml
52. http://www.gentoo.org/news/nl/gwn/gwn.xml
53. http://www.gentoo.org/news/en/gwn/gwn.xml
54. http://www.gentoo.org/news/de/gwn/gwn.xml
55. http://www.gentoo.org/news/fr/gwn/gwn.xml
56. http://www.gentoo.org/news/ko/gwn/gwn.xml
57. http://www.gentoo.org/news/ja/gwn/gwn.xml
58. http://www.gentoo.org/news/it/gwn/gwn.xml
59. http://www.gentoo.org/news/pl/gwn/gwn.xml
60. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
61. http://www.gentoo.org/news/pt/gwn/gwn.xml
62. http://www.gentoo.org/news/ru/gwn/gwn.xml
63. http://www.gentoo.org/news/es/gwn/gwn.xml
64. http://www.gentoo.org/news/tr/gwn/gwn.xml

Ulrich Plate <plate [at] gentoo> - Editor
Chris Gianelloni <wolf31o2 [at] gentoo> - Author

gentoo-gwn [at] gentoo mailing list

Gentoo gwn RSS feed   Index | Next | Previous | View Threaded

Interested in having your list archived? Contact Gossamer Threads
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.