wolf31o2 at gentoo
Dec 28, 2006, 8:21 AM
Views: 393
Permalink
|
|
Gentoo Weekly Newsletter 18 December 2006
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/20061218-newsletter.txt
This is the Gentoo Weekly Newsletter for the week of 18 December 2006.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
==============
1. Gentoo News
==============
EFIKA overlay opens
-------------------
In a follow-up to last week's announcement that the EFIKA[1] evaluation
boards from Genesi[2] had made their way into developer hands, the
Gentoo/PPC[3] team, in cooperation with Release Engineering[4], has made
available an overlay[5] for the EFIKA boards. Currently, the overlay has
only sys-kernel/efika-sources, which is based on gentoo-sources, plus the
EFIKA-specific patches to 2.6.19 that are required. Any future
EFIKA-specific packages will start life out in the overlay before eventually
making their way into the main tree. The overlay is currently supported by
the Release Engineering team.
1. http://www.efika.de/index_en.html
2. http://www.genesippc.com
3. http://www.gentoo.org/proj/en/base/ppc
4. http://www.gentoo.org/proj/en/releng
5. http://overlays.gentoo.org/proj/efika
There is also a #gentoo-efika channel on Freenode for discussions about the
EFIKA hardware and software, as well as general discussion of the platform.
=========================
2. Heard in the community
=========================
gentoo-installer
----------------
Quickstart 0.3 Released
Andrew Gaffney wrote to inform people that version 0.3 of Quickstart has
been released. Quickstart is a provisioning tool, designed to use a simple
configuration file to provision new Gentoo machines from bare metal. There
have been numerous changes and bug fixes since 0.2, some of which are below.
* partitioning and bootloader code redesigned to allow for
arch-specific code for each
* x86/amd64 partitioning support rewritten using fdisk instead of
sfdisk, since sfdisk isn't in busybox
* sun disklabel and partitioning support implemented
* sun bootloader (silo) support added (not yet tested)
* hppa partitioning (uses x86 code) and bootloader (palo) support
added and tested
With this release, x86/amd64/hppa are officially supported. Support for
sparc is experimental and expected to be fully supported with the next
release. You can find Quickstart at http://agaffney.org/quickstart/releases.
* http://archives.gentoo.org/gentoo-installer/msg_01323.xml
=========================
3. Gentoo developer moves
=========================
Moves
-----
The following developers recently left the Gentoo project:
* none this week
Adds
----
The following developers recently joined the Gentoo project:
* Christian Marie (pingu) mozilla team
Changes
-------
The following developers recently changed roles within the Gentoo project:
* none this week
==================
4. Gentoo security
==================
Tar: Directory traversal vulnerability
--------------------------------------
Tar is vulnerable to directory traversal possibly allowing for the
overwriting of arbitrary files.
For more information, please see the GLSA Announcement[6]
6. http://www.gentoo.org/security/en/glsa/glsa-200612-10.xml
AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities
--------------------------------------------------------------------
OpenSSL contains multiple vulnerabilities including the possible execution
of remote arbitrary code.
For more information, please see the GLSA Announcement[7]
7. http://www.gentoo.org/security/en/glsa/glsa-200612-11.xml
F-PROT Antivirus: Multiple vulnerabilities
------------------------------------------
F-Prot Antivirus contains a buffer overflow and other unspecified
vulnerabilities, possibly allowing the remote execution of arbitrary code.
For more information, please see the GLSA Announcement[8]
8. http://www.gentoo.org/security/en/glsa/glsa-200612-12.xml
libgsf: Buffer overflow
-----------------------
libgsf improperly allocates memory allowing for a heap overflow and possibly
the execution of arbitrary code.
For more information, please see the GLSA Announcement[9]
9. http://www.gentoo.org/security/en/glsa/glsa-200612-13.xml
Trac: Cross-site request forgery
--------------------------------
Trac allows remote attackers to execute unauthorized actions as other users.
For more information, please see the GLSA Announcement[10]
10. http://www.gentoo.org/security/en/glsa/glsa-200612-14.xml
McAfee VirusScan: Insecure DT_RPATH
-----------------------------------
McAfee VirusScan for Linux is distributed with an insecure DT_RPATH,
potentially allowing a remote attacker to execute arbitrary code.
For more information, please see the GLSA Announcement[11]
11. http://www.gentoo.org/security/en/glsa/glsa-200612-15.xml
Links: Arbitrary Samba command execution
----------------------------------------
Links does not properly validate "smb://" URLs, making it vulnerable to the
execution of arbitrary Samba commands.
For more information, please see the GLSA Announcement[12]
12. http://www.gentoo.org/security/en/glsa/glsa-200612-16.xml
GNU Radius: Format string vulnerability
---------------------------------------
A format string vulnerability has been found in GNU Radius, which could lead
to the remote execution of arbitrary code.
For more information, please see the GLSA Announcement[13]
13. http://www.gentoo.org/security/en/glsa/glsa-200612-17.xml
=======================
5. Gentoo package moves
=======================
This section lists packages that have either been moved or added to the tree
and packages that have had their "last rites" announcement given to be
removed in the future. The package removals come from many locations,
including the Treecleaners[14] and various developers. Most packages which
are listed under the Last Rites section are in need of some love and care
and can remain in the tree if proper maintainership is established.
14. http://www.gentoo.org/proj/en/qa/treecleaners
Additions:
----------
Package: Addition date: Contact:
sci-biology/amap[15] 11 Dec 06 Donnie Berkholz[16]
virtual/init[17] 12 Dec 06 Roy Marples[18]
games-fps/ut2004-unwheel[19] 12 Dec 06 Chris Gianelloni[20]
dev-libs/libisofs[21] 13 Dec 06 Steve Dibb[22]
games-fps/ut2004-damnation[23] 13 Dec 06 Chris Gianelloni[20]
games-fps/ut2004-muralis[24] 13 Dec 06 Chris Gianelloni[20]
net-print/splix[25] 14 Dec 06 Wolfram Schlich[26]
x11-libs/goocanvas[27] 14 Dec 06 Michael Hanselmann[28]
dev-python/pygoocanvas[29] 14 Dec 06 Michael Hanselmann[28]
games-fps/ut2004-troopers[30] 15 Dec 06 Chris Gianelloni[20]
app-cdr/poweriso[31] 16 Dec 06 Jurek Bartuszek[32]
app-crypt/asedriveiiie-usb[33] 16 Dec 06 Alon Bar-Lev[34]
app-crypt/asedriveiiie-serial[35] 16 Dec 06 Alon Bar-Lev[34]
app-crypt/asekey[36] 16 Dec 06 Alon Bar-Lev[34]
x11-libs/xcb-util[37] 16 Dec 06 Joshua Baergen[38]
dev-ruby/ruby-pcap[39] 17 Dec 06 Nguyen Thai Ngoc Duy[40]
dev-python/glewpy[41] 17 Dec 06 Joshua Baergen[38]
dev-cpp/libgtksourceviewmm[42] 17 Dec 06 Rémi Cardona[43]
media-plugins/gst-plugins-pulse[44] 17 Dec 06 Jim Ramsay[45]
dev-util/nemiver[46] 17 Dec 06 Rémi Cardona[43]
15. http://packages.gentoo.org/?category=sci-biology;name=amap
16. dberkholz [at] gentoo
17. http://packages.gentoo.org/?category=virtual;name=init
18. uberlord [at] gentoo
19. http://packages.gentoo.org/?category=games-fps;name=ut2004-unwheel
20. wolf31o2 [at] gentoo
21. http://packages.gentoo.org/?category=dev-libs;name=libisofs
22. beandog [at] gentoo
23. http://packages.gentoo.org/?category=games-fps;name=ut2004-damnation
24. http://packages.gentoo.org/?category=games-fps;name=ut2004-muralis
25. http://packages.gentoo.org/?category=net-print;name=splix
26. wschlich [at] gentoo
27. http://packages.gentoo.org/?category=x11-libs;name=goocanvas
28. hansmi [at] gentoo
29. http://packages.gentoo.org/?category=dev-python;name=pygoocanvas
30. http://packages.gentoo.org/?category=games-fps;name=ut2004-troopers
31. http://packages.gentoo.org/?category=app-cdr;name=poweriso
32. jurek [at] gentoo
33. http://packages.gentoo.org/?category=app-crypt;name=asedriveiiie-usb
34. alonbl [at] gentoo
35. http://packages.gentoo.org/?category=app-crypt;name=asedriveiiie-serial
36. http://packages.gentoo.org/?category=app-crypt;name=asekey
37. http://packages.gentoo.org/?category=x11-libs/xcb-util
38. joshuabaergen [at] gentoo
39. http://packages.gentoo.org/?category=dev-ruby;name=ruby-pcap
40. pclouds [at] gentoo
41. http://packages.gentoo.org/?category=dev-python;name=glewpy
42. http://packages.gentoo.org/?category=dev-cpp;name=libgtksourceviewmm
43. remi [at] gentoo
44. http://packages.gentoo.org/?category=media-plugins;name=gst-plugins-pulse
45. lack [at] gentoo
46. http://packages.gentoo.org/?category=dev-util;name=nemiver
Removals:
---------
Package: Removal date: Contact:
games-fps/ut2004-domain2049 12 Dec 06 Chris Gianelloni[20]
dev-db/dbbalancer 17 Dec 06 Tiziano Müller[47]
20. wolf31o2 [at] gentoo
47. dev-zero [at] gentoo
Last Rites:
-----------
Package: Removal date: Contact:
net-misc/cidr[48] 25 Dec 06 Elfyn McBratney[49]
dev-util/mergetrees[50] 25 Dec 06 Elfyn McBratney[49]
sys-fs/submount[51] 02 Jan 07 Daniel Drake[52]
games-fps/doomlegacy[53] 13 Jan 07 Michael Sterrett[54]
kde-misc/styleclock[55] 13 Jan 07 Charlie Shepherd[56]
media-sound/xmp[57] 14 Jan 07 Michael Sterrett[54]
app-emulation/i8086emu[58] 14 Jan 07 Michael Sterrett[54]
net-p2p/xmule[59] 15 Jan 07 Christian Faulhammer[60]
net-misc/ltsp[61] 15 Jan 07 Christian Faulhammer[60]
app-misc/nomad-tool[62] 15 Jan 07 George Shapovalov[63]
48. http://packages.gentoo.org/?category=net-misc;name=cidr
49. beu [at] gentoo
50. http://packages.gentoo.org/?category=dev-util;name=mergetrees
51. http://packages.gentoo.org/?category=sys-fs;name=submount
52. dsd [at] gentoo
53. http://packages.gentoo.org/?category=games-fps;name=doomlegacy
54. mr_bones_ [at] gentoo
55. http://packages.gentoo.org/?category=kde-misc;name=styleclock
56. masterdriverz [at] gentoo
57. http://packages.gentoo.org/?category=media-sound;name=xmp
58. http://packages.gentoo.org/?category=app-emulation;name=i8086emu
59. http://packages.gentoo.org/?category=net-p2p;name=xmule
60. opfer [at] gentoo
61. http://packages.gentoo.org/?category=net-misc;name=ltsp
62. http://packages.gentoo.org/?category=app-misc;name=nomad-tool
63. george [at] gentoo
===========
6. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[64]) to record and track
bugs, notifications, suggestions and other interactions with the development
team. Between 10 December 2006 and 17 December 2006, activity on the site
has resulted in:
64. http://bugs.gentoo.org
* 649 new bugs during this period
* 342 bugs closed or resolved during this period
* 25 previously closed bugs were reopened this period
* 143 closed as NEEDINFO/WONTFIX/CANTFIX/INVALID/UPSTREAM during this
period
* 163 bugs marked as duplicates during this period
Of the 10688 currently open bugs: 25 are labeled 'blocker', 96 are labeled
'critical', and 430 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* Gentoo's Team for Core System packages[65], with 35 closed bugs[66]
* Gentoo Security[67], with 20 closed bugs[68]
* Perl Devs @ Gentoo[69], with 16 closed bugs[70]
* Default Assignee for Orphaned Packages[71], with 16 closed bugs[72]
* Gentoo Games[73], with 15 closed bugs[74]
* XFCE Team[75], with 14 closed bugs[76]
* Gentoo Linux Gnome Desktop Team[77], with 11 closed bugs[78]
* Gentoo KDE team[79], with 9 closed bugs[80]
65. base-system [at] gentoo
66. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=base-system [at] gentoo
67. security [at] gentoo
68. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=security [at] gentoo
69. perl [at] gentoo
70. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=perl [at] gentoo
71. maintainer-needed [at] gentoo
72. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=maintainer-needed [at] gentoo
73. games [at] gentoo
74. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=games [at] gentoo
75. xfce [at] gentoo
76. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=xfce [at] gentoo
77. gnome [at] gentoo
78. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=gnome [at] gentoo
79. kde [at] gentoo
80. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-12-10&chfieldto=2006-12-17&resolution=FIXED&assigned_to=kde [at] gentoo
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* Default Assignee for New Packages[81], with 22 new bugs[82]
* AMD64 Project[83], with 10 new bugs[84]
* Mike Kelly[85], with 9 new bugs[86]
* media-video herd[87], with 9 new bugs[88]
* Gentoo's Team for Core System packages[65], with 8 new bugs[89]
* Default Assignee for Orphaned Packages[71], with 7 new bugs[90]
* Java team[91], with 6 new bugs[92]
* Gentoo Linux Gnome Desktop Team[77], with 6 new bugs[93]
65. base-system [at] gentoo
71. maintainer-needed [at] gentoo
77. gnome [at] gentoo
81. maintainer-wanted [at] gentoo
82. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=maintainer-wanted [at] gentoo
83. amd64 [at] gentoo
84. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=amd64 [at] gentoo
85. pioto [at] gentoo
86. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=pioto [at] gentoo
87. media-video [at] gentoo
88. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=media-video [at] gentoo
89. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=base-system [at] gentoo
90. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=maintainer-needed [at] gentoo
91. java [at] gentoo
92. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=java [at] gentoo
93. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-12-10&chfieldto=2006-12-17&assigned_to=gnome [at] gentoo
===============
7. GWN feedback
===============
The GWN is staffed by volunteers and members of the community who submit
ideas and articles. If you are interested in writing for the GWN, have
feedback on an article that we have posted, or just have an idea or article
that you would like to submit to the GWN, please send us your feedback[94]
and help make the GWN better.
94. gwn-feedback [at] gentoo
===============================
8. GWN subscription information
===============================
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+subscribe [at] gentoo
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+unsubscribe [at] gentoo from the e-mail address you are subscribed
under.
==================
9. Other languages
==================
The Gentoo Weekly Newsletter is also available in the following languages:
* Chinese (Simplified)[95]
* Danish[96]
* Dutch[97]
* English[98]
* German[99]
* Greek[100]
* French[101]
* Korean[102]
* Japanese[103]
* Italian[104]
* Polish[105]
* Portuguese (Brazil)[106]
* Portuguese (Portugal)[107]
* Russian[108]
* Slovak[109]
* Spanish[110]
* Turkish[111]
95. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml
96. http://www.gentoo.org/news/da/gwn/gwn.xml
97. http://www.gentoo.org/news/nl/gwn/gwn.xml
98. http://www.gentoo.org/news/en/gwn/gwn.xml
99. http://www.gentoo.org/news/de/gwn/gwn.xml
100. http://www.gentoo.org/news/el/gwn/gwn.xml
101. http://www.gentoo.org/news/fr/gwn/gwn.xml
102. http://www.gentoo.org/news/ko/gwn/gwn.xml
103. http://www.gentoo.org/news/ja/gwn/gwn.xml
104. http://www.gentoo.org/news/it/gwn/gwn.xml
105. http://www.gentoo.org/news/pl/gwn/gwn.xml
106. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
107. http://www.gentoo.org/news/pt/gwn/gwn.xml
108. http://www.gentoo.org/news/ru/gwn/gwn.xml
109. http://www.gentoo.org/news/sk/gwn/gwn.xml
110. http://www.gentoo.org/news/es/gwn/gwn.xml
111. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate [at] gentoo> - Editor
Chris Gianelloni <wolf31o2 [at] gentoo> - Author
--
gentoo-gwn [at] gentoo mailing list
|
Gentoo Weekly Newsletter 18 December 2006