Debian Weekly News - August 1st, 2006

Posted by dcparris on Aug 1, 2006 11:51 PM EDT
Mailing list; By Martin Schulze
Mail this story
Print this story

Welcome to this year's 31st issue of DWN, the weekly newsletter for the Debian community. Christoph Berg [1]announced nine new members of the QA team who already work on outstanding issues in the [2]etch release. Gintautas Miliauskas [3]reported that he has been working on an integrated l10n infrastructure for Debian based on the framework used by the [4]WorldForge project.

---------------------------------------------------------------------------
Debian Weekly News
http://www.debian.org/News/weekly/2006/31/
Debian Weekly News - August 1st, 2006
---------------------------------------------------------------------------

Welcome to this year's 31st issue of DWN, the weekly newsletter for the Debian community. Christoph Berg [1]announced nine new members of the QA team who already work on outstanding issues in the [2]etch release. Gintautas Miliauskas [3]reported that he has been working on an integrated l10n infrastructure for Debian based on the framework used by the [4]WorldForge project.

1. http://lists.debian.org/debian-qa/2006/07/msg00093.html 2. http://www.debian.org/releases/etch/ 3. http://gintasm.blogspot.com/2006/06/localization-coordination-for-debian-1.html 4. http://www.worldforge.org/

Uploading with proper Urgencies. Adeodato Simó [5]reminded developers to upload fixed packages with urgency high if they fix security-related bugs. The urgency medium should be used for release-critical bugs including corrections to failures to build from source on one or other [6]architecture. Since these uploads will migrate into [7]testing faster than normal, they should be prepared with extra care as well.

5. http://lists.debian.org/debian-devel-announce/2006/07/msg00008.html 6. http://www.debian.org/ports/ 7. http://www.debian.org/releases/testing/

Responsibility for Packages. Martin Krafft [8]wondered if Debian wants to change responsibilities for packages and move to more group maintained packages. Adeodato Simó [9]explained that having the non-maintainer diff in the [10]bug tracking system for a few days before entering the archive does help QA, because there's room for peer review.

8. http://lists.debian.org/debian-project/2006/07/msg00190.html 9. http://lists.debian.org/debian-project/2006/07/msg00231.html 10. http://www.debian.org/Bugs/

Xen on Debian GNU/Linux 3.1. Aike de Jongste [11]explained how to install the [12]backported version of [13]Xen on a [14]stable Debian system. This includes APT [15]pinning of several packages, creating a special RAM disk, adding an item to the [16]grub menu and [17]setting up a Xen instance.

11. http://www.debian-administration.org/articles/423 12. http://www.backports.org/ 13. http://en.wikipedia.org/wiki/Xen 14. http://www.debian.org/releases/sarge/ 15. http://jaqque.sbih.org/kplug/apt-pinning.html 16. http://packages.debian.org/grub 17. http://www.debian-administration.org/articles/396

Branding for Debian Derivatives. Anthony Towns [18]proposed to introduce an official branding programme for derived distributions to help our derivatives get the benefits of Debian's reputation. In the essence the derivatives should listen to their users and cooperate with the Free Software community. In return Debian should provide a logo, add a link from its website, cooperate on press releases and provide a supportive basis for future cooperation and consultation.

18. http://lists.debian.org/debian-project/2006/07/msg00241.html

Key Management for Secure APT. Joey Schulze [19]wondered if key management could be added into [20]APT in time for the [21]etch release. Martin Krafft [22]discouraged plain automatic key upgrades since they are too vulnerable to attacks and prefers a third party authority to sign the keys. Florian Weimer [23]stated that the only approach known to work is static keys for stable releases and stable security updates.

19. http://lists.debian.org/debian-release/2006/07/msg00192.html 20. http://packages.debian.org/apt 21. http://www.debian.org/releases/etch/ 22. http://lists.debian.org/debian-release/2006/07/msg00194.html 23. http://lists.debian.org/debian-release/2006/07/msg00201.html

Supporting Exim 3 in Etch? Marc Haber [24]outlined the steps required to remove version 3 of [25]Exim from [26]etch since it is not supported by upstream anymore and even its maintainer has stopped using it in the meantime. This includes an update to [27]sarge and also requires manual work when users upgrade from sarge to etch.

24. http://lists.debian.org/debian-release/2006/07/msg00228.html 25. http://packages.debian.org/exim 26. http://www.debian.org/releases/etch/ 27. http://www.debian.org/releases/sarge/

Building Documentation. Marcio Roberto Teixeira [28]wondered if documentation for a Debian package should better be built before packaging to save build time or during the regular build process. Goswin von Brederlow [29]explained that documentation should be built together with the rest of the package. If building takes long it should not be done with every package built but only with the one producing the binary-independent package.

28. http://lists.debian.org/debian-devel/2006/07/msg00101.html 29. http://lists.debian.org/debian-devel/2006/07/msg00232.html

Installing setuid Programs. Yui-wah Lee [30]wondered how a program should be packaged that needs to be installed setuid or setgid. Matthew Palmer [31]explained that the maintainer should set the appropriate permissions and may have to tweak dh_fixperms so that it doesn't turn the permissions back to the default. Local admins can change these permissions with dpkg-statoverride.

30. http://lists.debian.org/debian-devel/2006/07/msg00105.html 31. http://lists.debian.org/debian-devel/2006/07/msg00115.html

Status of translated Packages Descriptions. Michael Vogt [32]asked for testing of [33]APT from experimental. This version supports translated package descriptions which are already available for [34]sid on many mirrors and on the Debian description translation [35]project. A few features which where available in the past such as reviewing of a translation are not yet implemented but are [36]planned as part of the new internationalisation framework.

32. http://lists.debian.org/debian-devel/2006/07/msg01323.html 33. http://packages.debian.org/apt 34. http://www.debian.org/releases/sid/ 35. http://ddtp.debian.net/ 36. http://lists.debian.org/debian-devel/2006/07/msg01379.html

Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.

* DSA 1125: [37]drupal -- Execution of arbitrary web script code. * DSA 1126: [38]asterisk -- Denial of service. * DSA 1127: [39]ethereal -- Several vulnerabilities. * DSA 1128: [40]heartbeat -- Denial of service. * DSA 1129: [41]osiris -- Arbitrary code execution. * DSA 1130: [42]sitebar -- Cross-site scripting.

37. http://www.debian.org/security/2006/dsa-1125 38. http://www.debian.org/security/2006/dsa-1126 39. http://www.debian.org/security/2006/dsa-1127 40. http://www.debian.org/security/2006/dsa-1128 41. http://www.debian.org/security/2006/dsa-1129 42. http://www.debian.org/security/2006/dsa-1130

New or Noteworthy Packages. The following packages were added to the unstable Debian archive [43]recently or contain important updates.

43. http://packages.debian.org/unstable/newpkg_main

* [44]bcfg2 -- Configuration management client. * [45]beaglefs -- Implements a filesystem representing a live Beagle query. * [46]biloba -- Turn based strategy board game for up to 4 players. * [47]byzanz -- Small screencast creator. * [48]console-setup-mini -- Experimental micro version of console-setup package. * [49]cryptmount -- Management and user-mode mounting of encrypted file systems. * [50]gshare -- Easy user-level file sharing for GNOME. * [51]jpnevulator -- Serial sniffer. * [52]multisync-tools -- PIM Synchronisation Command Line Tools. * [53]necpp -- NEC2 Evolution Antenna Modelling System. * [54]open-iscsi -- High performance, transport independent implementation of RFC3720. * [55]openser -- Very fast and configurable SIP proxy. * [56]p3nfs -- Mount the file systems on the Psion/Symbian PDA/Phone. * [57]pdfcrack -- PDF files password cracker. * [58]phpgedview -- Web-based genealogy viewer and editor. * [59]qrfcview -- Viewer for IETF RFCs. * [60]rant -- Flexible, Ruby based make. * [61]serpentine -- Application for creating audio CDs. * [62]splashy -- Complete user-space boot splash system. * [63]tshark -- Network traffic analyser (console). * [64]vbindiff -- Visual binary diff, visually compare binary files. * [65]wireshark -- Network traffic analyser. * [66]wise -- Comparison of biopolymers, commonly DNA and protein sequence.

44. http://packages.debian.org/unstable/admin/bcfg2 45. http://packages.debian.org/unstable/gnome/beaglefs 46. http://packages.debian.org/unstable/games/biloba 47. http://packages.debian.org/unstable/graphics/byzanz 48. http://packages.debian.org/unstable/utils/console-setup-mini 49. http://packages.debian.org/unstable/admin/cryptmount 50. http://packages.debian.org/unstable/gnome/gshare 51. http://packages.debian.org/unstable/comm/jpnevulator 52. http://packages.debian.org/unstable/utils/multisync-tools 53. http://packages.debian.org/unstable/science/necpp 54. http://packages.debian.org/unstable/net/open-iscsi 55. http://packages.debian.org/unstable/net/openser 56. http://packages.debian.org/unstable/otherosfs/p3nfs 57. http://packages.debian.org/unstable/utils/pdfcrack 58. http://packages.debian.org/unstable/web/phpgedview 59. http://packages.debian.org/unstable/doc/qrfcview 60. http://packages.debian.org/unstable/devel/rant 61. http://packages.debian.org/unstable/gnome/serpentine 62. http://packages.debian.org/unstable/graphics/splashy 63. http://packages.debian.org/unstable/net/tshark 64. http://packages.debian.org/unstable/utils/vbindiff 65. http://packages.debian.org/unstable/net/wireshark 66. http://packages.debian.org/unstable/science/wise

Orphaned Packages. 7 packages were orphaned this week and require a new maintainer. This makes a total of 343 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the [67]WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package. To find out which orphaned packages are installed on your system the wnpp-alert program from devscripts may be helpful.

67. http://www.debian.org/devel/wnpp/

* [68]44bsd-rdist -- 4.4BSD rdist. ([69]Bug#380192) * [70]dcc -- Distributed Checksum Clearinghouse. ([71]Bug#380542) * [72]gch -- Ada quality & style checker. ([73]Bug#380193) * [74]gkrellongrun -- LongRun plug-in for GKrellM. ([75]Bug#379978) * [76]gpdf -- Portable Document Format (PDF) viewer. ([77]Bug#380382) * [78]hubcot -- USB Hub mascot. ([79]Bug#379977) * [80]libpod-pom-perl -- Perl module of POD Object Model. ([81]Bug#379983)

68. http://packages.debian.org/unstable/net/44bsd-rdist 69. http://bugs.debian.org/380192 70. http://packages.debian.org/unstable/mail/dcc-client 71. http://bugs.debian.org/380542 72. http://packages.debian.org/unstable/devel/gch 73. http://bugs.debian.org/380193 74. http://packages.debian.org/unstable/x11/gkrellongrun 75. http://bugs.debian.org/379978 76. http://packages.debian.org/unstable/gnome/gpdf 77. http://bugs.debian.org/380382 78. http://packages.debian.org/unstable/utils/hubcot 79. http://bugs.debian.org/379977 80. http://packages.debian.org/unstable/perl/libpod-pom-perl 81. http://bugs.debian.org/379983

Removed Packages. 18 packages have been [82]removed from the Debian archive during the past week:

82. http://ftp-master.debian.org/removals.txt

* openldap2.2 -- OpenLDAP utilities [83]Bug#340349: Request of QA, superseded by openldap2.3; RC-buggy (non-free content) * ultrapossum -- Multi-functional LDAP Solution [84]Bug#378885: Request of QA, dead upstream, unmaintained, depends on removed openldap2.2 * installwatch -- Track installation of local software [85]Bug#347469: Request of QA, merged into checkinstall * webmin-ldap-netgroups -- LDAP webmin module for editing netgroups [86]Bug#347773: Request of maintainer, depends on removed webmin * kimberlite -- High Availability Clustering Package [87]Bug#348195: Request of QA, orphaned, unused, dead upstream * mozilla-firefox-locale-it -- Mozilla Firefox Italian Language/Region Package [88]Bug#348357: Request of maintainer, superseded by mozilla-firefox-locale-all * mgapdesk -- X configuration tool for Matrox video card [89]Bug#364344: Request of QA, orphaned, RC-buggy * libzlib-ruby -- Extension library to use zlib from Ruby 1.6 [90]Bug#367903: Request of maintainer, ruby 1.6 removal * libiconv-ruby -- Wrapper class of iconv for the Ruby 1.6.x [91]Bug#367907: Request of maintainer, ruby 1.6 removal * libstrscan-ruby -- Fast string scanning library for Ruby [92]Bug#369417: Request of maintainer, ruby 1.6 removal * xerces26 -- validating XML parser library for C++ (development files) [93]Bug#375929: Request of maintainer, superseded by xerces27 * gtk-smooth-engine -- Smooth Engine for GTK+ 1.2 [94]Bug#378663: Request of maintainer, superseded by gtk2-engines * fisg -- Fast IRC Statistics Generator [95]Bug#378910: Request of maintainer, dead upstream * parted-swig -- Perl5 bindings for libparted [96]Bug#379293: Request of maintainer, upstream gone; out of date; RC buggy * python-orbit -- Python bindings for ORBit [97]Bug#379436: Request of maintainer, obsolete * tkpgp -- Tcl/Tk script that serves as a GUI shell for PGP or GnuPG [98]Bug#379509: Request of maintainer, upstream gone * mindi-kernel -- Failsafe Linux kernel for Mindi/Mondo [99]Bug#379570: Request of maintainer, replaced by using stock Debian kernels; 2.4 only * libflorist-3.15p-1 -- POSIX.5 Ada interface to operating system services [100]Bug#379795: Request of maintainer, superseded by libflorist, RC-buggy

83. http://bugs.debian.org/340349 84. http://bugs.debian.org/378885 85. http://bugs.debian.org/347469 86. http://bugs.debian.org/347773 87. http://bugs.debian.org/348195 88. http://bugs.debian.org/348357 89. http://bugs.debian.org/364344 90. http://bugs.debian.org/367903 91. http://bugs.debian.org/367907 92. http://bugs.debian.org/369417 93. http://bugs.debian.org/375929 94. http://bugs.debian.org/378663 95. http://bugs.debian.org/378910 96. http://bugs.debian.org/379293 97. http://bugs.debian.org/379436 98. http://bugs.debian.org/379509 99. http://bugs.debian.org/379570 100. http://bugs.debian.org/379795

Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the [101]contributing page to find out how to help. We're looking forward to receiving your mail at [102]dwn@debian.org.

101. http://www.debian.org/News/weekly/contributing 102. mailto:dwn@debian.org

This issue of Debian Weekly News was edited by Jens Seidel and Martin 'Joey' Schulze.

-- To UNSUBSCRIBE, email to [e-mail:debian-news-REQUEST@lists.debian.org] with a subject of "unsubscribe". Trouble? Contact [e-mail:listmaster@lists.debian.org]

  Nav
» Read more about: Story Type: Newsletter; Groups: Debian, GNU, Linux

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.