Gentoo Weekly Newsletter - Volume 3, Issue 14

Posted by dave on Apr 5, 2004 4:44 PM EDT
Mailing list; By Yuji Kosugi <carlos@gentoo.org> 		Mail this story
Print this story

The Gentoo website is having trouble, the newsletter link is returning intermitten 404's, so I've mirrored it here.


Gentoo Weekly Newsletter: April 5th, 2004

1. Gentoo News

Gentoo Linux Project seeking additional kernel developers

Gentoo Linux is currently seeking some additional kernel developers, primarily for the x86, amd64, ppc, and ppc64 architectures. Applicants should have a fair amount of experience with the kernel, specifically with one or more of the above architectures. Send an email to John Mylchreest if you're interested.

Gentoo Weekly Newsletter seeking additional contributors



The Gentoo Weekly Newsletter is seeking additional contributors to help with community coverage - this involves monitoring mailing lists, web forums, or the international community and summarizing the interesting traffic each week. We'd also like to take on some volunteers to help with some of the other sections, bringing new ideas to the team and lightening the load on the current contributors. The only real requirement of applicants is a solid knowledge of written English. Experience with journalism or Linux, as well as a variety of other skills might be helpful, but are not necessary, although motivation and willingness to work about a couple of hours each week is. Still interested? Drop us a line here with some background info and any ideas you have for the newsletter.

2. Gentoo Security

Fetchmail 6.2.5 fixes a remote DoS



Fetchmail versions 6.2.4 and earlier can be crashed by sending a specially-crafted email to a fetchmail user.



For more information, please see the GLSA Announcement

Squid ACL [url_regex] bypass vulnerability



Squid versions 2.0 through to 2.5.STABLE4 could allow a remote attacker to bypass Access Control Lists by sending a specially-crafted URL request containing '%00': in such circumstances; the url_regex ACL may not properly detect the malicious URL, allowing the attacker to effectively bypass the ACL.

For more information, please see the GLSA Announcement



OpenLDAP DoS Vulnerability



A failed password operation can cause the OpenLDAP slapd server, if it is using the back-ldbm backend, to free memory that was never allocated.

For more information, please see the GLSA Announcement

Remote buffer overflow in MPlayer



MPlayer contains a remotely exploitable buffer overflow in the HTTP parser that may allow attackers to run arbitrary code on a user's computer.

For more information, please see the GLSA Announcement

Multiple Security Vulnerabilities in Monit



A denial of service and a buffer overflow vulnerability have been found in Monit.

For more information, please see the GLSA Announcement

3. Heard in the Community

Web Forums



GLSA Integration in Portage



Gentoo developer Genone has set up a sticky thread a while ago that deals with the upcoming integration of security announcements in Portage. Check here for updates to the script that is now in gentoolkit, before its final implementation as part of emerge:





The Colour: Purple...



The "Lila Theme" is a new concerted effort at designing a Gentoo wallpaper and desktop icons collection, in purple (German: "lila") and pink, the predominant Gentoo colours. Sounds awful, looks stunningly beautiful, and it's entirely SVG-based, so you can generate your own PNGs with a Python script via Sodipodi or Inkscape! The Firefox theme has even made it onto the list of the "official" upstream themes. Here's where the artists coordinate their work:

4. Gentoo International

Germany: Yet Another GUM in Oberhausen



The next Gentoo User Meeting in Oberhausen (Ruhr region of central Germany) will take place this Wednesday, 7 April. The meeting point will again be the Gasthof Harlos, and the GUM starts at 19:00. Newcomers and regulars alike are most welcome. The coordination thread in the Forums is at its usual location.



5. Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 27 March 2004 and 02 April 2004, activity on the site has resulted in:



  • 697 new bugs during this period
  • 438 bugs closed or resolved during this period


  • 20 previously closed bugs were reopened this period

Of the 5510 currently open bugs: 130 are labeled 'blocker', 203 are labeled 'critical', and 460 are labeled 'major'.



Closed Bug Rankings

The developers and teams who have closed the most bugs during this period are:



New Bug Rankings

The developers and teams who have been assigned the most new bugs during this period are:



6. Tips and Tricks



Multiple X-Sessions



XFree86 allows you to have multiple X sessions open at once. This can be useful if you want or need two different desktop environments open at once.







Code Listing 6.1

    // By default X uses the display :0

% startx
    // To open a second display, use another number
% startx -- :1


The desktops will be on terminals F7-F12

7. Moves, Adds, and Changes



Moves

The following developers recently left the Gentoo team:

  • none this week


Adds

The following developers recently joined the Gentoo Linux team:



  • none this week


Changes

The following developers recently changed roles within the Gentoo Linux project:

  • none this week


8. Contribute to GWN



Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.

9. GWN Feedback



Please send us your feedback and help make the GWN better.



10. GWN Subscription Information

To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.



11. Other Languages

The Gentoo Weekly Newsletter is also available in the following languages:





line
Updated 5 April 2004
line
Yuji Carlos Kosugi
Editor

AJ Armstrong
Contributor

Brian Downey


Contributor



Luke Giuliani
Contributor

Grant Goodyear
Contributor

Aron Griffis
Contributor



Stuart Herbert


Contributor

Kurt Lieber
Contributor

Rafael Cordones Marcos
Contributor

David Narayan


Contributor



David Nielsen
Contributor

Ulrich Plate
Contributor

Simon Holm Thagersen
Danish Translation



Jesper Brodersen


Danish Translation

Arne Mejlholm
Danish Translation

Hendrik Eeckhaut
Dutch Translation

Jorn Eilander


Dutch Translation



Bernard Kerckenaere
Dutch Translation

Peter ter Borg
Dutch Translation

Jochen Maes
Dutch Translation



Roderick Goessen


Dutch Translation

Gerard van den Berg
Dutch Translation

Matthieu Montaudouin
French Translation

Xavier Neys


French Translation



Martin Prieto
French Translation

Antoine Raillon
French Translation

Sebastien Cevey
French Translation



Jean-Christophe Choisy


French Translation

Thomas Raschbacher
German Translation

Steffen Lassahn
German Translation

Matthias F. Brandstetter
German Translation

Lukas Domagala
German Translation

Tobias Scherbaum
German Translation

Daniel Gerholdt
German Translation

Marc Herren
German Translation

Tobias Matzat
German Translation



Marco Mascherpa
Italian Translation

Claudio Merloni
Italian Translation

Christian Apolloni
Italian Translation

Stefano Lucidi


Italian Translation

Katuyuki Konno
Japanese Translation

Hiroyuki Takeda
Japanese Translation

Masato Hatakeyama
Japanese Translation



Masayoshi Nakamura
Japanese Translation

Yasunori Fukudome
Japanese Translation

Tomoyuki Sakurai
Japanese Translation

Lukasz Strzygowski


Polish Translation

Karol Goralski
Polish Translation

Atila "Jedi" Bohlke Vasconcelos
Portuguese (Brazil) Translation

Eduardo Belloti
Portuguese (Brazil) Translation



João Rafael Moraes Nicola
Portuguese (Brazil) Translation

Marcelo Gonçalves de Azambuja
Portuguese (Brazil) Translation

Otavio Rodolfo Piske
Portuguese (Brazil) Translation

Pablo N. Hess -- NatuNobilis


Portuguese (Brazil) Translation

Pedro de Medeiros
Portuguese (Brazil) Translation

Ventura Barbeiro
Portuguese (Brazil) Translation

Bruno Ferreira
Portuguese (Portugal) Translation



Gustavo Felisberto
Portuguese (Portugal) Translation

José Costa
Portuguese (Portugal) Translation

Luis Medina
Portuguese (Portugal) Translation

Ricardo Loureiro


Portuguese (Portugal) Translation

Aleksandr Martyncev
Russian Translator

Sergey Galkin
Russian Translator

Sergey Kuleshov
Russian Translator



Alex Spirin
Russian Translator

Denis Zaletov
Russian Translator

Lanark
Spanish Translation

Fernando J. Pereda


Spanish Translation

Lluis Peinado Cifuentes
Spanish Translation

Zephryn Xirdal T
Spanish Translation

Guillermo Juarez
Spanish Translation



Jesús García Crespo
Spanish Translation

Carlos Castillo
Spanish Translation

Julio Castillo
Spanish Translation

Sergio Gómez


Spanish Translation

Aycan Irican
Turkish Translation

Bugra Cakir
Turkish Translation

Cagil Seker
Turkish Translation



Emre Kazdagli
Turkish Translation

Evrim Ulu
Turkish Translation

Gursel Kaynak
Turkish Translation

  Nav
» Read more about: Story Type: Newsletter; Groups: Gentoo

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.