Debian Weekly News - August 17th, 2004

Posted by dave on Aug 18, 2004 4:00 AM EDT
Mailing list; By Martin Schulze <joey@infodrom.org>
Mail this story
Print this story

Of interest to large-scale installations: Hewlett-Packard finally offers 24x7 support for Debian GNU/Linux with HP Extensions. In an article Chris DiBona highlighted the services offered by GNU/Linux vendors and pointed out that their repositories are miles ahead of competing proprietary commercial offerings.

---------------------------------------------------------------------------
Debian Weekly News
http://www.debian.org/News/weekly/2004/32/
Debian Weekly News - August 17th, 2004
---------------------------------------------------------------------------

Welcome to this year's 32nd issue of DWN, the weekly newsletter for the Debian community. Of interest to large-scale installations: Hewlett-Packard finally [1]offers 24x7 support for [2]Debian GNU/Linux with HP Extensions. In an [3]article Chris DiBona highlighted the services offered by GNU/Linux vendors and pointed out that their repositories are miles ahead of competing proprietary commercial offerings.

1. http://www.hp.com/hps/linux/lx_debian.html 2. http://www.hp.com/hps/linux/lx_debian_faq.html 3. http://os.newsforge.com/os/04/07/11/1748243.shtml

Investigating Sarge Security. Joey Hess [4]looked through every [5]security advisory issued in 2004 and checked to see if the security hole was fixed in sarge as well. Security holes not fixed yet in sarge include those in [6]libpng, [7]libpng3, [8]php4, [9]netkit-telnet-ssl, [10]pavuk, [11]www-sql, [12]lha, [13]log2mail, [14]hsftp, [15]trr19, and [16]slocate. The other 1.5 years worth of security advisories back to the release of woody would probably take several more days to check. [17]Investigation of security advisories from 2003 revealed that security updates for [18]tomcat4 and [19]gtksee are missing in sarge.

4. http://lists.debian.org/debian-release/2004/08/msg00144.html 5. http://www.debian.org/security/ 6. http://packages.debian.org/libpng 7. http://packages.debian.org/libpng3 8. http://packages.debian.org/php4 9. http://packages.debian.org/netkit-telnet-ssl 10. http://packages.debian.org/pavuk 11. http://packages.debian.org/www-sql 12. http://packages.debian.org/lha 13. http://packages.debian.org/log2mail 14. http://packages.debian.org/hsftp 15. http://packages.debian.org/trr19 16. http://packages.debian.org/slocate 17. http://lists.debian.org/debian-release/2004/08/msg00168.html 18. http://packages.debian.org/tomcat4 19. http://packages.debian.org/gtksee

Debian-Installer Review. Bruce Bayfield [20]reviewed the new [21]debian-installer (d-i). He says "It introduces Debian's strengths right at the start, and it goes a long way toward burying Debian's reputation for being difficult to install." He added, that, by installing only a minimal number of packages, d-i defaults to a noticeably more secure system compared to most commercial distributions. Bayfield suggests the new installer ease of use will bring many new users to Debian.

20. http://applications.linux.com/article.pl?sid=04/08/09/164207 21. http://www.debian.org/devel/debian-installer/

What comes after Sarge? Osamu Aoki [22]wanted to release a new [23]debian-reference package that explains the latest release names. Naturally he was wondering which name testing will become once sarge is released as Debian 3.1. Colin Watson opened the curtain and [24]revealed that the release after sarge will be called etch. Quickly, a discussion arose about using a different name and voting upon the name.

22. http://lists.debian.org/debian-devel/2004/08/msg00737.html 23. http://packages.debian.org/debian-reference 24. http://lists.debian.org/debian-devel/2004/08/msg00743.html

Zero-Day Non-maintainer Uploads. Steve Langesek [25]said that this close to the release of sarge, 3 days can definitely make the difference between a package being ready in time for sarge, and not being ready in time. Moreover, history shows us that 0-day non-maintainer uploads (NMUs) have been very effective at bringing the release-critical (RC) bug count down rapidly. He would therefore like to declare open-season on RC bugs, including 0-day NMUs if appropriate until the release of sarge.

25. http://lists.debian.org/debian-devel/2004/08/msg00768.html

Online Changelog Files. Andrew Pollock was [26]missing a possibility to reach changelog files without actually installing the corresponding packages. Therefore he has created [27]changelogs.debian.net which contained those files. Martin Michlmayr [28]revealed that changelog files already exist on [29]packages.debian.org. Hence, the new site finally redirects HTTP requests to the files on packages.debian.org.

26. http://lists.debian.org/debian-qa/2004/06/msg00023.html 27. http://changelogs.debian.net/ 28. http://lists.debian.org/debian-qa/2004/06/msg00106.html 29. http://packages.debian.org/

Best Practice QA Uploads. Matthew Palmer [30]started to write a QA upload best practices document after working through quality assurance (QA) procedures with one of his new-maintainer applicants. The [31]second version caused some [32]disagreement on the scope of a QA upload, though.

30. http://lists.debian.org/debian-qa/2004/07/msg00076.html 31. http://lists.debian.org/debian-qa/2004/07/msg00088.html 32. http://lists.debian.org/debian-qa/2004/07/msg00089.html

Synchronising Skolelinux with Sarge. Petter Reinholdtsen posted a [33]list of packages that the [34]Skolelinux people should push into Debian in order to get Debian synchronised with Skolelinux. He and Joey Hess are [35]worried that it may already be too late to get new packages into Debian in time for the release of sarge.

33. http://lists.debian.org/debian-edu/2004/08/msg00084.html 34. http://www.skolelinux.no/ 35. http://lists.debian.org/debian-edu/2004/08/msg00130.html

Which KDE Version in Sarge? Co-release-manager Steve Langasek [36]complained about a last minute upload of a number of packages from KDE 3.3 to unstable. Since he considers it undesirable to have a mix of different versions and impossible to get all of KDE 3.3 into sarge on schedule for the release, he concluded that KDE in sarge will not be updated from unstable and fixes to KDE related packages should be submitted to testing-proposed-updates. Chris Cheney [37]objected to Steve's assessment, while [38]Ben Burton and [39]René Engelhard concurred. René also [40]noticed that [41]kdelibs-data again caused file conflicts with [42]openoffice.org-mimelnk.

36. http://lists.debian.org/debian-release/2004/08/msg00222.html 37. http://lists.debian.org/debian-release/2004/08/msg00223.html 38. http://lists.debian.org/debian-release/2004/08/msg00224.html 39. http://lists.debian.org/debian-release/2004/08/msg00230.html 40. http://lists.debian.org/debian-release/2004/08/msg00228.html 41. http://packages.debian.org/kdelibs-data 42. http://packages.debian.org/openoffice.org-mimelnk

Cdrecord on the Way to non-free. Jose Carlos Garcia Sogo [43]noticed that Jörg Schilling has added a non-modification clause to a file within the [44]cdrecord distribution which renders the package non-free since this is in direct [45]conflict with the [46]GNU General Public License.

43. http://www.tribulaciones.org/blog/computers/software/cdrecord-license_13-08-2004 44. http://packages.debian.org/cdrecord 45. http://weblogs.mozillazine.org/gerv/archives/006193.html 46. http://www.gnu.org/copyleft/gpl.html

New LaTeX Project Public License, Version 1.3. Branden Robinson [47]reported that a new version of the [48]LaTeX Project Public License (LPPL) has been published, taking most of debian-legal contributor's comments into account, and the LaTeX project also intends to see OSI Certification. It seems to be compliant with the [49]Debian Free Software Guidelines. Hilmar Preusse [50]added that the teTeX packages in Debian are released under LPPL 1.2.

47. http://lists.debian.org/debian-legal/2004/07/msg00079.html 48. http://www.latex-project.org/lppl/ 49. http://www.debian.org/social_contract#guidelines 50. http://lists.debian.org/debian-legal/2004/07/msg00153.html

Freeness of the Qt Public License. Martin Krafft [51]wondered if the new [52]Qt Public License (QPL) is considered DFSG-free, since it is [53]OSI approved and because it was [54]requested to remove [55]libcwd from main. Andrew Suffield [56]asserted that choice-of-venue clauses are decidedly non-free.

51. http://lists.debian.org/debian-legal/2004/06/msg00016.html 52. http://www.opensource.org/licenses/qtpl.php 53. http://www.opensource.org/licenses/ 54. http://bugs.debian.org/251983 55. http://packages.debian.org/libcwd 56. http://lists.debian.org/debian-legal/2004/06/msg00030.html

Bug Squashing Week. Frank Lichtenheld [57]announced that this entire week has been declared the bug squashing week. He will be around in #debian-bugs on both irc.debian.org and irc.oftc.net over the whole period of time (except for system recreation intervals) trying to keep the party going and appeal to all people to participate on it. He will be also joining the real life bug squashing party at the TU Darmstadt, Germany.

57. http://lists.debian.org/debian-devel-announce/2004/08/msg00005.html

New SPI Officers. John Goerzen [58]announced that [59]Software in the Public Interest, Inc. (SPI) has [60]selected the [61]officers during its annual meeting. They are: President: John Goerzen, Vice President: Benjamin Mako Hill, Treasurer: Jimmy Kaplowitz, and Secretary: David Graham. He also announced the [62]annual report for SPI and encouraged Debian developers to get involved with this organisation.

58. http://lists.debian.org/debian-devel-announce/2004/08/msg00006.html 59. http://www.spi-inc.org/ 60. http://lists.spi-inc.org/pipermail/spi-announce/2004/000089.html 61. http://www.spi-inc.org/corporate/board 62. http://www.spi-inc.org/~jgoerzen/ar2004/spi2004.html

Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.

* [63]ruby -- Insecure CGI session management. * [64]rsync -- Unauthorised directory traversal and file access. * [65]kdelibs -- Denial of service.

63. http://www.debian.org/security/2004/dsa-537 64. http://www.debian.org/security/2004/dsa-538 65. http://www.debian.org/security/2004/dsa-539

New or Noteworthy Packages. The following packages were added to the unstable Debian archive [66]recently or contain important updates.

66. http://packages.debian.org/unstable/newpkg_main

* [67]akode -- Akode arts plugin. * [68]amd64-libs -- AMD64 shared libraries for use on i386/x86_64 systems. * [69]bindgraph -- DNS statistics RRDtool frontend for BIND9. * [70]ccs -- Cluster configuration system. * [71]cman -- Cluster manager. * [72]coqide -- Proof assistant for higher-order logic. * [73]couriergraph -- Mail statistics RRDtool frontend for Courier-{POP,IMAP}. * [74]digitemp -- Program to read from temperature sensors in a 1-wire net. * [75]eagle-usb-utils -- Userspace tools for Eagle USB ADSL modems. * [76]fence -- I/O fencing system. * [77]freedoom -- Free game files for the 3D game DOOM. * [78]gcjwebplugin -- Web browser plugin to execute Java (tm) applets. * [79]gfs-tools -- Global File System. * [80]ghdl -- VHDL compiler/simulator using GCC technology. * [81]gimp-gap -- GIMP Animation Package. * [82]gnurobbo -- GNU Robbo is logic game ported from ATARI XE/XL. * [83]gnustep -- GNUstep Development Environment -- user applications. * [84]gradm2 -- Administration program for the grsecurity2 RBAC based ACL system. * [85]gtweakui -- Collection of simple dialogs as a front end to GConf. * [86]ibwebadmin -- Web-based administration for the Firebird and Interbase database. * [87]ifstat -- InterFace STATistics Monitoring. * [88]kaquarium -- Aquarium panel applet for KDE. * [89]kfish -- Fish panel applet for KDE. * [90]kolourpaint -- Simple Paint Program for KDE. * [91]ksociograma -- Technical educational software to make sociograms. * [92]kwartz -- Language independent HTML templating system. * [93]laptop-mode-tools -- Userland scripts to control "laptop mode". * [94]mcpp -- Matsui's CPP implementation precisely conformed to standards. * [95]mpc -- Command-line tool to interface MPD. * [96]mpd -- Music Player Daemon, the name says it all. * [97]normalize-audio -- Adjust the volume of WAV files to a standard volume level. * [98]ntfsprogs -- Tools for doing neat things in NTFS partitions from Linux. * [99]pentanet-utils -- Utilities for Pent@NET DVB Data receiving cards. * [100]php-mail-mime -- PHP PEAR module for creating and decoding MIME messages. * [101]php-radius -- Radius protocol implementation in PHP. * [102]pymacs -- Interface between Emacs Lisp and Python [dummy package]. * [103]pymacs-elisp -- Emacsen Lisp modules for pymacs. * [104]qsynaptics -- Qt application to configure Synaptic TouchPad. * [105]request-tracker3.2 -- Extensible trouble-ticket tracking system. * [106]shermans-aquarium -- Sherman's aquarium applet for GNOME 2. * [107]spfqtool -- Command-line SPF query tool. * [108]torsmo -- System monitor that sits in the corner of your desktop. * [109]zope-cookiecrumbler -- Use cookies even when folder doesn't support cookies.

67. http://packages.debian.org/unstable/sound/akode 68. http://packages.debian.org/unstable/libs/amd64-libs 69. http://packages.debian.org/unstable/admin/bindgraph 70. http://packages.debian.org/unstable/admin/ccs 71. http://packages.debian.org/unstable/admin/cman 72. http://packages.debian.org/unstable/devel/coqide 73. http://packages.debian.org/unstable/admin/couriergraph 74. http://packages.debian.org/unstable/electronics/digitemp 75. http://packages.debian.org/unstable/net/eagle-usb-utils 76. http://packages.debian.org/unstable/admin/fence 77. http://packages.debian.org/unstable/games/freedoom 78. http://packages.debian.org/unstable/net/gcjwebplugin 79. http://packages.debian.org/unstable/admin/gfs-tools 80. http://packages.debian.org/unstable/electronics/ghdl 81. http://packages.debian.org/unstable/graphics/gimp-gap 82. http://packages.debian.org/unstable/games/gnurobbo 83. http://packages.debian.org/unstable/x11/gnustep 84. http://packages.debian.org/unstable/admin/gradm2 85. http://packages.debian.org/unstable/gnome/gtweakui 86. http://packages.debian.org/unstable/web/ibwebadmin 87. http://packages.debian.org/unstable/net/ifstat 88. http://packages.debian.org/unstable/kde/kaquarium 89. http://packages.debian.org/unstable/kde/kfish 90. http://packages.debian.org/unstable/graphics/kolourpaint 91. http://packages.debian.org/unstable/misc/ksociograma 92. http://packages.debian.org/unstable/web/kwartz 93. http://packages.debian.org/unstable/utils/laptop-mode-tools 94. http://packages.debian.org/unstable/devel/mcpp 95. http://packages.debian.org/unstable/sound/mpc 96. http://packages.debian.org/unstable/sound/mpd 97. http://packages.debian.org/unstable/sound/normalize-audio 98. http://packages.debian.org/unstable/otherosfs/ntfsprogs 99. http://packages.debian.org/unstable/net/pentanet-utils 100. http://packages.debian.org/unstable/web/php-mail-mime 101. http://packages.debian.org/unstable/web/php-radius 102. http://packages.debian.org/unstable/python/pymacs 103. http://packages.debian.org/unstable/python/pymacs-elisp 104. http://packages.debian.org/unstable/x11/qsynaptics 105. http://packages.debian.org/unstable/misc/request-tracker3.2 106. http://packages.debian.org/unstable/gnome/shermans-aquarium 107. http://packages.debian.org/unstable/mail/spfqtool 108. http://packages.debian.org/unstable/x11/torsmo 109. http://packages.debian.org/unstable/web/zope-cookiecrumbler

Debian Packages introduced last Week. Every day, a different Debian package is [110]featured from the testing distribution. If you know about an obscure package you think others should also know about, send it to [111]Andrew Sweger. Debian package a day introduced the following packages last week.

110. http://www.livejournal.com/users/debaday/ 111. http://www.livejournal.com/userinfo.bml?user=debaday

* [112]mairix -- Indexes and searches email in Maildir and MH formats. * [113]pydf -- Colourised df(1)-clone. * [114]ixbiff -- Notify user when mail arrives by blinking keyboard LEDs.

112. http://www.livejournal.com/users/debaday/28953.html 113. http://www.livejournal.com/users/debaday/29195.html 114. http://www.livejournal.com/users/debaday/29593.html

Orphaned Packages. 5 packages were orphaned this week and require a new maintainer. This makes a total of 168 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the [115]WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.

115. http://www.debian.org/devel/wnpp/

* [116]debconf -- Debian configuration management system. ([117]Bug#265570) * [118]libapache-dbilogger-perl -- Tracks what's being transferred in a DBI database. ([119]Bug#265760) * [120]lzo -- Real-time data compression library. ([121]Bug#265726) * [122]lzop -- Real-time compressor. ([123]Bug#265727) * [124]python-bsddb3 -- Python interface to libdb3. ([125]Bug#264695)

116. http://packages.debian.org/unstable/admin/debconf 117. http://bugs.debian.org/265570 118. http://packages.debian.org/unstable/perl/libapache-dbilogger-perl 119. http://bugs.debian.org/265760 120. http://packages.debian.org/unstable/libs/liblzo1 121. http://bugs.debian.org/265726 122. http://packages.debian.org/unstable/utils/lzop 123. http://bugs.debian.org/265727 124. http://packages.debian.org/unstable/python/python-bsddb3 125. http://bugs.debian.org/264695

Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the [126]contributing page to find out how to help. We're looking forward to receiving your mail at [127]dwn@debian.org.

126. http://www.debian.org/News/weekly/contributing 127. mailto:dwn@debian.org

-- To UNSUBSCRIBE, email to [e-mail:debian-news-REQUEST@lists.debian.org] with a subject of "unsubscribe". Trouble? Contact [e-mail:listmaster@lists.debian.org]

[PARSEASHTML]

  Nav
» Read more about: Story Type: Newsletter; Groups: Debian

« Return to the newswire homepage

This topic does not have any threads posted yet!

You cannot post until you login.