|
|
Welcome to this year's 43rd issue of DWN, the weekly newsletter for the Debian community. Adrian von Bidder noted that mirroring Debian via rsync uses quite some CPU-power on the server and hence is not the preferred method. Luke Kenneth Casson Leighton reported that some of their servers are moved from Debian 2.2 (potato) to a current release of Fedora for marketing reasons.
|
|
---------------------------------------------------------------------------
Debian Weekly News
http://www.debian.org/News/weekly/2004/43/
Debian Weekly News - November 2nd, 2004
---------------------------------------------------------------------------
Welcome to this year's 43rd issue of DWN, the weekly newsletter for
the Debian community. Adrian von Bidder [1]noted that mirroring Debian
via rsync uses quite some CPU-power on the server and hence is not the
preferred method. Luke Kenneth Casson Leighton [2]reported that some
of their servers are [3]moved from Debian 2.2 (potato) to a current
release of Fedora for [4]marketing reasons.
1. http://lists.debian.org/debian-devel/2004/10/msg01627.html
2. http://lists.debian.org/debian-devel/2004/10/msg01516.html
3. http://sourceforge.net/tracker/index.php?func=detail&aid=1052417&group_id=1&atid=350001
4. http://lists.debian.org/debian-devel/2004/10/msg01659.html
Report from the Systems Presence. Michael Banck [5]summarised the
Debian presence at this year's [6]Systems exhibition. The Debian
project maintained a booth along with other Free Software projects
like Skolelinux, KDE, OpenOffice.org and the various BSDs. Despite
NetBSD being around as well, the Debian booth had the coolest piece of
hardware, namely a [7]Mac SE/30, running Debian stable on a Linux-2.2
kernel.
5. http://www.advogato.org/person/mbanck/diary.html?start=25
6. http://www.debian.org/events/2004/1018-systems
7. http://people.debian.org/~mbanck/photos/systems2004/p1010068.jpg
Report from Kansai OpenSource. Junichi Uekawa wrote a [8]report about
the Debian meeting during this year's [9]Kansai OpenSource on October
23rd in Osaka, Japan, where about 30 Debian associates met. They gave
a introduction talk about Debian in general, a talk about becoming a
maintainer and the day-to-day tasks. The meeting ended with a panel
discussion.
8. http://www.netfort.gr.jp/~dancer/diary/200410.html.en#2004-Oct-24-18:26:21
9. http://k-of.jp/
Debian Mailing Lists Slowdown. Pascal Hakim [10]reported that Debians
mailing lists were hurt by a number of mail servers that don't accept
mail fast enough. Additionally, a [11]mail to the announce mailing
list with more than 28,000 subscribers aggravated the problem. He also
announced the addition of [12]Cord Beermann to the listmaster team.
10. http://www.redellipse.net/stuff/Debian/Lists/debian-announce_and_thundering_herds.story
11. http://lists.debian.org/debian-announce/debian-announce-2004/msg00000.html
12. http://cord.de/
Kernel and Sarge Upgrade. Frank Lichtenheld [13]published the results
of his first (successful) dist-upgrades from woody to sarge with a
real i386. Andreas Barth [14]summarised the issues for all platforms.
Beside real i386 there might be upgrade problems on hppa, arm, sparc
and mips(el) due to incompatibilities between glibc and the kernel.
For some of them, it's sufficient to upgrade the kernel first.
13. http://lists.debian.org/debian-kernel/2004/10/msg00430.html
14. http://lists.debian.org/debian-kernel/2004/10/msg00450.html
File Hierarchy Standard 2.3. Manoj Srivastava [15]compared the File
Hierarchy Standard (FHS) 2.1, which is used for the release of sarge
with the next [16]version 2.3. Some changes in 2.3 will required
modifications in the archive. Some people wondered if ~/Desktop, which
is created by GNOME, would still be allowed in the [17]future or
[18]not, even though this behaviour was generally disliked.
15. http://lists.debian.org/debian-devel/2004/10/msg01543.html
16. http://www.pathname.com/fhs/pub/fhs-2.3.html
17. http://lists.debian.org/debian-devel/2004/10/msg01590.html
18. http://lists.debian.org/debian-devel/2004/10/msg01648.html
Release Critical Bug Reports. Cord Beermann [19]noticed that the list
of RC-bug reports was considered as junk by the mailing lists
recently, and didn't make it to the lists any more. This is fixed now.
Javier Fernández-Sanguino Peña [20]asked to trim this report down to
bugs affecting sarge for now, and Colin Watson [21]told to look into,
but can't promise when. Additionally, Andreas Barth [22]reported that
the list also included bugs tagged experimental, which is fixed now.
19. http://lists.debian.org/debian-devel/2004/10/msg01449.html
20. http://lists.debian.org/debian-devel/2004/10/msg01549.html
21. http://lists.debian.org/debian-devel/2004/10/msg01561.html
22. http://bugs.debian.org/278869
Public secrete Keyrings. Matthew Garret [23]noticed that the secret
keyring to access the wanna-build database for Debian's AMD64 port was
publically [24]available and detectable via [25]Google. Adam Majer
reacted fast and immediately [26]revoked this archive key since it had
to be considered compromised.
23. http://lists.debian.org/debian-devel/2004/10/msg01643.html
24. http://ftp.belnet.be/linux/debian-amd64/wanna-build/secring.gpg
25. http://www.google.com/search?q=inurl%3Asecring.gpg
26. http://lists.debian.org/debian-devel/2004/10/msg01657.html
Debian Updates via BitTorrent. Arnaud Kyheng [27]started with an
[28]apt proxy to the bittorrent network. For security, the package
listing and the .torrent files will be fetched from a regular HTTP
server, just as usual for a package. Packages, however, will be
fetched via the bittorrent protocol and forwarded to apt. Some earlier
[29]ideas were mentioned in a bug report before.
27. http://lists.debian.org/debian-devel/2004/10/msg01715.html
28. http://sianka.free.fr/
29. http://bugs.debian.org/199316
License for Content of Web Forums. Sebastian Feltel [30]wanted to
change the license for new postings on [31]debianforum.de that are
submitted after January 1st next year to the MIT/X11 license and
wondered about potential problems with two licenses present. Changing
the license on old postings would be an [32]never-ending task, since
he had to ask all ~5,000 users who have contributed. Finally Sebastian
[33]modified the code so that users can choose the license they want
to use.
30. http://lists.debian.org/debian-legal/2004/10/msg00434.html
31. http://debianforum.de/forum/
32. http://lists.debian.org/debian-legal/2004/10/msg00483.html
33. http://lists.debian.org/debian-legal/2004/10/msg00546.html
Packaging the new 2.6.9 Kernel? Andres Solomon [34]reported that he
has prepared the required patches for the 2.6.9 kernel in the kernel
repository. However, Christoph Hellwig [35]suggested to get 2.6.8 in a
better shape for sarge first. Andres wanted to provide the 2.6.9 also
for comparison and as a resource for backporting patches.
34. http://lists.debian.org/debian-kernel/2004/10/msg00355.html
35. http://lists.debian.org/debian-kernel/2004/10/msg00357.html
New Skolelinux CD Image 1.0r1. Petter Reinholdtsen [36]announced a new
Skolelinux CD [37]image. The new image incorporates many of the recent
security updates, a kernel upgrade and some new translations. The
hardware detection database was updated as well. Skolelinux also
recently [38]won an [39]award in Germany.
36. http://lists.debian.org/debian-edu/2004/10/msg00386.html
37. ftp://developer.skolelinux.no/skolelinux-cd/
38. http://lists.debian.org/debian-edu/2004/10/msg00384.html
39. http://www.skolelinux.org/portal/news_archive/skolelinux/2004/best_newcomer_distro
Cross-compiling the Kernel on Debian. Al Viro [40]explained how he
uses Debian to cross-compile the Linux kernel for a number of
different architectures. All compile runs are done on a K7 and two
AMD64 machines. He is also set up to cross-compile for sparc32,
sparc64, alpha and powerpc. As a result any compile-time errors on
those other architectures are quickly caught.
40. http://kerneltrap.org/node/view/4098
Debian CD/DVD Directory Layout. Steve McIntyre [41]reported that he
finally has a full set of woody (3.0) DVD jigdo files and wondered
about the directory layout on the server. He [42]proposed a particular
layout that would require moving the existing jigdo files. Richard
Atterer [43]asserted that for sarge full DVD images would be available
on cdimage for i386 only and that's how it should be implemented for
woody as well.
41. http://lists.debian.org/debian-cd/2004/10/msg00145.html
42. http://lists.debian.org/debian-cd/2004/10/msg00149.html
43. http://lists.debian.org/debian-cd/2004/10/msg00148.html
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 574: [44]cabextract -- Unintended directory traversal.
* DSA 575: [45]catdoc -- Temporary file vulnerability.
* DSA 576: [46]squid -- Several vulnerabilities.
* DSA 577: [47]postgresql -- Symlink vulnerability.
* DSA 578: [48]mpg123 -- Arbitrary code execution.
* DSA 579: [49]abiword -- Arbitrary code execution.
* DSA 580: [50]iptables -- Modprobe failure.
* DSA 581: [51]xpdf -- Arbitrary code execution.
* DSA 582: [52]libxml -- Arbitrary code execution.
44. http://www.debian.org/security/2004/dsa-574
45. http://www.debian.org/security/2004/dsa-575
46. http://www.debian.org/security/2004/dsa-576
47. http://www.debian.org/security/2004/dsa-577
48. http://www.debian.org/security/2004/dsa-578
49. http://www.debian.org/security/2004/dsa-579
50. http://www.debian.org/security/2004/dsa-580
51. http://www.debian.org/security/2004/dsa-581
52. http://www.debian.org/security/2004/dsa-582
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the [53]contributing
page to find out how to help. We're looking forward to receiving your
mail at [54]dwn@debian.org.
53. http://www.debian.org/News/weekly/contributing
54. mailto:dwn@debian.org
--
To UNSUBSCRIBE, email to [e-mail:debian-news-REQUEST@lists.debian.org]
with a subject of "unsubscribe". Trouble? Contact [e-mail:listmaster@lists.debian.org]
|
