Gentoo Logo
Gentoo Spaceship

Get Started
Gentoo Handbook
Downloads

News
Security Announcements
Calendar
Infrastructure Status

Documentation
Gentoo Handbook
Featured Documentation
IBM dW/Intel article archive

Get Gentoo
Downloads
Mirrors

Community
Discussion Forums
IRC Channels
Mailing Lists
Report Issues
Planet (Blogs)
Online Package Database
Wiki
Contact Us
Sponsors

Get Involved
Report Issues
Help Wanted
Help maintaining packages
Discussion Forums
IRC Channels
Mailing Lists
Become a Developer
Offer Resources
Enhancement Proposals (GLEPs)
Source Repositories
Developer's Manual

Other
Developer List
Developer Map
Gentoo Stores
Projects

About
About Gentoo
Philosophy
Social Contract
Name and Logo Guidelines
Logos and themes
Screenshots



Gentoo logoWe produce Gentoo Linux, a special flavor of Linux that can be automatically optimized and customized for just about any application or need. Extreme performance, configurability and a top-notch user and developer community are all hallmarks of the Gentoo experience. To learn more, read our about page.

GLSA 201503-01: media-libs/jasper
Posted on March 6, 2015 by Gentoo Security Team

Clock

JasPer: Multiple Vulnerabilities
Multiple vulnerabilities have been found in JasPer, the worst of which could could allow an attacker to execute arbitrary code.
See GLSA 201503-01 for more information.

New Packages
Posted on March 6, 2015 by packages.gentoo.org

Larry the Cow
sys-apps/likwid-3.1.3 A lightweight performance-oriented tool suite for x86 multicore environments
x11-libs/libfm-extra-1.2.3 A library for file management
dev-ruby/web-console-2.1.1 A debugging tool for your Ruby on Rails applications
dev-ruby/binding_of_caller-0.7.2 Retrieve the binding of a method's caller
dev-ruby/debug_inspector-0.0.2 A Ruby wrapper for the MRI 2.0 debug_inspector API
dev-java/jackson-dataformat-yaml-2.5.1 YAML data format extension for Jackson
dev-java/jackson-dataformat-xml-2.5.1 XML data format extension for Jackson
dev-java/jackson-module-jaxb-annotations-2.5.1 JAXB alternative to native Jackson annotations
dev-util/shelltestrunner-1.3.4 A tool for testing command-line programs
dev-java/stax2-api-4.0.0 Extended Stax (STandard Api for Xml procesing) API

Blog posts
Posted between March 6, 2015 and March 5, 2015 by planet.gentoo.org

Planet Earth

Service relaunch: archives.gentoo.org
Posted on February 25, 2015 by Robin H. Johnson

gentoo

The Gentoo Infrastructure team is proud to announce that we have re-engineered the mailing list archives, and re-launched it, back at archives.gentoo.org. The prior Mhonarc-based system had numerous problems, and a complete revamp was deemed the best forward solution to move forward with. The new system is powered by ElasticSearch (more features to come).

All existing URLs should either work directly, or redirect you to the new location for that content.

Major thanks to Alex Legler, for his development of this project.

Note that we're still doing some catchup on newer messages, but delays will drop to under 2 hours soon, with an eventual goal of under 30 minutes.

Please report problems to Bugzilla: Product Websites, Component Archives

GLSA 201502-15: net-fs/samba
Posted on February 25, 2015 by Gentoo Security Team

Clock

Samba: Multiple vulnerabilities
Multiple vulnerabilities have been found in Samba, the worst of which allowing a context-dependent attacker to bypass intended file restrictions, cause a Denial of Service or execute arbitrary code.
See GLSA 201502-15 for more information.

GLSA 201502-14: sys-apps/grep
Posted on February 25, 2015 by Gentoo Security Team

Clock

grep: Denial of Service
A vulnerability in grep could result in Denial of Service.
See GLSA 201502-14 for more information.

Blog posts
Posted between February 24, 2015 and February 21, 2015 by planet.gentoo.org

Planet Earth

GLSA 201502-13: www-client/chromium
Posted on February 17, 2015 by Gentoo Security Team

Clock

Chromium: Multiple vulnerabilities
Multiple vulnerabilities have been found in Chromium, the worst of which can allow remote attackers to cause Denial of Service or gain escalated privileges.
See GLSA 201502-13 for more information.

Blog posts
Posted on February 17, 2015 by planet.gentoo.org

Planet Earth

GLSA 201502-12: dev-java/oracle-jre-bin (and 2 more packages)
Posted on February 15, 2015 by Gentoo Security Team

Clock

Oracle JRE/JDK: Multiple vulnerabilities
Multiple vulnerabilities have been found in Oracle's Java SE Development Kit and Runtime Environment, the worst of which could lead to execution of arbitrary code.
See GLSA 201502-12 for more information.

GLSA 201502-11: app-arch/cpio
Posted on February 15, 2015 by Gentoo Security Team

Clock

GNU cpio: Multiple vulnerabilities
Two vulnerabilities have been found in GNU cpio, the worst of which could result in execution of arbitrary code.
See GLSA 201502-11 for more information.

GLSA 201502-10: media-libs/libpng
Posted on February 15, 2015 by Gentoo Security Team

Clock

libpng: User-assisted execution of arbitrary code
Two vulnerabilities have been found in libpng, possibly resulting in execution of arbitrary code.
See GLSA 201502-10 for more information.

Blog posts
Posted between February 15, 2015 and February 8, 2015 by planet.gentoo.org

Planet Earth

GLSA 201502-09: app-text/antiword
Posted on February 7, 2015 by Gentoo Security Team

Clock

Antiword: User-assisted execution of arbitrary code
A buffer overflow vulnerability in Antiword could result in execution of arbitrary code or Denial of Service.
See GLSA 201502-09 for more information.

GLSA 201502-08: media-video/libav
Posted on February 7, 2015 by Gentoo Security Team

Clock

Libav: Multiple vulnerabilities
Multiple vulnerabilities have been found in Libav, allowing attackers to execute arbitrary code or cause Denial of Service.
See GLSA 201502-08 for more information.

Blog posts
Posted between February 5, 2015 and December 10, 2014 by planet.gentoo.org

Planet Earth
Aaron W. Swenson Dell 1350cnw on Gentoo Linux with CUPS
Alexys Jacob py3status v2.0
Gentoo Linux PXE builder
Andreas K. Hüttel Choice included
Cool Gentoo-derived projects (I): SystemRescueCD
Poppler is contributing to global warming
Broken app-office/libreoffice binary packages generated (NOT app-office/libreoffice-bin)
Testers needed for dev-lang/perl-5.20.1-r4 (stabilization candidate)
Gentoo mailing lists down
Anthony Basile Lilblue Linux: release 20141212. dlclose() is a problem.
Chí-Thanh Christopher Nguyễn Which should be the default in Gentoo, ffmpeg or libav?
Donnie Berkholz Gentoo needs focus to stay relevant
Gentoo Monthly Newsletter Gentoo Monthly Newsletter: January 2015
Gentoo Monthly Newsletter: November 2014
Gilles Dartiguelongue Cinnamon 2.4
Gnome 3.14
Hanno Böck What the GHOST tells us about free software vulnerability management
Don't update NTP – stop using it
Luca Barbato Document your project!
Michał Górny Surround sound over network with Windows 8
pshs — the awesome file sharing tool
Nathan Zachary Slock 1.2 background colour
Patrick Lauer Mozilla: Hating you so you don't have to
CGit
A story of Dependencies
Demo Operating Systems on new hardware
Getting compromised
Sebastian Pipping Switching to Grub2 on Gentoo
Tool to preview Grub2 themes easily (using KVM)
New Gentoo overlay: grub2-themes
Gentoo Grub 2.x theme?
CoreOS is based on… Gentoo!
(German) Wir brauchen Hilfe! Stand Gentoo e.V. Dezember 2014
Sven Vermeulen Old Gentoo system? Not a problem…
Gentoo Wiki is growing
Added UEFI instructions to AMD64/x86 handbooks
Handbooks moved
Gentoo Handbooks almost moved to wiki
Sometimes I forget how important communication is

Gentoo Linux releases the 20140826 LiveDVD - Iron Penguin Edition
Posted on August 26, 2014 by likewhoa

gentoo

Figure 1.1: Iron Penguin

Fig. 1: Iron Penguin

Gentoo Linux is proud to announce the availability of a new LiveDVD to celebrate the continued collaboration between Gentoo users and developers, The LiveDVD features a superb list of packages, some of which are listed below.

A special thanks to the Gentoo Infrastructure Team and likewhoa. Their hard work behind the scenes provide the resources, services and technology necessary to support the Gentoo Linux project.

  • Packages included in this release: Linux Kernel 3.15.6, Xorg 1.16.0, KDE 4.13.3, Gnome 3.12.2, XFCE 4.10, Fluxbox 1.3.5, LXQT Desktop 0.7.0, i3 Desktop 2.8, Firefox 31.0, LibreOffice 4.2.5.2, Gimp 2.8.10-r1, Blender 2.71-r1, Amarok 2.8.0-r2, Chromium 37.0.2062.35 and much more ...
  • If you want to see if your package is included we have generated both the x86 package list, and amd64 package list. The FAQ is located at FAQ. DVD cases and covers for the 20140826 release are located at Artwork. Persistence mode is back in the 20140826 release!.

The LiveDVD is available in two flavors: a hybrid x86/x86_64 version, and an x86_64 multi lib version. The livedvd-x86-amd64-32ul-20140826 version will work on 32-bit x86 or 64-bit x86_64. If your CPU architecture is x86, then boot with the default gentoo kernel. If your arch is amd64, boot with the gentoo64 kernel. This means you can boot a 64-bit kernel and install a customized 64-bit user land while using the provided 32-bit user land. The livedvd-amd64-multilib-20140826 version is for x86_64 only.

If you are ready to check it out, let our bouncer direct you to the closest x86 image or amd64 image file.

If you need support or have any questions, please visit the discussion thread on our forum.

Thank you for your continued support,
Gentoo Linux Developers, the Gentoo Foundation, and the Gentoo-Ten Project.

Gentoo Monthly Newsletter - May 2014
Posted on June 2, 2014 by Markos Chandras

gentoo

The May 2014 GMN issue is now available online.

This month on GMN:

  • Interview with Gentoo developer Brian Dolbec (dol-sen)
  • Samba 4, sys-power/upower updates, infrastructure hosting needs
  • Latest Gentoo news, tips, interesting stats and much more.

Action required: Password reset on all Gentoo services
Posted on April 13, 2014 by Alex Legler

gentoo

Recent versions of OpenSSL were found to be affected by an information disclosure vulnerability related to TLS heartbeats, nicknamed Heartbleed. It allows attackers to read up to 64kb of random server memory, possibly including passwords, session IDs or even private keys.

After the public disclosure on April 7, we have confirmed that several services provided by Gentoo Infrastructure were vulnerable as well. We have immediately updated the affected software, recreated private keys, reissued certificates, and invalidated all running user sessions. Despite these measures, we cannot exclude the possibility of attackers exploiting the issue during the time it was not publicly known to gain access to credentials or session IDs of our users. There are currently no indications this has happened.

However, to be safe, we are asking you to reset your passwords used for Gentoo services within the next 7 days. You need to take action if you have an account on one of the following sites:

  • blogs.gentoo.org
  • bugs.gentoo.org
  • forums.gentoo.org
  • wiki.gentoo.org

After 7 days, we will be removing all passwords to avoid abuse. For more information and the full announcement, visit http://infra-status.gentoo.org/notice/20140413-heartbleed.

Gentoo Monthly Newsletter - March 2014
Posted on April 1, 2014 by David Abbott

gentoo

The March 2014 GMN issue is now available online.

This month on GMN:

  • Interview with Gentoo developer Tom Wijsman (TomWij)
  • Tracking the history of Gentoo: Gentoo Galaxy
  • Latest Gentoo news, tips, interesting stats and much more.

Gentoo Monthly Newsletter - February 2014
Posted on March 1, 2014 by David Abbott

gentoo

The February 2014 GMN issue is now available online.

This month on GMN:

  • Interview with Gentoo developer Sven Vermeulen (swift)
  • Latest Gentoo news, job openings, interesting stats and much more.

Gentoo Monthly Newsletter - January 2014
Posted on February 1, 2014 by David Abbott

gentoo

The January 2014 GMN issue is now available online.

This month on GMN:

  • Meet up with Gentoo developers and users at this years FOSDEM'14 event.
  • Give back by helping the proxy-maintainers project.
  • Latest Gentoo news, job openings, interesting stats and much more.

Gentoo Monthly Newsletter - December 2013
Posted on January 2, 2014 by Markos Chandras

gentoo

The December 2013 GMN issue is now available online. This month on GMN:

  • Interview with Sergey Popov. A Gentoo developer and the team leader of Qt, proxy-maintainers and desktop-effects teams.
  • Overall Gentoo activity status with bugzilla, portage and developer statistics.

Gentoo Monthly Newsletter - November 2013
Posted on December 1, 2013 by Markos Chandras

gentoo

The November 2013 GMN issue is now available online. This month on GMN:

  • Interview with Richard Freeman. A Gentoo developer, Council and Trustees member.
  • Gentoo as a development environment for newcomers.
  • Overall Gentoo activity status with bugzilla, portage and developer statistics.



Donate to support our development efforts.

Copyright 2001-2015 Gentoo Foundation, Inc. Questions, Comments? Contact us.