Gentoo Weekly Newsletter: September 9, 2003

1.  Gentoo News

Summary

• Second Gentoo BugDay a success

Second Gentoo BugDay a success

Another smashing success, participants in this weeks BugDay, held on September 6, bravely squashed a total of 124 bugs. Only in its second month, BugDay atrracted a total of 171 unique bug hunters, with a record of 149 simultaneous attendees in #gentoo-bugs, surpassing last months inaugeral BugDay by a large margin (130 bug quashers participated last month). Among the crowd were many people eager to lend their expertise and learn from others. Users got to interact with Gentoo developers in a unique way, and some new potential developers were spotted. We'd like to thank everyone who came out and made this months BugDay a huge success, and we hope to see you next month: Same bug time, same bug channel!

2.  Gentoo Security

Summary

• GLSA: pam_smb
• GLSA: vmware
• GLSA: horde
• GLSA: eroaster
• GLSA: phpwebsite
• GLSA: mindi
• GLSA: gallery
• GLSA: atari800

GLSA: pam_smb

Quote from advisory:

"If a long password is supplied, this can cause a buffer overflow which could be exploited to execute arbitrary code with the privileges of the process which invokes PAM services."

• Severity: High - remote execute of code.
• Packages Affected: <pam_smb-2.0.0_rc5
• Rectification: emerge sync; emerge pam_smb; emerge clean
• GLSA Announcement

GLSA: vmware

Quote from advisory:

The previous GLSA 200308-03 was wrong when it stated that vmware-workstation-4.0.1-5289 would fix the problems described in the advisory.

• Severity: High - local full host access.
• Packages Affected: <vmware-workstation-4.0.2.5592
• Rectification: emerge sync; emerge vmware-workstation-4.0.2.5592>; emerge clean
• GLSA Announcement

GLSA: horde

Quote from advisory:

"An attacker could send an email to the victim who ago use of HORDE MTA in order to push it to visit a website. The website in issue log all the accesses and describe in the particular the origin of every victim."

• Severity: High - session hijacking.
• Packages Affected: <horde-2.2.4_rc2
• Rectification: emerge sync; emerge horde; emerge clean
• GLSA Announcement

GLSA: eroaster

Previous eroaster versions allowwed local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.

• Severity: Medium - symlink attack.
• Packages Affected: <eroaster-2.1.0-r2
• Rectification: emerge sync; emerge eroaster; emerge clean
• GLSA Announcement

GLSA: phpwebsite

phpwebsite contains an sql injection vulnerability in the calendar module which allows the attacker to execute sql queries. In addition phpwebsite is also vulnerable to XSS, more information can be found in the full advisory.

• Severity: High - SQL Injection, DoS and XSS Vulnerabilities.
• Packages Affected: <phpwebsite-0.9.3_p1
• Rectification: emerge sync; emerge phpwebsite; emerge clean
• GLSA Announcement

GLSA: mindi

Mindi creates files in /tmp which could allow local user to overwrite arbitrary files

• Severity: Medium - insecure file creations.
• Packages Affected: <mindi-0.86
• Rectification: emerge sync; emerge mindi; emerge clean
• GLSA Announcement

GLSA: gallery

Quote from advisory:

"Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter."

• Severity: High - cross site scripting.
• Packages Affected: <gallery-1.3.4_p1
• Rectification: emerge sync; emerge gallery; emerge clean
• GLSA Announcement

GLSA: atari800

atar800 contains a buffer overflow which could be used by an attacker to gain root privileges. Altough the atari800 package in Gentoo does not install any files suid root we encourage our users to upgrade.

• Severity: Low - buffer overflow.
• Packages Affected: <atari800-1.3.0-r1
• Rectification: emerge sync; emerge atari800; emerge clean
• GLSA Announcement

New Security Bug Reports

The following new security bugs were posted in the past week:

• net-mail/exim

3.  User stories

User stories is on hiatus this week. Remember to send us your bizarre, hilarious, or incredible Gentoo stories so they can be featured here!

4.  Featured Developer of the Week

Thomas Pedley

Figure 4.1: Thomas Pedley

This week's featured dev is Thomas Pedley (shallax), who is singularly responsible for the most ironic of Gentoo ports: Gentoox (Gentoo for the XBox). Thomas is the only official developer for the project, but he claims this reduces the number of developer conflicts. His responsibilities run the gamut through kernel hacking, user support, distro maintenance, building binary packages, dealing with legal issues, and maintaining the gentoox web site. Appropriately, gentoox.shallax.com and forums.shallax.com were recently moved to an XBox host.

Thomas' work came to the attention of the Gentoo community with his post to the forums in March. Although other people had managed to get Gentoo up and running on a modded XBox, Thomas was the first to put together a formal distribution and documentation - which has greatly facilitated the growth of Gentoo on the heavily subsidized Microsoft gaming platform. The idea of using the XBox as a cheap multimedia PC has been enthralling Linux fans for months. Our subject's proudest accomplishment came with the succesful hacking of the XBox's Cromwell bios to permit loading of a larger initrd file, and the subsequent cleaning up of the boot process in Gentoox. Thomas now runs two XBoxen: the continuously up web server and another that is, tragically, periodically taken down to play games with.

In addition to the XBoxen, Thomas runs a 1.8 GHz P4 desktop, and a 533 MHz Celeron server. He likes KDE, but uses the lower footprint WindowMaker when on an XBox. He is a bit of a messaging addict, launching Gaim and XChat when he first boots (or Trillian and mIRC if booting into the other OS). He first heard of Gentoo back in 2001, but was daunted by its learning curve until 2002 and completed the transition to Gentoo for his servers this year. His favorite applications are gcc and emerge, and prefers pico/nano as an editor. He does a lot of his development work using bash scripting, and chose to implement the Gentoox patch system (which works alongside portage for XBox implementations) in bash.

Thomas recently completed 6th Form at the Simon Balle school, and will start Computer Science studies at the University of Hertfordshire in a few weeks. He also works at a local supermarket in order to generate the funds he needs for acquiring XBoxen and maintaining his beloved Peugot 205. He lives in Hertfordshire, England, just outside London.

When asked for a favourite quote, Thomas offered a Beastie Boy lyric: "DIY, that means do it yourself - I don't sit around waiting for someone's help, I don't sit back and say good enough, I keep on striving, reinventing.", which seems quite appropriate. He also observed that "Gentoo is the most solid distribution I have had the pleasure of using, and the user base is friendly and willing to help each other out." He also wanted to take an opportunity to thank all those who have helped out with the Gentoox project - interested readers are directed to the Gentoox README to hear about their contributions.

5.  Heard in the Community

Web Forums

Gentoo on the Pegasos PPC

Being one of the rare Gentoo devs with a Pegasos G3/600 MHz at home, dholm has succesfully Gentooified that particular non-Macintosh, yet PowerPC-based platform. The next LiveCD will contain an official build, but dholm's kernel is ready for testing by anyone who'd like to try their hands. In the same thread, PPC-lead-developer pvdabeel has announced that Gentoo will run on the AmigaOne, too.

• Does Gentoo run on the Pegasos PPC ?

Making an Effort

Besides browsing the overview of individual forums, people tend to look for topics via the "posts since last visit" link or input text strings in the quick search field related to whatever problem they have. One of the less popular features of the phpBB forum interface is a link located to the top right of the page that simply says: "View unanswered posts". At currently almost 10,000 of those, among a lot of garbage there's a much larger amount of newbie questions that went unanswered, sometimes because the title wasn't too clear, the problem too obscure, or maybe not very interesting to the regulars on board. Gentoomen, have you helped a newbie today?

• View unanswered posts

gentoo-user

$100 UPSes for Linux

For those of us that absolutely NEED to run Gentoo--electric service or not--an uninterruptable power supply could be just what you're looking for. Gentoo user Chip Marshall started the $100 Linux UPS Challenge to see if anyone knew of Linux-compatible UPSes that could be bought for roughly $100. Read on for all the great suggestions.

qpkg Tips

Ever wondered which ebuild supplied a certain file on your hard drive? This thread from the -user list week offered up a quick and cool tip on qpkg to do just that. Check it out here .

gentoo-dev

Gentoo Games.

Who said there weren't any games on linux? Well we definately prove them wrong here at Gentoo, with the number of games packages in app-games now outnumbering those in dev-perl! Break them up a little you say? Well you're too late! Mike Frysinger is a step ahead of you! Have a look to see where the discussion went.

Portage is your friend.

Although some of us are more than happy to just type in emerge myprogram, some people actually like to know how these things work. Grant Goodyear is one such person, who decided that a little walkthrough would be appropriate. Have a look here.

6.  Gentoo International

Japan: Gentoo Navi Log

Mamoru Komachi, better known as Usata, a Gentoo dev at large and maintainer of the pTeX package, has started a weblog that keeps track of new ebuilds and contains news and tidbits centered around the needs of Japanese Gentooists. Some of the more interesting recent developments already feature prominently on his page, including Botond Botyanszki's new Japanese input method im-ja or the new GTK2 variant of Sylpheed, for example. Best of all: the blog is open to audience participation, everyone willing to commit one or the other concise newsbit about Gentoo is welcome to add to the logbook. Check Usata's page - only if your Japanese is up to the task, of course...

7.  Portage Watch

The following stable packages were updated or added to portage in the last two weeks:

• app-arch/file-roller: archive manager for GNOME
• app-cdr/cdlabelgen: CD cover, tray card and envelope generator
• app-crypt/gnupg: The GNU Privacy Guard, a GPL pgp replacement
• app-doc/abs-guide: An advanced reference and a tutorial on bash shell scripting.
• app-doc/howto-text: The LDP howtos, text format.
• app-editors/gedit: A text editor for the Gnome2 desktop
• app-editors/ne: ne is the nice editor, easy to use for the beginner and powerful for the wizard
• app-editors/vim: Vi IMproved!
• app-emacs/mew: great MIME mail reader for Emacs/XEmacs
• app-emacs/riece: Riece is a redisgn of Liece IRC client
• app-emacs/wl: a mail/news reader supporting IMAP4rev1 for emacsen
• app-emulation/epsxe: ePSXe Playstation Emulator
• app-emulation/uae: An amiga emulator
• app-emulation/wine: free implementation of Windows(tm) on Unix - CVS snapshot
• app-emulation/xmame: Multiple Arcade Machine Emulator for X11
• app-emulation/xmess: Multiple Arcade Machine Emulator for X11
• app-games/americas-army: America's Army: Operations - military simulations by the U.S. Army to provide civilians with insights on soldiering
• app-games/armagetron: armagetron: 3d tron lightcycles, just like the movie
• app-games/asc: turn based strategy game designed in the tradition of the Battle Isle series
• app-games/atlas: Chart Program to use with Flightgear Flight Simulator
• app-games/attal: turn-based strategy game project
• app-games/duke3d: port of the original DukeNukem 3D
• app-games/excido: A fast paced action game
• app-games/fortune-mod: The notorious fortune program
• app-games/fortune-mod-bofh-excuses: Excuses from Bastard Operator from Hell
• app-games/fortune-mod-calvin: Quotes from Calvin and Hobbes Comic Books
• app-games/fortune-mod-dubya: Quotes from George W. Bush
• app-games/fortune-mod-futurama: Quotes from the TV-Series -Futurama-
• app-games/fortune-mod-gentoo-dev: Fortune database of #gentoo-dev quotes
• app-games/fortune-mod-hitchhiker: Quotes from Hitchhikers Guide to the Galaxy
• app-games/fortune-mod-homer: Quotes from Homer Simpson
• app-games/fortune-mod-humorixfortunes: Extra fortune cookies for fortune
• app-games/fortune-mod-kernelcookies: A collection of funny lines from the Linux kernel
• app-games/fortune-mod-osfortune: Open sources fortune file
• app-games/fortune-mod-simpsons-chalkboard: Quotes from Bart Simpson's Chalkboard, shown at the opening of each Simpsons episode
• app-games/fortune-mod-smac: Quotes from the Alpha Centauri: Alien Crossfire tech tree
• app-games/fortune-mod-sp-fortunes: South Park Fortunes
• app-games/fortune-mod-starwars: Quotes from StarWars, The Empire Strikes Back, and Return of the Jedi
• app-games/fortune-mod-tao: set of fortunes based on the Tao-Teh-Ching
• app-games/greedy: fun little ncurses puzzle game
• app-games/gtetrinet: Tetrinet Clone for GNOME 2
• app-games/mirrormagic: a game like Deflektor (C 64) or Mindbender (Amiga)
• app-games/monopd: server for atlantik games
• app-games/nwn: Never Winter Nights
• app-games/rocksndiamonds: A Boulderdash clone
• app-games/sirius: A program for playing the game of othello
• app-games/spacehulk: A boardgame in the world of Warhammer 40k
• app-games/torcs: The Open Racing Car Simulator
• app-games/unreal-tournament: Futuristic FPS
• app-games/ut2003: Unreal Tournament 2003 - Sequel to the 1999 Game of the Year multi-player first-person shooter
• app-games/wakkabox: A simple block-pushing game
• app-games/xgalaga: Galaga game clone.
• app-i18n/freewnn: Network-Extensible Kana-to-Kanji Conversion System
• app-i18n/kinput2: A Japanese input server which supports the XIM protocol
• app-i18n/scim: Smart Common Input Method (SCIM) is a Input Method (IM) development platform
• app-i18n/scim-chinese: Smart Common Input Method (SCIM) Closed Source Pinyin Input Method
• app-i18n/skk-jisyo-extra: Extra SKK dictionaries in plain text and cdb format
• app-i18n/uim: UIM is a simple, secure and flexible input method library
• app-misc/kdirstat: KDirStat - nice KDE replacement to du command
• app-misc/magicpoint: an X11 based presentation tool
• app-misc/welcome2l: Welcome to Linux, ANSI login logo for Linux
• app-misc/xosview: X11 operating system viewer
• app-office/mdbtools: A set of libraries and utilities for reading Microsoft Access database (MDB) files
• app-office/scribus: Desktop Publishing (DTP) and Layout program for Linux.
• app-sci/bioperl: collection of tools for bioinformatics, genomics and life science research
• app-sci/ksimus: KSimus is a KDE tool for simulation, automatization and visualization of technical processes.
• app-sci/octave: GNU Octave is a high-level language (MatLab compatible) intended for numerical computations
• app-sci/octave-forge: A collection of custom scripts, functions and extensions for GNU Octave
• app-text/epstool: Creates or extracts preview images in EPS files, fixes bounding boxes,converts to bitmaps.
• app-text/htmldoc: Convert HTML pages into a PDF document
• app-text/tkinfo: Info Browser in TK
• app-text/uudeview: uu, xx, base64, binhex decoder
• dev-cpp/gtkmm: C++ interface for GTK+2
• dev-db/mysql: A fast, multi-threaded, multi-user SQL database server
• dev-db/tora: TOra - Toolkit For Oracle
• dev-dotnet/mono: Mono runtime and class librarier, a C# compiler/interpreter
• dev-dotnet/pnet: Portable .NET runtime, compiler, tools
• dev-games/crystalspace: portable 3D Game Development Kit written in C++
• dev-games/crystalspace-cvs: portable 3D Game Development Kit written in C++
• dev-java/infobus: InfoBus enables dynamic exchange of data between JavaBeans component architecture.
• dev-java/jad: Jad - the fast JAva Decompiler
• dev-java/jaf: Sun's JavaBeans Activation Framework (JAF)
• dev-java/java-config: Utility to change the Java Virtual Machine being used
• dev-java/java-sdk-docs: Javadoc for Java SDK version 1.3.1
• dev-java/javamail: A Java-based framework to build multiplatform mail and messaging applications.
• dev-java/jdbc2-oracle: JDBC Drivers for Oracle
• dev-java/jdbc3-oracle: JDBC 3.0 Drivers for Oracle
• dev-java/jmf: The Java Media Framework API (JMF) enables audio, video and other time-based media to be added to Java applications and applets.
• dev-java/jrockit: BEA WebLogic's J2SE Development Kit, version 8.1
• dev-java/jython: Java Python implementation
• dev-java/sun-jdk: Sun's J2SE Development Kit, version 1.4.2
• dev-lang/tolua: a tool that simplifies the integration of C/C++ code with Lua
• dev-libs/atk: Gnome Accessibility Toolkit
• dev-libs/boost: Boost provides free peer-reviewed portable C++ source libraries.
• dev-libs/elfutils: Libraries and utilities to handle compiled objects.
• dev-libs/hdf5: HDF5 is a general purpose library and file format for storing scientific data.
• dev-libs/libxslt: XSLT libraries and tools
• dev-libs/qsa: QSA
• dev-perl/DB_File: A Berkeley DB Support Perl Module
• dev-perl/Net-SNMP: A SNMP Perl Module
• dev-php/mod_php: Apache module for PHP
• dev-python/4Suite: Python tools for XML processing and object-databases.
• dev-python/gnome-python: gnome-python
• dev-python/pygtk: GTK+2 bindings for Python
• dev-python/pykde: set of Python bindings for the KDE libs
• dev-python/pyorbit: ORBit2 bindings for Python
• dev-python/pyxml: A collection of libraries to process XML with Python.
• dev-util/guile: Scheme interpreter
• gnome-base/ORBit2: ORBit2 is a high-performance CORBA ORB
• gnome-base/bonobo-activation: Gnome2 replacement for OAF
• gnome-base/gconf: Gnome Configuration System and Daemon
• gnome-base/gdm: GNOME2 Display Manager
• gnome-base/gnome: Meta package for the GNOME desktop.
• gnome-base/gnome-applets: Applets for the Gnome2 Desktop and Panel
• gnome-base/gnome-desktop: Libraries for the gnome desktop that is not part of the UI
• gnome-base/gnome-mime-data: MIME database for Gnome
• gnome-base/gnome-panel: The Panel for Gnome2
• gnome-base/gnome-session: the Gnome2 session manager
• gnome-base/gnome-vfs: Gnome Virtual Filesystem
• gnome-base/libbonobo: The GNOME CORBA framework
• gnome-base/libbonoboui: User Interface part of Lib bonobo
• gnome-base/libglade: GLADE is a interface builder
• gnome-base/libgnome: Essential Gnome Libraries
• gnome-base/libgnomecanvas: the Gnome 2 Canvas library
• gnome-base/libgnomeprint: Printer handling for Gnome
• gnome-base/libgnomeprintui: user interface libraries for gnome print
• gnome-base/libgnomeui: User interface part of libgnome
• gnome-base/libgtop: library that proivdes top functionality to applications
• gnome-base/librsvg: rendering svg library
• gnome-base/nautilus: A filemanager for the Gnome2 desktop
• gnome-extra/acme: GNOME tool to make use of the multimedia buttons present on most laptops and internet keyboards.
• gnome-extra/gnome-games: Games for the GNOME desktop
• gnome-extra/gnome-media: Multimedia related programs for the Gnome2 desktop
• gnome-extra/gnome-system-monitor: Gnome System Monitor
• gnome-extra/yelp: Help browser for Gnome2
• kde-base/kdeadmin: KDE administration tools (user manager, etc.)
• media-fonts/artwiz-fonts: Artwiz Fonts
• media-fonts/kochi-substitute: Kochi Japanese TrueType fonts with Wadalab Fonts einfo "${HOMEPAGE} for details."
• media-fonts/mikachan-font: Mikachan Japanese TrueType fonts
• media-fonts/mplus-fonts: mplus Japanese BDF FONTS
• media-fonts/shinonome: Japanese bitmap fonts for X
• media-gfx/eog: the Eye Of Gnome - Image Viewer and Cataloger for Gnome2
• media-gfx/gliv: An image viewer that uses OpenGL
• media-gfx/gnuplot: Quick and useful plotting program
• media-gfx/gphoto2: free, redistributable digital camera software application
• media-gfx/qiv: Quick Image Viewer
• media-gfx/sane-frontends: Scanner Access Now Easy
• media-libs/fontconfig: A library for configuring and customizing font access.
• media-libs/gst-plugins: Additional plugins for gstreamer - streaming media framework
• media-libs/gstreamer: Streaming media framework
• media-libs/imlib2: Version 2 of an advanced replacement library for libraries like libXpm
• media-libs/libemf: Library implementation of ECMA-234 API for the generation of enhanced metafiles.
• media-libs/netpbm: A set of utilities for converting to/from the netpbm (and related) formats
• media-libs/xine-lib: Core libraries for Xine movie player
• media-plugins/xmms-crossfade: XMMS Plugin for crossfading, and continuous output.
• media-sound/freqtweak: tool for FFT-based realtime audio spectral manipulation and display
• media-sound/gnomeradio: A GNOME2 radio tuner
• media-sound/streamripper: Extracts and records individual MP3 file tracks from shoutcast streams
• media-tv/nxtvepg: receive and browse free TV programme listings via bttv for tv networks in Europe
• media-video/cinelerra: Cinelerra - Professional Video Editor
• media-video/mjpegtools: Tools for MJPEG video
• media-video/mplayer: Media Player for Linux
• media-video/transcode: video stream processing tool
• media-video/xvattr: X11 XVideo Querying/Setting Tool from Ogle project
• net-analyzer/libnasl: A remote security scanner for Linux (libnasl)
• net-analyzer/nessus: A remote security scanner for Linux
• net-analyzer/nessus-core: A remote security scanner for Linux (nessus-core)
• net-analyzer/nessus-libraries: A remote security scanner for Linux (nessus-libraries)
• net-analyzer/nessus-plugins: A remote security scanner for Linux (nessus-plugins)
• net-analyzer/nmap: utility for network exploration or security auditing
• net-analyzer/snort: Libpcap-based packet sniffer/logger/lightweight IDS
• net-dialup/capi4k-utils: Capi4Linux Utils
• net-dialup/pptpclient: Linux client for PPTP
• net-firewall/shorewall: Full state iptables firewall
• net-fs/ftpfs: A filesystem for mounting FTP volumes
• net-im/centericq: A ncurses ICQ/Yahoo!/MSN/IRC/Jabber Client
• net-im/imcom: Python commandline Jabber Client
• net-im/licq: ICQ Client with v8 support
• net-im/msnlib: A Python MSN messenger protocol library and client
• net-libs/linc: A library to ease the writing of networked applications
• net-mail/evolution: A GNOME groupware application, a Microsoft Outlook workalike
• net-mail/f-prot: Frisk Software's f-prot virus scanner
• net-mail/queue-fix: Qmail Queue Repair Application with support for big-todo
• net-misc/atftp: Advanced TFTP implementation client/server
• net-misc/gyach: GTK+-based Yahoo! chat client
• net-misc/ltsp-core: LTSP - Linux Terminal Server Project
• net-misc/pxes: PXES is a package for building thin clients using multiple types of clients
• net-misc/rsync: File transfer program to keep remote files into sync
• net-misc/telnet-bsd: Telnet and telnetd ported from OpenBSD with IPv6 support
• net-misc/tftp-hpa: port of the OpenBSD TFTP server
• net-misc/whois: improved Whois Client
• net-p2p/gnunet: GNUnet is an anonymous, distributed, reputation based network.
• net-p2p/xmule: wxWindows based client for the eDonkey/eMule/lMule network
• net-www/apache: The Apache Web Server
• net-www/mozilla-firebird: The Mozilla Firebird Web Browser
• net-www/opera: Opera web browser.
• net-www/straw: rss news aggregator
• sys-apps/checkpolicy: SELinux policy compiler
• sys-apps/cloop: Compressed filesystem loopback kernel module
• sys-apps/coreutils: Standard GNU file utilities (chmod, cp, dd, dir, ls...), text utilities (sort, tr, head, wc..), and shell utilities (whoami, who,...)
• sys-apps/dd_rescue: similar to dd but can copy from source with errors
• sys-apps/debianutils: A selection of tools from Debian
• sys-apps/hdparm: Utility to change hard drive performance parameters
• sys-apps/policycoreutils: SELinux core utilites
• sys-apps/portage: Portage ports system
• sys-apps/smartmontools: control and monitor storage systems using the Self-Monitoring, Analysis and Reporting Technology System (S.M.A.R.T.)
• sys-apps/xinetd: Xinetd is a powerful replacement for inetd, with advanced features
• sys-apps/xmbmon: Mother Board Monitor Program for X Window System
• sys-cluster/cppvm: CPPVM: A C++ Interface to PVM
• sys-cluster/pvm: PVM: Parallel Virtual Machine
• sys-devel/binutils: Tools necessary to build programs
• sys-devel/distcc: a program to distribute compilation of C code across several machines on a network
• sys-devel/gcc: The GNU Compiler Collection. Includes C/C++ and java compilers
• sys-devel/hardened-gcc: transparent gcc compiler change for PaX/etdyn ASLR w/ propolice/SSP
• sys-devel/prelink: Modifies executables so runtime libraries load faster
• sys-kernel/mips-headers: Linux-Mips CVS headers for MIPS-based machines
• sys-kernel/mm-sources: Full sources for the development linux kernel with Andrew Morton's patchset
• sys-kernel/vanilla-sources: Full sources for the Gentoo Linux kernel
• x11-base/xfree: Xfree86: famous and free X server
• x11-libs/gtk+: Gimp ToolKit +
• x11-libs/libwnck: A window navigation construction kit
• x11-libs/pango: Text rendering and Layout library
• x11-libs/qt: QT
• x11-misc/icebgset: IceWM background editor
• x11-misc/icets: IceWM Theme Editor
• x11-misc/icewm-tools: Convenience package for IceWM control center and tools
• x11-misc/shared-mime-info: The Shared MIME-info Database specification.
• x11-misc/superkaramba: A version of Karamba with extra extensions in-built
• x11-misc/x2vnc: Control a remote computer running VNC from X
• x11-misc/xnview: XnView image viewer/converter
• x11-plugins/wmclockmon: digital clock dockapp with three different styles.
• x11-terms/gnome-terminal: The Gnome Terminal
• x11-themes/gnome-icon-theme: Gnome2 default icon themes
• x11-themes/gnome-themes: A set of gnome2 themes, with sets for users with limited or low vision
• x11-themes/gtk-engines: Theme Engines from GNOME including Pixmap, Metal, Raleigh, Redmond95, Raleigh and Notif
• x11-themes/mandrake-artwork: Mandrake's Galaxy theme for GTK1, GTK2, Metacity and KDE
• x11-themes/thinkeramik: A cool kde style modified from keramik
• x11-wm/fluxspace: Enhancements for workspace management within Fluxbox.
• x11-wm/metacity: Small gtk2 WindowManager

Total categories: 96

Total packages: 5558

8.  Bugzilla

Summary

• Statistics
• Closed Bug Ranking
• New Bug Rankings

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 29 August 2003 and 04 September 2003, activity on the site has resulted in:

• 384 new bugs during this period
• 182 bugs closed or resolved during this period
• 8 previously closed bugs were reopened this period

Of the 3837 currently open bugs: 94 are labeled 'blocker', 196 are labeled 'critical', and 287 are labeled 'major'.

Closed Bug Rankings

The developers and teams who have closed the most bugs during this period are:

• Alastair Tse, with 20 closed bugs
• Gentoo Games, with 15 closed bugs
• x86 Kernel Team, with 8 closed bugs
• Gentoo Security, with 8 closed bugs
• Patrick Kursawe, with 8 closed bugs
• Gnome Desktop Team, with 8 closed bugs

New Bug Rankings

The developers and teams who have been assigned the most new bugs during this period are:

• Gentoo Sound Team, with 19 new bugs
• Gentoo Web Application Packages Maintainers, with 18 new bugs
• Martin Schlemmer, with 12 new bugs
• Python Gentoo Team, with 9 new bugs
• Media-TV Team, with 9 new bugs

9.  Tips and Tricks

Using SSH for remote commands

This week's tip shows a less common use of SSH. Most people use SSH to login to servers or boxes remotely. However, you can also use SSH to issue commands on remote servers without opening a full login shell.

To issue commands through SSH, simply type the command after the normal SSH login information (e.g. ssh user@host command). The following example shows you how to view log files on a remote web server.

% ssh david@www.example.com tail /var/log/apache2/access_log
  

Alternatively, you could change passwords over SSH (although using public key authentication with SSH is recommended over passwords).

% ssh david@example.com passwd
(current) UNIX password: password
New UNIX password: new_password
Retype new UNIX password: new_password
Changing password for david
  

This should get you started with remote command execution. See the SSH man pages for more options.

10.  Featured Quote/Signature of the Week

Featured Quote/Signature is taking a break this week.

11.  Moves, Adds and Changes

Moves

The following developers recently left the Gentoo team:

• none this week

Adds

The following developers recently joined the Gentoo Linux team:

• none this week

Changes

The following developers recently changed roles within the Gentoo Linux project.

• none this week

12.  Contribute to GWN

Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.

13.  GWN Feedback

Please send us your feedback and help make the GWN better.

14.  GWN Subscription Information

To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.

15.  Other Languages

The Gentoo Weekly Newsletter is also available in the following languages:

• Dutch
• English
• German
• French
• Japanese
• Italian
• Polish
• Portuguese (Brazil)
• Portuguese (Portugal)
• Russian
• Spanish
• Turkish