Gentoo Not-For-Profit Paperwork complete
The paperwork for the Gentoo Not-For-Profit entity was approved by the State of New Mexico today. This means that as of today, the Gentoo Foundation is an official Not-For-Profit Corporation in the United States. The process of becoming a Federally-recognized not-for-profit entity, which will take about six months for approval, can now begin. Sven Vermeulen has been tasked with drafting a charter for the newly approved Gentoo Foundation. Assets of Gentoo Technologies, Inc. such as the gentoo.org domain, can now be transferred to the Gentoo Foundation. We're glad to see all the hard work that has been put into this process giving some positive results and would like to thank Daniel Robbins and all of the trustees for their hard work.
Ways to get involved: Introducing webapps-request@gentoo.org
Developer Stuart Herbert has created a new bugzilla user (webapps-request@gentoo.org), to which he is assigning all bugs about new packages. Some of these bugs are requests for ebuilds. Some of the bugs include ebuilds that need testing (and maybe fixing).
If you want to get involved with Gentoo, and can spare the time, this would be a great way - especially if you know any of the packages involved. This will free up some time for the developers to concentrate on real bugs reported against packages already in Portage.
If you want to be notified when new bugs are added to the webapps-request list, you can setup a watch in your Bugzilla account. Simply go to this page and in the "Users to watch:" box, type in 'webapps-request@gentoo.org'.
Mailman: Member password disclosure vulnerability
Mailman contains a bug allowing 3rd parties to retrieve member passwords.
For more information, please see the GLSA Announcement
Apache: Buffer overflow in mod_ssl
A bug in mod_ssl may allow a remote attacker to execute remote code when Apache is configured a certain way.
For more information, please see the GLSA Announcement
CVS: additional DoS and arbitrary code execution vulnerabilities
Several serious new vulnerabilities have been found in CVS, which may allow an attacker to remotely compromise a CVS server.
For more information, please see the GLSA Announcement
Subversion: Remote heap overflow
Subversion is vulnerable to a remote Denial of Service that may be exploitable to execute arbitrary code on the server running svnserve.
For more information, please see the GLSA Announcement
Linux Memory Management
A concise and very useful tutorial about memory management in Linux has made its way into the Documentation, Tips & Tricks section, paying special attention to things peculiar in 2.6 kernels:
Deadlocking Kernels
A vulnerability that apparently affects all x86 2.4 and 2.6 series kernels was shared on gentoo-user here with exploit code in tow.
The GWN and RSS
This thread covered reading the GWN via an RSS feed, as well as preferred applications to do so.
Germany: LPI 101 Certification in German at the LinuxTag in Karlsruhe
The German branch of the Linux Professional Institute has announced that they will offer certification in German for the first time at the LinuxTag in Karlsruhe this year. For 30 Euros, visitors to the fair (and some of the German devs at the Gentoo booth are known to go as well) can sit for the LPI 101 in German or English, or the LPI 201 in English only, on 24 to 26 June 2004. Details here..
The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 04 June 2004 and 10 June 2004, activity on the site has resulted in:
Of the 6461 currently open bugs: 131 are labeled 'blocker', 189 are labeled 'critical', and 524 are labeled 'major'.
The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
Protecting files with noclobber
This tip is for people who have ever hosed important files by using > when they meant to use >>. Add the following line to .bashrc: set -o noclobber. The noclobber option prevents you from overwriting existing files with the > operator.
Code Listing 6.1 |
% program > file2
bash: file2: cannot overwrite existing file |
In some cases you may really want to overwrite the file. In this case, instead of turning noclobber off, you can use >| to force the file to be written.
Code Listing 6.2 |
% program >| file2 |
The following developers recently left the Gentoo team:
The following developers recently joined the Gentoo Linux team:
The following developers recently changed roles within the Gentoo Linux project:
Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.
Please send us your feedback and help make the GWN better.
10. GWN Subscription Information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.
The Gentoo Weekly Newsletter is also available in the following languages: