Gentoo Logo

Gentoo Weekly Newsletter: June 21, 2004

Content:

1.  Gentoo News

Announcing Wasabi 0.2

We're very pleased to announce that version 0.2 of Wasabi has been released. We introduced Wasabi two weeks ago: it's a log monitoring program initially developed for Gentoo infrastructure servers and now hosted by Gentoo. Designed to watch one or more log files for lines matching a regular expression, it can be set to send a notification email whenever a matching line occurs, or to report on such lines periodically. Changes in version 0.2 include multiple file support, large performance gains, and better signal handling. For more information, read the announcement posted to gentoo-announce.

Gentoo Linux seeking new kernel developers

The Gentoo Linux project is currently seeking for new developers interested in helping the kernel team. We're looking for developers with a lot of kernel experience as well as experience writing ebuilds. Interested parties should send mail to recruiters@gentoo.org.

2.  Gentoo Security

Squirrelmail: Another XSS vulnerability

Squirrelmail fails to properly sanitize user input, which could lead to a compromise of webmail accounts.

For more information, please see the GLSA Announcement

Horde-Chora: Remote code execution

A vulnerability in Chora allows remote code execution and file upload.

For more information, please see the GLSA Announcement

Gallery: Privilege escalation vulnerability

There is a vulnerability in the Gallery photo album software which may allow an attacker to gain administrator privileges within Gallery.

For more information, please see the GLSA Announcement

Horde-IMP: Input validation vulnerability

An input validation vulnerability has been discovered in Horde-IMP.

For more information, please see the GLSA Announcement

Webmin: Multiple vulnerabilities

Webmin contains two security vulnerabilities which could lead to a Denial of Service attack and information disclosure.

For more information, please see the GLSA Announcement

Squid: NTLM authentication helper buffer overflow

Squid contains a bug where it fails to properly check bounds of the 'pass' variable.

For more information, please see the GLSA Announcement

aspell: Buffer overflow in word-list-compress

A bug in the aspell utility word-list-compress can allow an attacker to execute arbitrary code.

For more information, please see the GLSA Announcement

Usermin: Multiple vulnerabilities

Usermin contains two security vulnerabilities which could lead to a Denial of Service attack and information disclosure.

For more information, please see the GLSA Announcement

3.  Heard in the Community

Web Forums

USE="-offensive"

Imagine working in a US corporation. Imagine further that you've convinced your boss that Linux is your operating system of choice, and you've even managed to sneek a Gentoo installation into a predominantly red-hatted environment. And then you emerge Windowmaker, just when your boss glances over your shoulder... Sexually explicit material packaged in a window manager has stirred a controversy in the forums that oscillates between calls for "emerge unmerge Janet Jackson" and the introduction of a new USE flag that bans or allows emerging offensive material:

gentoo-user

Removing old Kernel Source Trees

When upgrading your kernel sources, Gentoo will keep your old source trees around, including in portage. This thread has some pointers on how to manage your kernel sources effectively.

Simultaneous Emerges?

Is it safe to run multiple 'emerge' commands at once? Find out here!

4.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 12 June 2004 and 18 June 2004, activity on the site has resulted in:

  • 580 new bugs during this period
  • 363 bugs closed or resolved during this period
  • 13 previously closed bugs were reopened this period

Of the 6502 currently open bugs: 130 are labeled 'blocker', 190 are labeled 'critical', and 514 are labeled 'major'.

Closed Bug Rankings

The developers and teams who have closed the most bugs during this period are:

New Bug Rankings

The developers and teams who have been assigned the most new bugs during this period are:

5.  Tips and Tricks

Tips and Tricks is on hiatus this week.

6.  Moves, Adds, and Changes

Moves

The following developers recently left the Gentoo team:

  • Troy Dack (tad) - testing and tweaking

Adds

The following developers recently joined the Gentoo Linux team:

  • None this week

Changes

The following developers recently changed roles within the Gentoo Linux project:

  • None this week

7.  Contribute to GWN

Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.

8.  GWN Feedback

Please send us your feedback and help make the GWN better.

9.  GWN Subscription Information

To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.

10.  Other Languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated 21 June 2004

Summary: This is the Gentoo Weekly Newsletter for the week of June 21st, 2004.

Yuji Carlos Kosugi
Editor

AJ Armstrong
Contributor

Brian Downey
Contributor

Kurt Lieber
Contributor

David Narayan
Contributor

Ulrich Plate
Contributor

Sven Vermeulen
Contributor

Simon Holm Thagersen
Danish Translation

Jesper Brodersen
Danish Translation

Arne Mejlholm
Danish Translation

Hendrik Eeckhaut
Dutch Translation

Jorn Eilander
Dutch Translation

Bernard Kerckenaere
Dutch Translation

Peter ter Borg
Dutch Translation

Jochen Maes
Dutch Translation

Roderick Goessen
Dutch Translation

Gerard van den Berg
Dutch Translation

Matthieu Montaudouin
French Translation

Xavier Neys
French Translation

Martin Prieto
French Translation

Antoine Raillon
French Translation

Sebastien Cevey
French Translation

Jean-Christophe Choisy
French Translation

Thomas Raschbacher
German Translation

Steffen Lassahn
German Translation

Matthias F. Brandstetter
German Translation

Lukas Domagala
German Translation

Tobias Scherbaum
German Translation

Daniel Gerholdt
German Translation

Marc Herren
German Translation

Tobias Matzat
German Translation

Marco Mascherpa
Italian Translation

Claudio Merloni
Italian Translation

Stefano Lucidi
Italian Translation

Katuyuki Konno
Japanese Translation

Hiroyuki Takeda
Japanese Translation

Masato Hatakeyama
Japanese Translation

Masayoshi Nakamura
Japanese Translation

Yasunori Fukudome
Japanese Translation

Tomoyuki Sakurai
Japanese Translation

Lukasz Strzygowski
Polish Translation

Karol Goralski
Polish Translation

Atila "Jedi" Bohlke Vasconcelos
Portuguese (Brazil) Translation

Eduardo Belloti
Portuguese (Brazil) Translation

João Rafael Moraes Nicola
Portuguese (Brazil) Translation

Marcelo Gonçalves de Azambuja
Portuguese (Brazil) Translation

Otavio Rodolfo Piske
Portuguese (Brazil) Translation

Pablo N. Hess -- NatuNobilis
Portuguese (Brazil) Translation

Pedro de Medeiros
Portuguese (Brazil) Translation

Ventura Barbeiro
Portuguese (Brazil) Translation

Bruno Ferreira
Portuguese (Portugal) Translation

Gustavo Felisberto
Portuguese (Portugal) Translation

José Costa
Portuguese (Portugal) Translation

Luis Medina
Portuguese (Portugal) Translation

Ricardo Loureiro
Portuguese (Portugal) Translation

Aleksandr Martyncev
Russian Translator

Sergey Galkin
Russian Translator

Sergey Kuleshov
Russian Translator

Alex Spirin
Russian Translator

Denis Zaletov
Russian Translator

Lanark
Spanish Translation

Fernando J. Pereda
Spanish Translation

Lluis Peinado Cifuentes
Spanish Translation

Zephryn Xirdal T
Spanish Translation

Guillermo Juarez
Spanish Translation

Jesús García Crespo
Spanish Translation

Carlos Castillo
Spanish Translation

Julio Castillo
Spanish Translation

Sergio Gómez
Spanish Translation

Aycan Irican
Turkish Translation

Bugra Cakir
Turkish Translation

Cagil Seker
Turkish Translation

Emre Kazdagli
Turkish Translation

Evrim Ulu
Turkish Translation

Gursel Kaynak
Turkish Translation

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.