Gentoo Weekly Newsletter: July 26, 2004During the week starting 2nd August 2004, we will be moving *all* of the packages currently in net-www to new homes in the Portage tree. net-www has outgrown its original purpose, and the new categories that we are adding will make it much easier for users to find the packages they want. The full list of packages can be found here. Portage will automatically upgrade any packages you have installed the next time you run emerge -u. However, you will manually need to fix any entries in /etc/portage/package.* to refer to the new categories. Volunteers required: UK Meeting Organising Committee The Gentoo Linux Project are looking for volunteers who would be willing to organise a meeting in Manchester for UK-based Gentoo developers and users for September or early October. We're looking for people who can spare the time to:
Please contact Stuart Herbert if you'd like to help out, and let him know who you are and what you can do to help make this meeting happen. Stuart can't organise this himself, so if you're in the UK and want to see something like this happen, now is the time to lend a hand. Portage The net-www category in the portage tree is being retired. Packages currently residing there have been moved to newer, more descriptive categories. Updates should occur automatically when emerging, although users will need to edit their /etc/portage/* files if they cite the category. Devrel The Developer Relations team have released an updated Gentoo Developer Handbook outlining standards and policies for developers. Infrastructure Most of the infrastructure developers will be attending Linux World Expo next week in San Francisco. Interested Gentoo users are invited to stop by the booth to meet some of the team. Releng The Release Engineering team is pleased to announce that the 2004.2 LiveCD will be available, on schedule, on July 26th (the date of publication for this article). Tools The tenshi log-monitoring program (formerly known as wasabi) has a new version 0.3 release. This is a Gentoo hosted project initially developed for Gentoo infrastructure servers to provide for structured monitors and alerts for server log files. Unreal Tournament 2003/2004: Buffer overflow in 'secure' queries Game servers based on the Unreal engine are vulnerable to remote code execution through malformed 'secure' queries. For more information, please see the GLSA Announcement Opera: Multiple spoofing vulnerabilities Opera contains three vulnerabilities, allowing an attacker to impersonate legitimate websites with URI obfuscation or to spoof websites with frame injection. For more information, please see the GLSA Announcement Linux Kernel: Multiple DoS and permission vulnerabilities Multiple permission vulnerabilities have been found in the Linux kernel, allowing an attacker to change the group IDs of files mounted on a remote filesystem (CAN-2004-0497), as well as an issue in 2.6 series kernels which allows /proc permissions to be bypassed. A context sharing vulnerability in vserver-sources is also handled by this advisory as well as CAN-2004-0447, CAN-2004-0496 and CAN-2004-0565. Patched, or updated versions of these kernels have been released and details are included along with this advisory. For more information, please see the GLSA Announcement A buffer overflow in l2tpd could lead to remote code execution. It is not known whether this bug is exploitable. For more information, please see the GLSA Announcement mod_ssl: Format string vulnerability A bug in mod_ssl may allow a remote attacker to execute arbitrary code when Apache is configured to use mod_ssl and mod_proxy. For more information, please see the GLSA Announcement 4. Featured Developer of the Week Stephen Becker
Our featured developer for this week is Stephen Becker (geoman), one of the developers for Gentoo's port to the MIPS architecture, focusing on X11 and Desktop packages. His primary duties are testing ebuilds for that architecture, and setting their keywords accordingly. In particular, he works on ensuring that the various Gnome packages emerge and run properly for MIPS machines. He also pays particular attention to several multimedia and sound applications. Stephen has been a Linux user since 1997, commencing with the venerable Slackware. In 2001, he began experimenting with source-based distributions, especially the Sorcerer distribution. When that effort ran into trouble and began to fragment, he shifted to Gentoo and has been there ever since. Not long after Gentoo released the MIPS port, Stephen had it up and running on his SGI Indy, and began to experiment with getting accelerated X up and running. Despite claims that "kumba put something in [his] drink", Stephen was invited to become a Gentoo developer after his work patching ebuilds and comments became known to the other alternative architecture developers. Stephen characterizes Gentoo as making "Linux very usable and fun at the same time". Stephen has a "whole room dedicated to computers", the set of which includes what he styles a "franken-puter": a frame for which he periodically scavenges parts for upgrades. Its current incarnation is as a Celeron 600 firewall/gateway/server (as well as a few other uses). Behind that sentry is his LAN, which includes his wife's Duron 1.6 GHz, his AthlonXP 1.53 GHz and a Pentium 233 relegated for duty as a DOS games platform. More esoteric nodes on the LAN include an SGI O2, a Sun Ultra 1, and two SGI Indys. One of the Indys serves as an mp3/esound server for his stereo system. Stephen enjoys building model cars and planes, and has recently dabbled in radio-control. He is an avid sports fan, both as spectator and player, rooting for the various St. Louis professional teams and playing basketball as well as mountain biking. He completed a Masters in Geology at the University of Missouri at Rolla, and is currently a Doctoral candidate at Virginia Tech, still studying Geology. His Masters' work focused on characterizing fluid flow events in Irish metallic ore deposits, and he is currently researching high-pressure (10's of thousands of PSI) fluid inclusions in quartz crystals. His intent is to apply this research to studying natural fluid incursions in ore deposits using laser probes and mass spectrometry. He lives in Blacksburg, Virginia with his wife of just over a year, Kris. They are expecting their first child in November. Flashing BIOS with Gentoo Generally, motherboard manufacturers provide upgrades the their product's BIOSes with an MSDOS-executable flashing utility as well as a binary image of the new BIOS. Gentoo users are usually out of luck when it comes to using these tools, or are they? Process and port ownership? A common question on Linux is how to find what process owns an open TCP port. Check this thread for a variety of answers! KDE Screen Blanking Here's some quick tips on using DPMS (conserve monitor power) in both KDE and directly with X. Long Bootstraps Do you have an older computer that takes a long time to bootstrap? Check out this thread and you might feel a bit better! Gentoo International is on hiatus this week. The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 17 July 2004 and 23 July 2004, activity on the site has resulted in:
Of the 6858 currently open bugs: 134 are labeled 'blocker', 188 are labeled 'critical', and 542 are labeled 'major'. The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
Tips and Tricks is on hiatus this week. The following developers recently left the Gentoo team:
The following developers recently joined the Gentoo Linux team:
The following developers recently changed roles within the Gentoo Linux project:
Interested in contributing to the Gentoo Weekly Newsletter? Send us an email. Please send us your feedback and help make the GWN better. 12. GWN Subscription Information To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org. To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under. The Gentoo Weekly Newsletter is also available in the following languages:
|
|
