Gentoo Logo

Gentoo Weekly Newsletter: August 2, 2004

Content:

1.  Gentoo News

Gentoo Linux 2004.2 released

Today marks the release of Gentoo Linux 2004.2 for the AMD64, HPPA, SPARC and X86 architectures!

The Gentoo Linux Release Engineering project has worked hard to improve key problem areas identified in the 2004.1 release. These areas of improvement include, but are not limited to:

  • LiveCD compatibility with Dell server-class machines
  • LiveCD compatibility with SMP machines
  • x86 laptop PCMCIA support
  • Wireless (802.11a/b/g) capabilities
  • SATA support

Detailed information for Gentoo Linux 2004.2, such as Release Notes and md5sums, can be found at the 2004.2 information page

Gentoo Linux 2004.2 can be downloaded from any one of our official download mirrors, as well as from our new BitTorrent system. Please note that pentium3, pentium4, and athlon-xp PackageCDs are only available either by download via BitTorrent or through purchase at the Gentoo Store. Additional GRP sets will be available via BitTorrent shortly..

First Anniversary of BugDay

It's now been a full year since the first Gentoo BugDay was organized by former developer Brian Jackson and held on August 2, 2003, and users and developers joined forces for the first time in #gentoo-bugs on irc.freenode.net to close as many bugs as possible. It's been a good year for this new monthly initiative: an average of over 200 bugs has been closed each month, and many developers have joined the project as a result of the user-developer interaction that occurs. Users and developers alike are invited to come to #gentoo-bugs on Saturday, August 7th, the anniversary BugDay, continue the tradition, and maybe even break the record for closed bugs - the current record of 233 bugs closed was set on 1 May 2004. For more information, contact Bryan Ostergaard, the current organiser. Good luck!

German GWN translation team seeking additional translators

After a somehow turbulent time, Marc Herren is taking over as lead for the German translation of the GWN. To expand the team we're searching for additional people who would like to volunteer and help out with translations. If you feel able to translate documents from English into German and have at least half an hour to spare each week, drop Marc a line to let him know you're interested.

2.  Projects Update

Desktop

The Desktop team have officially deprecated the xfree package in favor of xorg-x11 as the default implementation of X for Gentoo. This reflects problems with the XFree license on version 4.4 that seem to preclude its inclusion in Portage. Both packages will remain in portage as people migrate, but xfree is expected to be dropped sometime early next year. Both Gnome 2.6.2 and KDE 3.2.3 have recently been marked stable in the tree, while XFCE 4.0.6 is in testing prior to stable release.

A number of the Desktop sub-projects have created new web pages to help users keep abreast of their activities, including the Science, Video and Games teams.

Documentation

The Documentation Team is pleased to announce that Xavier Neys has been named as Operational Lead for the Gentoo Documentation Project. In addition to updates to the Gentoo Handbook to align with the 2004.2 LiveCD release, the team has released several new documents, including a Home Router Guide and Handbooks for ARM and PPC64 architectures. There have also been updates to the Portage Guide, Kernel Guide and FAQ to reflect recent software changes, and the Desktop Configuration Guide has been replaced by new set of i>Gentoo Desktop Documentation Resources.

Hardened

The Hardened Gentoo team made a parallel release of Security-Enabled (SELinux) and PIE-SSP stages and LiveCDs for the 2004.2 release.

3.  Gentoo Security

Pavuk: Digest authentication helper buffer overflow

Pavuk contains a bug that can allow an attacker to run arbitrary code.

For more information, please see the GLSA Announcement

Subversion: Vulnerability in mod_authz_svn

Users with write access to parts of a Subversion repository may bypass read restrictions in mod_authz_svn and read any part of the repository they wish.

For more information, please see the GLSA Announcement

Samba: Multiple buffer overflows

Two buffer overflows vulnerabilities were found in Samba, potentially allowing the remote execution of arbitrary code.

For more information, please see the GLSA Announcement

phpMyAdmin: Multiple vulnerabilities

Multiple vulnerabilities in phpMyAdmin may allow a remote attacker with a valid user account to alter configuration variables and execute arbitrary PHP code.

For more information, please see the GLSA Announcement

SoX: Multiple buffer overflows

SoX contains two buffer overflow vulnerabilities in the WAV header parser code.

For more information, please see the GLSA Announcement

MPlayer: GUI filename handling overflow

When compiled with GUI support MPlayer is vulnerable to a remotely exploitable buffer overflow attack.

For more information, please see the GLSA Announcement

4.  Featured Developer of the Week

Featured Developer is on hiatus this week.

5.  Heard in the Community

gentoo-user

Transparent Squid Proxy Using IPTables

One list member had some issues getting Squid and IPTables to work happily together using the latest ebuilds. This thread not only has a great example of an IPTables transparent proxy rule, but also some tips on getting the proper modules in place to use it!

"Weird" Executables in /bin

What's that left-bracket doing there in /bin? If you're curious, check out this thread.

Upgrading Gentoo

Is it necessary to "upgrade" Gentoo when a new LiveCD comes out? With the recent release of 2004.2, one user wasn't sure. Although the answer was given rather quickly, the thread grew large, and spawned discussions on effectively using Portage profiles, and more.

gentoo-security

Strange SSH Activity Making the Rounds

The gentoo-security list has had several users report odd SSH activity over the past few days. Symptoms include repeated failed logins by normally unused accounts, as well as a report by a user of the Debian list of an actual break-in. Check out more details here.

6.  Gentoo International

Gentoo International is on hiatus this week.

7.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 24 July 2004 and 30 July 2004, activity on the site has resulted in:

  • 716 new bugs during this period
  • 370 bugs closed or resolved during this period
  • 12 previously closed bugs were reopened this period

Of the 7041 currently open bugs: 142 are labeled 'blocker', 197 are labeled 'critical', and 542 are labeled 'major'.

Closed Bug Rankings

The developers and teams who have closed the most bugs during this period are:

New Bug Rankings

The developers and teams who have been assigned the most new bugs during this period are:

8.  Tips and Tricks

Tips and Tricks is on hiatus this week.

9.  Moves, Adds, and Changes

Moves

The following developers recently left the Gentoo team:

  • None this week

Adds

The following developers recently joined the Gentoo Linux team:

  • Renat Lumpau (rl03) - webapps
  • Michael Kohl (citizen428) - ruby, cjk
  • Rob Moss (robmoss) - grub, gcc porting
  • Luca Mercuri (siggy) - infrastructure

Changes

The following developers recently changed roles within the Gentoo Linux project:

  • None this week

10.  Contribute to GWN

Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.

11.  GWN Feedback

Please send us your feedback and help make the GWN better.

12.  GWN Subscription Information

To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.

13.  Other Languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated 2 August 2004

Summary: This is the Gentoo Weekly Newsletter for the week of August 2nd, 2004.

Yuji Carlos Kosugi
Editor

AJ Armstrong
Contributor

Brian Downey
Contributor

Kurt Lieber
Contributor

Ulrich Plate
Contributor

Sven Vermeulen
Contributor

Simon Holm Thagersen
Danish Translation

Jesper Brodersen
Danish Translation

Arne Mejlholm
Danish Translation

Hendrik Eeckhaut
Dutch Translation

Jorn Eilander
Dutch Translation

Bernard Kerckenaere
Dutch Translation

Peter ter Borg
Dutch Translation

Jochen Maes
Dutch Translation

Roderick Goessen
Dutch Translation

Gerard van den Berg
Dutch Translation

Matthieu Montaudouin
French Translation

Xavier Neys
French Translation

Martin Prieto
French Translation

Antoine Raillon
French Translation

Sebastien Cevey
French Translation

Jean-Christophe Choisy
French Translation

Thomas Raschbacher
German Translation

Steffen Lassahn
German Translation

Matthias F. Brandstetter
German Translation

Lukas Domagala
German Translation

Tobias Scherbaum
German Translation

Daniel Gerholdt
German Translation

Marc Herren
German Translation

Tobias Matzat
German Translation

Marco Mascherpa
Italian Translation

Claudio Merloni
Italian Translation

Stefano Lucidi
Italian Translation

Katuyuki Konno
Japanese Translation

Hiroyuki Takeda
Japanese Translation

Masato Hatakeyama
Japanese Translation

Shigehiro Idani
Japanese Translation

Masayoshi Nakamura
Japanese Translation

Tomoyuki Sakurai
Japanese Translation

Lukasz Strzygowski
Polish Translation

Karol Goralski
Polish Translation

Atila "Jedi" Bohlke Vasconcelos
Portuguese (Brazil) Translation

Eduardo Belloti
Portuguese (Brazil) Translation

João Rafael Moraes Nicola
Portuguese (Brazil) Translation

Marcelo Gonçalves de Azambuja
Portuguese (Brazil) Translation

Otavio Rodolfo Piske
Portuguese (Brazil) Translation

Pablo N. Hess -- NatuNobilis
Portuguese (Brazil) Translation

Pedro de Medeiros
Portuguese (Brazil) Translation

Ventura Barbeiro
Portuguese (Brazil) Translation

Bruno Ferreira
Portuguese (Portugal) Translation

Gustavo Felisberto
Portuguese (Portugal) Translation

José Costa
Portuguese (Portugal) Translation

Luis Medina
Portuguese (Portugal) Translation

Ricardo Loureiro
Portuguese (Portugal) Translation

Aleksandr Martyncev
Russian Translator

Sergey Galkin
Russian Translator

Sergey Kuleshov
Russian Translator

Alex Spirin
Russian Translator

Denis Zaletov
Russian Translator

Guillermo Juarez
Spanish Translation

Fernando J. Pereda
Spanish Translation

Juan Diego Gutiérrez Gallardo
Spanish Translation

Nicolas Silva
Spanish Translation

Aycan Irican
Turkish Translation

Bugra Cakir
Turkish Translation

Cagil Seker
Turkish Translation

Emre Kazdagli
Turkish Translation

Evrim Ulu
Turkish Translation

Gursel Kaynak
Turkish Translation

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.