Changes at the Gentoo Weekly Newsletter
Yuji Carlos Kosugi, editor of the GWN ever since Kurt Lieber gave up that post in July 2003, has decided to concentrate more on his scholar duties and passed on the torch to Ulrich Plate, long time contributor and responsible for the Forums and International sections since their inauguration. We thank Yuji for fourteen months of grueling work! Keeping both readers and contributors happy has not been an easy task, but he has managed to gracefully stay on top of things, and we wish him as much success with his future projects as he has had with running the GWN.
The next weeks will see a concerted effort to bring in additional contributors to many parts of the GWN, including old sections that have been absent for much too long, and new ones to meet readers' expectations. The GWN staff would like to thank all contributors and readers of the past, and hopes to continue to benefit from your enthusiasm that has made our newsletter such a widely read publication.
New Gentoo 2004.2-r1 x86 Minimal LiveCD to Combat Buggy BIOS Versions
Many people were recently having problems booting the 2004.2 Minimal LiveCD for x86. Gentoo's Release Engineering team has created a new experimental install-x86-2004.2-r1-minimal.iso image, a recreated recreated 2004.2 CD image that solves the problem of BIOS versions known to refuse booting from the Minimal LiveCD. The install-x86-2004.2-r1-minimal.iso image has been uploaded to the Gentoo mirrors, to the /experimental/x86/livecd/x86 directory. If you have any questions about the ISO image, contact Release Engineering via IRC by joining #gentoo-releng on irc.freenode.net.
No updates this week.
star contains a suid root vulnerability which could potentially grant unauthorized root access to an attacker.
For more information, please see the GLSA Announcement
ImageMagick, imlib, imlib2: BMP decoding buffer overflows
ImageMagick, imlib and imlib2 contain exploitable buffer overflow vulnerabilities in the BMP image processing code.
For more information, please see the GLSA Announcement
Several buffer overflows and a shell metacharacter command execution vulnerability have been found in LHa. These vulnerabilities can be used to execute arbitrary code.
For more information, please see the GLSA Announcement
Samba: Remote printing vulnerability
Samba is vulnerable to a remote denial of service attack due to out of sequence print change notification requests.
For more information, please see the GLSA Announcement
Webmin, Usermin: Multiple vulnerabilities in Usermin
A vulnerability in the webmail function of Usermin could be used by an attacker to execute shell code via a specially-crafted e-mail. A bug in the installation script of Webmin and Usermin also allows a local user to execute a symlink attack at installation time.
For more information, please see the GLSA Announcement
4. Featured Developer of the Week
NN - Your Name Here?
No featured developer this week. If you're a Gentoo developer and you would like to see your portrait here, please contact the GWN team.
New Gentoo Forum for Mac OS X Users
People running Gentoo for Mac OS now have their own forum to get technical support, chat about applications and compare config tricks. The new forum has an all-Belgian moderator team to watch over it, both prominent Gentoo for Mac OS developers: pvdabeel and SeJo.
Implementing Web Browsing Restrictions
Although most people are displeased with restricting where users may roam on the internet, there are situations where users on the machine must be restricted to certain web sites. But how to do this? The following thread introduces two ideas: Creative use iptables or restricted proxying with squidguard.
Using Gmail with Linux Browsers
Google's Gmail has a unique way of making the web interface seem "fast" to the end-user, and that's by running the entire site in JavaScript. Although wonderful for speed this introduces many incompatibilities between browsers that have incomplete or broken implementations of JavaScript. In true Gentoo-user fashion, this thread grew rather large and also spawned a privacy debate in regards to Google reading email for ad placement. A bit off-topic, but an interesting read nonetheless!
UK: Photos from the First Gentoo UK User Meeting
UK meet-up organiser Stuart Herbert has updated his Gentoo developer website with photos from the inaugural Gentoo UK meeting in Manchester on 4 September. The all-day event was filled with presentations by Harry Moyes of Manchester Wireless talking about wireless technologies and Linux, Stuart himself reported on future plans for web applications in Gentoo, and fellow developer Rob Holland gave an introduction to Gentoo's log watching demon, Tenshi. Since the event was such a big success to everyone involved, and the turnout of more than 20 Gentooists well above expectations, a follow-up meeting is already - tentatively - scheduled for February 2005.
Italy: Gentoo at the Linux World Expo in Milano
Linux World Expo Italia is opening its doors from 22 to 24 September in Milano. The Gechi (Gentoo Channel Italia) activists don't have a stand at this year's issue of the LWE, but they'll be giving a presentation on day 1 in the .org pavilion: Giovanni Ferri is ging to talk about corporate use of Gentoo Linux on 22 September, 13:00 to 14:00 hours. If you register for entrance to LWE before 17 September, access to the exhibition area and the Gentoo talk will be free. Check the Italian forum thread for additional details.
The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 05 September 2004 and 11 September 2004, activity on the site has resulted in:
Of the 7079 currently open bugs: 138 are labeled 'blocker', 205 are labeled 'critical', and 555 are labeled 'major'.
The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
This section is always looking for volunteers to submit their favourite Linux shortcuts, bash scripting tricks and other ideas to make life with Gentoo Linux a little more comfortable. If you have anything you'd like to share with other users, please submit it to the GWN team.
The following developers recently left the Gentoo team:
The following developers recently joined the Gentoo Linux team:
The following developers recently changed roles within the Gentoo Linux project:
Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.
Please send us your feedback and help make the GWN better.
12. GWN Subscription Information
To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.
The Gentoo Weekly Newsletter is also available in the following languages: