Gentoo Logo

Gentoo Weekly Newsletter: April 11th, 2005

Content:

1.  Gentoo News

Web site face lift

Xavier Neyshas applied some cosmetic touches to the official Gentoo website. While the redesign of the site is still being worked on, the list of changes reveals bug fixes for specific browser problems, the introduction of justified text -- a much needed spring cleaning that irons out some inconsistencies in the color scheme, prevents code samples from running off the right edge of your screen, and includes other less visible adjustments.

Just in case the updates have created problems for you rather than solved the ones you may have had, please use Gentoo's bugzilla to file a bug report.

Forum staff changes

Great reshuffle of moderators and admins over at the Forums these days: Administrator ian! (Christian Hartmann) left the Gentoo project two weeks ago, and also retired from his Forums duties. Thanks again for all the work he did! To compensate for ian! leaving, moderators amne (Wernfried Haas), kallamej (Anders Hellgren) and pilla (Mauricio Lima Pilla) have become administrators, so no one needs to worry about spammers not getting banned or problems with inactive accounts not getting fixed in a timely manner. tomk (Tom Knight) also joined the administrator team, mainly to resume ian's work on improving the forums. Administrating one of the largest user communities takes a lot of time, so it's good to hear that two new global moderators, Maedhros (Jonathan Coome) and curtis119 (Michael Curtis Napier) have joined the moderator ranks: Maedhros is known for being helpful in a lot of the support forums, curtis119 mostly for his presence among the OTW community. no4b (Adrian "Abaddon" Czerniak) and fallow (Michal Kaczmarski) retired from their jobs as moderators in the Polish forum, being replaced by arsen (Andrzej Olender) and _troll_ (Przemysław Maciąg), and last but not least slick (Uwe Hoelzel) joined the German forum moderator team. Welcome on board, Gentoomen!

2.  Developer of the week

"Gentoo has the power to rule the world, but we're just not in the right place yet." -- Jochen Maes (sejo)


Figure 2.1: Jochen Maes aka SeJo

Fig. 1: sejo

This week's special is SeJo, known in real life as Jochen Maes, one of our Belgian developers (living in Leuven at the moment). He fills many roles in Gentoo: Developer relations, Gentoo/Java recruiter, Java/PPC lead, GLSA padawan, PPC security liaison (together with hansmi). His Gentoo-work is, obviously, recruiting, drafting GLSA, working on Java ebuilds, stable marking security bugs and general bugsquatting. Asked what he considers to be the biggest OpenSource Project that lives, he points to himself -- albeit that statement leaves his audience wondering under what conditions the source code is made available.

The aquisition of the IBM-JRE/JDK license and adding it to the portage tree as well as his work on porting Java 1.5 to PPC are the things he is most proud of in Gentoo. His "normal" work is being done as a general Linux specialist at the French IT-group Bull, where he does everything even remotely Linux- and VMware-related. His impressive skills are self-taught, but he attends an evening school to get a bachelor in computer science, which should be done by next year. After that he intends to study Japanese...

"Mozilla, Eclipse, pornview, vi, screen and definitely irssi!" are his favourite applications, running mostly on his Powerbook G4 15" with 1.5GB (!) of memory. Other hardware is a Pegasos PPC, two Sun Ultra10, a Sun Ultra5 and a Compaq Proliant 3000R, hosted in fellow Belgian Gentoo developer pvdabeels basement. Although he seems to be unaware of life outside the computer, he describes the beginning of a normal day as "when I first get up I take a smoke and make some decaf. Then I kiss my girlfriend good morning and all those things, and after that it's off to work." His motivation shows in his favourite quote, borrowd from Shakespeare's play Henry VI: "Defer no time, delays have dangerous ends" (Part1, act III, scene III).

3.  Heard in the community

gentoo-dev

Virtuals revisited (Round 3)

Jason Stubbs continues what he started a long time ago: "Back in my quest to rid the tree of the evil virtuals and their plot to destroy my mind. I think I've covered all bases with this one." For a longer explanation of the issue please read the whole mail and the discussion it generated.

Kernel/Header upgrades & confusion

John Mylchreest writes: "To all of you who have had issues with the kernel upgrade, or have confusions over the whole process, etc; Can I please point you towards http://planet.gentoo.org/developers/johnm/2005/04/05/kernel_sources"

make.profile symlink problems

Some user who hadn't updated their Gentoo systems in a while may run into troubles because the 1.4 profiles have been deprecated. This combined with old versions of portage being unable to use cascading profiles makes upgrading a lot more ... interesting.

4.  Gentoo International

UK: Preparations for UK LWE

Rob Holland has assumed the role of coordinator for the group of UK-based Gentoo developers and supporters who are busy preparing for the London edition of the Linux World Expo to be held in October. While there's still plenty of time for preparations, the first information about the event and a call for contributors has already been posted: on a freshly-baked Gentoo UK web server that doesn't hold much information yet, but is scheduled to evolve into the UK's community web site for Gentoo Linux.

Germany: Too late to save a drowning Gentoo

It may look like a belated April fool's joke, but it's real -- and almost usable... Markus Leonhardt, a long-term Gentoo user and Forum regular has stripped his desktop PC of its case and lowered it into a basin full of vegetable oil. His website is entirely in German, but the pictures are rather self-explaining.


Figure 4.1: Gentoo host

Fig. 1: Oiled

Note: Photo courtesy of Markus Leonhardt

5.  Gentoo in the press

NewsForge (4 April 2005)

Jem Matzan had an article about the state of OS development for 64-bit architectures in NewsForge last week, giving a short introduction to the benefits of the AMD64 and EM64T instruction set architectures. Generally upbeat about the ease of development for the platform, he finds Linux and FreeBSD maturing particularly well. "While at first it was difficult to find many programs that would compile for 64-bit, today you can have a complete desktop system that is entirely 64-bit without making too many sacrifices," says the author, pointing to Gentoo Linux as one of the sources for operational environments on 64-bit computers.

SYS-CON (11 March 2005)

"When I was younger, I ran out to buy the latest Led Zeppelin album - now I run out to get the latest build of Gentoo or Hula," reminisces Kevin Bedell, the author of a piece on open-source developers who he thinks have become the same type of role models like the rock stars of his youth. Quoting people who write software for commercial companies, but secretely dream of becoming open source heroes, the article may have been written with a tongue-in-cheek attitude, the comments look mostly like people are taking the idea quite seriously.

6.  Moves, adds, and changes

Moves

The following developers recently left the Gentoo team:

  • Michael Tindal

Adds

The following developers recently joined the Gentoo Linux team:

  • None this week

Changes

The following developers recently changed roles within the Gentoo Linux project:

  • Sven Vermeulen (swift) - Stepped down from the PR lead role

7.  Gentoo security

Dnsmasq: Poisoning and Denial of Service vulnerabilities

Dnsmasq is vulnerable to DNS cache poisoning attacks and a potential Denial of Service from the local network.

For more information, please see the GLSA Announcement

mit-krb5: Multiple buffer overflows in telnet client

The mit-krb5 telnet client is vulnerable to two buffer overflows, which could allow a malicious telnet server operator to execute arbitrary code.

For more information, please see the GLSA Announcement

Gaim: Denial of Service issues

Gaim contains multiple vulnerabilities that can lead to a Denial of Service.

For more information, please see the GLSA Announcement

sharutils: Insecure temporary file creation

The unshar utility is vulnerable to symlink attacks, potentially allowing a local user to overwrite arbitrary files.

For more information, please see the GLSA Announcement

GnomeVFS, libcdaudio: CDDB response overflow

The GnomeVFS and libcdaudio libraries contain a buffer overflow that can be triggered by a large CDDB response, potentially allowing the execution of arbitrary code.

For more information, please see the GLSA Announcement

8.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 03 April 2005 and 10 April 2005, activity on the site has resulted in:

  • 798 new bugs during this period
  • 471 bugs closed or resolved during this period
  • 23 previously closed bugs were reopened this period

Of the 8518 currently open bugs: 88 are labeled 'blocker', 247 are labeled 'critical', and 634 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period are:

New bug rankings

The developers and teams who have been assigned the most new bugs during this period are:

9.  Contribute to GWN

Interested in contributing to the Gentoo Weekly Newsletter? Send us an email.

10.  GWN feedback

Please send us your feedback and help make the GWN better.

11.  GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn-unsubscribe@gentoo.org from the email address you are subscribed under.

12.  Other languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated April 11, 2005

Summary: This is the Gentoo Weekly Newsletter for the week of 11 April 2005.

Ulrich Plate
Editor

Wernfried Haas
Author

Patrick Lauer
Author

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.