Gentoo Logo

Gentoo Weekly Newsletter: July 11th, 2005

Content:

1.  Gentoo News

2.5 million posts

With the ascension of Gentoo Forum moderators to official staff membership progressing nicely, their area of activity has just passed yet another impressive milestone: On 6 July, the magic number of 2.5 million posts was reached. Since finding out who the poster of this historic submission was is fiendishly difficult and involves major operations on the underlying database, suffice for now to show visual proof of the moment:


Figure 1.1: Passing the 2.5 million mark: Total number of Forum posts on 6 July 2005

Fig. 1: Postcount

Documentation project update

Recent addition to the Documentation team Shyam Mani has rewritten the heavily outdated ALSA Guide, and converted Daniel Robbins' articles from IBM DeveloperWorks to the standard GuideXML format and made them available at the Gentoo website. A completely new piece of documentation is Benedikt Boehm's contributed vserver Howto, while major revamping has been applied to the Gentoo Handbook (now with an improved description of lspci and an update on devfsd versus udev. A new part on network configuration that covers Gentoo's current baselayout and includes wireless networks has been added to the handbook, and the NVidia, Gentoo Security and Printing Guides have also been updated. The complete status update can be viewed at the Gentoo website.

Greek translator team looking for new members

The Greek translators of the Gentoo documentation are recruiting new team members to reinforce their ability to cover the material in its entirety. If your Greek is up to the task and you would like to join the other translators, contact Ioannis Aslanidis, please.

2.  Developer of the week

"It's done when it's done" -- Tobias Scherbaum (dertobi123)


Figure 2.1: Tobias Scherbaum aka dertobi123

Fig. 1: dertobi123

This week's featured dev is Tobias Scherbaum, better known to most as dertobi123. He lives in Oberhausen in Germany's industrial Ruhr region, and is one of the veterans among German developers. As with many other Gentoo developers he associated himself with Gentoo well before he could get involved with any other OSS project.

Tobias is the German lead translator, but recently started HPPA stage building and PPC stable keywording, too. Probably his best-known project, one he has spent a lot of time on, are the FizzleWizzle XLiveCDs that see new releases shipping just in time for most of Europe's major Linux events, like FOSDEM, LinuxTag or the German edition of the Linux World Expo. At the moment he is undergoing an apprenticeship for "Fachinformatiker Systemintegration", which essentially boils down to becoming a highly trained monkey for fixing cabling and computer problems. Before that he passed his German "Abitur" (graduation after 12 or 13 years of school) and studied Economy for two years.

Like many Gentooists he owns an impressive hardware collection, spanning many architectures, including SGI, SUN and HPPA, plus an iBook and some obsolete x86 machines. Some platforms are still missing, but one of Tobias' ambitions in life is to decorate his home with at least one specimen of every single architecture that Gentoo runs on.

His normal working environment is the Gnome, with ssh and screen as the main helpers for administration and remote connections. About the first application he fires up in the morning is usually Evolution, followed by a sufficiently large amount of terminals to accomodate all his screen sessions. Contrary to popular opinion he has a life outside the computers, with more exotic hobbies such as gardening (with barbecues as an important subset), reading computerbooks and cycling, but he is currently void of a female companion.

Tobias is one of the founders of the "Friends of Gentoo e.V.", the German NFP association, and a regular booth staff member at German Linux happenings. Just a few weeks ago he passed the ebuild quiz and is now a fully enabled ot wreak havoc in the Portage tree, and he maintains the GTK+-2 frontend for CD/DVD burning, graveman. Tobias has so far completely and utterly failed to break the tree as such, but on the upside of things he's managed to get a number of overdue packages to stable status, most importantly Gnome 2.10 for PPC.

3.  Heard in the community

gentoo-dev

Keywording problems

Just a few minutes apart two threads were started in response to some violations of our keywording policy. As it seems some devs were a bit optimistic and broke a few things on SPARC. This shouldn't happen, but somehow it does every now and then. To quote Monty Python: "We apologise for that. The people responsible have been sacked"

GLEP 38: Status of forum moderators

For the longest time the forum moderators that are not already developers were not considered official staff while the forums were official. To rectify this situation GLEP 38 was proposed in which the global moderators would become official Gentoo staff by taking the staff quiz. Due to some suboptimal wording this was slightly misunderstood and caused a minor flamewar, but in the end an agreement was reached.

4.  Gentoo International

Argentina: Ututo-E 2005.1 release

The Ututo-e Core Team announces the release of its Gentoo-based GNU/Linux Distribution, Ututo XS 2005.1. Ututo-e is a Gentoo-based distribution for desktop users that keeps compatibility with Gentoo and enjoys endorsement by the FSF and Richard M. Stallman himself as the "only free GNU/Linux distribution" he knows.

The new release XS 2005.1 is aiming for ease of migration from proprietary operating systems. Ututo-e provides a per-processor globally-optimized software packages repository, processor-optimized downloadable ISO images for installation, and a soon-to-be released LiveCD. Additionally, Ututo-e is supporting the x86_64 architecture. You can download the different flavors of Ututo-e's XS 2005.1 directly from the GNU Project's servers, or from any of the nine mirrors available worldwide, or via BitTorrent. The Ututo-e XS 2005.1 installation system is available in English, Italian, Portuguese and Spanish, and comes with a GUI- or console-based (ncurses) administration system.

Ututo-e's core team would like to join an expression of their gratitude to this announcement: a huge thank you goes to every and each person that has contributed to the Gentoo Project. People, base your projects on Gentoo. It's a wonderful metadistribution. Again, thank you.

Japan: Visiting European devs get shown around

UK-based Gentoo dev Marcs D. Hanwell, returning from a conference in Sapporo, stayed in Tokyo for a week. Enough excuse for Tomoyuki Sakurai, the GWN lead translator, to organise a night out and about for cryos and his English friends: They went to Tokyo's traditional and popular downtown area of Asakusa, enjoyed the basic pleasures of Japanese food including Okonomiyaki and Monjayaki, then went on to a genuine spa, one of the few hotsprings right in the heart of Tokyo. The long day was rounded off at a typical Izakaya, a Japanese style pub offering yet some more snacks, and the four Englishmen who hadn't heard of anything but Sushi and Sashimi went home quite pleasantly surprised at the wide range of foods in Japan.


Figure 4.1: Cryos (right) and friends at Ueno train station

Fig. 1: Cryos

Just a few days later, on 7 July, the GentooJP lot held a party in honor of yet another visiting Gentoo dev, Luca Barbato and his Italian friends. A Japanese family of Gentooists, Japan-based Jason Stubbs and Mudrii joined the crowd, adding the benefit of both being weathered foreigners living in Japan: very helpful resources, particularly as guides to undocumented rules in Japanese society for Italian travellers. The type of information Luca and his companions got is impossible to be had from books, and available to other Gentooists if they happen to make it all the way to Japan. Next time you do, remember to drop a line to the gentoojp-misc@ml.gentoo.gr.jp mailing list, or /join the #gentoo-ja IRC channel on Freenode.


Figure 4.2: Mudrii, jstubss and lu_zero at a pub in Tokyo

Fig. 2: Luca and friends

5.  Gentoo in the press

Linux Weekly News (28 June 2005)

Gentoo dev and regular GWN contributor Patrick Lauer's article about the Gentoo community was published two weeks ago, but has only now been made available to non-subscribers of the Linux Weekly News. He provides an overview of the community, with fellow Gentoo devs Donnie Berkholz and Grant Goodyear chiming in for the ensuing discussion.

6.  Moves, adds, and changes

Moves

The following developers recently left the Gentoo team:

  • None this week

Adds

The following developers recently joined the Gentoo Linux team:

  • Brent Baude (ranger) - PPC/PPC64
  • Jan Hendrik Grahl (grahl04) - Documentation translator
  • Joshua Baergen (Josh_B) - X11
  • Kahtryn Kulick - commonbox, net-im, X11 themes
  • Michael Curtis Napier (curtis119) - WWW redesign
  • Scott Shawcroft (tannewt) - Bugday team

Changes

The following developers recently changed roles within the Gentoo Linux project:

  • Tobias Scherbaum (dertobi123) - Adds HPPA release engineering to his other duties

7.  Gentoo security

Clam AntiVirus: Denial of Service vulnerability

Clam AntiVirus is vulnerable to a Denial of Service attack when processing certain Quantum archives.

For more information, please see the GLSA Announcement

Heimdal: Buffer overflow vulnerabilities

Multiple buffer overflow vulnerabilities in Heimdal's telnetd server could allow the execution of arbitrary code.

For more information, please see the GLSA Announcement

PEAR XML-RPC, phpxmlrpc: PHP script injection vulnerability

The PEAR XML-RPC and phpxmlrpc libraries allow remote attackers to execute arbitrary PHP script commands.

For more information, please see the GLSA Announcement

WordPress: Multiple vulnerabilities

WordPress contains PHP script injection, cross-site scripting and path disclosure vulnerabilities.

For more information, please see the GLSA Announcement

phpBB: Arbitrary command execution

A vulnerability in phpBB allows a remote attacker to execute arbitrary commands with the rights of the web server.

For more information, please see the GLSA Announcement

RealPlayer: Heap overflow vulnerability

RealPlayer is vulnerable to a heap overflow that could lead to remote execution of arbitrary code.

For more information, please see the GLSA Announcement

zlib: Buffer overflow

A buffer overflow has been discovered in zlib, potentially resulting in the execution of arbitrary code.

For more information, please see the GLSA Announcement

TikiWiki: Arbitrary command execution through XML-RPC

TikiWiki includes PHP XML-RPC code, making it vulnerable to arbitrary command execution.

For more information, please see the GLSA Announcement

phpWebSite: Multiple vulnerabilities

phpWebSite is vulnerable to the remote execution of arbitrary PHP script code and to other, yet undisclosed, vulnerabilities.

For more information, please see the GLSA Announcement

phpGroupWare, eGroupWare: PHP script injection vulnerability

phpGroupWare and eGroupWare include an XML-RPC implementation which allows remote attackers to execute arbitrary PHP script commands.

For more information, please see the GLSA Announcement

8.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 26 June 2005 and 10 July 2005, activity on the site has resulted in:

  • 1437 new bugs during this period
  • 840 bugs closed or resolved during this period
  • 35 previously closed bugs were reopened this period

Of the 8392 currently open bugs: 103 are labeled 'blocker', 200 are labeled 'critical', and 597 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period are:

New bug rankings

The developers and teams who have been assigned the most new bugs during this period are:

9.  GWN feedback

Please send us your feedback and help make the GWN better.

10.  GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn+subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn+unsubscribe@gentoo.org from the email address you are subscribed under.

11.  Other languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated July 11, 2005

Summary: This is the Gentoo Weekly Newsletter for the week of 11 July 2005.

Ulrich Plate
Editor

Arturo 'Buanzo' Busleiman
Author

Wernfried Haas
Author

Patrick Lauer
Author

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.