Gentoo Weekly Newsletter: 30 January 2006Modular X entering ~arch (testing) The X team members plan to remove all 289 modular X packages from package.mask soon. They will enter ~arch (testing) for all the architectures for which they're keyworded: alpha, amd64, arm, ia64, mips, ppc, sh, sparc and x86. To learn how to upgrade properly, read the migration guide before starting the upgrade. It discusses how the USE flags changed, why X.Org went modular and why emerge xorg-x11 won't be quite enough yet. Not all packages in the tree will work with modular X when it enters ~arch, although the most common applications already do. The X team encourages users and developers to contribute fixes to their favorite packages by reading the porting guide. Applications requiring the most work include games and packages without a listed maintainer in metadata.xml or altogether lacking metadata. Donnie Berkholz provides a list of all unported applications along with their maintainers, updated daily, in his webspace. A graph of porting progress exists in the same location. If you encounter any bugs with the migration, please report them at Gentoo's Bugzilla. End of lifetime announcement for old-style configuration Apache packages In October, the Apache team made stable a new configuration style for apache and its modules. While many users have made the switch, many cautious users have not. The Apache team is announcing that they will no longer support the old-style configuration of Apache after March 1, 2006. Anyone who has not upgraded to net-www/apache-2.0.55 and higher, or net-www/apache-1.3.34-r10 and higher should do so before then. For information on how to upgrade, we provide an Upgrading Apache Guide. Gentoo's PHP Herd held their first meeting in 2006 on January 21st. Topics on the agenda included election of herd leads, SLOTting of PHP minor versions and the stabilization of dev-lang/php. Luca Longinotti has been elected as lead for core-PHP packages and Sebastian Bergmann as lead for PEAR packages. The PHP Herd agreed to keep the SLOTting scheme as is, i.e. only major versions of PHP (PHP 4, PHP 5) will be slotted. The most notable decision made from a users point of view forces users to migrate from dev-php/php to dev-lang/php as soon as possible as the PHP Herd decided to no longer support them. The old dev-php/php packages will be package.masked as soon as the architecture teams have stabilized the new-style PHP packages, which is expected by the end of February, and removed from the Portage tree about two months later. The minutes of the PHP Herd's January meeting are available at the PHP Overlay website. Their next meeting is scheduled for February 7th at 19:00 UTC in #gentoo-php on irc.freenode.net. Gentoo's MySQL maintainers plan to move =dev-db/mysql-4.1.16-r30 and dev-db/mysql-5.0.18-r30 into ~arch (testing) soon. Those -r30 revision Ebuilds now allow installing several MySQL versions in parallel, or in Gentoo speak: They support SLOTting. While all minor versions beyond or equal to 4.1 will become slotted, dev-db/mysql-4.0* will stay at SLOT="0". To accomplish this, new Eclasses and an eselect module for easy switching between MySQL versions were written. Though you can run several MySQL versions simultaneously you are still limited to one (the current) libmysqlclient at a time. To learn how to upgrade properly, read the migration guide before starting the upgrade. All packages in the tree that worked before should also work with slotted MySQL when it enters ~arch. If you encounter any bugs with the migration, please report them at Gentoo's Bugzilla. A new version of app-portage/gentoolkit (0.2.1) containing significant improvements has been marked stable a few days ago. These are the major changes between gentoolkit-0.2.0 and gentoolkit-0.2.1:
A detailed listing of the changes for those interested is in /usr/share/doc/gentoolkit-0.2.1/ChangeLog. Three million posts in the Gentoo Forums
Almost exactly a year after reaching two million posts in January 2005 the Gentoo Forums hit three million posts on Jan 24th. A thread on the forums not only features the answer to the question "Whose post was it?", but also leaves space for wild conspiracy theories about a mysterious decrease in postcount shortly before the three millionth post was reached. The Gentoo Forums were noted to be among the largest phpBB installations on big-boards.com. app-text/pdftohtml has been replaced by app-text/poppler because of security concerns as stated in bug #115789. You are strongly advised to unmerge app-text/pdftohtml and emerge app-text/poppler instead. "Prefixed Portage" for Gentoo for Mac OS X For the last few months, the Gentoo for Mac OS X project has been serving as the primary testbed for a "prefix aware" portage and ebuild repository. This basically allows for a configurable 'offset prefix' in which portage and all software it manages can be installed, as any user, without any interference with the 'host' operating system. The need for such functionality arose from the ever-increasing problems of using Portage in 'foreign' environments such as Apple's Mac OS X. While in its current state, it is serving merely as a working and functional prototype, it has opened up many exciting possibilities for the future of Gentoo and Portage. Although the Gentoo for Mac OS X project is the first project from the Gentoo/Alt umbrella project to have a pressing need for portage installations that leave the host operating system unmodified, it has proved to be of great interest to users and developers alike who are having excellent results running portage on a multitude of OS - AIX, HP-UX, FreeBSD, BeOS/Haiku/Zeta, Solaris, and Fedora Core Linux. The Gentoo for Mac OS X team hopes to have preliminary documentation and developer installer packages available as soon as possible. Those interested in contributing may contact Kito Danya Dietrich or Fabian Groffen. sed vs. gsed In his quest for Gentoo/Alt improvements Diego Pettenò asks for advice on how to handle sed as some of the alternative hosts for Gentoo use non-GNU sed, which has a slightly different behavior in some cases. RFC: emerge snapshots If something breaks during an update the "repair" often takes quite some time. Are there any methods for doing a "rollback" to the old state of the system to undo the breakage? What would need to be done to make this feasible, and why is quickpkg often not good enough? Alternative Linux distributions on the POWER5 platform A review of unsupported Linux distributions on the POWER5 platform has been published on IBM developerworks. Besides Debian, openSUSE 10 and Fedora Core this article also covers a test-environment and the installation of Gentoo on an IBM eServer™ OpenPower™ 720 system. The following developers recently left the Gentoo project:
The following developers recently joined the Gentoo project:
The following developers recently changed roles within the Gentoo project:
Sun and Blackdown Java: Applet privilege escalation Sun's and Blackdown's JDK or JRE may allow untrusted applets to elevate their privileges. For more information, please see the GLSA Announcement KDE kjs: URI heap overflow vulnerability KDE fails to properly validate URIs when handling javascript, potentially resulting in the execution of arbitrary code. For more information, please see the GLSA Announcement Trac: Cross-site scripting vulnerability Trac is vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution. For more information, please see the GLSA Announcement Gallery: Cross-site scripting vulnerability Gallery is possibly vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution. For more information, please see the GLSA Announcement A buffer overflow in LibAST may result in execution of arbitrary code with escalated privileges. For more information, please see the GLSA Announcement Paros: Default administrator password Paros's database component is installed without a password, allowing execution of arbitrary system commands. For more information, please see the GLSA Announcement The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 15 January 2006 and 29 January 2006, activity on the site has resulted in:
Of the 9192 currently open bugs: 72 are labeled 'blocker', 171 are labeled 'critical', and 503 are labeled 'major'. The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
8. GWN subscription information To subscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn+subscribe@gentoo.org. To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to gentoo-gwn+unsubscribe@gentoo.org from the email address you are subscribed under. The Gentoo Weekly Newsletter is also available in the following languages:
|
|
