Gentoo Logo

Gentoo Weekly Newsletter: 17 April 2006

Content:

1.  Gentoo news

Gentoo on the Linux World Expo in Boston

The Linux World Conference and Expo is one of the biggest Linux events in the United States. The venue for its East Coast edition was the Boston Convention and Exposition Center in Boston, Mass., from 4 to 6 April. Gentoo had a strong presence at the show with 14 developers in attendance over three days. The booth staff showed several fun and experimental packages at the show, including Enlightenment E17 on Mike Frysinger's quad-core PowerMac G5 and Xgl on Josh Nichols' Athlon64 X2. Mike also brought an ARM-based machine and a LanTank, a SuperH-based NAS device with Gentoo Linux on it. Gentoo was located in the .Org Pavilion between the Slashdot Lounge and the Linux Test Project.


Figure 1.1: Eight of the 14 Gentoo devs at Boston LWE

Fig. 1: LWE

Note: From left to right: rajiv, josejx, dostrow, mr_bones_, wolf31o2, halcy0n, nichoj, and vapier (front)

During the show, Mark Stephenson, Director of Sales at i*hydra approached the Gentoo developers about doing a Gentoo Linux installation on one of their demo machines, an 8-CPU dual-core AMD Opteron 875 system with 64GB of RAM and over 1.2TB of disk space. With the assistance of Ryan Rice, Operations Manager, and the blessing of David Stapp, President, Gentoo Linux was soon booting in 16-core goodness. The installation, with a complete Gnome environment, took approximately 20 minutes, using the experimental 2006.0 AMD64 Installer LiveCD. The machine is an i*hydra Galaxy, based on the Tyan Transport VX50 platform. And of course, they slapped a "Powered i by Gentoo Linux" sticker on the machine to let everyone know what was under the hood.


Figure 1.2: Chris Gianelloni with Ryan Rice and Marc Stephenson of i*hydra

Fig. 2: ihydra

Gentoo Forums internationalization and phpBB 2.0.20

A lot of effort by Forums staff and users has been put into translating all the text that was generated in English by the custom mods of the Forums into many languages (Chinese (simplified and traditional), Danish, Dutch, Esperanto, Finnish, French, German, Greek, Italian, Norwegian, Polish, Portuguese, Russian, Spanish, and Swedish). The translations committed so far have already been implemented in the Forums along with the new 2.0.20 phpBB patch set, others are still in testing. Some languages still need help with translation, so please have a look at the Gentoo Forums Translator Guidelines and subscribe to the Forums translations mailing list if you're able and willing to contribute.

Python 2.4.3 now in Portage

Python 2.4.3 is now in Portage but masked for testing. 2.4.3 is a bugfix release and fixes quite a few UTF-8 issues as well as a few memory leaks and segfaults. A detailed changelog is available. As always, remember to run /usr/sbin/python-updater after updating Python. Python 2.4.3 will be unmasked on 28 April if no major bugs are found.

Old-style PHP packages vanishing

The PHP Herd announces that the old-style PHP packages, which were unsupported and deprecated for months, are finally going away. After months of work, the team considers the new dev-lang/php package and the related dev-php[4,5]/ categories fully ready for production use, and encourage all users to upgrade. Helpful informations can be found at the PHP project's pages, along with a HOWTO regarding the migration to dev-lang/php. The old-style PHP packages (dev-php/php, dev-php/php-cgi, dev-php/mod_php, dev-php/PECL-*, and older dev-php/PEAR-* packages) will be package.masked on Wednesday, 19 April 2006, and removed from the Portage tree about a month later.

2.  Heard in the community

Web forums

Every Show Sucks in Gentoo!

ciaran27 explains in our Forums how easy it is to use Mplayer and the XMMPlayer plugin to watch ESS in Gentoo. Wanna enjoy the show as well?

Should we remove FEATURES="candy"

Gentoo Developer antarus has started a thread asking Forum users if they would like to keep the Portage feature that changes the output spinner from a -\|/- to a random string of characters that form a sentence. Vote on the poll and state your opinion!

Is gcc 4.1.0 safe yet?

Forum user Kidel Fastro has started a new thread asking if gcc 4.1.0 is safe to use at this point and if the upgrade would be worth it. If you have a look at the answers of other forum users in the thread, you will notice that it looks promising!

3.  Gentoo international

Japan: Kosmikus in Tokyo

Last Wednesday, five local Gentooists organized a welcome party for Gentoo developer Andres Loeh in Tokyo's Shibuya district. Japanese and other Asian beer was sampled with some mixed reactions by those from the top beer drinking countries in the world, various topics were discussed, and everybody was pleasantly surprised to see a usually quiet scientist talking passionately about his love for Haskell. The lively discussions were interrupted by restaurant staff bringing a huge ice-cream accompanied by songs and crackers -- a birthday special treat for one not-yet-a-Gentoo-dev. Since GentooJP can always use an excuse for gatherings like these, please let them know if you have a plan to visit Japan.


Figure 3.1: Kosmikus (left) and Kalin Kozhuharov munching the latter's birthday ice-cream

Fig. 1: Japan

4.  Gentoo in the press

Daemonnews (12 April 2006)

David Stanford of Daemon News, the Ezine for BSD users, conducted an interview with Gentoo/ALT lead developer Diego Pettenò last week, giving ample space to the "relatively unheard-of" Gentoo/BSD for a complete outline of the project and its protagonists.

OnMac.net (16 April 2006)

OnMac is having all sorts of fun with exploring the possibilities of a triple-boot setup for Mac OS X, Windows XP and Linux on a Mac Mini -- using a 2006.0 Gentoo LiveCD installation to complement the best of the other worlds, and jumping through all the hoops of a Gentoo installation.

5.  Gentoo developer moves

Moves

The following developers recently left the Gentoo project:

  • Corey Shields
  • Ciaran McCreesh
  • Sergey Kuleshov

Adds

The following developers recently joined the Gentoo project:

  • Benigno B. Júnior (bbj) - Gentoo/*BSD
  • Denis Dupeyron (calchan) - sci-electronics
  • Keri Harris (keri) - Prolog

Changes

The following developers recently changed roles within the Gentoo project:

  • Curtis Napier (curtis119) - New Infra team member
  • Xavier Neys (neysx) - New Infra team member
  • Mike Doty (kingtaco) - New Infra team member
  • Christian Hartmann (ian) - adds ebuild development to his duties as a Forum admin
  • Ioannis Aslanidis (deathwing00) - joined the KDE herd

6.  Gentoo Security

MediaWiki: Cross-site scripting vulnerability

MediaWiki is vulnerable to a cross-site scripting attack that could allow arbitrary JavaScript code execution.

For more information, please see the GLSA Announcement

Horde Application Framework: Remote code execution

The help viewer of the Horde Framework allows attackers to execute arbitrary remote code.

For more information, please see the GLSA Announcement

FreeRADIUS: Authentication bypass in EAP-MSCHAPv2 module

The EAP-MSCHAPv2 module of FreeRADIUS is affected by a validation issue which causes some authentication checks to be bypassed.

For more information, please see the GLSA Announcement

Kaffeine: Buffer overflow

Kaffeine is vulnerable to a buffer overflow that could lead to the execution of arbitrary code.

For more information, please see the GLSA Announcement

Doomsday: Format string vulnerability

Format string vulnerabilities in Doomsday may lead to the execution of arbitrary code.

For more information, please see the GLSA Announcement

ClamAV: Multiple vulnerabilities

ClamAV contains multiple vulnerabilities that could lead to remote execution of arbitrary code or cause an application crash.

For more information, please see the GLSA Announcement

Cacti: Multiple vulnerabilities in included ADOdb

Multiple vulnerabilities have been discovered in the ADOdb layer included in Cacti, potentially resulting in the execution of arbitrary code.

For more information, please see the GLSA Announcement

7.  Bugzilla

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 02 April 2006 and 16 April 2006, activity on the site has resulted in:

  • 1646 new bugs during this period
  • 859 bugs closed or resolved during this period
  • 56 previously closed bugs were reopened this period

Of the 9886 currently open bugs: 65 are labeled 'blocker', 156 are labeled 'critical', and 538 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period are:

New bug rankings

The developers and teams who have been assigned the most new bugs during this period are:

8.  GWN feedback

Please send us your feedback and help make the GWN better.

9.  GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under.

10.  Other languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated April 17, 2006

Summary: This is the Gentoo Weekly Newsletter for the week of 17 April 2006.

Ulrich Plate
Editor

Ioannis Aslanidis
Author

Chris Gianelloni
Author

Kalin Kozhuharov
Author

Luca Longinotti
Author

Bryan Østergaard
Author

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.