Gentoo Weekly Newsletter: 8 May 2006Improved Ada support in Portage - split ebuilds for gnat "New generation" dev-ada/gnat-xxx compilers are now in Portage. They follow the upstream more closely (now you get gnat-gcc to follow FSF's in-gcc sources, and gnat-gpl to represent "official" AdaCore's code). toolchain.eclass procedures are also more closely observed, allowing for better integration with system gcc and better multilib support, and the new compilers are properly SLOTted and can be installed in parallel (so that you can have gnat-gcc-3.4.6, gnat-gcc-4.1.0 and gnat-gpl-3.4.5.1 installed all at once). The selection of the active gnat is performed via an eselect-gnat module in the usual manner. Work is under way to enhance support for Ada libraries, so that they are built for each installed gnat and can be switched on the fly. Anybody interested in helping is cordially invited to visit the corresponding bug. This includes a call for a long-term Ada maintainer, too. Actual support work should be relatively easy now that the transition itself is over, but candidates should be able to make sense of the gnatbuild.eclass, gnat.eclass and toolchain.eclass (and related), in addition, of course, to generally know your way around ebuilds. Contact George Shapovalov if you're interested. GNOME 2.14 came out of package.mask this weekend. The tracker bug is located at bug #119872. Highlights of the release include performance boosts and improvements to various applications and routines, and can be found at the Gnome website. If you have any problems upgrading, please search bugzilla or wander into #gentoo-desktop on irc.freenode.net. Heritage Joshua Jackson starts a discussion on the heritage and the historic "symbols" of Gentoo - Larry the Cow, the floating alien guy and so on. In the website redesign some of these have been removed. Should we keep these leftovers from the old times or should we move on? coldplug and hotplug Our baselayout magician Roy Marples started a discussion on the behaviour of hotplug and coldplug - coldplug events can be limited via the RC_COLDPLUG variable while hotplug does not. To unify this he proposed a few changes, but then the discussion drifted away to problems with udev and coldplug: Some users report problems with newer udev versions automatically loading drivers and want to be able to completely disable this behaviour. Having fun with compression As an experiment to see if distfile downloads could be shrunk Patrick Lauer did some tests converting from gzip to bzip2 and 7zip formats. Over 15GB of .tar.gz files got converted in this experiment, showing on average about 15% space reduction. While it is not practical to "just convert" all files and no comparison of CPU usage has been done it is nevertheless an interesting perspective for people with slower internet connections. Germany: gentoo.de asks 'Are you Gentoo?' Inspired by a code-snippet posted by Forums moderator slick, the German not-for-profit association created a quiz on their community-site, asking "Are you Gentoo?" The survey contains 20 questions, some of them easy to answer, some tricky ones and some questions which need a solid understanding of Gentoo's basics. Everyone who answers all 20 questions correctly can take part in a raffle where the 'Friends of Gentoo e.V.' offer three prizes, including a Gentoo shirt and mousepad. If your German is up to the task, take the challenge and solve the quiz. Desktop Linux finds two articles in other online magazines make for "interesting reading," reads them for us and quotes a few highlights. We're left with the choice of reading the original articles at eWeek.com (an enthusiastic post-release 2006.0 review) and Linux Watch (Steven Vaughn-Nichols' slightly more downbeat assessment that 'Gentoo is not for everyone'), or be content with what we find at Desktop Linux. Either way is just fine -- it'll stay within the range of Ziff Davies Holding publications, anyway. SystemRescueCD's new version released last week made the news at Desktop Linux on the same day as the press clippings for Gentoo Linux 2006.0 mentioned just above. The French project provides a save-and-rescue Linux environment -- based on Gentoo -- with everything on board you might need for a system recovery, but also for administrative tasks like partitioning harddrives with QtParted, claims the announcement. Yet another distribution based on Gentoo, this one specializing in 64bit systems: Distrowatch reports about the latest release of RR64, probably because it's a full LiveDVD with Gnome and Xgl and whatnot inside. Fabio Erculiani's Italian Gentoo flavour, the RR series was featured in the GWN before. The following developers recently left the Gentoo project:
The following developers recently joined the Gentoo project:
The following developers recently changed roles within the Gentoo project:
MPlayer: Heap-based buffer overflow MPlayer contains multiple integer overflows that may lead to a heap-based buffer overflow. For more information, please see the GLSA Announcement X.Org: Buffer overflow in XRender extension A buffer overflow in the XRender extension potentially allows any X.Org user to execute arbitrary code with elevated privileges. For more information, please see the GLSA Announcement ClamAV: Buffer overflow in Freshclam Freshclam is vulnerable to a buffer overflow that could lead to execution of arbitrary code. For more information, please see the GLSA Announcement phpWebSite: Local file inclusion Remote attackers can include local files which may lead to the execution of arbitrary code. For more information, please see the GLSA Announcement rsync: Potential integer overflow An attacker having write access to an rsync module might be able to execute arbitrary code on an rsync server. For more information, please see the GLSA Announcement Mozilla Firefox: Potential remote code execution The Mozilla Firefox 1.5 line is vulnerable to a buffer overflow in the JavaScript extension which may in theory lead to remote execution of arbitrary code. For more information, please see the GLSA Announcement Nagios is vulnerable to a buffer overflow which may lead to remote execution of arbitrary code. For more information, please see the GLSA Announcement The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 30 April 2006 and 07 May 2006, activity on the site has resulted in:
Of the 9947 currently open bugs: 60 are labeled 'blocker', 143 are labeled 'critical', and 529 are labeled 'major'. The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
Please send us your feedback and help make the GWN better. 9. GWN subscription information To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org. To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under. The Gentoo Weekly Newsletter is also available in the following languages:
|
|
