Gentoo Logo

Gentoo Weekly Newsletter: 7 August 2006

Content:

1.  Gentoo news

Adopt a Developer project

The Gentoo User Relations project has begun a new sub-project, intended to assist developers in improving Gentoo. Traditionally, it was not clear how one could go about donating a piece of hardware, a technical book, a shell account, or anything else to a specific Gentoo developer. Also, there was no central place for developers to post their requests. The new Adopt a Developer project hopes to change that. The project aims to connect developers who need resources with people and companies from the community who want to donate resources. The concept, along with a list of developer requests and community member offers, is on the project page. Since this is a completely new endeavor and still likely has bugs, the project is still in beta. For now, the project only deals with small items, typically costing less than 100 USD.

Gentoo/PowerPC CELL effort

Gentoo is the first community Linux distribution to actively work on supporting the new CELL processor IBM has launched with Sony and Toshiba. This processor is used in the PlayStation 3, and in a number of other products. The CELL processor has a general purpose PowerPC core which runs at 3.2 GHz. It also has eight special purpose cores, which are basically cache-less processors that are great for processing streams and parallel work. The CELL is also called a 'broadband engine' and has a peak bandwidth of 204.8 GB/sec for intra-chip transfers (between cores, memory and I/O controllers). More information about the CELL can be found at IBM DeveloperWorks.

Luca Barbato has made available a Gentoo ebuild for a CELL simulator. This IBM CELL SDK simulates a dual CELL machine (18 cores) on a PowerPC machine. He has also made a CELL optimized Gentoo (crossdev) toolchain and Gentoo system image for the CELL. You can find more information in Luca's overlay.

Gentoo would be the first community distribution to support this new PowerPC processor. Gentoo/PowerPC is a bleeding edge PowerPC Linux distribution with a bright future. Continued efforts such as these will ensure that Gentoo is ready for tomorrow's processors, as well as improve its reputation as a world-class distribution.

PDA team recruiting

Gentoo's team for managing the app-pda packages is looking for assistance in maintaining their packages. Anyone can help out, and the team is hoping to bring on some new developers to cover these packages. If you are interested in helping out, contact Chris White.

KDE/Ruby recruiting

Both the Gentoo KDE project and the Gentoo Ruby maintainers are looking for more help in testing and maintaining their packages. Contact Caleb Tennis if you are interested in becoming a Gentoo developer and working on either of these teams.

2.  Heard in the community

forums

What needs to be improved in Gentoo?

Several forums users have made some suggestions on how Gentoo could be improved. The discussion continues, and some interesting ideas are being given. Hopefully, some enhancement bug reports will come from this thread, but some parts of the thread show that Gentoo needs to work harder on getting information about our features out, as many users are suggesting features which have existed for some time.

planet.gentoo.org

Everyday life of an architecture tester

Thomas Cort mentions an article by x86 Arch Tester Christian Faulhammer, covering the daily work of Arch Testers in his blog. Christian explains in his article what tasks Arch Testers usually are doing, what kind of knowledge you will need to help out, and how you can start getting involved with Gentoo.

More cowbell: Planet Larry

As we have seen in the past few weeks, "Larry the Cow" is not dead. And now Larry is even more undead. Steve Dibb started larrythecow.org, aka "Planet Larry," which aggregates blogs of Gentoo users - including former Developers like Jochen Maes and Mark Loeser - and also Gentoo's former Chief Architect Daniel Robbins.

3.  Gentoo developer moves

Moves

The following developers recently left the Gentoo project:

  • Nick Dimiduk (ndimiduk)

Adds

The following developers recently joined the Gentoo project:

  • Anrdrew Ross (aross) Xen
  • Elfyn McBratney (beu) Perl/TreeCleaners
  • Mart Raudsepp (leio) wx* packages

Changes

The following developers recently changed roles within the Gentoo project:

  • none this week

4.  Gentoo security

Apache: Off-by-one flaw in mod_rewrite

A flaw in mod_rewrite could result in a Denial of Service or the execution of arbitrary code.

For more information, please see the GLSA Announcement

Mozilla SeaMonkey: Multiple vulnerabilities

The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla SeaMonkey.

For more information, please see the GLSA Announcement

Mozilla Firefox: Multiple vulnerabilities

The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla Firefox.

For more information, please see the GLSA Announcement

Mozilla Thunderbird: Multiple vulnerabilities

The Mozilla Foundation has reported numerous security vulnerabilities related to Mozilla Thunderbird.

For more information, please see the GLSA Announcement

LibVNCServer: Authentication bypass

VNC servers created with LibVNCServer accept insecure protocol types, even when the server does not offer it, resulting in unauthorized access to the server.

For more information, please see the GLSA Announcement

Courier MTA: Denial of Service vulnerability

Courier MTA has fixed a DoS issue related to usernames containing a "=" character.

For more information, please see the GLSA Announcement

libTIFF: Multiple vulnerabilities

libTIFF contains several vulnerabilities that could result in arbitrary code execution.

For more information, please see the GLSA Announcement

GnuPG: Integer overflow vulnerability

GnuPG is vulnerable to an integer overflow that could lead to the execution of arbitrary code.

For more information, please see the GLSA Announcement

MySQL: Denial of Service

An authenticated user can crash MySQL through invalid parameters to the date_format function.

For more information, please see the GLSA Announcement

pike: SQL injection vulnerability

A flaw in the input handling could lead to the execution of arbitrary SQL statements in the underlying PostgreSQL database.

For more information, please see the GLSA Announcement

Webmin, Usermin: File Disclosure

Webmin and Usermin are vulnerable to an arbitrary file disclosure through a specially crafted URL.

For more information, please see the GLSA Announcement

5.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 30 July 2006 and 06 August 2006, activity on the site has resulted in:

  • 798 new bugs during this period
  • 382 bugs closed or resolved during this period
  • 41 previously closed bugs were reopened this period

Of the 10791 currently open bugs: 51 are labeled 'blocker', 134 are labeled 'critical', and 530 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period are:

New bug rankings

The developers and teams who have been assigned the most new bugs during this period are:

6.  GWN feedback

Please send us your feedback and help make the GWN better.

7.  GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under.

8.  Other languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated August 7, 2006

Summary: This is the Gentoo Weekly Newsletter for the week of 7 August 2006.

Ulrich Plate
Editor

Chris Gianelloni
Author

Tobias Scherbaum
Author

Thomas Cort
Author

Pieter Van den Abeele
Author

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.