There have been some recent problems with dev-libs/openssl version 0.9.8c-r2. Users on x86 may need to remerge openssh and all other ssl-enabled applications after upgrading from previous 0.9.8 versions. If you are having problems with ssh segfaults, you are affected and will need to remerge the affected packages.
While it normally is not necessary to mention patch-level revisions of packages, this one deserves a bit of attention. Version 2.1.1 of portage has been marked stable on most architectures. This version of portage has a new --depclean implementation. The new --depclean is more cautious about removing packages. If it is unsure about a package, it leaves it alone. It will also point out missing dependencies of packages in world. This should reduce the number of pitfalls of using --depclean on an updated system significantly. This release also brings some new functionality to --newuse, which is now sensitive to changes in IUSE. Immediately after upgrade from 2.1, users may notice a significantly larger number of packages being pulled in by --newuse, but that behavior is normal. For additional information regarding this change, please see bugs #116995, #144333, #144661, and #146060.
Mike Frysinger has modified the autotools wrappers ebuilds to no longer include all versions of their respective autotool. Users should be on the lookout with packages with possible broken dependencies due to this change. Packages should be depending on the autotools versions they require rather than the wrapper. If you run across any errors due to a missing autotools version, please file a bug report.
Let's have a Larry bootup Logo!
Forums user Tom Lloyd (Napalm Llama) has written a kernel patch to change the default Tux boot logo to Larry the Cow. Tom asks if the Gentoo patch set should include his patch to give our gender-confused mascot a proper place on people's boot screen and was met with an overall positive response.
Trying to ask before... new Amarok support
Diego Pettenò, maintainer of Amarok's ebuild, waiting for the upcoming release that will add optional Rio Karma devices support, is looking for users interested in having support for these players in Gentoo. If you own a Rio Karma player and want it supported by Amarok, or you'd simply like at least basic Rio Karma support in Gentoo, please read the blog post.
Purging Gnome from the system
Etaoin Shrdlu asked for help removing Gnome from his system; Bo Ørsted Andresen suggsted that he "just edit /var/lib/portage/world manually and remove the gnome etc. apps that you are no longer interested in and let emerge --depclean -va do it's [sic] job."
Flashing the BIOS
Grant asked for ideas in BIOS flashing. Users suggested everything from the standard floppy solution to converting the swap partition to DOS and flashing from there. Grant ended up using the Motherboard Flash Boot CD from the Linux Mini HOWTO.
What is up with the new "domainname" situation?
Users continue to have trouble adapting their domainname configurations to the new baselayout. A reminder: Set up your domainname in /etc/conf.d/net; see /etc/conf.d/net.example for more information.
Changing default portage colors
When using a white background for a terminal emulator and portage displays some text in yellow (e.g. new useflags with the "%") it can be very hard to read. To change the yellow color of emerge output to something more readable (consistently and system-wide) one can just create the file /etc/portage/color.map with the following information:
Code Listing 3.1: /etc/portage/color.map |
yellow=0xAA00AA WARN=0xAA00AA MERGE_LIST_PROGRESS=0xAA00AA |
Example of colours visible on both black and white backgrounds are: purple: 0xAA00AA darkyellow: 0xAA5500 (looks brown/orange)
More information can be found on the following threads on the forums.
The following developers recently left the Gentoo project:
The following developers recently joined the Gentoo project:
The following developers recently changed roles within the Gentoo project:
AdPlug: Multiple vulnerabilities
Multiple heap and buffer overflows exist in AdPlug.
For more information, please see the GLSA Announcement
LibXfont, monolithic X.org: Multiple integer overflows
Some buffer overflows were discovered in the CID font parser, potentially resulting in the execution of arbitrary code with elevated privileges.
For more information, please see the GLSA Announcement
xine-lib is vulnerable to multiple buffer overflows that could be exploited to execute arbitrary code.
For more information, please see the GLSA Announcement
FFmpeg is vulnerable to multiple buffer overflows that might be exploited to execute arbitrary code.
For more information, please see the GLSA Announcement
DokuWiki: Arbitrary command execution
Vulnerabilities in some accessory scripts of DokuWiki allow remote code execution.
For more information, please see the GLSA Announcement
ISC BIND contains two vulnerabilities allowing a Denial of Service under certain conditions.
For more information, please see the GLSA Announcement
The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 10 September 2006 and 17 September 2006, activity on the site has resulted in:
Of the 11130 currently open bugs: 37 are labeled 'blocker', 126 are labeled 'critical', and 530 are labeled 'major'.
The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
Please send us your feedback and help make the GWN better.
8. GWN subscription information
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under.
The Gentoo Weekly Newsletter is also available in the following languages: