In a follow-up to last week's announcement that the EFIKA evaluation boards from Genesi had made their way into developer hands, the Gentoo/PPC team, in cooperation with Release Engineering, has made available an overlay for the EFIKA boards. Currently, the overlay has only sys-kernel/efika-sources, which is based on gentoo-sources, plus the EFIKA-specific patches to 2.6.19 that are required. Any future EFIKA-specific packages will start life out in the overlay before eventually making their way into the main tree. The overlay is currently supported by the Release Engineering team.
There is also a #gentoo-efika channel on Freenode for discussions about the EFIKA hardware and software, as well as general discussion of the platform.
Quickstart 0.3 Released
Andrew Gaffney wrote to inform people that version 0.3 of Quickstart has been released. Quickstart is a provisioning tool, designed to use a simple configuration file to provision new Gentoo machines from bare metal. There have been numerous changes and bug fixes since 0.2, some of which are below.
With this release, x86/amd64/hppa are officially supported. Support for sparc is experimental and expected to be fully supported with the next release. You can find Quickstart at http://agaffney.org/quickstart/releases.
The following developers recently left the Gentoo project:
The following developers recently joined the Gentoo project:
The following developers recently changed roles within the Gentoo project:
Tar: Directory traversal vulnerability
Tar is vulnerable to directory traversal possibly allowing for the overwriting of arbitrary files.
For more information, please see the GLSA Announcement
AMD64 x86 emulation base libraries: OpenSSL multiple vulnerabilities
OpenSSL contains multiple vulnerabilities including the possible execution of remote arbitrary code.
For more information, please see the GLSA Announcement
F-PROT Antivirus: Multiple vulnerabilities
F-Prot Antivirus contains a buffer overflow and other unspecified vulnerabilities, possibly allowing the remote execution of arbitrary code.
For more information, please see the GLSA Announcement
libgsf improperly allocates memory allowing for a heap overflow and possibly the execution of arbitrary code.
For more information, please see the GLSA Announcement
Trac: Cross-site request forgery
Trac allows remote attackers to execute unauthorized actions as other users.
For more information, please see the GLSA Announcement
McAfee VirusScan: Insecure DT_RPATH
McAfee VirusScan for Linux is distributed with an insecure DT_RPATH, potentially allowing a remote attacker to execute arbitrary code.
For more information, please see the GLSA Announcement
Links: Arbitrary Samba command execution
Links does not properly validate "smb://" URLs, making it vulnerable to the execution of arbitrary Samba commands.
For more information, please see the GLSA Announcement
GNU Radius: Format string vulnerability
A format string vulnerability has been found in GNU Radius, which could lead to the remote execution of arbitrary code.
For more information, please see the GLSA Announcement
This section lists packages that have either been moved or added to the tree and packages that have had their "last rites" announcement given to be removed in the future. The package removals come from many locations, including the Treecleaners and various developers. Most packages which are listed under the Last Rites section are in need of some love and care and can remain in the tree if proper maintainership is established.
| Package: | Addition date: | Contact: |
| sci-biology/amap | 11 Dec 06 | Donnie Berkholz |
| virtual/init | 12 Dec 06 | Roy Marples |
| games-fps/ut2004-unwheel | 12 Dec 06 | Chris Gianelloni |
| dev-libs/libisofs | 13 Dec 06 | Steve Dibb |
| games-fps/ut2004-damnation | 13 Dec 06 | Chris Gianelloni |
| games-fps/ut2004-muralis | 13 Dec 06 | Chris Gianelloni |
| net-print/splix | 14 Dec 06 | Wolfram Schlich |
| x11-libs/goocanvas | 14 Dec 06 | Michael Hanselmann |
| dev-python/pygoocanvas | 14 Dec 06 | Michael Hanselmann |
| games-fps/ut2004-troopers | 15 Dec 06 | Chris Gianelloni |
| app-cdr/poweriso | 16 Dec 06 | Jurek Bartuszek |
| app-crypt/asedriveiiie-usb | 16 Dec 06 | Alon Bar-Lev |
| app-crypt/asedriveiiie-serial | 16 Dec 06 | Alon Bar-Lev |
| app-crypt/asekey | 16 Dec 06 | Alon Bar-Lev |
| x11-libs/xcb-util | 16 Dec 06 | Joshua Baergen |
| dev-ruby/ruby-pcap | 17 Dec 06 | Nguyen Thai Ngoc Duy |
| dev-python/glewpy | 17 Dec 06 | Joshua Baergen |
| dev-cpp/libgtksourceviewmm | 17 Dec 06 | Rémi Cardona |
| media-plugins/gst-plugins-pulse | 17 Dec 06 | Jim Ramsay |
| dev-util/nemiver | 17 Dec 06 | Rémi Cardona |
| Package: | Removal date: | Contact: |
| games-fps/ut2004-domain2049 | 12 Dec 06 | Chris Gianelloni |
| dev-db/dbbalancer | 17 Dec 06 | Tiziano Müller |
| Package: | Removal date: | Contact: |
| net-misc/cidr | 25 Dec 06 | Elfyn McBratney |
| dev-util/mergetrees | 25 Dec 06 | Elfyn McBratney |
| sys-fs/submount | 02 Jan 07 | Daniel Drake |
| games-fps/doomlegacy | 13 Jan 07 | Michael Sterrett |
| kde-misc/styleclock | 13 Jan 07 | Charlie Shepherd |
| media-sound/xmp | 14 Jan 07 | Michael Sterrett |
| app-emulation/i8086emu | 14 Jan 07 | Michael Sterrett |
| net-p2p/xmule | 15 Jan 07 | Christian Faulhammer |
| net-misc/ltsp | 15 Jan 07 | Christian Faulhammer |
| app-misc/nomad-tool | 15 Jan 07 | George Shapovalov |
The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 10 December 2006 and 17 December 2006, activity on the site has resulted in:
Of the 10688 currently open bugs: 25 are labeled 'blocker', 96 are labeled 'critical', and 430 are labeled 'major'.
The developers and teams who have closed the most bugs during this period are:
The developers and teams who have been assigned the most new bugs during this period are:
The GWN is staffed by volunteers and members of the community who submit ideas and articles. If you are interested in writing for the GWN, have feedback on an article that we have posted, or just have an idea or article that you would like to submit to the GWN, please send us your feedback and help make the GWN better.
8. GWN subscription information
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under.
The Gentoo Weekly Newsletter is also available in the following languages: