Gentoo Logo

Gentoo Weekly Newsletter: 9 April 2007

Content:

1.  Developer of the Week

Camille Huot, aka cam


Figure 1.1: Camille Huot, aka cam

Fig. 1: cam

26 year old Camille Huot is one of our French developers. He lives and works in Paris, France, but was born in La Ciotat, which is near Marseilles in southern France. Camille lives together with his brother, who has recently finished school and started working as a C++ developer.

Cam studied at the University of Montpellier, and graduated with a Bachelor in 'Telecommunications and Network'. Later on he completed his studies with a Masters degree. He was employed some time back as Linux Systems Administrator, but got promoted recently to Oracle DB Administration. He's currently in charge of ~150 servers at the Wanadoo hosting platform.

Camille learned Linux (Red Hat and Debian) at school. Later on, he switched to FreeBSD, which he kept for some years, but finally 'had' to come back to Linux due to a DSL driver. Gérald Fenoy convinced Camille to try Gentoo, and he liked it :-)

Within Gentoo, Camille leads the French translation team. They currently have a well-oiled team, and translate quite a few documents. He's also interested in joining the Gentoo/FreeBSD team. Camille was recruited in January '04 by Xavier Neys, who has recently turned over the torch of French Lead translator to Camille.

When Camille fires up his desktop, he uses: openbox, psi, opera, urxvt, claws-mail, mplayer, gvim and some Google apps.

2.  Tips and Tricks

Removing Specific Dependencies

Have you ever installed something with a lot of dependencies? Have you ever wanted to remove that package along with all of its dependencies? Instinct may tell us that we can run emerge --depclean, however there is a different, perhaps better way.

Lets say that we want to compare OpenOffice.org and koffice. Our plan is to install both, try them out, and remove one of them. First, do:

Code Listing 2.1: Creating .deps files

# emerge openoffice -p | sed -ne \
'/^\[ebuild[^]]*N[^]]*\]/{s/^\[ebuild[^]]\+\] \([^[:space:]]\+\).*$/=\1/;p}' \
> openoffice.deps
# emerge koffice-meta -p | sed -ne \
'/^\[ebuild[^]]*N[^]]*\]/{s/^\[ebuild[^]]\+\] \([^[:space:]]\+\).*$/=\1/;p}' \
> koffice.deps

This will ensure that we do not record any packages that are being updated. Proceed to install and try the programs. Once you chose which one you want to keep, simply do the following:

Code Listing 2.2: Removing unused package/dependencies

# emerge -aC $(<openoffice.deps)

This week's Tips and Tricks was inspired by the following posting on the forums:

3.  Gentoo developer moves

Moves

The following developers recently left the Gentoo project:

  • Alec Warner (antarus)
  • Simon Stelling (blubb)

Adds

The following developers recently joined the Gentoo project:

  • none this week

Changes

The following developers recently changed roles within the Gentoo project:

  • none this week

4.  Gentoo security

Asterisk: Two SIP Denial of Service vulnerabilities

Asterisk is vulnerable to two Denial of Service issues in the SIP channel.

For more information, please see the GLSA Announcement

MIT Kerberos 5: Arbitrary remote code execution

Multiple vulnerabilities in MIT Kerberos 5 could potentially result in unauthenticated remote root code execution.

For more information, please see the GLSA Announcement

OpenAFS: Privilege escalation

OpenAFS is subject to a design flaw that could allow privilege escalation on the client.

For more information, please see the GLSA Announcement

OpenPBS: Multiple vulnerabilities

OpenPBS contains unspecified vulnerabilities which may allow for the remote execution of arbitrary code or a Denial of Service.

For more information, please see the GLSA Announcement

zziplib: Buffer Overflow

The zziplib library contains a buffer overflow vulnerability that could lead to user-assisted remote execution of arbitrary code.

For more information, please see the GLSA Announcement

Evince: Stack overflow in included gv code

Evince improperly handles user-supplied data possibly allowing for the execution of arbitrary code.

For more information, please see the GLSA Announcement

libwpd: Multiple vulnerabilities

libwpd is vulnerable to several heap overflows and an integer overflow.

For more information, please see the GLSA Announcement

5.  Gentoo package moves

This section lists packages that have either been moved or added to the tree and packages that have had their "last rites" announcement given to be removed in the future. The package removals come from many locations, including the Treecleaners and various developers. Most packages which are listed under the Last Rites section are in need of some love and care and can remain in the tree if proper maintainership is established.

Removals:

Package: Removal date: Contact:
games-board/pysol-cardsets 02 Apr 2007 Alfredo Tupone
net-news/hellanzb 05 Apr 2007 Alexis Ballier
x11-misc/klineakconfig 06 Apr 2007 Stefan Schweizer
net-print/foomatic 07 Apr 2007 Stefan Schweizer
dev-util/ecletex 07 Apr 2007 Petteri Räty
dev-util/eclipse-cdt 07 Apr 2007 Petteri Räty

Additions:

Package: Addition date: Contact:
games-sports/toycars 02 Apr 2007 Alfredo Tupone
dev-util/duma 03 Apr 2007 Steve Arnold
perl-core/Math-BigRat 03 Apr 2007 Michael Cummings
perl-core/bignum 03 Apr 2007 Michael Cummings
net-misc/italc 03 Apr 2007 Markus Ullmann
net-nntp/hellanzb 05 Apr 2007 Alexis Ballier
media-video/mplayerthumbs 06 Apr 2007 Stefan Schweizer
net-wireless/aircrack-ptw 06 Apr 2007 Lars Weiler
net-misc/x-lite 07 Apr 2007 Markus Ullmann
kde-misc/metamonitor 07 Apr 2007 Markus Ullmann
sys-auth/pam_abl 07 Apr 2007 Markus Ullmann
sys-auth/pam_sha512 07 Apr 2007 Markus Ullmann
net-analyzer/zniper 07 Apr 2007 Markus Ullmann
dev-libs/liblazy 08 Apr 2007 Stefan Schweizer
dev-python/pkipplib 08 Apr 2007 Bryan Østergaard

Last Rites:

Package: Removal date: Contact:
dev-java/aterm-java 06 May 2007 Petteri Räty
dev-db/c-jdbc 08 May 2007 Petteri Räty

6.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 01 April 2007 and 08 April 2007, activity on the site has resulted in:

  • 513 new bugs during this period
  • 441 bugs closed or resolved during this period
  • 23 previously closed bugs were reopened this period
  • 161 closed as NEEDINFO/WONTFIX/CANTFIX/INVALID/UPSTREAM during this period
  • 87 bugs marked as duplicates during this period

Of the 10000 currently open bugs: 14 are labeled 'blocker', 97 are labeled 'critical', and 353 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period are:

New bug rankings

The developers and teams who have been assigned the most new bugs during this period are:

7.  GWN feedback

The GWN is staffed by volunteers and members of the community who submit ideas and articles. If you are interested in writing for the GWN, have feedback on an article that we have posted, or just have an idea or article that you would like to submit to the GWN, please send us your feedback and help make the GWN better.

8.  GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under.

9.  Other languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Updated April 9, 2007

Summary: This is the Gentoo Weekly Newsletter for the week of 9 April 2007.

Chris Gianelloni
Editor

Dimitry Bradt
Author

Andrey Falko
Author

Donate to support our development efforts.

Support OSL
Gentoo Centric Hosting: vr.org
Tek Alchemy
SevenL.net
Global Netoptex Inc.
Bytemark
Online Kredit Index
Copyright 2001-2009 Gentoo Foundation, Inc. Questions, Comments? Contact us.