Gentoo Logo

Gentoo Weekly Newsletter: 23 April 2007

Content:

1.  Gentoo News

Thanks from the GWN staff

Over the past week, the GWN staff has had many users contact them, interested in writing articles for the GWN, and the GWN team would like to publicly express our gratitude and thanks to the new GWN contributors.

This does not mean, however, that the GWN team is not looking for more contributors, as the team is always looking for articles, ideas for 'Tip of the week', and so on. Plus, as the saying goes - "The more the merrier!". Feel free to email the GWN team at gwn-feedback@gentoo.org or visit us in our IRC channel (#gentoo-gwn on irc.freenode.net) for article suggestions and any other ideas.

2.  Developer of the Week

Markus Ullmann, aka Jokey


Figure 2.1: Markus Ullmann, aka Jokey

Fig. 1: Jokey

Markus Ullmann, also known as 'Teh Jokey (TM)' is a 25 year old developer and part of our 'German conspiracy'. Markus currently lives in Uetersen, together with his family. Markus is studying electrical engineering at the HAW Hamburg University. He took an apprenticeship as industrial electrician at Beiersdorf and quickly discovered that building such production machines would be fun. He decided to become an engineer and is currently on his 3rd semester. Markus gets a lot of practical courses involving numeric simulations with C, developing on FPGA boards, and getting into the deep secrets of diodes and transistors.

Of the variety of hobbies that Markus enjoys, which include working on Gentoo, swimming, playing D20 (Dungeons and Dragons), and playing keyboard, his favorite is swimming. Ironically, this self described computer nerd met the love of his life, Svenja (who also considers herself a computer nerd), via swimming.

So about that name, Jokey... Markus got the name Jokey from a LAN party after having played pranks on several fellow gamers. Someone recalled the children's cartoon 'The Smurfs' and the infamous character Jokey... the name still sticks to this day.

Markus is an active member of two German Linux User groups: LUG Flensburg e.V. and LUG Norderstedt e.V. He also likes to attend conventions and FOSS-events. You could have met him at FOSDEM (Belgium) or CeBit (Germany).

Markus got started with Linux back in the SuSE 5.1 days, but his real Linux life started with Xlinux 1.0 from a Golden Chip CD. He used that for several years until he switched to LinuxFromScratch, since he was already compiling most packages from scratch. After an OpenSSL update damaged his whole KDE setup, he began looking for an alternative and ultimately found something with an "automated" source build: Gentoo 1.2.

Around mid 2005, Jokey decided to help out with the heavily aging OpenLDAP package as he wanted to get into the tree. After having fixed some 20 bugs and sending various patches to Benjamin Smee, Benjamin mentored and lured Markus down the path of dev-hood. Jokey is currently the Gentoo overlays lead and sunrise lead. He also works in x86 and takes care of netmon, lcd and OpenLDAP. Quite a busy bee right?

Markus' first apps are KDE, KVIRC, Thunderbird, Firefox, and gajim. He's also a fan of Beryl as window manager to spice up his X-environment.

3.  Gentoo developer moves

Moves

The following developers recently left the Gentoo project:

  • none this week

Adds

The following developers recently joined the Gentoo project:

  • Aggelos Orfanakos (agorf) Ruby/GWN teams
  • Christina Fullam (musikc) Developer Relations/GWN teams
  • Alistair John Bush (ali_bush) Java team

Changes

The following developers recently changed roles within the Gentoo project:

  • none this week

4.  Gentoo security

xine-lib: Heap-based buffer overflow

xine-lib is vulnerable to a heap-based buffer overflow.

For more information, please see the GLSA Announcement

Inkscape: Two format string vulnerabilities

Two format string vulnerabilities have been discovered in Inkscape, allowing for user-assisted execution of arbitrary code.

For more information, please see the GLSA Announcement

Vixie Cron: Denial of Service

The Gentoo implementation of Vixie Cron is vulnerable to a local Denial of Service.

For more information, please see the GLSA Announcement

OpenOffice.org: Multiple vulnerabilities

Multiple vulnerabilities have been discovered in OpenOffice.org, allowing for remote execution of arbitrary code.

For more information, please see the GLSA Announcement

File: Denial of Service

A vulnerability has been discovered in file allowing for a denial of service.

For more information, please see the GLSA Announcement

FreeRADIUS: Denial of Service

A memory leak has been discovered in FreeRADIUS, possibly allowing for a Denial of Service.

For more information, please see the GLSA Announcement

MadWifi: Multiple vulnerabilities

Multiple vulnerabilities have been discovered in the MadWifi driver, possibly leading to a Denial of Service and information disclosure.

For more information, please see the GLSA Announcement

Aircrack-ng: Remote execution of arbitrary code

Aircrack-ng contains a buffer overflow that could lead to the remote execution of arbitrary code with root privileges.

For more information, please see the GLSA Announcement

3proxy: Buffer overflow

A vulnerability has been discovered in 3proxy allowing for the remote execution of arbitrary code.

For more information, please see the GLSA Announcement

Courier-IMAP: Remote execution of arbitrary code

A vulnerability has been discovered in Courier-IMAP allowing for remote code execution with root privileges.

For more information, please see the GLSA Announcement

5.  Gentoo package moves

This section lists packages that have either been moved or added to the tree and packages that have had their "last rites" announcement given to be removed in the future. The package removals come from many locations, including the Treecleaners and various developers. Most packages which are listed under the Last Rites section are in need of some love and care and can remain in the tree if proper maintainership is established.

Removals:

Package: Removal date: Contact:
media-gfx/plustek-parallel 16 Apr 2007 Patrick Kursawe
app-editors/elisp-manual 18 Apr 2007 Ulrich Müller
sci-electronics/modelsim 20 Apr 2007 Denis Dupeyron
games-strategy/mylink 20 Apr 2007 Michael Sterrett
games-puzzle/sdlvexed 20 Apr 2007 Michael Sterrett
games-action/d1x 20 Apr 2007 Michael Sterrett
app-crypt/aes-crypt 21 Apr 2007 Alon Bar-Lev

Additions:

Package: Addition date: Contact:
app-admin/eselect-emacs 16 Apr 2007 Christian Faulhammer
x11-misc/emacs-desktop 16 Apr 2007 Christian Faulhammer
net-misc/metacafe-dl 16 Apr 2007 Aggelos Orfanakos
sys-auth/pam_mktemp 17 Apr 2007 Sven Wegener
dev-php5/magickwand 17 Apr 2007 Anant Narayanan
dev-libs/stfl 18 Apr 2007 Andrej Kacian
dev-ruby/rubypants 18 Apr 2007 Aggelos Orfanakos
app-doc/elisp-manual 18 Apr 2007 Ulrich Müller
net-news/newsbeuter 18 Apr 2007 Andrej Kacian
media-libs/libdca 18 Apr 2007 Alexis Ballier
mail-filter/libdomainkeys 18 Apr 2007 Colin Morey
games-rpg/galaxymage 19 Apr 2007 Alfredo Tupone
dev-scheme/stklos 19 Apr 2007 Marijn Schouten
sci-astronomy/xfitsview 19 Apr 2007 Sebastien Fabbro
sys-apps/cciss_vol_status 19 Apr 2007 Tony Vroon
net-news/rsstail 19 Apr 2007 Wulf Krueger
dev-util/egypt 19 Apr 2007 Mike Frysinger
dev-ruby/htmlentities 20 Apr 2007 Aggelos Orfanakos
net-irc/znc 20 Apr 2007 Raúl Porcel
net-irc/sic 20 Apr 2007 Raúl Porcel
net-libs/telepathy-glib 20 Apr 2007 Piotr Jaroszyński
app-crypt/aesutil 20 Apr 2007 Alon Bar-Lev
sys-apps/pam_mount 21 Apr 2007 Hanno Boeck
games-arcade/xsfcave 21 Apr 2007 Alfredo Tupone
dev-java/jsap 21 Apr 2007 Miroslav Šulc
media-video/ttcut 21 Apr 2007 Matthias Schwarzott
dev-python/workingenv 21 Apr 2007 Rob Cakebread
media-sound/ttaenc 22 Apr 2007 Samuli Suominen

Last Rites:

Package: Removal date: Contact:
games-arcade/ddrmat 16 May 2007 Chris Gianelloni
net-dialup/slirp 17 May 2007 Alin Năstac
media-gfx/graphicsmagick 17 May 2007 Bryan Østergaard
mail-client/claws-mail-maildir 20 May 2007 Andrej Kacian
app-emulation/vmware-gsx-console 20 May 2007 Michael Sterrett
dev-java/systray4j 22 May 2007 Alistair Bush
net-misc/tlsproxyd 19 Jun 2007 Raúl Porcel

6.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 16 April 2007 and 22 April 2007, activity on the site has resulted in:

  • 524 new bugs during this period
  • 320 bugs closed or resolved during this period
  • 16 previously closed bugs were reopened this period
  • 99 closed as NEEDINFO/WONTFIX/CANTFIX/INVALID/UPSTREAM during this period
  • 53 bugs marked as duplicates during this period

Of the 10066 currently open bugs: 14 are labeled 'blocker', 105 are labeled 'critical', and 369 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period are:

New bug rankings

The developers and teams who have been assigned the most new bugs during this period are:

7.  GWN feedback

The GWN is staffed by volunteers and members of the community who submit ideas and articles. If you are interested in writing for the GWN, have feedback on an article that we have posted, or just have an idea or article that you would like to submit to the GWN, please send us your feedback and help make the GWN better.

8.  GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under.

9.  Other languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated April 23, 2007

Summary: This is the Gentoo Weekly Newsletter for the week of 23 April 2007.

Chris Gianelloni
Editor

Dimitry Bradt
Author

Chrissy Fullam
Author

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.