Gentoo Logo

Gentoo Weekly Newsletter: 14 May 2007

Content:

1.  Gentoo developer moves

Moves

The following developers recently left the Gentoo project:

  • Hubert Mercier (anigel)

Adds

The following developers recently joined the Gentoo project:

  • none this week

Changes

The following developers recently changed roles within the Gentoo project:

  • none this week

2.  Gentoo security

Lighttpd: Two Denials of Service

Two vulnerabilities have been discovered in Lighttpd, each allowing for a Denial of Service.

For more information, please see the GLSA Announcement

GIMP: Buffer overflow

GIMP is vulnerable to a buffer overflow which may lead to the execution of arbitrary code.

For more information, please see the GLSA Announcement

IPsec-Tools: Denial of Service

IPsec-Tools contains a vulnerability that allows a remote attacker to crash the IPsec tunnel.

For more information, please see the GLSA Announcement

LibXfont, TightVNC: Multiple vulnerabilities

Multiple vulnerabilities have been reported in libXfont and TightVNC, allowing for the execution of arbitrary code with root privileges.

For more information, please see the GLSA Announcement

MySQL: Two Denial of Service vulnerabilities

Two Denial of Service vulnerabilities have been discovered in MySQL.

For more information, please see the GLSA Announcement

PostgreSQL: Privilege escalation

PostgreSQL contains a vulnerability that could result in SQL privilege escalation.

For more information, please see the GLSA Announcement

ImageMagick: Multiple buffer overflows

Multiple integer overflows have been discovered in ImageMagick allowing for the execution of arbitrary code.

For more information, please see the GLSA Announcement

XScreenSaver: Privilege escalation

XScreenSaver allows local users to bypass authentication under certain configurations.

For more information, please see the GLSA Announcement

3.  Gentoo package moves

This section lists packages that have either been moved or added to the tree and packages that have had their "last rites" announcement given to be removed in the future. The package removals come from many locations, including the Treecleaners and various developers. Most packages which are listed under the Last Rites section are in need of some love and care and can remain in the tree if proper maintainership is established.

Removals:

Package: Removal date: Contact:
net-misc/libupnp 07 May 2007 Bjarke Istrup Pedersen
www-misc/nscache 07 May 2007 Raúl Porcel
www-misc/nsopenssl 07 May 2007 Raúl Porcel
www-misc/nssha1 07 May 2007 Raúl Porcel
www-misc/nsxml 07 May 2007 Raúl Porcel
www-servers/aolserver 07 May 2007 Raúl Porcel
app-emulation/tiger 07 May 2007 Raúl Porcel
sys-apps/evkeyd 07 May 2007 Raúl Porcel
media-libs/libuta 07 May 2007 Raúl Porcel
net-misc/cipe 07 May 2007 Raúl Porcel
app-text/biblestudy 07 May 2007 Raúl Porcel
net-wireless/orinoco 10 May 2007 Stefan Schweizer
xfce-base/libxfce4menu 11 May 2007 Samuli Suominen
net-misc/aria 11 May 2007 Raúl Porcel
mail-client/mahogany 11 May 2007 Bryan Østergaard
media-sound/DBMix 11 May 2007 Steve Dibb
sys-cluster/openpbs 12 May 2007 Donnie Berkholz
dev-java/jdbc3-postgresql 12 May 2007 Petteri Räty

Additions:

Package: Addition date: Contact:
net-im/openfire 07 May 2007 Gustavo Felisberto
dev-java/xmlgraphics-commons 07 May 2007 Vlastimil Babka
dev-java/xsd2jibx 07 May 2007 Vlastimil Babka
dev-java/simplyhtml 07 May 2007 Vlastimil Babka
x11-plugins/pidgin-otr 07 May 2007 Timothy Redaelli
app-admin/apache-tools 07 May 2007 Christian Heim
net-libs/libupnp 07 May 2007 Bjarke Istrup Pedersen
app-vim/securemodelines 07 May 2007 Mike Kelly
app-doc/repodoc 07 May 2007 Jose Luis Rivero
app-vim/vcscommand 08 May 2007 Mike Kelly
dev-libs/gnulib 08 May 2007 Timothy Redaelli
dev-java/jlayer 08 May 2007 Petteri Räty
games-puzzle/xphotohunter 08 May 2007 Alfredo Tupone
dev-perl/Gearman 09 May 2007 Robin H. Johnson
dev-perl/Gearman-Server 09 May 2007 Robin H. Johnson
dev-perl/Gearman-Client-Async 09 May 2007 Robin H. Johnson
dev-perl/Perlbal-XS-HTTPHeaders 09 May 2007 Robin H. Johnson
dev-util/tig 09 May 2007 Greg KH
media-sound/jtagger 09 May 2007 Petteri Räty
x11-plugins/pidgin-encryption 09 May 2007 Olivier Crete
app-vim/vimball 09 May 2007 Mike Kelly
dev-perl/IO-AIO 09 May 2007 Robin H. Johnson
net-wireless/orinoco-sn 10 May 2007 Stefan Schweizer
net-wireless/orinoco-usb 10 May 2007 Stefan Schweizer
games-board/openyahtzee 11 May 2007 Alfredo Tupone
net-wireless/bluez-gnome 11 May 2007 Petteri Räty
dev-util/giggle 11 May 2007 Saleem Abdulrasool
media-libs/amrnb 12 May 2007 Steve Dibb
media-libs/amrwb 12 May 2007 Steve Dibb
app-portage/himerge 13 May 2007 Luis Francisco Araujo
games-board/ascal 13 May 2007 Alfredo Tupone
sys-power/powertop 13 May 2007 Stefan Schweizer

Last Rites:

Package: Removal date: Contact:
dev-java/jswat 9 June 2007 Petteri Räty
app-vim/sudo 9 June 2007 Mike Kelly
net-www/mod_bandwidth 14 June 2007 Luca Longinotti
net-www/mod_gzip 14 June 2007 Luca Longinotti
net-www/mod_mp3 14 June 2007 Luca Longinotti
net-www/mod_ssl 14 June 2007 Luca Longinotti
net-www/mod_throttle 14 June 2007 Luca Longinotti
www-apache/mod_backhand 14 June 2007 Luca Longinotti
www-apache/mod_lisp 14 June 2007 Luca Longinotti
www-misc/libapreq 14 June 2007 Luca Longinotti

4.  Bugzilla

Summary

Statistics

The Gentoo community uses Bugzilla (bugs.gentoo.org) to record and track bugs, notifications, suggestions and other interactions with the development team. Between 06 May 2007 and 13 May 2007, activity on the site has resulted in:

  • 670 new bugs during this period
  • 437 bugs closed or resolved during this period
  • 27 previously closed bugs were reopened this period
  • 167 closed as NEEDINFO/WONTFIX/CANTFIX/INVALID/UPSTREAM during this period
  • 100 bugs marked as duplicates during this period

Of the 10023 currently open bugs: 12 are labeled 'blocker', 112 are labeled 'critical', and 354 are labeled 'major'.

Closed bug rankings

The developers and teams who have closed the most bugs during this period are:

New bug rankings

The developers and teams who have been assigned the most new bugs during this period are:

5.  GWN feedback

The GWN is staffed by volunteers and members of the community who submit ideas and articles. If you are interested in writing for the GWN, have feedback on an article that we have posted, or just have an idea or article that you would like to submit to the GWN, please send us your feedback and help make the GWN better.

6.  GWN subscription information

To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+subscribe@gentoo.org.

To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are subscribed under.

7.  Other languages

The Gentoo Weekly Newsletter is also available in the following languages:



Print

Page updated May 14, 2007

Summary: This is the Gentoo Weekly Newsletter for the week of 14 May 2007.

Chris Gianelloni
Editor

Peter Weller
Author

Donate to support our development efforts.

Copyright 2001-2014 Gentoo Foundation, Inc. Questions, Comments? Contact us.