Debian Weekly News - April 6th, 2004
Debian Weekly News
Debian Weekly News - April 6th, 2004
Welcome to this year's 14th issue of DWN, the weekly newsletter for
the Debian community. Manoj Srivastava sent out the final call for
votes on the project leader election and revealed that 351 of the
908 developers have already voted. Andreas Schuldei is still
looking for ideas for talks for the upcoming Debian
Support for Hotplug in Debian. Joey Hess noticed that support for
hotplugged devices is an area where Debian could lead and excel in
integration, but the libgphoto2-2 package states that the provided
scripts are not meant to be used by default. He complained that there
seems to be little desire to work on these scripts and instead wait
for other distributions to do fairly useful things by default when USB
devices are plugged in.
Snapshot Archive is now searchable for Packages. Fumitoshi Ukai
announced that he has implemented a new function on
snapshot.debian.net to search for packages. This is sure to help
many people in searching for old versions of a particular package from
the huge archive. He has also created a shortcut URL of the form
http://snapshot.debian.net/package/<packagename>. Domenico Andreoli
and Branden Robinson thanked him for this great job as well as Martin
Schulze who suggested he implement such this feature.
Debian Host Naming Scheme. After Lars Wirzenius wondered if no-one
else cares about choosing names for computers with care, comments and
revelations by Wouter Verhelst, Joshua Kwan, Scott James
Remnant, Tollef Fog Heen and Jesus Climent, a Debian admin
explained the naming scheme used for debian.org hosts. Most of
them are named after ancient baroque or classical composers, with a
number of exceptions.
RPM orphaned and not free anymore? Joey Hess orphaned rpm
since the newest version depends on the non-free elfutils library.
This makes it impossible for Joey to update the package. Not being
able to include rpm in Debian could have far reaching consequences -
from problems with the LSB to increased difficulty to run other
distributions software on Debian and vice-versa.
Debian Security Advisories CVE-compatible. The Debian project
announced that Debian Security Advisories have been declared
CVE-compatible at the RSA Conference 2004, in San Francisco,
February 24th, 2004. The project also believes that it is extremely
important to provide users with additional information related to
security issues that affect the Debian distribution.
Custom Debian Distributions. Andreas Tille announced a paper
he wrote about custom Debian distributions, the techniques used
and the goals behind them. This is an implicit call for participation
for all those people inside and outside the Debian project. Custom
Debian distributions try to provide a solution for special groups of
target users with different skills and interests.
Getting newer Kernels in stable. Andrew Pollock wanted to know if
it would be possible to get newer kernel packages in stable Debian
releases, since he is concerned about Debian installation issues. The
stable release manager explained that new versions are not
possible since too much can break. Instead he encouraged people to
maintain additional repositories with updated kernel packages.
April Fools Pranks. The community released a couple of April fools
pranks, of which we're listing some. Pascal Hakim sent in a
document covering improvements for Debian releases. Pablo
Lorenzzoni became illuminated and wanted to switch to a
proprietary operating system. The Internet Society determined the
requirements for the Omniscience Protocol (RFC 3751). Symlink
reported (German only) about a guy who wanted to file a
class-action law against the Free Software Foundation. Finally, the
defacement of their own website by the grsecurity devlopers was a
bit awkward and scared quite some people.
Additional Links to Translations. Nobuhiro Imai wondered if he was
permitted to add additional links to translations of Debian web pages.
In these cases the original page links to an external resource and its
Japanese translation is located somewhere else. Gerfried Fuchs
explained that this would be appreciated and helpful, and he
already have added such links to German translations. He also noted
that one should not have to change anything if the other website has
enabled content negotiation as well.
Proposed l10n Framework. Jure Cuhalev proposed a new scheme for
Debian localisation work (l10n), where all translation teams would use
an Alioth project that would serve as a common gateway. The advantage
of such a system is that it is less work for maintainers and
translators to update their translations, as it is now for the
debian-installer already. However, Denis Barbier explained
that this should be handled with care, since packages have to be
synchronised and the maintainer could have used different
Bugtracking System moved. The bug tracking system was moved from
master to spohr but master kept a regularly updated copy. This has
been moved to merkel, due to disk space issues on master. Colin Watson
asked other developers to move their related scripts to merkel.
The mirror is updated every fifteen minutes.
Zope Maintenance in Debian. There has been a discussion about
removing Zope from testing. Jonas Meurer instead encouraged other
developers to start forming a maintenance group since it may require
more maintainer activity than most other packages. David Coe added
that the current maintainers were always willing to accept good
patches and non-maintainer uploads.
Indirect Donation from Redmond. A particular advertisement in the
current issue of the German Linux Magazin magazine, created and
paid by a Redmond-based company, did not only cause a discussion
(German only) on whether a GNU/Linux oriented magazine should accept
such an advertisement but also a large donation to the Debian
Probing for Operating Systems. Joey Hess reported that he was
working together with Joshua Kwan to work on probing for other
operating systems. This will be used by the debian-installer to
create the boot configuration which should be able to boot other
operating systems as well.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* Linux 2.4.17 (hppa) -- Local root exploits.
* interchange -- Information leak.
* fte -- Buffer overflows.
* oftpd -- Denial of service.
* squid -- ACL bypass.
* Linux 2.4.18 (hppa) -- Local root exploits.
* heimdal -- Cross-realm vulnerability.
* xine-ui -- Insecure temporary file creation.
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive recently or contain important updates.
* bjam -- Software build tool.
* bnfc -- Compiler front-end generator based on Labelled BNF.
* brutefir -- Software convolution engine.
* cecilia -- Graphic user interface for CSound.
* charmap -- Character map for GNUstep.
* cups-pdf -- PDF Writer backend for CUPS.
* cvs2svn -- Convert a CVS repository to a subversion
* debian-installer-manual -- Debian installation manual.
* horgand -- JACK capable organ synthesizer.
* imapproxy -- IMAP protocol proxy.
* kazehakase -- Gecko based web browser using GTK.
* kurush -- Easy to use personal finance manager.
* mpeg3-utils -- MPEG streams decoding library.
* pal -- Command-line calendar program that can keep track of
* po4a -- Tools for helping translation of documentation.
* poe -- Vorbis comment editor.
* postgresql-plruby -- Ruby procedural language for PostgreSQL.
* rdeliver -- Fully functioning mail filter with RubyFilter.
* sipsak -- SIP Swiss army knife.
* specimen -- MIDI controllable audio sampler for GNU/Linux
* stepbill -- Get rid of those nasty Wingdows viruses.
* supybot -- Robust and user friendly Python IRC bot.
* uim -- Simple, secure, and flexible input method collection
* websieve -- Web based Cyrus IMAP user admin client.
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at firstname.lastname@example.org.