Debian Weekly News - December 19th, 2001
---------------------------------------------------------------------------
Debian Weekly News
http://www.debian.org/News/weekly/2001/34/
Debian Weekly News - December 19th, 2001
---------------------------------------------------------------------------
Archive.debian.org is Back. The server that holds old Debian releases,
aliased to archive.debian.org, has been [1]resurrected after it was
offline for several months due to hardware problems. The machine now
runs with a nice new 144 GB RAID and a new host, the Computer Science
Department at the [2]University of Minnesota and is now administered
by Scott Dier. However, sad news: One of the new disks began to fail
recently.
Hurd H2 CD Images. The Hurd team informed us about new [3]Hurd CD
Images. Snapshot images are produced at a four to eight week interval
and the H2 images are the tenth of the series. The Hurd has grown from
one CD image in August 2000 (A1) to four images in December 2001 (H2).
These images are a snapshots of a developing operating system, so
suitable precautions must be taken when making an installation.
Similar as with other architectures, most important programs reside on
CD 1, while the other ones contain less important packages.
On Fixing Security Critical Bugs. Javier Fernández-Sanguino Peña made
some [4]analysis regarding vulnerabilities detected and posted to the
Bugtraq list and those sent as [5]Debian Security Announcements
(DSAs). His analysis reveal that for the last year it has taken Debian
an average of 35 days to fix security-related vulnerabilites. However,
over 50% of the vulnerabilities where fixed in a 10-days time frame,
and over 15% of them where fixed the same day the advisory was
released!
More On Acronyms. We received some feedback about the item covering
acronyms in our [6]last issue. It was pointed out that several
acronyms are already explained through using the dict program or one
of it's graphical frontends (like kdict or wordinspect). In case you
haven't heard about dict yet, it is the client that queries the dictd
server. The DICT Development Group maintains several public servers
which can be accessed from any machine connected to the Internet.
Another interesting resource is the [7]List of three-letter
abbreviations.
New Mailing Lists. The listmaster team [8]created three new lists:
[9]debian-qa-packages, which is used by the QA Team to handle bug
reports against orphaned packages, [10]debian-ssh, which will be used
for Debian ssh packages maintenance and coordination and
[11]debian-apache, which will be used for maintenance and coordination
of packages for the Apache webserver and related packages.
The Good, The Bad And The Ugly. Gergely Nagy posted a big [12]rant
about packaging software for Debian too quick and not paying enough
attention at packaging. He is worried, because packages whose
maintainer don't pay at least a little attention to packaging, do not
reflect the image he had about Debian. Face it, Debian is known for
its quality. This is something we can lose.
Porting Kaffe. John R. Daily was doing some work to ensure kaffe's
availability on the IA-64 port. He sent [13]this report on issues that
are holding back Kaffe on some platforms. [14]buildd.debian.org
reports that the latest package does not build on mips, mipsel, hppa,
and sparc. The report covers detailed problem reports for each
architecture.
Security Stuff. We've got two new security alerts this week. As usual,
if your system is affected, be sure to get the updated packages right
away.
* [15]postfix -- Remote DoS.
* [16]mailman -- Cross-site scripting hole.
New or Noteworthy Packages. The following new or updated packages were
added to the Debian archive since our [17]last issue.
* [18]chastity-list -- A "blacklist" package for squidgard for use
in public schools and other organizations.
* [19]fluxbox-kde -- A low-resource window manager for KDE.
* [20]guarddog -- A firewall configuration utility for KDE.
* [21]libpth14 -- GNU Portable Threads.
* [22]mah-jong -- Mah-Jong for 1 to 4 players.
* [23]lodju -- An image management tool for the X Window System.
Keep in Touch... As usual, we'd like to ask that if you have newstips
or announcements about Debian please send 'em to [24]dwn@debian.org.
Also, have a Merry Christmas!
---------------------------------------------------------------------------
References
1. http://lists.debian.org/debian-mirrors-0111/msg00000.html
2. http://www.cs.umn.edu/
3. http://www.debian.org/ports/hurd/hurd-cd
4. http://lists.debian.org/debian-security-0112/msg00257.html
5. http://www.debian.org/security/
6. http://www.debian.org/News/weekly/2001/33/
7. http://members.ams.chello.nl/j.vermeulen31/GPL_TLA_FAQ
8. http://lists.debian.org/debian-devel-announce-0112/msg00004.html
9. http://lists.debian.org/debian-qa-packages/
10. http://lists.debian.org/debian-ssh/
11. http://lists.debian.org/debian-apache/
12. http://lists.debian.org/debian-devel-0112/msg01346.html
13. http://lists.debian.org/debian-java-0112/msg00046.html
14. http://buildd.debian.org/build.php?arch=&pkg=kaffe
15. http://www.debian.org/security/2001/dsa-093
16. http://www.debian.org/security/2001/dsa-094
17. http://www.debian.org/News/weekly/2001/33/
18. http://packages.debian.org/unstable/web/chastity-list.html
19. http://packages.debian.org/unstable/x11/fluxbox-kde.html
20. http://packages.debian.org/unstable/net/guarddog.html
21. http://packages.debian.org/unstable/libs/libpth14.html
22. http://packages.debian.org/unstable/games/mah-jong.html
23. http://packages.debian.org/unstable/graphics/lodju.html
24. mailto:dwn@debian.org
Reply to: