Debian Weekly News - October 15th, 2002
Debian Weekly News
Debian Weekly News - October 15th, 2002
Welcome to this year's 40th issue of DWN, the weekly newsletter for
the Debian community. This week we are pleased to include items by
Matt Black and Andre Lehovich. Additionally, a new web-based Debian
forum has been discovered. Looking at security, NewsFactor is running
an article comparing security of GNU/Linux and other systems.
Debian and Freedom CPU. Russell Coker contacted the Freedom
CPU project (F-CPU) to find out what can be added to Debian to make it
a better platform for F-CPU development work. This is a CPU developed
with the techniques of Free Software and released under a free
license. In order for the interested people to better understand in
what world F-CPU lives, please read an interview with Rudolf
Usselmann about OpenCores.
Space in the Shebang Line. Joel Backer, who works on the NetBSD port
of Debian, discovered that several debian/rules files have a
trailing space in the shebang line (the #! line). While this does not
break things on GNU/Linux, it does cause breakage on NetBSD, due to
differences in the script handlers. He wonders if anything would break
if the trailing space would be removed.
Human Rights requires Free Software. Andy Oram reports on O'Reilly
Network on a practitioner's view of the critical role Free Software
plays in the work of human rights activists around the globe. This
call for Free Software was made in a speech on October 5th by Dr.
Patrick Ball, the deputy director of the Science and Human Rights
Project of the American Association for the Advancement of Science.
Patrick appeals to free software developers to make the software just
as easy to use as commercial software and his organization actually
pays people to develop free software.
Sendmail trojaned as well. Last week CERT/CC reported that some
copies of the source code for the Sendmail package have been modified
by an intruder to contain a Trojan horse. Debian's Sendmail maintainer
Richard Nelson reported that Debian is not vulnerable. In
particular, Richard verifies the MD5sums and gpg signature of Sendmail
packages. The vendor statement from the Debian Security Team was also
added to the CERT advisory.
Apsfilter License Update. Osamu Aoki reported that following
private discussion, apsfilter author Andreas Klemm has decided to make
changes "to accommodate better DFSG compatibility." This will clear up
some confusion about the license request regarding postcards.
Sarge CDs available for Testing. Santiago Garcia Mantinan
announced that the first official Sarge (aka testing) CD images
are now available. The jigdo images can be downloaded from
here. Whilst the images are not currently bootable, Raphaël
Hertzog is working on this, so stay tuned.
Continuing the Python Transition. In order to get new and updated
Python packages installed in testing, Matthias Klose announced
that he plans to file bug reports on uninstallable Python packages.
Due to this the new Python doesn't make it into the testing
distribution. An updated list of problematic packages is
maintained by Josselin Mouette.
Policy for Ispell Directories. Agustín Martín Domingo announced
that the new policy on dictionaries will start on Monday 14th. This
includes full debconf support and support for popup-menus in all Emacs
flavours. Mutt support has also been added, which relies on an
ispell-wrapper script, which can also be used standalone.
Extenting Copyright Periods. On Wednesday 9 October the US Supreme
Court heard arguments in the case Eldred vs. Ashcroft. Eldred,
together with his attorney Lawrence Lessig, is attempting to have the
1998 law retroactively extending copyright in the United States
overturned. Although the case does not immediately impact the Debian
Project, it does affect many of our friends such as Project
Gutenberg. Eben Moglen, general counsel for the Free Software
Foundation, submitted an amicus brief on behalf of the free software
Capitalizing short Package Description? There has been a discussion
whether the one-line description of a package should have a capital
first letter or not. This short description is listed by apt-cache
search and in the new or noteworthy packages listing of DWN. Some
people disagree loudly. However, the developers reference
includes For consistency and for an aesthetic concern, you should
capitalize the first letter of the description. Martin Wheeler, who
has spent the last 40 years lecturing on and practising the use of the
English language, would like to ask that this be respected by all
writers contributing to the Debian Project.
Debian Jabber Server? Adam Byrtek asked if we should consider
installing a Jabber server on one of our machines? However, Sean Perry
pointed out that we already use IRC and mailing lists for Debian
work and asks why we need another option and Erich Schubert
wondered why not use existing Jabber servers. Additionally, more
people tried to coin potential uses for an own Jabber server.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* Bugzilla -- Privilege escalation.
* heartbeat -- Buffer overflow.
* syslog-ng -- Buffer overflow.
New or Noteworthy Packages. The following packages were added to the
Debian archive recently or contain important updates.
* aconnectgui -- FLTK based frontend for aconnect.
* alsamixergui -- FLTK based frontend for alsamixer.
* anon-proxy -- Proxy to surf the web anonymously.
* anthy -- A Japanese input method (backend, dictionary and
* aranym-jit -- Atari Running on Any Machine with JIT enabled.
* circ-tex -- LaTeX macros to typeset circuit & optics diagrams.
* djview -- Utilities for the extraordinary DjVu image format.
* fbgrab -- Framebuffer grabber.
* fluid -- The Fast Light Toolkit user interface designer.
* gnuchess-book -- Opening book for gnuchess.
* hdup -- Filesystem duplicator and backup.
* ifile -- Mail filter capable of learning.
* ifplugd -- Configuration daemon for ethernet devices.
* mixmaster -- Anonymous remailer client and server.
* netcast -- Tool for synchronized multicast data transmission.
* opengate -- H.323 voice over IP gatekeeper.
* pdbv -- Output a HTML view of the dpkg database.
* psad -- The Port Scan Attack Detector.
* rhythmbox -- Multimedia Player for GNOME.
* spiralsynthmodular -- An Object orientated modular softsynth /
sequencer / sampler.
* softbeep -- System bell replacement.
* speex -- The Speex Speech Codec.
* sqlrelay -- Database connection pooling, proxying and load
* tetrinetx -- Tetrinet Server.
* tubesock -- Free GTK/GNOME SWF flash player.
* vorbisgain -- Add suggested volume level for .ogg files as
* xsensors -- Hardware health information viewer.
Orphaned Packages. 2 packages were orphaned this week and require a
new maintainer. This makes a total of 132 orphaned packages. Many
thanks to the previous maintainers who contributed to the Free
Software community. Please see the WNPP pages for the full list,
and please add a note to the bug report and retitle it to ITA: if you
plan to take over a package.
* ganso -- GNOME Animation Studio. (Bug#164443)
* python-tal -- Template Attribute Language. (Bug#164483)
Want to continue reading DWN? Please help us create this newsletter.
Currently, it's mostly a one-man show, which is anticipated to fail in
the long term. We urgently need volunteer writers who prepare items.
Please see the contributing page to find out how to help. We're
looking forward to receiving your mail at firstname.lastname@example.org.