Debian Weekly News - December 17th, 2002
Debian Weekly News
Debian Weekly News - December 17th, 2002
Welcome to this year's 49th issue of DWN, the weekly newsletter for
the Debian community. David Graham, leader of the Open and Free
Technology Community (OFTC) which hosts several IRC channels for
Debian, talks about how OFTC manages itself.
Is the Debian Project unmanageable? Recent discussions about the
voting system of Debian lead David Welton to ask whether
the Debian project has reached a state where it is no longer
manageable. Maybe Debian needs to recognize that the power is already
in the hands of those who actually do things, and align the control
Online Browsing of Changelog and Copyright Files. Noèl Köthe
started to extract changelog and copyright files of Debian
packages and placed them on a webserver. This is something that is
currently missing from packages.debian.org, however, it should
be possible to use the lintian lab on gluck for this, now that lintian
is running regularly, said Colin Watson.
Helping External .deb Producers. Aaron Isotton intends to work on
a new document that explains how software producers can distribute
their software directly in the .deb format. He is seeking input and
suggestions for this document. Sean Perry, however, said that it
does only make little sense for a third party to provide Debian
packages since the LSB requires rpm support only.
New Glibc in Preparation. Jeff Bailey reported that he is about to
finish a new set of glibc source, which should build fine on most
architectures and is already tested on some. It should also fix
several known problems in the current version. It will also conflict
with older versions of some other packages that broke with the current
PornView's problematic Debut. PornView is an image viewer that was
recently added to the Debian archive. Christian Surchi pointed out
that certain images in PornView lacked copyright permissions and Jan
Schumacher wondered whether the logo qualified as pornography.
This problem was fixed, however, Oliver Bolzer pointed out the
allegation (Japanese only) that PornView uses much source code
from GImageView, but stripped the original copyright notices. Brian
Nelson reported that this is already fixed upstream.
Debian-Installer with SE Linux Kernel. Brian May announced that he
created a debian-installer disk with a kernel that has SE-Linux,
EVMS, FreeS/WAN support, and ACL support. Whilst the image cannot yet
be used to install Debian, Brian thought that it was a good
demonstration of what is possible with the modular design of
APT Manual Pages. Earlier this year, Susan Kleinmann pointed out
some deficiencies in the apt_preferences manual page. Thomas Hood sent
an update advising that Susan has rewritten the entire manual
page. Feedback and revisions are now being taken and a final product
is expected soon.
Testing Packages for Unstable? Marek Habersack complained that too
many developers are uploading packages to sid (unstable) without doing
enough testing first. It seems to Marek that some packages are
uploaded without even being installed on the developer's system first.
Some people thought Marek was being too harsh, while others
suggested improvements to the development system. Matt Zimmerman
advised that he has the beginnings of a UML-based tool for
automatic package testing, however he has limited time and his hands
full with other projects.
Downgrading from Sarge to Woody. DebianPlanet carries an article
about how to downgrade from a Debian sarge system (testing) to a woody
system (stable). The writer explains that his second workstation has
now become another server and needs the stability and security of
Debian woody. The article describes the process of downgrading with
several scripts and command snippets.
Why OpenOffice.org is not in Main? When John Goerzen read the last
issue of DWN, he wondered why OpenOffice.org resides in contrib
instead of main, since it was released under the GNU General
Public License. Steve Langasek explained that the package currently
depends on specific non-free Java implementations, but Guido Guenther
mentioned that Red Hat builds OpenOffice.org with gjc only.
Private Katie Installation. Katie (or rather Debian Archive Katie) is
the software that manages the Debian archive (for non-US, security and
the main archive). Brian May reported that he got the katie
system running and explained the steps and configuration issues he
worked on. However, James Troup even actively discourages to use
Free Scripts with non-free Interpreters. Steve Langasek wondered
how to treat scripts that were released under the GNU General Public
License, but don't run on a sufficiently free interpreter. The Free
Software Foundation states that there is no problem as long as the
script is only interpreted but not linked to a non-free component.
Creating a GUI for Jigdo? Chris Severance noticed that Jigdo
currently lacks a graphical user interface (GUI) and proposed how it
should work. Richard Atterer already planned such a program but
ran into trouble assigning time to it. His current favourite idea is
that the Jigdo GUI application registers itself with the web browser.
That way a popup window will open if one clicks on the first ".jigdo"
Adding ReiserFS Support to parted. Timshel Knoll is seeking advice
on how to add support for ReiserFS to the disk partition and resizing
program parted. The solution seems to be to dynamically load a
particular version of the shared ReiserFS library.
Shipping XML/SGML Documentation with Source? Adam DiCarlo wondered
whether it is good practice for SGML and XML documentation to be
shipped with the corresponding source code? The consensus on the
debian-doc list (with the exception of Colin Walters) was that
XML/SGML source is in fact source and shouldn't be there bloating
Proposed SPI By-Laws Amendment. Jimmy Kaplowitz proposed an
amendment to the by-laws of SPI that will reduce the quorum
for meetings to four people. Article five requires that 14
contributing members second this proposal in order for it to be
considered. After this, the secretary has 30 days to put it to a vote
of the contributing membership. Some people objected against this
since a too small part of the board of directors could make decisions.
Debian GNU/Linux 3.0 Updated. Nearly five months after Debian
GNU/Linux 3.0 was released, Debian finally updated the woody
release. This revision adds 59 security updates to the stable release,
that were formerly distributed through security.debian.org, and 33
important bugfixes to various packages. Details of this update are on
the preparation page.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* gtetrinet -- Buffer overflows.
* tcpdump -- Denial of service.
* tetex-bin -- Arbitrary command execution.
* Perl -- Broken safe compartment.
* wget -- Directory traversal, buffer overflow.
* lynx -- CRLF injection.
* mICQ -- Denial of service.
* MySQL -- Several vulnerabilities.
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive recently or contain important updates.
* e2undel -- Undelete utility for the ext2 file system.
* fontilus -- Graphical font management tool for GNOME.
* gcm -- Utility to manage clipboards in GNOME 2.
* gkrellmitime -- Internet time plugin for gkrellm.
* launchtool -- Runs a command supervising its execution.
* medcon -- Medical Image (DICOM, ECAT, ...) conversion tool.
* pdns -- Extremely powerful and versatile nameserver.
* rsxs -- Really Slick X Screensavers.
* styx -- Combined parser/scanner generator.
* systrace -- Enforce system call policies for applications.
* tightvncserver -- Virtual network computing server software.
* tinycdb -- Package for creating and reading constant
Want to continue reading DWN? Please help us create this newsletter.
Several people are submitting items already, but we are still in need
of volunteer writers who prepare items. Please see the
contributing page to find out how to help. We're looking forward
to receiving your mail at firstname.lastname@example.org.