Debian Weekly News - September 21st, 2004
Debian Weekly News
Debian Weekly News - September 21st, 2004
Welcome to this year's 37th issue of DWN, the weekly newsletter for
the Debian community. A recent issue of the German computer magazine
c't features an article about GNU/Linux on notebooks including a test
of 14 current notebook models. One machine, an ASUS M2400N, came
pre-installed with Debian GNU/Linux by Xtops.DE.
Security-Hardening Debian. Debian Hardened is a new project that
wants be an official Debian sub-project. It aims at providing
a complete tree of hardened kernel and software packages for a
standard Debian distribution, without changing to another distribution
like Adamantix and making easy the hardening of any machine
running Debian GNU/Linux.
Ubuntu 4.10 Preview released. Benjamin Mako Hill announced the
first beta release of Ubuntu Linux (codenamed "Warty Warthog").
The new distribution is based on Debian and features GNOME 2.8 and is
available for the x86, AMD64, and PowerPC architectures. Ubuntu plan a
new release every 6 months, with 18 months of security updates for
each release. The relationship page provides a few details on
their release process.
Updating Scanners and Filters in Debian stable. Joey Schulze asked
about means to update the database of virus and security scanners,
spam filters and the like for the upcoming Debian release. Nessus,
and ClamAV use special plugins to update their databases, and
f-prot uses an installer package. Martin Michlmayr proposed to
modify the stable update policy instead.
Maintaining SSL Certificates. Kai Hendry wondered why he should
build his own certification authority (CA) since SPI runs a CA and
could be issuing certificates to make Debian users' life easier.
Javier Fernández-Sanguino Peña explained that SPI is not a CA, but
only use certificates for their own use and maybe close projects.
Open Software License v2.1. Matthew Wilcox started a new
discussion on version 2.1 of the Open Software License after
version 2.0 was not considered free according to the Debian
Free Software Guidelines. Anthony DeRobertis asserted that the new
version is still not free and is conform with the opinion of
Debian and Global File System? An article on Newsforge reported
that the Angelo Ovidi has released the first unofficial Debian
kernel packages supporting Global File System (GFS) on a 18.104.22.168
vanilla kernel. GFS supports journaling, recovery from client
failures, and many other features. Bastian Blank has already built and
uploaded the first set of official packages to unstable, only one
package is still waiting in the incoming queue.
Missing Source Packages in Sarge. Jeroen van Wolffelaar noticed
that for several binary packages the corresponding source packages are
missing in the Sources file. This means that there is neither a trust
path from the archive signing key, nor will it be possible to build
the same version with apt-get -b source.
Installer Release Candidate Planning. Joey Hess noticed that the
new debian-installer is in a relatively good shape for another
release. He would like to declare a new release candidate soon and
tried to formulate a group goal for the developers meeting in
Oldenburg, Germany, this week, so that all developers can work on a
Weekly CD and DVD Builds. Santiago Garcia Mantinan announced that
he is automatically building weekly CD and DVD images for sarge again.
They now use JTE to allow for faster image generation. Because of
the changed creation process, the new images may contain new bugs, so
please report any problems to the debian-cd mailing list.
Sarge Release Notes. Rob Bradford announced that the release
notes for sarge have finally been written. Translators who have
formerly been disappointed by the lack of an English version can start
translating the document.
LSB Status in Sarge? Martin Michlmayr wondered about the status of
Linux Standard Base (LSB) in Debian sarge. Jeff Licquia
explained that he is working on LSB 2.0 already and that he
anticipates issues only with the dynamic linker, glibc, diff,
coreutils and the Filesystem Hierarchy Standard.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* cupsys -- Denial of service.
* gdk-pixbuf -- Several vulnerabilities.
* imagemagick -- Buffer overflows.
* imlib -- Arbitrary code execution.
* gtk+2.0 -- Several vulnerabilities.
* wv -- Arbitrary command execution.
Debian Packages introduced last Week. Every day, a different Debian
package is featured from the testing distribution. If you know
about an obscure package you think others should also know about, send
it to Andrew Sweger. Debian package a day introduced the following
packages last week.
* logjam -- Client for LiveJournal-based sites.
* sash -- Stand-alone shell.
* k3b -- Sophisticated KDE CD burning application.
* ntlmaps -- NTLM Authorization Proxy Server.
* openvpn -- Virtual Private Network daemon.
Orphaned Packages. 1 package was orphaned this week and requires a new
maintainer. This makes a total of 1 orphaned packages. Many thanks to
the previous maintainers who contributed to the Free Software
community. Please see the WNPP pages for the full list, and please
add a note to the bug report and retitle it to ITA: if you plan to
take over a package.
* regexplorer -- Visual regular expression explorer.
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at email@example.com.