[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian Weekly News - September 21st, 2004

Debian Weekly News
Debian Weekly News - September 21st, 2004

Welcome to this year's 37th issue of DWN, the weekly newsletter for
the Debian community. A recent issue of the German computer magazine
c't features an article about GNU/Linux on notebooks including a test
of 14 current notebook models. One machine, an ASUS M2400N, came
pre-installed with Debian GNU/Linux by [1]Xtops.DE.

 1. http://www.xtops.de/

Security-Hardening Debian. [2]Debian Hardened is a new project that
[3]wants be an official Debian [4]sub-project. It aims at providing
a complete tree of hardened kernel and software packages for a
standard Debian distribution, without changing to another distribution
like [5]Adamantix and making easy the hardening of any machine
running Debian GNU/Linux.

 2. http://sourceforge.net/projects/debianhardened
 3. http://lists.debian.org/debian-legal/2004/09/msg00126.html
 4. http://www.debian.org/devel/
 5. http://www.trusteddebian.org/

Ubuntu 4.10 Preview released. Benjamin Mako Hill [6]announced the
first beta release of [7]Ubuntu Linux (codenamed "Warty Warthog").
The new distribution is based on Debian and features GNOME 2.8 and is
available for the x86, AMD64, and PowerPC architectures. Ubuntu plan a
new release every 6 months, with 18 months of security updates for
each [8]release. The [9]relationship page provides a few details on
their release process.

 6. http://lwn.net/Articles/102248/
 7. http://www.ubuntulinux.org/
 8. http://www.netsplit.com/blog/work/canonical/ubuntu_and_debian.html
 9. http://www.ubuntulinux.org/ubuntu/relationship/document_view

Updating Scanners and Filters in Debian stable. Joey Schulze [10]asked
about means to update the database of virus and security scanners,
spam filters and the like for the upcoming Debian release. [11]Nessus,
and ClamAV use special plugins to update their databases, and
[12]f-prot uses an installer package. Martin Michlmayr [13]proposed to
modify the stable update policy instead.

 10. http://lists.debian.org/debian-devel/2004/09/msg00795.html
 11. http://lists.debian.org/debian-devel/2004/09/msg00788.html
 12. http://lists.debian.org/debian-devel/2004/09/msg00793.html
 13. http://lists.debian.org/debian-devel/2004/09/msg00801.html

Maintaining SSL Certificates. Kai Hendry [14]wondered why he should
build his own certification authority (CA) since [15]SPI runs a CA and
could be issuing certificates to make Debian users' life easier.
Javier Fernández-Sanguino Peña [16]explained that SPI is not a CA, but
only use certificates for their own use and maybe close projects.

 14. http://lists.debian.org/debian-devel/2004/09/msg00955.html
 15. http://www.spi-inc.org/
 16. http://lists.debian.org/debian-devel/2004/09/msg00974.html

Open Software License v2.1. Matthew Wilcox [17]started a new
discussion on version 2.1 of the [18]Open Software License after
version 2.0 was not [19]considered free according to the [20]Debian
Free Software Guidelines. Anthony DeRobertis [21]asserted that the new
version is still not free and is conform with the [22]opinion of
Andrew Suffield.

 17. http://lists.debian.org/debian-legal/2004/09/msg00179.html
 18. http://www.opensource.org/licenses/osl-2.1.php
 19. http://lists.debian.org/debian-legal/2004/05/msg00118.html
 20. http://www.debian.org/social_contract#guidelines
 21. http://lists.debian.org/debian-legal/2004/09/msg00220.html
 22. http://lists.debian.org/debian-legal/2004/09/msg00182.html

Debian and Global File System? An [23]article on Newsforge reported
that the Angelo Ovidi has [24]released the first unofficial Debian
kernel packages supporting Global File System (GFS) on a
vanilla kernel. GFS supports journaling, recovery from client
failures, and many other features. Bastian Blank has already built and
uploaded the first set of [25]official packages to unstable, only one
package is still waiting in the incoming queue.

 23. http://newsvac.newsforge.com/article.pl?sid=04/09/09/028214
 24. http://xfdeb.sourceforge.net/
 25. http://lophos.multibuild.org/svn/cluster/

Missing Source Packages in Sarge. Jeroen van Wolffelaar [26]noticed
that for several binary packages the corresponding source packages are
missing in the Sources file. This means that there is neither a trust
path from the archive signing key, nor will it be possible to build
the same version with apt-get -b source.

 26. http://lists.debian.org/debian-release/2004/09/msg00210.html

Installer Release Candidate Planning. Joey Hess [27]noticed that the
new [28]debian-installer is in a relatively good shape for another
release. He would like to declare a new release candidate soon and
tried to formulate a group goal for the [29]developers meeting in
Oldenburg, Germany, this week, so that all developers can work on a
common task.

 27. http://lists.debian.org/debian-release/2004/09/msg00291.html
 28. http://www.debian.org/devel/debian-installer/
 29. http://meeting.ffis.de/Oldenburg2004/

Weekly CD and DVD Builds. Santiago Garcia Mantinan [30]announced that
he is automatically building weekly CD and DVD images for sarge again.
They now use [31]JTE to allow for faster image generation. Because of
the changed creation process, the new images may contain new bugs, so
please report any problems to the [32]debian-cd mailing list.

 30. http://lists.debian.org/debian-cd/2004/09/msg00081.html
 31. http://www.einval.com/~steve/software/JTE/
 32. http://lists.debian.org/debian-cd/

Sarge Release Notes. Rob Bradford [33]announced that the [34]release
notes for sarge have finally been written. Translators who have
formerly been disappointed by the lack of an English version can start
translating the [35]document.

 33. http://lists.debian.org/debian-doc/2004/09/msg00033.html
 34. http://www.debian.org/releases/sarge/
 35. http://cvs.debian.org/ddp/manuals.sgml/release-notes/?cvsroot=debian-doc

LSB Status in Sarge? Martin Michlmayr [36]wondered about the status of
[37]Linux Standard Base (LSB) in Debian sarge. Jeff Licquia
[38]explained that he is working on LSB 2.0 already and that he
anticipates issues only with the dynamic linker, glibc, [39]diff,
[40]coreutils and the [41]Filesystem Hierarchy Standard.

 36. http://lists.debian.org/debian-lsb/2004/08/msg00002.html
 37. http://www.linuxbase.org/
 38. http://lists.debian.org/debian-lsb/2004/08/msg00004.html
 39. http://packages.debian.org/diff
 40. http://packages.debian.org/coreutils
 41. http://www.pathname.com/fhs/

Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.

 * [42]cupsys -- Denial of service.
 * [43]gdk-pixbuf -- Several vulnerabilities.
 * [44]imagemagick -- Buffer overflows.
 * [45]imlib -- Arbitrary code execution.
 * [46]gtk+2.0 -- Several vulnerabilities.
 * [47]wv -- Arbitrary command execution.

 42. http://www.debian.org/security/2004/dsa-545
 43. http://www.debian.org/security/2004/dsa-546
 44. http://www.debian.org/security/2004/dsa-547
 45. http://www.debian.org/security/2004/dsa-548
 46. http://www.debian.org/security/2004/dsa-549
 47. http://www.debian.org/security/2004/dsa-550

Debian Packages introduced last Week. Every day, a different Debian
package is [48]featured from the testing distribution. If you know
about an obscure package you think others should also know about, send
it to [49]Andrew Sweger. Debian package a day introduced the following
packages last week.

 48. http://www.livejournal.com/users/debaday/
 49. http://www.livejournal.com/userinfo.bml?user=debaday

 * [50]logjam -- Client for LiveJournal-based sites.
 * [51]sash -- Stand-alone shell.
 * [52]k3b -- Sophisticated KDE CD burning application.
 * [53]ntlmaps -- NTLM Authorization Proxy Server.
 * [54]openvpn -- Virtual Private Network daemon.

 50. http://www.livejournal.com/users/debaday/34629.html
 51. http://www.livejournal.com/users/debaday/35014.html
 52. http://www.livejournal.com/users/debaday/35264.html
 53. http://www.livejournal.com/users/debaday/35503.html
 54. http://www.livejournal.com/users/debaday/35599.html

Orphaned Packages. 1 package was orphaned this week and requires a new
maintainer. This makes a total of 1 orphaned packages. Many thanks to
the previous maintainers who contributed to the Free Software
community. Please see the [55]WNPP pages for the full list, and please
add a note to the bug report and retitle it to ITA: if you plan to
take over a package.

 55. http://www.debian.org/devel/wnpp/

 * [56]regexplorer -- Visual regular expression explorer.

 56. http://packages.debian.org/unstable/x11/regexplorer
 57. http://bugs.debian.org/271737

Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the [58]contributing
page to find out how to help. We're looking forward to receiving your
mail at [59]dwn@debian.org.

 58. http://www.debian.org/News/weekly/contributing
 59. mailto:dwn@debian.org

Reply to: