Debian Weekly News - January 25th, 2005
Debian Weekly News
Debian Weekly News - January 25th, 2005
Welcome to this year's 4th issue of DWN, the weekly newsletter for the
Debian community. Marc Haber announced experimental packages of
Exim4 linked against db4.2 for later inclusion in to sarge/sid.
OSNews has a guideline on using the new debian-installer to
install Debian by Luis Lima.
Sarge Release Progress Update. Steve Langasek sent in an update on
the release progress for Debian 3.1. He reported that KDE 3.3 has been
added to sarge and a porter upload for perl had taken place, which
dropped the release critical bug count about 60 bugs. He also stated
that progress in testing-proposed updates and testing-security has
been made but is still waiting for infrastructure.
Status Update for volatile Archive. Andreas Barth reported about
the status of debian-volatile. This unofficial archive aims at
supporting fast moving packages for the stable Debian release like
spam filter, virus scanner and the like. He and his team have set up
the infrastructure and mirrors for it. A first package, whois
has been accepted for debian-volatile's section of woody.
Renaming Binary Packages. Jay Berkenbilt wanted to rename a
package in order to loose the version in the package name. To achieve
this he planned to create a new source package and convert the old
package into transitional packages only. Anthony Towns explained
that the name of a library name does not have to match its soname and
believes that no transitional packages need to be provided when
Conflicts, Provides and Replaces fields are carefully crafted.
Support for DevFS? Russell Coker stated that devfs is regarded as
obsolete in the kernel source and will be removed in July 2005.
However, the new installer is based on it. Joey Hess
asserted that Debian will not destabilise the installer by
beginning to make large changes to it, like not using devfs, until
sarge is released.
Changing the Architecture of a Package. Jay Berkenbilt wondered if
the change from any to all in a Debian package would require manual
intervention. Santiago Vila asserted that such a package could
enter the archive even faster, since it is built for 11 architectures
Debian Women IRC meeting. The Debian Women group held an IRC
meeting on January 16th. The topic discussed was "How to best convey
the purpose and goals of the Debian Women project to those who have
questions about it." Prior to the meeting, Jérémy Bobbio raised
the question of the best way to organise and moderate IRC meetings,
especially when non-native English speakers are present. The meeting
was well attended and provoked lively discussions. Minutes were
taken by Colleen Hatfield.
Spurious Permissions Changes. Otto Wyss noticed that permissions
on a program he added the setuid flag were changed back permanently.
Peter Sammuelson contributed the proper dpkg-statoverride command
and Maciej Dems added that it would be better to use sudo.
Depending on a particular Kernel Package. Martin Kittel wondered
if it is sensible to declare a dependency on a kernel image package
since arguments were raised in a former discussion that not all
users have the Debian kernel installed. Antti-Juhani Kaijanaho
explained that the job of a dependency is to make sure that
another package is installed so its provided content can be used. The
kernel is a different case.
Mozilla Foundation Trademark Proposal. Gervase Markham from the
Mozilla Foundation proposed a trademark agreement for Debian
Firebird and Thunderbird packages. Walter Landry pointed out that
people outside of Debian would still be unable to legally modify and
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 645: cupsys -- Arbitrary code execution.
* DSA 646: imagemagick -- Arbitrary code execution.
* DSA 647: mysql -- Insecure temporary files.
* DSA 648: xpdf -- Arbitrary code execution.
* DSA 649: xtrlock -- Authentication bypass.
* DSA 650: sword -- Arbitrary code execution.
* DSA 651: squid -- Denial of service.
* DSA 652: unarj -- Several vulnerabilities.
* DSA 653: ethereal -- Several vulnerabilities.
* DSA 654: enscript -- Several vulnerabilities.
* DSA 655: zhcon -- Unauthorised file access.
* DSA 656: vdr -- Insecure file access.
* DSA 657: xine-lib -- Arbitrary code execution.
* DSA 658: libdbi-perl -- Insecure temporary file.
New or Noteworthy Packages. The following package was added to the
unstable Debian archive recently or contain important updates.
* hplip -- HP Linux Printing and Imaging System.
Orphaned Packages. 4 packages were orphaned this week and require a
new maintainer. This makes a total of 242 orphaned packages. Many
thanks to the previous maintainers who contributed to the Free
Software community. Please see the WNPP pages for the full list,
and please add a note to the bug report and retitle it to ITA: if you
plan to take over a package.
* binstats -- Statistics tool for installed programs.
* goats -- Sticky-note type program for Gnome 2.
* hanterm-classic -- Another X terminal emulator with Hangul
* hanterm-xf -- X terminal emulator with Hangul support.
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at firstname.lastname@example.org.