Debian Weekly News - February 15th, 2005
Debian Weekly News
Debian Weekly News - February 15th, 2005
Welcome to this year's 7th issue of DWN, the weekly newsletter for the
Debian community. Legal professionals in Australia have developed a
new judical information system based on Free Software and Debian in
particular. Chris Halls announced preliminary packages for
OpenOffice.org 1.9.73 built with Sun's JDK.
Debian Account Managing. Jörg Jaspert sent in a status report
about the DAM (Debian Account Manager) work. He anticipates to have
cleared the queue by next month already and also explained the general
rules for accepting new developers. Emeritus developers are required
to go through a short new-maintainer process as well, if they want to
become active again.
Debian-Installer featured in c't. Andreas Barth reported that the
German c't magazine has released a special CD based on the new
Debian installer. Joey Hess added that the CD uses preseeding
to automate the installation. Martin Zobel-Helas forwarded the
conclusion of an article in the iX magazine of the same publisher that
states it is a large step into the right direction.
Understanding Maintainer Scripts. Margarita Manterola documented
the order in which maintainer scripts are called during package
maintenance and the parameters they receive, since its documentation
in the policy is difficult to follow. She accompanied the new text
with some graphics that several people felt easier to understand than
the plain text from the policy document.
DebConf5: Call for Papers. Andreas Schuldei called for papers for
this year's Debian conference in Helsinki, Finland. Proposals will be
accepted until March 15th 2005 and need to be submitted online.
The review team will decide until April 1st which talks will be
accepted. They will be recorded, and may be broadcast over the
Confusing udev Behaviour. Maykel Moya noticed a strange directory
/.dev and removed its content which left his system unbootable. Sam
Morris explained that when udev starts, the real /dev is
mounted to /.dev so it can still be accessed. This is only the case if
the directory exists, however, so removing the mount point is fine.
Configuration under Revision Control. Enrico Zini reported that he
has put is /etc/ under svk control, which is a distributed
revision control system based on subversion. Florian Weimer
added that it supports symbolic links natively as well.
Debian Package Cycle. Martin F. Krafft improved the lifetime
graph of a Debian package based on the work of Kevin Mark. It
explains the way a new package takes into the Debian archive and the
way updated packages take as well as security updates.
Debian's Wayback Machine. Martin 'Joey' Schulze reported about the
wayback machine for Debian packages that Fumitoshi Ukai provides on
snapshot.debian.net. He explained that it has become a very
helpful resource for his work as member of the security team since one
can easily compare two older revisions of a package with the interdiff
Mailing Lists Bounce Handling. Pascal Hakim discussed handling
bounces in mailing list servers. He mentions mail filters on
SMTP-level to prevent spam and viruses which should not result in an
unsubscription. Among other issues, active lists need to be treated
differently than less active lists.
International Debian Welcome Messages. Joey Hess thanked Christian
Perrier for collecting welcome sound files that could be played after
the installation in many languages. Christian used these files as part
of the Babelbox, a demonstration machine that reinstalls itself
automatically with a different language at each iteration.
Should Branden run for the DPL? Branden Robinson is soliciting
input on whether he should nominate himself again for the Debian
project leader (DPL) elections. Before standing again, he would
like to hear 100 developers support this action. A wiki page
has been set up to track the feedback. 51 people have stated their
support so far.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 673: evolution -- Arbitrary code execution as root.
* DSA 674: mailman -- Several vulnerabilities.
* DSA 675: hztty -- Local utmp exploit.
* DSA 676: xpcd -- Arbitrary code execution as root.
* DSA 677: sympa -- Potential arbitrary code execution.
* DSA 678: netkit-rwho -- Denial of service.
* DSA 679: toolchain-source -- Insecure temporary files.
* DSA 680: htdig -- Cross-site scripting vulnerability.
* DSA 681: synaesthesia -- Unauthorised file access.
* DSA 682: awstats -- Arbitrary command execution.
* DSA 683: postgresql -- Arbitrary code execution.
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive recently or contain important updates.
* apache2-utils -- Utility programs for webservers.
* xblast-tnt-musics -- Music files for xblast-tnt.
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at email@example.com.