Debian Weekly News - February 15th, 2005
---------------------------------------------------------------------------
Debian Weekly News
http://www.debian.org/News/weekly/2005/07/
Debian Weekly News - February 15th, 2005
---------------------------------------------------------------------------
Welcome to this year's 7th issue of DWN, the weekly newsletter for the
Debian community. Legal professionals in Australia have [1]developed a
new judical information system based on Free Software and Debian in
particular. Chris Halls [2]announced preliminary packages for
OpenOffice.org 1.9.73 built with Sun's JDK.
1. http://www.linuxworld.com.au/index.php/id;631120522;fp;2;fpid;1
2. http://lists.debian.org/debian-openoffice/2005/01/msg00257.html
Debian Account Managing. Jörg Jaspert sent in a [3]status report
about the DAM (Debian Account Manager) work. He anticipates to have
cleared the queue by next month already and also explained the general
rules for accepting new developers. Emeritus developers are required
to go through a short new-maintainer process as well, if they want to
become active again.
3. http://lists.debian.org/debian-devel-announce/2005/02/msg00003.html
Debian-Installer featured in c't. Andreas Barth [4]reported that the
German c't magazine has [5]released a special CD based on the new
[6]Debian installer. Joey Hess [7]added that the CD uses preseeding
to automate the installation. Martin Zobel-Helas [8]forwarded the
conclusion of an article in the iX magazine of the same publisher that
states it is a large step into the right direction.
4. http://blogs.turmzimmer.net/2005/02/05#ct-sarge-di
5. http://www.heise.de/ct/05/04/092/
6. http://www.debian.org/devel/debian-installer/
7. http://kitenet.net/~joey/blog/entry/d-i_in_ct-2005-02-05-16-34.html
8. http://www.ftbfs.de/~zobel/cgi-bin/blosxom/2005/02/10#di-iX0503
Understanding Maintainer Scripts. Margarita Manterola [9]documented
the order in which maintainer scripts are called during package
maintenance and the parameters they receive, since its documentation
in the policy is difficult to follow. She [10]accompanied the new text
with some graphics that several people felt easier to understand than
the plain text from the policy document.
9. http://www.marga.com.ar/blog/index.cgi/debian/Understanding_maintainer_scripts.html
10. http://women.alioth.debian.org/wiki/index.php/English/MaintainerScripts
DebConf5: Call for Papers. Andreas Schuldei [11]called for papers for
this year's Debian conference in Helsinki, Finland. Proposals will be
accepted until March 15th 2005 and need to be submitted [12]online.
The review team will decide until April 1st which talks will be
accepted. They will be recorded, and may be broadcast over the
Internet.
11. http://lists.debian.org/debian-devel-announce/2005/02/msg00002.html
12. http://comas.linux-aktivaattori.org/debconf5/
Confusing udev Behaviour. Maykel Moya [13]noticed a strange directory
/.dev and removed its content which left his system unbootable. Sam
Morris [14]explained that when [15]udev starts, the real /dev is
mounted to /.dev so it can still be accessed. This is only the case if
the directory exists, however, so removing the mount point is fine.
13. http://lists.debian.org/debian-devel/2005/02/msg00380.html
14. http://lists.debian.org/debian-devel/2005/02/msg00384.html
15. http://packages.debian.org/udev
Configuration under Revision Control. Enrico Zini [16]reported that he
has put is /etc/ under [17]svk control, which is a distributed
revision control system based on [18]subversion. Florian Weimer
[19]added that it supports symbolic links natively as well.
16. http://lists.debian.org/debian-devel/2005/02/msg00495.html
17. http://packages.debian.org/svk
18. http://packages.debian.org/subversion
19. http://lists.debian.org/debian-devel/2005/02/msg00558.html
Debian Package Cycle. Martin F. Krafft [20]improved the lifetime
[21]graph of a Debian package based on the [22]work of Kevin Mark. It
explains the way a new package takes into the Debian archive and the
way updated packages take as well as security updates.
20. http://lists.debian.org/debian-devel/2005/02/msg00537.html
21. http://people.debian.org/~madduck/graphs/package-cycle/en/
22. http://kmark.home.pipeline.com/debian.png
Debian's Wayback Machine. Martin 'Joey' Schulze [23]reported about the
wayback machine for Debian packages that Fumitoshi Ukai provides on
[24]snapshot.debian.net. He explained that it has become a very
helpful resource for his work as member of the security team since one
can easily compare two older revisions of a package with the interdiff
utility.
23. http://www.infodrom.org/~joey/log/?200502120543
24. http://snapshot.debian.net/
Mailing Lists Bounce Handling. Pascal Hakim [25]discussed handling
bounces in mailing list servers. He mentions mail filters on
SMTP-level to prevent spam and viruses which should not result in an
unsubscription. Among other issues, active lists need to be treated
differently than less active lists.
25. http://www.redellipse.net/stuff/Debian/Lists/bounce-handling.story
International Debian Welcome Messages. Joey Hess [26]thanked Christian
Perrier for collecting welcome sound files that could be played after
the installation in many languages. Christian used these files as part
of the Babelbox, a demonstration machine that reinstalls itself
automatically with a different language at each iteration.
26. http://kitenet.net/~joey/blog/entry/d-i_fun-2005-02-13-18-48.html
Should Branden run for the DPL? Branden Robinson is [27]soliciting
input on whether he should nominate himself again for the Debian
project leader (DPL) [28]elections. Before standing again, he would
[29]like to hear 100 developers support this action. A wiki [30]page
has been set up to track the feedback. 51 people have stated their
support so far.
27. http://lists.debian.org/debian-vote/2005/02/msg00013.html
28. http://www.debian.org/vote/2005/vote_001
29. http://people.debian.org/~branden/dpl/to_run_or_not_to_run_in_2005.html
30. http://wiki.debian.net/?DraftBranden
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 673: [31]evolution -- Arbitrary code execution as root.
* DSA 674: [32]mailman -- Several vulnerabilities.
* DSA 675: [33]hztty -- Local utmp exploit.
* DSA 676: [34]xpcd -- Arbitrary code execution as root.
* DSA 677: [35]sympa -- Potential arbitrary code execution.
* DSA 678: [36]netkit-rwho -- Denial of service.
* DSA 679: [37]toolchain-source -- Insecure temporary files.
* DSA 680: [38]htdig -- Cross-site scripting vulnerability.
* DSA 681: [39]synaesthesia -- Unauthorised file access.
* DSA 682: [40]awstats -- Arbitrary command execution.
* DSA 683: [41]postgresql -- Arbitrary code execution.
31. http://www.debian.org/security/2005/dsa-673
32. http://www.debian.org/security/2005/dsa-674
33. http://www.debian.org/security/2005/dsa-675
34. http://www.debian.org/security/2005/dsa-676
35. http://www.debian.org/security/2005/dsa-677
36. http://www.debian.org/security/2005/dsa-678
37. http://www.debian.org/security/2005/dsa-679
38. http://www.debian.org/security/2005/dsa-680
39. http://www.debian.org/security/2005/dsa-681
40. http://www.debian.org/security/2005/dsa-682
41. http://www.debian.org/security/2005/dsa-683
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive [42]recently or contain important updates.
42. http://packages.debian.org/unstable/newpkg_main
* [43]apache2-utils -- Utility programs for webservers.
* [44]xblast-tnt-musics -- Music files for xblast-tnt.
43. http://packages.debian.org/unstable/net/apache2-utils
44. http://packages.debian.org/unstable/games/xblast-tnt-musics
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the [45]contributing
page to find out how to help. We're looking forward to receiving your
mail at [46]dwn@debian.org.
45. http://www.debian.org/News/weekly/contributing
46. mailto:dwn@debian.org
Reply to: