Debian Weekly News - August 30th, 2005
Debian Weekly News
Debian Weekly News - August 30th, 2005
Welcome to this year's 35th issue of DWN, the weekly newsletter for
the Debian community. Carla Schroder explained reasons to use
Debian and gave an overview about several derived distributions. Sean
Michael Kerner reported about Debian's debut in China with Sun
Wah's enterprise Debian offering.
Rejections from NEW. Jörg Jaspert announced the requirements for
packages to pass the NEW queue. Basically, all rules should be
logical, but still broken packages get uploaded. The FAQ includes
gross howlers and issues that contribute to a higher probability of a
Debian GNU/kFreeBSD Development Machine. Guillem Jover announced
the availability of a network connected machine running the Debian
GNU/kFreeBSD port. All developers can be granted access to it. He
also reported that 81.69 % of packages in main are available for the
Too many Transitions. Andreas Barth reported about the currently
ongoing transition of packages: Glibc, C++ ABI, KDE, X.Org and GNOME.
He asked developers not to rename any libraries or bump the soname
before these transitions are finished, since that would have the
potential to stall the process even more. Many packages are blocked
from testing due to these transitions already.
Ranking Bug Reports. Paul Brossier proposed to add a feature to
the bug tracking system to measure the number of users that are
annoyed by each bug in order to get an impression of the importance of
the particular bug. Stuart Yeates added that a good way to start
could be a cross-reference to the popularity contest. Jon Dowland
noted that bugs are already rated by severity.
Posix-compliant Scripts. Brian Carlson suggested that all
maintainers test their packages with posh as standard shell. Steve
Langasek asserted that the practical impact would be zero since the
POSIX extensions mentioned are supported by the other shells,
including busybox. Marco d'Itri added that posh does not even
provide a size benefit.
Debian CD/DVD Contents. Jerome Warnier wondered if there was a way
to determine on which official CD a particular package is distributed.
Bartosz Fenski answered that currently this is only possible by
looking at the jigdo files. Guilherme de S. Pastore pointed to
an automatically generated list with the requested information.
New Upstream Versions. Nikita Youshchenko proposed to allow new
upstream versions of Mozilla and friends to enter stable since it
seems to be impossible to properly support them security-wise.
Martin Pitt reported that he tried to backport fixes, but ended up
with a broken browser, and hence had to give up.
New-Maintainer Process. Yaroslav Halchenko wondered if there is a
sufficient quantity of application managers to cover all new
applicants. Marc Brockschmidt negated that and explained that
application managers need to invest some time on a regular basis and
know a lot about Debian. Some of them also get bored by the
European Union Public License. Ales Cepek wondered about the
freeness of the European Union Public License. Florian Weimer
found several flaws that would make the license incompatible with
the GNU General Public License Nathanael Nerode also
discovered several problems in the draft.
Debconf Dependency. Joey Hess announced that he will eventually
file bug reports on packages that only depend on debconf and not
on debconf-2.0 as well. The latter is needed so debconf can finally be
replaced by cdebconf. debconf-2.0 was added to the Debian
policy as a virtual package in 2002 and has been provided by
debconf since 2003.
Reporting Lists Spam. Nico Golde asked if it is possible to report
spam distributed via the lists not only via web interface but also
via mail. Javier Fernández-Sanguino Peña also wondered what
happens after a mail is reported as spam. Frans Pop explained that
currently data is only collected. The intention is to use the data
both to improve filtering and clean the archives. The set of tools for
that has yet to be developed though.
Converting Source Code. Svante Signell wondered how the copyright
of a program is transferred when somebody manually converts or
implements it into a different language. Arnoud Engelfriet stated
that the converter only owns a copyright of the final work if the
translation required creative work. Sean Kellogg, however,
asserted that the converter would only hold a copyright on the
expression that is the translation.
Ethical Moments in Debian. Biella Coleman announced the successful
defence of her dissertation about ethics and politics of the Free
Software movement and the availability of chapter six which covers
the Debian project. In this chapter she explained the internal culture
in the Debian project that she has investigated during several
occasions. According to Wouter Verhelst she certainly has a far
better view on the general picture than most developers can ever hope
Non-free Build Scripts. Michael Ablassmeier reported about the
di package whose upstream developers have decided to switch to
iffe as configure replacement. However, since it is distributed under
a allegedly non-free license. Bas Zoetekouw asserted that if a
package requires non-free software to build, it cannot go into the
main archive, regardless of the fact that the resulting binary does
not depend on non-free packages.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 783: mysql-dfsg-4.1 -- Insecure temporary file.
* DSA 784: courier -- Denial of service.
* DSA 785: libpam-ldap -- Authentication bypass.
* DSA 786: simpleproxy -- Arbitrary code execution.
* DSA 787: backup-manager -- Several vulnerabilities.
* DSA 788: kismet -- Arbitrary code execution.
* DSA 789: php4 -- Several vulnerabilities.
* DSA 790: phpldapadmin -- Unauthorised access.
* DSA 791: maildrop -- Arbitrary group mail command execution.
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive recently or contain important updates.
* gollem -- File manager component for horde framework.
* insserv -- Generate boot sequence based on LSB init.d script
* ldm -- LTSP display manager.
* lwatch -- Simple log colorizer.
* mkvtoolnix -- Set of command-line tools to work with Matroska
* podracer -- Podcast aggregator/downloader.
* tmsnc -- Textbased (console) MSN client.
Orphaned Packages. 1 package was orphaned this week and requires a new
maintainer. This makes a total of 187 orphaned packages. Many thanks
to the previous maintainers who contributed to the Free Software
community. Please see the WNPP pages for the full list, and please
add a note to the bug report and retitle it to ITA: if you plan to
take over a package.
* vbpp -- Verilog preprocessor. (Bug#324765)
Removed Packages. 7 packages have been removed from the Debian
archive during the past two weeks:
* s3mod -- Player for MOD and S3M music files
Bug#323295: Request of maintainer, obsolete; superseded by
* keylookup -- A tool to fetch keys from keyservers
Bug#323075: Request of maintainer, functionality superseded by
* dhcp-dns -- Dynamic DNS updates for DHCP
Bug#158332: Request of QA, dead upstream, superseded by
* diablo -- News transport system without reader support
Bug#318303: Request of QA, RC bugs, orphaned, non-free
* crafted -- Map editor for FreeCraft, the free WarCraft II clone.
Bug#323568: Request of maintainer, superseded by stratagus
* phpgroupware-napster -- phpGroupWare Napster module
Bug#325195: Request of QA, orphaned, obsolete, abandoned
* python-pcgi -- Persistent CGI for Python
Bug#324475: Request of maintainer, obsolete
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at firstname.lastname@example.org.