[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Debian Weekly News - August 1st, 2006

Debian Weekly News
Debian Weekly News - August 1st, 2006

Welcome to this year's 31st issue of DWN, the weekly newsletter for
the Debian community. Christoph Berg [1]announced nine new members of
the QA team who already work on outstanding issues in the [2]etch
release. Gintautas Miliauskas [3]reported that he has been working on
an integrated l10n infrastructure for Debian based on the framework
used by the [4]WorldForge project.

 1. http://lists.debian.org/debian-qa/2006/07/msg00093.html
 2. http://www.debian.org/releases/etch/
 3. http://gintasm.blogspot.com/2006/06/localization-coordination-for-debian-1.html
 4. http://www.worldforge.org/

Uploading with proper Urgencies. Adeodato Simó [5]reminded developers
to upload fixed packages with urgency high if they fix
security-related bugs. The urgency medium should be used for
release-critical bugs including corrections to failures to build from
source on one or other [6]architecture. Since these uploads will
migrate into [7]testing faster than normal, they should be prepared
with extra care as well.

 5. http://lists.debian.org/debian-devel-announce/2006/07/msg00008.html
 6. http://www.debian.org/ports/
 7. http://www.debian.org/releases/testing/

Responsibility for Packages. Martin Krafft [8]wondered if Debian
wants to change responsibilities for packages and move to more group
maintained packages. Adeodato Simó [9]explained that having the
non-maintainer diff in the [10]bug tracking system for a few days
before entering the archive does help QA, because there's room for
peer review.

 8. http://lists.debian.org/debian-project/2006/07/msg00190.html
 9. http://lists.debian.org/debian-project/2006/07/msg00231.html
 10. http://www.debian.org/Bugs/

Xen on Debian GNU/Linux 3.1. Aike de Jongste [11]explained how to
install the [12]backported version of [13]Xen on a [14]stable Debian
system. This includes APT [15]pinning of several packages, creating a
special RAM disk, adding an item to the [16]grub menu and [17]setting
up a Xen instance.

 11. http://www.debian-administration.org/articles/423
 12. http://www.backports.org/
 13. http://en.wikipedia.org/wiki/Xen
 14. http://www.debian.org/releases/sarge/
 15. http://jaqque.sbih.org/kplug/apt-pinning.html
 16. http://packages.debian.org/grub
 17. http://www.debian-administration.org/articles/396

Branding for Debian Derivatives. Anthony Towns [18]proposed to
introduce an official branding programme for derived distributions to
help our derivatives get the benefits of Debian's reputation. In the
essence the derivatives should listen to their users and cooperate
with the Free Software community. In return Debian should provide a
logo, add a link from its website, cooperate on press releases and
provide a supportive basis for future cooperation and consultation.

 18. http://lists.debian.org/debian-project/2006/07/msg00241.html

Key Management for Secure APT. Joey Schulze [19]wondered if key
management could be added into [20]APT in time for the [21]etch
release. Martin Krafft [22]discouraged plain automatic key upgrades
since they are too vulnerable to attacks and prefers a third party
authority to sign the keys. Florian Weimer [23]stated that the only
approach known to work is static keys for stable releases and stable
security updates.

 19. http://lists.debian.org/debian-release/2006/07/msg00192.html
 20. http://packages.debian.org/apt
 21. http://www.debian.org/releases/etch/
 22. http://lists.debian.org/debian-release/2006/07/msg00194.html
 23. http://lists.debian.org/debian-release/2006/07/msg00201.html

Supporting Exim 3 in Etch? Marc Haber [24]outlined the steps required
to remove version 3 of [25]Exim from [26]etch since it is not
supported by upstream anymore and even its maintainer has stopped
using it in the meantime. This includes an update to [27]sarge and
also requires manual work when users upgrade from sarge to etch.

 24. http://lists.debian.org/debian-release/2006/07/msg00228.html
 25. http://packages.debian.org/exim
 26. http://www.debian.org/releases/etch/
 27. http://www.debian.org/releases/sarge/

Building Documentation. Marcio Roberto Teixeira [28]wondered if
documentation for a Debian package should better be built before
packaging to save build time or during the regular build process.
Goswin von Brederlow [29]explained that documentation should be built
together with the rest of the package. If building takes long it
should not be done with every package built but only with the one
producing the binary-independent package.

 28. http://lists.debian.org/debian-devel/2006/07/msg00101.html
 29. http://lists.debian.org/debian-devel/2006/07/msg00232.html

Installing setuid Programs. Yui-wah Lee [30]wondered how a program
should be packaged that needs to be installed setuid or setgid.
Matthew Palmer [31]explained that the maintainer should set the
appropriate permissions and may have to tweak dh_fixperms so that it
doesn't turn the permissions back to the default. Local admins can
change these permissions with dpkg-statoverride.

 30. http://lists.debian.org/debian-devel/2006/07/msg00105.html
 31. http://lists.debian.org/debian-devel/2006/07/msg00115.html

Status of translated Packages Descriptions. Michael Vogt [32]asked for
testing of [33]APT from experimental. This version supports translated
package descriptions which are already available for [34]sid on many
mirrors and on the Debian description translation [35]project. A few
features which where available in the past such as reviewing of a
translation are not yet implemented but are [36]planned as part of the
new internationalisation framework.

 32. http://lists.debian.org/debian-devel/2006/07/msg01323.html
 33. http://packages.debian.org/apt
 34. http://www.debian.org/releases/sid/
 35. http://ddtp.debian.net/
 36. http://lists.debian.org/debian-devel/2006/07/msg01379.html

Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.

 * DSA 1125: [37]drupal -- Execution of arbitrary web script code.
 * DSA 1126: [38]asterisk -- Denial of service.
 * DSA 1127: [39]ethereal -- Several vulnerabilities.
 * DSA 1128: [40]heartbeat -- Denial of service.
 * DSA 1129: [41]osiris -- Arbitrary code execution.
 * DSA 1130: [42]sitebar -- Cross-site scripting.

 37. http://www.debian.org/security/2006/dsa-1125
 38. http://www.debian.org/security/2006/dsa-1126
 39. http://www.debian.org/security/2006/dsa-1127
 40. http://www.debian.org/security/2006/dsa-1128
 41. http://www.debian.org/security/2006/dsa-1129
 42. http://www.debian.org/security/2006/dsa-1130

New or Noteworthy Packages. The following packages were added to the
unstable Debian archive [43]recently or contain important updates.

 43. http://packages.debian.org/unstable/newpkg_main

 * [44]bcfg2 -- Configuration management client.
 * [45]beaglefs -- Implements a filesystem representing a live Beagle
 * [46]biloba -- Turn based strategy board game for up to 4 players.
 * [47]byzanz -- Small screencast creator.
 * [48]console-setup-mini -- Experimental micro version of
   console-setup package.
 * [49]cryptmount -- Management and user-mode mounting of encrypted
   file systems.
 * [50]gshare -- Easy user-level file sharing for GNOME.
 * [51]jpnevulator -- Serial sniffer.
 * [52]multisync-tools -- PIM Synchronisation Command Line Tools.
 * [53]necpp -- NEC2 Evolution Antenna Modelling System.
 * [54]open-iscsi -- High performance, transport independent
   implementation of RFC3720.
 * [55]openser -- Very fast and configurable SIP proxy.
 * [56]p3nfs -- Mount the file systems on the Psion/Symbian
 * [57]pdfcrack -- PDF files password cracker.
 * [58]phpgedview -- Web-based genealogy viewer and editor.
 * [59]qrfcview -- Viewer for IETF RFCs.
 * [60]rant -- Flexible, Ruby based make.
 * [61]serpentine -- Application for creating audio CDs.
 * [62]splashy -- Complete user-space boot splash system.
 * [63]tshark -- Network traffic analyser (console).
 * [64]vbindiff -- Visual binary diff, visually compare binary files.
 * [65]wireshark -- Network traffic analyser.
 * [66]wise -- Comparison of biopolymers, commonly DNA and protein

 44. http://packages.debian.org/unstable/admin/bcfg2
 45. http://packages.debian.org/unstable/gnome/beaglefs
 46. http://packages.debian.org/unstable/games/biloba
 47. http://packages.debian.org/unstable/graphics/byzanz
 48. http://packages.debian.org/unstable/utils/console-setup-mini
 49. http://packages.debian.org/unstable/admin/cryptmount
 50. http://packages.debian.org/unstable/gnome/gshare
 51. http://packages.debian.org/unstable/comm/jpnevulator
 52. http://packages.debian.org/unstable/utils/multisync-tools
 53. http://packages.debian.org/unstable/science/necpp
 54. http://packages.debian.org/unstable/net/open-iscsi
 55. http://packages.debian.org/unstable/net/openser
 56. http://packages.debian.org/unstable/otherosfs/p3nfs
 57. http://packages.debian.org/unstable/utils/pdfcrack
 58. http://packages.debian.org/unstable/web/phpgedview
 59. http://packages.debian.org/unstable/doc/qrfcview
 60. http://packages.debian.org/unstable/devel/rant
 61. http://packages.debian.org/unstable/gnome/serpentine
 62. http://packages.debian.org/unstable/graphics/splashy
 63. http://packages.debian.org/unstable/net/tshark
 64. http://packages.debian.org/unstable/utils/vbindiff
 65. http://packages.debian.org/unstable/net/wireshark
 66. http://packages.debian.org/unstable/science/wise

Orphaned Packages. 7 packages were orphaned this week and require a
new maintainer. This makes a total of 343 orphaned packages. Many
thanks to the previous maintainers who contributed to the Free
Software community. Please see the [67]WNPP pages for the full list,
and please add a note to the bug report and retitle it to ITA: if you
plan to take over a package. To find out which orphaned packages are
installed on your system the wnpp-alert program from devscripts may be

 67. http://www.debian.org/devel/wnpp/

 * [68]44bsd-rdist -- 4.4BSD rdist. ([69]Bug#380192)
 * [70]dcc -- Distributed Checksum Clearinghouse. ([71]Bug#380542)
 * [72]gch -- Ada quality & style checker. ([73]Bug#380193)
 * [74]gkrellongrun -- LongRun plug-in for GKrellM. ([75]Bug#379978)
 * [76]gpdf -- Portable Document Format (PDF) viewer.
 * [78]hubcot -- USB Hub mascot. ([79]Bug#379977)
 * [80]libpod-pom-perl -- Perl module of POD Object Model.

 68. http://packages.debian.org/unstable/net/44bsd-rdist
 69. http://bugs.debian.org/380192
 70. http://packages.debian.org/unstable/mail/dcc-client
 71. http://bugs.debian.org/380542
 72. http://packages.debian.org/unstable/devel/gch
 73. http://bugs.debian.org/380193
 74. http://packages.debian.org/unstable/x11/gkrellongrun
 75. http://bugs.debian.org/379978
 76. http://packages.debian.org/unstable/gnome/gpdf
 77. http://bugs.debian.org/380382
 78. http://packages.debian.org/unstable/utils/hubcot
 79. http://bugs.debian.org/379977
 80. http://packages.debian.org/unstable/perl/libpod-pom-perl
 81. http://bugs.debian.org/379983

Removed Packages. 18 packages have been [82]removed from the Debian
archive during the past week:

 82. http://ftp-master.debian.org/removals.txt

 * openldap2.2 -- OpenLDAP utilities
   [83]Bug#340349: Request of QA, superseded by openldap2.3; RC-buggy
   (non-free content)
 * ultrapossum -- Multi-functional LDAP Solution
   [84]Bug#378885: Request of QA, dead upstream, unmaintained,
   depends on removed openldap2.2
 * installwatch -- Track installation of local software
   [85]Bug#347469: Request of QA, merged into checkinstall
 * webmin-ldap-netgroups -- LDAP webmin module for editing netgroups
   [86]Bug#347773: Request of maintainer, depends on removed webmin
 * kimberlite -- High Availability Clustering Package
   [87]Bug#348195: Request of QA, orphaned, unused, dead upstream
 * mozilla-firefox-locale-it -- Mozilla Firefox Italian
   Language/Region Package
   [88]Bug#348357: Request of maintainer, superseded by
 * mgapdesk -- X configuration tool for Matrox video card
   [89]Bug#364344: Request of QA, orphaned, RC-buggy
 * libzlib-ruby -- Extension library to use zlib from Ruby 1.6
   [90]Bug#367903: Request of maintainer, ruby 1.6 removal
 * libiconv-ruby -- Wrapper class of iconv for the Ruby 1.6.x
   [91]Bug#367907: Request of maintainer, ruby 1.6 removal
 * libstrscan-ruby -- Fast string scanning library for Ruby
   [92]Bug#369417: Request of maintainer, ruby 1.6 removal
 * xerces26 -- validating XML parser library for C++ (development
   [93]Bug#375929: Request of maintainer, superseded by xerces27
 * gtk-smooth-engine -- Smooth Engine for GTK+ 1.2
   [94]Bug#378663: Request of maintainer, superseded by gtk2-engines
 * fisg -- Fast IRC Statistics Generator
   [95]Bug#378910: Request of maintainer, dead upstream
 * parted-swig -- Perl5 bindings for libparted
   [96]Bug#379293: Request of maintainer, upstream gone; out of
   date; RC buggy
 * python-orbit -- Python bindings for ORBit
   [97]Bug#379436: Request of maintainer, obsolete
 * tkpgp -- Tcl/Tk script that serves as a GUI shell for PGP or GnuPG
   [98]Bug#379509: Request of maintainer, upstream gone
 * mindi-kernel -- Failsafe Linux kernel for Mindi/Mondo
   [99]Bug#379570: Request of maintainer, replaced by using stock
   Debian kernels; 2.4 only
 * libflorist-3.15p-1 -- POSIX.5 Ada interface to operating system
   [100]Bug#379795: Request of maintainer, superseded by libflorist,

 83. http://bugs.debian.org/340349
 84. http://bugs.debian.org/378885
 85. http://bugs.debian.org/347469
 86. http://bugs.debian.org/347773
 87. http://bugs.debian.org/348195
 88. http://bugs.debian.org/348357
 89. http://bugs.debian.org/364344
 90. http://bugs.debian.org/367903
 91. http://bugs.debian.org/367907
 92. http://bugs.debian.org/369417
 93. http://bugs.debian.org/375929
 94. http://bugs.debian.org/378663
 95. http://bugs.debian.org/378910
 96. http://bugs.debian.org/379293
 97. http://bugs.debian.org/379436
 98. http://bugs.debian.org/379509
 99. http://bugs.debian.org/379570
 100. http://bugs.debian.org/379795

Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the [101]contributing
page to find out how to help. We're looking forward to receiving your
mail at [102]dwn@debian.org.

 101. http://www.debian.org/News/weekly/contributing
 102. mailto:dwn@debian.org

This issue of Debian Weekly News was edited by Jens Seidel and
Martin 'Joey' Schulze.

Reply to: