Debian Weekly News - May 3rd, 2005
---------------------------------------------------------------------------
Debian Weekly News
http://www.debian.org/News/weekly/2005/18/
Debian Weekly News - May 3rd, 2005
---------------------------------------------------------------------------
Welcome to this year's 18th issue of DWN, the weekly newsletter for
the Debian community. As a hint of a working testing queue, the first
package has been [1]uploaded directly into testing. Many people are
pleased that the It has been appreciated a lot that the [2]NEW queue
is processed again. However, Anand Kumria [3]suggested packages
should be referred to the [4]technical committee when a decision had
not been made within two months.
1. http://lists.debian.org/debian-testing-changes/2005/05/msg00000.html
2. http://ftp-master.debian.org/new.html
3. http://lists.debian.org/debian-project/2005/04/msg00380.html
4. http://www.debian.org/devel/tech-ctte
Leadership Team Meeting. Andreas Schuldei sent in the [5]minutes of
the leadership team meeting last week in which he was appointed as
secretary. Topics discussed during the meeting were a contact address,
funding, for attendance at [6]aKademy 2005 in particular and a new
name. Additionally they resolved to invite Benjamin Hill to join the
team.
5. http://lists.debian.org/debian-project/2005/04/msg00401.html
6. http://dot.kde.org/1111445162/
Dealing with PHP Application Design Flaws. Martin Schulze [7]asked
about PHP applications that have non-silent include files placed in
the web directory. Such files are accessible via HTTP and can be used
for cross-site scripting [8]attacks or [9]disclose information
unintendedly. Henrique Holschuh [10]added that configuration files
should reside in /etc and not be accessible from the outside.
7. http://lists.debian.org/debian-security/2005/04/msg00103.html
8. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0870
9. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0459
10. http://lists.debian.org/debian-security/2005/04/msg00106.html
Sarge Release Update. Andreas Barth sent in another [11]status report
on the sarge release. The infrastructure for testing-security is more
or less in place and two new ARM buildds have been added. He
explicitly noted that all packages in sarge need to build from source.
He also asked for no uploads with major changes to unstable which
could cause problems in sarge.
11. http://lists.debian.org/debian-devel-announce/2005/04/msg00023.html
Debian Administration Website. Steve Kemp posted an [12]update on his
Debian administration [13]website. The site is now getting about 2,500
article views per day. Some of the tips and tricks about maintaining
Debian computers that originally appeared in English have also been
translated into [14]Polish and [15]Turkish. The site is also available
to be [16]syndicated for RDF users.
12. http://www.debian-administration.org/?article=131
13. http://www.debian-administration.org/
14. http://www.debianusers.pl/
15. http://www.debian-tr.org/
16. http://www.debian-administration.org/?about=Syndication
Debian Conference Update. Andreas Schuldei [17]announced the final
list of talks for the upcoming conference and reported that Debian has
received more then EUR 100,000 as donations. As a novelty this year
the Debian team will present Debian to the natives one day before the
conference. He encouraged the attendees to use the meeting for working
together with other developers face to face.
17. http://lists.debian.org/debian-devel-announce/2005/04/msg00022.html
Policy for Scheme Implementations. Jorgen Schäfer [18]reported that
the [19]Scheme Requests for Implementation process is trying to
[20]standardise interpreter names for Scheme scripts. Since this
introduces a name conflict if two implementations of Scheme both want
to support this scheme he proposed a [21]Scheme policy for Debian that
asks for the interpreter name to be managed by update-alternatives.
18. http://lists.debian.org/debian-devel/2005/04/msg01000.html
19. http://srfi.schemers.org/
20. http://srfi.schemers.org/srfi-22/srfi-22.html
21. http://people.debian.org/~forcer/debian-scheme-policy/debian-scheme-policy.html/
State of Debian. Linux Weekly News [22]reported on Bdale Garbee's talk
at this year's Debian [23]mini-conference at Linux Conference
Australia. He talked about how leadership works in Debian and
introduced the project leadership team (SCUD). He also floated a
proposal to replace the [24]DPL with an elected board. This would
require an amendment to the Debian [25]constitution, though. The idea
is still in the early stages, and will be further discussed in July at
this year's [26]Debian Conference in Helsinki, Finland.
22. http://lwn.net/Articles/132521/
23. http://www.debian.org/events/2005/0418-linuxconf
24. http://www.debian.org/devel/leader
25. http://www.debian.org/devel/constitution
26. http://www.debconf.org/debconf5/
Bug Squashing Long Weekend. Frank Lichtenheld [27]announced the bug
squashing weekend from May 5th to May, 8th. It will start on Thursday
since in many countries this day is a holiday. After all freeze
blockers seem to be gone finally, it's time to work on the remaining
release blockers. He asked developers to work on important and
security bugs as well, in addition to release-critical bugs.
27. http://lists.debian.org/debian-devel-announce/2005/05/msg00000.html
Release Team Meeting. Andreas Barth posted [28]minutes of release team
meeting in which the sarge release was discussed. They came to the
conclusion that the freeze can get into effect as of now. When the
archive is frozen, the release team will accept corrections for
important and above bugs, l10n and documentation updates via unstable.
Via testing-proposed-updates, only release-critical bug fixes, l10n
and documentation updates are accepted.
28. http://lists.debian.org/debian-release/2005/05/msg00008.html
Web Applications in Debian. After a [29]discussion on PHP applications
and due to the large number of web application packages Neil McGovern
[30]asked for a mailing list to handle such topics. Alexis Sukrieh
would also [31]like to extend the [32]Debian Policy Manual with
regards to web applications. Pascal Hakim finally [33]created the
[34]list.
29. http://lists.debian.org/debian-security/2005/04/msg00103.html
30. http://lists.debian.org/debian-devel/2005/04/msg01144.html
31. http://lists.debian.org/debian-devel/2005/04/msg01147.html
32. http://www.debian.org/doc/debian-policy/
33. http://lists.debian.org/debian-devel/2005/05/msg00075.html
34. http://lists.debian.org/debian-webapps/
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 715: [35]cvs -- Unauthorised repository access.
* DSA 716: [36]gaim -- Denial of service.
* DSA 717: [37]lsh-utils -- Several vulnerabilities.
* DSA 718: [38]ethereal -- Buffer overflow.
* DSA 719: [39]prozilla -- Arbitrary code execution.
* DSA 720: [40]smartlist -- Unauthorised un/subscription.
35. http://www.debian.org/security/2005/dsa-715
36. http://www.debian.org/security/2005/dsa-716
37. http://www.debian.org/security/2005/dsa-717
38. http://www.debian.org/security/2005/dsa-718
39. http://www.debian.org/security/2005/dsa-719
40. http://www.debian.org/security/2005/dsa-720
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive [41]recently or contain important updates.
41. http://packages.debian.org/unstable/newpkg_main
* [42]apt-rpm-repository -- Tools to create an APT RPM repository.
* [43]glob2 -- State-of-the-art Real Time Strategy (RTS) game.
* [44]imapsync -- IMAP synchronisation, copy and migration tool.
* [45]poc-streamer -- MP3/Ogg multicast/HTTP streamer and MP3
cutting tool.
* [46]pystatgrab -- Interface to the libstatgrab library for Python.
* [47]rageircd -- Versatile and flexible IRC Server daemon.
* [48]rbscrobbler -- Send Rhythmbox track information to
audioscrobbler.
* [49]spfquery -- Sender Policy Framework library, written in C.
* [50]svnmailer -- Extensible subversion commit notification tool.
* [51]tqsllib1 -- QSL signing routines for the Logbook of the World
(LoTW).
* [52]trashapplet -- Trash applet for GNOME.
* [53]tuxmath -- Math game for kids with Tux.
* [54]wyrd -- Text-based scheduler application.
42. http://packages.debian.org/unstable/admin/apt-rpm-repository
43. http://packages.debian.org/unstable/games/glob2
44. http://packages.debian.org/unstable/net/imapsync
45. http://packages.debian.org/unstable/sound/poc-streamer
46. http://packages.debian.org/unstable/python/pystatgrab
47. http://packages.debian.org/unstable/net/rageircd
48. http://packages.debian.org/unstable/sound/rbscrobbler
49. http://packages.debian.org/unstable/mail/spfquery
50. http://packages.debian.org/unstable/utils/svnmailer
51. http://packages.debian.org/unstable/libs/tqsllib1
52. http://packages.debian.org/unstable/gnome/trashapplet
53. http://packages.debian.org/unstable/games/tuxmath
54. http://packages.debian.org/unstable/utils/wyrd
Orphaned Packages. 5 packages were orphaned this week and require a
new maintainer. This makes a total of 225 orphaned packages. Many
thanks to the previous maintainers who contributed to the Free
Software community. Please see the [55]WNPP pages for the full list,
and please add a note to the bug report and retitle it to ITA: if you
plan to take over a package.
55. http://www.debian.org/devel/wnpp/
* [56]laptop-netconf -- Network detection and configuration program
for laptops. ([57]Bug#307071)
* [58]libmkdoc-xml-perl -- MKDoc XML Toolkit. ([59]Bug#307072)
* [60]libpetal-perl -- Perl Template Attribute Language - TAL for
Perl. ([61]Bug#307073)
* [62]ltsp-utils -- Linux Terminal Server Project (LTSP)
administration utilities. ([63]Bug#306902)
* [64]phpdoc -- Documentation for PHP4 and PHP3. ([65]Bug#306670)
56. http://packages.debian.org/unstable/net/laptop-netconf
57. http://bugs.debian.org/307071
58. http://packages.debian.org/unstable/perl/libmkdoc-xml-perl
59. http://bugs.debian.org/307072
60. http://packages.debian.org/unstable/perl/libpetal-perl
61. http://bugs.debian.org/307073
62. http://packages.debian.org/unstable/net/ltsp-utils
63. http://bugs.debian.org/306902
64. http://packages.debian.org/unstable/doc/phpdoc
65. http://bugs.debian.org/306670
Removed Packages. 5 packages have been [66]removed from the Debian
archive during the past few weeks:
66. http://ftp-master.debian.org/removals.txt
* xdelta2 -- version-control utility which works with binary files
[67]Bug#304051: Request of Maintainer, Buggy, unmaintained
upstream
* cyrus-sasl -- Cyrus SASL API implementation (RFC 2222)
[68]Bug#305119: Request of Maintainer, Outdated, deprecated
* catalog -- Tool to create, maintain and display Yahoo! like
directories
[69]Bug#187128: Request of Maintainer, QA, orphaned for two years,
hardly used
* phluid -- Imlib2 based Window Manager for X
[70]Bug#297440: Request of Maintainer, Unused, dead upstream,
contains non-free fonts
* orp-classpath -- Free java class libraries (specific to ORP JVM)
[71]Bug#306291: Request of QA, uninstalleable, dead upstream
67. http://bugs.debian.org/304051
68. http://bugs.debian.org/305119
69. http://bugs.debian.org/187128
70. http://bugs.debian.org/297440
71. http://bugs.debian.org/306291
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the [72]contributing
page to find out how to help. We're looking forward to receiving your
mail at [73]dwn@debian.org.
72. http://www.debian.org/News/weekly/contributing
73. mailto:dwn@debian.org
Reply to: