This weeks Weekly news from the mailing lists focus on fun&serious from the DebConf 5 and preparations for the next development cycle.
Debian Weekly News #29 — July 19th, 2005
Welcome to this year's 29th issue of DWN, the weekly newsletter for the Debian community. By the time that this issue is released, this year's Debian conference in Finland will have finished. About 270 people gathered for nearly three weeks in Helsinki forming a nice group
photo. During the conference Alioth has been upgraded
to Debian sarge with several improvements included.
Plans for new Debian-CDs. Steve McIntyre summarised the goals and plans for the next version of debian-cd. The handling of tasks and dependencies needs to be improved. They want to improve the layout code so that packages are copied faster and to simplify the task of creating different layouts, like multi-arch or combined binary/source.
Debian GNU/Hurd Status Update. Michael Banck reported that Debian GNU/Hurd is alive and kicking, though it could do with some more help. About 40 % of all Debian packages are built for the Hurd and a buildd is waiting for inclusion into the archive system. The core packages are maintained by a team and coordination of this port is organised via Alioth.
Library Updates for the C++ ABI Change. Steve Langasek explained that C++ libraries have to be renamed without a soname change during the transition to GCC 4.0 with a different application binary interface (ABI). He also warned developers not to upload libraries before the C++ libraries they depend on have successfully made the transition and are built on all architectures.
Expanding the Release Team. Andreas Barth is looking for new release assistants to better distribute the workload during the development cycle for etch that just started. Applicants need to
be Debian developers, have a lot of spare time to dedicate, worked on QA and understand general programming and scripting languages as well as Debian packaging. He also emphasised that this is a grunt work position.
Tracking Distributions and Versions. Colin Watson announced a large-scale modification of the bug
tracking system that allows to track versions and distributions that are affected by particular bugs. Reporters can now add particular version to which a bug applies and close bugs with regards to specific versions. As a result, the meaning of distribution-specific tags has changed.
Maintaining orphaned Packages. Raphaël Hertzog proposed to maintain orphaned packages with a small user base on Alioth and to hand out write access to those interested in them, even when they don't want to become their official maintainers. Basically he would like to start
a QA task force that actively maintains such packages with a lot of external input.
Debian Printing Group. Roger Leigh proposed
to form a printing group inside Debian in order to coordinate the variousprinting packages. Due to the numerous ways of setting up a working printingsystem, bugs in one package are often in interdependent packages. As aresult, the debian-printing list has been created.
SSH Default Setting changed. Marco d'Itri noticed
that the default setting of
HashKnownHosts has been set to
yes in sid which results in all new host addresses to be hashed. They are not human-readable anymore. Florian Weimer added
that this setting reduces the chance for worms to abuse the
known_hosts file. Colin Watson quoted
the documentation of
ssh-keygen that will help remove old entries.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- DSA 746: phpgroupware –
Remote command execution.
- DSA 754: centericq –
Insecure temporary file creation.
- DSA 755: tiff –
Arbitrary code execution.
- DSA 756: squirrelmail –
- DSA 757: krb5 –
- DSA 758: heimdal –
Arbitrary code execution.
- DSA 759: phppgadmin –
Directory traversal vulnerability.
- DSA 760: ekg –
- DSA 761: heartbeat –
Insecure temporary files.
- DSA 762: affix –
Arbitrary command and code execution.
New or Noteworthy Packages. The following packages were
added to the unstable Debian archive recently or contain
— Bootloader for Linux/m68k kernel for Amiga OS.
— Freescale Coldfire 5206 emulator.
— Manages symlinks into a shared DRBD partition.
— High performance programming language translator and tools.
— GTK2 application for managing DVD and video collections.
— Print plugin for the GIMP.
— GTK#-based graphing calculator.
— GUI management console for User Mode Linux.
— Utility for creating multi-layered backgrounds in X11.
— Inkjet server – Ghostscript driver for Gutenprint.
— Loop-player and recorder designed for live use.
— Build system with automated dependency analysis.
— C++ class library for image manipulation.
— Debian package installation, upgrading, and removal testing tool.
— Multi purpose SMTP Proxy.
— Regular expression development and execution tool.
— Ncurses BitTorrent client based on LibTorrent.
— Wallpaper changing utility for GNOME.
— The X.Org X server.
Want to continue reading DWN? Please help us create this
newsletter. We still need more volunteer writers who watch the Debian
community and report about what is going on. Please see the contributing page to find out how
to help. We're looking forward to receiving your mail at email@example.com.