This weeks DWN has arrived – containing items about Debian GNU/kFreeBSD Live CD, Creating SSL Certificates on Debian and Debian Conference: Call for Papers.
Debian Weekly News
Debian Weekly News – November 8th, 2005
Welcome to this year's 45th issue of DWN, the weekly newsletter for
the Debian community. Nathanael Nerode tried to solve some of the
problems in KDE packages in testing, due to various transitions and
fixes. In Florida 150 defendants perhaps will be acquitted because a
breathalyser company refused to turn over the source code of their
device despite of a judge's order.
Participating in the GPLv3 Process. Florian Weimer wondered if the
Debian project or Software in the Public Interest, Inc. is
participating in the creation process for the new General Public
License. He believes that Debian should be involved to ensure that
license compatibility does not decrease substantially, and that things
like the purported anti-DRM clauses remain practical.
Linux-Info-Tag Dresden Event Report. Meike Reichle and
Alexander Schmehl wrote reports about the Linux-Info-Tag
exhibition and conference that took place in Dresden, Germany at the
end of last month. Members of the Debian project ran a booth and gave
several talks there. The booth was ran together with people from
Debian GNU/kFreeBSD Live CD. Robert Millan announced version 1.0
of Ging, the only live distribution based on Debian GNU/kFreeBSD.
Ging is using KDE 3.4 as its desktop environment and
includes a mixture of KDE and GNOME applications such as
Konqueror, GIMP, KOffice, Gaim and others.
Creating SSL Certificates on Debian. A user documented the
creation and use of self signed SSL certificates to prevent browsers
from complaining about the certificates and describes in detail how
SSL certificates and a certification authority (CA) are created.
Distributing the CA certificate and configuring Apache to use the
newly created key and certificate are also described.
Debian Conference: Call for Papers. Andreas Schuldei called for
papers for potential presentation to be given at this year's
Debian Conference which will take place from the 14 May to the
22th 2006 in Oaxtepec, Mexico. Proposals will be accepted until
December 6th, 23h59 UTC, reviewed by the committee and accepted talks
will be published on December 20th.
Debian at Systems Exhibition. Erich Schubert reported about the
Debian presence at this year's Systems exhibition which was
organised and staffed by only a small number of Debian people. A few
people stopped by at the booth the morning he was around and asked
high-quality questions. More project members are needed for next
Closing Bugs as Submitter? Jan Nordholz wondered if it is desired
and possible to close ones own bug reports if they have been dealt
with accidently by a new upstream version or similar. Jeroen van
Wolffelaar proposed to write add an explanation to the bug report
and let the maintainer deal with it. Henning Makholm explained
that closing the bug report with the proper version pseudo-header is
the preferred method since version tracking is implemented.
Popular Debian Architectures. Petter Reinholdtsen reported about
an increased visibility of non-x86 architectures in the popularity
contest. The list of packages used around the globe is relevant
information that helps ordering the packages on the CDs, to make sure
the most popular packages end up on the first CDs.
Digital Key Revocation. Roberto Sanchez wondered when he should
revoke his old GnuPG key since he has created a new one but all of his
former Debian work is signed with the old one, of course. Christoph
Berg explained that he doesn't need to care about the Debian
archive since his packages carry the sponsor's signatures as the old
key is not included in the Debian keyring.
Dealing with OpenSSL and GPL. Sean Finney reported that he
maintains a package that uses the GNU GPL but links against
OpenSSL and would like to convert it to use GnuTLS. Hendrik
Sattler added a pointer to the compatibility layer that
intends to ease GnuTLS' integration with existing applications.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 879: gallery — Privilege escalation.
* DSA 880: phpmyadmin — Several vulnerabilities.
* DSA 881: openssl096 — Cryptographic weakness.
* DSA 882: openssl095 — Cryptographic weakness.
* DSA 883: thttpd — Insecure temporary file.
* DSA 884: horde3 — Insecure default installation.
* DSA 885: openvpn — Several vulnerabilities.
* DSA 886: chmlib — Several vulnerabilities.
* DSA 887: clamav — Several vulnerabilities.
* DSA 888: openssl — Cryptographic weakness.
* DSA 889: enigmail — Information disclosure.
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive recently or contain important updates.
* b2evolution — Multilingual, multiuser, multi-blog engine.
* bse-alsa — ALSA plugin for BEAST.
* comix — GTK Comic Book Viewer.
* dares — Rescue files from damaged CDs and DVDs
* gddrescue — GNU data recovery tool Ddrescue.
* geximon — Monitor for the exim MTA.
* ktorrent — BitTorrent client for KDE.
* monodevelop-java — Java plugin for MonoDevelop.
* papercut — Simple and extensible NNTP server.
* polyglot — Chess engine protocol adaptor to connect UCI
* portreserve — Port reservation program.
* postgresql-8.1 — Object-relational SQL database, version 8.1
* ssmping — Checks your multicast connectivity.
* tcpxtract — Extracts files from network traffic based on file
* uruk — Very small firewall script, for configuring iptables.
* yum — Advanced front-end for rpm.
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at firstname.lastname@example.org.