There's a new DWN for our pleasure. Security Support for Woody ending, Improving Debian's Publicity and Automatic Debian Installation with Pre-Seeding are amongst the topics.
Debian Weekly News
Debian Weekly News – June 6th, 2006
Welcome to this year's 23rd issue of DWN, the weekly newsletter for
the Debian community. Enrico Zini reported that he has increased
the performance of debtags by improving the tagcoll library.
Krzysztof Klincewicz analysed 500 most active projects on
SourceForge and concluded that only little innovation happens in
Trustability of the Web of Trust. During the recent Debian
Conference Martin Krafft conducted a keysigning experiment to
raise questions about the Debian web of trust. This web consists of
signatures between GnuPG keys, which verify that the signer has reason
to believe that the key's owner is really the person who they claims
to be. However, the signer does not confirm the validity of a
government-issued form of identification, which is not possible given
the wide variety of identification to be found at an international
event with 140 participants.
Security Support for Woody ending. The Debian Project announced
that more than one year after the release of Debian GNU/Linux 3.1
alias 'sarge' the security support for the old stable distribution
3.0 will be terminated at the end of June 2006. Debian GNU/Linux 3.0
alias 'woody' has been released nearly four years ago on July 19th
Improving Debian's Publicity. Andreas Barth noted that there were
somewhat suboptimal news in the press about Debian in the past. It
seems that journalists did pick up postings which were primarily
targeted at Debian developers and wrote articles about with misleading
information. Andreas wondered how to improve this situation, probably
by offering direct phone contact to our developers for the
Debian Conference 6: Hot, spicy and working hard. Robin Miller
reported that this year's Debconf brought close to 300 Debian
developers, package maintainers, and other interested parties to
Mexico. A lot of work was aimed at making Debian more user-friendly.
Holger Levsen and several others shot high definition video of most
DebConf6 presentations which will be available on the
meetings-archive server soon.
Automatic Debian Installation with Pre-Seeding. Carla Schroder
explained how to generate a quick 'n' dirty preseed configuration
file for replicating a Debian installation, and how to perform a
minimal custom installation with a USB stick. She continued to
explain how to start a network installation with either a new USB
stick or an old CD-ROM, or an even more antique 3.5″ diskette.
Debian IRC moves to OFTC. The Debian project announced that it has
moved the irc.debian.org alias to the Open and Free Technology
Community (OFTC). This move was done in recognition of many
discussions taking place there already. OFTC is also a sister
organisation of Debian, as both are supported and represented by
Software in the Public Interest, Inc. The Debian project has been
using the Freenode IRC network for many years.
Failed Release Architecture Qualification. Andreas Barth reported
about three architectures that were released with Debian sarge
which currently do not meet the requirements for inclusion in
etch. Some sub-architectures of m68k still require the 2.2 or
2.4 kernel which are not supported anymore. The s390 port lacks a
sufficient number of developers. The sparc port lacks kernel
support. Help for these ports is highly appreciated.
New Debian Menu Structure. Bill Allombert proposed a new Debian
menu structure devised by Linas Zvirblis. Several sections have been
renamed and a number of sub-sections have been created to reflect the
large number of new applications. Developers should check whether
their current menu files still fit into the new structure and adjust
the section if not.
Delivering Mails for System Users? Andreas Metzler wondered if it
would be safe to reject any mail for system accounts based on the user
id unless it is redirected via /etc/aliases. Wouter Verhelst
explained that other distributions start with a lower uid for real
users. Stephen Samuel confirmed that this would cause problems in
a hybrid environment.
Debian Light Desktop. André Luiz Rodrigues Ferreira started
working on a desktop meta package for desktop machines running old
hardware. He received several improvements. Joey Hess would like
to add this to tasksel, so that the desktop task automatically
installs it if it detects a system that is not easily capable of
Reforming the New-Maintainer Process. Marc Brockschmidt proposed
to stiffen the requirements for prospective maintainers by adding a
second advocate and increasing the amount of packaging they must have
already accomplished in the past. This way the applicant is more into
Debian when they apply. He also suggested to separate upload
permissions, system accounts and voting rights which would mean a
reform of the Debian project.
Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.
* DSA 1083: motor — Arbitrary code execution.
* DSA 1084: typespeed — Arbitrary code execution.
* DSA 1085: lynx-cur — Several vulnerabilities.
* DSA 1086: xmcd — Denial of service.
* DSA 1087: postgresql — Encoding vulnerabilities.
* DSA 1088: centericq — Arbitrary code execution.
* DSA 1089: freeradius — Arbitrary code execution.
* DSA 1090: spamassassin — Arbitrary command execution.
New or Noteworthy Packages. The following packages were added to the
unstable Debian archive recently or contain important updates.
* aspell-ar — Arabic dictionary for aspell.
* emile — The Early Mac Image LoadEr.
* flasm — Assembler and disassembler for Flash (SWF) bytecode.
* gpiv — Graphic User Interface program for Particle Image
* gpivtools — Command line programs for Particle Image
* gvrng — Interactive, introductory programming language.
* ifpgui — QT based manager for iRiver iFP audio player.
* lingot — Accurate and easy to use musical instrument tuner.
* lsparisc — List all PA-RISC devices currently on system.
* memories — Web-based photo sharing application.
* pyflakes — Simple python source checker.
* rkward — KDE frontend to the R statistics language.
* totem-mozilla — Totem Mozilla plugin.
* ttf-thai-tlwg — Thai fonts in TrueType format.
* weather-util — Command-line tool to obtain weather conditions
* weechat-scripts — Script collection for the WeeChat IRC
* xchat-guile — Guile scripting plugin for XChat.
* xfonts-thai-poonlap — Poonlap Veerathanabutr bitmap fonts for
Orphaned Packages. 2 packages were orphaned this week and require a
new maintainer. This makes a total of 292 orphaned packages. Many
thanks to the previous maintainers who contributed to the Free
Software community. Please see the WNPP pages for the full list,
and please add a note to the bug report and retitle it to ITA: if you
plan to take over a package. To find out which orphaned packages are
installed on your system the wnpp-alert program from devscripts may be
* dmachinemon — Network-wide monitoring suite for monitoring
machine status. (Bug#370081)
* gamix — Graphical sound mixer for ALSA. (Bug#370080)
Removed Packages. One package has been removed from the Debian
archive during the past week:
* gngeo — NeoGeo emulator
Bug#354571: Request of QA, license problems, undistributable
Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the contributing
page to find out how to help. We're looking forward to receiving your
mail at firstname.lastname@example.org.
This issue of Debian Weekly News was edited by Sebastian Feltel
and Martin 'Joey' Schulze.