Debian-news is about one simple thing - news about Debian GNU/Linux and the top free distributions based on Debian GNU/Linux.


 

Debian Weekly News 37/2006

This weeks edition of DWN contains Secure APT Key Management, Alioth Incident Report and CD/DVD Creation Report
Quote:

—————————————————————————
Debian Weekly News
http://www.debian.org/News/weekly/2006/37/
Debian Weekly News – September 12th, 2006
—————————————————————————

Welcome to this year's 37th issue of DWN, the weekly newsletter for
the Debian community. Debian will be [1]present at the [2]Wizards of
OS conference next weekend in Berlin, Germany. André Luiz Rodrigues
Ferreira [3]wondered if there will be special Debian [4]themes
available for the desktop environments in [5]etch. Adrian von Bidder
[6]discovered a 16 core MIPS [7]server with Debian pre-installed.

1. http://lists.debian.org/debian-events-eu/2006/09/msg00007.html
2. http://www.debian.org/events/2006/0914-wizardsofos
3. http://lists.debian.org/debian-devel/2006/08/msg00510.html
4. http://wiki.debian.org/DebianDesktopArtwork
5. http://www.debian.org/releases/etch/
6. http://lists.debian.org/debian-devel/2006/08/msg00900.html
7. http://www.movidis.com/products/rev.asp

Secure APT Key Management. Andreas Barth [8]summarised the
[9]discussion about key management for APT from July. The general
idea is to have an offline key for signing stable releases per release
and a yearly rotating key for unstable. Stable release keys will be
revoked by stable+2, so that updates between stable releases still
work with the old key.

8. http://lists.debian.org/debian-release/2006/09/msg00042.html
9. http://lists.debian.org/debian-release/2006/07/msg00192.html

Alioth Incident Report. Raphaël Hertzog [10]reported Alioth was abused
as IRC proxy. Upon investigation the Alioth team discovered that many
projects are running custom-installed web applications and asked the
project administrators to review the installed software. Raphaël added
that a service like [11]Alioth is of great use for everybody, but its
openness is also its weakness.

10. http://lists.debian.org/debian-devel-announce/2006/09/msg00004.html
11. http://alioth.debian.org/

CD/DVD Creation Report. Steve McIntyre [12]reported about plans to
move the CD building and distribution servers to one site in order to
minimise transfer delays. Other ideas include a special network
installation CD that boots on the top three architectures and an
automatic CD checker and the integration of Carlos Parra Camargo's
work as part of Google's Summer of Code.

12. http://lists.debian.org/debian-devel-announce/2006/09/msg00006.html

Constitutional Amendment on Asset Handling. Manoj Srivastava
[13]called for votes on a [14]general resolution to address the
procedures related to handling assets for the Debian project. Votes
must be received by 23:59:59 UTC on Saturday, 23rd September, 2006.
This resolution reflects the fact that not only [15]Software in the
Public Interest, Inc. is handling assets for the Debian project.

13. http://lists.debian.org/debian-vote/2006/09/msg00160.html
14. http://www.debian.org/vote/2006/vote_003
15. http://www.spi-inc.org/

Using the BTS for License Issues. Anthony Towns [16]suggested
introducing a special licensing tag for reports in the [17]bug
tracking system (BTS) that claim a package is not suitable for
distribution due to licensing problems. Don Armstrong [18]stated that
it's generally a good idea to start with usertags. This could point to
the [19]debian-legal mailing list.

16. http://lists.debian.org/debian-legal/2006/09/msg00011.html
17. http://www.debian.org/Bugs/
18. http://lists.debian.org/debian-legal/2006/09/msg00023.html
19. http://lists.debian.org/debian-legal/

Status of the Internet Superserver. Roger Leigh [20]investigated the
inetd situation in [21]etch etch. Four of them support the IPv6
protocol but some of them can't be considered as a drop-in replacement
for the standard BSD Internet superserver. He added that users who are
upgrading from [22]woody or [23]sarge to [24]etch will not be switched
to openbsd-inetd, whereas new installs will use it by default.

20. http://lists.debian.org/debian-devel/2006/08/msg00483.html
21. http://www.debian.org/releases/etch/
22. http://www.debian.org/releases/woody/
23. http://www.debian.org/releases/sarge/
24. http://www.debian.org/releases/etch/

First Colombian Mini DebConf. Alejandro Ríos Peña [25]reported about
the first Colombian [26]Mini DebConf on August 19th and 20th. 14
Debian enthusiasts from all over the country participated in the event
and held a keysigning party. The Colombian Debian community is just
starting to get into the work and held a workshop on general Debian
tasks and package maintenance.

25. http://times.debian.net/1015-First-Colombian-Mini-DebConf
26. http://lists.debian.org/debian-devel-announce/2006/08/msg00002.html

Stable Release Update. Martin Zobel-Helas [27]summarised a stable
release manager meeting and concluded that the next stable update is
scheduled for mid of October. New kernel packages are said to be in
preparation, some packages were forgotten to be removed during the
last update, still some files weren't uploaded from the security
server. Anthony Towns has agreed to update the archive software to
allow updates of oldstable as well.

27. http://lists.debian.org/debian-release/2006/09/msg00096.html

Firefox and Seamonkey. Mike Hommey [28]called for testers of the new
Firefox 2.0b2 in experimental. In other news, work has started on
Seamonkey. The developer team hopes to be able to provide a full
featured package for etch so that people using Mozilla on sarge will
get a correct upgrade path. He has also uploaded a new [29]xulrunner
release that allows administrators to handle the certificates
databases for Mozilla products.

28. http://web.glandium.org/blog/?p=92
29. http://packages.debian.org/xulrunner

Security Updates. You know the drill. Please make sure that you update
your systems if you have any of these packages installed.

* DSA 1170: [30]gcc-3.4 — Directory traversal.
* DSA 1171: [31]ethereal — Several vulnerabilities.
* DSA 1172: [32]bind9 — Denial of service.
* DSA 1173: [33]openssl — RSA signature forgery cryptographic
weakness.

30. http://www.debian.org/security/2006/dsa-1170
31. http://www.debian.org/security/2006/dsa-1171
32. http://www.debian.org/security/2006/dsa-1172
33. http://www.debian.org/security/2006/dsa-1173

New or Noteworthy Packages. The following packages were added to the
unstable Debian archive [34]recently or contain important updates.

34. http://packages.debian.org/unstable/newpkg_main

* [35]aria2 — High speed download utility.
* [36]firefox-sage — Lightweight RSS and Atom feed reader for
Firefox.
* [37]gdrae — Real Academia Espanola dictionary interface.
* [38]gpscorrelate — Correlates digital photos with GPS data
filling EXIF fields.
* [39]gstm — Gnome SSH Tunnel Manager.
* [40]hugin — Panorama Tools GUI to make panoramas from multiple
pictures.
* [41]icecc — Distributed compiler (client and server).
* [42]kphotoalbum — Tool for indexing, searching and viewing images
by keywords for KDE.
* [43]list — Linux Statistics Client.
* [44]midish — Shell-like MIDI sequencer/filter.
* [45]mpop — POP3 mail retriever.
* [46]msntp — Very simple and portable SNTP client/server for UNIX.
* [47]obexfs — Mount filesystem of ObexFTP capable devices.
* [48]om — Realtime modular synthesiser and effects processor.
* [49]openguides — Web application for managing a
collaboratively-written city guide.
* [50]photoprint — Image printing utility.
* [51]queuegraph — RRDtool frontend for Postfix queue-statistics.
* [52]stealth — Stealthy File Integrity Checker.
* [53]vcf — Audio EQ biquad filters for LADSPA.
* [54]wodim — Command line CD writing tool.
* [55]wsjt — Weak-signal amateur radio communications.

35. http://packages.debian.org/unstable/net/aria2
36. http://packages.debian.org/unstable/web/firefox-sage
37. http://packages.debian.org/unstable/text/gdrae
38. http://packages.debian.org/unstable/graphics/gpscorrelate
39. http://packages.debian.org/unstable/gnome/gstm
40. http://packages.debian.org/unstable/graphics/hugin
41. http://packages.debian.org/unstable/kde/icecc
42. http://packages.debian.org/unstable/kde/kphotoalbum
43. http://packages.debian.org/unstable/utils/list
44. http://packages.debian.org/unstable/sound/midish
45. http://packages.debian.org/unstable/net/mpop
46. http://packages.debian.org/unstable/net/msntp
47. http://packages.debian.org/unstable/comm/obexfs
48. http://packages.debian.org/unstable/sound/om
49. http://packages.debian.org/unstable/perl/openguides
50. http://packages.debian.org/unstable/graphics/photoprint
51. http://packages.debian.org/unstable/admin/queuegraph
52. http://packages.debian.org/unstable/admin/stealth
53. http://packages.debian.org/unstable/sound/vcf
54. http://packages.debian.org/unstable/otherosfs/wodim
55. http://packages.debian.org/unstable/hamradio/wsjt

Orphaned Packages. 2 packages were orphaned this week and require a
new maintainer. This makes a total of 316 orphaned packages. Many
thanks to the previous maintainers who contributed to the Free
Software community. Please see the [56]WNPP pages for the full list,
and please add a note to the bug report and retitle it to ITA: if you
plan to take over a package. To find out which orphaned packages are
installed on your system the wnpp-alert program from devscripts may be
helpful.

56. http://www.debian.org/devel/wnpp/

* [57]convertfs — In-place filesystem conversion. ([58]Bug#386967)
* [59]obconf — Preferences manager for Openbox. ([60]Bug#385988)

57. http://packages.debian.org/unstable/admin/convertfs
58. http://bugs.debian.org/386967
59. http://packages.debian.org/unstable/x11/obconf
60. http://bugs.debian.org/385988

Removed Packages. 11 packages have been [61]removed from the Debian
archive during the past week:

61. http://ftp-master.debian.org/removals.txt

* cdrtools — Command line CD writing tools
[62]Bug#377109: Request of maintainer: non-free, license problems.
* bonobo-conf — Bonobo Configuration System
[63]Bug#252828: Request of QA, obsolete, no rev-deps, abandoned
upstream.
* hanterm-classic — Another X terminal emulator with Hangul support
[64]Bug#290921: Request of QA, orphaned for a long time, very few
users.
* povray-3.5 — Persistence of vision raytracer (3D renderer)
[65]Bug#294495: Request of maintainer, superseded by povray.
* scoop — Web-based collaborative media application
[66]Bug#301754: Request of QA, very few users, out of date,
orphaned.
* x-symbol — WYSIWYG TeX mode for XEmacs
[67]Bug#348060: Request of QA, orphaned, RC-buggy, inactive
upstream.
* blackbook — GTK+ Address Book Applet
[68]Bug#352437: Request of QA, orphaned, very few users, abandoned
upstream, many alternatives exist.
* cpanel — Configuration tool for Chinese desktop environment
[69]Bug#352557: Request of QA, obsolete, orphaned, very few users.
* arla — Free client for the AFS distributed network filesystem
[70]Bug#358482: Request of QA, orphaned, RC-buggy, OpenAFS is an
alternative.
* thai-system — Meta package for Thai environment under X11
[71]Bug#362490: Request of QA, uninstallable, orphaned; no users.
* mxv — Wave file editor with signal processing operators and
analysis
[72]Bug#364092: Request of QA, old, buggy, maintainer probably
MIA.

62. http://bugs.debian.org/377109
63. http://bugs.debian.org/252828
64. http://bugs.debian.org/290921
65. http://bugs.debian.org/294495
66. http://bugs.debian.org/301754
67. http://bugs.debian.org/348060
68. http://bugs.debian.org/352437
69. http://bugs.debian.org/352557
70. http://bugs.debian.org/358482
71. http://bugs.debian.org/362490
72. http://bugs.debian.org/364092

Want to continue reading DWN? Please help us create this newsletter.
We still need more volunteer writers who watch the Debian community
and report about what is going on. Please see the [73]contributing
page to find out how to help. We're looking forward to receiving your
mail at [74]dwn@debian.org.

73. http://www.debian.org/News/weekly/contributing
74. mailto:dwn@debian.org

This issue of Debian Weekly News was edited by Martin Zobel-Helas
and Martin 'Joey' Schulze.

– To UNSUBSCRIBE, email to debian-news-REQUEST@lists.debian.org with a subject of “unsubscribe”. Trouble? Contact listmaster@lists.debian.org

No Response to “Debian Weekly News 37/2006” »

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *


*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

Debian-News is not related to the Debian Project.
All logos and trademarks on this site are property of their respective owners.