Debian Weekly News - email

Date: Wed, 7 Apr 1999 00:32:10 +0200
From: Wichert Akkerman - Debian project leader <leader@debian.org>
To: debian-devel-announce@lists.debian.org, debian-vote@lists.debian.org
Subject: the logo: logo selections now available!

--rS8CxjVDS/+yyDmU
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable


This has taken way too long, and I apoligize for that. But I hereby
present the best logos for your voting pleasure, as selected by the
logo team. Please note that the winning logo might need some
modifications before it can be used.=20

Here is the list of logos, with some personal comments from me. You
can view them online at http://www.debian.org/~wakkerma/logos/ .

* jeanette (ants)
Concept: Debian is a lot of people working together to produce some
  great things, just like ants.
Pros: strong imagery, official and liberal logo with the same theme
  but still different.
Cons: official and liberal logo might be too different

* raul (swirl)
Concept: magic being release from a genie bottle.
Pros: simple, good associations, already in a good format (EPS)
Cons: none :)

* villate (seal)
Concept: seal balancing the world
Note: should be modified to be an outline
Pros: playful, cute
Cons: needs some hard work to modify it to an outline

* guatamnlad (stylized D)
Note: animal in the background should be removed
Concept: modified D
Pros: simple, elegant
Cons: not very noticable compared to other logos (oh, a big letter?)

* captain blue-eye (the current logo)
Concept: modified version of Tux (the Linux penguin)
Pros: people already know it
Cons: too Linux-specific


---------------------------------------------------------------------------

I hereby propose to choose the new logo by General Resolution.

The ballot will contain the options:

1) jeanette (ants)
2) raul (swirl / genie)
3) villate (seal)
4) guatamnlad (stylized D)
5) captain blue-eye (the current logo)
6) further discussion

There are 497 registered voters.  That makes Q 22.29 and the quorum
67 votes. =20

Though there is normally a two week discussion period followed by a
two week voting period, I am shortening the discussion period to one
week.

--=20
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
This combination of bytes forms a message written to you by Wichert Akkerma=
n.
E-Mail: wakkerma@cs.leidenuniv.nl
WWW: http://www.wi.leidenuniv.nl/~wichert/

--rS8CxjVDS/+yyDmU
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia

iQB1AwUBNwqLaajZR/ntlUftAQHcGQL/aOSWeq4nrSMLaSslJYBhzwhBt41dqb5/
TNn1Noy9/qqQyGe0gw2mOAmz9VyfF6KXgnOIasw4lstf/vAdKWT9AOChCnfbvGDc
tdVCj6fe2F6AmTi9MxayJ0bt+f9zsv5g
=Zx4g
-----END PGP SIGNATURE-----

--rS8CxjVDS/+yyDmU--

Date: Wed, 7 Apr 1999 00:31:15 +0200
From: Wichert Akkerman - Debian project leader <leader@debian.org>
To: debian-devel-announce@lists.debian.org, debian-vote@lists.debian.org
Subject: the logo: license & number of logos

--1yeeQ81UyVL57Vl7
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable


During the last month there has been some discussion about how
many logos we need: either one logo just like we have now, or
two logos, and liberal and one official.=20

I feel that a vote would be a good way to resolve this issue. Here
is a short overview of the options:

* single logo
Concept: Same situation as we have now: use one logo that everyone can
  use freely.
Pros: single logo, no hassles with two licenses
Cons: we cannot distinguish products which we feel are more official or
   that deserve some official promotion except by using a special title
  liberal logo license:
    Copyright (c) 1999 Software in the Public Interest
    this logo or a modified version may be used by anyone to refer to
    the Debian project, but does not indicate endoresement by the
    project. We reserve the right to revoke a license at our discression.

* dual logo-set: liberal and official logo
Concept: a liberal logo which may be used and modified by everyone, and
  an official logo with a more restricted license that can be used for
  things that have some official approval
Pros: allows us to distinguish officialy sanctioned things while still
  allowing everyone to use another Debian logo
Cons: two logos might become confusing
Licenses:
  liberal logo license:
    Copyright (c) 1999 Software in the Public Interest
    this logo or a modified version may be used by anyone to refer to
    the Debian project, but does not indicate endoresement by the
    project.
  official logo license:
    Copyright (c) 1999 Software in the Public Interest
     I. This logo may only be used if:
       a) the product it is used for is made using a documented procedure=
=20
          as published on www.debian.org (for example official CD-creation)
       b) if we give approval for its use

     II. may be used if an official part of debian (decided using the rules
         in I) is part of the complete product, if it is made clear that on=
ly
         this part is officialy approved

     III. We reserve the right to revoke a license for a product


---------------------------------------------------------------------------

I hereby propose to choose the new logo by General Resolution.

The ballot will contain the options:

1) single logo (current situation)
2) dual logo-set (liberal and official logo)
3) further discussion

There are 497 registered voters.  That makes Q 22.29 and the quorum
67 votes. =20

Though there is normally a two week discussion period followed by a
two week voting period, I am shortening the discussion period to one
week.

--=20
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D
This combination of bytes forms a message written to you by Wichert Akkerma=
n.
E-Mail: wakkerma@cs.leidenuniv.nl
WWW: http://www.wi.leidenuniv.nl/~wichert/

--1yeeQ81UyVL57Vl7
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia

iQB1AwUBNwqLM6jZR/ntlUftAQHS3AMAhZr/WEv9MEtjO6mAAn99mUl3Dtuz9gil
vyetrxfiRATQhh33bed2X/v6x0WyQVuYIsulpFA1nOoSkl/dbn+GiIAaVIDAZs+8
XHKzxJuSNMCBeK7JsQeeRf6fAqXjB8Q4
=cQMK
-----END PGP SIGNATURE-----

--1yeeQ81UyVL57Vl7--

Date:	Sun, 4 Apr 1999 14:27:23 -0700
From:	debian-security-announce@LISTS.DEBIAN.ORG
Subject:      [SECURITY] new version of procmail with security fixes
To:	BUGTRAQ@NETSPACE.ORG

--pf9I7BMVVzbSWLtt
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

A new version of procmail has been released which fixes a couple
of buffer overflows and has extra security checks.

We recommend you upgrade your procmail package immediately.

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

Debian GNU/Linux 2.1 alias slink
-------------------------------

  This version of Debian was released only for Intel, the Motorola
  680x0, the alpha and the Sun sparc architecture.

  Source archives:
    http://ftp.debian.org/debian/dists/proposed-updates/procmail_3.13.orig.t=
ar.gz
	  MD5 checksum: 8c90af9adf933a6bc1f088efacfd9082
    http://ftp.debian.org/debian/dists/proposed-updates/procmail_3.13-1.diff=
.gz
      MD5 checksum: b65310e4c1d3bec1b472911373feb705
    http://ftp.debian.org/debian/dists/proposed-updates/procmail_3.13-1.dsc
      MD5 checksum: 3b6fdf4b9f8ed88d797ffd5f046f2fd9

  Alpha architecture:
    http://ftp.debian.org/debian/dists/proposed-updates/procmail_3.13-1_alph=
a.deb
      MD5 checksum: bab9879c1b20c0c054e9a4e7a1949171

  Intel architecture:
    http://ftp.debian.org/debian/dists/proposed-updates/procmail_3.13-1_i386=
.deb
      MD5 checksum: 4058e03128080dedf8668b185af8e40b

  Motorola 680x0 architecture:
    http://ftp.debian.org/debian/dists/proposed-updates/procmail_3.13-1_m68k=
.deb
      MD5 checksum: bbabee67ef2ff13656ef0231fa440a04

  Sun sparc architecture:
    http://ftp.debian.org/debian/dists/proposed-updates/procmail_3.13-1_spar=
c.deb
      MD5 checksum: 53fd16e8b927a165c30509780cc8c240

  These files will be moved into
  http://ftp.debian.org/debian/dists/slink/*/binary-$arch/ soon.


For not yet released architectures please refer to the appropriate
directory http://ftp.debian.org/debian/dists/sid/binary-$arch/ .

--=20
Debian GNU/Linux      .    Security Managers     .   security@debian.org
              debian-security-announce@lists.debian.org
  Christian Hudon     .     Wichert Akkerman     .     Martin Schulze
<chrish@debian.org>   .   <wakkerma@debian.org>  .   <joey@debian.org>

--pf9I7BMVVzbSWLtt
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia

iQB1AwUBNwfGKajZR/ntlUftAQEy0QMAspvwcG5PG+v6tbHNOnevd6myYGu/OGen
SKWZWSI7hY/bxDXjsbOvEAx1AyaFDQ3drY6CQFiyQwuGm/nz6c3/e7qzGWlDPsSs
fhuf4ooI0h1fAxkYAZ8zdwoQb75JNMYY
=8cTi
-----END PGP SIGNATURE-----

--pf9I7BMVVzbSWLtt--

Date: Mon, 5 Apr 1999 00:23:16 -0400
From: Branden Robinson <branden@ecn.purdue.edu>
To: debian-security-announce@debian.org
Subject: Debian immune to recent reported /tmp symlink races in XFree86

--9jxsPFA5p3P2qPhR
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: quoted-printable

Several distributions of late have made security releases addressing a
problem with symbolic links and race conditions in the /tmp directory.
Debian is not vulnerable to this particular problem, but it is possible for
the X server socket to be created in an inappropriate directory. While this
is not an exploitable security problem, it is not correct behavior, and
there will shortly be an updated version of the XFree86 3.3.2.3 packages in
the Debian archives. In the meantime, there is a test build available with
this problem (as well as few others) rectified.

The test build is available at:
http://master.debian.org/%7Ebranden/xfree86/

--=20
G. Branden Robinson              |   Suffer before God and ye shall be
Debian GNU/Linux                 |   redeemed.  God loves us, so He makes us
branden@ecn.purdue.edu           |   suffer Christianity.
cartoon.ecn.purdue.edu/~branden/ |   -- Aaron Dunsmore

--9jxsPFA5p3P2qPhR
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3a

iQCVAwUBNwg6s6iRn0nSNFD5AQG6EgQAybxH+fZol9qKTHdZjIHGSz2HyHumVNs+
dc3WShewdywgT4/KosEdqnVU9fRxxscai5lYA3JJtRFe1d21Fe8/hgNq1BOI+ruU
GYzZgpctOpwLoolVZUnOUQbLQq9DdXuK76yFQB52f3aDS+H+d3apWw7rRL19yI/u
u4ApXIXVJe4=
=Scd/
-----END PGP SIGNATURE-----

--9jxsPFA5p3P2qPhR--

To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.

Back issues of this newsletter are available.

This issue of Debian Weekly News was edited by Joey Hess.