Debian Weekly News - June 24th, 2003
Welcome to this year's 25th issue of DWN, the weekly newsletter for the Debian community. Debian 3.0 has been on the cover of the Australian Australian Personal Computer magazine for the first time ever. Rob Savoye reported an interesting experience of bringing up a rack of 20 dual processor Itanium II machines (HP zx6000s), over a 48 hour period. All of them are now running Debian.
Security Update Procedure. Matt Zimmerman noticed that many package maintainers are not aware of the recommended methods for handling security issues in their packages. Therefore he urges anyone who participates in package maintenance to read the relevant section in the Developer's Reference which documents the current recommended procedures. It has recently been updated with additional details and clarifications.
Freeze Date Estimate. Drew Scott Daniels talked about freeze date estimates which he believes are useful for developers to help to prepare for a release. He expects the debian-installer to be finished in two months which makes him expect a freeze this year. He also estimates that the freeze cycle will last 6 months.
Debian presence at LinuxTag. The Debian project will be exhibiting at LinuxTag in Karlsruhe, Germany from July 10th to 13th with a booth in the exhibition and a day of talks and workshops dedicated to developers and interested users on July 11 2003. Newsforge has a story that details several of the non-profit exhibitors.
Popularity Contest Revised. Bill Allombert announced that he has written a replacement page for Avery Pennarun's now broken popularity contest web page. He's also made the page's script available. It sorts the results by number of installs, number of votes and more.
Knoppix and MAME. KnoppiXMAME 1.0 was released, as announced on Slashdot. KnoppiXMAME is a bootable arcade machine emulator powered by Knoppix Debian GNU/Linux, X-MAME 0.69, and gxmame 0.33. The ISO image is only 200 MB large. You can put the ROMs on the CD ISO without remastering/recompressing Knoppix.
80,000 GNU/Linux Computers in Schools. According to DesktopLinux.org a sweeping initiative in Extremadura, Spain has put 80,000 GNU/Linux computers in schools. The systems feature a customized version of Debian, called GNU/LinEx, and features the GNOME desktop and other Free Software productivity programs.
Voting Method General Resolution Results. Manoj Srivastava announced the results of the condorcet/Clone proof SSD Voting Method General Resolution. There were a total of 160 unique votes cast, with 144 votes in favour of the resolution. Therefore, the resolution passed with a 9:1 super majority, which is in excess of the required 3:1 majority.
LaTeX Project Public License. The LaTeX Project Public License (LPPL) has previously been considered non-free under the terms of the Debian Free Software Guidelines (DFSG). Jeff Licquia has now posted a new revision of the LPPL, which he believes satisfies the DFSG. There was general agreement that the new license is DFSG-free and after a year of work and perhaps 1,500 emails in total, the issue should hopefully be resolved.
Hardware Donations. Benjamin Mako Hill, the Debian Hardware Donations Manager, announced the availability of various hardware donations. Several SGI Indys have been donated to Debian recently in California, USA and Germany, and an Alphastation 200 may be available in Amsterdam. Mako also noted that there is no developer accessible Hurd machine available, but would be happy to coordinate the donation of hardware for this if it is something that developers feel would be useful.
Open Source and Mayor Election. This Wired news story tells us about a candidate for Mayor of Zaragoza, Spain, who is using the benefits of open source development as his platform for the election. Handing out copies of Augustux a Debian based distribution, and talking about free wireless Internet access for all, Belloch can clearly explain how free and open technologies can be translated into opportunities, political participation, economic growth and social welfare, with hard numbers and real details.
Software Patents in Europe. Wookey reported about the current status of Software Patents in Europe. Recently there has been a vote by the JURI committee which essentially allows complete patentability of software. There have been no significant provisions to help Free Software or reduce the effect on small businesses. The issue is very urgent! Wookey continues with a report about the conference about software patents in Brussels from May 5th to 7th.
Using apt-get with Rsync. Dan Jacobson wanted to know if
using the rsync method for
apt-get only affects fetching of the
Packages files or if it will also fetch the packages via
rsync. Colin Watson added that
gzip already contains a patch to create rsync-friendly
Missing Package Dates. Dan Jacobson noted that
Packages files don't contain information about when a package
was uploaded. Hence, without downloading and looking at the
changelog file one can't say
whether it is a package that was updated recently or another which hasn't been
updated for a long time.
Ceasing Support for Libc 5. Francesco Lovergine suggested to drop all i386-specific packages which are libc5 related. Some of these may be required to run proprietary non-free software, though.
Perl License Clarification. Marc Haber noticed that ftp people reject packages that are distributed "under the same terms as Perl itself". However, Perl is dual-licensed, using the GNU GPL and the Artistic license. Many people acknowledged this as a possible problem and recommended that upstream be made aware of the flexibility of interpretation of the Perl style copyright and licensing.
Annoying teTeX Upgrade Questions. Bernd Eckenfels noticed that upgrading teTeX packages results in updating configuration files. This won't be a problem at all, but upon upgrade the user is asked for many files whether it should be updated since allegedly local changes were made. Matt Zimmerman explained that this happens when a configuration file moves from one package to another, is renamed, or when a configuration file switches to being a configuration file when it was previously not.
Improper Package Description. Javier Fernández-Sanguino Peña complained about wrongly used package descriptions. The description should be written so that it gives the system administrator enough information to decide whether to install the package. Several packages fail to meet this requirement, hence, Javier is going to open bug reports accordingly.
Read-only Root Filesystem. Thomas Hood reported
that some progress has been made towards the goal of
making Debian easier to use with a read-only root filesystem. Action has been
taken to remove variable files from the directory
/etc/, or at
least to make it possible to do so locally.
Packaging Haskell Libraries. Isaac Jones reported about problems with packaging Haskell libraries. There has been a lot of discussion recently on the Haskell mailing lists about the best ways to package Haskell libraries and tools for Debian. One problem is that almost all Haskell compilers, interpreters and releases are binary-incompatible.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- ethereal -- Multiple vulnerabilities.
- eldev -- Insecure temporary file creation.
- orville-write -- Buffer overflows.
- xbl -- Buffer overflows.
- webfs -- Buffer overflow.
- osh -- Buffer overflows.
- tcptraceroute -- Failure to drop root privileges.
New or Noteworthy Packages. The following packages were added to the unstable Debian archive recently or contain important updates.
- ddns3-client -- Issues dynamic DNS v3 requests.
- dns-browse -- Front-ends to DNS search.
- hexer -- Interactive binary editor with a Vi-like interface.
- obexserver -- Receive files with OBEX protocol.
- rafkill -- Vertical shoot'em-up similar to Raptor: Call of the Shadows.
- steghide -- Steganography hiding tool.
- wiggle -- Program for applying patches with conflicting changes.
- yaz -- Utility programs for Z39.50 toolkit.
Orphaned Packages. 8 packages were orphaned this week and require a new maintainer. This makes a total of 189 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.
- gpe-todo -- GNU Palmtop Environment todo list. (Bug#198373)
- gtk-doc-tools -- GTK documentation tools. (Bug#197849)
- kbackup -- A console single host backup solution for various media. (Bug#198554)
- kforth -- Small Forth Interpreter Written in C++. (Bug#198151)
- libcapplet1 -- Library for GNOME Control Center applets. (Bug#197841)
- libgnomeprint15 -- GNOME Print architecture. (Bug#197842)
- memprof -- Memory profiler and leak detector. (Bug#197845)
- visual-tcl -- Tcl GUI builder. (Bug#197844)
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who investigate the Debian community and report about events in the community. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at firstname.lastname@example.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Dan Hunt, Drew Scott Daniels, Matt Black and Martin 'Joey' Schulze.