Debian Weekly News - February 15th, 2005
Welcome to this year's 7th issue of DWN, the weekly newsletter for the Debian community. Legal professionals in Australia have developed a new judical information system based on Free Software and Debian in particular. Chris Halls announced preliminary packages for OpenOffice.org 1.9.73 built with Sun's JDK.
Debian Account Managing. Jörg Jaspert sent in a status report about the DAM (Debian Account Manager) work. He anticipates to have cleared the queue by next month already and also explained the general rules for accepting new developers. Emeritus developers are required to go through a short new-maintainer process as well, if they want to become active again.
Debian-Installer featured in c't. Andreas Barth reported that the German c't magazine has released a special CD based on the new Debian installer. Joey Hess added that the CD uses preseeding to automate the installation. Martin Zobel-Helas forwarded the conclusion of an article in the iX magazine of the same publisher that states it is a large step into the right direction.
Understanding Maintainer Scripts. Margarita Manterola documented the order in which maintainer scripts are called during package maintenance and the parameters they receive, since its documentation in the policy is difficult to follow. She accompanied the new text with some graphics that several people felt easier to understand than the plain text from the policy document.
DebConf5: Call for Papers. Andreas Schuldei called for papers for this year's Debian conference in Helsinki, Finland. Proposals will be accepted until March 15th 2005 and need to be submitted online. The review team will decide until April 1st which talks will be accepted. They will be recorded, and may be broadcast over the Internet.
Confusing udev Behaviour. Maykel Moya noticed
a strange directory
/.dev and removed its content which left his
system unbootable. Sam Morris explained that when udev
starts, the real
/dev is mounted to
/.dev so it can
still be accessed. This is only the case if the directory exists, however, so
removing the mount point is fine.
Configuration under Revision Control. Enrico Zini reported
that he has put his
/etc/ under svk control, which is a distributed
revision control system based on subversion. Florian Weimer
added that it supports symbolic links natively as well.
Debian Package Cycle. Martin F. Krafft improved the lifetime graph of a Debian package based on the work of Kevin Mark. It explains the way a new package takes into the Debian archive and the way updated packages take as well as security updates.
Debian's Wayback Machine. Martin 'Joey' Schulze reported about the
wayback machine for Debian packages that Fumitoshi Ukai (鵜飼 文敏)
provides on snapshot.debian.net. He explained that
it has become a very helpful resource for his work as member of the security
team since one can easily compare two older revisions of a package with the
Mailing Lists Bounce Handling. Pascal Hakim discussed handling bounces in mailing list servers. He mentions mail filters on SMTP-level to prevent spam and viruses which should not result in an unsubscription. Among other issues, active lists need to be treated differently than less active lists.
International Debian Welcome Messages. Joey Hess thanked Christian Perrier for collecting welcome sound files that could be played after the installation in many languages. Christian used these files as part of the Babelbox, a demonstration machine that reinstalls itself automatically with a different language at each iteration.
Should Branden run for the DPL? Branden Robinson is soliciting input on whether he should nominate himself again for the Debian project leader (DPL) elections. Before standing again, he would like to hear 100 developers support this action. A wiki page has been set up to track the feedback. 51 people have stated their support so far.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- DSA 673: evolution -- Arbitrary code execution as root.
- DSA 674: mailman -- Several vulnerabilities.
- DSA 675: hztty -- Local utmp exploit.
- DSA 676: xpcd -- Arbitrary code execution as root.
- DSA 677: sympa -- Potential arbitrary code execution.
- DSA 678: netkit-rwho -- Denial of service.
- DSA 679: toolchain-source -- Insecure temporary files.
- DSA 680: htdig -- Cross-site scripting vulnerability.
- DSA 681: synaesthesia -- Unauthorised file access.
- DSA 682: awstats -- Arbitrary command execution.
- DSA 683: postgresql -- Arbitrary code execution.
New or Noteworthy Packages. The following packages were added to the unstable Debian archive recently or contain important updates.
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at firstname.lastname@example.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Andre Lehovich and Martin 'Joey' Schulze.