Debian Weekly News - July 12th, 2005
Welcome to this year's 28th issue of DWN, the weekly newsletter for the Debian community. Bill Allombert called for arm porters to support the ARM port of Debian. As this year's Debian conference is taking place now, Debian Planet carries a lot of content from the attending developers.
LSB Version to support? Andreas Barth wondered which version of the Linux Standard Base (LSB) standard the upcoming etch release should support. Matt Taggart would like to support LSB 3.0 which requires a newer glibc and may also need some tweaks to X.Org, but both are needed anyway. To get the work done, Dave Neil started a discussion on who is working on which part.
GCC 4.0 and C++ ABI Change. Matthias Klose announced the start of the GCC and C++ transition. GCC 4.0 is now the default compiler in unstable, developers are required to upgrade their build environment accordingly. Developers are advised not to upload any C++ code, that build-depends on a library written in C++ which is not yet converted to the new C++ ABI (Application binary interface).
Debian Consultants List Update. Thomas Huriaux pointed out that several Debian consultants have not yet answered a "ping" message via mail, even though they are required to respond within four weeks according to the new Debian consultants policy. They will be removed from the list if they don't answer.
State of Ada in Debian. Ludovic Brenta reported about his 18 month of maintainership of many Ada and related packages in Debian and that he's looking for a new sponsor. He has also written a draft policy for Ada packages which should ensure that all Ada packages use the same ABI (binary interface), and work well together, especially libraries.
Dummy Transition Packages and the Replaces Field.
Margarita Manterola wondered what to do to avoid dummy packages. These help upgrading
packages to a different package. The alternative means using
Conflicts settings. Simon Richter explained
how this mechanism is supposed to work on a
Circular Dependencies. Bill Allombert wanted to remove circular dependencies as they cause problems during an upgrade. Robert Lemmen created a summary of current circular dependencies. Colin Watson added that dpkg will break loops and that pre-depends mitigate the problems.
Removing old orphaned Packages? Frank Lichtenheld prepared a list of packages that have been orphaned more than one year ago with nobody taking over maintainership. Many of these packages aren't used at all. Martin Michlmayr added more orphaned packages to the list. They are all planned to be removed from the distribution soon.
Removing non-free Documentation. Frank Lichtenheld planned to organise the removal of non-free documentation from Debian. There is not yet a timeline for when he will file bug reports, though. He also proposed to use a special subject line in which the used license is decoded for easier recognition of such bugs.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- DSA 737: clamav -- Remote denial of service.
- DSA 738: razor -- Remote denial of service.
- DSA 739: trac -- Upload/download vulnerability.
- DSA 740: zlib -- Denial of service.
- DSA 741: bzip2 -- Decompression bomb.
- DSA 742: cvs -- Arbitrary code execution.
- DSA 743: ht -- Arbitrary code execution.
- DSA 744: fuse -- Information disclosure.
- DSA 745: drupal -- Multiple vulnerabilities.
- DSA 747: egroupware -- Remote command execution.
- DSA 748: ruby1.8 -- Arbitrary command execution.
- DSA 749: ettercap -- Arbitrary command execution.
- DSA 750: dhcpcd -- Denial of service.
- DSA 751: squid -- IP spoofing vulnerability.
- DSA 752: gzip -- Several vulnerabilities.
- DSA 753: gedit -- Denial of service.
New or Noteworthy Packages. The following packages were added to the unstable Debian archive recently or contain important updates.
- gfortran -- GNU Fortran 95 compiler.
- imapcopy -- IMAP backup, copy and migration tool.
- jackbeat -- Drum-machine-like audio sequencer with JACK support.
- mksh -- Enhanced version of the Korn shell.
- scheme48 -- Simple, modular, and lightweight Scheme implementation.
- sgt-puzzles -- Simon Tatham's Portable Puzzle Collection - 1-player puzzle games.
- tdsodbc -- ODBC driver for connecting to MS SQL and Sybase SQL servers.
- tthsum -- Generates or checks TTH message digests.
- yaird -- Yet Another mkInitRD.
- ysm -- Powerful ICQ console client.
Orphaned Packages. 7 packages were orphaned this week and require a new maintainer. This makes a total of 222 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.
- libapache-template-perl -- Apache/mod_perl interface to the Template Toolkit. (Bug#317274)
- libclass-prototyped-perl -- Fast prototype-based OO programming in Perl. (Bug#317272)
- libcrypt-unixcrypt-perl -- Perl-only implementation of the crypt(3) function. (Bug#316936)
- libio-stty-perl -- Interface to secure pseudo ttys. (Bug#317273)
- mysql-navigator -- GUI client program for MySQL database server. (Bug#316938)
- pornview -- Image and movie viewer/manager. (Bug#316934)
- secpanel -- Graphical user interface for SSH and SCP. (Bug#317063)
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at email@example.com.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Filippo Giunchedi and Martin 'Joey' Schulze.