Debian Weekly News - September 21st, 2004
Welcome to this year's 37th issue of DWN, the weekly newsletter for the Debian community. A recent issue of the German computer magazine c't features an article about GNU/Linux on notebooks including a test of 14 current notebook models. One machine, an ASUS M2400N, came pre-installed with Debian GNU/Linux by Xtops.DE.
Security-Hardening Debian. Debian Hardened is a new project that wants be an official Debian sub-project. It aims at providing a complete tree of hardened kernel and software packages for a standard Debian distribution, without changing to another distribution like Adamantix and making easy the hardening of any machine running Debian GNU/Linux.
Ubuntu 4.10 Preview released. Benjamin Mako Hill announced the first beta release of Ubuntu Linux (codenamed "Warty Warthog"). The new distribution is based on Debian and features GNOME 2.8 and is available for the x86, AMD64, and PowerPC architectures. Ubuntu plan a new release every 6 months, with 18 months of security updates for each release. The relationship page provides a few details on their release process.
Updating Scanners and Filters in Debian stable. Joey Schulze asked about means to update the database of virus and security scanners, spam filters and the like for the upcoming Debian release. Nessus, and ClamAV use special plugins to update their databases, and f-prot uses an installer package. Martin Michlmayr proposed to modify the stable update policy instead.
Maintaining SSL Certificates. Kai Hendry wondered why he should build his own certification authority (CA) since SPI runs a CA and could be issuing certificates to make Debian users' life easier. Javier Fernández-Sanguino Peña explained that SPI is not a CA, but only use certificates for their own use and maybe close projects.
Open Software License v2.1. Matthew Wilcox started a new discussion on version 2.1 of the Open Software License after version 2.0 was not considered free according to the Debian Free Software Guidelines. Anthony DeRobertis asserted that the new version is still not free and is conform with the opinion of Andrew Suffield.
Debian and Global File System? An article on Newsforge reported that the Angelo Ovidi has released the first unofficial Debian kernel packages supporting Global File System (GFS) on a 220.127.116.11 vanilla kernel. GFS supports journaling, recovery from client failures, and many other features. Bastian Blank has already built and uploaded the first set of official packages to unstable, only one package is still waiting in the incoming queue.
Missing Source Packages in Sarge. Jeroen van Wolffelaar noticed
that for several binary packages the corresponding source packages are missing in the
Sources file. This means that there is neither a trust path from the
archive signing key, nor will it be possible to build the same version with
apt-get -b source.
Installer Release Candidate Planning. Joey Hess noticed that the new debian-installer is in a relatively good shape for another release. He would like to declare a new release candidate soon and tried to formulate a group goal for the developers meeting in Oldenburg, Germany, this week, so that all developers can work on a common task.
Weekly CD and DVD Builds. Santiago Garcia Mantinan announced that he is automatically building weekly CD and DVD images for sarge again. They now use JTE to allow for faster image generation. Because of the changed creation process, the new images may contain new bugs, so please report any problems to the debian-cd mailing list.
Sarge Release Notes. Rob Bradford announced that the release notes for sarge have finally been written. Translators who have formerly been disappointed by the lack of an English version can start translating the document.
LSB Status in Sarge? Martin Michlmayr wondered about the status of Linux Standard Base (LSB) in Debian sarge. Jeff Licquia explained that he is working on LSB 2.0 already and that he anticipates issues only with the dynamic linker, glibc, diff, coreutils and the Filesystem Hierarchy Standard.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- cupsys -- Denial of service.
- gdk-pixbuf -- Several vulnerabilities.
- imagemagick -- Buffer overflows.
- imlib -- Arbitrary code execution.
- gtk+2.0 -- Several vulnerabilities.
- wv -- Arbitrary command execution.
Debian Packages introduced last Week. Every day, a different Debian package is featured from the testing distribution. If you know about an obscure package you think others should also know about, send it to Andrew Sweger. Debian package a day introduced the following packages last week.
- logjam -- Client for LiveJournal-based sites.
- sash -- Stand-alone shell.
- k3b -- Sophisticated KDE CD burning application.
- ntlmaps -- NTLM Authorization Proxy Server.
- openvpn -- Virtual Private Network daemon.
Orphaned Packages. 1 package was orphaned this week and requires a new maintainer. This makes a total of 154 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at firstname.lastname@example.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Andre Lehovich and Martin 'Joey' Schulze.