Debian Weekly News - January 11th, 2005
Welcome to this year's 2nd issue of DWN, the weekly newsletter for the Debian community. Knowing Knoppix is a beginner-friendly book to help new users with the Knoppix live CD. Bruno Torres conducted an interview with the Debian project leader Martin Michlmayr.
KDE 3.3 accepted into Testing. Release Manager Steve Langasek noted
that KDE 3.3 has been accepted into testing. He also expressed many
thanks to the KDE team for their efforts
in making this happen, and to Anthony Towns for hand-holding
through the transition. This transition closed
many long standing release-critical bugs in sarge, plus many
More frequently Package Install and Mirror Runs. Ken Bloom asked whether it would be possible to speed up the release process by having the daily archive run (package installations and mirror pulse) run more than only once a day, as suggested by a release proposal. Joey Hess noted that James Troup did not decline that. Release Manager Steve Langasek also added having a mirror pulse more often a day would also effect the testing transition.
Supporting free Java in Debian. Michael Koch considered the free Java implementations in good shape to run major applications and asked for more users to work with them and report bugs. He has gotten the impression that many people prefer to use non-free implementations instead of reporting back problems with the free packages. For better support people should give Kaffe, SableVM or JamVM or any of the other free JVM Implementations in Debian a try.
Dealing with Firmware Blobs. Matthew Garrett wondered how the Debian project is going to deal with kernel drivers that require non-free binary-only components to be loaded into the hardware. His proposals include to leave non-free firmware blobs in non-free, but don't force drivers that require these to be moved into contrib. Steve Langasek stated that he won't have a problem with a kernel package that provides some drivers that need to load firmware blobs from disk being in main.
Package Building without Helper Tools. Miriam Ruiz announced her article on how to build a Debian package without using helper tools. She explained, that it is not meant as a proof for an easy way to maintain packages, but as a comprehensive look inside Debian package building.
Rudeness in Changelog Files. Joey Hess pointed out rudeness in two current changelog files and wondered if we really need to be that naughty in our files. Even though Steve Greenland agrees that this is not the proper place, he can also understand the frustration with people who get on ones nerves.
APT Repository Documentation. Roberto Sanchez announced the APT howto he wrote, since none of the other documentation was particularly helpful to him. Ola Lundqvist added that instead of doing everything by hand one should use the debarchiver package.
Sarge Security Updates Propagation. Joey Hess has been giving weekly reports on packages that contain security updates in sid but which have not yet been propagated into sarge. He has created a comprehensive status page that contains the same information as well as open bugs for known unfixed security problems.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- DSA 624: zip -- Arbitrary code execution.
- DSA 625: pcal -- Arbitrary code execution.
- DSA 626: tiff -- Denial of service.
- DSA 627: namazu2 -- Cross-site scripting.
- DSA 628: imlib2 -- Arbitrary code execution.
- DSA 629: krb5 -- Arbitrary code execution.
- DSA 630: lintian -- Insecure temporary directory.
- DSA 631: kdelibs -- Arbitrary FTP command execution.
- DSA 632: linpopup -- Arbitrary code execution.
- DSA 633: bmv -- Insecure temporary file creation.
- DSA 634: hylafax -- Unauthorised access.
New or Noteworthy Packages. The following packages were added to the unstable Debian archive recently or contain important updates.
- daapd -- Serves music files using the Apple DAA protocol.
- fakepop -- Fake pop3 daemon. delivers same messages to all users.
- ffmpeg -- Multimedia player, server and encoder.
- foremost -- Forensics application to recover data.
- g-wrap -- Scripting interface generator for C.
- itagalog -- Tagalog dictionary for Ispell.
- kxdocker -- Innovative docker for KDE that is like Mac OS X Docker.
- mpegdemux -- MPEG1/2 system stream demultiplexer.
- mypasswordsafe -- Easy-to-use password manager.
- nws -- Grid monitoring infrastructure (executables and man pages).
- sdcv -- Command line version of StarDict dictionary tool.
- sendxmpp -- Commandline XMPP (jabber) utility.
- systraq -- Monitor your system and warn when system files change.
- ultrapossum -- Multifunctional LDAP Solution.
- widelands -- Fantasy real-time strategy game.
- wmctrl -- Control an EWMH/NetWM compatible X Window Manager.
Orphaned Packages. 10 packages were orphaned this week and require a new maintainer. This makes a total of 257 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.
- kernel-patch-systrace -- Systrace kernel patch. (Bug#289539)
- libcgi-untaint-perl -- Process CGI input parameters. (Bug#289433)
- libcgi-validate-perl -- Advanced CGI form parser and type validation. (Bug#289430)
- libconfig-general-perl -- Generic configuration module. (Bug#289434)
- libexporter-lite-perl -- Lightweight subset of Exporter. (Bug#289431)
- libuniversal-exports-perl -- Lightweight, universal exporting of variables. (Bug#289432)
- mga-vid -- Kernel driver for the back-end scaler on Matrox cards (source). (Bug#289435)
- middleman -- Web content caching and filtering proxy server. (Bug#289027)
- systrace -- Enforce system call policies for applications. (Bug#289537)
- xsystrace -- Systrace frontend invoked by systrace. (Bug#289538)
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at firstname.lastname@example.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Drew Scott Daniels, Martin Zobel-Helas, Tomas Pospisek, Alexander Schmehl, Drew Daniels and Martin 'Joey' Schulze.