Debian Weekly News - January 25th, 2005
Welcome to this year's 4th issue of DWN, the weekly newsletter for the Debian community. Marc Haber announced experimental packages of Exim4 linked against db4.2 for later inclusion in to sarge/sid. OSNews has a guideline on using the new debian-installer to install Debian by Luis Lima.
Sarge Release Progress Update. Steve Langasek sent in an update on the release progress for Debian 3.1. He reported that KDE 3.3 has been added to sarge and a porter upload for perl had taken place, which dropped the release critical bug count about 60 bugs. He also stated that progress on testing-proposed-updates and testing-security has been made but is still waiting for infrastructure.
Status Update for volatile Archive. Andreas Barth reported about the status of debian-volatile. This unofficial archive aims at supporting fast moving packages for the stable Debian release like spam filter, virus scanner and the like. He and his team have set up the infrastructure and mirrors for it. The first package, whois has been accepted for debian-volatile's section of woody.
Renaming Binary Packages. Jay Berkenbilt wanted to rename a package in order to lose the version in the package name. To achieve this he planned to create a new source package and convert the old packages into transitional packages only. Anthony Towns explained that the name of a library package does not have to match its soname and believes that no transitional packages need to be provided when Conflicts, Provides and Replaces fields are carefully crafted.
Support for Devfs? Russell Coker stated that devfs is regarded as obsolete in the kernel source and will be removed in July 2005. However, the new installer is based on it. Joey Hess asserted that Debian will not destabilise the installer by beginning to make large changes to it, like not using devfs, until sarge is released.
Changing the Architecture of a Package. Jay Berkenbilt wondered
if the change from
all in a Debian package would
require manual intervention. Santiago Vila asserted
that such a package could enter the archive even faster, since it is built for
11 architectures "instantly".
Debian Women IRC meeting. The Debian Women group held an IRC meeting on January 16th. The topic discussed was "How to best convey the purpose and goals of the Debian Women project to those who have questions about it." Prior to the meeting, Jérémy Bobbio raised the question of the best way to organise and moderate IRC meetings, especially when non-native English speakers are present. The meeting was well attended and provoked lively discussions. Minutes were taken by Colleen Hatfield.
Spurious Permissions Changes. Otto Wyss noticed
that permissions on a program he added the setuid flag were changed back
permanently. Peter Samuelson contributed
dpkg-statoverride command and Maciej Dems added
that it would be better to use sudo in this case.
Depending on a particular Kernel Package. Martin Kittel wondered if it is sensible to declare a dependency on a kernel image package since arguments were raised in a former discussion that not all users have the Debian kernel installed. Antti-Juhani Kaijanaho explained that the job of a dependency is to make sure that another package is installed so its provided content can be used. The kernel is a different case.
Mozilla Foundation Trademark Proposal. Gervase Markham from the Mozilla Foundation proposed a trademark agreement for Debian Firefox and Thunderbird packages. Walter Landry pointed out that people outside of Debian would still be unable to legally modify and redistribute the packages.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- DSA 645: cupsys -- Arbitrary code execution.
- DSA 646: imagemagick -- Arbitrary code execution.
- DSA 647: mysql -- Insecure temporary files.
- DSA 648: xpdf -- Arbitrary code execution.
- DSA 649: xtrlock -- Authentication bypass.
- DSA 650: sword -- Arbitrary code execution.
- DSA 651: squid -- Denial of service.
- DSA 652: unarj -- Several vulnerabilities.
- DSA 653: ethereal -- Several vulnerabilities.
- DSA 654: enscript -- Several vulnerabilities.
- DSA 655: zhcon -- Unauthorised file access.
- DSA 656: vdr -- Insecure file access.
- DSA 657: xine-lib -- Arbitrary code execution.
- DSA 658: libdbi-perl -- Insecure temporary file.
New or Noteworthy Packages. The following package was added to the unstable Debian archive recently or contain important updates.
- hplip -- HP Linux Printing and Imaging System.
Orphaned Packages. 4 packages were orphaned this week and require a new maintainer. This makes a total of 242 orphaned packages. Many thanks to the previous maintainers who contributed to the Free Software community. Please see the WNPP pages for the full list, and please add a note to the bug report and retitle it to ITA: if you plan to take over a package.
- binstats -- Statistics tool for installed programs. (Bug#292019)
- goats -- Sticky-note type program for Gnome 2. (Bug#290920)
- hanterm-classic -- Another X terminal emulator with Hangul support. (Bug#290921)
- hanterm-xf -- X terminal emulator with Hangul support. (Bug#290919)
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at firstname.lastname@example.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Martin Zobel-Helas, Helen Faulkner and Martin 'Joey' Schulze.