Debian Weekly News - July 19th, 2005
Welcome to this year's 29th issue of DWN, the weekly newsletter for the Debian community. By the time that this issue is released, this year's Debian conference in Finland will have finished. About 270 people gathered for nearly three weeks in Helsinki forming a nice group photo. During the conference Alioth has been upgraded to Debian sarge with several improvements included.
Plans for new Debian-CDs. Steve McIntyre summarised the goals and plans for the next version of debian-cd. The handling of tasks and dependencies needs to be improved. They want to improve the layout code so that packages are copied faster and to simplify the task of creating different layouts, like multi-arch or combined binary/source.
Debian GNU/Hurd Status Update. Michael Banck reported that Debian GNU/Hurd is alive and kicking, though it could do with some more help. About 40 % of all Debian packages are built for the Hurd and a buildd is waiting for inclusion into the archive system. The core packages are maintained by a team and coordination of this port is organised via Alioth.
Library Updates for the C++ ABI Change. Steve Langasek explained that C++ libraries have to be renamed without a soname change during the transition to GCC 4.0 with a different application binary interface (ABI). He also warned developers not to upload libraries before the C++ libraries they depend on have successfully made the transition and are built on all architectures.
Expanding the Release Team. Andreas Barth is looking for new release assistants to better distribute the workload during the development cycle for etch that just started. Applicants need to be Debian developers, have a lot of spare time to dedicate, worked on QA and understand general programming and scripting languages as well as Debian packaging. He also emphasised that this is a grunt work position.
Tracking Distributions and Versions. Colin Watson announced a large-scale modification of the bug tracking system that allows to track versions and distributions that are affected by particular bugs. Reporters can now add particular version to which a bug applies and close bugs with regards to specific versions. As a result, the meaning of distribution-specific tags has changed.
Maintaining orphaned Packages. Raphaël Hertzog proposed to maintain orphaned packages with a small user base on Alioth and to hand out write access to those interested in them, even when they don't want to become their official maintainers. Basically he would like to start a QA task force that actively maintains such packages with a lot of external input.
Debian Printing Group. Roger Leigh proposed to form a printing group inside Debian in order to coordinate the various printing packages. Due to the numerous ways of setting up a working printing system, bugs in one package are often in interdependent packages. As a result, the debian-printing list has been created.
SSH Default Setting changed. Marco d'Itri noticed
that the default setting of HashKnownHosts
has been set to
yes
in sid which results in all new host addresses to be hashed.
They are not human-readable anymore. Florian Weimer added
that this setting reduces the chance for worms to abuse the
known_hosts
file. Colin Watson quoted
the documentation of ssh-keygen
that will help remove old
entries.
Security Updates. You know the drill. Please make sure that you update your systems if you have any of these packages installed.
- DSA 746: phpgroupware -- Remote command execution.
- DSA 754: centericq -- Insecure temporary file creation.
- DSA 755: tiff -- Arbitrary code execution.
- DSA 756: squirrelmail -- Several vulnerabilities.
- DSA 757: krb5 -- Multiple vulnerabilities.
- DSA 758: heimdal -- Arbitrary code execution.
- DSA 759: phppgadmin -- Directory traversal vulnerability.
- DSA 760: ekg -- Several vulnerabilities.
- DSA 761: heartbeat -- Insecure temporary files.
- DSA 762: affix -- Arbitrary command and code execution.
New or Noteworthy Packages. The following packages were added to the unstable Debian archive recently or contain important updates.
- amiboot -- Bootloader for Linux/m68k kernel for Amiga OS.
- coldfire -- Freescale Coldfire 5206 emulator.
- drbdlinks -- Manages symlinks into a shared DRBD partition.
- felix -- High performance programming language translator and tools.
- gcfilms -- GTK2 application for managing DVD and video collections.
- gimp-print -- Print plugin for the GIMP.
- graphmonkey -- GTK#-based graphing calculator.
- guml -- GUI management console for User Mode Linux.
- habak -- Utility for creating multi-layered backgrounds in X11.
- ijsgutenprint -- Inkjet server - Ghostscript driver for Gutenprint.
- kluppe -- Loop-player and recorder designed for live use.
- omake -- Build system with automated dependency analysis.
- paintlib2c2 -- C++ class library for image manipulation.
- piuparts -- Debian package installation, upgrading, and removal testing tool.
- proxsmtp -- Multi purpose SMTP Proxy.
- redet -- Regular expression development and execution tool.
- rtorrent -- Ncurses BitTorrent client based on LibTorrent.
- wallpaper-tray -- Wallpaper changing utility for GNOME.
- xserver-xorg -- The X.Org X server.
Want to continue reading DWN? Please help us create this newsletter. We still need more volunteer writers who watch the Debian community and report about what is going on. Please see the contributing page to find out how to help. We're looking forward to receiving your mail at dwn@debian.org.
To receive this newsletter weekly in your mailbox, subscribe to the debian-news mailing list.
Back issues of this newsletter are available.
This issue of Debian Weekly News was edited by Martin 'Joey' Schulze.