---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 18 April 2005.
---------------------------------------------------------------------------
==============
1. Gentoo News
==============
Documentation project updates
-----------------------------
Shyam Mani[1]'s excellent "USB Guide"[2] for Gentoo Linux is among the
highlighted additions to the ever-growing collection of in-house
documentation, which also includes a paper on configuring Fluxbox this
month. Complementing the existing Gnome and KDE documentation, this new
Fluxbox window manager configuration aide was written by Jonathan
Smith[3].
1. fox2mike@gmail.com
2. http://www.gentoo.org/doc/en/usb-guide.xml
3. smith.jonathan@gmail.com
Meanwhile, an announcement in the "Gentoo on Sparc" section of the Gentoo
Forums points to recently added documentation[4] for Gentoo Linux on Sun
hardware. Ciaran McCreesh[5], Todd Sunderlin[6] and Colin Morey[7] have
written the guides that should improve both installation and usability of
Gentoo Linux on Sparcs:
4. http://forums.gentoo.org/viewtopic-t-162259.html
5. ciaranm@gentoo.org
6. todd@gentoo.org
7. peitolm@gentoo.org
* Quickinstall[8]
* FAQ[9]
* Netboot Howto[10]
8. http://www.gentoo.org/doc/en/gentoo-sparc-quickinstall.xml
9. http://www.gentoo.org/doc/en/gentoo-sparc-faq.xml
10. http://www.gentoo.org/doc/en/gentoo-sparc-netboot-howto.xml
2005.0 aftermath releng meeting
-------------------------------
On Thursday 14 April the Gentoo Releng Team had a meeting to discuss the
good and bad things during the 2005.0 release and find new strategies for
the next release. First the good things should be named, like building a
CD that works well on a lot of systems and architectures, what was caused
by not rushing the release, so that we had time to fix bugs[11]. One part
of the release that first went wrong was communication, but with the
security-rebuilding communication improved a lot and the different arches
worked pretty well together with the Release Management. And now to the
bad things: We had that big delay of the release with more than six weeks
after the first discussed release date. Then there were some md5sums which
were not up to date with the LiveCDs, the announcement of the Release
through our PR-team has not been covered well, the Handbook has now
several updates which are not in the offline-version on the CD itself and
finally the community didn't accepted the pre-orders by the store.
11. http://www.gentoo.org/news/20050303-2005.0-secrebuild.xml
In order to resolve the issues, several strategies have been discussed. So
the Release-team will make better use of the devwiki[12] (devwiki means,
that it is for developers only), where we will place our documention for
the Release and create a Release-checklist, where every arch can note,
which step has been passed. Every arch should build a testing LiveCD that
will hit the mirrors in the experimental branch, so that users with
special hardware can test new improvements and tell us about them in
bug-reports. Common profiles and scripts should make the different arche's
LiveCDs more similary, so that users can find the same utilities on every
kind of LiveCD. And finally we want to do a better PR-work for the next
release.
12. http://devwiki.gentoo.org/
As a last point the next release date has been discussed. We don't want to
force it on a special date, as we want to release a LiveCD without major
bugs, although the 2005.1 release should be just a refresh of the 2005.0
release with newer software and less bugs. XLiveCDs with the Installer[13]
included are in discussion, but not mandatory for the next Release. The
release date will be about late July or August.
13. http://www.gentoo.org/proj/en/releng/installer/index.xml
New official Gentoo IRC channels
--------------------------------
Two new Gentoo IRC channels were recently added to the Gentoo IRC channel
list[14]:
14. http://www.gentoo.org/main/en/irc.xml
* #gentoo-netmon: Network Monitoring Packages
* #gentoo-voip: Voice over IP related Discussion
==============
2. Future Zone
==============
Luminocity X-LiveDVD for PPC released
-------------------------------------
Note: It started harmlessly as a development project for automatic X
configuration by the Gentoo/PPC team. All they wanted back then was to
showcase the new configurator in a couple of X-enabled LiveCDs. But what
Pieter Van den Abeele did release last week went more than just slightly
beyond the initial scope of the project...
A Gentoo-based PowerPC Altivec-Optimized LiveDVD with a long feature list
has been released last week. Its most unique feature is probably
Luminocity, an OpenGL-based experimental window manager technology
testbed. The medium allows you to try out Luminocity without having to
compile or install any experimental software from the Gnome CVS
repository. But the 1.8GB DVD is jock-full of other exciting features,
too:
* Smartcard integration: Gentoo sponsor company Genesi Inc. donated a
number of smartcard readers, complete with media, cards . The LiveDVD
supports authentication via smartcard for users to try it out, without the
need to personalize the card at first -- to be done later, using
opensc[15].
* GRID support: Sun Grid Engine 6 (SGE) core ported to PowerPC, Apple's
XGRID engine agent and standalone LAM-MPI, PVM libraries. These features
enable users to develop their own grid-enabled applications.
* Eclipse SDK: Much in demand, finally available from disk.
* Video conferencing: Compatible with QuickCam webcams from Logitech,
cross-platform audio and video conferencing that even works with
Microsoft's "net-meeting" is available directly from the LiveDVD.
* 3D desktop switching: OpenGL technology to make use of 3D graphics
features, including three-dimensional window managers.
* Text to Speech, Blender, Ardour, and many more...
* And last but not least, Gentoo's version of Xautoconfig on Apple
machines
15. http://www.opensc.org/
Figure 2.1: Gentoo LiveCD/DVD image asking for smartcard authentication
http://www.gentoo.org/images/gwn/20050418_livedvd.png
The Luminocity X-LiveDVD is available via bittorrent[16].
16. http://dev.gentoo.org/~pvdabeel/torrents/ppc-livedvd.torrent
=========================
3. Heard in the community
=========================
Web forums
----------
Search sucketh less
Tom Knight[17] spent ample time improving the search function of the
Forums, concerning both speed and selection criteria. Apart from getting
results faster than before, the default settings of a search now exclude
the entire Off The Wall section, the dustbin and all international forums,
a feature that had been requested by many users, and since a long time. As
an unpleasant side effect, searching for posts by specific users also
excluded the same forums -- a few complaints and even fewer hours later,
tomk had fixed this issue, too.
17. tomk@forums.gentoo.org
* New search function[18]
18. http://forums.gentoo.org/viewtopic-t-323916.html
Return of the avatars
Avatars not belonging to the default gallery of the forums were recently
disabled due to a vulnerability in php. While some users already feared
they would never come back, the avatars were actually reinstalled after
less than a day.
* [solved]No more avatars?[19]
19. http://forums.gentoo.org/viewtopic-t-322136.html
======================
4. Gentoo in the press
======================
InternetNews.com (14 April 2005)
--------------------------------
Last week InternetNews published an article titled "Non-Commercial Linux
Use on The Rise"[20], reporting that "new data released this week from
research firm Evans Data indicates non-commercial Linux distribution use
has passed the inflection point and is now more widely used by developers
than commercial Linux distributions." Counting Gentoo Linux among those
worth mentioning as examples for community distributions that have left
RedHat and SuSE behind as preferred platforms for development, author Sean
Michael Kerner quotes the research firm to explain why Gentoo et al. are
more popular with developers than their commercial cousins: "As the
general knowledge base of Linux has increased, developers are less reliant
on formal models of support.", states the study by Evans Data.
20. http://www.internetnews.com/dev-news/article.php/3497931
PC Inpact (13 April 2005, in French)
------------------------------------
A complete guide to installation and usage of a popular first-person
shooter game for Linux, World of Warcraft, has been published by French
"mégazine" PC Inpact in an article[21] published last week. Interesting to
note: Much of the content of the guide has been taken from the Gentoo
Forums, which are credited in the article as one of its major sources.
21. http://www.pcinpact.com/articles/d/51/1.htm
==================
5. Tips and tricks
==================
Bootup with the Gentoo 2005.0 logo
----------------------------------
When you boot from the 2005.0 LiveCD you see an awesome Gentoo bootlogo
and progress-bar -- and you wish you could impress your friends with it
during your usual bootup? Here we go:
Note: splashutils only work on x86 and amd64 architectures perfectly at
the moment. Support for ppc is in progress.
First of all, we need to emerge splashutils and splash-themes-livecd:
---------------------------------------------------------------------------
| Code Listing 5.1: |
|emerge splashutils and |
splash-themes-livecd-------------------------------------------------------
------------------
| |
|# emerge splash-themes-livecd |
|splashutils is a dependency of splash-themes-livecd |
| |
---------------------------------------------------------------------------
Now we have to create an initial boot-disk. You are free to change the
resolution to your choice, but choose one that is available as a config
file in /etc/splash/livecd-2005.0/:
---------------------------------------------------------------------------
| Code Listing 5.2: |
|Creation of an initrd with the |
2005.0-splash--------------------------------------------------------------
-----------
| |
|Be sure that /boot is mounted before you call the command |
|# splash_geninitramfs -v -g /boot/splash-livecd-2005.0-1024x768 \ |
| -r 1024x768 livecd-2005.0 |
| |
---------------------------------------------------------------------------
Check your kernel-config to make sure that "Initial RAM disk (initrd)
support" is built in. You can find the option in "Device Drivers" -->
"Block devices" --> "RAM disk support". Furthermore check that you are
using an appropriate framebuffer for your video-card ("Graphics Support")
or stick with the VESA-framebuffer. Usually splashutils should do the
checks during the emerge-progress, but we want to be sure. Now tell your
bootloader that it should load the initrd with the 2005.0-splash:
---------------------------------------------------------------------------
| Code Listing 5.3: |
|Configure the |
bootloader-----------------------------------------------------------------
--------
| |
|# nano -w /boot/grub/menu.lst |
|First change your kernel-boot-line to something like this (depends on |
|your used framebuffer and further kernel-parameters): |
|kernel /boot/kernel-2.6.11-r6 root=/dev/hda3 video=vesafb:1024x768-32@72 |
| splash=silent,theme:livecd-2005.0 quiet CONSOLE=/dev/tty1 |
|You must use more than 8bpp (in this example it is 32, |
|specified by 1024x768-32@72). |
| |
|Add the following line to your kernel-config: |
|initrd /boot/splash-livecd-2005.0-1024x768 |
| |
---------------------------------------------------------------------------
Now we have that nice bootup-splash installed. Finally we want a permanent
Gentoo statusbar at the bottom of our terminal-session, like on the
LiveCD. Therefore we have to change the default theme in /etc/splash:
---------------------------------------------------------------------------
| Code Listing 5.4: |
|Change the default |
splash---------------------------------------------------------------------
----
| |
|# cd /etc/splash |
|# rm default |
|# ln -s livecd-2005.0 default |
| |
---------------------------------------------------------------------------
This splash should be started after bootup has finished:
---------------------------------------------------------------------------
| Code Listing 5.5: |
|Add splash to the default |
runlevel-------------------------------------------------------------------
------
| |
|# rc-update add splash default |
| |
---------------------------------------------------------------------------
If you want to finetune the splash-theme, you should have a look at
/etc/conf.d/splash. Happy Gentooing!
Thanks to Michael Januszewski[22] for his work on splashutils and Nicholas
D. Wolfwood[23] for the 2005.0-theme.
22. spock@gentoo.org
23. blackace@gentoo.org
===========================
6. Moves, adds, and changes
===========================
Moves
-----
The following developers recently left the Gentoo team:
* None this week
Adds
----
The following developers recently joined the Gentoo Linux team:
* Harald van Dijck (truedfx) - Portage
* Vibhav Garg (vgarg) - Java
* Diego Pettenò (Flameeyes) - KDE
Changes
-------
The following developers recently changed roles within the Gentoo Linux
project:
* Nicholas Jones (carpaski) - Left the Portage team (and its lead
position)
* Marius Mauch (genone) - New Portage co-lead
* Brian Harring (ferringb) - New Portage co-lead
* Jason Stubbs (jstubbs) - New Portage co-lead
==================
7. Gentoo security
==================
OpenMotif, LessTif: New libXpm buffer overflows
-----------------------------------------------
A new vulnerability has been discovered in libXpm, which is included in
OpenMotif and LessTif, that can potentially lead to remote code execution.
For more information, please see the GLSA Announcement[24]
24. http://www.gentoo.org/security/en/glsa/glsa-200503-08.xml
xv: Filename handling vulnerability
-----------------------------------
xv contains a format string vulnerability, potentially resulting in the
execution of arbitrary code.
For more information, please see the GLSA Announcement[25]
25. http://www.gentoo.org/security/en/glsa/glsa-200503-09.xml
Mozilla Firefox: Various vulnerabilities
----------------------------------------
Mozilla Firefox is vulnerable to a local file deletion issue and to
various issues allowing to trick the user into trusting fake web sites or
interacting with privileged content.
For more information, please see the GLSA Announcement[26]
26. http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml
ImageMagick: Filename handling vulnerability
--------------------------------------------
A format string vulnerability exists in ImageMagick that may allow an
attacker to execute arbitrary code.
For more information, please see the GLSA Announcement[27]
27. http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml
Hashcash: Format string vulnerability
-------------------------------------
A format string vulnerability in the Hashcash utility could allow an
attacker to execute arbitrary code.
For more information, please see the GLSA Announcement[28]
28. http://www.gentoo.org/security/en/glsa/glsa-200503-12.xml
mlterm: Integer overflow vulnerability
--------------------------------------
mlterm is vulnerable to an integer overflow, which could potentially allow
the execution of arbitrary code.
For more information, please see the GLSA Announcement[29]
29. http://www.gentoo.org/security/en/glsa/glsa-200503-13.xml
KDE dcopidlng: Insecure temporary file creation
-----------------------------------------------
The dcopidlng script is vulnerable to symlink attacks, potentially
allowing a local user to overwrite arbitrary files.
For more information, please see the GLSA Announcement[30]
30. http://www.gentoo.org/security/en/glsa/glsa-200503-14.xml
X.org: libXpm vulnerability
---------------------------
A new vulnerability has been discovered in libXpm, which is included in
X.org, that can potentially lead to remote code execution.
For more information, please see the GLSA Announcement[31]
31. http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml
===========
8. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[32]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 10 April 2005 and 17 April 2005, activity on the
site has resulted in:
32. http://bugs.gentoo.org
* 835 new bugs during this period
* 436 bugs closed or resolved during this period
* 27 previously closed bugs were reopened this period
Of the 8583 currently open bugs: 90 are labeled 'blocker', 237 are labeled
'critical', and 641 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* Gentoo Recruiting Team[33], with 34 closed bugs[34]
* Xavier Neys[35], with 30 closed bugs[36]
* AMD64 Porting Team[37], with 30 closed bugs[38]
* media-video herd[39], with 19 closed bugs[40]
* Gentoo X-windows packagers[41], with 16 closed bugs[42]
* Gentoo Security[43], with 16 closed bugs[44]
* Gentoo Sound Team[45], with 12 closed bugs[46]
* Gentoo Games[47], with 11 closed bugs[48]
33. recruiters@gentoo.org
34.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=recruiters@gentoo.org
35. neysx@gentoo.org
36.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=neysx@gentoo.org
37. amd64@gentoo.org
38.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=amd64@gentoo.org
39. media-video@gentoo.org
40.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=media-video@gentoo.org
41. x11@gentoo.org
42.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=x11@gentoo.org
43. security@gentoo.org
44.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=security@gentoo.org
45. sound@gentoo.org
46.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=sound@gentoo.org
47. games@gentoo.org
48.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=games@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* GDesklets packages[49], with 44 new bugs[50]
* Gentoo Sound Team[51], with 22 new bugs[52]
* media-video herd[53], with 22 new bugs[54]
* AMD64 Porting Team[55], with 20 new bugs[56]
* Gentoo's Team for Core System packages[57], with 14 new bugs[58]
* Hanno Boeck[59], with 11 new bugs[60]
* Netmon Herd[61], with 10 new bugs[62]
* PHP Bugs[63], with 9 new bugs[64]
49. gdesklets@gentoo.org
50.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=gdesklets@gentoo.org
51. sound@gentoo.org
52.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=sound@gentoo.org
53. media-video@gentoo.org
54.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=media-video@gentoo.org
55. amd64@gentoo.org
56.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=amd64@gentoo.org
57. base-system@gentoo.org
58.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=base-system@gentoo.org
59. hanno@gentoo.org
60.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=hanno@gentoo.org
61. netmon@gentoo.org
62.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=netmon@gentoo.org
63. php-bugs@gentoo.org
64.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=php-bugs@gentoo.org
===============
9. GWN feedback
===============
Please send us your feedback[65] and help make the GWN better.
65. gwn-feedback@gentoo.org
================================
10. GWN subscription information
================================
To subscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-unsubscribe@gentoo.org from the email address you are
subscribed under.
===================
11. Other languages
===================
The Gentoo Weekly Newsletter is also available in the following languages:
* Danish[66]
* Dutch[67]
* English[68]
* German[69]
* French[70]
* Japanese[71]
* Italian[72]
* Polish[73]
* Portuguese (Brazil)[74]
* Portuguese (Portugal)[75]
* Russian[76]
* Spanish[77]
* Turkish[78]
66. http://www.gentoo.org/news/da/gwn/gwn.xml
67. http://www.gentoo.org/news/nl/gwn/gwn.xml
68. http://www.gentoo.org/news/en/gwn/gwn.xml
69. http://www.gentoo.org/news/de/gwn/gwn.xml
70. http://www.gentoo.org/news/fr/gwn/gwn.xml
71. http://www.gentoo.org/news/ja/gwn/gwn.xml
72. http://www.gentoo.org/news/it/gwn/gwn.xml
73. http://www.gentoo.org/news/pl/gwn/gwn.xml
74. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
75. http://www.gentoo.org/news/pt/gwn/gwn.xml
76. http://www.gentoo.org/news/ru/gwn/gwn.xml
77. http://www.gentoo.org/news/es/gwn/gwn.xml
78. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Wernfried Haas <w.haas@xover.htu.tuwien.ac.at> - Author
Pieter Van den Abeele <pvdabeel@gentoo.org> - Author
Lars Weiler <pylon@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 18 April 2005.
---------------------------------------------------------------------------
==============
1. Gentoo News
==============
Documentation project updates
-----------------------------
Shyam Mani[1]'s excellent "USB Guide"[2] for Gentoo Linux is among the
highlighted additions to the ever-growing collection of in-house
documentation, which also includes a paper on configuring Fluxbox this
month. Complementing the existing Gnome and KDE documentation, this new
Fluxbox window manager configuration aide was written by Jonathan
Smith[3].
1. fox2mike@gmail.com
2. http://www.gentoo.org/doc/en/usb-guide.xml
3. smith.jonathan@gmail.com
Meanwhile, an announcement in the "Gentoo on Sparc" section of the Gentoo
Forums points to recently added documentation[4] for Gentoo Linux on Sun
hardware. Ciaran McCreesh[5], Todd Sunderlin[6] and Colin Morey[7] have
written the guides that should improve both installation and usability of
Gentoo Linux on Sparcs:
4. http://forums.gentoo.org/viewtopic-t-162259.html
5. ciaranm@gentoo.org
6. todd@gentoo.org
7. peitolm@gentoo.org
* Quickinstall[8]
* FAQ[9]
* Netboot Howto[10]
8. http://www.gentoo.org/doc/en/gentoo-sparc-quickinstall.xml
9. http://www.gentoo.org/doc/en/gentoo-sparc-faq.xml
10. http://www.gentoo.org/doc/en/gentoo-sparc-netboot-howto.xml
2005.0 aftermath releng meeting
-------------------------------
On Thursday 14 April the Gentoo Releng Team had a meeting to discuss the
good and bad things during the 2005.0 release and find new strategies for
the next release. First the good things should be named, like building a
CD that works well on a lot of systems and architectures, what was caused
by not rushing the release, so that we had time to fix bugs[11]. One part
of the release that first went wrong was communication, but with the
security-rebuilding communication improved a lot and the different arches
worked pretty well together with the Release Management. And now to the
bad things: We had that big delay of the release with more than six weeks
after the first discussed release date. Then there were some md5sums which
were not up to date with the LiveCDs, the announcement of the Release
through our PR-team has not been covered well, the Handbook has now
several updates which are not in the offline-version on the CD itself and
finally the community didn't accepted the pre-orders by the store.
11. http://www.gentoo.org/news/20050303-2005.0-secrebuild.xml
In order to resolve the issues, several strategies have been discussed. So
the Release-team will make better use of the devwiki[12] (devwiki means,
that it is for developers only), where we will place our documention for
the Release and create a Release-checklist, where every arch can note,
which step has been passed. Every arch should build a testing LiveCD that
will hit the mirrors in the experimental branch, so that users with
special hardware can test new improvements and tell us about them in
bug-reports. Common profiles and scripts should make the different arche's
LiveCDs more similary, so that users can find the same utilities on every
kind of LiveCD. And finally we want to do a better PR-work for the next
release.
12. http://devwiki.gentoo.org/
As a last point the next release date has been discussed. We don't want to
force it on a special date, as we want to release a LiveCD without major
bugs, although the 2005.1 release should be just a refresh of the 2005.0
release with newer software and less bugs. XLiveCDs with the Installer[13]
included are in discussion, but not mandatory for the next Release. The
release date will be about late July or August.
13. http://www.gentoo.org/proj/en/releng/installer/index.xml
New official Gentoo IRC channels
--------------------------------
Two new Gentoo IRC channels were recently added to the Gentoo IRC channel
list[14]:
14. http://www.gentoo.org/main/en/irc.xml
* #gentoo-netmon: Network Monitoring Packages
* #gentoo-voip: Voice over IP related Discussion
==============
2. Future Zone
==============
Luminocity X-LiveDVD for PPC released
-------------------------------------
Note: It started harmlessly as a development project for automatic X
configuration by the Gentoo/PPC team. All they wanted back then was to
showcase the new configurator in a couple of X-enabled LiveCDs. But what
Pieter Van den Abeele did release last week went more than just slightly
beyond the initial scope of the project...
A Gentoo-based PowerPC Altivec-Optimized LiveDVD with a long feature list
has been released last week. Its most unique feature is probably
Luminocity, an OpenGL-based experimental window manager technology
testbed. The medium allows you to try out Luminocity without having to
compile or install any experimental software from the Gnome CVS
repository. But the 1.8GB DVD is jock-full of other exciting features,
too:
* Smartcard integration: Gentoo sponsor company Genesi Inc. donated a
number of smartcard readers, complete with media, cards . The LiveDVD
supports authentication via smartcard for users to try it out, without the
need to personalize the card at first -- to be done later, using
opensc[15].
* GRID support: Sun Grid Engine 6 (SGE) core ported to PowerPC, Apple's
XGRID engine agent and standalone LAM-MPI, PVM libraries. These features
enable users to develop their own grid-enabled applications.
* Eclipse SDK: Much in demand, finally available from disk.
* Video conferencing: Compatible with QuickCam webcams from Logitech,
cross-platform audio and video conferencing that even works with
Microsoft's "net-meeting" is available directly from the LiveDVD.
* 3D desktop switching: OpenGL technology to make use of 3D graphics
features, including three-dimensional window managers.
* Text to Speech, Blender, Ardour, and many more...
* And last but not least, Gentoo's version of Xautoconfig on Apple
machines
15. http://www.opensc.org/
Figure 2.1: Gentoo LiveCD/DVD image asking for smartcard authentication
http://www.gentoo.org/images/gwn/20050418_livedvd.png
The Luminocity X-LiveDVD is available via bittorrent[16].
16. http://dev.gentoo.org/~pvdabeel/torrents/ppc-livedvd.torrent
=========================
3. Heard in the community
=========================
Web forums
----------
Search sucketh less
Tom Knight[17] spent ample time improving the search function of the
Forums, concerning both speed and selection criteria. Apart from getting
results faster than before, the default settings of a search now exclude
the entire Off The Wall section, the dustbin and all international forums,
a feature that had been requested by many users, and since a long time. As
an unpleasant side effect, searching for posts by specific users also
excluded the same forums -- a few complaints and even fewer hours later,
tomk had fixed this issue, too.
17. tomk@forums.gentoo.org
* New search function[18]
18. http://forums.gentoo.org/viewtopic-t-323916.html
Return of the avatars
Avatars not belonging to the default gallery of the forums were recently
disabled due to a vulnerability in php. While some users already feared
they would never come back, the avatars were actually reinstalled after
less than a day.
* [solved]No more avatars?[19]
19. http://forums.gentoo.org/viewtopic-t-322136.html
======================
4. Gentoo in the press
======================
InternetNews.com (14 April 2005)
--------------------------------
Last week InternetNews published an article titled "Non-Commercial Linux
Use on The Rise"[20], reporting that "new data released this week from
research firm Evans Data indicates non-commercial Linux distribution use
has passed the inflection point and is now more widely used by developers
than commercial Linux distributions." Counting Gentoo Linux among those
worth mentioning as examples for community distributions that have left
RedHat and SuSE behind as preferred platforms for development, author Sean
Michael Kerner quotes the research firm to explain why Gentoo et al. are
more popular with developers than their commercial cousins: "As the
general knowledge base of Linux has increased, developers are less reliant
on formal models of support.", states the study by Evans Data.
20. http://www.internetnews.com/dev-news/article.php/3497931
PC Inpact (13 April 2005, in French)
------------------------------------
A complete guide to installation and usage of a popular first-person
shooter game for Linux, World of Warcraft, has been published by French
"mégazine" PC Inpact in an article[21] published last week. Interesting to
note: Much of the content of the guide has been taken from the Gentoo
Forums, which are credited in the article as one of its major sources.
21. http://www.pcinpact.com/articles/d/51/1.htm
==================
5. Tips and tricks
==================
Bootup with the Gentoo 2005.0 logo
----------------------------------
When you boot from the 2005.0 LiveCD you see an awesome Gentoo bootlogo
and progress-bar -- and you wish you could impress your friends with it
during your usual bootup? Here we go:
Note: splashutils only work on x86 and amd64 architectures perfectly at
the moment. Support for ppc is in progress.
First of all, we need to emerge splashutils and splash-themes-livecd:
---------------------------------------------------------------------------
| Code Listing 5.1: |
|emerge splashutils and |
splash-themes-livecd-------------------------------------------------------
------------------
| |
|# emerge splash-themes-livecd |
|splashutils is a dependency of splash-themes-livecd |
| |
---------------------------------------------------------------------------
Now we have to create an initial boot-disk. You are free to change the
resolution to your choice, but choose one that is available as a config
file in /etc/splash/livecd-2005.0/:
---------------------------------------------------------------------------
| Code Listing 5.2: |
|Creation of an initrd with the |
2005.0-splash--------------------------------------------------------------
-----------
| |
|Be sure that /boot is mounted before you call the command |
|# splash_geninitramfs -v -g /boot/splash-livecd-2005.0-1024x768 \ |
| -r 1024x768 livecd-2005.0 |
| |
---------------------------------------------------------------------------
Check your kernel-config to make sure that "Initial RAM disk (initrd)
support" is built in. You can find the option in "Device Drivers" -->
"Block devices" --> "RAM disk support". Furthermore check that you are
using an appropriate framebuffer for your video-card ("Graphics Support")
or stick with the VESA-framebuffer. Usually splashutils should do the
checks during the emerge-progress, but we want to be sure. Now tell your
bootloader that it should load the initrd with the 2005.0-splash:
---------------------------------------------------------------------------
| Code Listing 5.3: |
|Configure the |
bootloader-----------------------------------------------------------------
--------
| |
|# nano -w /boot/grub/menu.lst |
|First change your kernel-boot-line to something like this (depends on |
|your used framebuffer and further kernel-parameters): |
|kernel /boot/kernel-2.6.11-r6 root=/dev/hda3 video=vesafb:1024x768-32@72 |
| splash=silent,theme:livecd-2005.0 quiet CONSOLE=/dev/tty1 |
|You must use more than 8bpp (in this example it is 32, |
|specified by 1024x768-32@72). |
| |
|Add the following line to your kernel-config: |
|initrd /boot/splash-livecd-2005.0-1024x768 |
| |
---------------------------------------------------------------------------
Now we have that nice bootup-splash installed. Finally we want a permanent
Gentoo statusbar at the bottom of our terminal-session, like on the
LiveCD. Therefore we have to change the default theme in /etc/splash:
---------------------------------------------------------------------------
| Code Listing 5.4: |
|Change the default |
splash---------------------------------------------------------------------
----
| |
|# cd /etc/splash |
|# rm default |
|# ln -s livecd-2005.0 default |
| |
---------------------------------------------------------------------------
This splash should be started after bootup has finished:
---------------------------------------------------------------------------
| Code Listing 5.5: |
|Add splash to the default |
runlevel-------------------------------------------------------------------
------
| |
|# rc-update add splash default |
| |
---------------------------------------------------------------------------
If you want to finetune the splash-theme, you should have a look at
/etc/conf.d/splash. Happy Gentooing!
Thanks to Michael Januszewski[22] for his work on splashutils and Nicholas
D. Wolfwood[23] for the 2005.0-theme.
22. spock@gentoo.org
23. blackace@gentoo.org
===========================
6. Moves, adds, and changes
===========================
Moves
-----
The following developers recently left the Gentoo team:
* None this week
Adds
----
The following developers recently joined the Gentoo Linux team:
* Harald van Dijck (truedfx) - Portage
* Vibhav Garg (vgarg) - Java
* Diego Pettenò (Flameeyes) - KDE
Changes
-------
The following developers recently changed roles within the Gentoo Linux
project:
* Nicholas Jones (carpaski) - Left the Portage team (and its lead
position)
* Marius Mauch (genone) - New Portage co-lead
* Brian Harring (ferringb) - New Portage co-lead
* Jason Stubbs (jstubbs) - New Portage co-lead
==================
7. Gentoo security
==================
OpenMotif, LessTif: New libXpm buffer overflows
-----------------------------------------------
A new vulnerability has been discovered in libXpm, which is included in
OpenMotif and LessTif, that can potentially lead to remote code execution.
For more information, please see the GLSA Announcement[24]
24. http://www.gentoo.org/security/en/glsa/glsa-200503-08.xml
xv: Filename handling vulnerability
-----------------------------------
xv contains a format string vulnerability, potentially resulting in the
execution of arbitrary code.
For more information, please see the GLSA Announcement[25]
25. http://www.gentoo.org/security/en/glsa/glsa-200503-09.xml
Mozilla Firefox: Various vulnerabilities
----------------------------------------
Mozilla Firefox is vulnerable to a local file deletion issue and to
various issues allowing to trick the user into trusting fake web sites or
interacting with privileged content.
For more information, please see the GLSA Announcement[26]
26. http://www.gentoo.org/security/en/glsa/glsa-200503-10.xml
ImageMagick: Filename handling vulnerability
--------------------------------------------
A format string vulnerability exists in ImageMagick that may allow an
attacker to execute arbitrary code.
For more information, please see the GLSA Announcement[27]
27. http://www.gentoo.org/security/en/glsa/glsa-200503-11.xml
Hashcash: Format string vulnerability
-------------------------------------
A format string vulnerability in the Hashcash utility could allow an
attacker to execute arbitrary code.
For more information, please see the GLSA Announcement[28]
28. http://www.gentoo.org/security/en/glsa/glsa-200503-12.xml
mlterm: Integer overflow vulnerability
--------------------------------------
mlterm is vulnerable to an integer overflow, which could potentially allow
the execution of arbitrary code.
For more information, please see the GLSA Announcement[29]
29. http://www.gentoo.org/security/en/glsa/glsa-200503-13.xml
KDE dcopidlng: Insecure temporary file creation
-----------------------------------------------
The dcopidlng script is vulnerable to symlink attacks, potentially
allowing a local user to overwrite arbitrary files.
For more information, please see the GLSA Announcement[30]
30. http://www.gentoo.org/security/en/glsa/glsa-200503-14.xml
X.org: libXpm vulnerability
---------------------------
A new vulnerability has been discovered in libXpm, which is included in
X.org, that can potentially lead to remote code execution.
For more information, please see the GLSA Announcement[31]
31. http://www.gentoo.org/security/en/glsa/glsa-200503-15.xml
===========
8. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[32]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 10 April 2005 and 17 April 2005, activity on the
site has resulted in:
32. http://bugs.gentoo.org
* 835 new bugs during this period
* 436 bugs closed or resolved during this period
* 27 previously closed bugs were reopened this period
Of the 8583 currently open bugs: 90 are labeled 'blocker', 237 are labeled
'critical', and 641 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* Gentoo Recruiting Team[33], with 34 closed bugs[34]
* Xavier Neys[35], with 30 closed bugs[36]
* AMD64 Porting Team[37], with 30 closed bugs[38]
* media-video herd[39], with 19 closed bugs[40]
* Gentoo X-windows packagers[41], with 16 closed bugs[42]
* Gentoo Security[43], with 16 closed bugs[44]
* Gentoo Sound Team[45], with 12 closed bugs[46]
* Gentoo Games[47], with 11 closed bugs[48]
33. recruiters@gentoo.org
34.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=recruiters@gentoo.org
35. neysx@gentoo.org
36.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=neysx@gentoo.org
37. amd64@gentoo.org
38.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=amd64@gentoo.org
39. media-video@gentoo.org
40.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=media-video@gentoo.org
41. x11@gentoo.org
42.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=x11@gentoo.org
43. security@gentoo.org
44.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=security@gentoo.org
45. sound@gentoo.org
46.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=sound@gentoo.org
47. games@gentoo.org
48.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2005-04-10&chfieldto=2005-04-17&resolution=FIXED&assigned_to=games@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* GDesklets packages[49], with 44 new bugs[50]
* Gentoo Sound Team[51], with 22 new bugs[52]
* media-video herd[53], with 22 new bugs[54]
* AMD64 Porting Team[55], with 20 new bugs[56]
* Gentoo's Team for Core System packages[57], with 14 new bugs[58]
* Hanno Boeck[59], with 11 new bugs[60]
* Netmon Herd[61], with 10 new bugs[62]
* PHP Bugs[63], with 9 new bugs[64]
49. gdesklets@gentoo.org
50.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=gdesklets@gentoo.org
51. sound@gentoo.org
52.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=sound@gentoo.org
53. media-video@gentoo.org
54.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=media-video@gentoo.org
55. amd64@gentoo.org
56.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=amd64@gentoo.org
57. base-system@gentoo.org
58.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=base-system@gentoo.org
59. hanno@gentoo.org
60.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=hanno@gentoo.org
61. netmon@gentoo.org
62.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=netmon@gentoo.org
63. php-bugs@gentoo.org
64.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2005-04-10&chfieldto=2005-04-17&assigned_to=php-bugs@gentoo.org
===============
9. GWN feedback
===============
Please send us your feedback[65] and help make the GWN better.
65. gwn-feedback@gentoo.org
================================
10. GWN subscription information
================================
To subscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn-unsubscribe@gentoo.org from the email address you are
subscribed under.
===================
11. Other languages
===================
The Gentoo Weekly Newsletter is also available in the following languages:
* Danish[66]
* Dutch[67]
* English[68]
* German[69]
* French[70]
* Japanese[71]
* Italian[72]
* Polish[73]
* Portuguese (Brazil)[74]
* Portuguese (Portugal)[75]
* Russian[76]
* Spanish[77]
* Turkish[78]
66. http://www.gentoo.org/news/da/gwn/gwn.xml
67. http://www.gentoo.org/news/nl/gwn/gwn.xml
68. http://www.gentoo.org/news/en/gwn/gwn.xml
69. http://www.gentoo.org/news/de/gwn/gwn.xml
70. http://www.gentoo.org/news/fr/gwn/gwn.xml
71. http://www.gentoo.org/news/ja/gwn/gwn.xml
72. http://www.gentoo.org/news/it/gwn/gwn.xml
73. http://www.gentoo.org/news/pl/gwn/gwn.xml
74. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
75. http://www.gentoo.org/news/pt/gwn/gwn.xml
76. http://www.gentoo.org/news/ru/gwn/gwn.xml
77. http://www.gentoo.org/news/es/gwn/gwn.xml
78. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Wernfried Haas <w.haas@xover.htu.tuwien.ac.at> - Author
Pieter Van den Abeele <pvdabeel@gentoo.org> - Author
Lars Weiler <pylon@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list