---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 30 January 2006.
---------------------------------------------------------------------------
==============
1. Gentoo news
==============
Modular X entering ~arch (testing)
----------------------------------
The X team members plan to remove all 289 modular X packages from
package.mask soon. They will enter ~arch (testing) for all the
architectures for which they're keyworded: alpha, amd64, arm, ia64, mips,
ppc, sh, sparc and x86. To learn how to upgrade properly, read the
migration guide[1] before starting the upgrade. It discusses how the USE
flags changed, why X.Org went modular and why emerge xorg-x11 won't be
quite enough yet.
1. http://www.gentoo.org/proj/en/desktop/x/x11/modular-x-howto.xml
Not all packages in the tree will work with modular X when it enters
~arch, although the most common applications already do. The X team
encourages users and developers to contribute fixes to their favorite
packages by reading the porting guide[2]. Applications requiring the most
work include games and packages without a listed maintainer in
metadata.xml or altogether lacking metadata.
2. http://www.gentoo.org/proj/en/desktop/x/x11/porting-modular-x-howto.xml
Donnie Berkholz[3] provides a list of all unported applications along with
their maintainers, updated daily, in his webspace[4]. A graph of porting
progress exists in the same location. If you encounter any bugs with the
migration, please report them at Gentoo's Bugzilla[5].
3. spyderous@gentoo.org
4. http://dev.gentoo.org/~spyderous/broken_modular/
5. https://bugs.gentoo.org
End of lifetime announcement for old-style configuration Apache packages
------------------------------------------------------------------------
In October, the Apache team made stable a new configuration style for
apache and its modules. While many users have made the switch, many
cautious users have not.
The Apache team is announcing that they will no longer support the
old-style configuration of Apache after March 1, 2006. Anyone who has not
upgraded to net-www/apache-2.0.55 and higher, or net-www/apache-1.3.34-r10
and higher should do so before then. For information on how to upgrade, we
provide an Upgrading Apache Guide[6].
6. http://www.gentoo.org/doc/en/apache-upgrading.xml
PHP Herd's January meeting
--------------------------
Gentoo's PHP Herd held their first meeting in 2006 on January 21st. Topics
on the agenda included election of herd leads, SLOTting of PHP minor
versions and the stabilization of dev-lang/php.
Luca Longinotti[7] has been elected as lead for core-PHP packages and
Sebastian Bergmann[8] as lead for PEAR packages. The PHP Herd agreed to
keep the SLOTting scheme as is, i.e. only major versions of PHP (PHP 4,
PHP 5) will be slotted. The most notable decision made from a users point
of view forces users to migrate from dev-php/php to dev-lang/php as soon
as possible as the PHP Herd decided to no longer support them. The old
dev-php/php packages will be package.masked as soon as the architecture
teams have stabilized the new-style PHP packages, which is expected by the
end of February, and removed from the Portage tree about two months later.
7. chtekk@gentoo.org
8. sebastian@gentoo.org
The minutes of the PHP Herd's January meeting are available at the PHP
Overlay website[9]. Their next meeting is scheduled for February 7th at
19:00 UTC in #gentoo-php on irc.freenode.net.
9. http://tinyurl.com/cc964
Slotted MySQL
-------------
Gentoo's MySQL maintainers plan to move =dev-db/mysql-4.1.16-r30 and
dev-db/mysql-5.0.18-r30 into ~arch (testing) soon. Those -r30 revision
Ebuilds now allow installing several MySQL versions in parallel, or in
Gentoo speak: They support SLOTting. While all minor versions beyond or
equal to 4.1 will become slotted, dev-db/mysql-4.0* will stay at SLOT="0".
To accomplish this, new Eclasses and an eselect module for easy switching
between MySQL versions were written. Though you can run several MySQL
versions simultaneously you are still limited to one (the current)
libmysqlclient at a time. To learn how to upgrade properly, read the
migration guide[10] before starting the upgrade. All packages in the tree
that worked before should also work with slotted MySQL when it enters
~arch.
10. http://www.gentoo.org/doc/en/mysql-upgrade-slotted.xml
If you encounter any bugs with the migration, please report them at
Gentoo's Bugzilla[11].
11. https://bugs.gentoo.org
gentoolkit update
-----------------
A new version of app-portage/gentoolkit (0.2.1) containing significant
improvements has been marked stable a few days ago. These are the major
changes between gentoolkit-0.2.0 and gentoolkit-0.2.1:
* A new tool called eclean for removing no longer needed distfiles and
packages has been added
* revdep-rebuild now allows for more user interaction and customizing.
You can avoid rebuilding binary packages like app-office/openoffice-bin by
setting the SEARCH_DIRS_MASK variable in /etc/make.conf to for example
skip packages installed in the /opt directory.
* One major fix optimizing memory consumption has been applied to equery.
Also many fixes made it more usable, though it is still not the fastest
program on the block. If the lack of speed bothers you, we would recommend
investigating the app-portage/portage-utils package
A detailed listing of the changes for those interested is in
/usr/share/doc/gentoolkit-0.2.1/ChangeLog.
Three million posts in the Gentoo Forums
----------------------------------------
Figure 1.1: Three million posts in the Gentoo Forums
http://www.gentoo.org/images/gwn/20060130_3M-posts.png
Almost exactly a year after reaching two million posts in January 2005[12]
the Gentoo Forums hit three million posts on Jan 24th. A thread on the
forums[13] not only features the answer to the question "Whose post was
it?", but also leaves space for wild conspiracy theories about a
mysterious decrease in postcount shortly before the three millionth post
was reached. The Gentoo Forums were noted to be among the largest phpBB
installations on big-boards.com[14].
12. http://www.gentoo.org/news/en/gwn/20050207-newsletter.xml
13. http://forums.gentoo.org/viewtopic-t-421954.html
14. http://rankings.big-boards.com/?filter=phpBB,all
pdftohtml replaced by poppler
-----------------------------
app-text/pdftohtml has been replaced by app-text/poppler because of
security concerns as stated in bug #115789[15]. You are strongly advised
to unmerge app-text/pdftohtml and emerge app-text/poppler instead.
15. https://bugs.gentoo.org/show_bug.cgi?id=115789
==============
2. Future zone
==============
"Prefixed Portage" for Gentoo for Mac OS X
------------------------------------------
For the last few months, the Gentoo for Mac OS X project has been serving
as the primary testbed for a "prefix aware" portage and ebuild repository.
This basically allows for a configurable 'offset prefix' in which portage
and all software it manages can be installed, as any user, without any
interference with the 'host' operating system. The need for such
functionality arose from the ever-increasing problems of using Portage in
'foreign' environments such as Apple's Mac OS X.
While in its current state, it is serving merely as a working and
functional prototype, it has opened up many exciting possibilities for the
future of Gentoo and Portage. Although the Gentoo for Mac OS X project is
the first project from the Gentoo/Alt umbrella project to have a pressing
need for portage installations that leave the host operating system
unmodified, it has proved to be of great interest to users and developers
alike who are having excellent results running portage on a multitude of
OS - AIX, HP-UX, FreeBSD, BeOS/Haiku/Zeta, Solaris, and Fedora Core Linux.
The Gentoo for Mac OS X team hopes to have preliminary documentation and
developer installer packages available as soon as possible. Those
interested in contributing may contact Kito Danya Dietrich[16] or Fabian
Groffen[17].
16. kito@gentoo.org
17. grobian@gentoo.org
=========================
3. Heard in the community
=========================
gentoo-dev
----------
sed vs. gsed
In his quest for Gentoo/Alt improvements Diego Pettenò [18] asks for
advice on how to handle sed as some of the alternative hosts for Gentoo
use non-GNU sed, which has a slightly different behavior in some cases.
18. flameeyes@gentoo.org
* sed vs. gsed [19]
19. http://thread.gmane.org/gmane.linux.gentoo.devel/35436
RFC: emerge snapshots
If something breaks during an update the "repair" often takes quite some
time. Are there any methods for doing a "rollback" to the old state of the
system to undo the breakage? What would need to be done to make this
feasible, and why is quickpkg often not good enough?
* RFC: emerge snapshots [20]
20. http://thread.gmane.org/gmane.linux.gentoo.devel/35411
======================
4. Gentoo in the press
======================
Alternative Linux distributions on the POWER5 platform
------------------------------------------------------
A review of unsupported Linux distributions on the POWER5 platform has
been published on IBM developerworks[21]. Besides Debian, openSUSE 10 and
Fedora Core this article also covers a test-environment and the
installation of Gentoo on an IBM eServerâ„¢ OpenPowerâ„¢ 720 system.
21. http://www-128.ibm.com/developerworks/linux/library/l-pow-linuxdistros.html?ca=drs-
=========================
5. Gentoo developer moves
=========================
Moves
-----
The following developers recently left the Gentoo project:
* None this week
Adds
----
The following developers recently joined the Gentoo project:
* Markus Ullmann (Jokey) - netmon
* Patrick Mclean (chutzpah) - sound, amd64
* Damian Kuras (shadoww) - Polish translations
* Karol Pasternak (reb) - Gentoo/OpenBSD Lead Developer
Changes
-------
The following developers recently changed roles within the Gentoo project:
* None this week
==================
6. Gentoo Security
==================
Sun and Blackdown Java: Applet privilege escalation
---------------------------------------------------
Sun's and Blackdown's JDK or JRE may allow untrusted applets to elevate
their privileges.
For more information, please see the GLSA Announcement[22]
22. http://www.gentoo.org/security/en/glsa/glsa-200601-10.xml
KDE kjs: URI heap overflow vulnerability
----------------------------------------
KDE fails to properly validate URIs when handling javascript, potentially
resulting in the execution of arbitrary code.
For more information, please see the GLSA Announcement[23]
23. http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml
Trac: Cross-site scripting vulnerability
----------------------------------------
Trac is vulnerable to a cross-site scripting attack that could allow
arbitrary JavaScript code execution.
For more information, please see the GLSA Announcement[24]
24. http://www.gentoo.org/security/en/glsa/glsa-200601-12.xml
Gallery: Cross-site scripting vulnerability
-------------------------------------------
Gallery is possibly vulnerable to a cross-site scripting attack that could
allow arbitrary JavaScript code execution.
For more information, please see the GLSA Announcement[25]
25. http://www.gentoo.org/security/en/glsa/glsa-200601-13.xml
LibAST: Privilege escalation
----------------------------
A buffer overflow in LibAST may result in execution of arbitrary code with
escalated privileges.
For more information, please see the GLSA Announcement[26]
26. http://www.gentoo.org/security/en/glsa/glsa-200601-14.xml
Paros: Default administrator password
-------------------------------------
Paros's database component is installed without a password, allowing
execution of arbitrary system commands.
For more information, please see the GLSA Announcement[27]
27. http://www.gentoo.org/security/en/glsa/glsa-200601-15.xml
===========
7. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[28]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 15 January 2006 and 29 January 2006, activity on
the site has resulted in:
28. http://bugs.gentoo.org
* 1734 new bugs during this period
* 960 bugs closed or resolved during this period
* 59 previously closed bugs were reopened this period
Of the 9192 currently open bugs: 72 are labeled 'blocker', 171 are labeled
'critical', and 503 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* PHP Bugs[29], with 53 closed bugs[30]
* Gentoo Games[31], with 47 closed bugs[32]
* Portage Utilities Team[33], with 45 closed bugs[34]
* AMD64 Porting Team[35], with 32 closed bugs[36]
* Perl Devs @ Gentoo[37], with 25 closed bugs[38]
* Gentoo Linux Gnome Desktop Team[39], with 25 closed bugs[40]
* Portage team[41], with 23 closed bugs[42]
* Gentoo's Team for Core System packages[43], with 22 closed bugs[44]
29. php-bugs@gentoo.org
30. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=php-bugs@gentoo.org
31. games@gentoo.org
32. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=games@gentoo.org
33. tools-portage@gentoo.org
34. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=tools-portage@gentoo.org
35. amd64@gentoo.org
36. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=amd64@gentoo.org
37. perl@gentoo.org
38. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=perl@gentoo.org
39. gnome@gentoo.org
40. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=gnome@gentoo.org
41. dev-portage@gentoo.org
42. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=dev-portage@gentoo.org
43. base-system@gentoo.org
44. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=base-system@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* Default Assignee for New Packages[45], with 72 new bugs[46]
* AMD64 Porting Team[47], with 17 new bugs[48]
* Default Assignee for Orphaned Packages[49], with 16 new bugs[50]
* Gentoo Games[51], with 14 new bugs[52]
* X11 External Driver Maintainers[53], with 13 new bugs[54]
* Volkov Peter[55], with 12 new bugs[56]
* Gentoo's Team for Core System packages[57], with 11 new bugs[58]
* Gentoo Sound Team[59], with 10 new bugs[60]
45. maintainer-wanted@gentoo.org
46. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=maintainer-wanted@gentoo.org
47. amd64@gentoo.org
48. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=amd64@gentoo.org
49. maintainer-needed@gentoo.org
50. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=maintainer-needed@gentoo.org
51. games@gentoo.org
52. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=games@gentoo.org
53. x11-drivers@gentoo.org
54. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=x11-drivers@gentoo.org
55. pva@gentoo.org
56. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=pva@gentoo.org
57. base-system@gentoo.org
58. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=base-system@gentoo.org
59. sound@gentoo.org
60. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=sound@gentoo.org
===============================
8. GWN subscription information
===============================
To subscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn+subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn+unsubscribe@gentoo.org from the email address you are
subscribed under.
==================
9. Other languages
==================
The Gentoo Weekly Newsletter is also available in the following languages:
* Danish[61]
* Dutch[62]
* English[63]
* German[64]
* French[65]
* Korean[66]
* Japanese[67]
* Italian[68]
* Polish[69]
* Portuguese (Brazil)[70]
* Portuguese (Portugal)[71]
* Russian[72]
* Spanish[73]
* Turkish[74]
61. http://www.gentoo.org/news/da/gwn/gwn.xml
62. http://www.gentoo.org/news/nl/gwn/gwn.xml
63. http://www.gentoo.org/news/en/gwn/gwn.xml
64. http://www.gentoo.org/news/de/gwn/gwn.xml
65. http://www.gentoo.org/news/fr/gwn/gwn.xml
66. http://www.gentoo.org/news/ko/gwn/gwn.xml
67. http://www.gentoo.org/news/ja/gwn/gwn.xml
68. http://www.gentoo.org/news/it/gwn/gwn.xml
69. http://www.gentoo.org/news/pl/gwn/gwn.xml
70. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
71. http://www.gentoo.org/news/pt/gwn/gwn.xml
72. http://www.gentoo.org/news/ru/gwn/gwn.xml
73. http://www.gentoo.org/news/es/gwn/gwn.xml
74. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Tobias Scherbaum <dertobi123@gentoo.org> - Author
Patrick Lauer <patrick@gentoo.org> - Author
Donnie Berkholz <spyderous@gentoo.org> - Author
Michael Stewart <vericgar@gentoo.org> - Author
Wernfried Haas <amne@gentoo.org> - Author
Fabian Groffen <grobian@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 30 January 2006.
---------------------------------------------------------------------------
==============
1. Gentoo news
==============
Modular X entering ~arch (testing)
----------------------------------
The X team members plan to remove all 289 modular X packages from
package.mask soon. They will enter ~arch (testing) for all the
architectures for which they're keyworded: alpha, amd64, arm, ia64, mips,
ppc, sh, sparc and x86. To learn how to upgrade properly, read the
migration guide[1] before starting the upgrade. It discusses how the USE
flags changed, why X.Org went modular and why emerge xorg-x11 won't be
quite enough yet.
1. http://www.gentoo.org/proj/en/desktop/x/x11/modular-x-howto.xml
Not all packages in the tree will work with modular X when it enters
~arch, although the most common applications already do. The X team
encourages users and developers to contribute fixes to their favorite
packages by reading the porting guide[2]. Applications requiring the most
work include games and packages without a listed maintainer in
metadata.xml or altogether lacking metadata.
2. http://www.gentoo.org/proj/en/desktop/x/x11/porting-modular-x-howto.xml
Donnie Berkholz[3] provides a list of all unported applications along with
their maintainers, updated daily, in his webspace[4]. A graph of porting
progress exists in the same location. If you encounter any bugs with the
migration, please report them at Gentoo's Bugzilla[5].
3. spyderous@gentoo.org
4. http://dev.gentoo.org/~spyderous/broken_modular/
5. https://bugs.gentoo.org
End of lifetime announcement for old-style configuration Apache packages
------------------------------------------------------------------------
In October, the Apache team made stable a new configuration style for
apache and its modules. While many users have made the switch, many
cautious users have not.
The Apache team is announcing that they will no longer support the
old-style configuration of Apache after March 1, 2006. Anyone who has not
upgraded to net-www/apache-2.0.55 and higher, or net-www/apache-1.3.34-r10
and higher should do so before then. For information on how to upgrade, we
provide an Upgrading Apache Guide[6].
6. http://www.gentoo.org/doc/en/apache-upgrading.xml
PHP Herd's January meeting
--------------------------
Gentoo's PHP Herd held their first meeting in 2006 on January 21st. Topics
on the agenda included election of herd leads, SLOTting of PHP minor
versions and the stabilization of dev-lang/php.
Luca Longinotti[7] has been elected as lead for core-PHP packages and
Sebastian Bergmann[8] as lead for PEAR packages. The PHP Herd agreed to
keep the SLOTting scheme as is, i.e. only major versions of PHP (PHP 4,
PHP 5) will be slotted. The most notable decision made from a users point
of view forces users to migrate from dev-php/php to dev-lang/php as soon
as possible as the PHP Herd decided to no longer support them. The old
dev-php/php packages will be package.masked as soon as the architecture
teams have stabilized the new-style PHP packages, which is expected by the
end of February, and removed from the Portage tree about two months later.
7. chtekk@gentoo.org
8. sebastian@gentoo.org
The minutes of the PHP Herd's January meeting are available at the PHP
Overlay website[9]. Their next meeting is scheduled for February 7th at
19:00 UTC in #gentoo-php on irc.freenode.net.
9. http://tinyurl.com/cc964
Slotted MySQL
-------------
Gentoo's MySQL maintainers plan to move =dev-db/mysql-4.1.16-r30 and
dev-db/mysql-5.0.18-r30 into ~arch (testing) soon. Those -r30 revision
Ebuilds now allow installing several MySQL versions in parallel, or in
Gentoo speak: They support SLOTting. While all minor versions beyond or
equal to 4.1 will become slotted, dev-db/mysql-4.0* will stay at SLOT="0".
To accomplish this, new Eclasses and an eselect module for easy switching
between MySQL versions were written. Though you can run several MySQL
versions simultaneously you are still limited to one (the current)
libmysqlclient at a time. To learn how to upgrade properly, read the
migration guide[10] before starting the upgrade. All packages in the tree
that worked before should also work with slotted MySQL when it enters
~arch.
10. http://www.gentoo.org/doc/en/mysql-upgrade-slotted.xml
If you encounter any bugs with the migration, please report them at
Gentoo's Bugzilla[11].
11. https://bugs.gentoo.org
gentoolkit update
-----------------
A new version of app-portage/gentoolkit (0.2.1) containing significant
improvements has been marked stable a few days ago. These are the major
changes between gentoolkit-0.2.0 and gentoolkit-0.2.1:
* A new tool called eclean for removing no longer needed distfiles and
packages has been added
* revdep-rebuild now allows for more user interaction and customizing.
You can avoid rebuilding binary packages like app-office/openoffice-bin by
setting the SEARCH_DIRS_MASK variable in /etc/make.conf to for example
skip packages installed in the /opt directory.
* One major fix optimizing memory consumption has been applied to equery.
Also many fixes made it more usable, though it is still not the fastest
program on the block. If the lack of speed bothers you, we would recommend
investigating the app-portage/portage-utils package
A detailed listing of the changes for those interested is in
/usr/share/doc/gentoolkit-0.2.1/ChangeLog.
Three million posts in the Gentoo Forums
----------------------------------------
Figure 1.1: Three million posts in the Gentoo Forums
http://www.gentoo.org/images/gwn/20060130_3M-posts.png
Almost exactly a year after reaching two million posts in January 2005[12]
the Gentoo Forums hit three million posts on Jan 24th. A thread on the
forums[13] not only features the answer to the question "Whose post was
it?", but also leaves space for wild conspiracy theories about a
mysterious decrease in postcount shortly before the three millionth post
was reached. The Gentoo Forums were noted to be among the largest phpBB
installations on big-boards.com[14].
12. http://www.gentoo.org/news/en/gwn/20050207-newsletter.xml
13. http://forums.gentoo.org/viewtopic-t-421954.html
14. http://rankings.big-boards.com/?filter=phpBB,all
pdftohtml replaced by poppler
-----------------------------
app-text/pdftohtml has been replaced by app-text/poppler because of
security concerns as stated in bug #115789[15]. You are strongly advised
to unmerge app-text/pdftohtml and emerge app-text/poppler instead.
15. https://bugs.gentoo.org/show_bug.cgi?id=115789
==============
2. Future zone
==============
"Prefixed Portage" for Gentoo for Mac OS X
------------------------------------------
For the last few months, the Gentoo for Mac OS X project has been serving
as the primary testbed for a "prefix aware" portage and ebuild repository.
This basically allows for a configurable 'offset prefix' in which portage
and all software it manages can be installed, as any user, without any
interference with the 'host' operating system. The need for such
functionality arose from the ever-increasing problems of using Portage in
'foreign' environments such as Apple's Mac OS X.
While in its current state, it is serving merely as a working and
functional prototype, it has opened up many exciting possibilities for the
future of Gentoo and Portage. Although the Gentoo for Mac OS X project is
the first project from the Gentoo/Alt umbrella project to have a pressing
need for portage installations that leave the host operating system
unmodified, it has proved to be of great interest to users and developers
alike who are having excellent results running portage on a multitude of
OS - AIX, HP-UX, FreeBSD, BeOS/Haiku/Zeta, Solaris, and Fedora Core Linux.
The Gentoo for Mac OS X team hopes to have preliminary documentation and
developer installer packages available as soon as possible. Those
interested in contributing may contact Kito Danya Dietrich[16] or Fabian
Groffen[17].
16. kito@gentoo.org
17. grobian@gentoo.org
=========================
3. Heard in the community
=========================
gentoo-dev
----------
sed vs. gsed
In his quest for Gentoo/Alt improvements Diego Pettenò [18] asks for
advice on how to handle sed as some of the alternative hosts for Gentoo
use non-GNU sed, which has a slightly different behavior in some cases.
18. flameeyes@gentoo.org
* sed vs. gsed [19]
19. http://thread.gmane.org/gmane.linux.gentoo.devel/35436
RFC: emerge snapshots
If something breaks during an update the "repair" often takes quite some
time. Are there any methods for doing a "rollback" to the old state of the
system to undo the breakage? What would need to be done to make this
feasible, and why is quickpkg often not good enough?
* RFC: emerge snapshots [20]
20. http://thread.gmane.org/gmane.linux.gentoo.devel/35411
======================
4. Gentoo in the press
======================
Alternative Linux distributions on the POWER5 platform
------------------------------------------------------
A review of unsupported Linux distributions on the POWER5 platform has
been published on IBM developerworks[21]. Besides Debian, openSUSE 10 and
Fedora Core this article also covers a test-environment and the
installation of Gentoo on an IBM eServerâ„¢ OpenPowerâ„¢ 720 system.
21. http://www-128.ibm.com/developerworks/linux/library/l-pow-linuxdistros.html?ca=drs-
=========================
5. Gentoo developer moves
=========================
Moves
-----
The following developers recently left the Gentoo project:
* None this week
Adds
----
The following developers recently joined the Gentoo project:
* Markus Ullmann (Jokey) - netmon
* Patrick Mclean (chutzpah) - sound, amd64
* Damian Kuras (shadoww) - Polish translations
* Karol Pasternak (reb) - Gentoo/OpenBSD Lead Developer
Changes
-------
The following developers recently changed roles within the Gentoo project:
* None this week
==================
6. Gentoo Security
==================
Sun and Blackdown Java: Applet privilege escalation
---------------------------------------------------
Sun's and Blackdown's JDK or JRE may allow untrusted applets to elevate
their privileges.
For more information, please see the GLSA Announcement[22]
22. http://www.gentoo.org/security/en/glsa/glsa-200601-10.xml
KDE kjs: URI heap overflow vulnerability
----------------------------------------
KDE fails to properly validate URIs when handling javascript, potentially
resulting in the execution of arbitrary code.
For more information, please see the GLSA Announcement[23]
23. http://www.gentoo.org/security/en/glsa/glsa-200601-11.xml
Trac: Cross-site scripting vulnerability
----------------------------------------
Trac is vulnerable to a cross-site scripting attack that could allow
arbitrary JavaScript code execution.
For more information, please see the GLSA Announcement[24]
24. http://www.gentoo.org/security/en/glsa/glsa-200601-12.xml
Gallery: Cross-site scripting vulnerability
-------------------------------------------
Gallery is possibly vulnerable to a cross-site scripting attack that could
allow arbitrary JavaScript code execution.
For more information, please see the GLSA Announcement[25]
25. http://www.gentoo.org/security/en/glsa/glsa-200601-13.xml
LibAST: Privilege escalation
----------------------------
A buffer overflow in LibAST may result in execution of arbitrary code with
escalated privileges.
For more information, please see the GLSA Announcement[26]
26. http://www.gentoo.org/security/en/glsa/glsa-200601-14.xml
Paros: Default administrator password
-------------------------------------
Paros's database component is installed without a password, allowing
execution of arbitrary system commands.
For more information, please see the GLSA Announcement[27]
27. http://www.gentoo.org/security/en/glsa/glsa-200601-15.xml
===========
7. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[28]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 15 January 2006 and 29 January 2006, activity on
the site has resulted in:
28. http://bugs.gentoo.org
* 1734 new bugs during this period
* 960 bugs closed or resolved during this period
* 59 previously closed bugs were reopened this period
Of the 9192 currently open bugs: 72 are labeled 'blocker', 171 are labeled
'critical', and 503 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this period
are:
* PHP Bugs[29], with 53 closed bugs[30]
* Gentoo Games[31], with 47 closed bugs[32]
* Portage Utilities Team[33], with 45 closed bugs[34]
* AMD64 Porting Team[35], with 32 closed bugs[36]
* Perl Devs @ Gentoo[37], with 25 closed bugs[38]
* Gentoo Linux Gnome Desktop Team[39], with 25 closed bugs[40]
* Portage team[41], with 23 closed bugs[42]
* Gentoo's Team for Core System packages[43], with 22 closed bugs[44]
29. php-bugs@gentoo.org
30. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=php-bugs@gentoo.org
31. games@gentoo.org
32. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=games@gentoo.org
33. tools-portage@gentoo.org
34. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=tools-portage@gentoo.org
35. amd64@gentoo.org
36. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=amd64@gentoo.org
37. perl@gentoo.org
38. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=perl@gentoo.org
39. gnome@gentoo.org
40. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=gnome@gentoo.org
41. dev-portage@gentoo.org
42. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=dev-portage@gentoo.org
43. base-system@gentoo.org
44. http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-01-15&chfieldto=2006-01-29&resolution=FIXED&assigned_to=base-system@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs during
this period are:
* Default Assignee for New Packages[45], with 72 new bugs[46]
* AMD64 Porting Team[47], with 17 new bugs[48]
* Default Assignee for Orphaned Packages[49], with 16 new bugs[50]
* Gentoo Games[51], with 14 new bugs[52]
* X11 External Driver Maintainers[53], with 13 new bugs[54]
* Volkov Peter[55], with 12 new bugs[56]
* Gentoo's Team for Core System packages[57], with 11 new bugs[58]
* Gentoo Sound Team[59], with 10 new bugs[60]
45. maintainer-wanted@gentoo.org
46. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=maintainer-wanted@gentoo.org
47. amd64@gentoo.org
48. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=amd64@gentoo.org
49. maintainer-needed@gentoo.org
50. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=maintainer-needed@gentoo.org
51. games@gentoo.org
52. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=games@gentoo.org
53. x11-drivers@gentoo.org
54. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=x11-drivers@gentoo.org
55. pva@gentoo.org
56. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=pva@gentoo.org
57. base-system@gentoo.org
58. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=base-system@gentoo.org
59. sound@gentoo.org
60. http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-01-15&chfieldto=2006-01-29&assigned_to=sound@gentoo.org
===============================
8. GWN subscription information
===============================
To subscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn+subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank email to
gentoo-gwn+unsubscribe@gentoo.org from the email address you are
subscribed under.
==================
9. Other languages
==================
The Gentoo Weekly Newsletter is also available in the following languages:
* Danish[61]
* Dutch[62]
* English[63]
* German[64]
* French[65]
* Korean[66]
* Japanese[67]
* Italian[68]
* Polish[69]
* Portuguese (Brazil)[70]
* Portuguese (Portugal)[71]
* Russian[72]
* Spanish[73]
* Turkish[74]
61. http://www.gentoo.org/news/da/gwn/gwn.xml
62. http://www.gentoo.org/news/nl/gwn/gwn.xml
63. http://www.gentoo.org/news/en/gwn/gwn.xml
64. http://www.gentoo.org/news/de/gwn/gwn.xml
65. http://www.gentoo.org/news/fr/gwn/gwn.xml
66. http://www.gentoo.org/news/ko/gwn/gwn.xml
67. http://www.gentoo.org/news/ja/gwn/gwn.xml
68. http://www.gentoo.org/news/it/gwn/gwn.xml
69. http://www.gentoo.org/news/pl/gwn/gwn.xml
70. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
71. http://www.gentoo.org/news/pt/gwn/gwn.xml
72. http://www.gentoo.org/news/ru/gwn/gwn.xml
73. http://www.gentoo.org/news/es/gwn/gwn.xml
74. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Tobias Scherbaum <dertobi123@gentoo.org> - Author
Patrick Lauer <patrick@gentoo.org> - Author
Donnie Berkholz <spyderous@gentoo.org> - Author
Michael Stewart <vericgar@gentoo.org> - Author
Wernfried Haas <amne@gentoo.org> - Author
Fabian Groffen <grobian@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list