---------------------------------------------------------------------------
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 7 August 2006.
---------------------------------------------------------------------------
==============
1. Gentoo news
==============
Adopt a Developer project
-------------------------
The Gentoo User Relations[1] project has begun a new sub-project,
intended
to assist developers in improving Gentoo. Traditionally, it was not
clear
how one could go about donating a piece of hardware, a technical book,
a
shell account, or anything else to a specific Gentoo developer. Also,
there was no central place for developers to post their requests. The
new
Adopt a Developer[2] project hopes to change that. The project aims to
connect developers who need resources with people and companies from
the
community who want to donate resources. The concept, along with a list
of
developer requests and community member offers, is on the project page.
Since this is a completely new endeavor and still likely has bugs, the
project is still in beta. For now, the project only deals with small
items, typically costing less than 100 USD.
1. http://www.gentoo.org/proj/en/userrel
2. http://www.gentoo.org/proj/en/userrel/adopt-a-dev
Gentoo/PowerPC CELL effort
--------------------------
Gentoo is the first community Linux distribution to actively work on
supporting the new CELL processor IBM has launched with Sony and
Toshiba.
This processor is used in the PlayStation 3, and in a number of other
products. The CELL processor has a general purpose PowerPC core which
runs
at 3.2 GHz. It also has eight special purpose cores, which are
basically
cache-less processors that are great for processing streams and
parallel
work. The CELL is also called a 'broadband engine' and has a peak
bandwidth of 204.8 GB/sec for intra-chip transfers (between cores,
memory
and I/O controllers). More information about the CELL can be found at
IBM
DeveloperWorks[3].
3. http://www-128.ibm.com/developerworks/power/library/pa-cellperf
Luca Barbato[4] has made available a Gentoo ebuild for a CELL
simulator.
This IBM CELL SDK simulates a dual CELL machine (18 cores) on a PowerPC
machine. He has also made a CELL optimized Gentoo (crossdev) toolchain
and
Gentoo system image for the CELL. You can find more information in
Luca's
overlay[5].
4. lu_zero@gentoo.org
5. http://overlays.gentoo.org/dev/lu_zero
Gentoo would be the first community distribution to support this new
PowerPC processor. Gentoo/PowerPC is a bleeding edge PowerPC Linux
distribution with a bright future. Continued efforts such as these will
ensure that Gentoo is ready for tomorrow's processors, as well as
improve
its reputation as a world-class distribution.
PDA team recruiting
-------------------
Gentoo's team for managing the app-pda packages is looking for
assistance
in maintaining their packages. Anyone can help out, and the team is
hoping
to bring on some new developers to cover these packages. If you are
interested in helping out, contact Chris White[6].
6. chriswhite@gentoo.org
KDE/Ruby recruiting
-------------------
Both the Gentoo KDE[7] project and the Gentoo Ruby maintainers are
looking
for more help in testing and maintaining their packages. Contact Caleb
Tennis[8] if you are interested in becoming a Gentoo developer and
working
on either of these teams.
7. http://www.gentoo.org/proj/en/desktop/kde
8. caleb@gentoo.org
=========================
2. Heard in the community
=========================
forums
------
What needs to be improved in Gentoo?
Several forums users have made some suggestions on how Gentoo could be
improved. The discussion continues, and some interesting ideas are
being
given. Hopefully, some enhancement bug reports will come from this
thread,
but some parts of the thread show that Gentoo needs to work harder on
getting information about our features out, as many users are
suggesting
features which have existed for some time.
* What needs to be improved in Gentoo?[9]
9. http://forums.gentoo.org/viewtopic-t-486273.html
planet.gentoo.org
-----------------
Everyday life of an architecture tester
Thomas Cort[10] mentions an article by x86 Arch Tester Christian
Faulhammer, covering the daily work of Arch Testers in his blog.
Christian
explains in his article[11] what tasks Arch Testers usually are doing,
what kind of knowledge you will need to help out, and how you can start
getting involved with Gentoo.
10. tcort@gentoo.org
11. http://tinyurl.com/rxrhm
* Everyday life of an architecture tester[12]
12. http://mediumbagel.org/nucleus/index.php?itemid=45
More cowbell: Planet Larry
As we have seen in the past few weeks, "Larry the Cow" is not dead. And
now Larry is even more undead. Steve Dibb[13] started
larrythecow.org[14],
aka "Planet Larry," which aggregates blogs of Gentoo users - including
former Developers like Jochen Maes and Mark Loeser - and also Gentoo's
former Chief Architect Daniel Robbins.
13. beandog@gentoo.org
14. http://www.larrythecow.org
* More cowbell: Planet Larry[15]
15. http://wonkabar.org/?p=145
=========================
3. Gentoo developer moves
=========================
Moves
-----
The following developers recently left the Gentoo project:
* Nick Dimiduk (ndimiduk)
Adds
----
The following developers recently joined the Gentoo project:
* Anrdrew Ross (aross) Xen
* Elfyn McBratney (beu) Perl/TreeCleaners
* Mart Raudsepp (leio) wx* packages
Changes
-------
The following developers recently changed roles within the Gentoo
project:
* none this week
==================
4. Gentoo security
==================
Apache: Off-by-one flaw in mod_rewrite
--------------------------------------
A flaw in mod_rewrite could result in a Denial of Service or the
execution
of arbitrary code.
For more information, please see the GLSA Announcement[16]
16. http://www.gentoo.org/security/en/glsa/glsa-200608-01.xml
Mozilla SeaMonkey: Multiple vulnerabilities
-------------------------------------------
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla SeaMonkey.
For more information, please see the GLSA Announcement[17]
17. http://www.gentoo.org/security/en/glsa/glsa-200608-02.xml
Mozilla Firefox: Multiple vulnerabilities
-----------------------------------------
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla Firefox.
For more information, please see the GLSA Announcement[18]
18. http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml
Mozilla Thunderbird: Multiple vulnerabilities
---------------------------------------------
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla Thunderbird.
For more information, please see the GLSA Announcement[19]
19. http://www.gentoo.org/security/en/glsa/glsa-200608-04.xml
LibVNCServer: Authentication bypass
-----------------------------------
VNC servers created with LibVNCServer accept insecure protocol types,
even
when the server does not offer it, resulting in unauthorized access to
the
server.
For more information, please see the GLSA Announcement[20]
20. http://www.gentoo.org/security/en/glsa/glsa-200608-05.xml
Courier MTA: Denial of Service vulnerability
--------------------------------------------
Courier MTA has fixed a DoS issue related to usernames containing a "="
character.
For more information, please see the GLSA Announcement[21]
21. http://www.gentoo.org/security/en/glsa/glsa-200608-06.xml
libTIFF: Multiple vulnerabilities
---------------------------------
libTIFF contains several vulnerabilities that could result in arbitrary
code execution.
For more information, please see the GLSA Announcement[22]
22. http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
GnuPG: Integer overflow vulnerability
-------------------------------------
GnuPG is vulnerable to an integer overflow that could lead to the
execution of arbitrary code.
For more information, please see the GLSA Announcement[23]
23. http://www.gentoo.org/security/en/glsa/glsa-200608-08.xml
MySQL: Denial of Service
------------------------
An authenticated user can crash MySQL through invalid parameters to the
date_format function.
For more information, please see the GLSA Announcement[24]
24. http://www.gentoo.org/security/en/glsa/glsa-200608-09.xml
pike: SQL injection vulnerability
---------------------------------
A flaw in the input handling could lead to the execution of arbitrary
SQL
statements in the underlying PostgreSQL database.
For more information, please see the GLSA Announcement[25]
25. http://www.gentoo.org/security/en/glsa/glsa-200608-10.xml
Webmin, Usermin: File Disclosure
--------------------------------
Webmin and Usermin are vulnerable to an arbitrary file disclosure
through
a specially crafted URL.
For more information, please see the GLSA Announcement[26]
26. http://www.gentoo.org/security/en/glsa/glsa-200608-11.xml
===========
5. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[27]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 30 July 2006 and 06 August 2006, activity on
the
site has resulted in:
27. http://bugs.gentoo.org
* 798 new bugs during this period
* 382 bugs closed or resolved during this period
* 41 previously closed bugs were reopened this period
Of the 10791 currently open bugs: 51 are labeled 'blocker', 134 are
labeled 'critical', and 530 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this
period
are:
* Chris White[28], with 31 closed bugs[29]
* Gentoo's Team for Core System packages[30], with 21 closed bugs[31]
* Gentoo Security[32], with 15 closed bugs[33]
* Xavier Neys[34], with 12 closed bugs[35]
* Portage team[36], with 11 closed bugs[37]
* Gentoo KDE team[38], with 10 closed bugs[39]
* Java team[40], with 10 closed bugs[41]
* Gentoo Linux Gnome Desktop Team[42], with 10 closed bugs[43]
28. chriswhite@gentoo.org
29.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=chriswhite@gentoo.org
30. base-system@gentoo.org
31.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=base-system@gentoo.org
32. security@gentoo.org
33.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=security@gentoo.org
34. neysx@gentoo.org
35.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=neysx@gentoo.org
36. dev-portage@gentoo.org
37.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=dev-portage@gentoo.org
38. kde@gentoo.org
39.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=kde@gentoo.org
40. java@gentoo.org
41.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=java@gentoo.org
42. gnome@gentoo.org
43.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=gnome@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs
during
this period are:
* Default Assignee for New Packages[44], with 27 new bugs[45]
* AMD64 Project[46], with 25 new bugs[47]
* Gentoo Science Mathematics related packages[48], with 19 new
bugs[49]
* Gentoo TreeCleaner Project[50], with 17 new bugs[51]
* Gentoo KDE team[52], with 12 new bugs[53]
* Default Assignee for Orphaned Packages[54], with 11 new bugs[55]
* Java team[56], with 10 new bugs[57]
* Gentoo Kernel Bug Wranglers and Kernel Maintainers[58], with 8 new
bugs[59]
44. maintainer-wanted@gentoo.org
45.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=maintainer-wanted@gentoo.org
46. amd64@gentoo.org
47.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=amd64@gentoo.org
48. sci-mathematics@gentoo.org
49.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=sci-mathematics@gentoo.org
50. treecleaner@gentoo.org
51.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=treecleaner@gentoo.org
52. kde@gentoo.org
53.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=kde@gentoo.org
54. maintainer-needed@gentoo.org
55.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=maintainer-needed@gentoo.org
56. java@gentoo.org
57.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=java@gentoo.org
58. kernel@gentoo.org
59.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=kernel@gentoo.org
===============
6. GWN feedback
===============
Please send us your feedback[60] and help make the GWN better.
60. gwn-feedback@gentoo.org
===============================
7. GWN subscription information
===============================
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are
subscribed under.
==================
8. Other languages
==================
The Gentoo Weekly Newsletter is also available in the following
languages:
* Chinese (Simplified)[61]
* Danish[62]
* Dutch[63]
* English[64]
* German[65]
* French[66]
* Korean[67]
* Japanese[68]
* Italian[69]
* Polish[70]
* Portuguese (Brazil)[71]
* Portuguese (Portugal)[72]
* Russian[73]
* Spanish[74]
* Turkish[75]
61. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml
62. http://www.gentoo.org/news/da/gwn/gwn.xml
63. http://www.gentoo.org/news/nl/gwn/gwn.xml
64. http://www.gentoo.org/news/en/gwn/gwn.xml
65. http://www.gentoo.org/news/de/gwn/gwn.xml
66. http://www.gentoo.org/news/fr/gwn/gwn.xml
67. http://www.gentoo.org/news/ko/gwn/gwn.xml
68. http://www.gentoo.org/news/ja/gwn/gwn.xml
69. http://www.gentoo.org/news/it/gwn/gwn.xml
70. http://www.gentoo.org/news/pl/gwn/gwn.xml
71. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
72. http://www.gentoo.org/news/pt/gwn/gwn.xml
73. http://www.gentoo.org/news/ru/gwn/gwn.xml
74. http://www.gentoo.org/news/es/gwn/gwn.xml
75. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Chris Gianelloni <wolf31o2@gentoo.org> - Author
Tobias Scherbaum <dertobi123@gentoo.org> - Author
Thomas Cort <tcort@gentoo.org> - Author
Pieter Van den Abeele <pvdabeel@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list
Gentoo Weekly Newsletter
http://www.gentoo.org/news/en/gwn/current.xml
This is the Gentoo Weekly Newsletter for the week of 7 August 2006.
---------------------------------------------------------------------------
==============
1. Gentoo news
==============
Adopt a Developer project
-------------------------
The Gentoo User Relations[1] project has begun a new sub-project,
intended
to assist developers in improving Gentoo. Traditionally, it was not
clear
how one could go about donating a piece of hardware, a technical book,
a
shell account, or anything else to a specific Gentoo developer. Also,
there was no central place for developers to post their requests. The
new
Adopt a Developer[2] project hopes to change that. The project aims to
connect developers who need resources with people and companies from
the
community who want to donate resources. The concept, along with a list
of
developer requests and community member offers, is on the project page.
Since this is a completely new endeavor and still likely has bugs, the
project is still in beta. For now, the project only deals with small
items, typically costing less than 100 USD.
1. http://www.gentoo.org/proj/en/userrel
2. http://www.gentoo.org/proj/en/userrel/adopt-a-dev
Gentoo/PowerPC CELL effort
--------------------------
Gentoo is the first community Linux distribution to actively work on
supporting the new CELL processor IBM has launched with Sony and
Toshiba.
This processor is used in the PlayStation 3, and in a number of other
products. The CELL processor has a general purpose PowerPC core which
runs
at 3.2 GHz. It also has eight special purpose cores, which are
basically
cache-less processors that are great for processing streams and
parallel
work. The CELL is also called a 'broadband engine' and has a peak
bandwidth of 204.8 GB/sec for intra-chip transfers (between cores,
memory
and I/O controllers). More information about the CELL can be found at
IBM
DeveloperWorks[3].
3. http://www-128.ibm.com/developerworks/power/library/pa-cellperf
Luca Barbato[4] has made available a Gentoo ebuild for a CELL
simulator.
This IBM CELL SDK simulates a dual CELL machine (18 cores) on a PowerPC
machine. He has also made a CELL optimized Gentoo (crossdev) toolchain
and
Gentoo system image for the CELL. You can find more information in
Luca's
overlay[5].
4. lu_zero@gentoo.org
5. http://overlays.gentoo.org/dev/lu_zero
Gentoo would be the first community distribution to support this new
PowerPC processor. Gentoo/PowerPC is a bleeding edge PowerPC Linux
distribution with a bright future. Continued efforts such as these will
ensure that Gentoo is ready for tomorrow's processors, as well as
improve
its reputation as a world-class distribution.
PDA team recruiting
-------------------
Gentoo's team for managing the app-pda packages is looking for
assistance
in maintaining their packages. Anyone can help out, and the team is
hoping
to bring on some new developers to cover these packages. If you are
interested in helping out, contact Chris White[6].
6. chriswhite@gentoo.org
KDE/Ruby recruiting
-------------------
Both the Gentoo KDE[7] project and the Gentoo Ruby maintainers are
looking
for more help in testing and maintaining their packages. Contact Caleb
Tennis[8] if you are interested in becoming a Gentoo developer and
working
on either of these teams.
7. http://www.gentoo.org/proj/en/desktop/kde
8. caleb@gentoo.org
=========================
2. Heard in the community
=========================
forums
------
What needs to be improved in Gentoo?
Several forums users have made some suggestions on how Gentoo could be
improved. The discussion continues, and some interesting ideas are
being
given. Hopefully, some enhancement bug reports will come from this
thread,
but some parts of the thread show that Gentoo needs to work harder on
getting information about our features out, as many users are
suggesting
features which have existed for some time.
* What needs to be improved in Gentoo?[9]
9. http://forums.gentoo.org/viewtopic-t-486273.html
planet.gentoo.org
-----------------
Everyday life of an architecture tester
Thomas Cort[10] mentions an article by x86 Arch Tester Christian
Faulhammer, covering the daily work of Arch Testers in his blog.
Christian
explains in his article[11] what tasks Arch Testers usually are doing,
what kind of knowledge you will need to help out, and how you can start
getting involved with Gentoo.
10. tcort@gentoo.org
11. http://tinyurl.com/rxrhm
* Everyday life of an architecture tester[12]
12. http://mediumbagel.org/nucleus/index.php?itemid=45
More cowbell: Planet Larry
As we have seen in the past few weeks, "Larry the Cow" is not dead. And
now Larry is even more undead. Steve Dibb[13] started
larrythecow.org[14],
aka "Planet Larry," which aggregates blogs of Gentoo users - including
former Developers like Jochen Maes and Mark Loeser - and also Gentoo's
former Chief Architect Daniel Robbins.
13. beandog@gentoo.org
14. http://www.larrythecow.org
* More cowbell: Planet Larry[15]
15. http://wonkabar.org/?p=145
=========================
3. Gentoo developer moves
=========================
Moves
-----
The following developers recently left the Gentoo project:
* Nick Dimiduk (ndimiduk)
Adds
----
The following developers recently joined the Gentoo project:
* Anrdrew Ross (aross) Xen
* Elfyn McBratney (beu) Perl/TreeCleaners
* Mart Raudsepp (leio) wx* packages
Changes
-------
The following developers recently changed roles within the Gentoo
project:
* none this week
==================
4. Gentoo security
==================
Apache: Off-by-one flaw in mod_rewrite
--------------------------------------
A flaw in mod_rewrite could result in a Denial of Service or the
execution
of arbitrary code.
For more information, please see the GLSA Announcement[16]
16. http://www.gentoo.org/security/en/glsa/glsa-200608-01.xml
Mozilla SeaMonkey: Multiple vulnerabilities
-------------------------------------------
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla SeaMonkey.
For more information, please see the GLSA Announcement[17]
17. http://www.gentoo.org/security/en/glsa/glsa-200608-02.xml
Mozilla Firefox: Multiple vulnerabilities
-----------------------------------------
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla Firefox.
For more information, please see the GLSA Announcement[18]
18. http://www.gentoo.org/security/en/glsa/glsa-200608-03.xml
Mozilla Thunderbird: Multiple vulnerabilities
---------------------------------------------
The Mozilla Foundation has reported numerous security vulnerabilities
related to Mozilla Thunderbird.
For more information, please see the GLSA Announcement[19]
19. http://www.gentoo.org/security/en/glsa/glsa-200608-04.xml
LibVNCServer: Authentication bypass
-----------------------------------
VNC servers created with LibVNCServer accept insecure protocol types,
even
when the server does not offer it, resulting in unauthorized access to
the
server.
For more information, please see the GLSA Announcement[20]
20. http://www.gentoo.org/security/en/glsa/glsa-200608-05.xml
Courier MTA: Denial of Service vulnerability
--------------------------------------------
Courier MTA has fixed a DoS issue related to usernames containing a "="
character.
For more information, please see the GLSA Announcement[21]
21. http://www.gentoo.org/security/en/glsa/glsa-200608-06.xml
libTIFF: Multiple vulnerabilities
---------------------------------
libTIFF contains several vulnerabilities that could result in arbitrary
code execution.
For more information, please see the GLSA Announcement[22]
22. http://www.gentoo.org/security/en/glsa/glsa-200608-07.xml
GnuPG: Integer overflow vulnerability
-------------------------------------
GnuPG is vulnerable to an integer overflow that could lead to the
execution of arbitrary code.
For more information, please see the GLSA Announcement[23]
23. http://www.gentoo.org/security/en/glsa/glsa-200608-08.xml
MySQL: Denial of Service
------------------------
An authenticated user can crash MySQL through invalid parameters to the
date_format function.
For more information, please see the GLSA Announcement[24]
24. http://www.gentoo.org/security/en/glsa/glsa-200608-09.xml
pike: SQL injection vulnerability
---------------------------------
A flaw in the input handling could lead to the execution of arbitrary
SQL
statements in the underlying PostgreSQL database.
For more information, please see the GLSA Announcement[25]
25. http://www.gentoo.org/security/en/glsa/glsa-200608-10.xml
Webmin, Usermin: File Disclosure
--------------------------------
Webmin and Usermin are vulnerable to an arbitrary file disclosure
through
a specially crafted URL.
For more information, please see the GLSA Announcement[26]
26. http://www.gentoo.org/security/en/glsa/glsa-200608-11.xml
===========
5. Bugzilla
===========
Summary
-------
* Statistics
* Closed bug ranking
* New bug rankings
Statistics
----------
The Gentoo community uses Bugzilla (bugs.gentoo.org[27]) to record and
track bugs, notifications, suggestions and other interactions with the
development team. Between 30 July 2006 and 06 August 2006, activity on
the
site has resulted in:
27. http://bugs.gentoo.org
* 798 new bugs during this period
* 382 bugs closed or resolved during this period
* 41 previously closed bugs were reopened this period
Of the 10791 currently open bugs: 51 are labeled 'blocker', 134 are
labeled 'critical', and 530 are labeled 'major'.
Closed bug rankings
-------------------
The developers and teams who have closed the most bugs during this
period
are:
* Chris White[28], with 31 closed bugs[29]
* Gentoo's Team for Core System packages[30], with 21 closed bugs[31]
* Gentoo Security[32], with 15 closed bugs[33]
* Xavier Neys[34], with 12 closed bugs[35]
* Portage team[36], with 11 closed bugs[37]
* Gentoo KDE team[38], with 10 closed bugs[39]
* Java team[40], with 10 closed bugs[41]
* Gentoo Linux Gnome Desktop Team[42], with 10 closed bugs[43]
28. chriswhite@gentoo.org
29.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=chriswhite@gentoo.org
30. base-system@gentoo.org
31.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=base-system@gentoo.org
32. security@gentoo.org
33.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=security@gentoo.org
34. neysx@gentoo.org
35.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=neysx@gentoo.org
36. dev-portage@gentoo.org
37.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=dev-portage@gentoo.org
38. kde@gentoo.org
39.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=kde@gentoo.org
40. java@gentoo.org
41.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=java@gentoo.org
42. gnome@gentoo.org
43.
http://bugs.gentoo.org/buglist.cgi?bug_status=RESOLVED&bug_status=CLOSED&chfield=bug_status&chfieldfrom=2006-07-30&chfieldto=2006-08-06&resolution=FIXED&assigned_to=gnome@gentoo.org
New bug rankings
----------------
The developers and teams who have been assigned the most new bugs
during
this period are:
* Default Assignee for New Packages[44], with 27 new bugs[45]
* AMD64 Project[46], with 25 new bugs[47]
* Gentoo Science Mathematics related packages[48], with 19 new
bugs[49]
* Gentoo TreeCleaner Project[50], with 17 new bugs[51]
* Gentoo KDE team[52], with 12 new bugs[53]
* Default Assignee for Orphaned Packages[54], with 11 new bugs[55]
* Java team[56], with 10 new bugs[57]
* Gentoo Kernel Bug Wranglers and Kernel Maintainers[58], with 8 new
bugs[59]
44. maintainer-wanted@gentoo.org
45.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=maintainer-wanted@gentoo.org
46. amd64@gentoo.org
47.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=amd64@gentoo.org
48. sci-mathematics@gentoo.org
49.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=sci-mathematics@gentoo.org
50. treecleaner@gentoo.org
51.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=treecleaner@gentoo.org
52. kde@gentoo.org
53.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=kde@gentoo.org
54. maintainer-needed@gentoo.org
55.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=maintainer-needed@gentoo.org
56. java@gentoo.org
57.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=java@gentoo.org
58. kernel@gentoo.org
59.
http://bugs.gentoo.org/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&bug_status=REOPENED&chfield=assigned_to&chfieldfrom=2006-07-30&chfieldto=2006-08-06&assigned_to=kernel@gentoo.org
===============
6. GWN feedback
===============
Please send us your feedback[60] and help make the GWN better.
60. gwn-feedback@gentoo.org
===============================
7. GWN subscription information
===============================
To subscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+subscribe@gentoo.org.
To unsubscribe to the Gentoo Weekly Newsletter, send a blank e-mail to
gentoo-gwn+unsubscribe@gentoo.org from the e-mail address you are
subscribed under.
==================
8. Other languages
==================
The Gentoo Weekly Newsletter is also available in the following
languages:
* Chinese (Simplified)[61]
* Danish[62]
* Dutch[63]
* English[64]
* German[65]
* French[66]
* Korean[67]
* Japanese[68]
* Italian[69]
* Polish[70]
* Portuguese (Brazil)[71]
* Portuguese (Portugal)[72]
* Russian[73]
* Spanish[74]
* Turkish[75]
61. http://www.gentoo.org/news/zh_cn/gwn/gwn.xml
62. http://www.gentoo.org/news/da/gwn/gwn.xml
63. http://www.gentoo.org/news/nl/gwn/gwn.xml
64. http://www.gentoo.org/news/en/gwn/gwn.xml
65. http://www.gentoo.org/news/de/gwn/gwn.xml
66. http://www.gentoo.org/news/fr/gwn/gwn.xml
67. http://www.gentoo.org/news/ko/gwn/gwn.xml
68. http://www.gentoo.org/news/ja/gwn/gwn.xml
69. http://www.gentoo.org/news/it/gwn/gwn.xml
70. http://www.gentoo.org/news/pl/gwn/gwn.xml
71. http://www.gentoo.org/news/pt_br/gwn/gwn.xml
72. http://www.gentoo.org/news/pt/gwn/gwn.xml
73. http://www.gentoo.org/news/ru/gwn/gwn.xml
74. http://www.gentoo.org/news/es/gwn/gwn.xml
75. http://www.gentoo.org/news/tr/gwn/gwn.xml
Ulrich Plate <plate@gentoo.org> - Editor
Chris Gianelloni <wolf31o2@gentoo.org> - Author
Tobias Scherbaum <dertobi123@gentoo.org> - Author
Thomas Cort <tcort@gentoo.org> - Author
Pieter Van den Abeele <pvdabeel@gentoo.org> - Author
--
gentoo-gwn@gentoo.org mailing list