Debian Weeekly News – March 25, 2003

Debian Weekly News
http://www.debian.org/News/weekly/2003/12/

Debian Weekly News – March 25th, 2003

Welcome to this year’s 12th issue of DWN, the weekly newsletter
for the Debian community. This year’s leader election will end in
less than a week and some interesting numbers have been released
already. Hugh Saunders [1]wondered if people could imagine anything
more frustrating than trying to read a Debian list from a Hotmail
account. Quickly, Alberto Gonzalez Iniesta [2]answered with a set
of programs to manage exactly this under GNU/Linux.

1. http://lists.debian.org/debian-curiosa-0302/msg00119.html
2. http://lists.debian.org/debian-curiosa-0302/msg00121.html

Status of the DPL Election. Manoj Srivastava sent out the final
[3]call for votes for the current Debian Project Leader (DPL)
[4]election. About 50 % the Debian developers have voted already,
others can still cast their vote until March 29th. Manoj is also
[5]concerned about the high number of rejected ballots and manually
checked them out. 140 rejections were received and none of them
came from Mutt, even though it’s the user agent that is most widely
[6]used. Moshe Zadka, one of the candidates, sent a [7]letter
stating that he doesn’t trust the integrity of the secretary and
asked for an independent Debian developer for control counting.

3. http://lists.debian.org/debian-devel-announce-0303/msg00016.html
4. http://www.debian.org/vote/2003/vote_0001
5. http://lists.debian.org/debian-vote-0303/msg00069.html
6. http://lists.debian.org/debian-vote-0303/msg00071.html
7. http://lists.debian.org/debian-vote-0303/msg00077.html

Trusted Debian Project. The [8]Trusted Debian project aims to
create a highly secure but usable GNU/Linux platform. To accomplish
this, the project will use currently available security solutions
for GNU/Linux (like kernel patches, compiler patches, security
related programs and techniques) and knit these together to a
highly secure GNU/Linux platform. Trusted Debian is an [9]upgrade
to Debian GNU/Linux 3.0 which adds stack execution protection,
address space layout randomization, FreeS/WAN, and some recent
security package updates.

8. http://www.trusteddebian.org/
9. http://www.trusteddebian.org/installation.html

Problem with Mozilla Libraries. Josselin Mouette [10]discussed a
[11]dilemma in the way Mozilla libraries are currently handled. The
libraries don’t contain a SONAME and are only used by Mozilla (and
Galeon). Libraries in /usr/lib are required to provide a SONAME,
hence, the libraries must not be placed in that directory. Adding a
SONAME would add an incompatibility with other vendors’ libraries.
However, placing the libraries somewhere else would hide them from
the linker.

10. http://lists.debian.org/debian-devel-0303/msg01062.html
11. http://bugs.debian.org/184401

Results from Bug Squashing Party. A [12]bug squashing party took
place last weekend. Bas Zoetekouw [13]thanked all participants and
listed the results. According to the [14]IRC log, about 30 people
participated in the party. They produced 58 packages that were
uploaded to the incoming/DELAYED directory, closing a total of 89
bugs. Unfortunately, there are still 789 release-critical bugs
left.

12. http://lists.debian.org/debian-devel-announce-0303/msg00008.html
13. http://lists.debian.org/debian-devel-0303/msg01063.html
14. http://people.debian.org/~bas/bsp.php

Support for Filesystem Labels. Theodore Ts’o [15]disclosed his
plans to release a new shared library, libblkid, which is used to
interpret UUID= and LABEL= specifiers. Since it will maintain a
cache file a [16]discussion started about the question of whether
this file should be placed in /etc or in /var.

15. http://lists.debian.org/debian-devel-0303/msg01180.html
16. http://lists.debian.org/debian-devel-0303/msg01183.html

Debian on the Rebel NetWinder. Dan “overridex” McCombs
[17]explained how he installed Debian 3.0 (woody) on a Rebel
NetWinder 3100. These computers consist of a small gray and dark
blue box with a Transmeta Crusoe processor and 128MB of RAM. They
run Red Hat Linux by default, but Dan preferred Debian for its
stability and easy security updates. He described all the steps
needed to get Debian installed and running.

17. 
    http://www.linuxorbit.com/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=550

Why Shared Source is not Open Source. Although it has been
discussed at length elsewhere, Robin ‘Roblimo’ Miller [18]argued
that the biggest practical difference between Open Source and
Shared Source has been generally overlooked. He explained that you
can modify Open Source software to fit your device (and other
software), while Shared Source only lets you modify your device
(and other software) to fit the Shared Source software. He
concluded that software licensing is going through a period of
rapid evolution, but that Shared Source is not even related to Open
Source in any substantial way.

18. http://newsforge.com/newsforge/03/03/12/1330253.shtml?tid=9

KDE in Sid finally Complete. [19]Debian Planet reported that the
final components of KDE 3.1.1 have now been accepted into the
unstable (sid) archive. The kdepim and kdenetwork packages were at
first [20]rejected last week due to minor copyright file issues.
This has been resolved and both packages are finally available in
the unstable archive, coinciding with the [21]official release of
KDE 3.1.1.

19. http://www.debianplanet.org/
20. http://lists.debian.org/debian-kde-0303/msg00601.html
21. http://www.kde.org/announcements/announce-3.1.1.php

Detecting the Default Browser. Xavier Roche [22]wondered about
the best way to detect the default web browser on a Debian system.
It was [23]pointed out that sensible-browser does just this, but
John Goerzen [24]thought that such a system-wide default needlessly
forces all users to use what root prefers. However, David B. Harris
[25]noted that sensible-browser is explicitly for Debian
Developers. It takes information from well-known sources and then
makes a decision. The $BROWSER environment variable is available
for setting each user’s default web browser.

22. http://lists.debian.org/debian-devel-0303/msg01193.html
23. http://lists.debian.org/debian-devel-0303/msg01196.html
24. http://lists.debian.org/debian-devel-0303/msg01212.html
25. http://lists.debian.org/debian-devel-0303/msg01217.html

A Newcomer’s Experience with Debian. [26]Digital Drip has an
article that describes a newcomer’s experience with [27]installing
and [28]configuring Debian. The writer began with the common
attitude that Debian can be one of the “most brutal experiences of
your computing life if you’re not prepared”. However, after going
through the install and set up of a Debian system, the writer was
impressed by Debian’s speed, stability and excellent package
management.

26. http://www.digital-drip.com/
27. http://www.digital-drip.com/articles/os/debian-1.shtml
28. http://www.digital-drip.com/articles/os/debian-2.shtml

Live Filesystem CDs. Debian Planet hosted a [29]short discussion
about bootable CD-ROMs based on Debian. These CDs can be used to
run GNU/Linux without the need to install it on the hard-drive
first. Distributions mentioned included the venerable [30]Knoppix,
[31]Metadistros (Spanish), [32]Gnoppix (German), [33]Morphix,
[34]Damn Small Linux, and [35]TrX Firewall. Not to forget, there
are several instances of bootable [36]business cards and the
[37]Gibraltar firewall system.

29. http://www.debianplanet.org/node.php?id=926
30. http://www.knoppix.org/
31. http://metadistros.hispalinux.es/
32. http://www.gnoppix.org/
33. http://am.xs4all.nl/drupal/node.php?id=20
34. http://www.damnsmalllinux.org/
35. http://www.trxlinux.org/
36. http://www.lnx-bbc.org/
37. http://www.gibraltar.at/

Woody Desktop Mini-CD. Marcus Moeller [38]announced ISO images
for miniwoody version 1.1. The distribution includes the current
stable version of KDE 3.1.1 and has been modified for easier
installation. The configuration of XFree86 is said to be easier
than with the regular Debian installation process, since automatic
hardware detection can easily be accessed during the base-config
process.

38. http://www.debian.org/News/weekly/2003/11/mail#1

Security Updates. You know the drill. Please make sure that you
update your systems if you have any of these packages
installed.

[39]lxr — Information disclosure.

[40]bonsai — Several vulnerabilities.

[41]krb5 — Several vulnerabilities.

[42]lpr — Local root exploit.

[43]Mutt — Arbitrary code execution.

39. http://www.debian.org/security/2003/dsa-264
40. http://www.debian.org/security/2003/dsa-265
41. http://www.debian.org/security/2003/dsa-266
42. http://www.debian.org/security/2003/dsa-267
43. http://www.debian.org/security/2003/dsa-268

New or Noteworthy Packages. The following packages were added to
the unstable Debian archive recently or contain important
updates.

[44]atom4 — An original two-player color puzzle game.

[45]bincimap — IMAP server for Maildir depositories.

[46]deco — Demos Commander.

[47]gg2 — GNU Instant Messenger with plug-in support –
core.

[48]gok — The GNOME Onscreen Keyboard.

[49]gtkhx — A GTK+ version of Hx, a UNIX Hotline Client.

[50]hammerhead — stress testing tool for web server and web
site.

[51]hybserv — IRC services for IRCD-Hybrid.

[52]kaddressbook — KDE NG addressbook application.

[53]kget — KDE Download Manager.

[54]kgpgcertmanager — KDE Certificate Manager.

[55]knotes — KDE Notes. [56]sopwith — Port of the 1980’s
side-scrolling WWI dogfighting game.

[57]sugarplum — Automated and intelligent spam
trap/cache-poisoner.

44. http://packages.debian.org/unstable/games/atom4.html
45. http://packages.debian.org/unstable/mail/bincimap.html
46. http://packages.debian.org/unstable/utils/deco.html
47. http://packages.debian.org/unstable/net/gg2.html
48. http://packages.debian.org/unstable/x11/gok.html
49. http://packages.debian.org/unstable/net/gtkhx.html
50. http://packages.debian.org/unstable/net/hammerhead.html
51. http://packages.debian.org/unstable/net/hybserv.html
52. http://packages.debian.org/unstable/utils/kaddressbook.html
53. http://packages.debian.org/unstable/net/kget.html
54. http://packages.debian.org/unstable/net/kgpgcertmanager.html
55. http://packages.debian.org/unstable/utils/knotes.html
56. http://packages.debian.org/unstable/games/sopwith.html
57. http://packages.debian.org/unstable/misc/sugarplum.html

Orphaned Packages. 3 packages were orphaned this week and
require a new maintainer. This makes a total of 176 orphaned
packages. Many thanks to the previous maintainers who contributed
to the Free Software community. Please see the [58]WNPP pages for
the full list, and please add a note to the bug report and retitle
it to ITA: if you plan to take over a package.

58. http://www.debian.org/devel/wnpp/

[59]kinkatta — Fully configurable AOL Instant Messenger client
for KDE. ([60]Bug#186071)

[61]magpie — Debian reference librarian. ([62]Bug#185988)

[63]qtella — A gnutella client based on Qt.
([64]Bug#185647)

59. http://packages.debian.org/unstable/net/kinkatta.html
60. http://bugs.debian.org/186071
61. http://packages.debian.org/unstable/text/magpie.html
62. http://bugs.debian.org/185988
63. http://packages.debian.org/unstable/net/qtella.html
64. http://bugs.debian.org/185647

Want to continue reading DWN? Please help us create this
newsletter. Some people are submitting items already, but we are
still in need of volunteer writers who prepare items. Please see
the [65]contributing page to find out how to help. We’re looking
forward to receiving your mail at [66]dwn@debian.org.

65. http://www.debian.org/News/weekly/contributing
66. mailto:dwn@debian.org