Debian Weekly News
http://www.debian.org/News/weekly/2003/24/
Debian Weekly News – June 17th, 2003
Welcome to this year’s 24th issue of DWN, the weekly newsletter
for the Debian community. A [1]survey demonstrated a high level of
[2]interest in PCs preloaded with GNU/Linux across the world.
Antonio Trueba Gayol [3]discovered a [4]picture taken by the Kernel
developer Greg Kroah-Hartman which explains the [5]story of Tux and
is believed to originate from the Bristol Zoo (or the Canberra
National Zoo and Aquarium). 1. http://www.wewantlinux.org/pickcountry.php
2. http://www.wewantlinux.org/responsereport.php
3. http://lists.debian.org/debian-curiosa-0306/msg00012.html
4.
http://www.kernel.org/pub/linux/kernel/people/gregkh/penguin_sign.jpg
5. http://penguin.uk.linux.org/
Removing Automake 1.5. Eric Dorland would like to [6]remove
automake 1.5 from Debian. It is said to contain a lot of bugs and
is unsupported upstream. Newer versions (1.6 and 1.7) can generally
work with Makefile.am files written for 1.5. Debian already ships
automake1.4 automake1.5, automake1.6 and automake1.7. Eric would
like to get rid of automake1.5 before automake1.8 comes out.
However, 28 packages still define a dependency to this package.
6. http://lists.debian.org/debian-devel-announce-0306/msg00006.html
Compiling Kernels the Debian Way. Jonathan Oxer [7]explained how
to compile Linux kernels the Debian way. The Debian approach allows
you to compile your kernel and automatically build a Debian package
around it. This means you can install a custom kernel in the same
way as you install any other package. Jonathan explains all the
steps from getting the kernel source to rebooting and testing your
new kernel.
7.
http://www.linmagau.org/modules.php?op=modload&name=Sections&file=index&req=viewarticle&artid=158
A Single Unified License. Richard Stallman [8]discussed the goal
of having a single license scheme that covers both software and
documentation, which goes beyond Richard’s original purpose in
writing the [9]GNU licenses. It may or may not be possible to
design a license that is good for both Free Software and free
documentation, and that is close enough to today’s General Public
License (GPL) that it qualifies as a successor version. Richard
intends to make the effort some day, but will first finish GPL
version 3, which faces other difficult questions.
8. http://lists.debian.org/debian-legal-0306/msg00142.html
9. http://www.gnu.org/licenses/licenses.html
The ‘build’ debian/rules Target. Colin Walters made a [10]policy
proposal to change build to an optional target, much like
build-arch and build-indep already are. He agrees that the build
target is certainly useful for many packages. But, as policy
recognises, for some packages, notably ones where the same source
tree is compiled in different ways to produce two binary packages,
the build target does not make much sense.
10. http://lists.debian.org/debian-policy-0306/msg00095.html
Oracle on Debian. Alex Malinovich [11]described his experience
installing Oracle 9i Developer Suite on Debian sid (unstable).
Overall, the installation is relatively painless. The installer
will handle most of the process just fine, however there are a few
caveats, which Alex deals with in his article.
11. http://www.the-love-shack.net/oracle-on-sid.html
Debian in the Spanish Administration. It is worth noticing that
in Spain, the [12]Ministerio para las Administraciones Publicas
(roughly translated as “Ministry for Public Administrations) has
published guidelines for [13]standardisation, [14]security and
[15]conservation of information. All documents recommend the use of
Debian as a free GNU/Linux distribution.
12. http://www.map.es/
13. http://www.csi.map.es/csi/pdf/criterios/normas.pdf
14. http://www.csi.map.es/csi/pdf/criterios/seguridad.pdf
15. http://www.csi.map.es/csi/pdf/criterios/conservacion.pdf
Debian Ututo Router in Argentina. The Inquirer [16]reported that
public schools in Buenos Aires, Argentina, are using the CD-based
Utoto(R) “Ututo Router” to connect to the Internet. The Ututo
distribution is specially adjusted to work as a dedicated router to
connect the schools local network to the Internet. [17]Ututo is
based upon Debian and SuSE distributions.
16. http://www.theinquirer.net/?article=10011
Using Auto Tools properly. Joey Hess wanted to [18]know how
automake and autoconf are best used for Debian packaging. His
general rule is not to touch the generated files as long as
possible, but let them generate at build-time when they have to be
altered anyway. Colin Watson [19]believes that the auto tools
should never be run by the maintainer but only by the upstream
authority, though.
18. http://lists.debian.org/debian-devel-0306/msg00545.html
19. http://lists.debian.org/debian-devel-0306/msg00559.html
PNG Library Version Update. Josselin Mouette [20]reported that
he has uploaded new versions of libpng which have been built with
versioned symbols. This means that, as soon as the necessary
libraries depending on them are rebuilt, one can build packages
depending indirectly on libpng10 and libpng12 simultaneously.
20. http://lists.debian.org/debian-devel-0306/msg00619.html
C++ Toolchain in perfect Shape? Marcelo E. Magallon sent out a
[21]thank you message to those who worked on the C++ toolchain. For
the first time in many years he was able to compile a complex C++
program using templates and a couple of external libraries on a
Debian (unstable) machine and it ran on a machine with SuSE 8.2.
There was a time when not even a simple “Hello, World!” in C would
accomplished this.
21. http://lists.debian.org/debian-devel-0306/msg00632.html
Testing built Packages. Christophe Barbé [22]proposed to
test packages at build-time, especially if they are auto-built,
since some of his packages compiled fine but turned out to be
broken. Such tests would improve the quality and were most probably
already discussed in older QA (quality assurance) meetings. Dan
Jacobowitz [23]noted that such checks should just be added in a
check target which would be evaluated between the build and the
packaging stage. Ben Collins [24]added that this is already
implemented for GCC and GlibC.
22. http://lists.debian.org/debian-devel-0306/msg00642.html
23. http://lists.debian.org/debian-devel-0306/msg00655.html
24. http://lists.debian.org/debian-devel-0306/msg00668.html
Every SPAM is sacred… Santiago Vila [25]started a discussion
about how the Debian admin people refuse to add Realtime Block
Lists (RBL) to debian.org mail servers. They argue that Debian was
listed in one or more of them innocently already, which proved that
those lists are not trustworthy enough. Theodore Ts’o [26]added
that he doesn’t want to delegate to someone else the power to say
whether or not a very large number of people will see mail from a
particular host or network. Noah Meyerhans [27]pointed out the
warning header could aid client side filtering.
25. http://lists.debian.org/debian-devel-0306/msg00667.html
26. http://lists.debian.org/debian-devel-0306/msg00673.html
27. http://lists.debian.org/debian-devel-0306/msg00778.html
Debian’s Five Freedoms for Free Works. Branden Robinson
[28]published an essay about five freedoms intended to apply to
non-public-domain works in general. They are conforming with the
FSF’s [29]definition and include the freedom to use the work for
any purpose and adapt it to one’s needs, which implies access to
the form of the work which is preferred for making modifications
(i.e. source). They also include the freedom to redistribute
altered and pristine copies of the work. Branden personally
advocated a fifth freedom to retain privacy in one’s person,
effects, and data.
28. http://lists.debian.org/debian-legal-0306/msg00100.html
29. http://www.gnu.org/philosophy/free-sw.html
Schedule for the Debian Day. The [30]schedule for the Debian Day
has been fixed, assuming that the times will please the speakers
and no talks need to be moved. The Debian Day will take place on
Friday, July 11th, during [31]LinuxTag in Karlsruhe. The conference
begins with developer-oriented talks and a success story, continues
with user-oriented talks and finishes with two talks targeted at
active and prospective developers. More talks with a Debian focus
will take place outside of this one-day conference.
30. http://www.infodrom.org/Debian/events/LinuxTag2003/day.html
Birthday Coordination Page. With Debian’s 10th birthday
approaching on August 16th, people have been asking on various
mailing lists if any parties are planned (see our [32]last issue).
To make it easier to find events in the local area a 10th birthday
party [33]coordination page has been [34]started. If you know of an
event in your local area please go to the page and submit the
details if it’s not listed already.
32. http://www.debian.org/News/weekly/2003/23/
33. http://www.debconf.org/10years/
34. http://lists.debian.org/debian-devel-0306/msg01019.html
European Open Content License. The German [35]Institute for
Legal Issues on Free and Open Source Software has developed an
[36]Open Content License. It is based on the ideas emphasised in
the [37]GNU General Public License and was adjusted especially for
the law system of Germany and Europe.
35. http://www.ifross.de/
36.
http://www.uvm.nrw.de/kunden/uvm/www.nsf/0/DE4F7A151230FB66C1256D39002813AD?OpenDocument
37. http://www.gnu.org/copyleft/gpl.html
Department of Defense Issues Open Source Policy. Thor Olavsrud
[38]wrote that the U.S. Department of Defense has distributed a
memo putting Open Source software on a level playing field with
proprietary software when it comes to use within the department.
However, the memo also warned that those using Open Source software
must comply with “lawful licensing requirements” and be aware of
what those licenses entail.
38. http://www.internetnews.com/dev-news/article.php/2216311
Recommendation for Migration in Germany. The German [39]Federal
Ministry of the Interior is about to release a [40]recommendation
paper that demonstrates how to use Free Software in governmental
agencies. However, each agency will still have to decide on their
own whether to use Free Software or something else. The paper will
be [41]discussed in detail at [42]LinuxTag next month in Karlsruhe,
Germany.
39. http://www.bmi.bund.de/
40.
http://www.bmi.bund.de/dokumente/Pressemitteilung/ix_92264.htm?nodeID=3735
41. http://www.linuxtag.org/2003/de/conferences/talk.xsp?id=64
Suggestions for GTK Frontend. Sebastian Ley [43]asked for
suggestions with respect to the GTK frontend for cdebconf. Plans
were to base the frontend on the framebuffer library libdirectfb.
First efforts were successful and basic functions could be
implemented. However, it is currently not possible to start a shell
and to provide the user with an error log.
43. http://lists.debian.org/debian-boot-0306/msg00139.html
Depressing Bug Statistics for Base. Martin Michlmayr [44]noticed
that there are still way too many [45]bugs reported against
packages in the base system. He thinks that Debian should promote
co-maintainership for important packages and try to get people to
submit patches for open bugs to help the maintainers.
44. http://lists.debian.org/debian-qa-0306/msg00002.html
45. http://bugs.debian.org/~tbm/base_bugs.png
Orphaned Packages to remove. Andrew Suffield [46]reported that
he is making a series of passes over the list of orphaned packages,
looking for ones which can be removed. The first list attached to
his mail is comprised of those packages which are now completely
obsolete, for one reason or another. He intends to ask ftp-master
to remove them.
46. http://lists.debian.org/debian-qa-0306/msg00007.html
Infrastructure for Meta-Distribution Projects. Jeremy Malcolm
[47]asked about the experience of sub-projects to get some
ground-rules sorted out before he makes too many irreversible
decisions for [48]debian-lex. In particular he has looked at the
[49]debian-jr sub-project and their use of meta packages.
47. http://lists.debian.org/debian-lex-0306/msg00006.html
48. http://people.debian.org/~terminus/debian-lex/
49. http://www.debian.org/devel/debian-jr/
Security Updates. You know the drill. Please make sure that you
update your systems if you have any of these packages
installed.
- [50]ethereal — Buffer overflows, integer overflows.
- [51]atftp — Buffer overflow.
- [52]gnocatan — Buffer overflows, denial of service.
- [53]nethack, slashem — Buffer overflow, incorrect
permissions. - [54]cupsys — Denial of service.
- [55]lyskom-server — Denial of service.
- [56]webmin — Remote session ID spoofing.
- [57]mikmod — Buffer overflow.
- [58]radiusd-cistron — Buffer overflow.
- [59]typespeed — Buffer overflow.
- [60]noweb — Insecure temporary file creation.
50. http://www.debian.org/security/2003/dsa-313
51. http://www.debian.org/security/2003/dsa-314
52. http://www.debian.org/security/2003/dsa-315
53. http://www.debian.org/security/2003/dsa-316
54. http://www.debian.org/security/2003/dsa-317
55. http://www.debian.org/security/2003/dsa-318
56. http://www.debian.org/security/2003/dsa-319
57. http://www.debian.org/security/2003/dsa-320
58. http://www.debian.org/security/2003/dsa-321
59. http://www.debian.org/security/2003/dsa-322
60. http://www.debian.org/security/2003/dsa-323
New or Noteworthy Packages. The following packages were added to
the unstable Debian archive recently or contain important
updates.
- [61]checksecurity — Basic system security checks.
- [62]eggcups — Print job monitor.
- [63]httpush — Proxy for HTTP(S) application/server security
audits. - [64]krita — Image editor for the KDE Office Suite.
- [65]riece — Redesign of the Liece IRC client for Emacs.
- [66]spikeproxy — Web application security testing proxy.
- [67]yepp — Samsung YEPP MP3 loader.
61. http://packages.debian.org/unstable/admin/checksecurity.html
62. http://packages.debian.org/unstable/gnome/eggcups.html
63. http://packages.debian.org/unstable/net/httpush.html
64. http://packages.debian.org/unstable/graphics/krita.html
65. http://packages.debian.org/unstable/net/riece.html
66. http://packages.debian.org/unstable/net/spikeproxy.html
67. http://packages.debian.org/unstable/utils/yepp.html
Orphaned Packages. 2 packages were orphaned this week and
require a new maintainer. This makes a total of 188 orphaned
packages. Many thanks to the previous maintainers who contributed
to the Free Software community. Please see the [68]WNPP pages for
the full list, and please add a note to the bug report and retitle
it to ITA: if you plan to take over a package.
68. http://www.debian.org/devel/wnpp/
- [69]libghttp1 — Gnome HTTP client library.
([70]Bug#197389) - [71]php-gtk — PHP extension for GTK+ client-side
cross-platform GUI apps. ([72]Bug#197196)
69. http://packages.debian.org/unstable/libs/libghttp1.html
70. http://bugs.debian.org/197389
71. http://packages.debian.org/unstable/devel/php-gtk.html
72. http://bugs.debian.org/197196
Want to continue reading DWN? Please help us create this
newsletter. We still need more volunteer writers who investigate
the Debian community and report about events in the community.
Please see the [73]contributing page to find out how to help. We’re
looking forward to receiving your mail at [74][email protected].
73. http://www.debian.org/News/weekly/contributing
74. mailto:[email protected]