Debian Weekly News – September 9, 2003

Debian Weekly News
http://www.debian.org/News/weekly/2003/36/

Debian Weekly News – September 9th, 2003

Welcome to this year’s 36th issue of DWN, the weekly newsletter
for the Debian community. [1]Rio Audio announced the [2]Rio Karma
20, which seems to be the first industrially manufactured digital
audio player that supports the Ogg Vorbis audio format. In light of
the recent software patents debate members of the German
[3]Debianforum signed an [4]open letter directed at the European
Parliament.

1. http://www.rioaudio.com/
2.
http://www.digitalnetworksna.com/shop/_templates/item_main_Rio.asp?model=220&cat=35

3. http://www.debianforum.de/
4. http://www.debianforum.de/wiki/OffenerBrief

Not just another pretty Face. Robert Storey, a self-confessed
Debian convert wrote a [5]review about his successful installation
experience. He explains that a good package management system
should not only inform you about unmet dependencies but even
better, it should just fix the problem for you without asking. He
continues with a section about “Post Install Configuration” which
includes many details such as APM and framebuffer configuration,
which many installation articles do not mention.

5. http://www.distrowatch.com/dwres.php?resource=review-debian

Latest Versions of Webmagick and Imagemagick. Keith Goettert
wrote a [6]tutorial on installing and using the latest version of
[7]Webmagick and [8]Imagemagick from source. He had to use more
recent versions since Debian 3.0 ships older packages that work
slower but consume more memory.

6. http://lists.debian.org/debian-user-0309/msg00137.html

7. http://webmagick.sourceforge.net/

8. http://www.imagemagick.org/

Placing System generated Programs? Russell Coker [9]wondered
where a package should place programs that are automatically
generated and run. The [10]Filesystem Hierarchy Standard (FHS) is
not clear on whether it is OK to put a script in /var/run. This and
/var/lib/package/ seem to be the only options.

9. http://lists.debian.org/debian-devel-0309/msg00081.html

10. http://www.pathname.com/fhs/

PostgreSQL 7.4beta2 for Debian. Oliver Elphick [11]announced
Debian packages of PostgreSQL 7.4beta2 which he has uploaded into
the experimental archive. The packages may not be visible for a
while because there are some new binary packages that need to be
authorised by the archive maintainers.

11. http://lists.debian.org/debian-devel-0309/msg00121.html

Future of Libwww? Richard Atterer [12]reported that the [13]W3C
has stopped work on [14]Libwww and invites the libwww user
community to participate in a Future of Libwww [15]survey that will
help to determine its future. Libwww is a free, highly modular
client side Web API. A public W3C [16]account is required to
complete the survey.

12. http://lists.debian.org/debian-devel-0309/msg00123.html

13. http://www.w3.org/
14. http://www.w3.org/Library/
15. http://www.w3.org/Library/Survey2

16. http://cgi.w3.org/MemberAccess/Public

Free Software requiring non-free Build Tools. Matt Zimmerman
[17]wondered how [18]tvtime should be packaged. It can use binary
modules from [19]DScaler, which are free, but currently only
compilable by non-free tools. Matt thought that the binary DLLs
could go in contrib, because the source code is free. Branden
Robinson [20]agreed, summarising that packages in main must be
entirely free and must be buildable and usable solely with other
packages also in main. Free packages with non-free dependencies or
build-dependencies can go into contrib.

17. http://lists.debian.org/debian-legal-0309/msg00184.html

18. http://tvtime.sourceforge.net/

19. http://deinterlace.sourceforge.net/about.htm

20. http://lists.debian.org/debian-legal-0309/msg00188.html

New Package Dependency Field Format. Adam Heath has been working
on a rewrite of dpkg and has [21]proposed a number of changes to
the dependency parser, including the addition of the != operator
and full nestable parenthetical expression support. Jason Gunthorpe
[22]explained that APT would need huge amounts of effort to support
the changes, but it would not solve any actual problems. Anthony
Towns [23]thought the changes would require a major rewrite of the
logic of the testing scripts for no real gain.

21. http://lists.debian.org/debian-dpkg-0309/msg00000.html

22. http://lists.debian.org/debian-dpkg-0309/msg00014.html

23. http://lists.debian.org/debian-dpkg-0309/msg00028.html

Would the GNU Project endorse Debian? In response to Branden
Robinson’s [24]questioning, Richard Stallman [25]explained that the
GNU Project won’t endorse Debian, because non-free packages are
distributed on our servers. Richard explained that if Debian
distributes main from a server that doesn’t include or refer people
to non-free software and documentation, the GNU project could point
to Debian as an entirely free version of the GNU system. However,
they could not endorse it in glowing terms if documentation is
excluded when it is released under the GNU [26]Free Documentation
License (FDL).

24. http://lists.debian.org/debian-legal-0309/msg00135.html

25. http://lists.debian.org/debian-legal-0309/msg00162.html

26. http://www.gnu.org/copyleft/fdl.html

Debian and the FSF. Bruce Perens [27]thought it was time to step
in between Debian and the Free Software Foundation (FSF) regarding
the debate over non-free stuff in Debian and the FDL. He claimed
that saying “non-free isn’t really part of Debian” is a fiction. He
urged Debian to make it true by giving non-free and contrib their
own organisation. He also suggested that the FSF should assert that
documentation is an essential component of Free Software, and that
it must be under essentially the same terms as its associated
software.

27. http://lists.debian.org/debian-legal-0309/msg00091.html

Politics in Free Software. Tom Chance [28]reported about a
developer who credited a certain army in four of his applications,
their removal and the [29]small storm in the community. He said
that “some organisations, like Debian, have put a lot of effort
into defining exactly how the community handles political and
social relations, so that responsibility and authority is clearly
and justly assigned, and decision-making processes are clearly and
justly defined.” He would like Free Software communities to take
political and social considerations more seriously, since we should
not continue with large numbers of people believing that politics
has no place in Free Software, or that burying one’s head in the
sand is a wise way to work.

28.
http://newsforge.com/article.pl?sid=03/09/02/1930234&mode=thread&tid=51

29. http://dot.kde.org/1062275899/

Security Scanning with Debian based Tools. Vircor Garza and
Joseph Roth [30]tested Nessus using [31]Knoppix-STD, a Security
Tools Distribution. The ease of gathering up-to-date vulnerability
information and scripts, the passive, non-destructive scanning
mode, and the fact that Nessus also supports a PKI of sorts, using
a certificate for authentication, were features they liked. They
said that “[32]Nessus does the job of identifying vulnerabilities
and recommending fixes, and the Knoppix/Nessus combination goes a
long way toward making the scanner easy to use.” However, reporting
the results of the security scan in a clear, concise and foolproof
manner was [33]one area they found lacking.

30. http://www.infoworld.com/article/03/09/05/35TCvuln_1.html

31. http://www.knoppix-std.org/
32. http://www.nessus.org/
33. http://www.nessus.org/demo/third.html

Debian on NordicOS. Debian GNU/Linux is listed on [34]NordicOS,
a project of the Nordic Ministerial Council, which addresses the
need for a comprehensive overview of open source software available
for consumers. The item refers to several official documents from
Debian and accentuated that Debian is a completely non-commercial
project, perhaps the purest form of the ideals that started the
Free Software movement.

34. http://www.nordicos.org/programs/all/debian/

Guide for Greek Debian Users. Konstantinos Margaritis
[35]announced the new Greek [36]Debian User’s Guide which he wrote.
It deals with most aspects of installing Debian GNU/Linux version
3.0 and many aspects of everyday use and administration. The guide
has been released under the FDL and is available in many popular
document formats. A printed version is planned as well.

35.
http://www.ellak.gr/modules.php?op=modload&name=phpWiki&file=index&pagename=DebianGuideEn

36. http://www.ellak.gr/pub/OpenGuides/Debian/debianguide.html

Security Updates. You know the drill. Please make sure that you
update your systems if you have any of these packages
installed.

• [37]exim — Buffer overflow.
• [38]wu-ftpd — Insecure program execution.
• [39]mah-jong — Buffer overflows, denial of service.

37. http://www.debian.org/security/2003/dsa-376

38. http://www.debian.org/security/2003/dsa-377

39. http://www.debian.org/security/2003/dsa-378

New or Noteworthy Packages. The following packages were added to
the unstable Debian archive recently or contain important
updates.

• [40]camorama — Gnome2 tool to view, alter and save images from
  a webcam.
• [41]conglomerate — Userfriendly XML editor.
• [42]dcraw — Decode raw digital camera images.
• [43]directvnc — VNC client using the framebuffer as
  display.
• [44]evms-ha — Enterprise Volume Management System
  (high-availability).
• [45]freehoo — Console Yahoo messenger client with guile and
  readline interfaces.
• [46]greed — Curses-based clone of the DOS freeware game
  Greed.
• [47]jed-extra — Collection of useful JED modes and
  utilities.
• [48]latrine — Curses-based LAnguage TRaINEr.
• [49]lg-issue94 — Issue 94 of the Linux Gazette.
• [50]mediamate — Web-based movie database and tracker.
• [51]monster-masher — GPL’ed mash’em-up action game for
  GNOME.
• [52]resolvconf — Nameserver information manager.
• [53]shorlfilter — Text filter to shorten long URLs using
  online redirection database.
• [54]ssl-cert — Simple debconf wrapper for openssl.

40. http://packages.debian.org/unstable/gnome/camorama.html

41. http://packages.debian.org/unstable/text/conglomerate.html

42. http://packages.debian.org/unstable/graphics/dcraw.html

43. http://packages.debian.org/unstable/misc/directvnc.html

44. http://packages.debian.org/unstable/admin/evms-ha.html

45. http://packages.debian.org/unstable/net/freehoo.html

46. http://packages.debian.org/unstable/games/greed.html

47. http://packages.debian.org/unstable/editors/jed-extra.html

48. http://packages.debian.org/unstable/text/latrine.html

49. http://packages.debian.org/unstable/doc/lg-issue94.html

50. http://packages.debian.org/unstable/web/mediamate.html

51. http://packages.debian.org/unstable/games/monster-masher.html

52. http://packages.debian.org/unstable/net/resolvconf.html

53. http://packages.debian.org/unstable/text/shorlfilter.html

54. http://packages.debian.org/unstable/utils/ssl-cert.html

Orphaned Packages. 2 packages were orphaned this week and
require a new maintainer. This makes a total of 205 orphaned
packages. Many thanks to the previous maintainers who contributed
to the Free Software community. Please see the [55]WNPP pages for
the full list, and please add a note to the bug report and retitle
it to ITA: if you plan to take over a package.

55. http://www.debian.org/devel/wnpp/

• [56]mydns — DNS server using MySQL for data storage.
  ([57]Bug#209071)
• [58]zebra — GPL’d, BGP/OSPF/RIP capable routing daemon.
  ([59]Bug#208786)

56. http://packages.debian.org/unstable/net/mydns.html

57. http://bugs.debian.org/209071

58. http://packages.debian.org/unstable/net/zebra.html

59. http://bugs.debian.org/208786

Want to continue reading DWN? Please help us create this
newsletter. We still need more volunteer writers who investigate
the Debian community and report about events in the community.
Please see the [60]contributing page to find out how to help. We’re
looking forward to receiving your mail at [61][email protected].

60. http://www.debian.org/News/weekly/contributing

61. mailto:[email protected]