--------------------------------------------------------------------------- Debian Project News http://www.debian.org/News/project/2008/10/ Debian Project News - September 1st, 2008 ---------------------------------------------------------------------------
Welcome to this year's 10th issue of DPN, the newsletter for the Debian community. Some of the topics covered in this issue include: * Debian Live Lenny Beta1 released * Debian Translations for French and German Reach 100% * Policy for web apps session storage? * ... and much more. Debian Live Lenny Beta1 The Debian Live team [1]announced the first beta of Debian Lenny's Live images. This is the first official release of Debian Live CDs. The main features are, that these Live images are build 100% with packages in Debians main section and different flavours (GNOME, KDE and Xfce as well as a small image without graphical environment. 1: http://lists.debian.org/debian-devel-announce/2008/08/msg00013.html Future releases should also contain an installation system, which is not part of this beta1 version, since it still contains some minor bugs. The images are created using [2]live-helper, a collection of scripts helping to create these CD images. There is also a [3]graphical front end for these script. 2: http://packages.qa.debian.org/live-helper 3: http://packages.qa.debian.org/live-magic Debian Translations for French and German Reach 100% [4]Christian Perrier announced "On August 22nd, both German and French languages reached 100% completeness for po-debconf translations in unstable. For German, this is the very first time this has happened and the German l10n (localization) team deserves congratulations for that achievement." Po-debconf translations enables native speakers use Debian in their own language and is an important aspect in working toward Debian's goal of being a universal operating system. 4: http://lists.debian.org/debian-devel-announce/2008/08/msg00014.html Helge Kreutzmann [5]added, that "this was only possible due to the tireless efforts of Christian to actually get the translations into Debian." Christian Perrier spend a lot of time to coordinate new translations and upload packages containing new translations. 5: http://lists.debian.org/debian-i18n/2008/08/msg00172.html Policy for web apps session storage? After several bugs regarding [6]possible symlink attacks were reported, Olivier Berger [7]wonders about a policy how web applications (or their framework) should handle storage of their session files. He noted that PHP already tries to prevent possible symlink attacks, by using /var/lib/php5 which is only readable by the root-user and automatically cleaned with a cronjob to prevent attacks by opening a lot of sessions. He especially wonders, if whether there's a similar approach for applications using perl and CGI::Session. 6: http://lists.debian.org/debian-devel/2008/08/msg00271.html 7: http://lists.debian.org/debian-devel/2008/08/msg00340.html Usage of Package diffs? Joerg Jasper [8]asked, if the package diffs, a system to update the package list by downloading the differences between versions of that file, is used at all. Since he usually turns that feature of, which seems to him only slow apt down and wastes a lot of bandwidth of our mirror network. 8: http://blog.ganneff.de/blog/2008/09/01/pdiffs-1.html Several people already reported to use this feature and asked for it to stay. Others proposed to keep the feature, but to disable it by default. people.debian.org to move to a new host and file transfer between Debian hosts Peter Palfrader [9]reported that people.debian.org, a service offering web space for Debian Developers, will be moved to new host in late September ans asks all Developers using that service to check if all needed packages are available on the new host. 9: http://lists.debian.org/debian-devel-announce/2008/08/msg00012.html This announcement lead to the [10]questions regarding the file transfer between different hosts of the Debian infrastructure. Peter [11]summarized possible options and asks for further feedback. 10: http://lists.debian.org/debian-devel/2008/08/msg00780.html 11: http://lists.debian.org/debian-project/2008/08/msg00172.html Other news Joerg Jaspert [12]announced, that James Troup stepped down from his post as Debian Account Manager. We would like to thanks James for the hard work and dedication over many years. 12: http://lists.debian.org/debian-project/2008/08/msg00167.html Ana Beatriz Guerrero Lopez [13]announced that since Lenny has been frozen, back ported KDE 4.1 packages are available now at [14]kde4.debian.net. 13: http://ekaia.org/blog/2008/08/21/kde-41-backported-packages-for-lenny/ 14: http://kde4.debian.net/ Joey Schulze [15]reported from the [16]m68k porter meeting which took place at the University of Kiel, Germany. The Meeting was streamed, so that people unable to attend in person could participate via IRC. The [17]results include bits about the port to the coldfire architecture as well as status updates for Sid and Lenny. 15: http://www.infodrom.org/~joey/log/?200808311226 16: http://wiki.ffis.de/m68k/Meeting2008 17: http://wiki.debian.org/M68k/Meetings/Kiel2008 Important Debian Security Advisories Debian's Security Team recently released advisories for these packages (among others): [18]postfix, [19]linux-2.6, [20]libxml2 and [21]tiff. Please read them carefully and take the proper measures. 18: http://www.debian.org/security/2008/dsa-1629 19: http://www.debian.org/security/2008/dsa-1630 20: http://www.debian.org/security/2008/dsa-1631 21: http://www.debian.org/security/2008/dsa-1632 If you would like to be kept up to date about the security advisories released by the Debian Security Team, please subscribe to the [22]mailing list for security announcements. 22: http://lists.debian.org/debian-security-announce/ New and noteworthy packages The following packages were added to the unstable Debian archive recently ([23]among others): * [24]drupal6 -- a fully-featured content management framework * [25]kde-i18n-uzcyrillic -- Cyrillic Uzbek ([EMAIL PROTECTED]) internationalized (i18n) files for KDE * [26]openoffice.org-report-builder-bin -- OpenOffice.org Report Builder extension - support libraries * [27]python-hcluster -- Python functions for agglomerative clustering * [28]qmmp -- feature-rich audio player with support of many formats * [29]rapache -- apache2 graphical configuration tool * [30]salasaga -- IDE for development of eLearning applications * [31]topgit -- a Git patch queue manager * [32]virt-top -- show stats of virtualized domains * [33]warzone2100-music -- music for warzone2100 23: http://packages.debian.org/unstable/main/newpkg 24: http://packages.debian.org/unstable/main/drupal6 25: http://packages.debian.org/unstable/main/kde-i18n-uzcyrillic 26: http://packages.debian.org/unstable/main/openoffice.org-report-builder-bin 27: http://packages.debian.org/unstable/main/python-hcluster 28: http://packages.debian.org/unstable/main/qmmp 29: http://packages.debian.org/unstable/main/rapache 30: http://packages.debian.org/unstable/main/salasaga 31: http://packages.debian.org/unstable/main/topgit 32: http://packages.debian.org/unstable/main/virt-top 33: http://packages.debian.org/unstable/main/warzone2100-music Work-needing packages Currently 453 packages are orphaned and 110 packages are up for adoption. Please take a look at the [34]recent [35]reports to see if there are packages you are interested in or view the complete list of [36]packages which need your help. 34: http://lists.debian.org/debian-devel/2008/08/msg00532.html 35: http://lists.debian.org/debian-devel/2008/08/msg00815.html 36: http://www.debian.org/devel/wnpp/help_requested Want to continue reading DPN? Please help us create this newsletter. We still need more volunteer writers to watch the Debian community and report about what is going on. Please see the [37]contributing page to find out how to help. We're looking forward to receiving your mail at [EMAIL PROTECTED] 37: http://wiki.debian.org/ProjectNews/HowToContribute 38: mailto:[EMAIL PROTECTED] This issue of Debian Project News was edited by Jeff Richards, Meike Reichle and Alexander Reichle-Schmehl. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
