Git-Url:
http://git.frugalware.org/gitweb/gitweb.cgi?p=homepage-ng.git;a=commitdiff;h=427adc842806b58913a37e1a44a76ac0a6963a2c
commit 427adc842806b58913a37e1a44a76ac0a6963a2c
Author: Michel Hermier <[EMAIL PROTECTED]>
Date: Sun Feb 3 13:04:56 2008 +0100
homepage
* Add news letter 15 and related news.
diff --git a/frugalware/weeklynews/issue15.html
b/frugalware/weeklynews/issue15.html
new file mode 100644
index 0000000..9fcd007
--- /dev/null
+++ b/frugalware/weeklynews/issue15.html
@@ -0,0 +1,123 @@
+<h2>Table of Contents</h2>
+<ul>
+ <li><a href="#welcome">Welcome</a></li>
+ <li><a href="#events">Events</a></li>
+ <li><a href="#tips">Tips and tricks</a></li>
+ <li><a href="#packages">Focus on package(s)</a></li>
+ <li><a href="#fixes">Bug fixes</a></li>
+ <li><a href="#security">Security announcements</a></li>
+ <li><a href="#about">About the newsletter</a></li>
+</ul>
+
+<a name="welcome"></a>
+<h2>Welcome</h2>
+<p>
+ The newsletter's aim is to keep you up to date with what's happened
recently in the world of the Linux distribution 'Frugalware'.
+</p>
+<p>
+ Features of this issue include:
+ <ul>
+ <li>Kalgan - we're getting closer :)</li>
+ <li>You want security fixes? We've got 'em!</li>
+ <li>Tip - X video problem on boot? - <b>Don't panic!</b> (yet)</li>
+ <li>Stellarium - gazing at the stars from your PC</li>
+ </ul>
+</p>
+
+<a name="events"></a>
+<h2>Events</h2>
+<p>
+ Here's a selection of events which have occurred since the previous
newsletter:
+</p>
+<ul>
+ <li>
+ <h3>Kalgan - we're getting closer :)</h3>
+ <p>On 29 January 2008, vmiklos announced the release of Frugalware 0.8
("Kalgan") release candidate 1. Included in this release are quite a number of
bug fixes, updated packages and new packages. For more details on this
exciting release, read vmiklos' <a
href="http://www.frugalware.org/news/86";>announcement</a>.</p>
+ <p>The purpose of Frugalware's pre-releases and release candidates is
to allow anyone who's interested to test the work in progress. If you have the
bandwidth and time required to help, <b>please</b> test these pre-releases and
release candidates. The more bugs that are found during the testing phase, the
better the quality of the final release.</p>
+ <p>According to my calculations, there are only
902,334,167,372,827,123 trillion light years to go. :) (In reality it's
closer to 6 weeks, according to the <a
href="http://www.frugalware.org/roadmap";>roadmap</a>).</p>
+</li>
+</ul>
+
+<a name="tips"></a>
+ <h2>Tips and tricks</h2>
+ <b>Disclaimer</b> - Be aware that the hints & tips provided here have
NOT been tested and so come with no warranty.
+<ul>
+ <li>
+ <h3>Video problem? - don't panic - submitted by 'phayz'</h3>
+ <p><b>Question</b> - Let's take a common configuration - you have
configured Frugalware to boot to a GUI login manager - KDM, GDM or SLiM for
example. OK, now you've found on boot that X isn't working. If you can't get
into your graphical desktop environment, how can you edit /etc/xorg.conf to fix
the problem?</p>
+ <p><b>Answer</b></p>
+ <ol>
+ <li>When you see the graphical GRUB menu, press [Esc] and
confirm that you want to exit from the graphical menu. You'll now see the
standard text-only GRUB menu. </li>
+ <li>Highlight your prefered GRUB entry and press [E] (for
'Edit').</li>
+ <li>Press [E] again and you're dropped into a basic
editor.</li>
+ <li>Press [End] to move the cursor to the end of the line.</li>
+ <li>Press [3], then [Enter] to end editing the GRUB entry.</li>
+ <li>Press [Enter] again to select the temporarily modified
entry and GRUB will boot. The "3" which you added to the end of the GRUB entry
specifies run level '3', which means that Frugalware will boot into a text-only
mode - i.e. X will not be started.</li>
+ <li>Now you need to log in and, using a text-only editor (Vi,
emacs, nano, pico, joe for example), correct your /etc/xorg.conf file.</li>
+ </ol>
+ </li>
+</ul>
+ <p>This section relies on your contributions! If have some tips and tricks
that you would like to be shown in the newsletter, <b><u><i>please</i></u></b>
post them on the forums in the Tips and Tricks section!</p>
+
+
+<a name="packages"</a>
+<h2>Focus On Package(s)</h2>
+
+ <p>In a new section of the newsletter, I focus on one or more packages and
give a general overview of their features. The packages featured will usually
be the more obscure ones. You're not likely to be reading about the major
desktops.</p>
+ <h3>Stellarium - gazing at the stars from your PC</h3>
+ <p><a href="http://www.stellarium.org/";>Stellarium</a> is an amazing
application which is described on its home page as "a free open source
planetarium for your computer. It shows a realistic sky in 3D, just like what
you see with the naked eye, binoculars or a telescope." If you have any
interest in what's "up there", you simply <b>must</b> look at Stellarium. The
images it produces are just amazing and can be presented in a range of
interesting ways. It's a very active project, with the latest release on 17
January 2008. Its system requirements are very reasonable so it can be used
even on old PCs - a Pentium III for example.</p>
+
+
+<a name="fixes"></a>
+<h2>Bug fixes</h2>
+
+<p>
+ A list of bugs closed since the previous newsletter is available <a
href="http://bugs.frugalware.org/index.php?string=&project=1&type%5B%5D=&sev%5B%5D=&pri%5B%5D=&due%5B%5D=&reported%5B%5D=&cat%5B%5D=&status%5B%5D=closed&percent%5B%5D=&opened=&dev=&closed=&duedatefrom=&duedateto=&changedfrom=&changedto=&openedfrom=&openedto=&closedfrom=2008-01-19&closedto=&do=index&submit=";>here</a>.
+</p>
+
+
+<a name="security"></a>
+<h2>Security announcements</h2>
+<p>
+ According to the normal support arrangements for Frugalware, when
Frugalware 0.7 (Sayshell) was released, support for the previous release ended.
This means that no further security or bug fixes will be released for
Frugalware 0.6 (Terminus).
+</p>
+
+<p>
+ Here is a list of <a href="/security">security issues</a> which have been
discovered and fixed in the 0.7 release since the previous newsletter.
+</p>
+
+<ul>
+ <li>FSA366 - kernel: A vulnerability with unknown impact has been reported
in the Linux Kernel. Please upgrade to kernel-2.6.22-7sayshell4.</li>
+ <li>FSA365 - joomla: MustLive has discovered a vulnerability in Joomla!,
which can be exploited by malicious people to conduct cross-site scripting
attacks. Please upgrade to joomla-1.0.13-2sayshell1.</li>
+ <li>FSA364 - postgresql: Some vulnerabilities have been reported in
PostgreSQL, which can be exploited by malicious users to gain escalated
privileges or to cause a DoS (Denial of Service). Please upgrade to
postgresql-8.2.6-1sayshell1.</li>
+ <li>FSA363 - libcdio: Some vulnerabilities have been reported in the
cd-info and iso-info applications of libcdio, which potentially can be
exploited by malicious people to compromise a user's system. Please upgrade to
libcdio-0.78.2-2sayshell1.</li>
+ <li>FSA362 - rsync: Two vulnerabilities have been reported in rsync, which
can be exploited by malicious users to bypass certain security restrictions.
Please upgrade to rsync-2.6.9-3sayshell1.</li>
+ <li>FSA361 - asterisk: Multiple vulnerabilities has been reported in
Asterisk, which can be exploited by malicious people to conduct SQL injection
attacks, bypass certain security restrictions and cause a DoS (Denial of
Service). Please upgrade to asterisk-1.4.13-1sayshell2.</li>
+ <li>FSA360 - ruby-gnome2: Chris Rohlf has reported a vulnerability in
Ruby-GNOME2, which can potentially be exploited by malicious people to
compromise an application using the library. Please upgrade to
ruby-gnome2-0.16.0-4sayshell1.</li>
+ <li>FSA359 - libxml2: A vulnerability has been reported in Libxml2, which
can be exploited by malicious people to cause a DoS (Denial of Service). Please
upgrade to libxml2-2.6.30-2sayshell1.</li>
+ <li>FSA358 - horde-webmail: Secunia Research has discovered a
vulnerability in IMP Webmail Client and Horde Groupware Webmail Edition, which
can be exploited by malicious people to bypass certain security restrictions
and manipulate data. Please upgrade to horde-webmail-1.0.1-4sayshell1.</li>
+ <li>FSA357 - drupal: Some vulnerabilities have been reported in Drupal,
which can be exploited by malicious people to conduct cross-site scripting,
script insertion, and cross-site request forgery attacks. Please upgrade to
drupal-5.2-2sayshell3.</li>
+ <li>FSA356 - mantis: seiji has discovered a vulnerability in Mantis, which
can be exploited by malicious users to conduct script insertion attacks. Please
upgrade to mantis-1.0.8-2sayshell1.</li>
+ <li>FSA355 - vlc: Some vulnerabilities have been discovered in VLC Media
Player, which can be exploited by malicious people to compromise a user's
system. Please upgrade to vlc-0.8.6-8sayshell1.</li>
+ <li>FSA354 - libexif: Two vulnerabilities have been reported in libexif,
which can be exploited by malicious people to cause a DoS (Denial of Service)
or to compromise an application using the library. Please upgrade to
libexif-0.6.16-2sayshell1.</li>
+ <li>FSA353 - clamav: Some vulnerabilities have been reported in ClamAV,
where one vulnerability has an unknown impact and others can be exploited by
malicious people to cause a DoS (Denial of Service) or compromise a vulnerable
system. Please upgrade to clamav-0.91.2-2sayshell1.</li>
+ <li>FSA352 - opera: Some vulnerabilities have been reported in Opera,
which can be exploited by malicious people to bypass certain security
restrictions, disclose sensitive information, and compromise a user's system.
Please upgrade to opera-9.25-1sayshell1.</li>
+ <li>FSA351 - cups: A vulnerability has been reported in CUPS, which can be
exploited by malicious people to cause a DoS (Denial of Service) or potentially
compromise a vulnerable system. Please upgrade to cups-1.3.2-2sayshell3.</li>
+ <li>FSA350 - syslog-ng: A vulnerability has been reported in syslog-ng,
which can be exploited by malicious people to cause a DoS (Denial of Service).
Please upgrade to syslog-ng-2.0.5-2sayshell1.</li>
+ <li>FSA349 - apache: A vulnerability have been reported in Apache
mod_imagemap module, which can be exploited by malicious people to conduct
cross-site scripting attacks. Please upgrade to apache-2.2.6-2sayshell1.</li>
+ <li>FSA348 - scponly: A security issue has been reported in scponly, which
can be exploited by malicious, local users to bypass certain security
restrictions. Please upgrade to scponly-4.6-2sayshell1.</li>
+ <li>FSA347 - squid: A vulnerability has been reported in Squid, which can
be exploited by malicious people to cause a DoS (Denial of Service). Please
upgrade to squid-2.6.STABLE16-2sayshell1.</li>
+</ul>
+
+
+
+<a name="about"></a>
+<h2>About the newsletter</h2>
+ <h3>Author</h3>
+ <p>The Frugalware newsletter is written by Russell Dickenson (AKA
phayz). Credit for the Frugalware distribution goes to the development
team.</p>
+ <h3>Translations</h3>
+ <p>The newsletter is currently translated into French and Danish. The
<a href="http://frugalware-fr.tuxfamily.org/forums/index.php?board=34.0";>French
translation</a> is provided by the French Frugalware community. The <a
href="http://frugalware.dk/?cat=5";>Danish translation</a> is provided by the
Danish Frugalware community. Thanks to all those involved in providing and
hosting these translations.</p>
+ <h3>Release</h3>
+ <p>To allow time for review and corrections, each newsletter is
written ahead of its release date. Therefore it may not mention events which
occured in the few days before its release - e.g. security fixes. To be sure
that you've got the very latest information on these topics, go to the
appropriate page of the Frugalware web site.</p>
+ <h3>Feedback</h3>
+ <p>If you have feedback about the Frugalware newsletter - whether good
or bad - please provide it via the forums. Your feedback is valuable because
we want the newsletter to meet the needs of Frugalware's users.</p>
_______________________________________________
Frugalware-git mailing list
Frugalware-git@frugalware.org
http://frugalware.org/mailman/listinfo/frugalware-git
