-------------------------------------------------------------------------- Debian Weekly News http://www.debian.org/News/weekly/current/issue/ Debian Weekly News - September 14th, 1999 -------------------------------------------------------------------------- Welcome to Debian Weekly News, a newsletter for the Debian developer community.
In security news, a buffer overflow in the inews program provided by the INN news server has been [8]reported which would allow local users privileges as gid 'news'. New versions of inewsinn, inn-dev and inn have been made available at security.debian.org. The Bug Tracking System has been upgraded to use the debbugs package, and Darren Benham is the [9]new maintainer of the BTS. This is very good news, because development has been going on in debbugs for some time, and now the BTS will benefit from this and from future enhancements. The BTS was down for a while this weekened for the transition; no mail was lost. An [10]interview with Matt Welsh contains some interesting Debian-related tidbits. "I was a member of the original Debian team. I invented dpkg, or the first version of it, which looked nothing like what it looks like now " and "They [Debian] are great idealists, but pragmatism sometimes has to step in." Raphael Hertzog [11]posted a proposed structure for the QA group. This includes a core QA team and a web site to coordinate thier work. The plan is to greatly expand what the QA group works on, to include many things besides maintaining orphaned packages. A few packages broke this week in unstable. A new version of tar made lintian [12]very confused; this has been fixed. And a new netstd package split rsh into a separate package. That package is still in Incoming, and until it reaches the archives, rsh isn't available. Other things happening in unstable this week include: * The shadow suite now uses PAM. This includes login, passwd, su, etc. This is a [13]huge step toward making everything use PAM. * The long awaited redesign of the installation profiles has begun. Now there are "metapackages"; packages that depend on a group of packages that relate to a common activity, like playing games or developing C programs. Martin Bialasinski posted a [14]request for help coming up with lists of packages for each metapackage. Should Debian move to GRUB as our [15]default boot loader? After all, since GRUB is used by the Hurd, this would standardize the boot system used for Debian Linux and Debian Hurd. Here is a [16]good summary of pros and cons of using GRUB. Another con is that H. Peter Anvin is working on a [17]new boot loader for linux that promises to be superior to both. No conclusion has been reached on this, but no-one seems especially attached to lilo. And speaking of the Hurd, it's been a big week for the Hurd port, with [18]44 updated packages, along with a new set of installation files. Work on Debian JP continues and as usual a [19]summary is available, covering topics from internationalization to a translated DFSG document, and work on a Social Contract for Debian JP. Followups to last week's news: * The item about the problems of BIND's copyright was picked up by [20]Linux Weekly News and later by [21]SlashDot. The maintainer of BIND began [22]talking with upstream about ways to resolve the problem, and it looks like a [23]solution has been found -- a "bind-norsa" tarball will be available. * Developers who want to migrate to GPG can read a [24]mini-HOWTO on the subject by Brian Almeida. Thanks to Simon Hologate, Katsura S. Yoshio, and Randolph Chung for [25]contributing. _________________________________________________________________ References 8. http://www.debian.org/Lists-Archives/debian-security-announce-99/msg00030.html 9. http://www.debian.org/News/weekly/current/issue/mail#1 10. http://www.linuxcare.com/news_columns/interviews/1999/09-13-99.epl 11. http://www.debian.org/Lists-Archives/debian-qa-9909/msg00013.html 12. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00582.html 13. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00613.html 14. http://www.debian.org/News/weekly/current/issue/mail#2 15. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00493.html 16. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00501.html 17. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00588.html 18. http://www.debian.org/Lists-Archives/debian-hurd-9909/msg00094.html 19. http://www2.osk.3web.ne.jp/~shishamo/debian/trans/djwn/wn091299.html 20. http://www.lwn.net/1999/0909/ 21. http://slashdot.org/article.pl?sid=99/09/11/1013245&mode=nested 22. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00585.html 23. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00667.html 24. http://www.debian.org/Lists-Archives/debian-devel-9909/msg00702.html 25. http://www.debian.org/News/weekly/contributing -- see shy jo