Archive:Weekly news 9
tagline: From openSUSE
Welcome to issue 9 of openSUSE Weekly News!
In this week:
- openSUSE 11.0 Alpha 2 is out
- openSUSE Membership Now Open for Applications
- Hackweek Part II this week at SUSE
- In Planet SUSE: Lightning-fast package management for 11.0, Command-line 1-Click-Install
- Upcoming: FOSDEM
- 1 Announcements
- 2 In the Community
- 3 Planet SUSE
- 3.1 Duncan Mac-Vicar: Fast Package Management
- 3.2 Joe Brockmeier: What it means to be a community manager
- 3.3 Benjamin Weber: One Click Install links from the command line.
- 3.4 Stephan Binner: openSUSE and Tracking 4.1 Development
- 3.5 Jeff Jaffe: openSUSE enthusiasm
- 3.6 Benjamin Weber: Command-Not-Found on openSUSE
- 3.7 Joe Brockmeier: Summing up SCALE 6x
- 4 Past Meetings
- 5 Upcoming Events/Meetings
- 6 Security Updates
- 7 In the Press
- 8 Statistics
- 9 Feedback / Communicate / Get Involved
- 10 Credits
- "Only three weeks after Alpha1, we’re glad to announce the release of openSUSE 11.0 Alpha 2. There are various exciting changes in there that we would like to have feedback on."
- "We had last June our first Hackweek and have this week (from 11th to 15th) our second hackweek. Some of us do use the ideas.opensuse.org website for collecting ideas but not everybody. The goal of the hackweek is for everybody in the engineering group of the Open Platform Business Unit of Novell to work on some innovate and cool ideas - and not look at the usual work."
In the Community
- "openSUSE, being an open and global community project, has contributors and volunteers from all over the world. "openSUSE Members" are specifically distinguished contributors who have brought a continued and substantial contribution to the openSUSE project. They are approved by the openSUSE board."
- "It’s community week, and as so ‘People of openSUSE’ interviewed the most popular openSUSE IRC helper around there, Jake Rogers! He is also the author of help.opensuse.org, and one of the newest openSUSE Members."
Covering just a few posts from Planet SUSE, an aggregation of all SUSE contributors' blogs:
- "We have been working hard to get package management stack changes in so we can have them in one of the next alphas. I wanted to make a small pause and write about it"
- "Since it seemed fairly relevant, I made a point to attend Stormy Peters‘ talk “What does a community manager do?” on the first day of SCALE. Having just taken on that role here with openSUSE, I was curious to see whether my job description was in line with Peters’ interpretation of the community manager role, and also wanted to see if I could snag a few good ideas."
- "I get asked occasionally whether it is possible to install some software from a “one click install” link from the command line. Well now it is."
- "As previously said openSUSE will, besides providing packages for the KDE 4.0 branch, continue to track the KDE trunk/4.1 development with packages for openSUSE 10.3 and Factory. This happens in the new KDE:KDE4:UNSTABLE:* Build Service repositories.... "
- "Recently, I described Novell’s support for openSUSE’s efforts to open and socialize their governance process. Novell wants openSUSE to continue to be pre-eminent. We want the story to be told. So last week we took our next step – appointing Joe Brockmeier to be openSUSE community manager."
- "Ubuntu ships with a programme called command-not-found which will suggest a package to install when the user types a command at the terminal which can’t be found. It seems this makes use of a hook called command_not_found_handler() which is not available in SUSE. Pavol Rusnak is working on porting this programme to openSUSE, so it might be available for 11.0. But is it possible to get this behaviour on a vanilla openSUSE 10.3 without installing any other packages? It does seem possible to do something hacky to get such behaviour:"
- "Just back from SCALE (well, “back” is a relative term — I’m actually at Novell’s Waltham office today, rather than my home office in Florida) and I’ve got to hand it to Ilan Rabinovitch, Orv Beach, Gareth Greenaway, and the rest of the gang involved in organizing SCALE — the show went off without a hitch, and it was a lot of fun as well as a great opportunity to get together with other members of the Linux and open source community."
- "Here are very brief minutes from the meeting we had last week."
- Old Action Items
- Introduction of Joe Brockmeier
- Discussing the Code of Conduct
- Status Questions
- Harmonize system artwork
- Sync packages between build service and factory. Issues:
- there are concerns with syncing build service to factory
- autobuild team has no time to review the changes for security relevance
- Someone must to do a review, the Novell maintainer is responsible for that
- We can't do automatic submissions from build service, review is required
- We need to define a workflow for the review
- Build service package need to reviewed as if they come from an independent 3rd party source
- How to handle branding of the distribution
- Forbid host specific %post scripts - need to make it official
- make the system easier strippable - e.g. remove languages and split out documentation to make it easier to group packages
- "The eighth Free and Open source Software Developers' European Meeting (commonly known as FOSDEM) takes place during the last week-end (23&24) of February 2008 in the city of Brussels, Belgium. It's an annual 2-day event hosting talks, tutorials, and booth for the free software/open source community. It is organized by volunteers at the Université Libre de Bruxelles in Belgium. Access to all parts of FOSDEM is free of charge (but donations and sponsors are welcome to help fund the event)."
What? See KDE/Meetings.
Specific topics include:
- old action items / status report
- KDE:KDE4:STABLE:Community "default" pattern? (dirk)
- other stuff mentioned on above page until then
- [2 mins] Introduction (jpr)
- [2 mins] Factory testing (news, issues, concerns) (sreeves, maw)
- [5 mins] 10.3 Update (sreeves)
- [15 mins] 11.0 Development Update (hpj)
- [5 mins] Patch Upstreaming (rodrigo)
- [10 mins] Q&A - Developer
To view the security announcements in full, or to receive them as soon as they're released, refer to the openSUSE Security Announce mailing list.
The Linux kernel contained various security problems for which we released updates.
1.) Solved Security Vulnerabilities:
- SUN Java 1.5 and 1.6 update
- nss_ldap incorrect data
- cairo integer overflows in PNG decoder
- geronimo start script problems
- moodle XSS problems
- SDL_image GIF problems
- python imageop integer overflow
- Mysql security problems
- NX also affected by X.org security problems
- xemacs commandline buffer overflow
2.) Pending Vulnerabilities, Solutions, and Work-Arounds:
- None listed this week.
3.) Authenticity Verification and Additional Information
- "As you are undoubtly aware a new local root exploit has been discovered on the weekend and reported to a wide audience. A local privilege escalation was found in the vmsplice_pipe system call, which could be used by local attackers to gain root access."
In the Press
"Speaking at the annual linux.conf.au Linux and open source conference in Melbourne, Australia, Stuart Cunningham from BBC research, said copying digital tapes was a slow process as it must be done in real-time.
"The key to solving digital tape problem is with standards-based files in the MXF (material exchange format) as you can store more in less space," Cunningham said.
To solve this problem, the BBC Research team developed Ingex for tapeless TV production using Linux... OpenSUSE Linux is the operating system."
DistroWatch covers the news of our new community manager, Joe, and also takes a brief look at the KDE 4 changes in openSUSE's latest 11.0 Alpha 2 release.
Numbers in brackets show the changes compared to the previous week.
The Build Service now hosts 1908 (+41) projects, 33798 (+57) packages, 4464 (+62) repositories by 4196 (+126) confirmed users.
The numbers for all openSUSE project products are this week:
- All Open Reports: 3645 (+158)
- Blocker: 25 (+8)
- Critical: 167 (+11)
- Major: 524 (+24)
- Normal: 2069 (+92)
- Minor: 296 (+17)
- Enhancements: 564 (+6)
The top 10 translation teams with the most translated strings of trunk:
- Japanese (ja): 30838 / 99%
- Portuguese Brazilian (pt_BR): 30598 / 99% (1 rank up)
- Hungarian (hu): 30697 / 98% (1 rank down)
- German (de): 29894 / 96%
- French (fr): 29890 / 96% (2 ranks up)
- Portuguese (pt): 29865 / 96% (1 rank down)
- Italian (it): 29827 / 96% (1 rank down)
- Finnish (fi): 29812 / 96%
- Dutch (nl): 29763 / 96%
- Russian (ru): 29737 / 96%
Feedback / Communicate / Get Involved
Got any comments on any of the things mentioned in this article? Then head right over to the news.openSUSE.org story comment section and let us know! To communicate and get help from the wider openSUSE community -- via IRC, forums, or mailing lists -- see Communicate.
You can subscribe to the openSUSE Weekly News RSS feed at http://news.opensuse.org/?feed=rss2&cat=18