Ubuntu Traffic #22 -- 2005/01/21

Benj. Mako Hill mako at canonical.com
Mon Feb 14 00:57:10 CST 2005


Greetings,

Ubuntu Traffic is a newsletter summarizing the goings-on in the Ubuntu
community -- focusing on IRC and mailing list activity.

I'm getting close to catching up on Ubuntu Traffic. This traffic
covers the third week of 2005.  It is attached to this mail and online
here:

  http://people.ubuntulinux.org/~mako/ubuntu-traffic/u20050121_22.html

Thanks once again to everyone who pointed things out to me. Please
keep it up!

Regards,
Mako


-- 
Benjamin Mako Hill
mako at canonical.com
-------------- next part --------------
                       Ubuntu Traffic #22 For 2005/01/21

                             By Benjamin Mako Hill

Table Of Contents

  ? Standard Format
  ? Text Format
  ? XML Source
  ? Introduction
  ? Mailing List Stats For This Week
  ? Threads Covered

    1.  2005/01/10?-?2005/01/  (6 posts)   Python Minimal Test Suite
        18
    2.  2005/01/11?-?2005/01/  (11 posts)  Live CD Update
        15
    3.  2005/01/11?-?2005/01/  (5 posts)   Yelp and Documentation Target
        17                                 Formats
    4.  2005/01/15?-?2005/01/  (3 posts)   Rsyncable Live CDs
        16
    5.  2005/01/15?-?2005/01/  (24 posts)  Live CD Autoconfiguration
        20
    6.  2005/01/17?-?2005/01/  (27 posts)  OpenOffice 2.0
        20
    7.  2005/01/18?-?2005/01/  (8 posts)   New Planet Ubuntu
        19
    8.  2005/01/18?-?2005/01/  (2 posts)   Ubuntu Website Look and Feel Contest
        19
    9.  2005/01/20             (2 posts)   Array CD 3
    10. 2005/01/05?-?2005/01/  (117 posts) Documentation Team Happenings
        21
    11. 2005/01/18?-?2005/01/  (7 posts)   Ubuntu Security Notifications
        20

Introduction

Welcome to the twenty-second edition of Ubuntu Traffic. This issue covers the
third week of the new year: January 15 - 21, 2005. Ubuntu Traffic summarizes
the most important mailing list and IRC discussions involving the Ubuntu GNU/
Linux distribution.

Ubuntu Traffic can be found on the web at http://people.ubuntulinux.org/~mako/
ubuntu-traffic/. You can also receive in text form over email by signing up for
the Ubuntu News mailing list at http://lists.ubuntu.com/mailman/listinfo/
ubuntu-news. There is now an RSS feed for traffic available as well! You can
find information on turning that on at the Ubuntu Hompage (http://
people.ubuntulinux.org/~mako/ubuntu-traffic/) .

You can sign up for any of the mailing lists summarized here at http://
lists.ubuntu.com. You can also join the IRC discussion summarized here in #
ubuntu and other channels on the Freenode network: irc.freenode.net. Please
join in and maybe you will be featured in the next traffic!

First, the following bits and pieces didn't get a full story but are worth
mentioning:

  ? Patrick Volkerding has decided to drop GNOME from Slackware because "it's
    too hard [for one man] to build". During the discussion, he mentioned
    Ubuntu saying "GNOME heads: there's this thing called Ubuntu..."
  ? Jeff Waugh welcomed Jonathan Riddell to the Ubuntu team. Jonathan made his
    first upload on the 15th! Welcome!
  ? Matt Zimmerman mentioned that he is getting more and more interested in Xen
    on Ubuntu and asked folks if it was a project that people might be
    interested in working on.
  ? Eamonn Sullivan pointed folks to a nice writeup of Ubuntu on O'Reilly:
    http://www.oreillynet.com/pub/wlg/6240
  ? Tim Webster announced that he was interested in seeing GFS support of
    Ubuntu. Jeff Waugh replied saying that it wouldn't make it in for Hoary but
    that it's something that he would like to see.
  ? Eric Dunbar asked is Pine was available in any version of Ubuntu.
    Unfortunately, the answer is no because Pine is not free or open source and
    Ubuntu cannot support it.
  ? Baza asked about installing NVU on an Ubuntu box. His answer was just a URL
    from Chua Wen Kiat: http://ubuntuguide.org/#nvu Thanks Chua!

Mailing List Stats For This Week

We looked at 1318 posts in 5675K.

There were 427 different contributors. 203 posted more than once. 456 posted
last week too.

The top posters of the week were:

  ? 45 posts in 234K by Sean Wheller
  ? 38 posts in 144K by Matt Zimmerman
  ? 29 posts in 97K by Emil Oppeln-Bronikowski
  ? 28 posts in 132K by Enrico Zini
  ? 28 posts in 109K by Jeff Waugh
  ? Full Stats

?

1. Python Minimal Test Suite
2005/01/10?-?2005/01/18 (6 posts) Subject: "python-minimal test suite"
People: Matthias Klose,?Matt Zimmerman

Part of making Python essential (a technical distinction) in Ubuntu is the
creation of a python-minimal package with only the most essential pieces of the
Python library. In previous traffics, we've discussed how we chose the
essential bits. Things became a little problematic when it came time to run a
test suite. Matthias, who is doing the essential python work, wrote to the
devel list asking for advice:

    The idea for an extra test run with only the modules available from
    python-minimal came up during the last developer meeting.

      ? The current check for missing modules in python-minimal is already
        done, and the build breaks if the list of modules isn't complete.

      ? The separate test suite run for the python-minimal modules works, but
        the test cases and test suite need more modules than are contained in
        python minimal. The approach taken is to modify each test case to
        import the needed modules:

        import sys
        sys.path.append(<path with all modules>)
        import <module not in -minimal>
        sys.path.append(<path with all modules>)
        del sys

    After a test run, the imported modules have to be removed from sys.modules.
    Unfortunately unloading the modules doesn't work for every module, so you
    end up with test cases in the test suite, where an import succeeds, because
    the module is already imported, but not in sys.path (anymore).

    The approach to patch all tests works, but seems to be a maintenance
    burden. There are however some results: time.strptime is currently unusable
    in -minimal. The C extension imports the _strptime module, depending on
    gettext, locale and _locale, copy, calendar. Having locale imported and
    referring to encodings, we will end up including these in -minimal as well.
    What to do?

     1. Include all the referenced modules (150k).
     2. Write a time.strptime, based on the C implementation, handling the same
        as the Python implementation does.
     3. Document it and leave it unimplemented.

    First solution can be taken by adding the modules, but increases the size
    of -minimal, second solution maybe adds some incompatibilities, when the
    complete module set is not available. Third thing could be a solution, if
    it's documented somewhere.

    For the test of -minimal it should be sufficient to specify a list of tests
    from the complete testsuite, which have to pass or else the build of the
    package will fail.

    Another outcome: copy and operator are used very often in the testsuite, so
    maybe add them to -minimal as well.

Later in the thread, Matt Zimmerman replied to Matthias Klose saying, "it is
necessary that we ensure that python-minimal is functional without full python.
The obvious way to do this would be to use the test suite provided by upstream,
and run the tests for the modules in python-minimal. However, to ensure that
there are not dependencies on modules outside of python-minimal, it would be
necessary to run the test suite with only the python-minimal modules (no?)."

?

2. Live CD Update
2005/01/11?-?2005/01/15 (11 posts) Subject: "Live CD update (i386, amd64,
powerpc)"
People: Matt Zimmerman,?Tony,?Oliver Grawert,?Jeff Waugh

Matt Zimmerman announced new Live CDs available for testing:

    New live CDs for i386, amd64 and powerpc are available here:

      ? http://cdimage.ubuntu.com/daily-live/current/
      ? rsync://cdimage.ubuntu.com/cdimage/daily-live/current/

    For some reason, network interface detection is failing at the moment, but
    this is the first time that the live CD is working on all three
    architectures, so I thought it would be worth an announcement for those who
    would like to try it out.

    More information here: http://www.ubuntulinux.org/wiki/LiveCD (toward the
    end)

Danilo Piazzalu asked about the ability of getting jidgo files to build the
Live CD but Matt replied saying, "I'm not sure how generic jigdo is, but the
live CD isn't composed of many smaller files, much less .deb files, so I'm not
sure that this can work. We are investigating ways to make the image more
rsyncable, though."

In testing the Live CD, some people were concerned when they saw what they
thought was the installer. Tony said, "I tried booting the 0.9.3b1 Gnoppix CD
for PPC this evening. I got the ISO from the distrowatch.com link. When booting
the CD, It appeared to start the installation process and not be a Live CD. Can
anyone explain if this is a Live CD or an install disk? Did I try booting the
disk incorrectly?" Oliver Grawert allayed Tony's fears saying, "thats
absolutely OK, the new live CDs are all using the detection routines from the
installer and since this is a beta version this fact isn't hidden yet :)"

Jeff Waugh gave more information saying, "The new Live CD uses the installer
infrastructure, and looks a little bit too much like it at the moment. But it
never gets to the partitioning question, it preps and boots the Live CD image
after initializing the network."

?

3. Yelp and Documentation Target Formats
2005/01/11?-?2005/01/17 (5 posts) Subject: "[RFC] Online Help Systems"
People: Sean Wheller,?Enrico Zini,?John Levin

Sean Wheller also posted an RFC printing up the issue of online help systems:

    As we all know many people are targeting yelp/scrollkeeper as technologies
    by which users will be able to access the Ubuntu Documents. This is fine
    for now since Ubuntu currently only ships a GNOME Desktop. However, I doubt
    it will always remain this way and wish to warn against lock-in to the
    GNOME Help system.

    In evaluating ways to do things under yelp/scrollkeeper I have found a
    number of problems that IMO are cause for concern.

     1. Limited support for some very powerful DocBook features. For example:
        Glossary, Bibliography, Index, Profiling.
     2. Limited ability to brand and customize help features.
     3. Poorly formatted display of xrefs, a key cross-reference mechanism.
     4. Implementation of external cross references using ghelp:fooapp is
        incompatible with HTML and FO outputs.

    My concern with these issues is point-to-point:

     1. The unsupported features limit our ability to produce comprehensive
        works and to publish them in both electronic and print formats. To do
        so we would need to perform an extensive amount of pre-processing prior
        to transformation to presentational targets.
     2. As far as I can see, other than adding a logo here an there, there is
        not a great deal of flexibility to customize yelps output.
     3. A small problem that could probably be fixed in the short-term is that
        yelp does not render xrefs properly.
     4. The method used for implementation of cross document references in
        GNOME requires a combination of Yelp+ScrollKeeper. When calling an
        external resource the attribute value supplied is something like this
        url="ghelp:fooapp". naturally this does not work except under yelp and
        scrollkeeper. So any target presentational formats would contain broken
        links.

    In view of these problems and the high probability that Ubuntu will support
    other desktops, I would like to refrain from using anything that causes
    lock-in to GNOME. Please note, I am not saying we don't support GNOME. I am
    saying that the docs must run across desktops, GNOME included.

    Having said all this, I would therefore like to motion that we target
    chunked HTML/XHTML as the target format of choice for Ubuntu Documents. The
    advantages are as follows:

     1. Ability to use all DocBook features without regard to platform or user
        agent technologies.
     2. Ability to customize as much as we need or desire.
     3. Portability across desktops.
     4. Flexibility in deployment under Web based applications (locahost or
        central server)
     5. Reduced technology lock-in.

Enrico responded saying, "Since KDE/etc is not on the radar for Hoary, I think
it makes sense to delay this discussion to at least after the Hoary release."

John Levin disagreed saying, "First, people are already using other window
managers (see the ubuntu on small ram threads on ubuntu-user). Second, going
from release to release, from hoary to bendy or whatever, just puts off medium
and long term considerations Third, there is no reason for discussion to delay
immediate tasks - it can help sharpen and focus those tasks."

?

4. Rsyncable Live CDs
2005/01/15?-?2005/01/16 (3 posts) Subject: "Rsyncable LiveCD overview"
People: Paul Sladen,?Scott James Remnant

Paul Sladen posted a long message thinking about some of the ways that the Live
CDs are currently made and the ways this could be improved to increase the
rsyncability of CDs:

    This morning somebody pointed out that a small change (kernel rev) on the
    Ubuntu LiveCD images was producing a major churn and resulting in rsync
    needing to fetch down 175MB (nearly a third of the image).

    aaaabbbbccccdd|   |ddeeeeffffgggg   <--- old image
                 /     \
    aaaabbbbcccc|NEWDATA|eeeeffffgggg   <--- new image

    Even when new information is added to a file, rsync has the magic and
    intelligence to look backwards and forwards through the old file to see it
    can find a match and avoid any re-downloading. In the example above, rsync
    copies slightly less of the first half, inserts the NEWDATA, skips a bit
    and finds a match in the second half. Rsyncing uncompressed files works
    great.

    However, in the case of the Ubuntu Live CD, 95% of the disk is actually a
    single huge file which is itself compressed (this is what is mounted using
    the kernel 'cloop' driver. For reference 'cloop' is read-only).

    aaaabbbbccccddddeeeeffffgggg      <--- old image data
    A4(^4)*6                          <--- old image compressed
    |----|
    A4(^4)*3NEWDATAE4^4^4             <--- new image compressed
    aaaabbbbccccNEWDATAeeeeffffgggg   <--- new image data

    What you can here is that whilst the actual images (old+new) are not much
    different (only the 'NEWDATA' would need copying), in fact the compressed
    versions are vastly different and after the first 6 bytes there is no
    apparent correlation at all.

    So one solution that would work is to rsync an /uncompressed/ version of
    the 'big file' on the Live CD. This could potentially be done by using a
    loop driver at each end of the rsync. The second is to ensure that the
    image that is produced does not suffer like the example above.

    aaaabbbbccccddddeeeeffffgggg      <--- old image data
    A4^4^4^4^     4^4^4               <--- old image compressed (ignore spaces)
    |----|        |---|
    A4^4^4NEWDATAE4^4^4               <--- new image compressed
    aaaabbbbccccNEWDATAeeeeffffgggg   <--- new image data

    Here, the decompresser has not changed at all, but the compressor has been
    told to synchronize the stream every 4 input bytes. This has made a larger
    compressed version (about 0.07% larger in the real-world), but rsync can
    now see matches before and after the New Data in the middle.

    This idea is already built into 'gzip' and can be enabled with the
    '--rsyncable' argument. In Ubuntu and Debian, all the '.deb's are built
    this way to reduce rsync-traffic. The install CD ISO images are built by
    Jigdo by concatenating (connecting together) all these '.deb's and adding
    the filesystem magic around them. This is why the install CD syncs fine
    between revisions.

    The gzip 'deflate' algorithm is used all over the place and the library
    'zlib' that does the actual work has spread further than gzip; it's used by
    PNG, compressed webpages and in the kernel for PPP, compressing the boot
    kernel and by 'cloop'---the compressed loopback driver that handles the
    Live CD filesystem. (Gzip is compiled with it's own copy of 'deflate.c' and
    is not linked against the shared zlib library).

    Since there are no changes to the decompresser, only zlib itself needs
    patching for the compression stage (and only the copy linked to the cloop
    tools); the 'create_compressed_fs' command in 'cloop-utils' can then use
    this without any modifications. Matt added that the compressor in use for
    Ubuntu images is really the newer 'advfs' installed with a different name.

    A Hungarian distribution hit something similar (with apt-rsync) a couple of
    years ago, ported the original '--rsyncable' patch and added a simple hack
    to test an environment variable to transparently enable the sychronisation
    code without the application needing to know or be recompiled: http://
    lists.debian.org/debian-devel/2003/07/msg00462.html

    Patches 2a, 2b & 3 are the patches to pull in, the last of which is the
    environment variable patch, but I'm not sure if that would get accepted
    upstream, whereas adding an extra flag to the 'level' parameter of zlib's
    compress2() might be more palatable.

    Lamont says he's going to try and work on it (I guess not having broadband
    is a motivator!)

Both Matt Zimmerman and Scott James Remnant corrected part of this which was
not quite true. Scott James Remnant said:

    This is untrue, .deb files are not rsyncable and can change wildly between
    version-to-version.

    dpkg-deb does not call gzip, but is statically linked to zlib which does
    not support 'rsyncable' images. Colin and I actually talked about this only
    a week or so ago, and he filed a bug on the zlib Debian package to include
    support for rsyncable output.

?

5. Live CD Autoconfiguration
2005/01/15?-?2005/01/20 (24 posts) Subject: "Live CD X autoconfiguration"
People: Matt Zimmerman,?Matthew Garrett,?Colin Watson

In the third (and final) Live CD related topic of the week, Matt Zimmerman
posted a message to the list saying that the latest version of the Live CD will
now configuration the X xserver using the same tools that are used during the
installation process:

    Thanks to some new autodetection logic from Daniel Stone, inspiration from
    Joey Hess, and support from Colin Watson and LaMont Jones, the current crop
    of live CDs will now automatically configure the X server using the same
    tools used during the installation process.

    This consolidation makes it simpler for us to maintain this component,
    maximize our support for graphics hardware, and facilitate testing in the
    community. If the live CD detects your hardware correctly, there's an
    excellent chance that the installer will as well.

    This also makes the live CD a great way to get a preview of some of the new
    features available in the Hoary desktop, without changing your Warty
    system.

    Check it out here:

    http://cdimage.ubuntu.com/daily-live/current/

    Let us know how it works for you.

    Caveats:

      ? The amd64 CD suffers from a mismatch of kernel and modules; this should
        be fixed with the next daily build
      ? There is a known bug where some nVidia cards are configured with the
        UseFBDev option enabled, when it needs to be disabled. Daniel Stone is
        working on a fix for this.

A number of people lodged complaints with the vga16fb size which seems to get
things wrong. Matt Zimmerman replied saying, "According to Colin, there is
currently no reliable way around this. On some systems, it seems to just get it
wrong, and a boot parameter is needed to work around the problem."

Matthew Garrett said, "I think it's probably worth considering whether the
installer should attempt vesafb by default, and only fall back to vga16fb if
that fails." Colin Watson replied saying, "It does, but as we discussed vesafb
won't work unless you pass a vga=<blah> parameter, and if you pass that then
vesafb generally seems to succeed. Only on some hardware it might look like
rubbish."

There were some disagreement as any solution seemed to look like rubbish on at
least some platforms.

?

6. OpenOffice 2.0
2005/01/17?-?2005/01/20 (27 posts) Subject: "OO.org 2.0?"
People: H. C. Brugmans,?Matt Zimmerman,?Jeff Waugh

Revisiting an older topic summarized in traffic before, H. C. Brugmans asked,
"Is there any chance at this moment that we'll see OpenOffice.org 2.0 in hoary?
" A large number of people echoed H.C.'s sentiment. Matt Zimmerman replied
immediately saying, "Sooner than you might think. ;-)"

When pressed for information on this, Jeff Waugh chimed in saying, "http://
lists.ubuntu.com/archives/hoary-changes/2005-January/001756.html" The OO.o2
packages should be available for testing now.

Matt Zimmerman revealed this and gave advice for people with similar questions
in the future saying, "If you were to look at the DeveloperResources page in
the wiki, you would find resources which would let you see for yourself where
this stands. The packages are in the process of being added to hoary right
now."

?

7. New Planet Ubuntu
2005/01/18?-?2005/01/19 (8 posts) Subject: "New Planet Ubuntu in effect!"
People: Jeff Waugh,?Colin Bell

Jeff Waugh posted a message to the sounder list announcing that he'd just
redone a good chunk of Planet Ubuntu (http://planet.ubuntu.com) saying:

    The new Planet Ubuntu is ready to rock!

      ? http://planet.ubuntu.com/

    It now aggregates member and developer feeds, and includes a cool aggregate
    of various important Ubuntu news feeds (which you can subscribe to with RSS
    and OPML). This ends up being more useful than the news feed on the website
    (which is one of the sources it aggregates) so we'll work on putting it up
    there, too.

    If there are any bugs or problems with it, let me know. Probably best to
    reply on this thread. :-)

Colin Bell pointed out RSS feeds here:

      ? http://planet.ubuntu.com/rss2.0.xml
      ? http://planet.ubuntu.com/rss1.0.xml

I'll take this opportunity to apologize in advance for my own contributions to
that forum. Unless of course you like them, in which case, feel free to shower
gifts on me. ;)

?

8. Ubuntu Website Look and Feel Contest
2005/01/18?-?2005/01/19 (2 posts) Subject: "Ubuntu Website Look'n'Feel Contest"
People: Jeff Waugh

Jeff Waugh announced a contest to replace the Ubuntu website. Sorry this
traffic didn't make it out until after the deadline had past (it was a short
deadline). For those that don't win or who couldn't enter, it's worth nothing
to that there are certainly other community and LoCo websites that might be
interested in borrowing good web developers skills for ubuntu related projects.
The announcement read:

    Today we are announcing the most exciting competition since Willy Wonka put
    heavy metal in chocolate bars and purged rude children with coloured sugar.

    No, we're not giving away gold tickets for a trip to the ISS, although that
    would be cool... We're giving YOU the chance to give www.ubuntu.com a total
    look'n'feel makeover, so it can be the most attractive and usable project
    website EVER!

    Canonical is sponsoring the competition, offering a US$1000 first prize for
    the winning design!

    Competition Guidelines

      ? Goal: We're looking for a fantastic, new look'n'feel for the current
        www.ubuntu.com site, which is based on Plone 2.
      ? Entries do not have to be completed Plone skins! You may send mockup
        images, html+image samples, or if you really want to, an example Plone
        skin. They will all be judged equally - we're looking for an innovative
        look'n'feel more than ability to create Plone skins. :-)
      ? Designs should cover as many Plone widgets and structural elements as
        possible, so we know how to apply it to a complete skin. See the first
        documentation link below for more about this.
      ? Entries must be entirely your own work, or based on clearly licensed,
        credited, DFSG compatible works. The final website look'n'feel may be
        based on a combination of entries.
      ? Entries must include the Ubuntu logo. :-)
      ? Send your entry to jeff.waugh+webcomp at ubuntu.com (
        mailto:jeff.waugh+webcomp at ubuntu.com) or simply reply to this mail.
      ? Entries close on January 31st, 2005.
      ? sabdfl's judgement of the competition is final, even if he polls the
        community for input. :-)

    Documentation and Resources

    Here's some documentation and inspiration to get you started with Plone
    themes...

      ? http://plone.org/documentation-old/howto/CreatingACustomSkin
      ? http://plone.org/documentation/howto/creating-custom-skins (Plone 2)
      ? http://plone.org/development/teams/ui/p2uicookbook/ (Plone 2)
      ? http://www.ploneskins.org/ (for inspiration, mostly Plone 2)

?

9. Array CD 3
2005/01/20 (2 posts) Subject: "Array CD 3"
People: Colin Watson

Colin Watson posted to the users list to announce the release of the third
testing CD for Hoary Hedgehog:

    Array CD 3 is ready. This is the third in a series of milestone CD images,
    released when they're known to be reasonably free of showstopper CD-build
    or installer bugs, while representing very current snapshots of Hoary. You
    can download it here:

      ? http://cdimage.ubuntu.com/releases/hoary/array-3/
      ? rsync://cdimage.ubuntu.com/cdimage/releases/hoary/array-3/

    See http://www.ubuntu.com/wiki/Archive for access instructions. I recommend
    rsync if possible, as you can then download future images based on this one
    to save bandwidth.

    Pre-release versions of Hoary are not encouraged for anyone needing a
    stable system or anyone who is not comfortable running into occasional
    breakage. They are recommended for Ubuntu developers and those who want to
    help in testing, reporting, and fixing bugs.

    Some notable installer improvements and bug-fixes in this release:

      ? End-to-end secure netboot installation: all our Release files are
        signed using the archive signing key (1024D/437D05B5) or the CD image
        key (1024D/FBB75451), and the installer verifies these signatures at
        each step. (The netboot kernel and initrd themselves are contained in
        the CD images, which are accompanied by MD5SUMS and MD5SUMS.gpg files).
      ? Timezone and username/password questions moved to the first stage. The
        question about installing packages from the network remains in the
        second stage for now, but will eventually be moved as well.
      ? Rudimentary rescue mode added: boot with the 'rescue/enable=true'
        parameter to use it. Its UI still needs significant polishing work.
      ? Default debconf priority dropped from critical to high, and several
        questions adjusted; this fixes some automatic installation scenarios,
        makes it easier to merge changes back and forward with Debian, and
        makes it possible to share code between the first and second stages.
      ? Example sources.list lines for security/universe fixed.
      ? Support for Smart Boot Manager should work better now, although I
        haven't tested it personally.
      ? Size requirement for a USB drive used to boot the installer reduced to
        8 megabytes.
      ? Fixed installation on large filesystems with long device names (#4875).
      ? Much improved and more flexible kernel selection logic.
      ? Fixed default hostname when network configuration is skipped in first
        stage (#2844).
      ? Fix part of Array CD 2 erratum: the framebuffer should now reliably be
        loaded.
      ? Several fixes to the ia64 installer; much work remains to be done.

    Known installer issues:

      ? On my amd64 system, grub enters an infinite loop trying to load stage
        1.5. I've never seen this before, and suspect hardware problems, but if
        it affects other people too I'd like to know about it.

    If you're interested in following changes as we further develop Hoary, have
    a look at the hoary-changes list: http://lists.ubuntu.com/mailman/listinfo/
    hoary-changes

    Bug reports should go here: https://bugzilla.ubuntu.com/

?

10. Documentation Team Happenings
2005/01/05?-?2005/01/21 (117 posts) Subject: "[RFC] Documentation Web site L1"
People: Sean Wheller,?Alexander Poslavsky,?Enrico Zini

The documentation team had another active week. What follows are just the
highlights.

Sean Wheller posted a number of RFC (Request for Comment) calls onto the
documentation team mailing list. His first message was proposing an easier to
navigate infrastructure for the documentation team web site:

    This request for comment is the start of a proposal to define a flexible
    and easy to navigate infrastructure for the Documentation Team Web site.

    The core of my proposal is centered on the first page of the Documentation
    Team https://www.ubuntulinux.org/community/teams/documentation and on
    addressing the information requirements of its users (audience).

Alexander Poslavsky responded saying, "I like it, we need to reorganise our
docs. I for one haven't looked at the wiki for quite a while, and I think that
a lot of stuff is out of date by now.Why don't we make it in the wiki as a
subpage of Sean Wheller and then move it up when we are satisfied. "

In the good news department, Enrico Zini announced that the HTML documentation
is being autobuilt and is semi-automatically being put online. Enrico said:

    An old tarball of our HTML-rendered documentation is online at: http://
    people.ubuntulinux.org/~mako/docteam/

    This is an old tarball, and the upload is done by hand with me generating
    the tarball and sending it to Mako who then puts it there.

    Next step is making a nice alias for that page (docteam.ubuntu.com is the
    first proposal, which could also be the one that stays unless someone has
    further input).

    Then I'll try to see with Mako how to automate that.

    In the meantime, me and Mako will keep those pages updated by hand every
    now and then.

In a series of follow-up messages, Benjamin Mako Hill and Enrico organized to
automate this process a bit so Mako simply gets a mail and then runs a scripts
to install the new tarball.

?

11. Ubuntu Security Notifications
2005/01/18?-?2005/01/20 (7 posts) Subject: "[many]"

Martin Pitt posted another weeks worth of Ubuntu Security Notification to the
list notifying folks of another rash of bugs and pointing to their fixes. These
included the following:

vim vulnerabilities

Ubuntu Security Notice USN-61-1 (CAN-2005-0069)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages Are:

  ? kvim
  ? vim
  ? vim-gnome
  ? vim-gtk
  ? vim-lesstif
  ? vim-perl
  ? vim-python
  ? vim-tcl

Fix: The problem can be corrected by upgrading the affected package to version
1:6.3-025+1ubuntu2.2. In general, a standard system upgrade is sufficient to
effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/
2005-January/000063.html

imagemagick vulnerability

Ubuntu Security Notice USN-62-1 (CAN-2005-0005)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages Are:

  ? imagemagick
  ? libmagick6

Fix: The problem can be corrected by upgrading the affected package to version
5:6.0.2.5-1ubuntu1.3. In general, a standard system upgrade is sufficient to
effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/
2005-January/000064.html

mysql-dfsg vulnerability

Ubuntu Security Notice USN-63-1 (CAN-2005-0004)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages Are: mysql-client

Fix: The problem can be corrected by upgrading the affected package to version
4.0.20-2ubuntu1.2. In general, a standard system upgrade is sufficient to
effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/
2005-January/000065.html

xpdf, cupsys vulnerabilities

Ubuntu Security Notice USN-64-1 (CAN-2005-0064)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages Are:

  ? cupsys
  ? libcupsimage2
  ? libcupsys2-gnutls10
  ? xpdf-reader
  ? xpdf-utils

Fix: The problem can be corrected by upgrading the affected package to version
1.1.20final+cvs20040330-4ubuntu16.4 (cupsys, libcupsimage2, and
libcupsys2-gnutls10) and 3.00-8ubuntu1.4 (xpdf-reader and xpdf-utils). In
general, a standard system upgrade is sufficient to effect the necessary
changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/
2005-January/000066.html

apache vulnerabilities

Ubuntu Security Notice USN-65-1 (http://bugs.debian.org/290974)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages Are: apache-utils

Fix: The problem can be corrected by upgrading the affected package to version
1.3.31-6ubuntu0.4. In general, a standard system upgrade is sufficient to
effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/
2005-January/000067.html

php4 vulnerabilities

Ubuntu Security Notice USN-66-1 (more info (http://www.securitytracker.com/
alerts/2004/Oct/1011984.html) )

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages Are:

  ? libapache2-mod-php4
  ? php4-cgi
  ? php4-curl

Fix: The problem can be corrected by upgrading the affected package to version
4:4.3.8-3ubuntu7.3. In general, a standard system upgrade is sufficient to
effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/
2005-January/000068.html

squid vulnerabilities

Ubuntu Security Notice USN-67-1 (CAN-2005-0094, CAN-2005-0095, CAN-2005-0096,
CAN-2005-0097)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages Are: squid

Fix: The problem can be corrected by upgrading the affected package to version
2.5.5-6ubuntu0.3. In general, a standard system upgrade is sufficient to effect
the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/
2005-January/000069.html

?

?

?

?

?

?

                       We Hope You Enjoy Ubuntu Traffic
                                       ?

Ubuntu Traffic is created and produced by Canonical Ltd. All pages are
copyright Canonical.



More information about the ubuntu-news mailing list