Ubuntu Traffic #17 -- 2004/12/17

Benj. Mako Hill mako at canonical.com
Tue Jan 25 22:13:31 CST 2005


Ubuntu Traffic is a newsletter summarizing the goings-on in the Ubuntu
community -- focusing on IRC and mailing list activity.

I'm still catching up on Ubuntu Traffic after the conference in
Mataró. This issues covers the second week of the conference.  It is
attached to this mail and online here:


Thanks again to everyone who pointed things out to me. Please keep it


Benjamin Mako Hill
mako at canonical.com
-------------- next part --------------
                       Ubuntu Traffic #17 For 2004/12/17

                             By Benjamin Mako Hill

Table Of Contents

  • Standard Format
  • Text Format
  • XML Source
  • Introduction
  • Mailing List Stats For This Week
  • Threads Covered

    1.  2004/12/13Â -Â 2004/12/17 (0 posts)  Ubuntu Conference (Week 2)
    2.  2004/12/03Â -Â 2004/12/21 (73 posts) Ubuntu Documentation Team Happenings
    3.  2004/12/13              (8 posts)  Testing Language Packs
    4.  2004/12/10Â -Â 2004/12/15 (5 posts)  Multisync Packages
    5.  2004/12/14              (0 posts)  Managing Branding Changes (BOF)
    6.  2004/12/15              (1 post)   Array CD 2
    7.  2004/12/15              (0 posts)  Accessibility BOF
    8.  2004/12/15              (0 posts)  Security BOF
    9.  2004/12/16              (0 posts)  Python In Essential (BOF)
    10. 2004/12/17              (0 posts)  Announcing Rosetta
    11. 2004/12/14Â -Â 2004/12/17 (4 posts)  Ubuntu Security Notifications


Welcome to the seventeenth edition of Ubuntu Traffic. This issue covers the
week of December 11 - December 17, 2004. Ubuntu Traffic summarizes the most
important mailing list and IRC discussions involving the Ubuntu GNU/Linux

Ubuntu Traffic can be found on the web at http://people.ubuntulinux.org/~mako/
ubuntu-traffic/. You can also receive in text form over email by signing up for
the Ubuntu News mailing list at http://lists.ubuntu.com/mailman/listinfo/
ubuntu-news. There is now an RSS feed for traffic available as well! You can
find information on turning that on at the Ubuntu Traffic Homepage (http://
people.ubuntulinux.org/~mako/ubuntu-traffic/) .

You can sign up for any of the mailing lists summarized here at http://
lists.ubuntu.com. You can also join the IRC discussion summarized here in #
ubuntu and other channels on the Freenode network: irc.freenode.net. Please
join in and maybe you will be featured in the next traffic!

First, the following bits and pieces didn't get a full story but are worth

  • Paul Sladen announced that he'd done some graphing of the posting
    statistics to sounder/-devel/-user for the period between the current
    Ubuntu Conference and the previous one held at Oxford during August. The
    graphic is great and it's available here: http://www.paul.sladen.org/ubuntu
  • Lex Hider pointed to a great new wiki page that answers the questions: "How
    do I make audio CDs?" and "When & how will Ubuntu support the easy creation
    of audio CDs?" The page is here: http://www.ubuntulinux.org/wiki/
  • Ingo Lantschner pointed folks to a HOWTO on running Ubuntu on machines
    without a lot of RAM: http://www.binonabiso.com/en/

Mailing List Stats For This Week

We looked at 1243 posts in 5466K.

There were 361 different contributors. 200 posted more than once. 172 posted
last week too.

The top posters of the week were:

  • 76 posts in 314K by Vincent Trouilliez
  • 35 posts in 147K by Matt Zimmerman
  • 34 posts in 153K by Jeff Waugh
  • 33 posts in 159K by Eric Dunbar
  • 30 posts in 118K by Chuck Vose
  • Full Stats


1. Ubuntu Conference (Week 2) Megathread
2004/12/13Â -Â 2004/12/17 (0 posts) Subject: "[many]"

As I mentioned in the introduction, I've highlighted a few BOFs which I thought
were the most essential and put them in full stories below. The rest are
described here. Please read the notes on the wiki where they are available if
you're interested (the links are in there).

LiveCD Design

Lead by:
    Andreas Mueller
    Andreas Mueller walked the team through some of the benefits and drawbacks
    of the old Live CD system and showed off the proposal for the new design of
    the Live CD that will be used in Hoary.

Encrypted Storage

Lead by:
    Martin Pitt

    Martin Pitt described the use of encrypted storage for the following goals
    and use cases:

      â–¡ encrypted USB keys (storing GPG keys, secure exchange of documents)
      â–¡ encrypted home/tmp/swap partitions on laptops (theft)
      â–¡ pure offline-protection

    He went into depth on each of these solutions.


Bootstrapping a New Architecture

Lead by:
    LaMont Jones
    LaMont Jones went over the status of different supported architectures for
    Hoary. He also provided an overview of the steps for bootstrapping
    architectures which he also posted online (http://www.ubuntulinux.org/wiki/
    ArchitectureBootstrapping) .

Supporting ISDN

Lead by:
    Martin Pitt and Matthias Klose
    Martin Pitt and Matthias Klose laid out problems and strategies for dealing
    with ISDN. They talked about the problems with support in Warty and the
    ways that they have been able to fix this in Hoary.

Graphical Installer

Lead by:
    Colin Watson
    This BOF talked about the steps needed to create a graphical installer. It
    outlines the realistic steps that will need to be taken in order to make
    such an installer happen.

Supermirror BOF

Lead by:
    James Blackwell
    James Blackwell talked about the supermirror project which is aiming to
    mirror as many tla and baz archives as possible and theb make them all
    available. It also talked about why Canonical is getting involved in this
    project and how we can all benefit.

Automated Testing

Lead by:
    Matt Zimmerman
    One shared future goal of Ubuntu and the Launchpad system that is being
    built by Canonical is automated testing in one form or another. This BOF
    talked about the types of automated testing that will be useful, how we can
    look at different types of tests and much more.

Python 2.4

Lead by:
    Anthony Baxter and Matthias Klose

    This BOF was a conversation between Python upstream, represented by Anthony
    Baxter, and Ubuntu hackers. It asked:

      â–¡ What things from Python 2.4 (and beyond) will make Ubuntu's life
      â–¡ What things can Ubuntu do make the Python folks recommend Ubuntu?

Other BOFs

There were a handful of other BOFs that did not have notes available at the
time I wrote this. I've done my best to list those here. This list includes:

  • Baz Q&A BOF (http://www.ubuntulinux.org/wiki/BazQAndA) led by James
  • Shtoom VoIP BOF (http://www.ubuntulinux.org/wiki/ShtoomVoiceOverIP) led by
    Anthony Baxter

There is also notes and information from a number of sessions at the conference
that were not proper BOFs but that have notes anyway. These involve a few
events that were not really part of the conference but that ran alongside and
involved conference attendees. These included:

  • A series of talks at the BaDoPi LUG (http://www.ubuntulinux.org/wiki/
    LUGmeeting) organized by Miguel Trukulo. Talks were by Mark Shuttleworth,
    Jeff Waugh, Fabio Massimo Di Nitto, Daniel Stone, and Benjamin Mako Hill.
  • A special day press event run at a local "technocampus" called the Ubuntu
    Open Source Forum (http://www.ubuntulinux.org/wiki/UbuntuOpenSourceForum) .
    Speakers from Ubuntu included Mark Shuttleworth, Matt Zimmerman, Jeff
    Waugh, and Benjamin Mako Hill.

Additionally, the conference included a long day of workshops catering to
press, government and Spanish Debian variants. The event was called the Mataró
Sessions Workshops (http://www.ubuntulinux.org/wiki/MataroSessionsWorkshops) .
The talks (and the Canonical/Ubuntu person who facilitated each session jointly
with a Spanish participant from the community) included:

  • ManagingDerivedDistros (http://www.ubuntulinux.org/wiki/
    ManagingDerivedDistros) facilitated by Mark Shuttleworth
  • SupportingTranslations BOF (http://www.ubuntulinux.org/wiki/
    SupportingTranslations) facilitated by Steve Alexander
  • CollaborationAndConvergence BOF (http://www.ubuntulinux.org/wiki/
    CollaborationAndConvergence) facilitated by Benjamin Mako Hill

Finally, over the weekend, there was an unofficial pyGTK mega-BOF led by
Christian Robottom Reis and many of the other participants who have had a hand
in pyGTK.


2. Ubuntu Documentation Team Happenings
2004/12/03Â -Â 2004/12/21 (73 posts) Subject: "I think the book is aleady done
People: John Hornbeck, Chua Wen Kiat, Corey Burger, Enrico Zini, Christoph Haas

The Ubuntu Documentation Team mailing list clocked in another big week while
mostly focusing on two major topics.

The first was the unveiling of The Ubuntu Guide, the massive (and massively
hyperlinked) document by Chua Wen Kiat. The document is online at: http://

John Hornbeck pointed folks to it with a, "Has anyone seen this? That is
amazing. Who is this guy?" The author of the document came across the thread on
the Doc Team list and introduced himself. The team had talked a little bit
about the lack of Free licensing for the guide. Very responsive, Chua Wen Kiat
almost immediately released a new version under the GNU GPL. He also announced
that he was a bit overwhelmed saying:

    I am going to launch a club soon. And my team will be promoting and doing
    workshops with ubuntu to our members. The members are consist of students
    from colleges/universites. Currently 10 institutes had already signed up.
    We are expecting 5k members by march. The guide was written to assist the
    members to get knowledge from a one stop station. It was published on the
    web so that it can be shared across rather than just our members. We have
    already contacted canonical regarding this club.

    The guide is not completed yet. People are already contributing directly
    through email. I'm still workin on it. It will be the framework for a more
    detailed version for Hoary.

The second big topic was the Ubuntu Quickguide. The Quickguide was one of the
proposals that was put forward in the Hoary Documentation Goals BOF held at
Mataró and summarized in last week's traffic. There were a few issues raised in
relation to the new Quickguide project. Corey Burger asked:

    Currently, the quickguide is svn is different from that that plovs did a
    mockup here at the con. The fundamental difference is that mockup was by
    program and the current mockup is task based. I am kind of inclined to go
    with the taskbased one in the respository, as it seems to better for a

Enrico replied saying:

    I agree that a task-based guide would really be cool. However, an intro for
    applications would be very useful anyway, and in most cases it's missing.

    So, I propose that at the moment we stay with what we started, for the
    satisfaction of saying "DONE!" and the curiosity to see how it looks, and
    then, why not, give a try to the task-oriented one.

Christoph Haas clarified things by listing the two projects:

      â–¡ User's Guide: task-based
      â–¡ Nutshell: program-based


3. Testing Language Packs
2004/12/13 (8 posts) Subject: "Request for testing new libc6 for language
People: Martin Pitt, James Troup, Colin Watson

Martin Pitt announced:

    In the course of preparing language pack support for Ubuntu, I prepared a
    new glibc version which supports an alternative gettext tree in /usr/share/
    locale-langpack/ (in addition to the usual /usr/share/locale/) and uses
    whichever file is newer.

    If /usr/share/locale-langpack is not present, the new glibc should behave
    exactly as the old one. For testing I attached a mocked up coreutils.mo
    gettext file which contains the German translation of coreutils plus a
    modified string in the "head" help.

    I ask you to do the following:

     1. Install the new glibc:

        deb http://people.ubuntu.com/~pitti/langpack/  /
        deb-src http://people.ubuntu.com/~pitti/langpack/  /

     2. Check whether your system still works :-)

     3. Install the mock coreutils translation:

        wget http://people.ubuntu.com/~pitti/langpack/coreutils.mo
        sudo install -D coreutils.po /usr/share/locale-langpack/en_GB/LC_MESSAGES/coreutils.mo

     4. The following command should give the normal english head help:

        LANGUAGE=en_US head --help

        (basically any language other than en_GB should work normally)

     5. The following command should give German help with the changed string
        "If you can read this, the gettext file in /usr/share/locale-langpack
        is used and the new libintl works.":

        LANGUAGE=en_GB head --help

     6. You can play around with copying the new file also to /usr/share/locale
        /en_GB/LC_MESSAGES/coreutils.po (it does not exist yet), modifying it
        (using msgunfmt -- edit -- msgfmt), and touching them to make one file
        more recent than the other (which selects which one is actually used).

    Unless somebody reports a serious breakage (or gettext file selection does
    not work), I will upload this at Wednesday. Then we can start to upload
    language packs and rebuild the archive to not ship files in /usr/share/
    locale by default.

Martin Pitt followed up to himself to say, "I forgot to mention an important
detail: you must have these locales installed to make this work. Check with
locale -a to show all installed locales. If you don't have an en_GB/en_US
locale, you need to install them using sudo dpkg-reconfigure locales or install
the coreutils.mo file into a different language directory."

James Troup took issue with Martin Pitt's comment about rebuilding the archive
and protested that this was not possible saying, "but rebuilding the archive is
quite simply not an option. Even if you meant rebuilding hoary/main, that's
neither desirable nor sane. A large percentage of packages will naturally be
rebuilt between now and hoary release. If enough aren't and we're still short
on CD space, we should do targeted and selective rebuilding of packages,
ordered by how much space a rebuild would save us."

Colin Watson replied to say, "I understood Martin to mean manually uploading
various packages that need locale changes to modify what they spit out, rather
than an automatic archive rebuild. Even if I understood him wrongly, that's
what I think would be the sane option."

Martin Pitt replied again saying:

    Indeed; given the amount of synced packages from Debian and the current
    upload rate, there shouldn't be sooo much packages left at the end which
    still contain translations. To avoid apt/dpkg troubles, the remaining
    packages should be uploaded with a new version number at the end (but no
    other changes).

    I would vote against not rebuilding untouched packages, though. It's not
    only a matter of CD space, but also a matter of avoiding to download
    redundant data in debs.


4. Multisync Packages
2004/12/10Â -Â 2004/12/15 (5 posts) Subject: "Multisync packages ready for hoary"
People: Michael Banck

Michael Banck finished his Ubuntu Multisync packages (which have been given
passing mentions in traffic before) saying:

    I believe now would be a good time to have multisync in hoary/universe.

    Over the last days I have (i) NMU'd the Debian package to fix the
    outstanding crashers in the Evolution2 plugin and (ii) submitted a patch
    and got it applied in upstream's CVS which fixes building multisync with
    e-d-s 1.1.

    I have prepared hoary source packages with this minimal patch (the
    interdiff to the revision in unstable is attached), maybe somebody wants to
    upload those to universe. Otherwise, you could just wait until
    multisync-0.83 will be release (though there seems to be no ETA yet) and
    eventually tickle into unstable and finally universe.

    A signed source (there are binaries there as well) package is at

    deb-src http://people.debian.org/~mbanck/ubuntu-hoary/ ./

Matt Zimmerman said thanks and uploaded those packages into Hoary.


5. Managing Branding Changes (BOF)
2004/12/14 (0 posts) Subject: "ManagingBrandingChanges"
People: Jeff Waugh

BOF Notes:
Led by:
    Jeff Waugh

Branding is a Hoary+1 goal (it won't be done for Hoary) but it still warrented
some serious discussion because it's somewhere that Ubuntu is very serious
about going.

The bulk of the notes include:


      â–¡ brand any distro/derivate complettely

    What needs to be done:

      â–¡ exchange text, images in applications, configuration-files
      â–¡ documentation changes
      â–¡ code changes (d-i, vim)
      â–¡ infrastructure change (bugtracker, live-cd, install-cd,archive)


      â–¡ use Replace on hunderts of packages
      â–¡ use Divert on hunderts of packages
      â–¡ change hunderts of source packages (patch it or use hct with tagged
      â–¡ use gettext (and push the problem to rosetta)
      â–¡ make a general branding framework (make each package brandable and
        provide brand-packages)

    Proposed solution:

      â–¡ parameterized source packages change + buildd (dh_brand) and a
          ☆ variable include file replacement
      â–¡ have one $distro-branding and one $distro-artwork package


      â–¡ We'll get fuzzy translations because of the branding changes (rosetta
        needs to optimize for it)
      â–¡ Some dispute about what parts of the branding need to be done at
        runtime and what at buildtime

The BOF spent the second half talking about what needs to be changed and where
specific problem area for branding lie.


6. Array CD 2
2004/12/15 (1 post) Subject: "Array CD 2"
People: Colin Watson

Colin Watson announced a finished version of Array CD 2 saying:

    Array CD 2 is ready, live from the Ubuntu conference in Mataró, Spain. This
    is the second in a series of milestone CD images released once every two
    weeks or so (theoretically; this one is belated, for which I apologise), as
    images that are known to be reasonably free of showstopper CD-build or
    installer bugs, while representing very current snapshots of Hoary. You can
    download it here:

      â–¡ http://cdimage.ubuntulinux.org/releases/hoary/array-2/
      â–¡ rsync://cdimage.ubuntulinux.org/cdimage/releases/hoary/array-2/

    See http://www.ubuntulinux.org/wiki/Archive for access instructions. I
    recommend rsync if possible, as you can then download future images based
    on this one to save bandwidth.

    Pre-release versions of Hoary are not encouraged for anyone needing a
    stable system or anyone who is not comfortable running into occasional
    breakage. They are recommended for Ubuntu developers and those who want to
    help in testing, reporting, and fixing bugs.

    Some notable installer improvements and bug-fixes in this release:

      â–¡ The installer uses udev and hotplug rather than devfs and discover.
        This brings it into more or less the same hardware detection sphere as
        the installed system, which should result in more consistent
        installations and fewer places for us to modify when adding support for
        new hardware.

        However, there will be hardware that is temporarily no longer supported
        due to this change, since we haven't yet made sure everything
        interesting in the discover database is found by hotplug. Please file a
        bug with 'lspci' and 'lspci -n' output if you have a problem like this.

      â–¡ Netboot installs should get second-stage packages from hoary now,
        rather than warty.

      â–¡ Upgraded parted by several upstream versions; while this changed API/
        ABI so several other packages needed to be rebuilt, this is believed
        finally to correct the problem where Ubuntu installations rendered
        Windows unbootable with certain partition table layouts and BIOS
        versions (#1566). Please test.

      â–¡ Linux kernel 2.6.9.

      â–¡ Commented-out examples in /etc/apt/sources.list are added for updates
        (#3122) and security (#3599).

      â–¡ Installing using an image written to a USB drive should now be
        supported, although due to being at the Ubuntu conference I haven't
        been in the best position to test it.

      â–¡ Added the ia64 architecture, although the installer is untested.

      â–¡ 'custom' boot option renamed to 'server'.

    The two errata from Array CD 1 have also been fixed.

    Known installer issues:

      â–¡ The new hotplug support brings with it a few race conditions in
        hardware detection, so you may have problems with the framebuffer not
        being loaded or with your CD-ROM drive not being detected which are
        cleared up by trying the installation again. This class of problem is
        being actively worked on, and I believe we should have a solution soon.
      â–¡ Network interface names aren't displayed properly in the network
        configuration stage of the installation, because they used to come from
        discover1-data which we aren't using any more. This will be fixed by
        using lspci instead.

    If you're interested in following changes as we further develop Hoary, have
    a look at the hoary-changes list: http://lists.ubuntu.com/mailman/listinfo/

    Bug reports should go here: https://bugzilla.ubuntu.com/


7. Accessibility BOF
2004/12/15 (0 posts) Subject: "AccessibilityBOF"

BOF Notes:
Led by:
    Jeff Waugh


Unfortunately, Henrik Omma, the head of the accessibility team for Ubuntu, was
not able to attend the meeting in Mataró so Jeff Waugh took his place running
the accessiblity BoF.

The highlights of the BoF included a look at the tools useful for accessiblity

  • gnopernicus
  • gok
  • dasher
  • accessibility themes

Other issues that were raised included:

  • Gnopernicus seems to be broken in Hoary at the moment;
  • Enabling accessibility results in a slow interface therefore we need some
    way to allow the user to turn it on easily (e.g., gdm) perhaps holding down
    shift, or similar;
  • A good goal should be an accessible installer (which will require a
    graphical installer).
  • There are are no accessibility goals for Hoary, and probably not
    appropriate to have any.
  • Dasher is great. :)


8. Security BOF
2004/12/15 (0 posts) Subject: "SecurityBOF"

BOF Notes:
Led by:
    Matin Pitt

Martin Pitt ran a BOF that talked about how to improve proactive security in

This discussion involved Derootification (http://www.ubuntulinux.org/wiki/
DerootificationStatus) which has already enjoyed a huge amount of progress

  • Compiler enhancements

      â–¡ SSP
      â–¡ mudflap
  • Kernel enhancements

      â–¡ execshield
      â–¡ PaX
  • Mandatory access control

      â–¡ Linux
  • Chrooting

As the for immediately future, Fabio Massimo Di Nitto will prepare a kernel
with SE Linux (turned off by default) and Martin Pitt will build a PaX enabled
kernel (also off by default) for universe. Martin will also compare various
kernel enhancements of different distributions.


9. Python In Essential (BOF)
2004/12/16 (0 posts) Subject: "PythonInEssential"

BOF Notes:
Led by:
    Matthias Klose

One of the feature goals of Hoary to to have Python as an essential package. Of
course, python comes with a large library (i.e., "batteries included.") In
order to make Python essential, the team needs to find a way to exclude the
batteries and still have it work.

The notes from the BOF are very in-depth and don't lend themselves well to
summary. They begin by comparing the bits and pieces of perl-base to the bits
and pieces of the python core library to find out what was absolutely essential
and what could be excluded.

The notes above contain a list of those modules that will be not be included in
the essential version of the library.


10. Announcing Rosetta
2004/12/17 (0 posts) Subject: "Announcing Rosetta"
People: Dafydd Harries

The big announcement this week from Mataró was that Canonical unveiled a
web-based translation portal for PO files. The announcement, in full came from
Dafydd Harries:

    Rosetta: A Web-based Translation Portal For PO Files

    This announcement and translations of it into various languages are
    available on the UbuntuLinux wiki: https://www.ubuntulinux.org/wiki/

    The Rosetta Translation Portal team is pleased to announce that the portal
    is now ready for widespread use. Rosetta's goal is to make the process of
    translating free software as easy as possible for both translators and
    software maintainers. Maintainers can send us PO Templates and PO Files,
    which will be published through the web for translation. PO Files can then
    be downloaded at any time.

    Rosetta is part of the Ubuntu Launchpad at: https://launchpad.ubuntu.com

    Happy translating!

    Rosetta Resources

    Several resources are available to Rosetta users and anybody else
    interested in Rosetta.

    The rosetta-users mailing list is available for dicussing Rosetta: http://

    Another place for discussion is the #rosetta channel on the Freenode IRC
    network (irc.freenode.net)

    How to Start Using Rosetta

    In order to do translation with Rosetta, you will need to register an
    account on the ubuntulinux.org website: http://www.ubuntulinux.org/

    Next, find something you would like to translate. If there is something you
    would like to translate which you cannot find in Rosetta, feel free to ask
    on the mailing list or the IRC channel and we will try and import it for

    Once you have found the thing you want to translate, start translating!

    The Rosetta team is happy to answer any questions you might have.

    Bugs in Rosetta

    Although Rosetta is being used for translation today, it is expected that
    users will discover bugs. We will endeavour to fix bugs quickly as they are
    found, but hope users will understand that this is a new tool.

    Currently, the preferred method of reporting bugs in Rosetta is to send a
    message to the mailing list. Feedback about Rosetta is encouraged and


    We would like to thank all the people who tested Rosetta, found bugs and
    gave us feedback before the release.


11. Ubuntu Security Notifications
2004/12/14Â -Â 2004/12/17 (4 posts) Subject: "Ubuntu Security Notifications"

Linux kernel vulnerabilities

Ubuntu Security Notice USN-38-1 (CAN-2004-0814, CAN-2004-1016, CAN-2004-1056,
CAN-2004-1058, CAN-2004-1068, CAN-2004-1069, CAN-2004-1137, CAN-2004-1151)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages are:

  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-

Fix: The problem can be corrected by upgrading the affected package to version You need to reboot the computer after doing a standard system
upgrade to effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/

Linux amd64 kernel vulnerability

Ubuntu Security Notice USN-39-1 (CAN-2004-1074, USN-30-1)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages are:

  • linux-image-
  • linux-image-
  • linux-image-
  • linux-image-

Fix: The problem can be corrected by upgrading the affected package to version You need to reboot the computer after performing a standard
system upgrade to effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/

PHP vulnerabilities

Ubuntu Security Notice USN-40-1 (CAN-2004-1019, CAN-2004-1065)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages are:

  • libapache2-mod-php4
  • php4
  • php4-cgi

Fix: The problem can be corrected by upgrading the affected package to version
4:4.3.8-3ubuntu7.1. After performing a standard system upgrade you need to
reload the PHP module in the webserver by executing sudo /etc/init.d/apache2
reload to effect the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/

Samba vulnerability

Ubuntu Security Notice USN-41-1 (CAN-2004-1154)

Affected Release: Ubuntu 4.10 (Warty Warthog)

Affected Packages are: samba

Fix: The problem can be corrected by upgrading the affected package to version
3.0.7-1ubuntu6.3. In general, a standard system upgrade is sufficient to effect
the necessary changes.

More Information: http://lists.ubuntu.com/archives/ubuntu-security-announce/







                       We Hope You Enjoy Ubuntu Traffic

Ubuntu Traffic is created and produced by Canonical Ltd. All pages are
copyright Canonical.

More information about the ubuntu-news mailing list