Distributions
News and Editorials
Slackware 8.1 released
It's official: Slackware 8.1 has been released. Features in this release include the 2.4.18 kernel, glibc 2.2.5, XFree86 4.2.0, a new print system based on LPRng (CUPS also available), Apache 1.3.24 (oops, look for an update there...), Mozilla 1.0, KDE 3.0.1, etc. See the announcement for all the details.The Debian Developer's Guide to Security Updates
The new Debian Developer's Guide to Security Updates has been posted. It describes how a Debian maintainer should interact with the new security apparatus; it's interesting in that it provides a view into how one distributor handles security issues.For the most part, it's fairly straightforward stuff. Some highlights:
- Maintainers should always involve the "Security Team" in the fix. The
Team keeps track of outstanding security issues, interacts with other
distributors, writes the security advisories, etc. Among other
things, the Team can help ensure that information on a remotely
exploitable vulnerability is not released too soon.
- Fixing a security hole by going to the latest version of the affected
package is usually not seen as a good idea. A security fix should be
done with the smallest possible change, which can mean backporting the
fix to whatever older version Debian had shipped.
- A special location has been set up for uploading security fixes; the updated package will then be automatically rebuilt for all architectures supported by Debian. The ability to provide updated packages for all architectures was, of course, a big part of the motivation behind the new security mechanism.
The full story can be found in the document, of course.
Olaf Kirch joins the SuSE security team
SuSE has sent out an announcement stating that Olaf Kirch has joined the company's security team. Olaf is a long time Linux contributor, of course; he had his hands in the Linux NFS code years ago and is the author of the venerable Linux Network Administrator's Guide. Olaf, until recently, handled security for Caldera. SuSE now claims a total of five people on its security team - an impressive and encouraging commitment to the security of the SuSE Linux (and, eventually, UnitedLinux) distribution.
Distribution News
Debian Weekly News - June 18th, 2002
The Debian Weekly News for June 18 is available; this issue looks at the new security build infrastructure, the Woody release ("...we're not entirely done developing Woody"), Debian at LinuxTag, the "after Woody" wishlist, and more.
Design of an apt-src program
Joey Hess has posted the beginnings of a design for a new, "apt-src" program. This utility would be like apt-get, except, of course, that it would handle source packages instead. Debian's package management doesn't make dealing with source entirely easy; this new interface could change all that. It includes support for dependencies between source packages, and might even handle automatic rebuilds when a package is upgraded. Joey is looking for feedback on the design; full details may be found in the announcement.Debian on the Sharp Zaurus/SL-5xxx
Matt Zimmerman, who is lucky enough to have obtained a Zaurus PDA, has announced the beginning of an effort to make a version of the Debian distribution for this device. The Zaurus already runs Linux, of course, and Zaurus users end up grabbing packages from the Debian ARM port when they want more software. But it would be nice to have a full Debian distribution, using the Debian package manager. Matt is looking for people interested in contributing to this effort; see the announcement for the details.Gibraltar Firewall based on Debian
Here is a press release from the Debian Project about the Gibraltar Firewall Project. Gibraltar is building a router and firewall package (based on Debian, of course) which will run directly from CD. A free version is available for download now, with a commercial version (with manuals and all) in the works.Mandrake Linux Community Newsletter - Issue #46
The Mandrake Linux Community Newsletter - Issue #46 is now available. "This Week's Summary: Xerox Chooses Mandrake Linux; Latest MandrakeClub Activities; Cooker Snapshot ISOs; PPC News; Mozilla 1.0; What's New at MandrakeUser.org?; This Week's Survey; Security-related Software Updates; Headlines from MandrakeForum."
Mandrake Linux Servers Invade Internet
Mandrake has sent in a press release to state that the latest Netcraft survey shows that the web server shipped with Mandrake, the Advanced Extranet Server, has "dramatically grown during the past 12 months, confirming the increased adoption of Mandrake Linux as a server platform."
A Mandrake update for ImageMagick
MandrakeSoft has put out an updated version of its ImageMagick package. It seems that there is a problem with the x86 development libraries that can cause segmentation faults; this update fixes that problem.Slackware updates
The Slackware changelog notices have been coming out steadily in the runup to the 8.1 release. Recent changes include new quota code, the addition of adjtimex, a new Java runtime environment, a MySQL upgrade, the latest Evolution, and more. The June 15 changelog also notes a security fix to KHTML.Meanwhile, for those of you who miss the old Slackware forums, UserLocal has put up a readonly version for archival purposes.
Minor distribution updates
FreeBSD 4.6 released
FreeBSD 4.6 is now available. Quite a few changes have gone into this release, including the adoption of XFree86 4.2. See the announcement for the details.Embedded Coyote Linux Wolverine Beta 1
The Embedded Coyote Linux page notes the June 17 release of "Wolverine Beta 1." "This version includes PPTP authentication updates, bug fixes, and updated login and firewalling services. This version contains the majority of the functionality that will be present in the final v1.0 release."
LEAF v1.0-rc3
The third release candidate of LEAF 1.0 (LEAF being the Linux Embedded Appliance Firewall) has been announced. Numerous packages, mostly security-oriented, have been upgraded in this release; see the announcement for details.
Page editor: Jonathan Corbet
Next page:
Development>>