path: root/english/News/weekly/2001/34/index.wml

#use wml::debian::weeklynews::header PUBDATE="2001-12-19" SUMMARY="Hurd CD, Security, Acronyms, Mailing Lists, Quality, Java"
# $Id$

<p><strong>Archive.debian.org is Back.</strong> The server that holds old
Debian releases, aliased to archive.debian.org, has been <a
href="https://lists.debian.org/debian-mirrors-0111/msg00000.html">resurrected</a>
after it was offline for several months due to hardware problems.  The machine
now runs with a nice new 144&nbsp;GB RAID and a new host, the Computer Science
Department at the <a href="http://www.cs.umn.edu/">University of
Minnesota</a> and is now administered by Scott Dier.  However, sad news: One of the
new disks began to fail recently.</p>

<p><strong>Hurd H2 CD Images.</strong> The Hurd team informed us about new <a
href="https://www.debian.org/ports/hurd/hurd-cd">Hurd CD Images</a>.  Snapshot
images are produced at a four to eight week interval and the H2 images are
the tenth of the series.  The Hurd has grown from one CD image in August 2000
(A1) to four images in December 2001 (H2).  These images are a snapshots of a
developing operating system, so suitable precautions must be taken when making an
installation.  Similar as with other architectures, most important programs reside
on CD 1, while the other ones contain less important packages.</p>

<p><strong>On Fixing Security Critical Bugs.</strong> Javier
Fernández-Sanguino Peña made some <a
href="https://lists.debian.org/debian-security-0112/msg00257.html">\
analysis</a> regarding vulnerabilities detected and posted to the Bugtraq list and
those sent as <a href="https://www.debian.org/security/">Debian Security
Advisories</a> (DSAs).  His analysis reveal that for the last year it has
taken Debian an average of 35 days to fix security-related vulnerabilities.
However, over 50% of the vulnerabilities where fixed in a 10-days time frame,
and over 15% of them where fixed the same day the advisory was released!</p>

<p><strong>More On Acronyms.</strong> We received some feedback about the item
covering acronyms in our <a href="$(HOME)/News/weekly/2001/33/">last
issue</a>.  It was pointed out that several acronyms are already explained through
using the <code>dict</code> program or one of it's graphical frontends (like
<code>kdict</code> or <code>wordinspect</code>).  In case you haven't heard
about dict yet, it is the client that queries the dictd server.  The DICT
Development Group maintains several public servers which can be accessed from
any machine connected to the Internet.  Another interesting resource is the <a
href="http://members.ams.chello.nl/j.vermeulen31/GPL_TLA_FAQ">List of
three-letter abbreviations</a>.</p>

<p><strong>New Mailing Lists.</strong> The listmaster team <a
href="https://lists.debian.org/debian-devel-announce-0112/msg00004.html">created</a>
three new lists: <a
href="https://lists.debian.org/debian-qa-packages/">debian-qa-packages</a>,
which is used by the QA Team to handle bug reports against orphaned packages,
<a href="https://lists.debian.org/debian-ssh/">debian-ssh</a>, which will be
used for Debian ssh packages maintenance and coordination and <a
href="https://lists.debian.org/debian-apache/">debian-apache</a>, which will be
used for maintenance and coordination of packages for the Apache webserver and
related packages.</p>

<p><strong>The Good, The Bad And The Ugly.</strong> Gergely Nagy posted a big
<a href="https://lists.debian.org/debian-devel-0112/msg01346.html">rant</a>
about packaging software for Debian too quick and not paying enough attention
at packaging.  He is worried, because packages whose maintainer don't pay at
least a little attention to packaging, do not reflect the image he had about
Debian.  Face it, Debian is known for its quality.  This is something we can
lose.</p>

<p><strong>Porting Kaffe.</strong> John R. Daily was doing some work to ensure
kaffe's availability on the IA-64 port.  He sent <a
href="https://lists.debian.org/debian-java-0112/msg00046.html">this report</a>
on issues that are holding back Kaffe on some platforms.  <a
href="https://buildd.debian.org/build.php?arch=&amp;pkg=kaffe">buildd.debian.org</a>
reports that the latest package does not build on mips, mipsel, hppa, and
sparc.  The report covers detailed problem reports for each architecture.
</p>

<p><strong>Security Stuff.</strong> We've got two new security advisories this
week.  As usual, if your system is affected, be sure to get the updated
packages right away.</p>

<ul>
<li><a href="https://www.debian.org/security/2001/dsa-093">postfix</a> --
Remote DoS.
<li><a href="https://www.debian.org/security/2001/dsa-094">mailman</a> --
Cross-site scripting hole.
</ul>

<p><strong>New or Noteworthy Packages.</strong> The following new or
updated packages were added to the Debian archive since our <a
href="$(HOME)/News/weekly/2001/33/">last issue</a>.</p>

<ul>
<li><a href="https://packages.debian.org/unstable/web/chastity-list">\
chastity-list</a> -- A "blacklist" package for 
squidgard for use in public schools and other organizations. 
<li><a href="https://packages.debian.org/unstable/x11/fluxbox-kde">\
fluxbox-kde</a> -- A low-resource window manager for KDE.
<li><a href="https://packages.debian.org/unstable/net/guarddog">\
guarddog</a> -- A firewall configuration utility for KDE. 
<li><a href="https://packages.debian.org/unstable/libs/libpth14">\
libpth14</a> -- GNU Portable Threads.
<li><a href="https://packages.debian.org/unstable/games/mah-jong">\
mah-jong</a> -- Mah-Jong for 1 to 4 players.
<li><a href="https://packages.debian.org/unstable/graphics/lodju">\
lodju</a> -- An image management tool for the X Window System.
</ul>

<p><strong>Keep in Touch...</strong> As usual, we'd like to ask that if
you have newstips or announcements about Debian please send 'em to 
<a href="mailto:dwn@debian.org">dwn@debian.org</a>. Also, have a 
Merry Christmas!</p>

#use wml::debian::weeklynews::footer