m (1 revision(s))
m (added category)
|Line 671:||Line 671:|
Latest revision as of 10:50, 14 April 2009
 Fedora Weekly News Issue 97
Welcome to Fedora Weekly News Issue 97 for the week of July 15th through July 21st 2007.
The latest issue can always be found here and RSS Feed can be found here .
To join or give us a feedback, please visit our project join page .
In this section, we cover announcements from various projects.
Contributing Writer: ThomasChung
 fedorapeople.org is now available
SethVidal announces in fedora-announce-list ,
"What is fedorapeople.org ?:
It is a site where fedora contributors can upload files for sharing out with the world. It is perfect for uploading specfiles, srpms, patches, etc, etc. Each fedora contributor has 150M of quota-controlled space. Users can upload using scp, sftp or rsync. Once uploaded into the users public_html directory the files are available via http at: http://your_username.fedorapeople.org/. To connect to fedorapeople.org just use the ssh key you uploaded to your fedora account and then you can login via ssh to: fedorapeople.org"
 Smolt, Open Invitation
MikeMcGrath announces in fedora-announce-list ,
"Smolt will reach 75,000 profiles in the next 24 hours and with that news I'm excited to announce functional clients that work in SuSE, Debian, and Ubuntu. With the help of the Linux community at large we could start to better understand what is out there. Look to changes in the near future like a ratings system, better reporting tools and other such improvements."
 Planet Fedora
In this section, we cover a highlight of Planet Fedora - an aggregation of blogs from world wide Fedora contributors.
Contributing Writers: ThomasChung
 Ohio Linux Fest Keynote Address
MaxSpevack points out in his blog ,
"I've just purchased a plane ticket to Ohio Linux Fest , which is on Saturday September 29th. Joe Brockmeier is one of the primary organizers, and he asked me today if I would be willing to give one of the two keynote addresses. On behalf of all of Fedora, I am both flattered and excited to be given this opportunity."
 GNOME Cookbook
JohnPalmieri points out in his blog ,
"A little birdy reminded me that GNOME’s 10 year anniversary is coming up and I thought it would be nice to do something a little bit unusual to commemorate the creativity and passion which exemplifies our members. Since I have been talking about cooking classes and so many people in the GNOME community have also expressed their love for the culinary arts I thought it would be nice to publish a Creative Commons Attribution-ShareAlike 3.0 licensed cook book full of recipes from members of the GNOME community."
KonstantinRyabitsev points out in his blog ,
"Repoview version 0.6.0 is available and should make life much easier -- this version introduces state tracking, so now repoview is aware of changes between runs. This means that it only generates and writes the files that have actually changed, which makes it extremely fast for small changes and also makes it rsync-friendly."
 Mascots and Fedora. Do we need one? Do we want one?
NicuBuculei points out in his blog ,
"Back in the release cycle for Fedora 7 we had an initiative: create an open process where anyone can play and see if we can come with a Mascot for Fedora . It generated a lot of long talks on mailing lists with strong supporters and opponents of the idea but also a number of contributions (about which I planned to blog but never came to it until now, shame on me!)."
In this section, we cover Fedora Marketing Project.
Contributing Writer: ThomasChung
 Volunteers needed for GITEX (8-12 September)
JohnBabich reports in fedora-marketing-list ,
"I am doing my best to get a Fedora presence in the Red Hat EMEA booth at GITEX , being held this year on 8-12 September."
"I can use all the help I can get to man the booth, answer questions, produce and distribute live CDs, etc. If you are attending GITEX this year and can spare some time to help out, I think it will be a productive and fun time for all involved."
 New in Fedora: Jack Aboutboul
RahulSundaram reports in fedora-marketing-list ,
"Jack Aboutboul talks about what's new and interesting in Fedora in a Linux World podcast with Don Marti. Why does the core/extras merge matter, custom spins of Fedora, relationship between Fedora and OLPC, KVM and virt-manager virtualization, does user space in Linux still suck like Dave Jones says it did, boot up speed and much more..."
 Proposed Fedora 8 Features
RahulSundaram reports in fedora-marketing-list ,
"A pretty good look with screenshots and short descriptions though the list of features are a bit premature to say at this point. I think we can do something similar to officially while announcing the list of features for Fedora 8 which will happen when we hit feature freeze during the development cycle."
 Smolt to be a Linux Thing
MarcWiriadisastra reports in fedora-marketing-list ,
"Smolt, the Linux hardware profiler that was introduced by the Fedora project for automatically reporting installed hardware and other system attributes, reached a new milestone last week and is in the process of another. Last week, Smolt reached 75,000 profiles for Fedora after being introduced back in January of this year. At the time of writing, there are now over 78,300 profiles. "
In this section, we cover the problems/solutions, people/personalities, and ups/downs of the endless discussions on Fedora Developments.
Contributing Writer: OisinFeeley
 Plans for tickless kernel for x86_64 architecture in Fedora 8
(Editor's Note: This news beat was written by ThomasChung)
WarrenTogami reports to FWN,
"Hi Dave, Could you write up a paragraph describing Fedora's plan for x86_64 dyntick?"
"We plan on releasing F8 with 2.6.23. Upstream seems against the idea of merging the 64bit tickless patches just yet, so will probably wait until 2.6.24 As a result of this, we'll carry patches in F8 to ship this feature early.
Right now, as the 2.6.23 merge window is open, the tree is changing a lot, so adding patches at this stage would involve a lot of rediffing, so we'll remain without the tickless patches until things calm down when 2.6.23-rc1 is released.
The plan of putting 64bit tickless in FC6/F7 updates has been put on hold until it's stabilised in rawhide, and may even wait until after F8 has been released, depending on how well testing goes.
 'Allo 'Allo Wot's This 'Ere License?
Following on from the Thursday, July 19th FESCo meeting a request was posted by BillNottingham to remind maintainers of the importance of keeping everyone informed about changing licenses.
The request noted that even changes to license versions were important and that maintainers should ensure that the Fedora Project was notified about them via either of the lists: @fedora-devel-announce or @fedora-devel. Questions should be directed to FESCo.
JakubJelinek wanted to know whether the "License:" tags should be updated to reflect their exact versions now. JoshBoyer and BrianPepple answered that something such as the scheme which Jakub was proposing had been discussed in the FESCo IRC meeting . That discussion was concerned with the technical aspects of how to provide license combinations in a compact, searchable space within current RPM strictures and TomCallaway (spot) expressed an objection to writing License tags of the form "License:GPL|MPL|BSD|X11|KitchenSink". There seemed to be plenty of practical objections to most of the suggestions and the meeting cohered around the proposal above, and also recognizing that much further work needed to be done. Dark murmurings about using a packagedb to hold the licenses were heard!
A slightly different answer was given by BillNottingham , who said that it was up to the Packaging Committee to standardize some naming convention and RalfCorsepius stated that the Packaging Committee had already rejected versioned licensing due to considering the "License:" tag to be merely informative and not a legal statement, and to versioned licences introducing too much overhead.
Ralf followed up on this with a strongly-worded riposte to Bill's original announcement, asking whether FESCo was now going to be the "Fedora license police". JefSpaleta thought that Ralf's negativity was getting a bit too consistent and suggested the more positive construction which saw the development as a way of making sure that those that depend on particular packages aren't suddenly blindsided by a change to a license. Ralf gave further depth to his objections, arguing that ignorance on the legal issues and a bureaucratic burden would hamper the Fedora Project's efforts to give substance to these proposals, he also dismissed GPLv3 as a consideration. JoshBoyer specifically countered the latter point. ToshioKuratomi (abadger) agreed that exotic licenses introduced complications, that the Packaging Committee had rejected guidelines for "License:" tags, but drew attention to the audience (end users) which had been considered in those deliberations.
 Yum Integration For Applications
Ignacio Vazquez-Abrams proposed  rewriting some system tools (e.g. authconfig, system-config-network, and desktop-effects) to access system-install-packages so that they could install other packages "on the fly" to enable missing functionaility.
There was a muted reaction to the proposal. JochenSchmitt expressed disquiet with the idea of doing something as intrusive as automatically installing a package on a running system without the explicit consent of an administrator. JesseKeating thought that what was meant by "automatic" in this context was "automatically launch Pirut which would of course prompt for the root password." Further discussion between Jesse, Jochen, and Ignacio clarified that Ignacio was interested in using s-i-p with a Text User Interface instead of Pirut.
JefSpaleta asked whether a hand-created listing of packages for each tool would need to be made or if the process could be abstracted. Ignacio answered that s-i-p would be able to work exactly like yum in resolving needed packages and dependencies.
An alternate approach using "soft dependencies" (also discussed in the last paragraph of FWN#92 "Yelping Over Bloated Firefox And Flash"[4a] ) was preferred by KevinKofler. Kevin noted that this approach would avoid lock-in to yum/s-i-p.
MattMiller suggested that a yum-plugin that allowed users to install what he termed "user level" applications using their own credentials would be useful. SethVidal was dubious, arguing that there was no easy distinction between user-level or other software. A detailed discussion between HorstVonBrand and Matt over the dangers of Matt's suggestion versus the advantages of just using sudo followed and provided much food for thought. BennyAmorsen thought that due to the difficulty of stopping users on UNIX systems making their own programs that the level of security which Horst wanted was already compromised.
 Java Based Web Interface To Fedora Repositories?
Recalling the use of repoview in the past, ThorstenLeemhuis wondered what were the plans for a similar interface in the new merged Fedora and drew attention to a new project named "Repowatch" run by RichardKörber (Shred).
KonstantinRyabitsev (icon) responded that he was completing work on a rewrite of repoview that had major speed-ups due to state-tracking. Icon pointed out that one advantage of repoview was that it did not require an engine to view the repository, being instead browsable simply as a collection of static pages. JesseKeating liked the sound of this and volunteered to integrate into mash[4a] or pungi[4b] .
[4a] Mash is a tool to query the koji buildsystem for particular RPMs and create a repository of them.
[4b] Pungi is a set of python libraries that can be used to build composition tools. It is also a means of producing ISO images and/or installation trees.
A response from the author/developer of repowatch clarified that it was not a replacement for repoview, but instead provided a method to monitor data from sources such as repoview. RahulSundaram suggested requesting some Fedora Project resources officially (helpfully pointing to the place to do this) and ThorstenLeemhuis also encouraged this, adding that repowatch could provide an easy way for users to find the latest versions of packages.
JesseKeating noted that it was possible to examine Koji to see what packages were available (see also FWN#88 "Making Koji A Complete rpmfind Replacement" ), but ThorstenLeemhuis was prepared for this and pointed back to his earlier mail emphasising the need to cater to users.
Wishing to move things along practically, DavidTimms asked whether Fedora Infrastructure could provide any parameters for Shred before he commenced a rewrite. Shred's response detailed his use of Tomcat leading to a negative reaction from JesseKeating, who made it clear that Java apps (or PHP which was not under discussion here) were not something which he personally welcomed within the Fedora Project's essential infrastructure. A brief discussion of his reasons for this led Shred to decline to enter the shopworn arguments about Java's performance and to conclude that there was no point in pursuing resource support within the Fedora Project. Jesse backed off from this conclusion and emphasized that he had been merely expressing his own opinion.
An interesting conclusion to the thread was provided by NicolasMailhot who noted that the advent of Free Java and the importance of JBoss made it important for Fedora to be able to mount a credible working alternative to Microsoft's .NET stack and that Fedora Infrastructure should work with Red Hat/JBoss to mitigate any problems such as the ones Jesse claimed.
 Sysklogd Replaced With Rsyslogd in Fedora 8
A replacement of the "sysklogd" kernel logging daemon was announced by PeterVrabec. The reason for this change is that sysklogd is no longer under active development. Very quickly there was disagreement over how this transition should be handled, with specific objections resting on the issues of what to call the the configuration files and whether the new daemon should be automatically started.
MattMiller suggested that using rsyslog.conf instead of syslog.conf as the name of the configuration file replicated one of the problems which had been identified with syslog-ng. PeterVrabec thought that a simple cp syslog.conf rsyslog.conf took care of that problem, but ChuckAnderson pressed home the point that a drop-in replacement ought to use the exact same names for configuration files.
A refinement of this point was made by SethVidal who emphasized that it wasn't simple a replacement, but actually packaged as an "obsoletes". A direct response from SteveGrubb (SteveG) stated that this had indeed been the original intent and that a sysconfig option had been originally present. SteveG also detailed some complicated hackery to conditionally use either of the filenames depending on the existence of sysconf.conf. There were some strong objections from TomasMraz and KarelZak citing the simplicity of just settling on one name, using the ReleaseNotes to inform users of the change, and avoiding the use of a configuration file with a different base name to its daemon. LeszekMatok disagreed with the latter and posted some examples during an exchange with RahulSundaram. MattMiller made a similar point elsewhere with a different example.
The proposal to simply standardize on a new name was not congenial to DavidLutterkort who noted[7a] that it would require modification of all scripts which relied on the old names. SethVidal agreed and suggested[7b] a transition that would delay the final full switch until F9.
RahulSundaram and SethVidal[8a] voiced the other major objection: the case of users that upgrade using yum. Peter's announcement had made it clear that an anaconda upgrade to F8 would start the new rsyslogd daemon automatically, but otherwise an update would cause the old sysklogd to be erased and the new rsyslogd would need a su -c; /sbin/service rsyslogd start. ManuelWolfshant thought that leaving the system without a logger was enough of a problem to make an exception to packaging recommendations and start the daemon automatically from the %post section of the package. JeremyKatz objected that this should only be done if sysklogd had been running previously or else there were negative effects for initing chroots, creating live-images, and installing some systems.
In response to ThorstenLeemhuis' suggestion to test whether sysklogd was running, JeremyKatz provided an overview of how other scripts currently use a condrestart in %post but thought there would be problems depending on whether the sysklogd package had been removed before any tests could be run. BillNottingham amplified this response, pointing out to MikeChambers that the PID file is what is examined.
ManuelWolfshant concluded that although there were potential problems for admins running other logging daemons for testing purposes, the proposed original scheme seemed mostly workable with the service starting after a reboot, and separately JeffOllie noted that even in the case of "yum upgrade" from F7->F8 a reboot would be needed to use the new kernel and libraries anyway.
"Nodata" recalled the discussion on including Presto (a way to reduce the amount of downloaded package data during updates by using diffs of RPMs) and wondered what was happening now, noting that the integration hadn't happened due to a lack of testing then and that the same thing seemed to happening again.
This summary was corrected by DanHorák, who noted that contrary to Nodata's assertion there were Presto-enabled repositories in existence for FC6, F7, and Rawhide (the development branch). The generally favorable and pro-active approach of the Fedora Project to Presto had also been documented in FWN#93 and earlier.
JeremyKatz added that JonathanDieter (main Presto developer with AhmedKamal) had taken some patches from Jeremy and that the automatic generation of deltarpms into the buildsystem was being worked on.
Separately FESCo supported the idea of fully integrating Presto into Fedora 8, with some minor worries being expressed as to whether fedora-infrastructure would be able to make the necessary changes in time for the Test1 freeze, and the clarification that as long as it made it by Test2 then it would make the cut.
A positive user experience with the existing Presto repositories was reported by YuanYijun, with the caveat that a couple of errors needed to be worked around. FlorianLaRoche posted an interesting link to an alternate GPL-licensed implementation of the binary-delta generating algorithm.
 Seahorse: Reducing The Number Of Passphrase And Password Challenges
Following up on an earlier discussion, JesseKeating asked whether it was possible to cut down the number of prompts for passphrases by managing ssh-agent passphrases within gnome-keyring.
RalfEtzinger explained that OpenSSH currently uses a bundle of helpers (in openssh-askpass) and it ought to be easy to add a new one for gnome-keyring-ssh-askpass.
A suggestion by ToddZullinger to use the pam_ssh module provoked some minor debate as Todd admitted that this approach required the password entered to GDM (the display manager) to be the same as the SSH passphrase. JonathanUnderwood was opposed to the idea, but Todd argued that enabling gnome-keyring to do what Jesse wanted would provide a similarly weak security model also compromisable at one single point.
AlexanderDalloz thought that "keychain" might be useful but wouldn't eliminate initial onetime password requests. This and the pam_ssh discussion led Jesse to clarify that he envisioned a key storing application accessed by a single password which was different from each of the stored passwords/passphrases. GawainLynch pointed out a Gentoo HOWTO and JonathanUnderwood advertised SethVidal's Seahorse packages which apparently provide exactly the integration which Jesse had been seeking.
 Nodoka Theme: Clean, Easy On The Eyes, Featured in Fedora 8
An announcement of a new graphics theme for Fedora named "Nodoka" was posted by MartinSourada. Along with DanielGeiger, Martin aims to provide a non-intrusive, consistent look throughout the desktop (exclusive of wallpaper which is release-dependent) using the "Echo" icons.
Martin provided links to RPMs for those that wish to provide feedback and also sought further help in hosting the project. RahulSundaram followed up on previous help he had given to Martin and suggested that the best course was to contact fedora-infrastructure to ask for resources.
It seems that the theme will only be usable for GTK2 (as opposed to GTK1) applications (which hopefully are nearly eliminated at this stage) and KevinKofler wondered whether someone was working to make this work usable with KDE as an alternative to Bluecurve/Quarticurve. Martin responded that volunteers to do so were welcome.
The proposal that Nodoka be included in Fedora8 was later approved by FESCo.
 RUM RHUM RHUME REDRUM OPIUM OPYUM: Offline Fedora Package Manager
(Editor Note: See http://fedoraproject.org/wiki/DebarshiRay/rum#Naming for 'Naming Blues')
One of the Google SoC projects was reported to yield some usable results by Fedora users according to DebarshiRay (Rishi). Rishi has been working on a way to allow Fedora users without internet connections to benefit from the package management infrastructure already developed around yum. The result has been a tool tentatively named "RUM", which exists to allow users to update a bandwidth poor machine by hooking it up to another machine that has updated packages on it.
There was a certain amount of discussion about the name, with RahulSundaram drawing attention to a conflict in namespace and querying some of the implementation choices, such as the use of uncompressed tar archives. Rishi seemed to settle for "OPYUM" as the name. "Jima" commented that as the contents of rpms were already compressed anyway there was probably not much gain in further compression.
A mild amount of skepticism about the value of this particular approach was expressed, especially by MikeChambers, who wondered why Rishi couldn't just integrate his changes into Pirut. Rishi re-iterated that the goal of the project was to allow even the extreme case of completely networkless machines being updated with a CD containing a "yumpack" specially built for them, and also explained that Pirut-maintainer JeremyKatz wasn't receptive to the idea so far.
In response to Mike's wish for the ability of yum to update simply from a local network, ThomasSpringer provided the exact command:
su -c; yum update --disablerepo=\* --enablerepo=local-network
 Another GNOME Conspiracy Unmasked: ShowOnlyIn
An upset ChristopherStone asked why so many applications were setting "ShowOnlyIn=GNOME" in their .desktop files and wondered if it was Fedora *trying* to cripple KDE or what⁈
RexDieter pointed out the flaw in Christopher's approach and AlanCox suggested that simple imitation of a flawed example rather than malice was a better working hypothesis and asked Christopher to file bugs if necessary. ToddZullinger posted a revised grep, which indicated that GNOME users were actually victims of a KDE instigated desktop-cleansing campaign.
The plight of Xfce users was raised by AndyShevchenko as they are affected by the preferential setting of the flag for both GNOME and KDE.
"TarekW" explained that the advantage of the current setup is that it provides a sane default for non-power-users, shielding them from the potential bloat of having both desktops load their dependencies into memory. Power-users have the option to tweak ShowOnlyIn on a case-by-case basis.
In this section, we cover the Fedora Infrastructure Project.
Contributing Writer: JasonMatthewTaylor
 Fedorapeople.org is up
SethVidal and others have been working on the fedorapeople.org site for a while and their work is now available for use .
 Security Week
In this section, we highlight the security stories from the week in Fedora.
Contributing Writer: JoshBressers
 Computer Viruses are 25 Years old
I ran across this story this week.
The computing world is still suffering from computer viruses. They're a serious problem that waste a great deal of time and money. Given past trends, it's very likely that computer viruses will see their 50th birthday.
 Serious Security Issues in Samsung Linux Drivers
This story is absolutely amazing
It seems that by installing certain Samsung Linux drivers modify numerous applications on the local system, setting a number of them setuid-root. It's easy to claim open source produces higher quality software, this is a fine example of this. If the source is being scrutinized by the community at large, someone is likely to send a patch which can fix a plain stupid bug such as this. It's also quite likely that a developer will be more willing to "do it right" if the source is going to be available for the whole world to see.
 Firefox 126.96.36.199 Released
A new version of the Mozilla products (Firefox, Seamonkey, Thunderbird) were released this week.
It's rather important you ensure you've installed this update as the browser is certainly the most abused application these days. If you run Fedora, this update has been available via yum for several days.
 Daily Package
In this section, we recap the packages that have been highlighted as a Fedora Daily Package.
Contributing Writer: ChrisTyler
 Krecipes - Recipe manager
Productive Mondays highlight a timesaving tool. This Monday we covered Krecepies :
"Krecipes is a KDE recipe manager. It will store, seach for, and resize recipes, rate their nutritional content, and manage shopping lists. Recipes can be stored in plan files for personal access, or in MySQL or PostgreSQL databases for shared access (or very large recipe collections)"
 Pulseaudio - Next-generation audio server
Artsy Tuesdays highlight a graphics, video, or sound application. This Tuesday PulseAdudio was featured:
"PulseAudio is a next-generation audio server designed to be a 'Compiz for audio'. It enables you to start multiple audio applications (with different output systems) and direct each playback stream to the sink (destination) of your choice, even changing the destination on-the-fly, and to adjust the level of each individual channel."
The Wednesday Why article took a look at the ways that Fedora packages interact with the cron execution scheduler:
"Packages that requires scheduled execution of jobs can be configued in either of two ways: they can include a crontab file which will be placed in /etc/cron.d (the approach used by the smolt package), or they can include a script file which will be placed in /etc/cron.hourly, /etc/cron.daily, /etc/cron.weekly, or /etc/cron.monthly (which is the approach used by cups)."
 Hwbrowser - Display hardware info
GUI Thursdays highlight a software that provides, enhances, or effectively uses a GUI interface. This Thursday , hwbrowser was discussed:
"Hwbrowser is a very simple tool that provides read-only access to hardware information."
 Ri-li - Run a wooden train
Friday Fun highlights fun, interesting, and amusing programs. This Friday , we took a look Ri-li :
"Do you remember having a wooden train set when you were little? Ri-li is a neat little amusement that will remind you of those days."
 Advisories and Updates
In this section, we cover Secuirity Advisories and Package Updates from fedora-package-announce.
Contributing Writer: ThomasChung
 Fedora 7 Security Advisories
- [SECURITY] blam-1.8.3-5.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1157
- [SECURITY] bochs-2.3-5.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1153
- [SECURITY] centericq-4.21.0-13.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1160
- [SECURITY] chmsee-1.0.0-0.20.beta2.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1159
- [SECURITY] clamav-0.90.3-1.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1154
- [SECURITY] devhelp-0.13-9.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1143
- [SECURITY] epiphany-2.18.3-2.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1138
- [SECURITY] epiphany-extensions-2.18.3-2 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1155
- [SECURITY] firefox-188.8.131.52-1.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1142
- [SECURITY] galeon-2.0.3-10.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1145
- [SECURITY] gimp-2.2.17-1.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1099
- [SECURITY] kernel-184.108.40.206-27.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1130
- [SECURITY] liferea-1.2.19-3.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1146
- [SECURITY] nginx-0.5.28-1.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1158
- [SECURITY] seamonkey-1.1.3-1.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1181
- [SECURITY] thunderbird-220.127.116.11-1.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1180
- [SECURITY] yelp-2.18.1-5.fc7 - http://fedoraproject.org/wiki/FSA/F7/FEDORA-2007-1144
 Fedora Core 6 Security Advisories
- [SECURITY] firefox-18.104.22.168-4.fc6 - http://fedoraproject.org/wiki/FSA/FC6/FEDORA-2007-642
- [SECURITY] gimp-2.2.17-1.fc6 - http://fedoraproject.org/wiki/FSA/FC6/FEDORA-2007-627
- [SECURITY] thunderbird-22.214.171.124-2.fc6 - http://fedoraproject.org/wiki/FSA/FC6/FEDORA-2007-641
 Events and Meetings
In this section, we cover event reports and meeting summaries from various projects.
Contributing Writer: ThomasChung
 Fedora Board Meeting Minutes 2007-07-17
 Fedora Ambassadors Meeting 2007-07-19
 Fedora Documentation Steering Committee 2007-07-17
 Fedora Engineering Steering Committee Meeting 2007-07-19
 Fedora Extra Packages for Enterprise Linux Meeting 2007-07-18
 Fedora Infrastructure Meeting (Log) 2007-07-19
 Fedora Packaging Committee Meeting 2007-07-17
- No Meeting
 Fedora Release Engineering Meeting 2007-07-16
- No Meeting
 Fedora Translation Project Meeting 2007-07-17
- No Meeting
 Extras Extras
In this section, we cover any noticeable extras news from various Linux Projects.
Contributing Writer: ThomasChung
 LiveCD for Red Hat High
RobinNorwood reports in fedora-livecd-list ,
"Last week, we held the second annual Red Hat High here in Raleigh. I helped with the software side of things, and used the livecd tools to do it."
"In a nutshell, it's a technology camp for incoming high school freshmen, using all open source software."
"For the classrooms, we used lab space donated by NCSU. However, a couple of the labs were being used for NCSU classes during the week of the camp, so we couldn't just format the drives and install Fedora. Our solution was to use a live cd ."