From Fedora Project Wiki

Fedora 新闻周刊第 113 期

欢迎阅览 Fedora 新闻周刊第 113 期,记载自 2007-12-10 起一周事件。本页永久链接为 http://fedoraproject.org/wiki/zh_CN/FWN/Issue113

本周的主要内容有:

"公告"部分:"FC6 的 Samba 安全更新","FUDCon 的 GPG 签名聚会"

"Fedora 博客聚集"部分:"Mark 访谈:RHM 视频","PS3 上的 Fedora 8","India 归来:FOSS.in","日程变更:FUDCon 洛利(Releigh, NC)","Fedora 重制版","接班人计划"

由于圣诞节和新年假期,FWN 将停刊两期,下一期将是 2008 年一月 7 日。大家节日快乐!

要参与我们或给出反馈,请访问


公告

原文请查看

FC6 的 Samba 安全更新

SimoSorce announces in fedora-announce-list[1]

""Fedora 7和8已经发布,但或许你知道FC6最近已快到截止日期了。

由于我认为这是一个重要的安全问题,因此我决定发布这个FC6的新的包[2] ,这样那些还没有完全迁移到新的被支持的Fedora发行版的人可以使用的更久一些。


[1] https://www.redhat.com/archives/fedora-announce-list/2007-December/msg00003.html

[2] http://simo.fedorapeople.org/samba/

FUDCon 的 GPG 签名聚会

MattDomsch announces in fedora-devel-list[1] ,

"我是志愿参加一月份在Raleigh的FUDCon[2] 举行的GPG签名聚会的。签名是一种能面对面的认识别人的好方法(需要身份证,照片等),这样延伸了网上的GPG信任机制。"

[1] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00720.html

[2] http://barcamp.org/FUDConRaleigh2008

Fedora 博客聚集

原文请查看

在这一节,我们看看来自世界各地的Fedora贡献者的博客聚集。

http://fedoraproject.org/wiki/Planet

Contributing Writers: ThomasChung

Mark 访谈:RHM 视频

MarkCox points out in his blog[1] ,

"上个月我花了一天的时间和Red Hat杂志小组讨论了对于所受责难的态度。第一个视频现在已经完成,讲的是Red Hat在第三方软件中处理责难中的职责。这个视频是在我家拍摄的,里面充满了平静的绿色,因此不会让人有压力感。"

[1] http://www.awe.com/mark/blog/200712162208.html

PS3 上的 Fedora 8

JoshBoyer points out in his blog[1] ,

"在PS3上F8安装程序在最后一刻出现问题,在anaconda的跟踪记录中可以看到是寻找视频驱动的问题。如果在命令行指定"xdriver=fbdev"的话就没问题了。之后就能正常引导F8 DVD,然后使用文本模式在我的标准高清TV中进行安装了。"

[1] http://jwboyer.livejournal.com/18688.html

India 归来:FOSS.in

LennartPoettering points out in his blog[1] ,

"FOSS.in是我所参加过的最好的会议,充满了乐趣。这次组织的很好,我只能热心的推荐为了明年的这个时候每个人都提交建议。当然,我希望委员明年能再次采纳我的建议。值得一提的还有这里的美食。

[1] http://0pointer.de/blog/photos/india.html

日程变更:FUDCon 洛利(Releigh, NC)

PaulFrields points out in his blog[1] ,

"MaxSpevack在fedora-devel-announce中建议改变FUDCon的日程,将hackfest时间分开为周五和周日,中间插入周六的BarCamp。这可能成为FUDCon的很重要日程安排。这样的话,周五的讨论就能为周六的会议提供更多的信息。FUDCon sessions now can be just as much about showing off work completed the day before, like a progress report for a code sprint, or the results of brainstorming and prototyping sessions."

[1] http://marilyn.frields.org:8080/~paul/wordpress/?p=882

Fedora 重制版

JeroenVanMeeuwen points out in his blog[1] ,

"这是一则关于fedora重制版很重要的简要说明。Fedora团体为此已经准备了很长时间了,这不仅仅是个人版,其真正面向的是各层次的大众。我们启动这个项目并一直延续的原因很清晰,为了更多其他的人:"

"对于刚刚装上的系统来说,可用的升级已经增长到了2GiB。我们认为应当把这些需要的升级集成到安装介质中,以有效的减少需要升级的包数。这样也为带宽和网络数据流量带来益处。因为在某些地区带宽和数据流量并不便宜,甚至有些地方没有网络,这样的话,他们就能通过FreeMedia程序或是他们的朋友来获得重制版。"

[1] http://kanarip.blogspot.com/2007/12/re-spinning-fedora.html

接班人计划

MaxSpevack points out in his blog[1] ,

"在经历了2年以及4个Fedora版本发布之后,我希望能够去做一些其他的Fedora和Red Hat相关的事情,因而需要有人接替"Fedora Project Leader"这个职位。"

[1] http://spevack.livejournal.com/39464.html

营销

原文请查看

lwn.net: 寻找新的 Fedora 领袖

RahulSundaram reports in fedora-marketing-list[1] ,

"MaxSpevack,曾经引领Fedora项目进行重大改进的人,宣布说是时候去别的岗位接受新的(Fedora相关)挑战了。所以,现在项目正在寻找新的领袖。"The Fedora Project Leader"是全职的Red Hat的职位,因此我们需要进行一个完整的面试程序。这个面试并不是一对一的随意的面试。Fedora委员会是其中一部分,Red Hat的CTO和其他工程组织的管理者以及人力资源也都包含在里面。"

[1] https://www.redhat.com/archives/fedora-marketing-list/2007-December/msg00045.html

oreillynet.com: Fedora Core 6 再见

ThomasChung reports in fedora-marketing-list1[1] ,

"上个周五,12月7日,Fedora Core 6停止开发了。这是见证Fedora项目分为两个部分-社区(额外部分)和Red Hat(核心部分)-的最后一个版本。那些对Fedora不熟悉的人可能希望了解合并是什么时候发生的。合并的情况是核心部分的包最后都向额外部分转移了,这也是唯一的方法。这也证明了社区强大的力量。"

[1] https://www.redhat.com/archives/fedora-marketing-list/2007-December/msg00037.html

开发

原文请查看

PulseAudio 应当怎样?

PekkaSavola想知道[1] 在他的Fedora 8系统中的声音失效然后重装后PulseAudio是如何工作的。PulseAudio是在重装之前就已经开始运行了,Pekka想知道PulseAudio是不是一个需要重启的后台程序。KellyMiller证实说[2] ,其是一个在桌面启动的后台程序。

[1] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00755.html


关于 Smolt 的两个提议

YaakovNemoy向社区提交了一份关于在Smolt和用Smolt集成kerneloops中隐私的提议。

[1] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00739.html

KDE4: 使用 GDM 时无法挂载可移动介质

LexHider提交[1] 了一份关于在新的KDE4中挂载USB设备的问题。Lex把这个问题报告给了@kde-core-devel,然后被告知问题出在Fedora这边。

[1] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00727.html

使用 Argyll 颜色管理

Nicolas报告[1] 说NicolasMailhot和FrédéricCrozat (of Mandriva)之间合作的很好。Apparently the Argyll屏幕颜色管理系统使用的是特殊的编码,Nicolas做了大量的工作使其能够标准编译工具。然而这些却花费了他大量的精力。幸好他把这些发布到他的"fedorapeople"博客上,然后Frédéric继续了Nicolas的工作。Nicolas从Frédéric那里获得灵感并加入了其他新的特性。他请求对此审核,特别是PAM, Hal和udev方面。

[1] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00706.html

使用 yum group* 命令时的 multilib 问题

对于i386的包安装在x86_64系统上所经常碰到的问题进来有所上升,ChristopherWickert想知道[1] 为什么在尝试yum groupinstall XFCE时牵扯进i386的Thunar(XFCE的文件管理器)和xprintf以及随之而来的一堆其他的i386的包依赖。


[1] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00676.html


创建 SIG 的政策

In the pursuit of creating an Erlang SIG PeterLemenkov asked[1] what needed to be done to form a SIG. HansdeGoede replied[2] that it was not necessary to pass any formal procedure other than a simple declaration that the SIG existed. He cautioned that enforcing packagingt matter however.

[1] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00601.html

[2] https://www.redhat.com/archives/fedora-devel-list/2007-December/msg00603.html

更正

In FWN#112 "Heads Up: OpenSSL, OpenLDAP Changed In Rawhide"[1] , we indavertently attributed to JesseKeating a suggestion from AlexLancaster that OpenSSL and OpenLDAP packages should be built in a systematic way, starting with Core packages. This has been corrected in the archived version.

[1] http://fedoraproject.org/wiki/FWN/Issue112#head-acc8e6ca4162e9ff6e9c81d98fdda48c250eabd4

顾问委员会

原文请查看

Fedora 项目领袖接班人计划

This past week on the fedora-advisory-board, MaxSpevack, the Fedora Project Leader since early 2006, announced that they've begun planning for someone else to take the reigns of Fedora. Max is very much still interested in doing work for Red Hat and Fedora, but is looking for someone else to take the role as the Fedora Project Leader. If you're interested in finding out more about the succession planning, check out his e-mail announcement[1] .

[1] https://www.redhat.com/archives/fedora-advisory-board/2007-December/msg00010.html

文档

原文请查看

FDSCo 正在选举

The election for the Fedora Documentation Steering Committee (FDSCo) is now under way.

The election runs from 14 December until 23:59 UTC on 24 December 2007.

The self-selected nominees for the election are listed at http://fedoraproject.org/wiki/DocsProject/SteeringCommittee/Nominations.

The rules governing the election are at http://fedoraproject./FDSCoElections.

Here is a short summary of the voting rules:

  • Voting is open to all contributors in the Documentation Project who have joined the 'cvsdocs' group in the Fedora Account System.
  • Contributors have up to three votes they can cast for the slate of nominees, with one vote per nominee.
  • The four top vote receivers serve on FDSCo for 12 months, the next three vote receivers serve for 6 months.
  • Following this initial election, regular elections are every six months. Half of the seats are up for voting each election, first three seats, then four seats, and so on.
  • We are using the Fedora standard voting software.

If you have not done this, there is still time to get your account so you can vote:

1. Go to the account edit page at https://admin.fedora.redhat.com/accounts/userbox.cgi. 1. Under Add new membership at the bottom of the page, put yourself in the cvsdocs group

The actual voting takes place at https://admin.fedoraproject.org/voting.

安全周刊

原文请查看

Squirrelmail 漏洞

It seems that some of the squirrelmail 1.4.11 and 1.4.12 releases have been compromised. The problem only exists in their releases, not in CVS, which is good. This is still a rather scary scenario though.

http://marc.info/?l=squirrelmail-announce&m=119757931707501&w=2

We looked through the version being shipped in Fedora and didn't find the backdoor, but we will still upgrade to version 1.4.13 for peace of mind and to reduce confusion.


Linux 病毒扫描器

And what better to end 2007 with than a story about virus scanners on Linux:

http://www.informationweek.com/blog/main/archives/2007/12/would_we_need_a.html


2007 年被过度夸大的 5 个开源软件漏洞

This story is most interesting, but a little confusing if you don't understand what Palamida does.

http://www.palamida.com/node/513

Palamida specializes in inspecting source repositories and finding embedded source. A good example of this is projects that like to include source copies of zlib, rather than linking against a system version. It's no secret that there are significant benefits to using system libraries rather than including your own. Any project that includes a copy of an upstream library, needs to track the security flaws that affect that source. Most do not do this, which ends up leaving their users vulnerable.

更新

原文请查看

Fedora 8 安全更新

Fedora 7 安全更新

事件和会议

原文请查看

Fedora Board Meeting Minutes 2007-12-04

Fedora Ambassadors EMEA Meeting 2007-12-12

Fedora Documentation Steering Committee 2007-MM-DD

  • No Report

Fedora Engineering Steering Committee Meeting 2007-MM-DD

  • No Report

Fedora 基础设施 Meeting 2007-12-13

Fedora Localization Meeting 2007-MM-DD

  • No Report

Fedora 营销 Meeting 2007-MM-DD

  • No Report

Fedora Packaging Committee Meeting 2007-MM-DD

  • No Report

Fedora Quality Assurance Meeting 2007-MM-DD

  • No Report

Fedora Release Engineering Meeting 2007-12-10

Fedora SIG EPEL Meeting Week 2007 Week 50

Fedora SIG KDE Meeting Week 2007-12-11

Fedora SIG Store Meeting 2007-MM-DD

  • No Report