Yesterday, 13 May 2008, was a really bad day for the Debian project, probably one of the worst days in the history of Debian. Luciano Bello discovered that the random number generator in Debian’s openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.
Systems which are running any of the following releases are affected :
Read the rest of this entry »
Tags: debian-etch, openssl, ssh
This article will show how you can rebuild any debian package. You might need to rebuild a package for various reasons: add/remove some compilation options, make some changes to the sources, or compile a newer version from testing/sid into stable, etc. Regardless of your reason, this can be done very easy using debian tools.
First you will need to have some basic debian building tools installed:
apt-get install devscripts build-essential Read the rest of this entry »
Tags: apt, Debian
It seems that the Debian team doesn’t like to release minor versions anymore. After Debian 4.0 (code name “Etch”) released last year, the next Debian release (code name “Lenny“) will be numbered as Debian 5.0 as announced yesterday by Marc Brockschmidt: “For reading this far, you receive the small reward of the knowledge that Lenny will be shipped as Debian 5.0.”
Also interesting enough he mentioned that Lenny might be released with KDE4:
“There may be a possibility to include KDE 4 in Lenny. The efforts on KDE 4.1 have been quite promising and seem to be leading to a desktop environment which can fully replace KDE 3. The KDE team will provide betas and release candidates of the 4.1 release in experimental. In the event that KDE 4.1 is on time, and there are no major issues, an upload to unstable in order to include it in Lenny is possible.”
The development of Debian GNU/Linux 5.0 seems to be on track and the final release is still expected in September 2008.
Tags: Debian, lenny
Debian provides security updates for old stable releases for one year after a new distribution has been released. Yesterday, Debian announced that the support for Debian 3.1 (sarge) is coming to an end this month, as etch was released last year in April, sarge will be supported until March 2008.
Anyone still running Debian sarge, should really be thinking seriously to finally update to etch asap. 
Debian’s Official Announcement: http://www.debian.org/News/2008/20080229
Tags: Debian, sarge
This document describes how to install and use sshfs, a FUSE based filesystem that uses SSH to mount remote folders. Since it is based on FUSE (userspace filesystem framework for Linux) your kernel will need to have the fuse module available. FUSE is included in kernel newer than 2.6.14, so I will assume that you will have it already included in your kernel.
Read the rest of this entry »
Tags: fuse, ssh, sshfs, tips
“The Debian project is pleased to announce the third update of its stable distribution Debian GNU/Linux 4.0 (codename etch). This update mainly adds corrections for security problems to the stable release, along with a few adjustment to serious problems.
Those who frequently install updates from security.debian.org won’t have to update many packages and most updates from security.debian.org are included in this update.”
Note: this is true 
. I’ve not even noticed this and seen it as a minor apt upgrade
Release Announcement: http://www.debian.org/News/2008/20080217
A complete list of all accepted and rejected packages together with rationale is on the preparation page for this revision: http://release.debian.org/stable/4.0/4.0r3/
Tags: Debian, etch
Anyone coming from the “sendmail world” to postfix will notice immediately the care taken by postfix developers to make the transition as easy as possible. The same commands you would be used to, like for ex. mailq, newaliases, are working in postfix also.
The newaliases command works on postfix as expected, rebuilding the aliases database:
newaliases
Read the rest of this entry »
Tags: postfix
Yesterday, at the Australian national Linux conference, senior developer Martin Krafft said during a miniconference that the next release of Debian GNU/Linux, Lenny, is expected to take place before the end of 2008… However, with a twinkle in his eye, Krafft indicated that the traditional delays which have generally been a part of Debian could eventuate - “last time we were only four months late so this time if it goes into February 2009, it would be an improvement“.
Krafft also said there would be better security hardening in Lenny with compiler/linker extensions to guard against the most common run-time problems such as buffer overflows.
Full story: http://www.itwire.com.au/content/view/16309/1148/
DFSG stands for: Debian Free Software Guidelines. This is a set of guidelines about the license of a software package, as outlined in the Debian Social Contract. Debian has three software categories inside the repository: main, non-free and contrib. The packages go into one of the repository depending on whether their license is DFSG-compatible or not. Packages in main meet the DFSG, while packages in non-free fail to meet the DFSG, and packages in contrib are DFSG compatible but depend on packages that fail to meet the DFSG:
- main (packages meet DFSG)
- non-free (packages fail to meet DFSG)
- contrib (packages meet DFSG, but depend on packages that fail DFSG)
Read the rest of this entry »
Tags: Debian
This article will explain how you can install the latest memcached daemon (including the libevent library) on a linux system. The only prerequisite for memcached is libevent so we will have to install this first.
Note: the output of the commands in this article are taken from a Debian Etch system. They should work on any recent linux distribution, but depending from your version you might need to make some changes. The versions of memcached and libevent used in this article are the latest stable one existing at the time this was written. Check the download pages bellow, and if newer versions exists you will probably want to use them. Read the rest of this entry »
Tags: memcached
Loading ...
