Releases

frugalware-1.1 (Getorin)
Sep 7, 2009

frugalware-1.0 (Anacreon)
Mar 22, 2009

frugalware-0.9 (Solaria)
Sep 9, 2008

frugalware-0.8 (Kalgan)
Mar 11, 2008

frugalware-0.7 (Sayshell)
Oct 13, 2007

frugalware-0.6 (Terminus)
Mar 22, 2007

frugalware-0.5 (Siwenna)
Sep 14, 2006

frugalware-0.4 (Wanda)
Mar 30, 2006

frugalware-0.3 (Trantor)
Oct 13, 2005

frugalware-0.2 (Aurora)
Apr 28, 2005

frugalware-0.1 (Genesis)
Nov 02, 2004

RSS

Donations

Donate to support our development efforts.

Recent updates
devel-extra/
 configobj
4.7.1-1-x86_64
gnome-minimal/
 gnome-screensaver
2.28.2-1-x86_64
x11-extra/libvdpau
0.4-1-i686
xlib-extra/
 gupnp-vala
0.6.4-1-i686
xorg-libs/libxrender
0.9.5-1-ppc
xorg-proto/
 libpthread-stubs
0.3-1-ppc
x11-extra/libvdpau
0.4-1-x86_64
xorg-libs/
 libpciaccess
0.11.0-1-ppc
xlib/
 frugalware-cursor-theme
1.2-2-ppc
apps/hal
0.5.14-5-ppc

RSS
Languages
Change language | Change language | Change language | Change language | Change language | Change language | Change language
Information
Go Frugalware, Go
Valid XHTML 1.0!
Valid CSS!
Valid RSS!
Server information
Uptime:
62 day(s) 5 h 1 m 50 s
Frugalware Newsletter Issue 29

Welcome

The newsletter's aim is to keep you up to date with what's happened recently in the world of the Linux distribution 'Frugalware'.

Features of this issue include:

  • Frugalware wallpaper announcement
  • Elentir has begun work on a GUI installer
  • New donation
  • Tips and tricks - Envy Code R monospace font
  • Focus On Package(s) - rxvt-unicode (again) :)

Events

Here's a selection of events which have occurred since the previous newsletter:

  • Speed record attempt

    James Buren (ryuo) and Janos Kovacs (janny) recently tried to break the record for the fastest bug report resolution. At 13:48 on 28 July 2008, ryuo reported a bug with The Gimp's package. At 15:09 on the same day, janny had submitted the corrected Frugalbuild. Well done to ryuo and janny. Of course we now expect all bug reports to be fixed this quickly. :)

  • Frugalware wallpaper announcement

    For the very first time in Frugalware's history we're running a competition to select a wallpaper for release 0.9 - codenamed "Solaria". Please read all about the competition here.

  • Frugalware 0.9 - Solaria - release candidate schedule change

    The scheduled dates for 0.9's release candidates - 1 and 2 - have been changed to a week later to allow more time for user testing. If you have the required time and bandwidth available, PLEASE test the release candidates once they become available.

  • Elentir has begun work on a GUI installer

    User 'Elentir' has begun work on a GUI installer for Frugalware with VMiklos' consent. While a GUI installer is not strictly required, it is attractive to some people. If it is successful then it may be adopted as a official Frugalware project.

  • gholafox's work improves

    gholafox recently had two new packages' Frugalbuilds accepted into the official repositories. These were for nitrogen - a wallpaper browser and selection tool - and Openstromenace - a 3D space shooting game. gholafox's work is getting better with each Frugalbuild. Perhaps he'll join the development team, gaining the fame, glory and fortune that brings. :P

  • New contributor - Elentir

    As well as working on a GUI installer, Elentir has also been submitting Frugalbuilds. He/she recently submitted a Frugalbuild for valkyrie - a Qt GUI for Valgrind Tools - with help from VMiklos. If you "see" Elentir in IRC or anywhere else, please encourage his/her work. We need all the developers we can get.

  • Logging in as user "root"

    In the forums recently (23 July 08), richard raised in the forums the question of logging in as the 'root' user. The short answer was "DON"T DO IT!" For more details as to why this is a bad idea, read the forum thread.

  • New donation

    Marius Cirsta recently donated some money to the Frugalware project. Many thanks to him. This brings VMiklos one small step closer to his dream of owning a Ferrari. Seriously, any money donated to the project goes directly to meet the project's costs - domain names, hardware upgrades etc.

  • LGee takes on a new role

    LGee recently volunteered to help with tidying the Bug Tracker System (BTS). His role is to review bug reports which haven't been assigned and assign them to a developer. His help is very welcome because, while it's not exciting work, it's important to Frugalware's progress.

Tips and tricks

 Disclaimer - Be aware that the hints & tips provided here have NOT been tested and so come with no warranty.

  • Envy Code R monospace font

    Let's be honest - we all like an attractive monospace font. Envy Code R is a "free" TrueType monospace font. The author has spent quite some time working on this font, including tweaking it to suits Windows' ClearType technology. While it's not quite as clear under X as it is under Windows, the results are still impressive. While there are other, clear monospace fonts, they're mostly bitmap fonts and so not scalable. Envy Code R however, scales very well, with the font quite clear even in quite a small size. Take a look at Envy Code R - you might like it. Note that it's still under "development" but it's perfect for my requirements as it is now.

This section relies on your contributions! If you have some tips and tricks that you would like to be shown in the newsletter, please post them on the forums.

Focus On Package(s)

rxvt-unicode (again) :)

rxvt-unicode was mentioned in newsletter issue 24 as being a useful, light terminal emulator. One interesting feature was not mentioned in that issue is its ability to use Perl extensions to provide additional functions and features. One such feature is that of tabs - like Konsole, Terminal, Sakura et al. To use this feature, use the flag "-pe tabbed". Once it's enabled you use [Shift] and [Down arrow] to create a new tab and [Shift] and [Left arrow] or [Right arrow] to switch between the tabs. rxvt-unicode's tabbed feature doesn't look as nice as that of mrxvt but it's just as useful.

Bug fixes

The following table gives you a overview of activity on bugs and feature requests as at 19 July 2008. In each cell of the table is a link to a detailed list of the relevant bugs or feature requests.

Activity Bugs Feature
Requests
Open 170 207
Opened since the last newsletter 21 5
Closed since the previous newsletter 26 14

Security announcements

Remember - According to the normal support arrangements for Frugalware, the release of 0.8 ("Kalgan") means that support for the previous release has ended. This means that no further security or bug fixes will be released for Frugalware 0.7 ("Sayshell").

Here is a list of security issues which have been discovered and fixed in the 0.8 release since the previous newsletter.

FSAPackageFSA DescriptionUpgrade To
FSA503openldapA vulnerability has been reported in OpenLDAP, which can be exploited by malicious people to cause a DoS (Denial of Service)openldap-2.3.43-1kalgan1
FSA502afuseAnders Kaseorg discovered that afuse, an automounting file system in user-space, did not properly escape meta characters in pathsafuse-0.2-2kalgan1
FSA501phpbbUnspecified vulnerability in phpBB before 3.0.1 has unknown impact and attack vectors related to "urls gone through redirect() being used within login_box()."phpbb-3.0.2-1kalgan1
FSA500pidginSome vulnerabilities have been reported in Pidgin, which potentially can be exploited by malicious people to compromise a user's systempidgin-2.4.3-1kalgan1
FSA499ffmpegA vulnerability has been reported in FFmpeg, which potentially can be exploited by malicious people to compromise a user's systemffmpeg-20070422-4kalgan1
FSA498checkinstallTwo security issues have been reported in CheckInstall, which can be exploited by malicious, local users to perform certain actions with escalated privilegescheckinstall-1.6.1-2kalgan1
FSA497byaccOtto Moerbeck has reported the following potential out of bounds of the allocated stack access in the yacc binary. Fix an venerable bug: if we're reducing a rule that has an empty right hand side and the yacc stackpointer is pointing at the very end of the allocated stack, we end up accessing the stack out of bounds by the implicit $$ = $1 actionbyacc-1.9-2kalgan1
FSA496perlA vulnerability has been reported in Perl, which can be exploited by malicious, local user to perform actions with escalated privilegesperl-5.10.0-4kalgan1
FSA495bindA vulnerability has been reported in ISC BIND, which can be exploited by malicious people to poison the DNS cachebind-9.4.2-3kalgan1
FSA494wiresharkA vulnerability has been reported in Wireshark, which can be exploited by malicious people to cause a DoS (Denial of Service)wireshark-1.0.2-1kalgan1
FSA493drupalA vulnerability has been reported in Drupal, which can be exploited by malicious people to conduct session fixation attacksdrupal-5.9-1kalgan1
FSA492drupalSome vulnerabilities have been reported in Drupal, which can be exploited by malicious people to conduct SQL injection and script insertion attacksdrupal-5.9-1kalgan1
FSA491phpmyadminAung Khant has discovered some vulnerabilities in phpMyAdmin, which can be exploited by malicious people to conduct cross-site request forgery attacksphpmyadmin-2.11.7.1-1kalgan1
FSA490clamavA vulnerability has been reported in ClamAV, which can be exploited by malicious people to cause a DoS (Denial of Service)clamav-0.93.3-1kalgan1

About the newsletter

Author

The Frugalware newsletter is written and edited by Russell Dickenson (AKA phayz). Credit for the Frugalware distribution goes to the development team.

Translations

The newsletter is currently translated into French and Danish. The French translation is provided by the French Frugalware community. The Danish translation is provided by the Danish Frugalware community. Thanks to all those involved in providing and hosting these translations.

Release

To allow time for review and corrections, each newsletter is written ahead of its release date. Therefore it may not mention events which occurred in the few days before its release - e.g. security fixes. To be sure that you've got the very latest information on these topics, go to the appropriate page of the Frugalware web site.

Feedback

If you have feedback about the Frugalware newsletter - whether good or bad - please provide it via the forums. Your feedback is valuable because we want the newsletter to meet the needs of Frugalware's users.

© 2003-2010. The Frugalware Developer Team