[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DWN May 30th, 2000
å°å±±ã§ã™ã€‚
ã“ã¡ã‚‰ã‚‚åŒæ§˜ã§ã™ã€‚
--
å°å±±ç¥å¸
---
.|#use wml::debian::weeklynews::header PAGENAME="May 30th, 2000" SUMMARY="The second test cycle begins; security update."
#use wml::debian::weeklynews::header PAGENAME="2000 å¹´ 5 月 30 æ—¥" SUMMARY="第二回テストサイクル開始; ã‚»ã‚ュリティ更新"
.|<p>
.|<b>Welcome</b> to Debian Weekly News, a newsletter for the Debian developer
.|community.
.|</p>
<p>
<b>よã†ã“ã</b>。Debian 開発者ã®ã¿ãªã•ã‚“å‘ã‘ニューズレターã€
Debian ウィークリーニュースã¸ã€‚
</p>
.|<p>
.|<b>"<i>The second test cycle starts now</i>"</b>, <a href="mail#2">writes
.|Richard Braakman</a>. No more package uploads will be accepted except those
.|essential to the boot floppies and CD image creation. Richard earlier removed
.|a <a href="../../../../Lists-Archives/debian-devel-announce-0005/msg00012.html">
.|bunch of packages</a> with release critical bugs. Of the 80 or
.|so RC bugs that remain, Richard says "<i>I hope that we can simply
.|ignore most of them. At this point I don't mind releasing potato with
.|a handful of broken packages, if they are not overly popular ones.
.|The test period will show which of the bugs are truly critical.</i>"
.|</p>
<p>
<b>「<i>第二回テストサイクルを今ã‹ã‚‰å§‹ã‚ã‚‹</i>ã€</b>ã¨
<a href="mail#2">Richard Braakman ã¯æ›¸ãã¾ã—ãŸ</a>。
ブートフãƒãƒƒãƒ”ー㨠CD イメージ作æˆã«å¿…è¦ä¸å¯æ¬ ãªã‚‚ã®ä»¥å¤–ã€
ã©ã‚“ãªãƒ‘ッケージã§ã‚ã£ã¦ã‚‚アップãƒãƒ¼ãƒ‰ã¯å—ã‘ã¤ã‘られã¾ã›ã‚“。
Richard ã¯ä»¥å‰ã«ãƒªãƒªãƒ¼ã‚¹ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«ãƒã‚°ã®ã‚ã‚‹
<a href="../../../../Lists-Archives/debian-devel-announce-0005/msg00012.html">
パッケージを</a>削除ã—ã¾ã—ãŸã€‚
80 程度ã®ãƒªãƒªãƒ¼ã‚¹ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«ãƒã‚°ã¯æ®‹ã£ã¦ã„ã¾ã™ãŒã€
Richard ã¯ã€Œ<i>ã“れらã®ã»ã¨ã‚“ã©ã¯å˜ã«ç„¡è¦–ã§ãã‚‹ã¨æ€ã†ã€‚
ç¾æ™‚点ã§ã¯ã€å£Šã‚ŒãŸãƒ‘ッケージãŒå°‘々ã‚ã£ã¦ã‚‚
ãã‚ŒãŒã‚ã¾ã‚Šã«äººæ°—ãŒã‚ã‚‹ã¨ã„ã†ã‚‚ã®ã§ãªã„ãªã‚‰
potato をリリースã—ã¦ã‚‚æ°—ã«ãªã‚‰ãªã„。
ã“ã®ãƒ†ã‚¹ãƒˆæœŸé–“ä¸ã«ã€ãƒã‚°ã®ã†ã¡ã©ã‚ŒãŒæœ¬å½“ã«ã‚¯ãƒªãƒ†ã‚£ã‚«ãƒ«ãªã‚‚ã®ã‹
明らã‹ã«ãªã‚‹ã ã‚ã†</i>ã€ã¨è¨€ã£ã¦ã„ã¾ã™ã€‚
</p>
.|<p>
.|<b>The last announced security fix in Debian was in March.</b> We have fixed
.|lots of security holes since then, so why haven't they been announced? There
.|are <a href="../../../../Lists-Archives/debian-devel-0005/msg01889.html">several
.|reasons</a>, according to Wichert Akkerman. Debian's security team needs to
.|find a few more people they can trust to add to the team. Also, a lot of the
.|recent security holes have affected packages that are not in stable, and the
.|security team does not issue advisories about problems that only exist in
.|frozen and unstable. However, it also looks like significant numbers of
.|security holes have
.|<a href="../../../../Lists-Archives/debian-devel-0005/msg01856.html">slipped
.|through the cracks</a>, and their fixes have not been backported to stable.
.|One hopes that the security team can improve this track record. If you fix a
.|security hole in a package, please be sure to let the security team know, so
.|they can follow up on it.
.|</p>
<p>
<b>Debian ã§ã‚»ã‚ュリティ修æ£ã«ã¤ã„ã¦
最後ã«ã‚¢ãƒŠã‚¦ãƒ³ã‚¹ãŒã‚ã£ãŸã®ã¯ 3 月ã§ã—ãŸã€‚</b>
ç§ãŸã¡ã¯ãã®å¾Œã‚‚ãŸãã•ã‚“ã®ã‚»ã‚ュリティホールを修æ£ã—ã¦ãã¾ã—ãŸãŒã€
ãªãœãれらã«ã¤ã„ã¦ã‚¢ãƒŠã‚¦ãƒ³ã‚¹ã•ã‚Œãªã‹ã£ãŸã®ã§ã—ょã†?
Wichert Akkerman ã«ã‚ˆã‚Œã°
<a href="../../../../Lists-Archives/debian-devel-0005/msg01889.html">
ã„ãã¤ã‹ã®ç†ç”±</a>ãŒã‚ã‚Šã¾ã™ã€‚
Debian ã®ã‚»ã‚ュリティãƒãƒ¼ãƒ ã¯ã€ãƒãƒ¼ãƒ ã«åŠ ãˆã‚‹ã®ã«ä¿¡ç”¨ã§ãる人を何人ã‹
探ã™å¿…è¦ãŒã‚ã‚Šã¾ã™ã€‚
ã¾ãŸã€æœ€è¿‘ã®ã‚»ã‚ュリティホールãŒå½±éŸ¿ã™ã‚‹ãƒ‘ッケージ㯠stable ã«ã¯ãªãã€
ãã—ã¦ã€ã‚»ã‚ュリティãƒãƒ¼ãƒ 㯠frozen ã‚„ unstable ã ã‘ã®å•é¡Œã«ã¤ã„ã¦ã¯
勧告を発行ã—ã¾ã›ã‚“。
ã—ã‹ã—ã€çµæ§‹ãªæ•°ã®ã‚»ã‚ュリティホールãŒ
<a href="../../../../Lists-Archives/debian-devel-0005/msg01856.html">
見éŽã”ã•ã‚Œã¦ã„ã‚‹</a>よã†ã«è¦‹ãˆã¾ã™ãŒã€
ãれらã®ä¿®æ£ã¯ stable ã«ãƒãƒƒã‚¯ãƒãƒ¼ãƒˆã•ã‚Œã¦ã„ã¾ã›ã‚“。
ã‚»ã‚ュリティãƒãƒ¼ãƒ ãŒã“ã®çŠ¶æ³ã‚’改善ã—ã¦ã€ä¿®æ£è¨˜éŒ²ã‚’追跡ã§ãるよã†ã«
ãªã‚‹ã“ã¨ã‚’望ã¿ã¾ã™ã€‚
ã‚‚ã—ã‚ãªãŸãŒãƒ‘ッケージã®ã‚»ã‚ュリティホールを修æ£ã—ãŸãªã‚‰ã€
å¿…ãšã‚»ã‚ュリティãƒãƒ¼ãƒ ã«çŸ¥ã‚‰ã›ã¦ãã ã•ã„。
ãã†ã™ã‚Œã°å½¼ã‚‰ã¯è¿½è·¡ã™ã‚‹ã“ã¨ãŒã§ãã¾ã™ã€‚
</p>
.|<p>
.|With that said, <b>security fixes in frozen this week</b> include a remote
.|shell exploit in <a href="http://bugs.debian.org/64649">qpopper</a>, an
.|archiver security problem in <a href="http://bugs.debian.org/64841">mailman</a>,
.|a SSL certificate security problem in <a href="http://bugs.debian.org/64650">
.|netscape</a>, and two denial of services fixes in <a href="mail#1">X</a>.
.|</p>
<p>
ãã†ã„ã†ã‚ã‘ã§ã€
<a href="http://bugs.debian.org/64649">qpopper</a> ã®
リモートã‹ã‚‰ã®ã‚·ã‚§ãƒ«ã®ä¸æ£ä½¿ç”¨ã€
<a href="http://bugs.debian.org/64841">mailman</a> ã®
アーカイãƒã®ã‚»ã‚ュリティå•é¡Œã€
<a href="http://bugs.debian.org/64650">netscape</a> ã®
SSL 証明書ã®ã‚»ã‚ュリティå•é¡Œã€
<a href="mail#1">X</a> ã® 2 ã¤ã®ã‚µãƒ¼ãƒ“ス拒å¦å•é¡Œã®ä¿®æ£ã‚’å«ã‚€
<b>frozen ã®ã‚»ã‚ュリティ修æ£ãŒä»Šé€±ã‚ã‚Šã¾ã—ãŸã€‚</b>
</p>
.|<p>
.|<b>And speaking of X</b>, Branden Robinson
.|<a href="../../../../Lists-Archives/debian-devel-0005/msg01828.html">
.|explained</a> why he has no plans to make .debs for X 4.0.0. He cited
.|instability problems, lack of support for the sparc architecture, and lots
.|of fixes upstream. "<i>Over two hundred distinct patches have been applied to
.|the upstream CVS tree to date.</i>" Branden hopes to instead package X 4.0.1
.|when it is released in mid-June.
.|</p>
<p>
<b>X ã«ã¤ã„ã¦ã„ãˆã°</b>〠Branden Robinson ã¯
ãªãœå½¼ã¯ XFree86 4.0.0 ã® .deb を作る計画をãŸã¦ãªã„ã®ã‹
<a href="../../../../Lists-Archives/debian-devel-0005/msg01828.html">
説明ã—ã¾ã—ãŸ</a>。
å½¼ã¯ç†ç”±ã¨ã—ã¦ã€å®‰å®šæ€§ã®å•é¡Œã€sparc アーã‚テクãƒãƒ£ã®ã‚µãƒãƒ¼ãƒˆä¸è¶³ã€
ãã—ã¦ä¸Šæµã®ãŸãã•ã‚“ã®ä¿®æ£ã‚’挙ã’ã¾ã—ãŸã€‚
「<i>ç¾åœ¨ã¾ã§ã« 200 以上ã®åˆ¥å€‹ã®ãƒ‘ッãƒãŒ
上æµã® CVS ツリーã«é©ç”¨ã•ã‚ŒãŸã€‚</i>ã€
Branden ã¯ãã®ã‹ã‚ã‚Šã« 6 月ä¸æ—¬ã«ãƒªãƒªãƒ¼ã‚¹ã•ã‚Œã‚‹
XFree86 4.0.1 をパッケージã«ã—ãŸã„ã¨æ€ã£ã¦ã„ã¾ã™ã€‚
</p>
.|<p>
.|<b>Another Debian-based distribution has appeared.</b>
.|<a href="http://timesys.com/products/linux.html">TimeSys</a> is a distribution
.|targeted at hard real time applications. Read more in
.|<a href="http://www.upside.com/texis/mvm/story?id=3922f93b0">this Upside
.|article</a>. Judging by
.|<a href="http://www.timesys.com/products/linuxoptions.html">this page</a>,
.|the actual distribution seems to be a fairly standard Debian plus some
.|additional "<i>TimeSys Linux/RT modules</i>".
.|</p>
<p>
<b>æ–°ã—ã„ Debian ベースã®ãƒ‡ã‚£ã‚¹ãƒˆãƒªãƒ“ューションãŒç¾ã‚Œã¾ã—ãŸã€‚</b>
<a href="http://timesys.com/products/linux.html">TimeSys</a> ã¯
リアルタイムアプリケーションをターゲットã«ã—ãŸãƒ‡ã‚£ã‚¹ãƒˆãƒªãƒ“ューションã§ã™ã€‚
詳ã—ãã¯
<a href="http://www.upside.com/texis/mvm/story?id=3922f93b0">ã“ã® Upside ã®
記事</a>ã‚’èªã‚“ã§ãã ã•ã„。
<a href="http://www.timesys.com/products/linuxoptions.html">ã“ã®ãƒšãƒ¼ã‚¸</a>
ã‹ã‚‰åˆ¤æ–ã™ã‚‹ã¨ã€å®Ÿè³ªã®ãƒ‡ã‚£ã‚¹ãƒˆãƒªãƒ“ューションã¯
ã ã„ãŸã„基本的㪠Debian ã«ã„ãã¤ã‹ã€Œ<i>TimeSys Linux/RT モジュール</i>ã€ã‚’
è¿½åŠ ã—ãŸã‚‚ã®ã®ã‚ˆã†ã§ã™ã€‚
</p>
.|#use wml::debian::weeklynews::footer