Kobayashi Noritada
2005-11-28 03:41:51 UTC
$B>.NS$G$9!#(B
$B$^$?:#=5$bCY$/$J$C$F$7$^$$$^$7$?$,!"(B
DWN 2005-47 $B$N=xHW5-;v(B 4 $BK\$H(B Security Updates $B>pJs$rLu$7$^$7$?!#(B
$B::FI$r$*4j$$$$$?$7$^$9!#(B
$B:#=59f$O!"C18l$,$d$?$i$HFq$7$a$G(B ($B$=$l$OFbMF$N$;$$$+$b$7$l$^$;$s$,(B)$B!"(B
$BFq;:$G$7$?!D!D!#(B
$B3F=j$G0U?^$J$I$r<($9$?$a$K%3%a%s%H$r$+$J$jBgNL$KF~$l$F$"$j$^$9!#(B
$B%X%C%@(B ($B%5%^%j$J$I(B) $B$NItJ,$K$b86J8!&%3%a%s%H$rF~$l$F$"$j$^$9!#(B
$BKhEYKhEY$N$3$H$G$9$,!"$h$m$7$/$*4j$$$$$?$7$^$9!#(B
--
|: Noritada KOBAYASHI
|: Dept. of General Systems Studies,
|: Graduate School of Arts and Sciences, Univ. of Tokyo
|: E-mail: ***@dolphin.c.u-tokyo.ac.jp (preferable)
|: ***@esa.c.u-tokyo.ac.jp
|: Key fingerprint = AB26 9533 81DA 997B 3C06 4380 19BB ADA0 695C 9F53
#use wml::debian::weeklynews::header PUBDATE="2005-11-22" SUMMARY="Packaging, Disclosing, Delegations, Debtags, Events, Testing, Archive, Alioth, License"
# * 'Disclosing' $B$O!V3+<(!W$H$7$^$7$?!#(B
# 'Declassification of private Mails.' $B$N$3$H$r;X$7$F$$$k$N$@$H;W$$$^$9!#(B
# $B$3$NC18l$NB>$K$b!":#9f$K$OFq$7$a$NC18l$,$d$?$i$HB?$$$G$9!D!D!#(B
# * 'Testing' $B$O(B 'Automated Testing for Packages.' $B$r;X$7$F$$$k$N$G!"(B
# $B!V%F%9%H!W$H$7$^$7$?!#(B
#use wml::debian::weeklynews::header PUBDATE="2005-11-22" SUMMARY="$B%Q%C%1!<%82=(B, $B3+<((B, $B0QG$(B, Debtags, $B%$%Y%s%H(B, $B%F%9%H(B, $B%"!<%+%$%V(B, Alioth, $B%i%$%;%s%9(B"
#use wml::debian::translation-check translation="1.7"
<p>Welcome to this year's 47th issue of DWN, the weekly newsletter for the
Debian community. Nathanael Nerode <a
href="http://lists.debian.org/debian-devel/2005/10/msg01131.html">observed</a>
that the new C++ libraries are not transitioning to testing due to a rash of
dependent uploads and has requested that maintainers hold off from uploading
dependent packages that will contribute to the clog. Guillem Jover <a
href="http://lists.debian.org/debian-devel/2005/10/msg01195.html">proposed</a>
to <a href="http://bugs.debian.org/90989">split</a> dependency lines in the
source control files for improved readability. Andreas Tille <a
href="http://lists.debian.org/debian-jr/2005/11/msg00003.html">reported</a>
about a free <a href="http://www.klixxa.de/">Live CD</a> aiming at
children.</p>
# * 'rash' $B$OF|K\8l$G$b!V!A%i%C%7%e!W$H%+%?%+%J$G;H$o$l$k$3$H$,B?$$5$$,$9$k$N$G(B
# $B$=$N$^$^$K$7$^$7$?!#$"$($F=O8l(B ($B$"$k$$$O=$>~8l(B) $B$K$9$k$J$i!V!A$NIQH/!W(B
# $B!VIQH/$9$k!A!W!"$"$k$$$O$=$l$K;w$?***@MU$H$J$k$N$G$7$g$&!D!D!#(B
<p>Debian $B%3%_%e%K%F%#$N$?$a$N=54)%K%e!<%9%l%?!<!"(BDebian
$B%&%#!<%/%j!<%K%e!<%9$N:#G/$NBh(B 47 $B9f$X$h$&$3$=!#(BNathanael Nerode $B$5$s$O!"(B
$B0MB8%Q%C%1!<%8$N%"%C%W%m!<%I%i%C%7%e$N$?$a$K?7$7$$(B C++ $B%i%$%V%i%j$,%F%9%HHG(B
(testing) $B$KF~$l$:$K$$$k>u67$r(B<a
href="http://lists.debian.org/debian-devel/2005/10/msg01131.html">$B4Q;!$7(B</a>$B!"(B
$B>c32$K7R$,$k$h$&$J0MB8%Q%C%1!<%8$N%"%C%W%m!<%I$r%a%s%F%J$OHr$1$k$h$&!"(B
$***@A$7$^$7$?!#(BGuillem Jover $B$5$s$O!"%=!<%9%Q%C%1!<%8$N(B control
$B%U%!%$%k$N2DFI@-$r>e$2$k$?$a!"0MB84X78$r5-$7$?9T$r(B<a
href="http://bugs.debian.org/90989">$BJ,3d$9$k(B</a>$B$h$&(B<a
href="http://lists.debian.org/debian-devel/2005/10/msg01195.html">\
$BDs0F$7$^$7$?(B</a>$B!#(BAndreas Tille $B$5$s$O!";R6!8~$1$N%U%j!<$N(B<a
href="http://www.klixxa.de/">$B%i%$%V(B CD</a>$B$K$D$$$F(B<a
href="http://lists.debian.org/debian-jr/2005/11/msg00003.html">\
$BJs9p$7$^$7$?(B</a>$B!#(B</p>
<p><strong>Standard C++ Library Modification.</strong> Matthias Klose <a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00010.html">\
announced</a> that the memory allocator in the standard C++
library will be changed which requires several packages to be rebuilt for
which he has appended a list. The library will be updated by new versions
of the <a href="http://packages.debian.org/gcc-3.4">gcc-3.4</a> and <a
href="http://packages.debian.org/gcc-4.0">gcc-4.0</a> packages. Maintainers
may have to <a
href="http://lists.debian.org/debian-devel-announce/2005/07/msg00001.html">\
rename</a> the binary packages to reflect the new dependency.</p>
# * 'memory allocator' $B$O$=$N$^$^%+%?%+%J$K$7$^$7$?!#(B
<p><strong>$BI8=`(B C++ $B%i%$%V%i%j$NJQ99!#(B</strong>
Matthias Klose $B$5$s$O!"I8=`(B C++ $B%i%$%V%i%jFb$N%a%b%j%"%m%1!<%?$,JQ99$5$l$k$N$G!"(B
$BE:IU$7$?0lMwI=$K:\$C$F$$$k$$$/$D$+$N%Q%C%1!<%8$O:F%S%k%I$,I,MW$H$J$k!"$H(B<a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00010.html">\
$BH/I=$7$^$7$?(B</a>$B!#%i%$%V%i%j$O!"(B<a href="http://packages.debian.org/gcc-3.4">\
gcc-3.4</a> $B$*$h$S(B <a href="http://packages.debian.org/gcc-4.0">gcc-4.0</a>
$B%Q%C%1!<%8$N?7%P!<%8%g%s$NF3F~$K$h$j99?7$5$l$^$9!#%a%s%F%J$O!"(B
$B?7$7$$0MB84X78$rH?1G$5$;$k$?$a$K%P%$%J%j%Q%C%1!<%8$N(B<a
href="http://lists.debian.org/debian-devel-announce/2005/07/msg00001.html">\
$BL>A0$rJQ99(B</a>$B$7$J$1$l$P$J$i$J$$$+$b$7$l$^$;$s!#(B</p>
<p><strong>Declassification of private Mails.</strong> Anthony Towns <a
href="http://lists.debian.org/debian-vote/2005/11/msg00001.html">proposed</a>
a general resolution to open the archives of the debian-private list to the
public after three years. A declassification team should be delegated to
extract financial information about individuals and mails of no historical
relevance. Authors and recipients should be given a period to comment on the
publication.</p>
# * $B%?%$%H%k$N(B 'private' $B$OF,$,(B capital $B$G$J$$$3$H$+$i(B debian-private $B$r(B
# $B;X$9$b$N$@$H9M$($i$l$k$N$G$=$N$^$^$K$7$^$7$?$,!"F|K\8l$N!V%W%i%$%Y!<%H!W(B
# $B$H$O<c430UL#$,0[$J$k$N$G0l1~!V(B($BHs8x3+(B)$B!W$H2C$($F$_$^$7$?!#(B
# * 'after three years' $B$O!":#$+$i(B 3 $BG/8e$G$O$J$/%a!<%k$,Ej9F$5$l$F$+$i(B 3 $BG/8e(B
# $B$N$h$&$J$N$G$=$&Lu$7$^$7$?!#(B
# * 'historical relevance' $B$O!"!V(BDebian $B$NNr;K$H$N4XO"!W!V(BDebian $B$NNr;K$N>e(B
# $B$G$N=EMW@-!W$H$$$C$?$b$N$@$H2r<a$5$l$k$N$G!"$=$&Lu$7$^$7$?!#(B
<p><strong>private ($BHs8x3+(B) $B%a!<%j%s%0%j%9%H$N5!L)2r=|!#(B</strong>
Anthony Towns $B$5$s$O!"Ej9F8e(B 3 $BG/$,7P2a$7$?$i(B debian-private
$B%a!<%j%s%0%j%9%H$N%"!<%+%$%V$r0lHL$N?M!9$K3+<($9$k!"$H$$$&0lHL7h5D0F$r(B<a
href="http://lists.debian.org/debian-vote/2005/11/msg00001.html">\
$BDs5D$7$^$7$?(B</a>$B!#8D?M$N:bL3>pJs$d!"(BDebian
$B$NNr;K$H$N4XO"@-$N$J$$%a!<%k$rCj=P$7$F<h$j=|$/$?$a$K!"(B
$B5!L)2r=|%A!<%`$,0QG$$5$l$k$G$7$g$&!#Cx<T$d<u<h?M$K$O!"(B
$B8x3+$K4X$7$F%3%a%s%H$9$k4|4V$,M?$($i$l$k$G$7$g$&!#(B</p>
<p><strong>Project Leader Delegations.</strong> Branden Robinson released a <a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00009.html">\
document</a> explaining how project leader delegations work. The <a
href="$(HOME)/devel/constitution">constitution</a> suggests that there may be
other powers which the project leader may not directly wield, and which they
must delegate instead. If a particular decision is delegated, the project
leader cannot take back responsibility for the decision personally, but can
re-delegate it to someone else.</p>
# * $B%?!<%2%C%H$,J8=q$J$N$G!"(B'release' $B$O!V8x3+!W$H$7$^$7$?!#(B
# * 'other powers' $B$,2?$KBP$7$F(B other $B$J$N$+$OFC$***@5-$5$l$F$$$^$;$s$,!"(B
# $B%j!<%@$H$$$&N)>l$,EvA3$J$,$i$b$D8"NO$NB>$K!"$H$$$&0UL#$@$H;W$o$l$k$N$G!"(B
# $BLu$G$b!V!A$b!W$H$7$F>/$7$@$1<gD%$5$;$^$7$?!#(B
<p><strong>$B%W%m%8%'%/%H%j!<%@$N0QG$!#(B</strong>
Branden Robinson $B$5$s$O!"(B
$B%W%m%8%'%/%H%j!<%@$N0QG$$,$I$N$h$&$K5!G=$9$k$+$***@bL@$7$?(B<a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00009.html">\
$BJ8=q(B</a>$B$r8x3+$7$^$7$?!#(B<a href="$(HOME)/devel/constitution">$B7{>O(B</a>$B$G$O!"(B
$B%W%m%8%'%/%H%j!<%@!<$,D>@\9T;H$7$F$O$$$1$J$/!"(B
$BBe$o$j$K0QG$$7$J$1$l$P$J$i$J$$8"NO$b$"$k$H$5$l$F$$$^$9!#(B
$B2?$i$+$N7hDj8"$r0QG$$9$k>l9g%W%m%8%'%/%H%j!<%@$O!"(B
$B$J$5$l$k7hDj$***@UG$$r8D?ME*$KE12s$9$k$3$H$O$G$-$^$;$s$,!"(B
$BJL$N?M$K$=$l$r:F0QG$$9$k$3$H$O2DG=$G$9!#(B</p>
<p><strong>Security Updates.</strong> You know the drill. Please make sure
that you update your systems if you have any of these packages installed.</p>
<p><strong>$B%;%-%e%j%F%#>e$N99?7!#(B</strong>
$B$$$D$b$N<j=g$O$4B8CN$G$7$g$&!#(B
$B$b$7$3$l$i$N%Q%C%1!<%8$,$R$H$D$G$b%$%s%9%H!<%k$5$l$F$$$?$i!"(B
$B%7%9%F%`$r99?7$7$F$/$@$5$$!#(B</p>
<ul>
<li>DSA 898: <a href="$(HOME)/security/2005/dsa-898">phpgroupware</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 899: <a href="$(HOME)/security/2005/dsa-899">egroupware</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 900: <a href="$(HOME)/security/2005/dsa-900">fetchmail</a> --
Potential information leak.
# $B!V(Bpotential ...$B!W$O!***@x:_E*$J!D!D!W$H!V!D!D$N2DG=@-!W$N$I$A$i$,$h$$$+(B?
$B>pJsO31L$N2DG=@-!#(B
<li>DSA 901: <a href="$(HOME)/security/2005/dsa-901">gnump3d</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 902: <a href="$(HOME)/security/2005/dsa-902">xmail</a> --
Arbitrary code execution.
$BG$0U$N%3!<%I$N<B9T!#(B
<li>DSA 903: <a href="$(HOME)/security/2005/dsa-903">unzip</a> --
Unauthorised permissions modification.
# $B!V(Bpermission$B!W$O!V%Q!<%_%C%7%g%s!W$H!V5v2DB0@-!W$H!V8"8B!W$N$I$l$,$h$$$+(B?
$BG'>Z$5$l$F$$$J$$%Q!<%_%C%7%g%sJQ99!#(B
<li>DSA 904: <a href="$(HOME)/security/2005/dsa-904">netpbm-free</a> --
Arbitrary code execution.
$BG$0U$N%3!<%I$N<B9T!#(B
<li>DSA 905: <a href="$(HOME)/security/2005/dsa-905">mantis</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 906: <a href="$(HOME)/security/2005/dsa-906">sylpheed</a> --
Arbitrary code execution.
$BG$0U$N%3!<%I$N<B9T!#(B
</ul>
$B$^$?:#=5$bCY$/$J$C$F$7$^$$$^$7$?$,!"(B
DWN 2005-47 $B$N=xHW5-;v(B 4 $BK\$H(B Security Updates $B>pJs$rLu$7$^$7$?!#(B
$B::FI$r$*4j$$$$$?$7$^$9!#(B
$B:#=59f$O!"C18l$,$d$?$i$HFq$7$a$G(B ($B$=$l$OFbMF$N$;$$$+$b$7$l$^$;$s$,(B)$B!"(B
$BFq;:$G$7$?!D!D!#(B
$B3F=j$G0U?^$J$I$r<($9$?$a$K%3%a%s%H$r$+$J$jBgNL$KF~$l$F$"$j$^$9!#(B
$B%X%C%@(B ($B%5%^%j$J$I(B) $B$NItJ,$K$b86J8!&%3%a%s%H$rF~$l$F$"$j$^$9!#(B
$BKhEYKhEY$N$3$H$G$9$,!"$h$m$7$/$*4j$$$$$?$7$^$9!#(B
--
|: Noritada KOBAYASHI
|: Dept. of General Systems Studies,
|: Graduate School of Arts and Sciences, Univ. of Tokyo
|: E-mail: ***@dolphin.c.u-tokyo.ac.jp (preferable)
|: ***@esa.c.u-tokyo.ac.jp
|: Key fingerprint = AB26 9533 81DA 997B 3C06 4380 19BB ADA0 695C 9F53
#use wml::debian::weeklynews::header PUBDATE="2005-11-22" SUMMARY="Packaging, Disclosing, Delegations, Debtags, Events, Testing, Archive, Alioth, License"
# * 'Disclosing' $B$O!V3+<(!W$H$7$^$7$?!#(B
# 'Declassification of private Mails.' $B$N$3$H$r;X$7$F$$$k$N$@$H;W$$$^$9!#(B
# $B$3$NC18l$NB>$K$b!":#9f$K$OFq$7$a$NC18l$,$d$?$i$HB?$$$G$9!D!D!#(B
# * 'Testing' $B$O(B 'Automated Testing for Packages.' $B$r;X$7$F$$$k$N$G!"(B
# $B!V%F%9%H!W$H$7$^$7$?!#(B
#use wml::debian::weeklynews::header PUBDATE="2005-11-22" SUMMARY="$B%Q%C%1!<%82=(B, $B3+<((B, $B0QG$(B, Debtags, $B%$%Y%s%H(B, $B%F%9%H(B, $B%"!<%+%$%V(B, Alioth, $B%i%$%;%s%9(B"
#use wml::debian::translation-check translation="1.7"
<p>Welcome to this year's 47th issue of DWN, the weekly newsletter for the
Debian community. Nathanael Nerode <a
href="http://lists.debian.org/debian-devel/2005/10/msg01131.html">observed</a>
that the new C++ libraries are not transitioning to testing due to a rash of
dependent uploads and has requested that maintainers hold off from uploading
dependent packages that will contribute to the clog. Guillem Jover <a
href="http://lists.debian.org/debian-devel/2005/10/msg01195.html">proposed</a>
to <a href="http://bugs.debian.org/90989">split</a> dependency lines in the
source control files for improved readability. Andreas Tille <a
href="http://lists.debian.org/debian-jr/2005/11/msg00003.html">reported</a>
about a free <a href="http://www.klixxa.de/">Live CD</a> aiming at
children.</p>
# * 'rash' $B$OF|K\8l$G$b!V!A%i%C%7%e!W$H%+%?%+%J$G;H$o$l$k$3$H$,B?$$5$$,$9$k$N$G(B
# $B$=$N$^$^$K$7$^$7$?!#$"$($F=O8l(B ($B$"$k$$$O=$>~8l(B) $B$K$9$k$J$i!V!A$NIQH/!W(B
# $B!VIQH/$9$k!A!W!"$"$k$$$O$=$l$K;w$?***@MU$H$J$k$N$G$7$g$&!D!D!#(B
<p>Debian $B%3%_%e%K%F%#$N$?$a$N=54)%K%e!<%9%l%?!<!"(BDebian
$B%&%#!<%/%j!<%K%e!<%9$N:#G/$NBh(B 47 $B9f$X$h$&$3$=!#(BNathanael Nerode $B$5$s$O!"(B
$B0MB8%Q%C%1!<%8$N%"%C%W%m!<%I%i%C%7%e$N$?$a$K?7$7$$(B C++ $B%i%$%V%i%j$,%F%9%HHG(B
(testing) $B$KF~$l$:$K$$$k>u67$r(B<a
href="http://lists.debian.org/debian-devel/2005/10/msg01131.html">$B4Q;!$7(B</a>$B!"(B
$B>c32$K7R$,$k$h$&$J0MB8%Q%C%1!<%8$N%"%C%W%m!<%I$r%a%s%F%J$OHr$1$k$h$&!"(B
$***@A$7$^$7$?!#(BGuillem Jover $B$5$s$O!"%=!<%9%Q%C%1!<%8$N(B control
$B%U%!%$%k$N2DFI@-$r>e$2$k$?$a!"0MB84X78$r5-$7$?9T$r(B<a
href="http://bugs.debian.org/90989">$BJ,3d$9$k(B</a>$B$h$&(B<a
href="http://lists.debian.org/debian-devel/2005/10/msg01195.html">\
$BDs0F$7$^$7$?(B</a>$B!#(BAndreas Tille $B$5$s$O!";R6!8~$1$N%U%j!<$N(B<a
href="http://www.klixxa.de/">$B%i%$%V(B CD</a>$B$K$D$$$F(B<a
href="http://lists.debian.org/debian-jr/2005/11/msg00003.html">\
$BJs9p$7$^$7$?(B</a>$B!#(B</p>
<p><strong>Standard C++ Library Modification.</strong> Matthias Klose <a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00010.html">\
announced</a> that the memory allocator in the standard C++
library will be changed which requires several packages to be rebuilt for
which he has appended a list. The library will be updated by new versions
of the <a href="http://packages.debian.org/gcc-3.4">gcc-3.4</a> and <a
href="http://packages.debian.org/gcc-4.0">gcc-4.0</a> packages. Maintainers
may have to <a
href="http://lists.debian.org/debian-devel-announce/2005/07/msg00001.html">\
rename</a> the binary packages to reflect the new dependency.</p>
# * 'memory allocator' $B$O$=$N$^$^%+%?%+%J$K$7$^$7$?!#(B
<p><strong>$BI8=`(B C++ $B%i%$%V%i%j$NJQ99!#(B</strong>
Matthias Klose $B$5$s$O!"I8=`(B C++ $B%i%$%V%i%jFb$N%a%b%j%"%m%1!<%?$,JQ99$5$l$k$N$G!"(B
$BE:IU$7$?0lMwI=$K:\$C$F$$$k$$$/$D$+$N%Q%C%1!<%8$O:F%S%k%I$,I,MW$H$J$k!"$H(B<a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00010.html">\
$BH/I=$7$^$7$?(B</a>$B!#%i%$%V%i%j$O!"(B<a href="http://packages.debian.org/gcc-3.4">\
gcc-3.4</a> $B$*$h$S(B <a href="http://packages.debian.org/gcc-4.0">gcc-4.0</a>
$B%Q%C%1!<%8$N?7%P!<%8%g%s$NF3F~$K$h$j99?7$5$l$^$9!#%a%s%F%J$O!"(B
$B?7$7$$0MB84X78$rH?1G$5$;$k$?$a$K%P%$%J%j%Q%C%1!<%8$N(B<a
href="http://lists.debian.org/debian-devel-announce/2005/07/msg00001.html">\
$BL>A0$rJQ99(B</a>$B$7$J$1$l$P$J$i$J$$$+$b$7$l$^$;$s!#(B</p>
<p><strong>Declassification of private Mails.</strong> Anthony Towns <a
href="http://lists.debian.org/debian-vote/2005/11/msg00001.html">proposed</a>
a general resolution to open the archives of the debian-private list to the
public after three years. A declassification team should be delegated to
extract financial information about individuals and mails of no historical
relevance. Authors and recipients should be given a period to comment on the
publication.</p>
# * $B%?%$%H%k$N(B 'private' $B$OF,$,(B capital $B$G$J$$$3$H$+$i(B debian-private $B$r(B
# $B;X$9$b$N$@$H9M$($i$l$k$N$G$=$N$^$^$K$7$^$7$?$,!"F|K\8l$N!V%W%i%$%Y!<%H!W(B
# $B$H$O<c430UL#$,0[$J$k$N$G0l1~!V(B($BHs8x3+(B)$B!W$H2C$($F$_$^$7$?!#(B
# * 'after three years' $B$O!":#$+$i(B 3 $BG/8e$G$O$J$/%a!<%k$,Ej9F$5$l$F$+$i(B 3 $BG/8e(B
# $B$N$h$&$J$N$G$=$&Lu$7$^$7$?!#(B
# * 'historical relevance' $B$O!"!V(BDebian $B$NNr;K$H$N4XO"!W!V(BDebian $B$NNr;K$N>e(B
# $B$G$N=EMW@-!W$H$$$C$?$b$N$@$H2r<a$5$l$k$N$G!"$=$&Lu$7$^$7$?!#(B
<p><strong>private ($BHs8x3+(B) $B%a!<%j%s%0%j%9%H$N5!L)2r=|!#(B</strong>
Anthony Towns $B$5$s$O!"Ej9F8e(B 3 $BG/$,7P2a$7$?$i(B debian-private
$B%a!<%j%s%0%j%9%H$N%"!<%+%$%V$r0lHL$N?M!9$K3+<($9$k!"$H$$$&0lHL7h5D0F$r(B<a
href="http://lists.debian.org/debian-vote/2005/11/msg00001.html">\
$BDs5D$7$^$7$?(B</a>$B!#8D?M$N:bL3>pJs$d!"(BDebian
$B$NNr;K$H$N4XO"@-$N$J$$%a!<%k$rCj=P$7$F<h$j=|$/$?$a$K!"(B
$B5!L)2r=|%A!<%`$,0QG$$5$l$k$G$7$g$&!#Cx<T$d<u<h?M$K$O!"(B
$B8x3+$K4X$7$F%3%a%s%H$9$k4|4V$,M?$($i$l$k$G$7$g$&!#(B</p>
<p><strong>Project Leader Delegations.</strong> Branden Robinson released a <a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00009.html">\
document</a> explaining how project leader delegations work. The <a
href="$(HOME)/devel/constitution">constitution</a> suggests that there may be
other powers which the project leader may not directly wield, and which they
must delegate instead. If a particular decision is delegated, the project
leader cannot take back responsibility for the decision personally, but can
re-delegate it to someone else.</p>
# * $B%?!<%2%C%H$,J8=q$J$N$G!"(B'release' $B$O!V8x3+!W$H$7$^$7$?!#(B
# * 'other powers' $B$,2?$KBP$7$F(B other $B$J$N$+$OFC$***@5-$5$l$F$$$^$;$s$,!"(B
# $B%j!<%@$H$$$&N)>l$,EvA3$J$,$i$b$D8"NO$NB>$K!"$H$$$&0UL#$@$H;W$o$l$k$N$G!"(B
# $BLu$G$b!V!A$b!W$H$7$F>/$7$@$1<gD%$5$;$^$7$?!#(B
<p><strong>$B%W%m%8%'%/%H%j!<%@$N0QG$!#(B</strong>
Branden Robinson $B$5$s$O!"(B
$B%W%m%8%'%/%H%j!<%@$N0QG$$,$I$N$h$&$K5!G=$9$k$+$***@bL@$7$?(B<a
href="http://lists.debian.org/debian-devel-announce/2005/11/msg00009.html">\
$BJ8=q(B</a>$B$r8x3+$7$^$7$?!#(B<a href="$(HOME)/devel/constitution">$B7{>O(B</a>$B$G$O!"(B
$B%W%m%8%'%/%H%j!<%@!<$,D>@\9T;H$7$F$O$$$1$J$/!"(B
$BBe$o$j$K0QG$$7$J$1$l$P$J$i$J$$8"NO$b$"$k$H$5$l$F$$$^$9!#(B
$B2?$i$+$N7hDj8"$r0QG$$9$k>l9g%W%m%8%'%/%H%j!<%@$O!"(B
$B$J$5$l$k7hDj$***@UG$$r8D?ME*$KE12s$9$k$3$H$O$G$-$^$;$s$,!"(B
$BJL$N?M$K$=$l$r:F0QG$$9$k$3$H$O2DG=$G$9!#(B</p>
<p><strong>Security Updates.</strong> You know the drill. Please make sure
that you update your systems if you have any of these packages installed.</p>
<p><strong>$B%;%-%e%j%F%#>e$N99?7!#(B</strong>
$B$$$D$b$N<j=g$O$4B8CN$G$7$g$&!#(B
$B$b$7$3$l$i$N%Q%C%1!<%8$,$R$H$D$G$b%$%s%9%H!<%k$5$l$F$$$?$i!"(B
$B%7%9%F%`$r99?7$7$F$/$@$5$$!#(B</p>
<ul>
<li>DSA 898: <a href="$(HOME)/security/2005/dsa-898">phpgroupware</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 899: <a href="$(HOME)/security/2005/dsa-899">egroupware</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 900: <a href="$(HOME)/security/2005/dsa-900">fetchmail</a> --
Potential information leak.
# $B!V(Bpotential ...$B!W$O!***@x:_E*$J!D!D!W$H!V!D!D$N2DG=@-!W$N$I$A$i$,$h$$$+(B?
$B>pJsO31L$N2DG=@-!#(B
<li>DSA 901: <a href="$(HOME)/security/2005/dsa-901">gnump3d</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 902: <a href="$(HOME)/security/2005/dsa-902">xmail</a> --
Arbitrary code execution.
$BG$0U$N%3!<%I$N<B9T!#(B
<li>DSA 903: <a href="$(HOME)/security/2005/dsa-903">unzip</a> --
Unauthorised permissions modification.
# $B!V(Bpermission$B!W$O!V%Q!<%_%C%7%g%s!W$H!V5v2DB0@-!W$H!V8"8B!W$N$I$l$,$h$$$+(B?
$BG'>Z$5$l$F$$$J$$%Q!<%_%C%7%g%sJQ99!#(B
<li>DSA 904: <a href="$(HOME)/security/2005/dsa-904">netpbm-free</a> --
Arbitrary code execution.
$BG$0U$N%3!<%I$N<B9T!#(B
<li>DSA 905: <a href="$(HOME)/security/2005/dsa-905">mantis</a> --
Several vulnerabilities.
$BJ#?t$***@H<e@-!#(B
<li>DSA 906: <a href="$(HOME)/security/2005/dsa-906">sylpheed</a> --
Arbitrary code execution.
$BG$0U$N%3!<%I$N<B9T!#(B
</ul>