I created a new blog for technical/geeky/Debian stuff. I'm keeping my LiveJournal for social and private matters and syndicating this one to Planet Debian.
I hope this separation will make me less afraid of boring LiveJournal readers with technical minutiae and Debian politics or boring Planet Debian readers with local social stuff, so I actually write more. Don't get too hopeful though.
There is a potential buffer overflow in logging of CAPI messages in libcapi20 (part of isdnutils; bug 408530). The same broken code from libcapi20 is present in the Linux kernel (bug 411294). Also, the affected functions are not thread-safe and are unlikely to be made so without API changes; multithreaded programs calling them must use a mutex to avoid another security flaw; (such as asterisk-chan-capi; bug 411293).
I have prepared updates of asterisk-chan-capi and isdnutils for sarge and sid but I have no ISDN hardware to test them with. I would appreciate it if users of these packages would test the updates and report their results to the associated bugs.
The patches can be found attached to the bug reports. Updated packages are at:
deb http://womble.decadent.org.uk/debian/ distribution/ deb-src http://womble.decadent.org.uk/debian/ distribution/
(the repository is signed with my personal GPG key).
BoingBoing linked to a previous story about Quorn being allergenic, which I've not heard claimed before. Supposedly about 5% of people have unpleasant reactions to it, which I find a bit hard to believe. I'm curious, though, so I shall make the most of my remaining days of paid account with a not particularly scientific poll:
[Poll #906821]Robert Collins writes: "Added to my list of 'things we need'... a version of icheck that requires less configuration to hook into package builds. Ideally one that we can get running automatically on any package build."
There's only so much you can do without having debug information from both versions, which of course we don't keep at present. However, Steve Langasek implemented some basic checks on exported symbols in the unixodbc package which you can find in its debian directory.
I'm slowly starting to work on a more comprehensive ABI checker that would use debug information. This would require someone to keep or rebuild debug information from the previous version (and to delay stripping it from the new version) so I don't think it could be automatic.
Actually, I knew I had a backlog of photos that should go in albums, but could not resist the line. Actual printed photographs, from photograph film - so very last century. Actually I've covered my own photos from August 1999 up to the end of 2001, which still leaves nearly 5 years, but considering the time I think I should stop.
Most of the good ones are already on the web and have been for years, but there are notable omissions (some noted with a claim that I would scan them "soon"). I'm afraid the new ones won't be going online quite yet, as there are a lot to scan. Which brings me to a request:
Dear lazyweb, please give me software to scan then and automatically rotate and crop paper photos. (No, my scanner isn't sufficiently high-res to scan film, and I don't have the necessary adapter.)
Bruce Perens pointed out some implications of the deal. This is like the Microsoft-SCO dealings in reverse: Microsoft threatens Linux vendors with patent lawsuits and Novell is the first to buy protection. If you think this sounds like conspiracy theory, see what Ballmer has to say. Microsoft presumably hopes to force Linux into a conventional pay-per-seat business model, because it's a master of that game.
Look at who the press release quotes as acclaiming the deal and remember that these sponsors of Linux and free software are not our friends. They sponsor free software so long as they think it's good for business. We shouldn't expect loyalty from public corporations, nor give it to them.
From the same press release, I quote:
Novell will also make running royalty payments based on a percentage of its revenues from open source products.
If you are a copyright holder of software that Novell receives and distributes under GPLv2, please ask them whether they have obtained a patent license covering your work, and if so, how they intend to comply with section 7.
The front page of www.royalmail.com displays wrongly in Firefox on Linux (though apparently not Windows). Worst of all, it is impossible to focus the input fields near the top of the page by clicking on them. However, I worked out some style rules that will fix it. These have been tested in Firefox 1.5 on Debian etch and Fedora Core 5.
To apply these, you need to copy/add the following text to ~/.mozilla/firefox/profile/chrome/userContent.css and then restart the browser. Perhaps someone who knows about GreaseMonkey can work out a rule for that, which would make it easier to install them.
@-moz-document url-prefix(http://www.royalmail.com) {
div.Content-Region { position: static !important; }
div.Content-Region div { position: static !important; }
div.List-Container { height: auto !important; }
div.hpBottomWide { clear: left; }
}Julien Blache: "You’ll be pleased to learn that a release manager needs $6000 USD to cover for living expenses for a month."
Sounds high, right? But we're talking about contractors, not employees. Contractors have to cover certain expenses that are generally paid for by employers, such as (depending on jurisdiction):
and in this case, their own equipment. (But they save on transport!)
Besides which, you have little idea how much Steve or Andi might need to pay in mortgage repayments or rent, or how many dependents they have. Nor should we pry into these personal circumstances.
As posted to debian-devel-announce and debconf-announce (and partially written by Holger):
On behalf of the DebConf6 video team I'm proud to announce the DebConf6 DVDs!
They include all formal sessions from Debian Day and DebConf, plus the group photos, the video team BoF, and some documentary videos made by Gabriella Coleman. They are divided into
(there is a small overlap between these).
The DVD images are now available for download along with the source videos, as are the software and menu design used for them. You can also order DVDs to be shipped to you in a nice box.
Many thanks to the sponsors, organisers and other people who made DebConf6 a fun and productive event to be remembered.
See you at DebConf7 in Edinbourgh - or maybe DebConf8 in your town!
Finally, I apologise for the delay in producing these discs. We ran into a number of technical problems along the way but it's primarily a result of discouragement and procrastination on my part. However I believe that the VideoLink software is now sufficiently reliable and that next year's DVDs need not be so dependent on me.
For some years I've been meaning to learn more German than I remember from my GCSE and the little I've managed to absorb from ![[livejournal.com profile]](https://www.dreamwidth.org/img/external/lj-userinfo.gif){kind=small}
tea_cantata and others speaking it around me. I am repeatedly embarrassed by my inability to join in conversation when we visit Nattie's relatives in Germany. In fact I've made some attempts to learn from books and tapes, but with little effect. Nattie finally persuaded me to sign up for an evening AS (half an A-Level) German course starting this term. It's tough going with only one lesson (2.5 hours) per week though I believe I'm making some progress.
I don't have much of a problem with grammar, and my pronunciation seems to be as good as anyone in the class, but I continue to find myself frustrated in being unable to think of the words to express what I mean to say. I think my vocabulary may be relatively poor, but this is compounded by my difficulty in working around the lack of a word for the concept I mean to express. This also applies to English, but I have a large enough vocabulary that this is much more rarely a problem. In addition, some of the topics of conversation or question are so broad that I would have trouble formulating an intelligent comment in English, let alone one in German. Maybe I should just say something dumb that I don't really believe purely as linguistic practice, but I don't feel comfortable doing that.
![[personal profile]](https://www.dreamwidth.org/img/silk/identity/user.png){kind=small}
timeasmymeasure