Follow Slashdot blog updates by subscribing to our blog RSS feed

 



Forgot your password?
typodupeerror
×
Debian

Debian 3.0r2 Released 285

FrankoBoy writes "As announced on DistroWatch, Debian 3.0r2 has been released this weekend, with some security issues fixed... and Rock 'n Diamonds dropped because of license problems. Here's the official announcement. This release had been slowed by an attack on Debian boxes discussed Friday."
This discussion has been archived. No new comments can be posted.

Debian 3.0r2 Released

Comments Filter:
  • by jms258 ( 569015 ) on Sunday November 23, 2003 @04:44PM (#7543708)
    debian rocks. i can't think of any other linux distro that has been around so long and consistently delivered a great base install and the ability to easily update the entire system. i know a lot of people like to complain about how behind the times debian always is, but this is only done to ensure that each release is as stable and bug-free as possible. the debian developers should be commended for all of their hard work that they've put in over the years, especially in the face of adversity such as the recent security breach.
    • by Joe Tie. ( 567096 ) on Sunday November 23, 2003 @06:29PM (#7544207)
      i know a lot of people like to complain about how behind the times debian always is

      I think a lot of people just don't appreciate how stable Debian Unstable is, and only consider the less up to date stable and testing to be a viable option for every day use. The name scared me off for a long time, but I really havn't found it any more unstable than any other bleeding edge distro. Heck, while this is only my own experience of course, I've actually found it more stable than Mandrake.
      • Unstable is usable, but sometimes dealing with the package system gets to be a problem. I've had several cases when I had to uninstall a package I had installed because an update to a related package, and a file from the first package had migrated to the second, and apt/dpkg couldn't handle it automagically.
    • jms258 wrote:
      >i know a lot of people like to complain about how behind the times debian always is, but
      > this is only done to ensure that each release is as stable and bug-free as possible.

      I don't understand why the software have to be old to be stable. Wine usualy gets better when aging, but I don't understand why this should apply to software, since the bug fixing usually is done by the developers, and they do it in the latest (or development) version.

      Is Win95 stable enough for you, or do you p

      • I don't understand why the software have to be old to be stable. Wine usualy gets better when aging, but I don't understand why this should apply to software, since the bug fixing usually is done by the developers, and they do it in the latest (or development) version.

        It's not the age the matters, it's little things like making sure all the versions of dependencies work with each other - that everything has been compiled with exactly the same version of the compiler (including the compiler itself) and tha
      • Well, part of the reason Debian has so many old packages has to do with the number of architectures it runs on. If the package can't be compiled and run on Alpha, ARM, IA-32, IA-64, HPPA, M68K, big endian MIPS, little endian MIPS, PPC, s390 and SPARC, it doesn't get in. There are exceptions for things that are really arch specific, but for most cases, if you want it in Debian, it needs to run on every platform Debian is available for.

        Another factor is packaging. Debian packages are built in a specific f

  • My first debian (Score:4, Interesting)

    by Space cowboy ( 13680 ) on Sunday November 23, 2003 @04:44PM (#7543712) Journal
    Way to go guys :-)

    This is the first-ever Debian I'm going to download and try out. I figure I ought to be able to get to know it as well as I know RH before the RHN support is switched off next year.

    It's not that I've decided to ditch RH - I may just cough up for the new RH packages, but I'd like to know what my options are :-)

    Simon
    • Re:My first debian (Score:5, Informative)

      by OMG ( 669971 ) on Sunday November 23, 2003 @04:53PM (#7543763)
      Good choice ;-)

      The stable distri of debian has one problem: Many programs made a lot of progress in the last month and the distro doesn't reflect that so far. So you will need to add some more (unoffical) sources to your apt configuration. Check the manual for details.

      One important page for finding the right source for a recent Mozilla, OpenOffice or X11 is:
      http://www.apt-get.org/

      Have fun! *eg*
    • Re:My first debian (Score:5, Informative)

      by Malc ( 1751 ) on Sunday November 23, 2003 @05:08PM (#7543824)
      Use Woody for a server. I haven't used it as a desktop, but it might be bit too old for you. If it isn't, it will be stable. Use the testing/unstable installation CD if you want an easier install, and then upgrade to the latest everything afterwards. If you use KDE, Google as the dependencies for kmultimedia are buggered at the moment. I use unstable on my desktop, and it's pretty good. The only complaints was X took more to setup than Mandrake (it doesn't like the fact that I have two video cards), KDE install took a while to figure out due to the broken deps, and there's a really annoying bug that puts some garbage in the default X window manager file instead of /usr/bin/kdm (or whatever it is). Generally though, it's good and up to date.
    • Be careful. (Score:2, Insightful)

      by Tim ( 686 )
      I thought the same thing that you did -- Redhat terminating support for RHL meant that I should get to know another Linux distribution, and Debian seemed popular, so I tried Debian Woody on my new desktop box...for about two days.

      The problem is, by all objective standards, Woody is significantly behind Redhat, SuSE, Mandrake and Yellow Dog (all distributions that I've used extensively) in terms of usability. As others will attest, it's often a nightmare to get Woody installed and configured on a machine w
      • Re:Be careful. (Score:3, Informative)

        by wfrp01 ( 82831 )
        Debian's release cycle is a little slow, so by the end things seem a little out of date. But when the new stable comes out, upgrading will be a snap (if the past is any indication). Install once, and then easy upgrades from then on.
        • Unless you like to do fresh installs to clear out the clutter you've created from time to time, to try new things and such and need to be able to install an OS on a regular basis. Or you produce pc's and handle support on them and therefore need a system you can setup on a new set of hardware in under an hour pretty much consistantly. In which case debian sucks.

          Debian is ok for people who just need something to install and work through once and then keep updated. For someone working with versitle hardwa
          • Redhat was definately better, 90% of the time it doesn't require anything not on the cd.

            I installed RedHat a few months ago on a new server. I selected standard server or whatever it was and it proceeded to install. It then prompted me for disc 2 (which I hand't downloaded or burnt, assuming I could get a decent install with only one disc like Debian can). Once I'd put that in, it scanned it for a while, then asked for disc 3 (download again...). I stuck disc 3 in and it installed one measly package and t
            • Ok, so you didn't download the complete installation. Something you freely admit was part of your own stupidity. Then you claim that debian, due solely to the fact that you don't have to download as much during the one time process of getting the install is superior despite the fact it is blatantly inferior on and cumbersome on the process which is performed many times (installation).

              Personally I'd take downloading 3 cd's over a bad install when I have to perform the install numerous times during the lif
          • I dunno, I think once you get the hang of it, doing a Debian install is pretty easy. I use two floppies, and do the network install. I can get a basic system up in 10-15 minutes. If you need other drivers, the install allows for that. If you have identical hardware, you can just clone them (boot both systems with Knoppix, and dd over netcat, or sfdisk, mkswap, mke2fs, tar, etc. via ssh to be more efficient) (same for any other distro, of course).
          • Re:Be careful. (Score:5, Informative)

            by swillden ( 191260 ) * <shawn-ds@willden.org> on Sunday November 23, 2003 @08:43PM (#7544884) Journal

            Unless you like to do fresh installs to clear out the clutter you've created from time to time,

            This isn't an issue with Debian. Want to clear out the clutter? Just use your favorite apt-get interface to remove all but a basic set of packages. Use cruft to find and remove anything else, then use apt-get to install the stuff you want again. This way you clear out the clutter, but don't lose your configuration.

            In practice, I don't really even do the above unless my drive is getting full. Unlike other operating systems (cough Windows cough), Linux doesn't really 'degrade' over time. It may get cluttered, but it continues to work just fine.

            to try new things and such

            If you run unstable, you will always be trying new things. Just upgrade frequently (I upgrade daily, in general) and you'll always be running new stuff. Also, every time I update I get a new list of packages in my "New Packages" section, and I find it very interesting to take five minutes and scan through them, looking for anything intruiguing.

            need a system you can setup on a new set of hardware in under an hour pretty much consistantly

            Try Knoppix. It's Instant Debian unstable. Getting it running on a clean box takes nothing more than the time to boot. Getting it installed takes just a few minutes more.

      • Re:Be careful. (Score:5, Informative)

        by deek ( 22697 ) * on Sunday November 23, 2003 @07:54PM (#7544635) Homepage Journal
        • The problem is, by all objective standards, Woody is significantly behind Redhat, SuSE, Mandrake and Yellow Dog (all distributions that I've used extensively) in terms of usability. As others will attest, it's often a nightmare to get Woody installed and configured on a machine where Redhat or Mandrake will Just Work (tm).

        Yes, in a way, Debian really does need to you know what you're doing, how a Linux system works, and what certain packages do. But if you're technically adept, I can tell you that a Debian system is nicer to maintain than Redhat or Mandrake. It's not just apt, it's the way the whole system is designed from a technical perspective. And of course, apt makes installing and maintaining great, and you know that apt is on every Debian system you may encounter. It's not an optional package.

        By the way, if you want to make things easier, you just have to know the right package. discover will automatically probe and insert modules every time you boot up. webmin handles easy configurations for many system programs and settings.

        Really, the main problem with debian is you have to _know_ that these packages exist, and then install them. Debian will not install these packages by default, because its basic install is just that ... basic. Absolutely fantastic for creating a stripped down system, or a custom built system where you know every package that is installed, without the hassle of having to find and download the source code.

        Nothing beats the time I visited a client to fix something that they had wrong with their unix server. I discovered it was a Debian machine, but one that didn't have the telnet command installed. A simple apt-get install telnet, and 20 seconds later (it was a modem internet connection :), I was using telnet to check services running on the machine. Fantastic stuff!
      • Re:Be careful. (Score:2, Informative)

        by kmilani2134 ( 652045 ) *

        For several years I had run SuSE and Red Hat and had wanted to try Debian, but didn't have enough knowledge to get it installed.

        Then, just over a year ago, I learned about Libranet [libranet.com] and ordered a copy. Libranet is a distribution that is true to Debian, while providing a cutting edge desktop, slick install and a great administrative interface.

        I have found Libranet to be exceptionally stable and you just can't beat Debian for its package management.

    • Re:My first debian (Score:2, Informative)

      by Joe Tie. ( 567096 )
      Another option is installing Debian via Knoppix. I found the partitioning a bit annoying as the installer at the time I did it wanted to just throw everything into a single partition, but otherwise it was amazingly easy to install and dist-upgrade to Debian Unstable.
  • by Anonymous Coward
    Hallalujuah!!!!
  • The hack attack from last week (as cited in the write-up) could have grave effects on Linux servers worldwide if you don't check the MD5 sumations against your downloaded packages.
    • I wish Debian would do something like the following:
      • For each new release of a package, the maintainer must submit a PGP-signed checksum of the package to a central Debian authority.
      • The authority creates a MD5 list from all verified packages, and signs it with the authority's PGP key.
      • Upon issuing an 'emerge -u world', Debian grabs the MD5 list, verifies the authority's signature on the list, and then uses the MD5 checksums to verify the integrity of the downloaded packages before installing.

      I thought a

  • Now? (Score:4, Interesting)

    by psifishdot ( 699920 ) on Sunday November 23, 2003 @04:53PM (#7543758) Homepage

    Why are they releasing 3.0r2 now? Aren't they going to release 3.1 on December 1st [debian.org]? Has sarge been set back?

    apt-get update
    apt-get upgrade

    • Re:Now? (Score:5, Informative)

      by qtp ( 461286 ) on Sunday November 23, 2003 @05:33PM (#7543961) Journal
      Not gonna happen.

      Too many of the developers have been failing to address bugs in Sarge (testing) and instead have been waiting for or [packaging new upstream versions. This happens during every release cycle, and many developers just assume that this is common practice.

      Eventually, Sid (unstable) will be frozen as well, so the maintainers are unable to upload new versions until the RC bugs in Sarge are fixed.

      If the release manager would just accept that this is necessary in order to get a release out the door instead of assuming that reason will rule the day, the time between releases would likely be much more reasonable.

      The problem seems to originate in the fact of most maintainers having only one machine at home with Sid installed. It is difficult to replicate (and thus fix) bugs in testing if you are keeping your machine up to date with unstable. Freezing Sid and testing at the same time seems to resolve this problem for most of the maintainers.

      IANADPM, but I have been using Debian for 6+ years and observing this series of events occur semi annually Every year, policy and process changes are adjusted to mitigate the various difficulties involved in preparing for release, but the dist is growing at such a rate (I believe that Sarge will fill 10 CDs with packages) that new complications must be addressed every year.

      I'm just amazed that they are able to achieve what they do, and that the quality of the release is so much higher than that of thier comercial competitors.

  • by Anonymous Coward on Sunday November 23, 2003 @04:54PM (#7543766)
    http://www.wiggy.net/debian/
  • I guess the sereve's slashdotted, so what do they mena by liscense issues? Is it no longer free enough or what? I thought that vrms was supposed to do that for people that want it instead of removing packages entirely. This sort of stuff is my major problem with debian. I don't like being limited by politics.
    • Re:liscense issues (Score:5, Informative)

      by adrianbaugh ( 696007 ) on Sunday November 23, 2003 @05:19PM (#7543870) Homepage Journal
      Debian has never really limited you by its politics, there are plenty of non-free packages available (in the helpfully named "non-free" section).
      If you read the article you would know that this was removed due to containing commercial material for which usage permission had not been granted. Ceasing to distribute the package is completely the right (and legally required) thing for them to do; it doesn't mean you aren't going to be able to use other non-free packages on your machine. In fact, with over 4,000 packages available, Debian is extremely well-supplied with software of all kinds.
  • by t0ny ( 590331 )
    This... This release had been slowed by an attack on Debian boxes discussed Friday.

    was caused by this... This release had been slowed by an attack on Debian boxes discussed Friday.

    just some info for those playing at home.

    • This... with some security issues fixed...

      was caused by this... This release had been slowed by an attack on Debian boxes discussed Friday.

      just some info for those playing at home.

  • mah-jong (Score:4, Funny)

    by Jameth ( 664111 ) on Sunday November 23, 2003 @05:02PM (#7543798)
    There are security vulnerabilities in mah-jong.

    I must say, those folks at Debian really do there jobs. I personally can't stand using Debian, it just doesn't agree with me, but if I ever need a damn stable server, I'm glad there are people out there looking at the security of mah-jong.
  • by Anonymous Coward on Sunday November 23, 2003 @05:03PM (#7543805)
    aspell - license problems
    cyrus-sasl2 - minor security and other problems
    micq - license problems
    rocks-n-diamonds - license problems
    tmda - unusable

    SCO will be furious cause they forgot
    Linux Kernel - license problems
  • by bstadil ( 7110 ) on Sunday November 23, 2003 @05:07PM (#7543816) Homepage
    While we wait for the Debian site to recover from the Slashdot effect, head over to SUSE [suse.com]where the latest 9.0 became available via ftp today.

    We should be able to take that one down as well.

  • by FrankConners ( 639830 ) on Sunday November 23, 2003 @05:09PM (#7543829)
    Forgive my ignorance but I have a curious question about debian.. is there an unstable distro of debian out there (iso) that has all the latest packages like gnome 2.4.1, kde 3.1.x, etc. It would be nice to have a weekly iso with all the up to date packages.
    • by Anonymous Coward on Sunday November 23, 2003 @05:17PM (#7543863)
      there are images of testing/unstable

      http://www.debian.org/CD/http-ftp/

      however you can always install a minimal stable system and immediately change your sources from stable to unstable and `apt-get dist-upgrade` and continue from there
    • Try Knoppix. It's a bootable CD with a full Debian-based desktop environment, with packages mostly from testing (but a few added in from unstable). You can install it to the hard disk in just a few minutes (much easier than the standard Debian installer), and you'll have a full Debian system.

      However, why do you need a new ISO image every week? Just download a standard ISO and tell it to retrieve packages from Debian's servers. You'll automatically get the newest packages whenver you install.

    • No, apart from the new ISO's being built for people to test the new installer.

      The intention with Debian is that you only install once, you get the updates via apt-get.

      I guess this sucks if you've got poor connectivity, but it's possible to download the list of packages needing updates and then fetch those at work - which is what I used to do, carrying my parallel port Zip disk to and from the office to transfer the .debs ...

    • Yes [debian.org]. If you install from the network, there is no need worry about up to date packages. Make sure to tell it you're installing unstable.

      Actually, tell it you're installing 'sid'. Otherwise when sid finally becomes stable and you suddenly start downloading the new 'unstable' packages, things get messy. There's an "apt-get dist-upgrade" command for a reason. Speaking from personal experience here...
      • when sid finally becomes stable

        suddenly start [...] new packages, things get messy

        Neither of these statements are accurate reflections of reality. 'sid' is synonymous with 'unstable', and, even were that not the case, it would just upgrade the packages that there were dependencies for when the dist switched over

      • Yes. If you install from the network, there is no need worry about up to date packages. Make sure to tell it you're installing unstable.
        Actually, tell it you're installing 'sid'. Otherwise...

        Actually, I believe that unsable has always been, and always will be, called Sid [go watch ToyStory again if you can't work out why!] so this won't make any difference.

        When Sarge becomes 'stable', replacing Woody, Sid will not become 'testing' - it will be copied to 'testing' and given a new name.

    • by Looke ( 260398 ) on Sunday November 23, 2003 @06:08PM (#7544108)
      I'd suggest getting KDE 3.1 from ftp.kde.org [kde.org], which provides excellent Debian Woody packages. There are also a lot of packages available at backports.org [backports.org] and apt-get.org [apt-get.org]. (I think there is a pretty good Gnome backport out there as well.)

      I use Sid (unstable) on my laptop, but on my new desktop PC I haven't bothered to upgrade from Woody, other than KDE 3.1, OpenOffice.org, Privoxy, and a few home-compiled apps. Actually, I find it refreshing to have a rock-solid and stable system. On my Sid laptop, I get all kinds of weird problems. Not often, but occasionally... Like when the printer stops working, or the USB mouse doesn't work anymore, or when X is no longer 3D accelerated. These are the kinds of issues you have to deal with once in a while when running Debian unstable. Not a big deal, but if I could choose again, I would have chosen Woody (with a few selected upgrades) on the laptop as well.

    • the new debian installer is able to download Sid (unstable) packages if you so tell it to.

      there wsa an earlier slashdot article on it; you should be able to find the url.

      granted, this is a netinst disk, I believe: you'd need to install the packages while online. doesn't help you if you're on dialup, but you could also wget a sid package directory from a server and burn that for updates.
  • by An Anonymous Hero ( 443895 ) on Sunday November 23, 2003 @05:20PM (#7543875)
    to wait until the servers are up?

    $ curl -v http://lists.debian.org
    * About to connect() to lists.debian.org:80
    ^C
    $ ping lists.debian.org
    PING lists.debian.org (146.82.138.7): 56 data bytes
    ^C
    --- lists.debian.org ping statistics ---
    6 packets transmitted, 0 packets received, 100% packet loss
    Is there a page somewhere that at least says what servers are supposed to be working at the moment?
  • by jab ( 9153 ) on Sunday November 23, 2003 @05:30PM (#7543941) Homepage
    If you are a desktop user and want to see a different perspective of Debian, Knoppix may be a better starting point. Debian 3.0r2 is Debian Stable, which is very good if you prize stability and don't really want your OS to change out from under you. Knoppix is basically a closely tracked derivative of Debian Unstable, and therefore has more recent software which is often desirable for desktop users. For example, the most recent Knoppix ISO was cut on November 19th of this year, so it is REALLY current.

    The other nice thing about Knoppix is that it is very easy to try out, and it also makes for a very painless Debian installer. I use it all the time to install Debian Unstable onto x86 desktop machines (see knoppix-installer in /usr/local/bin). I've been a Debian Developer for several years now, and I've pretty much switched over to using Knoppix for all my installation needs.

  • by trans_err ( 606306 ) <.ebenoist. .at. .gmail.com.> on Sunday November 23, 2003 @05:36PM (#7543971) Homepage
    I hadn't realized how incredibly limiting some distros were until I decided to install Fedora on a friend's box. Comfortable with Debian, and knowing about Fedora's apt wannabe yum, I figured installing packages would be sinch. wrong.

    Let me clearify installing a package in Fedora via yum is identical to apt-get, but the range of packages is very different. Quickly I realized everyone using the large commercial Linux's are stuck with a very small repository of software.

    I really took for granted how great apt-get(ing) all my software really is. Before a few days ago I never would have imagined that to install something has common as Mozilla-Firebird I'd have to go and find some website that offered an rpm, which made me incredibly nervous (one thing about rpm's I did remember was mixing them can cause a lot of dependency issues).

    Say what you must about Debian, but you can't ignore that it has one of the slickist methods of installing software and updating the system, furthermore, as all the software comes from a trusted repository I know it's most likely going to work perfectly with all my other packages.
  • Aspell is GNU software, available from ftp.gnu.org, and licensed under the LGPL. Is LGPL no longer free enough? Or is this about the use of the GFDL for some of the documentation?

    In any case, removing important GNU software seems a bit over the top.
    • "The license incorrectly says that it's LGPL but it is in fact a unique license which is non-DFSG-free."

      That's what the Bug-Report resulting in this removal said (according to the Woody ChangeLog). I don't have any other information about this, sorry. Note that GNU aspell is still in unstable, so perhaps it was about a specific version being non-free in the past, which happened to be included in woody.

      Michael

  • apt-get is telling me to update about a dozen packages, most of which are listed on the update page. Two of the packages apt-get wants me to upgrade---bsdutils and mount---aren't in the list. Anybody know what the deal is?

    I guest I'm just a little skittish because of the whole compromise thing.
  • Is it possible to run a desktop Debian system using Gnome 2.4 and other more recent packages(openoffice 1.1, mozilla 1.4, samba 3) without having to track unstable?

  • The Switch (Score:5, Interesting)

    by chickenwing ( 28429 ) on Sunday November 23, 2003 @07:03PM (#7544387) Homepage
    I switched to Debian several years ago after reading a Slashdot article announcing a new Debian release. I had already moved from Slackware to RedHat before that, and was never really impressed with the latter. I fell in love with Debian right away, and was always impressed with the project's desire to do things right.

    Debian has its own ways of doing things, and as with any other distribution, you will be more productive if you learn and conform to these conventions rather than fighting them.

    I wonder how many people will give Debian a try after reading this article. Hopefully those who do will find the experience as rewarding as I have ;-)
  • by POds ( 241854 )
    ARgghhh they removed... oohhh hold on... *snigger* i dont use the debian sources for this :)

    deb http://www.micq.org/deb/ stable main

    Also i do update my install every now and then. But, whats the point of calling it "r2" if most of the stuff or a lot of it has already been released?

    Just a chance for a cool release? Sweet :)
  • You delayed r2 because of the compromise, release it delayed anyway and _STILL_ haven't bring up packages.debian.org, people.debian.org, etc

    Nice of Slashdot to put the rocks and diamonds unreachable link too!

My sister opened a computer store in Hawaii. She sells C shells down by the seashore.

Working...