Showing all newswire headlines

The Web site debuted quietly last week. It enables companies that use Linux to purchase a license that covers SCO's Unix System V, portions of which SCO claims were illegally incorporated into the source code of Linux.

Embedded Linux author and trainer Karim Yaghmour, and his company Opersys, have released an embedded Linux "Quick Reference Guide" (QRG) designed to help designers build embedded systems from open source GNU/Linux sources. The QRG is distributed as a two-page PDF file intended for printing on both sides of a standard-sized sheet of paper, and is meant to remind embedded developers of the syntax for frequently used commands.

LinuxQuestions.org has added a new site to its network. The LQ Wiki is a WikiWiki that allows users to collaboratively build a free, complete and up-to-date Linux knowledgebase. The LQ Wiki aims to become the largest general Linux Wiki on the web. It's free to join and use the LQ Wiki and any user can add or edit content. All content is licensed under a Creative Commons license, ensuring that it will remain freely redistributable.

Read more at LinuxQuestions.org

These are just the latest in a series of serious or critical security vulnerabilities discovered in Linux over the past few months. The board room at Microsoft is probably getting some amusement, or at least feeling some relief, from the irony that open source is supposed to be more secure and yet these critical flaws continue to be found.

Wind River Systems Inc., once a staunch opponent of open-source software, is expected today to detail plans for weaving Linux into its product lineup. During an earnings call for the last fiscal year, scheduled for Monday, the struggling embedded giant is also expected to unveil a new business model that gives customers the option of eliminating royalties.

Several buffer overflows were found in the fontfile code that handles a user-supplied "fonts.alias" file. The file is processed with root privileges and therefore a successful exploitation of these bugs leads to local root access. There is no known workaround.

During the next two to three years, I quite like the prospects for appreciation in NOVL’s stock price, but I'd be inclined to stay on the sidelines for the next few months before thinking about starting a position. While I expect Red Hat to remain the sector leader, its dominant position will be eroded as strong competitors such as Novell/SuSE enter and consolidate in the space. It's still early days, and Novell’s transition will take time as management reconciles its various challenges and opportunities.

Email technology provider Sendmail has worked with Microsoft to launch a sender authentication plug-in which is hoped will combat email fraud and spam.

Dominant Email Technology Provider Accelerates Deployment of New Anti-Fraud and Anti-Spam Technologies Through Its Open Source and Commercial Products

CEE 3.1 Boasts New Comprehensive DevRocket Development Environment and Several Advanced Technical Features

Wichita Area Technical College will soon begin classes for Red Hat Academy, a hands-on course for teaching Linux skills.

Fry ... plans to launch a Java-based offering tomorrow called Open Commerce Platform that carries no licensing fee for the customer. And Fry is happy to run it on freely available open-source technologies such as the Linux operating system, Tomcat application server and Apache Web server.

There are frequently debates in open source circles about the impact of layering graphical user interfaces across Linux and Open Source applications.

The Democrats, Greens, and increasingly Labor, have had a deepening love affair with Linux and the open source software movement over the past 12 months.

A hole was discovered in the mremap. Through this hole, it is possible for anyone with a local account on the system to gain root privileges. See CAN-2004-0077 for additional details. This is the kernel 2.2.25 counterpart to the security hole fixed in TSLSA-2004-0007.

"The alliance focuses on providing Mardon clients' a complete selection of options and enhanced world-class solutions; such as nationwide placement of medical staff, medical forms acquisition, document imaging, financial management and leasing, targeted marketing and e-communications, and total system engineering and integration."

Beginning this year, city and provincial governments nationwide will adopt Linux operating system for digitalization projects, accelerating adoption of the government open-source software policy, while boosting demand for Linux programs.

There were 25 security alerts issued last week:

• 4 from Conectiva
• 10 from Debian
• 2 from Fedora
• 3 from Gentoo
• 1 from Mandrake
• 1 from Red Hat
• 2 from Slackware
• 1 from SUSE
• 1 from Trustix

Multiple vulnerabilities were discovered in pwlib, a library used to aid in writing portable applications, whereby a remote attacker could cause a denial of service or potentially execute arbitrary code. This library is most notably used in several applications implementing the H.323 teleconferencing protocol, including the OpenH323 suite, gnomemeeting and asterisk.

During an audit, Ulf Harnhammar discovered a format string vulnerability in hsftp. This vulnerability could be exploited by an attacker able to create files on a remote server with carefully crafted names, to which a user would connect using hsftp. When the user requests a directory listing, particular bytes in memory could be overwritten, potentially allowing arbitrary code to be executed with the privileges of the user invoking hsftp.