Showing all newswire headlinesView by date, instead?
A vulnerability has been discovered in the index support of the ZCatalog plug-in in Zope, an open source web application server. A flaw in the security settings of ZCatalog allows anonymous users to call arbitrary methods of catalog indexes. The vulnerability also allows untrusted code to do the same.
Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 for the MIPS architecture.
Upgraded tcpdump packages are available for Slackware 8.1, 9.0, 9.1, and -current to fix denial-of-service issues. Sites using tcpdump should upgrade to the new packages.
Media Excel is shipping a real-time software decoder and streaming package for Linux on x86. SoftStream Player supports MPEG-2, MPEG-4, and H.264 compressed video, and targets Celeron, VIA C3, and Transmeta Crusoe based devices powerful enough to do without a hardware decoder.
Several serious problems have been discovered in the Linux kernel. This update takes care of Linux 2.4.17 for the PowerPC/apus and S/390 architectures.
BayStar Capital is seeking to get back the $20 million it invested in the SCO Group, raising issues for SCO's expensive and controversial legal campaign that argues Linux infringes its Unix copyrights.
Two vulnerabilities have been discovered and fixed in CVS.
Multiple format string vulnerabilities were discovered in neon, an HTTP and WebDAV client library. These vulnerabilities could potentially be exploited by a malicious WebDAV server to execute arbitrary code with the privileges of the process using libneon.
Paul Szabo discovered a number of similar bugs in suidperl, a helper program to run perl scripts with setuid privileges. By exploiting these bugs, an attacker could abuse suidperl to discover information about files (such as testing for their existence and some of their permissions) that should not be accessible to unprivileged users.
Christian Jaeger reported a bug in logcheck which could potentially be exploited by a local user to overwrite files with root privileges. logcheck utilized a temporary directory under /var/tmp without taking security precautions. While this directory is created when logcheck is installed, and while it exists there is no vulnerability, if at any time this directory is removed, the potential for exploitation exists.
In a potentially crippling blow to The SCO Group, BayStar Capital is calling due its $20 million loan to the controversial Utah software company. Stunned SCO officials were scrambling Friday to get BayStar's explanation for the decision, declared in a letter to Lindon-based SCO late Thursday.
Underscoring Novell's commitment to the Linux operating system, the company's chief financial officer on Friday hinted at further acquisitions.
BANGALORE: IT major IBM on day said that it would set up a Linux and open source practice at the National Institute of Smart Government (NISG) to promote affordable computing in the country.
The Consortium for Open Source in Public Administration (Cospa) launches today with the goal of increasing and improving the use of open source software across Europe.
You're putting out system management fires, with five SSH sessions open on your desktop. The mail server needs a restart after that kernel patch, so you su to root and type reboot. Just as the connection closes, your brain catches up with your fingertips. The mail server's still up -- the system you rebooted was the firewall at the site 200 miles away. The firewall on which 50 users rely. The firewall that refuses to reboot without a cold reset. What do you do?
Microsoft is getting an earful from Open Source developers in the wake of the Windows' giant's first 100% Open Source release to SourceForge.
A Linux desktop should play to its strengths and not try to be a Windows clone in an attempt to replace Microsoft, according to Novell's Linux business strategist.
The usually simmering debate about open-source versus closed-source recently boiled over, following the leak of Microsoft Windows source code on the Internet. And it boiled over here too. After I wrote a column for one of PC Magazine's sister sites about the Windows source code leak and what it might reveal about the value of closed-source code as a security technique, 95 percent of the responses said that I didn't get the point: Open-source, being open, gets a better code review. Anyone can get the source, look at it, and find problems in it.
Applied Micro Circuits Corporation (AMCC) [NASDAQ: AMCC], today announced the availability of the new 3ware 9000 Series of hardware RAID controllers. The 3ware 9000 Series enables a completely new class of SATA RAID storage solutions for all mid-range to high-end Linux servers. The new controllers are available to OEMs, VARs, and system integrators in 12, 8, and 4-port configurations worldwide. The controllers will be on display at Real World Linux 2004 April 14-15 at the Metro Toronto Convention Centre in booth 409.
Greuff of VOID.AT discovered various format string vulnerabilities in the error output handling routines of the Neon HTTP and WebDAV client library. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2004-0179 to the problem.