Showing headlines posted by dave

An application of the Linux Terminal Server Project in Manitoba's largest high school.

It's rare to find a PHP/PERL/Python developer who is also a database administrator. This is understandable. If they really spent time doing real database administration, their application development skills (or, at the very least, timelines) would suffer greatly for it. However, in some situations, where the back end is concerned, what you don't know can have a non-trivial and negative affect on your application's performance or security. At the very least, it will cause you to write a significant amount of front end code to do things a database feature might do for you with just a line or two of SQL or the tweaking of a configuration directive.

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to missing function return value check of internal functions a local attacker can gain root privileges.

The kernel package contains the Linux kernel (vmlinuz), the core of your Trustix Secure Linux operating system. The kernel handles the basic functions of the operating system: memory allocation, process allocation, device input and output, etc.

New metamail packages are available for Slackware 8.1, 9.0, 9.1, and -current. These fix two format string bugs and two buffer overflows which could lead to unauthorized code execution.

Oliver Eikemeier has reported a vulnerability in clamav, which can be exploited by a malformed uuencoded message causing a denial of service for programs that rely on the clamav daemon, such as SMTP daemons.

Updated kernel packages that fix security vulnerabilities which may allow local users to gain root privileges are now available. These packages also resolve other minor issues.

New kernels are available for Slackware 9.1 and -current to fix a bounds-checking problem in the kernel's mremap() call which could be used by a local attacker to gain root privileges. Please note that this is not the same issue as CAN-2003-0985 which was fixed in early January.

[LXer Editor: The ACCC is the "Australian Competition and Consumer Commission"] An open source industry cluster in Victoria has asked the consumer watchdog to investigate concerns which it says have arisen from the SCO Group's announcement, on January 20, of the availability of a licence in Australia and New Zealand which "permits the use of SCO's intellectual property, in binary form only, as contained in Linux distributions."

Couldn't stop myself from trying the new Fedora 2-test1 release, even if it is an alpha!

Open Solutions Inc., a provider of integrated data processing technologies for community financial institutions, announced it has successfully completed its Linux pilot program and has validated Linux running in a live processing environment.

The Linux desktop is almost ready for prime time. Almost, I said. That's no mean feat, considering the two big challenges it faces in the workplace. On one hand, enterprises have relied for years on the potential manageability of the Windows platform; on the other hand, many users equate slicker graphics with better performance. Unfortunately, pretty pictures aren't enough to convince IT that there's anything as manageable as a Windows desktop is; if that were the case, Apple would rule the desktop.

The open-source community argues that with thousands of eyes looking at the code, the code is much more robust and the security of the resulting products is near absolute. But any CIO or CFO who hasn't heard that this is the method of the open-source community -- and who will be going through an IT audit -- will probably be reaching for the heart-attack pills about now.

Welcome to this year's seventh issue of DWN, the weekly newsletter for the Debian community. The debian-desktop sub-project has announced an IRC meeting on Wednesday, February 25th. Andrea Mennucc conducted several Google searches and found out that Debian is ranked in the middle field of popular distributions. Pablo Lorenzzoni also announced that registration for this years' Debian conference has opened.

If anyone has knowledge or evidence about who developed the virus, I hope he or she will come forth and make an accusation against specific people based on specific proof. But nobody should make accusations without proof, and there is no excuse for guilt by association. Not in New York, not in Cambridge, and not in the Free World.

The Mozilla Foundation announced on Tuesday that it is trying to stimulate more interest in its free and open-source products on this side of the Atlantic through a dedicated European operation.

The recent disclosure of a security hole revealed through the leak of Microsoft Windows 2000 and NT source code is raising several issues that the software giant will have to face as a result of the breach. Analysts are indicating that the leak could have a profound effect not only on the security of Microsoft's software but also on the company's worldwide reputation. The source-code leak -- coupled with a new Internet Explorer vulnerability discovered over the weekend -- mark the beginning of what is expected to be a painful period for Microsoft.

This week: News, tips and tricks, poll, projects information, and more.

MontaVista Software, Inc., and Iskratel, has announced that MontaVista® Linux® Carrier Grade Edition (CGE) is the chosen operating system (OS) for Iskratel's SI2000 CS - Call Server, the nerve center in Iskratel's vision of next-generation networks (NGN).

The EDA recommended Red Hat Enterprise Linux specifically for the x86, Itanium 2 and Opteron hardware architecture.