Showing all newswire headlines

LynuxWorks(TM) Inc. introduced today the industry's first pre-configured board support package (BSP) based on the Linux 2.6 kernel for the Apple PowerPC G5, the world's first 64-bit desktop processor.

According to a posting on Bugtraq [0], an issue regarding the insecure creation of a temporary directory exists in GNU libtool [1] versions before 1.5.2. Use of mkdir(1) along with option "-p" makes libtool vulnerable to symlink attacks. Stefan Nordhausen commited a fix that removes the use of option "-p" in version 1.5.2. Discussion on Bugtraq further indicates that an additional race condition issue exists in the same context using chmod(1), reported by Joseph S. Myers back in March 2000 [2]. The updated OpenPKG versions of libtool contain fixes for both issues.

Our stock analyst, Melanie Hollands, believes that Advanced Micro Devices is one of the best names to own at this time in the semiconductor group, and that the major catalyst to propel the stock upward is continued OEM wins for its new 64-bit MPUs. Why? Read on ...

This is to announce the release of Trustix Secure Linux 2.1, nicknamed "Horizon". It is the second release in the Trustix 2 series.

A total of 312 billion VND (20 million USD) will be injected into the application and development of open source software in Viet Nam covering the 2003-07 period... By 2007, open source software will be installed in computers at the State agencies and education and data establishments. It will also be applied in the defence and security services.

In my view--and I said so at the event--our governments at all levels should be looking at all alternatives and considering OSS options as they have the potential to create local ICT jobs and reduce the ICT trade deficit of $14.4 billion.

"A major IT overhaul of payroll, human resources and finance starting this month at the University of Technology, Sydney (UTS) will help boost its status as one of Australia's top technology institutions."

With the cost of commercial software now reaching up to a quarter of the total price of an off-the-shelf PC, significant savings can be made by buying “empty” and installing open source alternatives.

There were 16 security alerts issued last week:

• 5 from Debian
• 1 from Fedora
• 2 from Fedora Legacy
• 2 from Gentoo
• 2 from Mandrake
• 1 from OpenPKG
• 1 from Red Hat
• 2 from Trustix

"The People Behind KDE" interviews Zack Rusin, KDE developer and advocate.

We tested five Linux desktop solutions: Libra Computer Systems Ltd.'s Libranet 2.8.1 Flagship Edition, Lindows.com Inc.'s LindowsOS 4.5, Lycoris' Desktop/LX, MandrakeSoft Inc.'s Mandrake Linux 9.2 and Xandros Inc.'s Xandros Desktop OS Version 2-Deluxe Edition. None proved to be the clear front-runner. Rather, three of the solutions — the ones from Lindows.com, Lycoris and Xandros — proved evenly matched and ideally suited to replace either Windows or Macintosh systems with ease.

The TechTV staff has turned into a cult of Mozilla worshippers. Leo even recommends it to viewers at least twice a week for its superior browser features, email and newsreader, and built-in chat client. Today, however, we're going to recommend another (gasp) great free alternative to Internet Explorer. It's called (drum roll please) Mozilla Firefox.

Introduction: The Fedora Legacy Project is community-supported open source project. It is not a supported project of Red Hat, Inc. although Red Hat, Inc. does provide some support services for it.

A buffer overflow has been discovered in libxml2 versions prior to 2.6.6 which may be exploited by an attacker allowing the execution of arbitrary code.

A critical security vulnerability has been found in recent Linux kernels by Paul Starzetz of iSEC Security Research which allows for local privilege escalations.

That's not quite the whole story, but welcome to Linux, the alternate operating system universe where I've been living for the past few months.

URLs longer than 4096 bytes would cause an overflow while using nanohttp in libxml2.

Paul Starzetz and Wojciech Purczynski of isec.pl discovered a critical security vulnerability in the memory management code of Linux inside the mremap(2) system call. Due to flushing the TLB (Translation Lookaside Buffer, an address cache) too early it is possible for an attacker to trigger a local root exploit.

Pavel Cvrcek (a member of CZilla team) wrote in to tell us that he has released Mozilla Backup 1.3a. This latest release automatically detects external profiles and adds better support for Mozilla Firefox 0.8 and Mozilla Thunderbird 0.5.

Certain incorrect DNS setups would cause rpc.mountd to crash, resulting in a remote DoS of the DNS client at mount time.