Showing all newswire headlines

The Canadian Society that manages street parking and public parking lots for the City of Montreal is planning to roll out 500 to 800 wireless, solar-powered parking payment stations based on embedded Linux.

Yuuichi Teranishi discovered a flaw in libxml, the GNOME XML library. When fetching a remote resource via FTP or HTTP, the library uses special parsing routines which can overflow a buffer if passed a very long URL. If an attacker is able to find an application using libxml1 or libxml2 that parses remote resources and allows the attacker to craft the URL, then this flaw could be used to execute arbitrary code.

A behind-the-scenes look at the evolution of the Linux Documentation Project.

An internal SCO memorandum discussing its relationship with Microsoft has leaked -- and reveals that SCO is collecting a lot bigger payoff from attacking Linux than anybody knew.

In this issue we cover quite a bit from the docs project (which has been rather active!), testing for the IIIMF, configuration issues, as well as plenty of notes on FC2 test1.

A flaw in libxml2 versions prior to 2.6.6 was found by Yuuichi Teranishi. When fetching a remote source via FTP or HTTP, libxml2 uses special parsing routines that can overflow a buffer if passed a very long URL. In the event that the attacker can find a program that uses libxml2 which parses remote resources and allows them to influence the URL, this flaw could be used to execute arbitrary code. The updated packages provide a backported fix to correct the problem.

The NISCC uncovered bugs in pwlib prior to version 1.6.0 via a test suite for the H.225 protocol. An attacker could trigger these bugs by sending carefully crafted messages to an application that uses pwlib, and the severity would vary based on the application, but likely would result in a Denial of Service (DoS).

A change in licensing terms by the well-known open source projects Apache and XFree86 has led to the Free Software Foundation listing both licences as being incompatible with the General Public Licence or GPL.

PHP's creator offers his thoughts on the PHP phenomenon, what has shaped and motivated the language, and where the PHP movement is heading

OpenLDAP is an open source suite of software that includes the LDAP server daemon (slapd), a replication daemon (slurpd) and a small collection of command line client tools, like ldapsearch and ldapadd, among others. In this article, we'll set up and populate a small but functional LDAP server using the slapd daemon, and start to make use of it with a Linux client.

Tips, news, and other fun content from the Mozilla group.

On March 13th there's going to be a bug squish [1]fest at the Sydney University by is local [2]user group. Isaac Jones [3]described that reporting and fixing bugs in software one uses frequently is one of the easiest ways to get involved in Free Software. Bradley Kuhn reminded us of the [4]GIF patent that IBM holds until 2006, even though the Unisys patent will expire soon.

Updated kernel packages that fix security vulnerabilities which may allow local users to gain root privileges are now available. These packages also resolve other minor issues.

Editor's note: According to Bob Kramer, "...the Initiative for Software Choice (ISC) was created to address the proliferation of restrictive 'preference' proposals springing up across the globe. Virtually all of these proposals have been structured to favor free and/or open source software (OSS) over other viable alternatives in government procurements." Kramer doesn't think this is a good idea. He wrote this article in response to Joe Barr's recent NewsForge commentary about the United Nations World Summit on Information Society.

Upgraded Features Include Advanced Security and Authentication, Graphical Administrative User Interface, Enhanced Enterprise Integration Options

Running on an eight-node cluster of industry-standard HP ProLiant DL740 servers, each with four Intel Xeon 3.0GHz processors on Red Hat Enterprise Linux v. 3, Oracle Database 10g and Oracle Real Application Clusters achieved 22,387.9 QphH@3000GB at an unmatched price performance of $93/QphH@3000GB. This record Linux server result demonstrates the power of Oracle Database 10g and Oracle Real Application Clusters to deliver high performance, complex query processing on small, low-cost clustered servers. Oracle now holds world records for TPC-H benchmarks at one and three TB scale factors on Linux.

The SCO Group, Inc., the owner of the UNIX(R) operating system and a leading provider of UNIX-based solutions, today announced a lawsuit to be filed against DaimlerChrysler Corporation for its alleged violations of its UNIX software agreement with SCO.

Eric S. Raymond has written an open letter to Autozone. "We'll be with you -- and that 'we' includes a lot of expertise in the technical, legal, and historical issues bound up in SCO's lawsuit. If there is any assistance that I personally or the Open Source Initiative can reasonably provide, please do not hesitate to ask."

The SCO Group, Inc., the owner of the UNIX(R) operating system and a leading provider of UNIX-based solutions, today announced it has filed suit against AutoZone, Inc., for its alleged violations of SCO's UNIX copyrights through its use of Linux.

PeopleSoft EnterpriseOne 8.10, to be released in the second quarter, will run on Red Hat Inc.'s distribution of Linux.