Showing all newswire headlines
View by date, instead?« Previous ( 1 ... 7352 7353 7354 7355 7356 7357 7358 ... 7359 ) Next »
Real World Linux Conference 2004: Day 2
Real World Linux 2004 Conference and Expo is under way this week at the Metro Convention Center in Canada's largest city, and NewsForge is there. Day 2 of the conference saw a lot more people and a lot more happening.
Red Hat alert: Updated Subversion packages fix security vulnerability in neon
Updated Subversion packages that fix a vulnerability in neon, exploitable by a malicious DAV server, are now available.
Bit Prepared: A Missing Link?
Building the case for turning the Boy Scouts into a worldwide advocate of free software.
Open Source Project Startup for Dummy Administrators?
So, my challenge goes out to everyone to share their own experiences in getting an open source project off the ground, technically speaking. Are there tools out there that make this process much easier, and perhaps ones that I could take advantage of by moving my own open source project to? Also what experiences have people had with the different community projects?
Open source – a big hit in the classroom
Introducing open source software to those who will teach future generations of computer programmers was a major theme at the ICT in Education Conference held in Cape Town last week.
It's Official: Lindows Is Dead, Long Live "Linspire"
Two years after the start of the trademark dispute between Microsoft Corporation and Lindows Inc., the battle over the "LindowsOS" name is over - henceforth it will be called "Linspire."
An in-depth look at SUSE 9.1 RC2
Here is our promised in-depth look at the latest SUSE 9.1 beta. I found a little more flakiness than I would be comfortable with long-term, but I have been using this near-final version in my day-to-day work for nearly a week now and see no reason to go back to my previous installation.
Public sector warned of open source myths
"It is important to remember that open source is not free of cost – it is free to use and share. Its use must be part of a strategy as it can be costly in terms of migration, integration, training and systems management."
Now Outsource To Switch To Open Source
With Open Source proliferation on the rise, there is a surging demand for organizations specializing in handling demanding migration projects. Migration has become a key concern for enterprises dreaming of a complete Open Source environment, as legacy overhauls and application transfers impose a gargantuan challenge.
OpenPKG Alert: OpenPKG Security Advisory (mysql)
Shaun Colley discovered [1] that the scripts "mysqlbug" and "mysqld_multi" of the MySQL RDBMS [0] perform insecure creations of temporary files. An attacker could create symbolic links in /tmp to achieve the overwriting of files with the privileges of the user invoking the scripts. The RDBMS startup wrapper "mysqld_multi" is currently not used in OpenPKG, although it is contained in the "mysql" package. The "mysqlbug" script could be run manually by the administrator. The Common Vulnerabilities and Exposures (CVE) project assigned the ids CAN-2004-0381 [2] and CAN-2004-0388 [3] to the problem.
Mozilla Links Newsletter - 17 - April 14, 2004
You already know Mozilla excels at providing state of the art Internet products like Mozilla Application Suite and currently in the oven Firefox and Thunderbird, as well as big bunch of other applications like ChatZilla and Mozilla Calendar (recently reviewed). But, what about eye candy?
Try before you buy with Linux 2.6
The recently released Linux 2.6 kernel is going to be the heart of future enterprise Linux offerings. Taking it on a road test enables your IT shop to evaluate its hardware and software upgrade and replacement policies as well as its claims of improved peripheral connectivity.
Mandrake security alert: Updated kernel packages fix multiple vulnerabilities
A vulnerability was found in the R128 DRI driver by Alan Cox. This could allow local privilege escalation. The previous fix, in MDKSA-2004:015 only partially corrected the problem; the full fix is included (CAN-2004-0003).
OpenPKG Alert: OpenPKG Security Advisory (cvs)
Sebastian Krahmer from the SuSE Security Team discovered [1] a flaw in Concurrent Versions System (CVS) [0] clients where RCS "diff files" can create files with absolute pathnames. An attacker could create a fake malicious CVS server that would cause arbitrary files to be created or overwritten when a victim connects to it. The Common Vulnerabilities and Exposures (CVE) project assigned the id CAN-2004-0180 [2] to the problem.
Security alert overload
There have been 12 security alerts posted already today, and each time I think I've posted the last one, another appears. This raises a question that I've had for a while, and now seems a good time to ask... Should we make a filtering program for the LXer homepage?
Mandrake security alert: Updated cvs packages fix remotely exploitable vulnerability
Sebastian Krahmer from the SUSE security team discovered a remotely exploitable vulnerability in the CVS client. When doing a cvs checkout or update over a network, the client accepts absolute pathnames in the RCS diff files. A maliciously configured server could then create any file with content on the local user's disk. This problem affects all versions of CVS prior to 1.11.15 which has fixed the problem.
Unite and conquer
A recent commentary by Robin Miller regarding squabbling within the free software and open source communities was a useful wake-up call. This bickering is having a detrimental effect on our ability to confront those who are trying to convince policy and opinion makers against the use of free and open source software (FOSS). These challenges are neither severe nor insurmountable, but they do require the parties understand the differences between internal and external debate.
Debian alert: New mysql packages fix insecure temporary file creation
Two vulnerabilities have been discovered in mysql, a common database system. Two scripts contained in the package don't create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking the MySQL server, which is often the root user.
Via "violates" GNU GPL with Padlock
The Sourceforge project administrator has claimed that Via's "Padlock" software violates the GNU general public licence (GPL). Via Padlock, said Eric Harmon, breaks the conditions of the GPL in three ways.
Is Windows safer than Linux?
A recent study comparing Windows and Linux vulnerabilities showed that Microsoft is quicker at responding to problems in its software, while many of the leading Linux distributions lag in reaction time. The study conducted by Forrester Research..
« Previous ( 1 ... 7352 7353 7354 7355 7356 7357 7358 ... 7359 ) Next »