In association with heise online

04 May 2013, 17:15

The H Roundup - Linux 3.9, better fonts for all and Note-d Java holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The H Roundup logo Welcome to The H Roundup, your rapid review of the week with the most read news on The H, the security alerts and open source releases, and the essential feature articles – all in one quick-to-scan news item. This week: Linux 3.9 arrives, better font display for Linux, compromised Apache binaries and huge Java holes, Mozilla gets legalistic for a good reason and there's fresh BSD and Linux distributions released into the world.

Features

The big event this week was the arrival at the start of the week of Linux 3.9 and Thorsten Leemhuis had all the details in his "What's new" feature. Meanwhile, Glyn Moody took on the issues and positions behind Free Software projects and trademarks, one which took on extra importance in the news as Mozilla issued a cease and desist on a much less reputable software maker.

Top News

As mentioned, Linux 3.9 arrived ready for developers to start folding into their distributions. The venerable OpenWRT got a new release and left behind some of the original hardware on which it emerged. Adobe and Google got together and contributed a new font rendering engine to the FreeType project, which will boost the readability and clarity of displays on Linux and other systems.

Hiding malware in Apache web server binaries is the latest trick from the black-hatted fraternity; cPanel's Apache server seems to be the target of this low footprint attack. Google stepped in to stop developers updating their Play-store-supplied apps by other means, bringing an apparent end to Facebook's silent update plans. Google joined up with FIDO, an organisation looking for a replacement for the password, and it turns out that Lotus Notes would happily run Java applets... in mail – a gift to phishers.

Mozilla decided it wasn't going to take a government spyware supplier's technique of hiding its spyware by making it pretend to be Firefox and fired off a cease and desist. Meanwhile a former Opera employee who worked on Mozilla's Junior browser found himself accused by Opera of leaking trade secrets to Mozilla. The H's Open Recall was well read this week as the arrival of Debian Wheezy was nailed down to the weekend. Project Open added a stack of interoperability to its project management system including being able to round trip MS Project projects.

Open Source Releases

With two BSD-based refreshes, a Fedora remix, and the latest from Gentoo-based Sabayon, there were plenty of newly released operating systems to choose from.

Microsoft and Rackspace released tools to bring .NET developers to their clouds, Impala's Hadoop-based SQL query engine rolled out, Firefox OS got the third iteration of its in-browser simulator and a classic JavaScript benchmark reached version 1.0. After recent bug troubles, which tend to be the worst news in partition editors, the GParted developers put in the testing time to ensure a good, solid release. The Open Build Service learned how to build with Arch, KDevelop got built-in unit testing, Amarok rocked Windows, and GDB got itself ready for 64-bit ARM.

Coming soon, Rails 4.0, as the first release candidate for the opinionated web framework landed. Meanwhile, Mozilla's service team released Heka, a Go-based platform for managing the management messages and making them into meaningful metrics.

Security Alerts

If there's one place you don't want security holes, it's in your security software, but that's where McAfee found they had some this week. And, as we mentioned earlier, there was a big problem with how Lotus Notes email handles Java applets – it does handle them and leave the door open for phishing attackers.

For everything The H has published in the last week, check out the last seven days of news. To keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.

(djwm)

 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit