In association with heise online

14 May 2011, 11:59

The H Week - Linux 2.6.39 approaches, Google I/O, WebGL insecurity, Flash 10.3 fixes holes

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

The H Week This week, Glyn Moody discussed what Microsoft's acquisition of Skype means for FOSS and The H published a new edition in the Coming in 2.6.39 Kernel log series. Google kicked off its I/O developer conference with Android, the German Foreign Office explained its elimination of open source and Ubuntu 8.04 LTS reached its end of life on desktops. Researchers published details of a security hole in WebGL, Sony delayed reopening PSN and Adobe released version 10.3 of Flash Player, closing several security vulnerabilities.


Glyn Moody scoped out the Skype situation as Microsoft swallowed up the proprietary VOIP maker and asked if there was an opportunity for open source in its wake. The final part of the Thorsten Leemhuis's Kernel Log mini-series, "Coming in 2.6.39", looked at the new and modified drivers going into the, now imminent, next version of Linux.

Open Source

Linux 2.6.39 is nearly with us, the German Foreign Office explained why it was going back to Windows and Office, Apple appeared to not comply with the Webkit LGPL... then they did, AMD committed to getting the open source BIOS coreboot working with all their processors and SCO finally disappeared by renaming itself TSG Group.

Google's big developer event took place this week and the first day was all about Android, though Google went on to disappoint people by confirming that there would be no Honeycomb (Android 3.x) source code till after the release of a future version of Android called Ice Cream Sandwich. Google's App Engine got a native boost when it was announced that it would run Google's Go language compiled to x86 and finally Google announced the Linux-based, Chrome-browser-based Chromebook notebooks being made by Samsung and Acer.

ForgeRock put themselves at the centre of OpenICF, a group built around the Identity Connector Framework, and SGI upped its support of the Lustre file system and announced it was joining OpenSFS, a group focused on open source scalable file systems such as Lustre. Mandriva and Zarafa got together, as did the creator of Scala and the creator of the Scala-based Akka middleware to make Typesafe, a Scala company.

Ubuntu were also having their developer summit: OpenStack was selected as the future foundation of Ubuntu cloud offerings, LXDE-based Lubuntu got official blessing, Canonical announced they were joining GENIVI and making an in-car infotainment remix of Ubuntu and Nokia took the opportunity to announce Qt 5. Ubuntu 8.04 LTS passed its end of life date.

Open Source Releases

Releases this week included Talend's enterprise service bus, an updated Parted Magic, bug fixes for KDE, mobile framework Rhodes enhanced, an update to Amarok, a "huge step" for phpMyAdmin and better firmware for the Boxee Box.

Development releases


Vupen announced they had an exploit for Chrome which got past the sandbox, ASLR and DEP, while Context researchers pointed out that WebGL was a whole new attack surface for malware.

Sony delayed their planned reopening of the Playstation network, a hole in Skype for Mac was already fixed but Skype fixed it again anyway and OpenID warned of an identity theft problem that existed in extended forms of the protocol.

Chrome 12 beta and Chrome 11 both got different elements of protection against Flash-based cookies and the UK's Information Commissioner's Office gave guidelines on how to comply with the new EU cookie laws. Meanwhile Adobe got a grip on Flash cookies with version 10.3 of the Flash player.

Facebook apps were inadvertently leaking access tokens to advertisers, the Apache HTTP server had a DoS problem down in its portable runtime and malware authors discovered Unicode and how to write backwards to cover their tracks.

Linux security distribution Backtrack 5 was released, as was, unfortunately, the source code for the ZeuS trojan kit, and Google's dancing doodle led to image searches which had been poisoned by malware.

Security Alerts

For all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.


Print Version | Send by email | Permalink:

  • July's Community Calendar

The H Open

The H Security

The H Developer

The H Internet Toolkit