The H Week - Linux forks, fails and financials, over baked cookies and Twitter troubles

A Swiss local government authority cancels its Linux programme, new techniques bake cookies that are extremely persistent and Mandriva is forked to Mageia. Red Hat continues its strong financial performance while the sale of Novell runs into difficulties. Mozilla joins OIN, blogging tool Moveable Type has a new owner as VideoEgg buys Six Apart, the CCC demonstrates security problems with the German electronic ID cards and the EU backs a project to develop a cross-device application platform. Apache sees the millionth commit to its repository and a previously fixed bug returns and brings Twitter to a near standstill.

Featured

This week, Andrea Muller looked at the history behind the Swiss Canton of Solothurn's retreat from Linux, in Part 2 of the Coming in 2.6.36 series the Kernel Log dealt with details of changes in file systems, networking and storage and Glyn Moody took on the challenge of buying a computer from Dell with Linux pre-installed.

• A crash landing for Linux?
• Kernel Log: Coming in 2.6.36 (Part 2) - File systems, networking and storage
• Why is Dell UK making it so difficult?

Open Source

The Swiss Canton of Solothurn abandoned plans to adopt Linux but will keep OpenOffice on desktops, Oracle decided that a JDK 7 in 2011 was the next step for Java and that InnoDB was to be the default in the next MySQL release. The PostgreSQL developers published version 9.0 of the open source database with replication, hot-standby and much more.

• Swiss Canton of Solothurn abandons Linux
• Oracle going with Java Plan B according to JDK 7 feature list - Update
• First release candidate of MySQL 5.5 with InnoDB as a default
• PostgreSQL 9.0 brings replication and more

The previous weeks privilege escalation hole in 64-bit Linux was fixed in many distributions, along with a hole found in the bzip2 library. Oracle declared the declarative JavaFX Script dead but promised to incorporate JavaFX into Java, while Nokia announced the availability of Qt 4.7 and its declarative UI language QML.

• Canonical and others close kernel holes
• Hole closed in bzip2 compression tool
• JavaFX Script is dead, long live JavaFX
• Qt 4.7 released with QML

Mozilla joined the defensive Linux patent pool that is the Open Invention Network, Facebook open sourced how they change their databases while keeping their systems online, the WeTab Linux based tablet started to ship in Germany and the Ninite application installer appeared as a beta version for Linux.

• Mozilla becomes latest Open Invention Network licensee
• Facebook open source MySQL utility
• WeTab ships in Germany
• Ninite bulk application installer comes to Linux

Following community concerns about the company's health, a fork of the Mandriva Linux distribution appeared called Mageia and Mandriva responded by saying they were planning for a Brazil based future. Red Hat pushed up their revenues in their latest quarter figures, while the sale of rival Novell ran into delays.

• Mandriva Linux forked into Mageia community distribution
• Mandriva: We're not dead
• Red Hat boosts revenue
• Report: Novell acquisition delayed over legacy assets

Finally, the Movable Type blogging software was acquired by VideoEgg, as part of the assets of Six Apart. The merged companies will now be known as SayMedia. A European Union backed project to make a cross device application platform was launched and Apache saw the millionth commit in its source code repository.

• VideoEgg acquires Movable Type blogging software
• Webinos: New consortium to deliver cross-device application platform
• Apache hits millionth commit milestone

Open Source Releases

This week saw updates for GhostScript, VortexBox, PiTiVi, Rubinius, Amarok, Tiki Wiki, Linux from Scratch, and Novell. SAP released their own version of SLES specifically for SAP applications.

• Ghostscript 9.0 supports ICC profiles
• VortexBox media server 1.5 released
• PiTiVi video editor updated ready for Maverick freeze
• Ruby-in-Ruby Rubinius 1.1 released
• Amarok 2.3.2 with enhanced search & podcast management
• Tiki Wiki CMS Groupware 5.2 and 3.7 LTS released
• Linux From Scratch DIY guide updated
• Novell and SAP team up to make SLES for SAP

Security

Cookies could become very difficult to delete thanks to the discovery of new ways to make them persist on disk and the Chaos Computer Club demonstrated problems with the new German electronic ID cards. Microsoft released a work-around for the ASP.NET encryption problem, made Security Essentials free for small businesses and the Stuxnet worm appeared to have some quite well known exploits in use.

• The zombie cookie
• CCC reveals security problems with German electronic IDs
• Workaround for ASP.NET server's encryption vulnerability
• Microsoft Security Essentials free for small businesses
• Vulnerability exploited by Stuxnet discovered more than a year ago.

Twitter was almost brought to a standstill as an XSS hole exploit replicated over the system. It turns out that the bug in question was fixed a month ago and accidentally reopened. ZoneAlarm advertising got a bit out of control, scaring users and Cisco shipped their scheduled set of security fixes.

• OnMouseOver XSS plagues Twitter - Update
• Twitter and the XSS zombie
• ZoneAlarm scares users with "virus alert"
• Cisco scheduled bug fixes

Security Alerts

Apple closed a hole in Mac file sharing, Adobe closed a hole in Flash Player and the open source community fixed a hole in bzip2 compression.

• Patch for Mac OS X file sharing
• Adobe closes hole in Flash Player
• Hole closed in bzip2 compression tool

To see all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.

(djwm)