In association with heise online

18 September 2010, 12:00

The H Week - Linux kernel hole, Novell sale moves ahead and Siemens industrial control systems suffer a worm

  • Twitter
  • Facebook
  • submit to slashdot
  • StumbleUpon
  • submit to reddit

In the past week, The H published two features and reported on a new technique to boost Hadoop queries, the reappearance of a preview version of 64-bit Adobe Flash Player 10, a dropped patch that exposed an old Linux kernel hole and on the sale of Novell. The Haystack anti-censorship project was shamed by bugs that could expose its users, Intel's HDCP master key was anonymously published and a worm was found to have infected 15 Siemens industrial control systems.

Featured

The H published two features this week: in his regular column Glyn Moody discussed innovation in open source and our Linux Kernel expert Thorsten Leemhuis mused on the future of Linux distribution development cycles.

Open Source

Mozilla reported that the new JägerMonkey engine promises to boost the JavaScript speed of their Firefox browser, announced that the Firefox 4 Beta 6 has been renamed as Beta 7 and turned off update notifications while solving a stability problem.

At the VLDB conference German researchers presented a technique to radically boost the speed of Hadoop queries.

After a lot of prompting Dell finally released the GPL code for its Streak tablet device. Oracle reaffirmed its commitment to continued open source Java support and development and the Diaspora project released the first version of the source for its open social networking software.

Linux related news - The Fedora developers have decided to postpone the implementation of systemd in Fedora 14 and have reverted to Upstart. Having withdrawn the Linux specific preview of the Flash 64-bit plug-in a few months ago Adobe have now issued new, cross platform, preview code. A Linux kernel hole was re-discovered that was originally patched in 2007. It reappeared in the kernel when the developers removed the patch, apparently as far back as 2008.

In business news - The Apache Software Foundation announced the appointment of new Executive Officers, Sonatype acquired funding and a new CEO and Opsera sold off its Enterprise Services division in order to concentrate on Opsview development and support. The sale of Novell appears to be moving ahead and the SCO Group sought to liquidate more of its assets to finance its continuing court battles. Oracle published strong results for the first quarter of its 2011 accounting year.

Open Source Releases

This week saw quite a number of releases and updates. Notably the first version of the OpenSolaris fork, OpenIndiana, stability updates for Mozila Firefox and Thunderbird and a new browser benchmark called Kraken.

Security

Microsoft published instructions for using EMET to block the Adobe Reader zero day exploit. Critical bugs were revealed in Haystack: the anti-censorship software that was supposed to protect the identities of online critics of the Iranian government. A weakness was found in ASP.NET which could affect approximately 25% of web applications and Samba, the file and print server software, received an update to fix a buffer overrun vulnerability.

The code for Intel's HDCP master key leaked this week and Intel responded, saying that although genuine the key code would only be of use to hardware manufacturers attempting to avoid paying the HDCP licence fees. Intel said it would take action against any manufacturers that tried to use the leaked code.

Following the example of Microsoft and Adobe, business management specialist SAP introduced a regular patch day.

OpenX seemed to respond quickly to the report on Monday of a critical hole in its ad server software, now found to have been open for about a year, by, on Thursday, publishing an update to patch an unspecified vulnerability.

Reports came in this week of a worm, known as Stuxnet, that has infiltrated Siemens industrial controllers and is apparently capable of re-programming Programmable Logic Controllers inside these systems.

Security Alerts

To see all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.

(trk)

Print Version | Send by email | Permalink: http://h-online.com/-1081388
 


  • July's Community Calendar





The H Open

The H Security

The H Developer

The H Internet Toolkit