The H Week – Linux 2.6.38 released, FFmpeg becomes Libav, IE9 arrives, Chrome patches bugs

In the past week, The H returned from CeBIT and took an in-depth look at the new features in version 2.6.38 of the Linux kernel. The Novell acquisition was delayed, Java EE 7 progresses, FFmpeg became Libav and a Dutch report claimed that open source can't reduce costs. Google patched Pwn2Own and Flash holes in Chrome, Microsoft released Internet Explorer 9 and researchers demonstrated that PIN skimming is possible with chip and pin cards.

Featured

This week, our latest Kernel Log series, on the newly released Linux kernel version 2.6.38, concluded with an overview of the new features; Dj Walker-Morgan reviewed his time at the recent CeBIT trade show in Hanover and described his meetings there with open source developers; and, Glyn Moody discussed the future of open source now that the focus of personal computing is increasingly shifting away from PCs to mobile devices.

• What's new in Linux 2.6.38
• Open Source at CeBIT 2011
• How can open source survive in a post-PC world?

Open Source

Novell confirmed that the US DOJ investigation into the sale of patents to the Microsoft-founded CPTN Holdings will delay the company's acquisition by Attachmate; Oracle's Java EE 7 proposal was approved by the Java Community Process committee; Oracle confirmed that the Sun.com domain would be decommissioned in the next three months and a group of active FFmpeg project developers effectively forked and renamed the codec library to Libav.

• Novell acquisition delayed till April 12th
• Oracle's Java EE 7 proposal approved by the JCP
• Sun.com domain to be decommissioned
• FFmpeg renamed to Libav

The Dutch government published a report that claimed no savings can be made by switching to open source; the Knight Foundation provided a grant worth nearly $1 million to two non-profit news organisations to develop an open source publishing platform; Gluster announced that it has become the OpenStack community's newest member; the Open Source Initiative (OSI) added three new members to its board and NASA announced that it will hold its first ever summit on open source software development later this month.

• Netherlands open source report says no savings can be made
• Open source news publishing platform gets $975,000 grant
• Gluster becomes latest member of OpenStack community
• OSI adds three to board and begins reform
• NASA Open Source Summit announced

It was confirmed that the Apache Harmony Project Management Chair has stepped down, while the Apache Commons team announced that the French space agency would be using its mathematics library for a future project. Nominations for the Debian Project Leader have closed with only one nominee, the project's current DPL, and a new platform has been created to help share patches between Debian and its derivatives.

• Apache Harmony loses project manager
• French space agency to use Apache Commons Mathematics library
• Debian Project Leader elections: a foregone conclusion
• Platform created for exchange between Debian and Ubuntu

Google's bi-monthly Platform Versions numbers show that more than 92 per cent of Android devices are running version 2.1 of the mobile operating system or later, and the legality of Android's Bionic library came into question. The developer channel of Chrome gained a new browser logo as Google finally brought development of its Gears browser plug-in to an end. Microsoft cautiously welcomed the introduction of a WebM plug-in from Google for Internet Explorer 9 as Mozilla confirmed that it plans to ship the latest major update to its browser early next week.

• Google: more than 92% of Android devices running 2.1 or later
• Legal status of Android's Bionic library uncertain
• Google's Chrome browser gets a new logo
• Google finally brings Gears to an end
• Google release WebM plug-in for Internet Explorer 9
• Microsoft cautiously welcomes WebM support for IE9
• Mozilla to release Firefox 4 on 22 March

Open Source Releases

• Pwn2Own 2011: Google patches hole in Chrome
• Alien Arena 2011 FPS game updated
• ZFS for Linux 0.7.0 released
• Linux kernel 2.6.38 released
• Couchbase Server announced in Enterprise and Community editions
• Gpg4win encrypts files and folders
• JRuby 1.6 final released with Ruby 1.9.2 compatibility
• Cloud and web database Drizzle reaches general availability
• MongoDB 1.8 released
• FreeBSD-based firewall m0n0wall 1.33 brings IPv6 improvements
• KTorrent 4.1 adds super-seeding support
• Google closes Flash hole faster than Adobe
• Linux Mint 10 LXDE edition arrives
• PHP 5.3.6 closes five security holes
• WordPress for iOS 2.7 brings UI improvements
• Groovy 1.7.10 and 1.8 RC3 released
• Newscoop open source CMS for journalists updated
• MonoMac links .NET to Apple's GUI

Development Releases

• Second and final beta of GNOME 3 arrives
• FreeNAS 8.0 nearing completion
• Fourth alpha release for real-time strategy game 0 A.D.
• Opera's open source web debugger enters beta
• Google release WebM plug-in for Internet Explorer 9
• Mozilla releases Thunderbird 3.3 Alpha 3
• Mandriva Linux 2011 Beta 1 released for testing

Security

The latest version of Apple's iOS mobile operating system improved IPv6 privacy, WhisperCore brought initial device-level encryption to Android, RIM warned of a hole in BlackBerry's web browser and provided workarounds, and The H reported on a smartphone hack that allows for entry to LAN-attached access control systems.

• iOS 4.3: Apple improves IPv6 users' privacy
• WhisperCore brings device-level encryption to Android
• BlackBerry hole: RIM recommends workaround
• Open sesame: Smartphone hack for electronic entry systems

Google released updates to Chrome to patch vulnerabilities discovered at this year's Pwn2Own competition as well as a hole in the Adobe Flash Player, and, to protect its users such as those who were recently targeted by attackers, also announced the extension of SSL security for all of its APIs.

• Pwn2Own 2011: Google patches hole in Chrome
• Google closes Flash hole faster than Adobe
• Google APIs to improve security with SSL
• Google users targeted by hackers

Microsoft released a major update to its Internet Explorer browser, IE9, that includes several security enhancements; and version 2.1 of Gpg4win was released with support for Windows 7 and encrypting complete folders.

• Microsoft releases Internet Explorer 9
• Gpg4win encrypts files and folders

Researchers demonstrated how game consoles can spread viruses over LANs; click-jacking was reported as spreading on Facebook; Twitter added an option to always use HTTPS connections and, with the help of Microsoft's Digital Crimes Unit, the Rustock botnet is finally out of action.

• CanSecWest: game consoles spread viruses within LANs
• Click-jacking is spreading on Facebook
• Twitter adds "Always use HTTPS" option
• Rustock botnet out of action

A group of researchers showed how chip and pin cards could be skimmed, security firm M86Security reported a new phishing technique that can bypass fraud warnings provided by modern browsers and RSA confirmed that it had fallen prey to an attack in which data was stolen from its servers.

• PIN skimming possible with chip cards
• Under the phishing filters' radar
• RSA hack could endanger the security of SecurID tokens

Security Alerts

• Adobe warns of zero day vulnerability in Flash and Reader
• PHP 5.3.6 closes five security holes

For all last week's news see The H's last seven days of news and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.

(ehe)