The H Week - SUSE Linux, Android, OpenBSD back doors and 0-Day IE holes
In the past week, The H took a look at lessons learned from WikiLeaks, published a new edition of the Kernel Log, reported on Google's latest Android OS release, on Mozilla's release of the first draft of its MPL 2.0 licence and on Attachmate's stance on SUSE Linux. ProFTPD updates closed a critical SQL module issue, Microsoft confirmed yet another unpatched critical hole in its Internet Explorer web browser and pulled its latest Outlook update due to problems reported by users.
Featured
This week, Glyn Moody discussed the lessons learned from WikiLeaks and The H published part 4 of the Kernel Log series on the 2.6.37 Linux kernel.
- Lessons from WikiLeaks: decentralize, decentralize, decentralize
- Kernel Log: coming in 2.6.37 (Part 4) - Architecture and infrastructure code
Open Source
Following the announcement of the latest version of its open source mobile operating system earlier this month, Google released the source code for Android 2.3 "Gingerbread" and published a list of tips and tricks for the OS. Google also launched a YouTube channel dedicated to open source.
- Google releases Android 2.3 "Gingerbread" source code
- Google publishes Android tips and tricks
- Google launches open source YouTube channel
Mozilla released a draft of version 2.0 of its Mozilla Public License (MPL) and the Debian project confirmed that its next release, "Squeeze", will feature a completely free kernel.
This week, both the Document Foundation and KDE e.V., the non-profit organization representing the KDE Project in legal and financial matters, joined the Open Invention Network (OIN). Red Hat and Eucalyptus announced a new partnership. Attachmate confirmed that the future of SUSE Linux is secure and NoMachine announced that version 4.0 of its NX technology would become entirely closed source
- The Document Foundation joins Open Invention Network
- KDE e.V. joins Open Invention Network as a licensee
- Red Hat and Eucalyptus forge partnership
- Attachmate says future of SUSE Linux is secure
- NX technology becomes fully closed source
Open Source Releases
Important releases this week included the final version 10.0 release of the XBMC media centre software, the second development version of OpenIndiana, Oracle VM VirtualBox 4.0 and, after several delays, the eighth beta for version 4.0 of the Firefox web browser.
- XBMC 10.0 features new Add-ons system
- OpenIndiana build 148 released
- Oracle releases VM VirtualBox 4.0
- Mozilla releases Firefox 4 Beta 8
Other open source updates and development previews from this week -
- Tiny Core Linux 3.4 arrives
- Lightspark open source Flash player gains PowerPC support
- Pidgin 2.7.8 fixes MSN bugs
- PostgreSQL updates released
- PCLinuxOS 2010.12 holiday ISOs released
- PC-BSD 8.2 Beta 1 arrives for testing
- Openwall Linux 3.0 brings new features
- X.org 7.6 supports udev and modularized configuration
- digiKam 1.7.0 update fixes bugs
- Python 3.2 Beta 2 released
- openThinClient 1.0 adds Smart Card support
- Mandriva Linux 2010.2 released
- GnuCash 2.4.0 accounting software released
- openSUSE 11.4 Milestone 5 released
- KDE SC 4.6 RC1 lacks KDE PIM
Security
Following audits of its code, the OpenBSD developers announced that, so far, there were no indications of built-in back doors. Microsoft withdrew its recent Outlook update following problems reported by users and the US Department of Defense National Security Agency (NSA) responded to the WikiLeaks disclosures by setting up a dedicated WikiLeaks Task Force.
- OpenBSD: audits give no indication of back doors
- Microsoft withdraws flawed Outlook update
- "W.T.F.": CIA and NSA respond to WikiLeaks
Google confirmed that it has started warning users when they may be about to visit web sites which have been hacked. Secunia released version 2.0 of its Personal Software Inspector (PSI) and the FTC gave its blessing to Intel's acquisition of security services provider McAfee.
- Google warns users of hacked web sites
- Secunia releases PSI version 2.0
- FTC gives its blessing to Intel's acquisition of McAfee
Security Alerts
- Phrack hole closed in ProFTPD
- Exploit published for unpatched Internet Explorer vulnerability
- Microsoft issues warning about critical IE hole
For all last week's news, see The H's last seven days of news, and to keep up with The H, subscribe to the RSS feed, or follow honlinenews on Twitter. You can follow The H's own tweeting on Twitter as honline.
(crve)