|
Noutati |
|
LWN.net
|
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
|
-
X.Org: "A Wasteland of Unreviewedness" (Phoronix)
Michael Larabel at Phoronix explores how the X.org developer community is grappling with its patch-review process. ""David Airlie commented on the developers' mailing list about the lack of patch review for the new API patches, he wonders how he's 'going to get the next 50 patches in at this rate some time this year.' Alan Coopersmith then responded with how there seems to be a harder time overall in getting patch reviews done. Coopersmith says, 'I've got no ideas how to fix this quickly, but we need to get it fixed.'"
-
A scientific basis for Open Source Software
Martin Davis of the JTS Topology Suite project points readers to an article in Nature arguing that open source software should be a standard requirement for peer-reviewed science. "The paper raises the argument for open source software to a higher plane, that of being a necessary component of scientific proof. It points out that the increasing use of computational science as a basis for scientific discovery implies that open source must become a standard requirement for documentation. Apparently some journals such as Science already require source code to be supplied along with submissions of articles."
-
Security advisories for Friday
Debian has updated openssl (integer underflow).
Fedora has updated F16: pidgin-otr (format string vulnerability), F16: drupal6-og (upstream security update).
Ubuntu has updated 10.04: kernel (multiple vulnerabilities), backuppc (cross-site scripting), and update-manager (multiple vulnerabilities).
-
Fedora 17 release pushed back to May 29
Fedora Project Leader Robyn Bergeron announced that the release of Fedora 17 has been delayed by one week, to May 29. "GA [General Availability] for F17 is now scheduled for 2012-05-29. Adjustments to the schedule and wiki will be completed later today. We will be meeting again next Thursday, 2012-05-24, for another Go/No-Go meeting." The decision was reached in order to close four outstanding blockers. A second F17 release candidate (RC2) will be spun in the interim.
-
Mandriva Linux to "return to the community"
The Mandriva Blog contains a
short posting stating Mandriva SA's intent to hand control of the
distribution over to the community. "This means that the future of
the distribution will not be arbitrary decided by the Mandriva company
anymore, but we intend to let the distribution evolve in and under the
caring responsibility of the community. Mandriva SA will of course be a
part of this entity and will support it with direct contributions."
How the governance of this community will work is to be worked out.
-
The problem with nerd politics (The Guardian)
Over at the Guardian, Cory Doctorow writes about two problems that govern the relationship between politics and technically oriented folks ("nerds" in Doctorow-speak): "nerd determinism" and "nerd fatalism". "But, while it's true that geeks can get around this sort of thing ? and other bad network policies, such as network-level censorship, or vendor locks on our tablets, phones, consoles, and computers ? this isn't enough to protect us, let alone the world. It doesn't matter how good your email provider is, or how secure your messages are, if 95% of the people you correspond with use a free webmail service with a lawful interception backdoor, and if none of those people can figure out how to use crypto, then nearly all your email will be within reach of spooks and control-freaks and cops on fishing expeditions."
-
Security advisories for Thursday
Debian has updated openoffice.org
(code execution) and ikiwiki (cross-site
scripting).
Mandriva has updated imagemagick (2010.1, ES 5.0; 2011.: multiple vulnerabilities).
SUSE has updated openssl (SLE 11:
two vulnerabilities).
Ubuntu has updated sudo (privilege
escalation).
-
Security vulnerability in sudo's netmask function patched (The H)
The H reports on a vulnerability in sudo when it is configured for IP-based restrictions on users (typically only for centrally managed sudoers files). "When the developers added IPv6 support, they inadvertently made the matching routine used for IPv4 networks call the IPv6 matching routines when no IPv4 match was found. Because the IPv6 fields would be uninitialised, it was possible for the system to think it had found a match where there wasn't one. Finding a match would, in turn, mean permission would be granted for whatever command the rule was controlling, even when the system was on a different network."
-
[$] LWN.net Weekly Edition for May 17, 2012
The LWN.net Weekly Edition for May 17, 2012 is available.
-
Lotus Symphony code for OpenOffice coming soon
IBM has announced that the paperwork has been signed and that the
contribution of the Lotus Symphony code to OpenOffice will happen shortly.
"The successful delivery of Apache OpenOffice 3.4 has enabled us to
finalize our grant with the the Apache Software Foundation and initiate
this new phase of effort within the community. This is about envisioning a
future for Apache OpenOffice that builds on the best code we can offer
together with the best developers who have mastered it." For those
wondering about what this code offers, there is a
Symphony Contribution wiki page describing the most interesting
features.
|
|
Noutati 
