What's New In Linux | 20010807

Kernel Space Releases

Latest stable kernel is: 2.4.7

The latest prepatch (alpha) version appears to be: 2.4.8-pre4, but there's a guy in the audience with his hand up to tell me different.

The latest FOLK (Functionally Overloaded Linux Kernel) is 2.4.7-folk2.2.1

User Space Releases

Mozilla 0.93. Less bugs, performance improvements. A Galeon version should be out very soon.

Netscape 4.78 is out. Netscape 6.1 will be out very soon.

Ximian releases Mono, a .NET implementation for Linux


KDE gets (chroot) ActiveX support.

A small plugin which provides ActiveX support within Konqueror has been created. It can play Shockwave, Quicktime, and other formats. Compare with Codeweavers work. It works well, tho is still experimental and won't be part of KDE main.

Samba 2.2.1 released

Massive (30 - 50%) Speed Increase for Large C++ apps on Intel Linux

Waldo Bastian's document demonstrates that the current g++ implementation generates lots of expensive run-time relocations. This translates into the slow startup of large C++ applications.The attached program "objprelink.c" is designed to reduce the problem. Expect (KDE) startup times 30-50% faster."

"Leon's hack works around the problem by adding a level of indirection - a stub -to each function in a class's virtual table, and changing references to the function to point to the new stub

instead -- thereby eliminating a whole lot of symbol lookups and relocations."


Borland releases Kylix Open Edition, and drops price on other version to around four hundred Aussie dollars


All Alan Cox kernels can now be easily packaged with `make rpm'.


RATS 1.1 (beta). A new beta version of the source code auditing tool RATS has been released, adding the ability to scan both Perl and Python code for vulnerabilities.

KDE 2.2 is scheduled to be released next Monday US time

GNOME 2.0 is coming along nicely, with a 2.0 API freeze, and 1.4.1 beta 1 out.

Postfix 20010228-pl4. It now has more wonderfulness.

Nessus 1.0.8

A plugin based remote security analysis tool for Linux. Seggests solutions to problems, and generates reports in HTML, LaTeX, and text.


Security Vulnerabilities

Xinetds umask is inherited by start-on-demand processes that expect tighter umasks. Securityfocus: "It has been demonstrated that there is at least one way for an attacker to gain root privileges due to this condition."

Linux kernel IP masquerading vulnerability. Remotely exploitable IP masquerading vulnerability in the Linux kernel. The problem includes the Linux 2.2 ip_masq_irc module and involves situations where certain browser or MUA helper applications can cause firewalls to act as proxies to open inbound connections when they shouldn't. A patch has been provided by the IP MASQ 2.2 maintainer, JuanJo Ciarlante.


SSH Communication 3.0.1. problem with Unix SSH server and accounts with passwords of two characters or less - people could log in with any password. Upgrade to 3.0.1. Both people using it instead of OpenSSH should be concerned.


A bug in Cold Fusion 5.0 is reported to crash the server, dumping a core file that can allow decrypted tags to be seen in clear text.


Quake 3: Arena 1.29f/g is reported to have a buffer overflow vulnerability. No word yet on if this exploitable.


Various Squid and Apache and Horde IMP updates


Red Hat released 7.2 beta. Will contain 2.4.6 Linux kernel, XFree86 4.1.0, KDE 2.2, GNOME 1.4, and journaling file system support, and included support for both x86 and ia64.


CmdrTaco: And I won't even make a snide comment about how I haven't run Red Hat in 2 years!

Ian from Ximian: I guess I won't even make a snide comment about what an asshole Rob is, then...

News - Everything was threatened by stuff beginning with `A'

GAIM is threatened by AOL. But part of trademark law is that it must be enforced, and GAIMs lawyers (paid for by donations and their own altruism)


KAIM is threatened by AOL. KAIM became Kinkatta and released version 1.0


Killustratior was threated by Adobe, and is now known as Kontour.


Dimitri Skylarov was threatened by Adobe after writing software which decrypts a small portion of encrypted ebooks to prove tha the various ebook security techniques simply weren;t securitty at all (some of these expensive solutions being marketed as `secure' involved ROT 13 and RSA encryption with a single, constant easily discovered string). Adobe backed down after meeting with the Electronic Frontier Foundation. The US government just release Skylarov on $US5,000 nail and is still intending to prosecute him.


Postfix now has a book. Obscurely called `Postfix' and authored by Richard Blum, The book is pretty comprehensive and covers everything from basic setup through virtual hosting through to MySQL and WebMail type stuff. The author has written books on Sendmail and Qmail before, so he knows his MTAs. Seems like a good book although it apparently has some errors.



There's an excellent tutorial for OpenLDAP use at Securityfocus.


The City of Largo California has switched to KDE 2.1.1 as their production systems. 800 users, 400 workstations.


VMWare dropped their prices for VMWare Express to $49.95.


WebWasher Enterprise Edition for Check Point VPN-1/FireWall-1 Achieves OPSEC-Certification

Frank Willison, editor-in-chief at O'Reilly & Associates, passed away as the result of a massive heart attack on July 30. Frank played a big part in the Perl, Python and Zope books as well as other areas.


Loki have a new demo disk, with patches.


Sunspire Studio's have confirmed that the 1.0 release of TuxRacer will not initially be Open Source. However, a GPL 1.0 will be made available some time after the retail release. They're taken all the necessary steps to change the license, and its still a pretty good game


Urban Terror beta 2.2 is out. Get it. It rocks


This Isn't Linux So It Doesn't Belong Here

The space robots are here to protect you from the Terrible Secret of Space


Steve Balmer resigns as Microsoft CEO and takes new role with World Wrestling Foundation.