LWN.net Weekly Edition for November 14, 2002
The FSF GPL Compliance Lab
The Free Software Foundation has sent out a press release proclaiming the receipt of a $25,000 donation from MySQL AB. The donation is intended to support the FSF's GPL Compliance Lab. The donation is a good thing, even if it can be seen as a relatively straightforward payback for the FSF's assistance in MySQL's (just settled) lawsuit against NuSphere. But the PR is also interesting in that it is the first public mention we could find of the "GPL Compliance Lab." So we contacted the FSF to learn a little more about it.The Lab, as it turns out, has existed as an "informal activity" since 1992; it was formalized toward the end of 2001. According to FSF Executive Director Bradley Kuhn:
The Lab's staff includes, beyond a piece of Mr. Kuhn's time to run the whole thing, a "GPL Compliance Engineer" who investigates GPL issues, a half-time clerk to handle copyright assignments, and two lawyers who donate a few hours a week to the project. According to Mr. Kuhn, the demand for the lab's services could easily employ twice as many people; in particular, more lawyer time is needed. But, since the FSF lacks the funds to actually hire a lawyer, it is entirely dependent on pro bono work.
The Lab's staff works on a number of tasks, including the investigation of GPL violations, "diplomatically" working with violators to bring them back into line, helping others (like MySQL) in GPL enforcement efforts, GPL education efforts, and developing new versions of free software licenses. They currently handle about 50 violations every year; most of these are indeed handled with certain amount of diplomacy, since the world as a whole never hears about them. This is certainly the right approach, since, as Mr. Kuhn points out, almost all GPL violations are mistakes, rather than malicious misuses of GPL-licensed code. A quiet approach gets these violations taken care of without backing the violator into a defensive corner.
So why have most of us never heard of the Lab? The answer is resource constraints: the FSF is not exactly overflowing with funds, and has never been able to find the time to set up its own web site. The FSF is not the same thing as the GNU project; while the GNU folks are busy writing software and trying to get past that pesky HURD 2GB filesystem limit, the FSF is working on the broader free software picture. And it is doing so on a shoestring budget.
Bradley Kuhn is hoping that other companies will take a cue from MySQL and make donations to help the GPL compliance effort. He tells us:
He also states that companies which have violated the GPL and been brought back into line by the FSF should donate as well; that seems like a rather harder sell.
There is a serious point here, however. Companies that release code under the GPL do so in the hope that their competitors will not take unfair advantage of that code and distribute proprietary enhancements. As the free software ecosystem grows, an increasing number of companies will surely be tempted to do exactly that. Preventing this sort of behavior requires vigorous enforcement of the GPL's requirements. And that enforcement requires lawyers.
The FSF has been the champion of the GPL since the beginning, and is an obvious focal point for GPL enforcement efforts. But they need a level of funding that allows them to carry out that work. A donations page exists for individuals wanting to help out, and companies with bigger checks will certainly get their phone calls returned quickly. But the FSF may want to consider creating consulting and enforcement services that can be sold to companies that depend on respect for the terms of the GPL. Otherwise, as the market grows, somebody else will.
Free software in Italy and elsewhere
National governments are increasingly taking an interest in free software as a way to reduce costs, improve security, support local software development industry, and decrease reliance on Microsoft. At least, governments outside the U.S. are interested... Here we take a quick look at recent events in Italy and India which give some hints of where this trend is heading.
The Italian Ministry for Innovation and Technology has announced (in Italian) the creation of the "Commission for Open Source Software in Public Administration," which is charged with evaluating free software for governmental use. This committee is headed by Professor Raffaele Meo, former president of the Italian National Research Council (CNR), and a well-known free software advocate. The scope of its work is to look at the "efficiency, effectiveness, and cost savings" of free software. They are also supposed to evaluate technology trends across Europe and other industrialized countries. The group's final report, due in three months, should advise the government on strategies for the evaluation and choice of free software.
This charge may disappoint hard core free software supporters, since it seems to focus primarily on the economic arguments. The driving force behind the establishment of this committee, however, is a proposed law (in Italian, of course) being pushed by the (opposition) Italian Green Party. This law would require government agencies to prefer free software for their information systems needs. Agencies wanting to buy proprietary software would be required to justify that choice. In situations where "personal or sensitive data" (or data whose disclusure could impact national security) is being handled, use of free software would be mandatory. Public agencies would also be required to keep copies of the source for software they use, and would be required to keep data in open formats.
The long-term direction, thus, is toward strong support of free software as a way of improving security and access to public information - along with the usual economic reasons. Adoption of free software at this level in Italy is still a fairly distant prospect, however; for now, we have to wait to see what this committee has to say, early next year. (Thanks to Davide Barbieri for the tip).
Meanwhile, events in India are worth a look. The country's Department of Information Technology announced last month a new set of initiatives to promote the development and use of Linux there. Linux obviously has a lot to offer a country like India, but the cynical among us need not look too hard for another motivation for this effort. After all, Bill Gates has just taken a trip over there and talked about spending $400 million in the country. The two events are unlikely to be unrelated.
India is an important country for both Microsoft and the free software community. Its software market is relatively small, especially when considering the size of the country as a whole. But India is rich in highly educated software developers. If a substantial portion of those developers were to start working on free software, the results would be felt worldwide. It is an outcome that, for Microsoft, is worth $400 million to prevent.
LWN Status
This week's exercise in LWN writing about itself looks at European subscriptions, corporate subscribers, and a couple other aspects of how things are going.The individual subscriber count stands at a little over 2300. New subscriptions have levelled off greatly in recent weeks. The total number of subscribers has yet to decline; if the number of new subscribers remains low, and the number of expiring short-term subscriptions remains relatively high, that could happen before too long, however.
We continue to see a slow but steady trickle of group subscriptions. Subscribers which have given us permission to drop their names include Dell, the IBM Linux Technology Center, NEC, Trustix, Carmen Systems AB, Progeny, The Linux Box Corporation, Boston University, the National Center for Atmospheric Research Library, Bibliotek-Systemer, BitMover, the SAIC Advanced Technologies and Solutions Group, Prosa, Intevation, the Debian Project (funded by HP), and SecurePipe. If your company is not on this list, perhaps it should be; please drop us a note at subs@lwn.net to set up a group subscription.
Our investigations into setting up an European bank account have led us to the conclusion that it's not a viable option for us at this point. Setting up an account requires a "presence" that we don't have, and, even then, it turns out that monetary union has not done much to reduce wire transfer fees across the European Union. Accepting European debit cards that are not part of the Visa or MasterCard networks is not an option available to us.
So it looks a little difficult, still, for European subscribers who do not have credit cards or PayPal accounts. There is, however, one other option we have found: accepting personal checks. It turns out that the costs to us for dealing with European checks (in Euros) is not that unreasonable. So we ask our European readers: how many of you would be willing to mail us a check, for something like EUR 65 to 70, for a one-year "professional hacker" level subscription? Drop us a note (at subs@lwn.net, or as a comment to this article) if you would be interested in that option.
The old "About LWN" page has been replaced with a new LWN.net FAQ with answers to a number of questions. This document is clearly under construction; drop us a note with questions you think we should have answered.
That's about it for this week. Thanks, as always, for supporting LWN.
Security
Brief items
Another set of bind vulnerabilities
Here we go again... The Berkeley Internet Domain server (BIND) versions 4 and 8 have a new set of remotely exploitable vulnerabilities. They are well described in this ISS advisory; in short, the problems are:
- The really nasty one is a buffer overflow in the server's caching
code; this one could (and probably will) be used for remote root
exploits.
- The server can be made to terminate (with an assertion failure) when
fed a large OPT record with certain kinds of queries.
- BIND servers can also be made to crash (with a null pointer dereference) when passed information with the right kind of bogus expiration time.
The first vulnerability leaves much of the net open to root exploits, worms, etc. There is no doubt that many servers will not be patched in time, with the result that malware writers will find no shortage of fertile ground for their unpleasant stuff. Business as usual, in other words.
The other result of this set of vulnerabilities is likely to be to force many sites to upgrade, at last, to BIND version 9. That will reduce the diversity of BIND implementations running on the net, thus ensuring that the next vulnerability will affect even more systems. BIND 9 is said to be more secure (having been rewritten with that goal in mind), but there are, beyond doubt, more problems lurking in that body of code. Then we'll get to go through this again.
Another source distribution trojan
Here we go again... the source distribution of a popular application has been compromised by a trojan horse. This time around, the affected application is tcpdump, which was compromised on November 11 and remained available for download for two days. As with other trojans, this one opens up a connection to a remote host, which can then execute shell commands. The fact that tcpdump was compromised allowed an additional twist, however: tcpdump will not show traffic to and from the hostile remote system.For more information, see this CERT advisory.
New vulnerabilities
BIND8: Multiple vulnerabilities
| Package(s): | bind | CVE #(s): | CAN-2002-1219 CAN-2002-1220 CAN-2002-1221 | ||||||||||||||||||||||||||||||||||||
| Created: | November 13, 2002 | Updated: | March 6, 2003 | ||||||||||||||||||||||||||||||||||||
| Description: | Three new vulnerabilities have been found in version 8 of the Berkeley
Internet Domain Server; see this
ISS advisory, the CERT Advisory
CA-2002-31, or the November 14 LWN
Security Page for details.
Red Hat has sent out an alert (not a regular advisory) suggesting that customers apply its previous BIND updates, which upgrade the system to BIND9. | ||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||
glibc: DNS stub resolvers contain buffer overflow vulnerability
| Package(s): | glibc | CVE #(s): | CAN-2002-1146 | ||||||||||||
| Created: | November 7, 2002 | Updated: | February 5, 2004 | ||||||||||||
| Description: | DNS stub resolvers from multiple vendors contain a buffer overflow
vulnerability. The impact of this vulnerability appears to be limited to
denial of service. (See CERT Vulnerability Note
VU#738331)
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, uses the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash). | ||||||||||||||
| Alerts: |
| ||||||||||||||
kdenetwork: buffer overflow
| Package(s): | kdenetwork | CVE #(s): | CAN-2002-1247 | ||||||||||||||||
| Created: | November 11, 2002 | Updated: | December 20, 2002 | ||||||||||||||||
| Description: | iDEFENSE reports a security vulnerability in the klisa package, that provides a LAN information service similar to "Network Neighbourhood", which was discovered by Texonet. It is possible for a local attacker to exploit a buffer overflow condition in resLISa, a restricted version of KLISa. The vulnerability exists in the parsing of the LOGNAME environment variable, an overly long value will overwrite the instruction pointer thereby allowing an attacker to seize control of the executable. | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
kgpg: keys generated in wizard have an empty passphrase
| Package(s): | kgpg | CVE #(s): | |||||
| Created: | November 11, 2002 | Updated: | November 13, 2002 | ||||
| Description: | A bug in Kgpg's key generation affects all secret keys generated through Kgpg's wizard. (Bug does not affect keys created in console/expert mode). All keys created through the wizard have an empty passphrase, which means that if someone has access to your computer and can read your secret key, he/she can decrypt your files whitout the need of a passphrase. See the full report for details. | ||||||
| Alerts: |
| ||||||
html2ps: arbitrary code execution
| Package(s): | html2ps | CVE #(s): | |||||||||
| Created: | November 8, 2002 | Updated: | December 6, 2002 | ||||||||
| Description: | The SuSE Security Team found a vulnerability in html2ps, a HTML to PostScript converter, that opened files based on unsanitized input insecurely. This problem can be exploited when html2ps is installed as filter within lrpng and the attacker has previously gained access to the lp account. | ||||||||||
| Alerts: |
| ||||||||||
masqmail: buffer overflow
| Package(s): | masqmail | CVE #(s): | CAN-2002-1279 | ||||
| Created: | November 12, 2002 | Updated: | November 13, 2002 | ||||
| Description: | A set of buffer overflows have been discovered in masqmail, a mail transport agent for hosts without a permanent Internet connection. In addition to this privileges were dropped only after reading a user supplied configuration file. Together this could be exploited to gain unauthorized root access to the machine on which masqmail is installed. | ||||||
| Alerts: |
| ||||||
PHP: vulnerability in mail function
| Package(s): | php | CVE #(s): | CAN-2002-0985 CAN-2002-0986 | ||||||||||||||||||||
| Created: | November 13, 2002 | Updated: | October 1, 2003 | ||||||||||||||||||||
| Description: | Two vulnerabilities exists in the mail() PHP function. The first one allows the execution of any program/script bypassing safe_mode restriction, the second one may give an open-relay script if the mail() function is not carefully used in PHP scripts. See this Bugtraq report for more details. Note that this is a different vulnerability than the previous PHP mail() problem, which affected versions through 4.1.0. | ||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||
traceroute-nanog: buffer overflow and root exploit
| Package(s): | traceroute-nanog/nkitb | CVE #(s): | |||||||||
| Created: | November 12, 2002 | Updated: | February 27, 2003 | ||||||||
| Description: | Traceroute is a tool that can be used to track packets in a TCP/IP network to determine it's route or to find out about not working routers. Traceroute-nanog requires root privilege to open a raw socket. It does not relinquish these privileges after doing so. This allows a malicious user to gain root access by exploiting a buffer overflow at a later point. | ||||||||||
| Alerts: |
| ||||||||||
wmaker: buffer overflow in Window Maker image handling code
| Package(s): | wmaker windowmaker | CVE #(s): | CAN-2002-1277 | ||||||||||||||||
| Created: | November 7, 2002 | Updated: | February 6, 2003 | ||||||||||||||||
| Description: | Al Viro found a problem in the image handling code used in Window Maker, a popular NEXTSTEP like window manager. When creating an image it would allocate a buffer by multiplying the image width and height, but did not check for an overflow. This makes it possible to overflow the buffer. This could be exploited by using specially crafted image files (for example when previewing themes). | ||||||||||||||||||
| Alerts: |
| ||||||||||||||||||
Resources
Timing the Application of Security Patches for Optimal Uptime
Steve Beattie, Seth Arnold, Crispin Cowan, Perry Wagle, and Chris Wright published a paper at LISA 2002 entitled "Timing the Application of Security Patches for Optimal Uptime." It is now available for download in PostScript format.Linux Advisory Watch - November 8th 2002
The LinuxSecurity.com Linux Advisory Watch newsletter for November 8 is available.
Events
The Conference on Mobile and Wireless Security
MIS Training Institute has announced that the Conference on Mobile and Wireless Security will happen in Scottsdale, Arizona on February 11 to 13, 2003.
Page editor: Jonathan Corbet
Kernel development
Brief items
Kernel release status
The current development kernel is 2.5.47, which was released by Linus on November 10. Changes this time around include more IPSec work (to the point that it works now), a big kernel timer cleanup, continuing work on the large page mechanism, a PowerPC64 update, some XFS updates, improvements to the new crypto API, an ALSA update, a zero-copy NFS server patch, and lots of other fixes and tweaks. The long-format changelog has the details.Linus's (pre-2.5.48) BitKeeper tree contains more timer cleanups, a rewrite of the software suspend code, Rusty Russell's in-kernel module loader, continuing IPSec work, and various other fixes.
The current development kernel prepatch from Alan Cox is 2.5.47-ac2. It includes the latest ACPI code, some device mapper fixes, some new IDE work, and a number of fixes.
The latest 2.5 status summary from Guillaume Boissiere is dated November 13.
The current stable kernel is 2.4.19. Marcelo has released no prepatches since the first 2.4.20 release candidate came out on October 29.
Kernel development news
2.5 kernel progress charts
![[Compound chart]](http://kernelnewbies.org/status/Linux_Kernel_2_5_Compounded_Progress.png)
Guillaume Boissiere, keeper of the 2.5 Kernel Status Summary, has put
together a couple of images showing how features were merged into the 2.5
kernel over time up to the feature freeze. Have a look at the simple
progress chart and the compounded
chart (also shown at right).
The new module loader
Linus has stated that the October 31 feature freeze date was a deadline for submissions to him, not for actual merging. He has been restrained in what he has merged since then, but one significant change that will show up in 2.5.48 is the new module loader by Rusty Russell. This patch was covered briefly here back in September. As of this writing, the code that has been merged is missing a few little features, like modversions, module parameters, module license checking, and device table support (which is needed to make hotplugging work). Fixes for these omissions are promised for the near future.Meanwhile, the new code is simpler for both the kernel and user space; it is also safer in a number of ways. It does, however, require a new set of module utilities to work; these can be obtained as a source tarball from Rusty's site.
Some documentation for 2.5 IPSec
As of the 2.5.47 kernel, the new, native Linux IPSec implementation actually (sort of) works. Bert Hubert has been playing with this code, and has put together a quick HOWTO on how to make it go. Anybody who is interested in a solid, stable IPSec implementation in 2.6 (and almost all of us are, whether we realize it or not) should consider having a look and testing it out.What's to become of devfs?
From a recent posting by Alexander Viro:
He continues with a long list of changes he would like to make to the devfs code; it's a massive set of cleanups which would, it is claimed, shrink the devfs code base considerably and make things work better. Comments were requested on the proposal; the few that came in were favorable.
The posting led to an entirely different sort of discussion, however. As Ted Ts'o asked, how many people are actually using devfs?
The question is worth asking. Despite the fact that devfs has been in the 2.4 kernel since it first shipped, very few distributions are turning it on for their customers. The devfs way of doing things has failed to take over the world.
And, perhaps more to the point, there is a new approach to dynamic device management that, while not yet actually implemented, is attracting interest. The combination of the /sbin/hotplug mechanism and the device model provides (or can provide) everything that is needed to create devfs-like filesystems in user space. The device model, via the sysfs (formerly driverfs) filesystem, provides a complete view of the state of the system, including all attached hardware. /sbin/hotplug gives user space the ability to know about (and react to) changes in the system state. Using that information, user-space code can populate a device directory hierarchy that implements just about any kind of policy that one could imagine.
All it takes is somebody to hack up the remaining pieces; a user-space devfs could easily be a reality in the 2.5 development series. And, since it lives in user space, there are no real issues with the feature freeze.
Of course, none of this points to a removal of devfs in this development series. Removal of features violates the feature freeze as surely as additions do. It is also standard practice to leave such features in place (though "deprecated") for one stable series to give users time to make the transition. So, even if the decision to remove devfs is made (and that certainly has not happened at this point), it will be around for a while.
Kexec
One of the remaining features that may yet get merged is the "Kexec" patch by Eric Biederman. This patch performs what may seem to be a straightforward task - it reboots the system directly into a new kernel. Things are not always as simple as they seem, however, and this patch has been through an extended period of reworking on its way toward (probable) inclusion.One might wonder what the use of Kexec is, given that people have somehow managed to reboot their systems for years now. Kexec differs from a normal reboot in that the old kernel loads the new one, and jumps to it, directly. There is no need to reset the hardware and go through the whole BIOS startup routine. So, reboots are faster and, perhaps, more reliable. There is also an obvious advantage for kernel developers, who can simply say "boot that image" without having to tell a boot loader (such as LILO) about it first.
Rebooting on the fly in this manner is not an entirely easy thing to do. The new kernel, after all, probably wants to sit in the same part of memory as the current one. So the new kernel can not be put into its real place until the old kernel has finished shutting down gracefully. But, by that point, the old kernel is no longer in a position to load the new one from user space, or from anywhere else.
So the Kexec code has to start by buffering a copy of the new kernel somewhere else in memory. When user space indicates that it has a new kernel to boot, the Kexec code allocates a big pile of memory pages to hold the kernel code. This code is spread out through (non-high) memory, and is not contiguous or otherwise ready to execute. Also allocated along with the memory for the kernel code is the "reboot code buffer." This buffer is typically just a single page.
When the time comes to boot into the new kernel, the Kexec code does the following:
- Shuts down the kernel, and tries to reset devices to a known state.
The code does not unmount filesystems, kill processes, etc.; that work
is expected to have been done by user space prior to the reboot call.
- Copies a small bit of assembly code into the reboot code buffer. This
code's job is to take the set of pages holding the new kernel and copy
them into their real destination - typically overwriting the old
kernel.
- Jumps (via a return, actually) into the new kernel.
The original Kexec patch created a kexec() system call which would load the new kernel image as described above, and immediately reboot into that image. That approach, however, wasn't quite what Linus had in mind, even though Linus likes the Kexec idea in general. Why not, asked Linus, split up the operations of loading the new kernel and rebooting into it?
The reasoning for splitting these operations has mostly to do with other possible uses for Kexec. For example, one can imagine all kinds of things that could be done when the kernel panics: boot into a debugger or crash dump generator, or just bring up that old 2.2 kernel that always worked. The problem is that, when the system has gone into a panic, you really do not want it digging around in the filesystem looking for an image to boot; that needs to have been set up ahead of time. And the only way to do that is to split the load and reboot steps.
So the current patch has a kexec_load() system call which loads a kernel image into memory. Then, a new LINUX_REBOOT_CMD_KEXEC command for the existing reboot() call finishes the task. This version of Kexec still does not handle the panic case, but it has most of the infrastructure needed to do that.
Patches and updates
Kernel trees
Architecture-specific
Build system
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Networking
Security-related
Benchmarks and bugs
Miscellaneous
Page editor: Jonathan Corbet
Distributions
Distribution News
Debian Weekly News - November 12th, 2002
The Debian Weekly News is now available. This week: the APT Development requires Help; Hewlett-Packard recently expanded their Test Drive Program to support Debian GNU/Linux; The Debian project was honored with the Linux New Media Award; and much more.Mandrake Linux
The Mandrake Linux Community Newsletter for November 7, 2002, is available. This week news looks at the new CLIC distribution; also get the top 10 "freshest" RPMs from MandrakeClub; and much more.MandrakeSoft announced the availability of boxed versions of Mandrake Linux 9.0. There are three packaged versions from which to choose: the Mandrake Linux PowerPack and Standard editions are designed for individual users, and the ProSuite Edition is created for small and medium-sized enterprises.
Red Hat Linux
Red Hat has an updated version of the GNU Compiler Collection (GCC) available for Red Hat Linux 7.1, 7.2, and 7.3. This update addresses various issues filled in bug reports.IBM developerWorks has a tutorial detailing the ins and outs of transforming a stock, "out of the box" Red Hat installation into a finely tuned, stable system customized to individual needs and tastes. The material presented here is based on Red Hat 7.3. Registration is required
Slackware Linux
Slackware current has upgraded to KDE 3.1-rc2.Armor-plated Linux gets backup (News.com)
News.com covers the release of a new wrapper for the NSA's SE Linux. "The Open Source Development Group (OSDgroup), a Linux training firm, and Houston-based network consultancy Westcam have teamed up to release a package that adds a graphical installer and new security settings to the OS released by the National Security Agency almost two years ago."
SCO Boosts the Number of Applications Available for UnitedLinux
The SCO Group has announced a series of new programs to encourage application development for its SCO Linux Powered by UnitedLinux product to be released this fall. Through its enhanced Developer Network, SCO is providing commercial and Open Source developers with increased educational opportunities, access to technical information and expert technical support to help them write or port applications and drivers for SCO Linux and other UnitedLinux products.How to do a SuSE 8.1 FTP Install (PCLinuxOnline)
SuSE is a GNU/Linux distribution which does not have freely downloadable ISOs. A workaround to this is installing via FTP. PCLinuxOnline.com shows how to do this.
New Distributions
Bootix Linux
Bootix Linux (now Bootyx Linux) is a bootable Linux CD based on Slackware Linux 8.0 designed to allow the easy imaging of multiple workstations, using the updcast set of Linux tools. Bootix v0.80 was released November 7, 2002.
Minor distribution updates
Astaro Security Linux
Astaro Security Linux has released v3.211 with minor security fixes. "Changes: This Up2Date improves Surf Protection restart, the SelfMonitoring for Surf Protection, and adds a new IDENT Proxy version. It fixes a cosmetic issue in the WebAdmin license display and a DoS IPSec Bug (VU#459371)."
Coyote Linux
Coyote Linux has released v1.0.283 of the Wolverine firewall and VPN server with major bugfixes. "Changes: This version contains fixes for several problems with the PPTP server limiting and refusing connections, IPSEC updates, a new kernel, a completely replaced SNMP subsystem, and adds the beginnings of PPPoE support."
KNOPPIX
KNOPPIX has released v3.1-8-11-2002 with minor feature enhancements. "Changes: This release has a Spanish translation for (/usr/local/bin/)knx-hdinstall, a WINE update (20021031/unstable), the correct DHCP entry in /etc/network/interfaces with netcardconfig, and a PCMCIA update (3.2.2)."
Mindi Linux
Mindi Linux has released v0.71_20021109 with minor bug fixes. "Changes: This version features an updated 2.4.20 kernel, better handling of Debian and Gentoo Linux distributions, better tape/CD support, and numerous bugfixes."
RxLinux
RxLinux has released v1.0.7 with major feature enhancements. "Changes: IPSEC and PPTP are now supported using FreeS/Wan and Poptop. LVS is now supported, and RxLinux can be configured as an LVS director. iptables was added, the kernel was updated to 2.4.19 and patched for IPVS, and OpenMosix was upgraded to 0.2.4. The RxMaster interface was also simplified."
uClinux
uClinux has released v2.5.47-uc0 with major feature enhancements. "Changes: This release uses the latest development kernel. Most of uClinux has been rolled into the main Linux distribution."
Warewulf
Warewulf has released v1.5 with major bugfixes. "Changes: Fixes for bugs in the following tools: wwjobs, nodes, nodeupdate, and nodeconf, a new ability to integrate various kernel args into the node build process, and some minor GUI tweaks to nodes."
Page editor: Rebecca Sobol
Development
The Frequency Clock Free Media System
Version 1.0 of a new open-source multimedia system known as The Frequency Clock has been announced. "We are very happy to let you know about a new open source software system which has been released today, which is a powerful mechanism to manage and control 'channels' of audio and video online. Its designed especially for not-for-profit organisations and the cultural sector, but can be used by anyone who has online audio and video."
The components of the Frequency Clock consist of:
- A Program Database: for containing information about live and pre-recorded programs.
- A Timetabling System: a tool that allows programs to be placed into the program database for scheduled playback.
- A Streaming Media Player: a multi-platform web-based scheduled audio/video playback application.
The system can be used to produce online channels of streaming video and audio for web sites. Media files can be chained together in a schedule for playback by site visitors.
One of the design goals is to have the Streaming Media Player be able to play a wide variety of streaming media formats such as WindowsMedia, Real, and Quicktime, allowing it to replace a collection of proprietary players.
The system has been designed for the following users:
"community radio stations, community cable
television operators, film and video organisations, museums and galleries,
filmmakers and documentary-makers, artists, DJs and musicians.
"
The Frequency Clock looks like a well thought out system, be sure to check out some of the screen shots on the main web page.
System Applications
Audio Projects
preamp simulates Fender guitar amp
For you guitar enthusiasts out there, Tim Goetze has put out a new version of preamp, a plugin for the LADSPA system that simulates a Fender vacuum tube (valve) preamplifier.
Electronics
gEDA News
The latest news from the gEDA project includes new snapshots of Icarus Verilog and gaf (gschem and friends).
Networking Tools
Systrace - Interactive Policy Generation for System Calls
A utility known as Systrace is now available for Linux. "Systrace enforces system call policies for applications by constraining the application's access to the system. The policy is generated interactively. Operations not covered by the policy raise an alarm and allow an user to refine the currently configured policy." Thanks to Marius Aamodt Eriksen.
Printing
CUPS v1.1.16 is Released
Version 1.1.16 of the CUPS printing system has been released. "CUPS 1.1.16 adds support for a new CUPS printer driver for Windows NT/2000/XP that provides accurate page accounting as well as support for the banner, job billing, job priority, and page label options. The new release also contains many small bug fixes and enhancements, including better USB printing support, support for printer names containing any printable character (123print, my-long-printer-name, etc.), and French language localization of the web interface and documentation." See the release notes for the full list of changes.
Web Site Development
Nemein.Net 1.8.3 "Snowstorm" released
Nemein has released the version 1.8.3 of the Nemein.Net Professional Services Automation suite of applications.ZODB 3.2 release plan posted
The release plan for ZODB 3.2 has been published. "There are a small set of proposed features centering around better configuration and management of ZEO and ZODB. Feedback is welcome." Thanks to Jeremy Hylton.
Zope Members News
The most recent headlines on the Zope Members News include: NeoBoard 1.1 alpha 2 released, and Turkish Zope Hosting.
Standards
Announcing the LSB1.3 LI18NUX Level 1 testset beta
A new test set has been released for the Linux Standard Base, LSB 1.3 LI18NUX Level 1.
Desktop Applications
Audio Applications
Audacity version 1.1.1 released
Version 1.1.1 of Audacity, a multi-platform sound file editor, has been released. "Audacity 1.1.1 has much improved support for Mac OS X, and for foreign languages. Users who use Mac OS X or who wish to use Audacity in Bulgarian, Danish, Dutch, French, German, Hungarian, Italian, Polish, Russian, Slovenian, or Spanish should download Audacity 1.1.1." See the release notes for a detailed list of changes.
JACK Rack 1.0
Bob Ham has released JACK Rack 1.0, a stereo LADSPA effects "rack" for the JACK audio connection kit and GTK+ 2. The screenshot looks interesting. The code is available as a source tarball.
ALSA Patch Bay version 0.3 available
Version 0.3 of ALSA Patch Bay, a graphical patch bay for the ALSA sequencer API, is available. This version includes an fltk 1.1 interface and an updated gtkmm interface.
Desktop Environments
FootNotes
Headlines on the GNOME desktop FootNotes site include: a Robin Rowe Interview, GNOME Development Series Snapshot 2.1.2: ''Life Preserver'', GNOME Summary for 2nd to 9th November, Evolution 1.2 available!, Sawfish 1.2 released, OpenOffice.org Project Update, GnomeICU 0.99 beta Released, GIMP 1.3.10 released, First version of libwpd released, Candidates for Fall 2002 GNOME Foundation Elections, and more.GNOME Summary
The November 2-9, 2002 GNOME Summary is out. Topics include Tons of Evolution, New tooth in the GNOME bite, GNOME Foundation Candidates, GNOME Filesector Continued, Anjuta 1.0, More good medicine, Nautilus Bugzilla, Gtkmm 2.0, GNOME and Python, Translated GNOME summaries, and more.KDE 3.1 RC3: Last Dance?
KDE.News covers the release of KDE 3.1 RC3. Several severe bugs from the RC2 release have been fixed. Testers are needed.KDE Merchandise Sales to Support Developers
Shawn Gordon of theKompany has announced that sales from a new line of KDE-themed merchandise has been made available and each month a random KDE developer will be awarded with the profits from the sale.Xfce 3.8.18 released
Version 3.8.18 of the Xfce desktop environment has been released. Release information is in the source code.
Graphics
GIMP Development Version hits the Big 1-0
Gimp.org mentions that GIMP version 1.3.10 (development release) is available. "In addition to many tweaks and bugfixes, this is the first release in the 1.3 series in which Python scripting can be enabled. As with all GIMP releases, 1.3.10 can be downloaded from your favorite mirror. Happy bug hunting!"
Interoperability
Kernel Cousin Wine
Kernel Cousin Wine Issue #143 is out. Topics include: Wine-20021031 and Commercial Devel, Wine 0.9 To Do, Testing Apps: Tucows' Top 20 Apps, Testing Apps: Mozilla and Multimedia Players, RPCSS.exe Replacement, Avoiding ASCII/Unicode Function Duplication, Thanks from Bob, Author Needed for Winelib Article.
Office Applications
AbiWord Weekly News
Issue #117 of the AbiWord Weekly News is out with the latest AbiWord word processor development news. "Now, as for AbiWord, 1.1.1 was released this week, in the four month build up to AbiWord II: The Wrath of Dom, this version is even niftier. Will and Marc start a wv-like library for WordPerfect. And there's still some more dipping into learning how AbiWord's proprietary format works."
Kernel Cousin GNUe
Kernel Cousin GNUe Issue #54 is out with the latest GNU Enterprise development news.
Web Browsers
mozillaZine
The latest mozillaZine topics include: Netscape DevEdge Update, Bugzilla Upgraded, Creating a Skin for Mozilla, Phoenix on BeOS, Introduction to the XUL Runtime Environment, MozillaNews Launches Bonsai Watch, Introduction to the DOM Inspector, and Newsgroup Filtering Coming to a Mozilla Near You.
Languages and Tools
Caml
Caml Weekly News
The Caml Weekly News for November 5 - 12, 2002 is out with the latest Caml software releases. Topics include: New release of OCamSDL, OS X distribution issue, Cameleon 1.2, caml2html, What are Classes for in O'Caml?, Gettext, Berkeley DB, exuberant ctags for ocaml?, Camlp4 and lightweight records, and ant 0.4.The Caml Hump
This week, the new software on The Caml Hump includes lightweight records, OCamlBDB, Gettext, Ant, ActiveBuffer, Overflow, caml2html, and APM.
Eiffel
ELJ 0.5, Open Source Projects for Eiffel
The ELJ Project has released version 0.5 of ELJ, the open source projects and library bindings for Eiffel.
Java
Get ahead with Java Web services (IBM developerWorks)
James McCarthy introduces Sun's Java Web Services Developers Pack on IBM's developerWorks. "Java developers who are interested in getting started with Web services should check out the Java Web Services Developers Pack (WSDP). In this article, James McCarthy takes you on a quick tour of this package. You'll learn what the tools in this package can do for you, and find out which components are just for testing and which are ready for production use as-is."
Learning the New Jakarta Struts 1.1, Part One (O'Reilly)
Sue Spielman covers Jakarta Struts 1.1 on O'Reilly. "Over the last year, the Struts framework, a Jakarta open source project, has become practically the de facto standard for building Web applications. Based on the MVC architecture, Struts has proven to be a solid framework that can be used on systems of all sizes. In fact, Id be hard-pressed to come up with a reason why you and your development team should spend cycles developing a custom MVC framework for a project. It just doesnt make sense."
Java Essentials: What Is Wireless Java? (O'Reilly)
Steve Anglin explains Wireless Java on O'Reilly. "Wireless Java consists primarily of the Java 2ME (Micro Editon) platform with its API and tools like the Wireless Java Toolkit. In the J2ME, there's the Foundation Profile MIDP PersonalJava Configurations. The Foundation Profile lets you write applications for small wireless devices that do not support a GUI. Mobile Information Device Profile (MIDP) is a more advanced set of APIs including MIDlets (wireless-optimized servlets) and other instructions for downloadable applications and services for network-connectable, battery-operated mobile handheld devices such as cell phones, two-way pagers, and PalmPilots."
Perl
This Week on perl5-porters (use Perl)
Use Perl has published This Week on perl5-porters for November 4-11, 2002. "The usual suspects are once again rounded up. Unicode bugs, PerlIO bugs and closure bugs are featured in this week's summary. In a sense, that's a good thing, meaning that the older or more widely used features seem to work quite well." Topics include: Determine whether a scalar is a number, Two UTF8 bugs, Lexical quandry, and In brief.
This week on Perl 6 (O'Reilly)
This week on Perl 6 for November 4, 2002 is out. Topics include: C# and Parrot, Scratchpad Confusion, Help! Bugs! Crawling All Over Me! OR the Road to 0.0.9, Keyed ops, the Return, 64-bit ints and Noncapable Hardware, Configuring and DOD, Execute in place?, Copyright Notices and License Stuff, Allow a NULL Interpreter in sprintf Like Functions, Draft Sketch of Bytecode Generation, Meanwhile, in perl6-language, Character Properties, Perl6 Built-in Types, Power of Lisp Macros, and more.
PHP
PHP Weekly Summary
Topics on this week's PHP Weekly Summary include the 4.3.0 schedule, a possible pcntl addition, the inconsistant return of 1, strlen() optimisation, photos from the PHP conference, OpenSSL additions, MySQL embedded PHP, XSLT / Sablotron 0.97, Cryptopp-php, an smbclient extension, Apache hooks, and a question about SQL server with Unix PHP.PHP compatible editor page
Keith Edmunds has moved his Keith's PHP Editors page, a list of PHP compatible editors, to a new location.PHP Cookbook Trip Mapping with PHP (O'Reilly)
David Sklar discusses the use of PHP for the creation of maps. "Remember Raiders of the Lost Ark? One of the distinctive images was a thick red line cruising across a map, showing Indiana Jones' routes when crisscrossing the globe and fighting bad guys. I don't think they used PHP for any of the special effects in 1981, but you can use PHP today to create a similar map of the United States."
Python
Dr. Dobb's Python-URL!
The Dr. Dobb's Python-URL! for November 11, 2002 is out with lots of Python development news.Python persistence management (IBM developerWorks)
Patrick K. O'Brien discusses Python persistence on IBM's developerWorks. "Persistence is all about keeping objects around, even between executions of a program. In this article you'll get a general understanding of various persistence mechanisms for Python objects, from relational databases to Python pickles and beyond. You'll also take an in-depth look at Python's object serialization capabilities."
The Daily Python-URL
This week's Daily Python-URL article topics include: Webcasts from Lightweight Languages Workshop 2002, Play with regexps from the safety of your browser, How to add Spyce to your life, Python 2.2.2 for AS/400, IDEStudio, Notes on Lisp Advocacy, Roundup 0.5.2, Kiwi, the Python meetup, and more.
Ruby
The Ruby Garden
This week's Ruby Garden features a plea for help from a new Ruby user. The Ruby Weekly News has articles on: an upcoming Ruby Hacking Fest, Ruby docs online, a Ruby article in SD magazine, Rubyconf coverage, a Rubycentral DNS problem, and Ruby documentation vision.
Scheme
Scheme Weekly News
The November 12, 2002 edition of the Scheme Weekly News is out. Topics include: TeXmacs 1.0.0.21 released, Scheme UK, guile-gtk homepage moves, guile-gobject updated, and Conference pictures from ILC 2002.
XML
W3C Advances XForms 1.0 (Dr. Dobb's)
Dr. Dobb's covers the release of Candidate Recommendation 1.0 for XForms. "XForms is seen as the foundation for next-generation Web-based forms, using XML to make it possible to write forms in a number of markup languages and deliver them to diverse devices, from PDAs to cell phones and screen readers, without having to rewrite the forms. The specification achieves this by giving authors the ability to distinguish the descriptions of the purpose of the form from the presentation of the form and how the results are written in XML."
Plan to use XML namespaces, Part 2 (IBM developerWorks)
David Marston completes his mini-series on XML namespaces with the second article. "This two-part article introduces XML namespaces, explores their practical benefits, and shows you how they are used in the standard XML formats and tools defined by the W3C. Here in part 2, David shows you how to intermix XML vocabularies and define vocabularies of your own, with several best practices highlighted. Best practices range from terminology usage up through system-wide design." You may want to start with part 1.
Ontology Building: A Survey of Editing Tools (O'Reilly)
Michael Denny discusses ontologies on O'Reilly's XML.com. "As the hype of past decades fades, the current heir to the artificial intelligence legacy may well be ontologies. Evolving from semantic network notions, modern ontologies are proving quite useful. And they are doing so without relying on the jumble of rule-based techniques common in earlier knowledge representation efforts."
Automatic Numbering, Part 1 (O'Reilly)
Bob DuCharme writes about number formatting with XSLT. "XSLT's xsl:number instruction makes it easy to insert a number into your result document. Its value attribute lets you name the number to insert, but if you really want to add a specific number to your result, it's much simpler to add that number as literal text."
Miscellaneous
The Zen of Comprehensive Archive Networks (use Perl)
use Perl has an article that describes some of the work behind developing a language archive site such as Perl's CPAN. "It seems that there is a lot of interest in having similar archives for other languages like CPAN is for Perl. I should know; over the years people from at least Python, Ruby, and Java communities have approached me or other core CPAN people to ask basically 'How did we do it?'. Very recently I've seen even more interest from some people in the Perl community wanting to actively reach out a helping hand to other communities. This 'missive' tries to describe my thinking and help people wanting to build their own CANs. Since I hope this message will somehow end up reaching the other language communities I will explicitly include URLs that are (hopefully) obvious to Perl people."
Page editor: Forrest Cook
Linux in the news
Recommended Reading
A kinder, gentler Perens is going Global now (Register)
The Register takes a look at what Bruce Perens is up to these days. "One thing you have to admire about Bruce Perens: he has lots of ideas and he's not afraid to implement them. Before the door was fully closed behind him at HP, he started Sincere Choice to counter Microsoft's "Software Choice" initiative. Now he's heading up a new non-profit: the Global Technology Policy Institute."
Trust or treachery? (News.com)
News.com warns us about some potentially treacherous uses of Microsoft's Palladium architecture. "Richard Stallman, founder of the Free Software Foundation and co-founder of the GNU project for creating free versions of key Unix programs, lampooned the technology in a recent column as "treacherous computing.""
OpenOffice.org Project Update (Linux Journal)
The Linux Journal looks at the state of the OpenOffice project. "There are installations in place or in planning stages in the German Bundestag, the Maltese Prime Minister's office, to name just two. The governments of Italy, England, Canada, China, Peru, Chile, Costa Rica and many other countries have taken a view that these platforms can help them manage and control both smaller, more efficient IT budgets and establish for the first time a path to universal access to public documents."
When It's Life or Death, Some 911 Systems Turn To Linux (CIN)
CIN looks at using Linux in 911 emergency services. "While the low cost of Linux makes it attractive, the big draw for IT managers like Stebbins is its reliability. The machines in the St. George 911 center are in use 24 hours a day, seven days a week, says Stebbins. One of the systems has been running continuously for nearly a year and a half."
Companies
Dell on Linux and Tablets (vnunet)
Vnunet covers Dell chief executive Michael Dell's pro-Linux keynote address at the recent Gartner symposium. ""We see a lot of customers who have developed Unix applications moving to Linux," he said. "Chief information officers have said that they knew Linux would cost less, but were surprised that it performed better.""
Microsoft memo: Linux fight backfiring (News.com)
According to this News.com article, Microsoft execs are now realizing their tactics are not effective against Linux. "Top Microsoft executives, including co-founder Bill Gates and Chief Executive Steve Ballmer, have long derided open-source software as being everything from a "cancer" to "Pac-Man-like." But those messages have failed to diminish the popularity of open-source programs such as Linux among developers and customers, according to a Microsoft memo distributed at a strategy meeting in Berlin in September."
MS admits its Linux-bashing jihad is a failure (Register)
Here's the Register's take on this year's Halloween memo from Microsoft. "The Beast has hired a research crew to do a bit of attitude sampling among the Great Unwashed in the US and abroad, and has found that slagging Linux is not winning it any points. In a company memo posted by Eric S. Raymond here we learn that regular folks are both eager for a Microsoft alternative and generally respectful of the open-source concept."
SGI to unveil new supercomputer (News.com)
News.com takes a look at some new supercompters from SGI. "In the next few months, SGI will come out with its first Itanium 2 computers. These systems will hold 32 processors per rack and will run the Linux operating system."
Original Mac hand leads Sun desktop charge (Register)
The Register looks at Sun's plans for a Linux desktop. "Jonathan Schwartz thinks Sun will be the first company to present a deployable Linux desktop with all the trimmings - the management software, applications (iPlanet) and the channel - to Fortune 500 customers. Since no one else of Sun's size is trying to do this, and IBM and Hewlett Packard are Windows licensees and are doing Linux everywhere except on the desktop, he's probably right. At least on this scale."
Turbolinux sells clustering business to start-up (Register)
Turbolinux is in the process of changing its business model. This article in the Register covers the sale of its EnFuzion clustering software to start-up company Axceleon Inc. "The formation of Axceleon and the acquisition of EnFuzion follow the acquisition of Turbolinux by Japanese software house Software Research Associates Inc in August. While SRA acquired the Turbolinux name and Linux distribution business, Turbolinux's US management team planned to launch a new company based around its PowerCockpit server provisioning software under the management of former Turbolinux CEO Ly-Huong Pham."
Business
Linux adds desktop tools (vnunet)
Vnunet looks at new desktop releases coming from SuSE and Red Hat. "But Linux's near-term corporate success is still more likely to be on the server side. Suse said over 500 downloads of the UnitedLinux beta are being requested every day. UnitedLinux is an attempt to create a standard Linux configuration backed by Suse, SCO, Turbolinux and Conectiva."
Linux & Learning (eSchoolNews)
The eSchoolNews examines ways in which Linux can save schools money. "Schools across the country are finding that Linux can help reduce their total cost of ownership (TCO) in a number of ways. Tightening budget constraints mean schools must capitalize on their existing infrastructure. Linux can run on a processor as slow as a 386. Remember those?" Thanks to Alonzo (Registration required)
Interviews
Stallman: Disk, I/O issues delay GNU OS (InfoWorld)
InfoWorld talks to Richard Stallman about the GNU OS. ""I would say that when two features that are that essential are still missing, we are not at version 1.0 of the system yet," Stallman told IDG News Service in an interview this week in Bangalore. Stallman was however noncommittal on a new release date." Thanks to Daniel Lark
Tech legend takes on Microsoft (CNN)
CNN covers Mitch Kapor, the software pioneer who introduced products such as Lotus' Notes, Agenda and 1-2-3 spreadsheet, in a new open-source venture. "Kapor's latest effort, an open-source "interpersonal" information manager, has been under development for more than a year but doesn't yet exist. Yet already there are expectations it could challenge Outlook, the industry heavyweight."
Oracle's Jarvis: Unplugged--but not unarmed (ZDNet)
ZDNet talks with Mark Jarvis, Chief Marketing Officer of Oracle. "As OracleWorld transpires this week, Oracle Chief Marketing Officer Mark Jarvis hopes to give Microsoft some grief with version 2 of the Oracle Collaboration Suite. In addition, Jarvis is calling OracleWorld a Linux festival, and touts the cost benefits of Linux/Intel solutions over Wintel and Unix platforms."
Resources
LinuxDevices Embedded Linux Newsletter for Nov. 7, 2002
Get the top stories for Embedded Linux with the LinuxDevices.com Embedded Linux NewsletterGrounds for Identity (Linux Journal)
Linux Journal tackles the hot topic of identity. "At the show I made as much trouble as I could. On the opening day I moderated a panel on identity and open source. On the closing day I gave a talk about the open-source nature of internet infrastructure--the need for open identity protocols and other standards that commercial interests alone would be unlikely to provide."
Data security for Linux power users (Register)
This Register article has some tips for keeping data secure on your Linux system. "I'll get into the Linux home network soon in a forthcoming article with our John Lettice. For now I'll concentrate on data hygiene and on-line anonymity. Why? because your Linux box is literally peppered with data traces indicating the Web sites you've visited, the files you've uploaded and downloaded, and every file you've recently accessed. You think encryption is the way to go? Think again. It's only as private as your passphrase is strong. It may be impractical for a remote attacker to crack it, but a brute-force attack is quite plausible for someone who has physical possession of your box and plenty of time. Like a police forensics lab, say."
Lightweight Linux, Part 1 (IBM developerWorks)
This IBM developerWorks article is about leveraging older hardware to break the hardware/software upgrade cycle. "Too often, modern operating system vendors treat hardware as if it were disposable -- use it for a year and then throw it away. One might be tempted to believe that secret backroom meetings are going on between vendors of operating systems and computer hardware manufacturers. New operating systems and applications demand the latest, most powerful hardware. The newest hardware works best only with the latest, most feature-rich software. I'm sure the churn helps someone's bottom line, but it does nothing for mine."
Clustered Linux: supercomputing on the cheap (ZDNet)
ZDNet is carrying a TechRepublic article about Linux clustering technology. "According to Linux vendors and industry analysts, cost-effectiveness is just one of several reasons prompting more enterprises to choose Linux systems."
Developing LSB-certified applications (IBM developerWorks)
Here's a HOW-TO article on IBM developerWorks about developing LSB-certified applications. "The Linux Standard Base is a big step toward ensuring binary compatibility among Linux applications, and it should greatly reduce the amount of testing and validation required for operation on multiple platforms. In five straightforward steps, George Kraft, chairman of the Linux Standard Base, shows you how to build an LSB-certified application."
Reviews
Major German Paper praises KDE and Konqueror
KDE.news is carrying the news from a big German newspaper Süddeutsche, which has published a 10-part installation report of SuSE Linux 8.1, complete with praise for KDE and Konqueror. Other projects such as the Gimp and OpenOffice.org are also mentioned positively.Device Profile: CDL Paron 'secure PDA' (LinuxDevices)
LinuxDevices takes the CDL Paron for a test drive. "IBM and Consumer Direct Link, Inc. (CDL; Costa Mesa, CA) have co-developed the Paron MPC, a unique handheld PC which combines the functions of a PDA, Bluetooth wireless access, cellular telephone, and biometric fingerprint recognition, along with a security-oriented hardware/software architecture. In particular, IBM and CDL claim that the Paron represents the world's first handheld wireless device with built-in biometric user authentication."
Zope quickstart in November Linux Productivity Magazine
The November issue of Linux Productivity Magazine explains the power of Zope, and then takes a completely uninitiated user through the steps to install and learn Zope. Included is a glossary of Zope terminology.
Page editor: Forrest Cook
Announcements
Commercial announcements
SBE Aims Adapter at the Linux Enterprise Market
SBE Inc.has announced a PCI version of its wanPMC-C4T1E1 adapter card. Three versions include single, dual, and quad port options as wanADAPT-C1T1E1, wanADAPT-C2T1E1, and wanADAPT-C4T1E1. This adapter was a result of customer demand for T1 or E1 links in a Linux server or router.HP ProLiant Servers Running Linux-based Sendmail Outperform Sun Platforms
HP and Sendmail, Inc. announced the results of a performance benchmark testing Sendmail's email software on industry-standard HP ProLiant servers vs. proprietary Sun systems. The results show that significant price/performance benefits and better message throughput are achievable when Sendmail's software is deploying mail and messaging solutions on industry-standard hardware running Linux, as compared to more expensive Sun servers running Solaris.NuSphere and MySQL settle
NuSphere and MySQL have issued a press release announcing the resolution of their long-standing legal dispute. "The settlement resolves all outstanding issues between the two companies including ownership and use of trademarks and domain names and assignment to MySQL AB of copyrights for all NuSphere contributions to the MySQL program, and MySQL AB has issued a letter to NuSphere Corporation verifying GPL compliance."
Turbolinux announced "TurboDB", a commercial PostgreSQL-based product
Thanks to LWN correspondent Maya Tamiya we have an idea of what Turbolinux is up to these days. It seems that SRA, the company that recently acquired Turbolinux, is the current employer of Bruce Momjian, one of the core developers of PostgreSQL, leading to TurboDB, a PostgreSQL-based product.Fonix DECtalk Now Available for Linux
Fonix Corporation has announced the availability of a Linux version of Fonix DECtalk. "...the world's most intelligible text-to-speech solution for embedded device applications. The new Linux support will be especially useful for application providers developing screen readers and other reading aids for the visually challenged on the Linux platform."
"Building Secure Servers with Linux" Released by O'Reilly
"Building Secure Servers with Linux" has been released by O'Reilly. The book focuses on the most common use of Linux, as a hub offering services to an organization or the larger Internet, and shows readers how to harden their hosts against attacks.HP's Itanium 2-based Workstation Advantage for Higher Education
HP is offering US colleges and universities discounts on HP Workstations zx2000 and zx6000 loaded with 64-bit Red Hat Linux Advanced Workstation operating system, for a limited time.Red Hat to Distribute Oracle Cluster File System
Red Hat, Inc. announced that it will make the Oracle Cluster File System (OCFS) available to Red Hat enterprise customers. "The Oracle Cluster File System, combined with Red Hat Linux Advanced Server, allows customers to manage their database storage in an Oracle9i Real Application Cluster (RAC) configuration as easily as on a single system. The Oracle Cluster File system supports all database files, archive logs, redo files and control files. This greatly simplifies Oracle database installation and management."
New Aurora Linux Driver Offers Async Serial Connection and Custom Baud Rates
Aurora Technologies, Inc. announced its SIOLX 2.11, a new Linux device driver that supports Aurora's PCI asynchronous serial communications cards. The new SIOLX Linux driver works with Intel-based systems running a distribution of the 2.4 Linux kernel and supports Aurora's Aries family of 8 and 16-port asynchronous PCI multiport serial controllers.Rococo Software Releases Bluetooth DevKit for Linux Over BlueZ
Rococo Software announced the release of Impronto Developer Kit for Linux, a Bluetooth development environment that makes building Bluetooth applications in Linux faster and easier. Impronto Developer Kit for Linux is available free of charge for non-commercial use from Rococo's web site.Yamaha Invests in MontaVista Software
MontaVista Software Inc. announced it has received an equity investment from Yamaha Corporation, the global company that manufactures and markets a broad range of products including digital musical instruments, professional audio and recording, and home entertainment systems.Zintec Selects MontaVista Linux as Foundation Platform for New Set-Top Box Products
Zintec Holding and MontaVista Software Inc. are collaborating on the development of next-generation set-top box products.Evolution 1.2 released
Ximian has announced the release of version 1.2 of the Evolution mail client. There'a s long list of new features; see the announcement for the details. There is also a new version of Ximian Connector to go along with the new Evolution, of course.Qt 3.1 released
Trolltech has announced the release of Qt 3.1. The biggest addition this time around appears to be "QMotif," which allows Motif applications to be gradually shifted over to the Qt toolkit.Luke Macpherson Wins John Lions Award For 2002
The Australian UNIX and Open Systems User Group (AUUG, Inc.) announced that Luke Macpherson has won the John Lions Award for 2002 for his work on IP Spoofing and Aliasing for the BSD Network Stack.Linux NetworX announces "Life Sciences Cluster"
Linux NetworX has announced a new "Life Sciences Cluster" product. It is a Linux-based cluster with a number of life science applications (BLAST, HMMer, ClustalW, Amber, etc.) thrown in. The announcement is interesting in that it shows the Linux cluster industry developing more focus and aiming its products at specific sets of customers. Free software is well suited to this sort of focus; there should be numerous business opportunities out there for companies creating application-specific products.
Upcoming Events
Linux Cluster: the openMosix Approach
A one-day workshop on using openMosix for building Linux clusters will be held in Bologna, Italy on November 28, 2002.Perl Conference dates and location announced (use Perl)
Use Perl has an announcement for the Open Source Convention and accompanying Perl Conference, to be held in Portland, Oregon on July 7-11, 2003.YAPC::Europe Committee nominated (use Perl)
Accdording to Use Perl, president of the Perl YAS has nominated the members of the YAPC::Europe Committee in preparation for the upcoming event.YAPC::Europe 2003 to be held in Paris (use Perl)
According to Use Perl, the next YAPC::Europe will be held in Paris sometime in 2003.Red Hat Chairman and CEO, Matthew Szulik, to Deliver Keynote at International Oracle User Group Event
The International Oracle Users Group has announced that Sunday at the International Oracle User Group (IOUG) Day at Oracle World, Red Hat will kick off the week with an address from Red Hat Chairman and CEO, Matthew Szulik. Oracle users will hear first-hand about Red Hat's relationship with Oracle and how the two companies work together to support "Unbreakable Linux" and to provide business infrastructure solutions to enterprise customers.Events: November 14, 2002 - January 9, 2003
| Date | Event | Location |
|---|---|---|
| November 14 - 15, 2002 | The Open Source Health Care Alliance(OSHCA) | (UCLA Medical Center)Los Angeles, CA |
| November 14 - 15, 2002 | Java Days Europe | Helsinki, Oslo, Frankfurt, Zurich, Milan |
| November 18 - 21, 2002 | Embedded Systems Conference, Boston | (Hynes Convention Center)Boston, Mass |
| November 18 - 21, 2002 | ApacheCon US 2002 | (Alexis Park Resort)Las Vegas, NV |
| December 3 - 5, 2002 | Linux Bangalore/2002 | (J.N.Tata Auditorium)Bangalore, India |
| December 9 - 20, 2002 | UMeet conference | On IRC |
Web sites
The latest from LinuxLookup
LinuxLookup.com has a number of new articles, including a review of Tablet PCs with LindowsOS, an editorial on embedded Linux, tools to transition from Windows to Linux, and more.
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Miscellaneous
Open Source Victoria
A new Australian Linux advocacy group known as Open Source Victoria has been formed. "A new advocacy group, Open Source Victoria, has been formed to educate Victoria's business and government leaders about the benefits of using Open Source software for both server and desktop environments. Open Source Victoria also intends to seek State funding from the Next Wave program in order to set up an Open Source Cluster in Victoria."
Page editor: Forrest Cook