LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

LWN Weekly Edition

Front page
Security
Kernel development
Distributions
Development
Linux in Business
Linux in the news
Announcements
Letters to the editor
->One big page

 

This page

Previous week
Following week

Sponsored link

Vyatta – Linux & Open Source Alternative to Cisco – Advanced Routing, Firewall, VPN, QoS..
Free Download ->

Recent Features

Plugging into GCC

LWN.net Weekly Edition for October 2, 2008

Ubuntu debuts its Upstream Report

openSUSE and the distribution of proprietary software

LPC: What's happening with webcams

Printable page
Weekly edition Kernel Security Distributions Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ

Distributions

News and Editorials

Slackware 8.1 released

It's official: Slackware 8.1 has been released. Features in this release include the 2.4.18 kernel, glibc 2.2.5, XFree86 4.2.0, a new print system based on LPRng (CUPS also available), Apache 1.3.24 (oops, look for an update there...), Mozilla 1.0, KDE 3.0.1, etc. See the announcement for all the details.

Full Story (comments: 1)

The Debian Developer's Guide to Security Updates

The new Debian Developer's Guide to Security Updates has been posted. It describes how a Debian maintainer should interact with the new security apparatus; it's interesting in that it provides a view into how one distributor handles security issues.

For the most part, it's fairly straightforward stuff. Some highlights:

  • Maintainers should always involve the "Security Team" in the fix. The Team keeps track of outstanding security issues, interacts with other distributors, writes the security advisories, etc. Among other things, the Team can help ensure that information on a remotely exploitable vulnerability is not released too soon.

  • Fixing a security hole by going to the latest version of the affected package is usually not seen as a good idea. A security fix should be done with the smallest possible change, which can mean backporting the fix to whatever older version Debian had shipped.

  • A special location has been set up for uploading security fixes; the updated package will then be automatically rebuilt for all architectures supported by Debian. The ability to provide updated packages for all architectures was, of course, a big part of the motivation behind the new security mechanism.

The full story can be found in the document, of course.

Comments (none posted)

Olaf Kirch joins the SuSE security team

SuSE has sent out an announcement stating that Olaf Kirch has joined the company's security team. Olaf is a long time Linux contributor, of course; he had his hands in the Linux NFS code years ago and is the author of the venerable Linux Network Administrator's Guide. Olaf, until recently, handled security for Caldera. SuSE now claims a total of five people on its security team - an impressive and encouraging commitment to the security of the SuSE Linux (and, eventually, UnitedLinux) distribution.

Full Story (comments: none)

Distribution News

Debian Weekly News - June 18th, 2002

The Debian Weekly News for June 18 is available; this issue looks at the new security build infrastructure, the Woody release ("...we're not entirely done developing Woody"), Debian at LinuxTag, the "after Woody" wishlist, and more.

Full Story (comments: none)

Design of an apt-src program

Joey Hess has posted the beginnings of a design for a new, "apt-src" program. This utility would be like apt-get, except, of course, that it would handle source packages instead. Debian's package management doesn't make dealing with source entirely easy; this new interface could change all that. It includes support for dependencies between source packages, and might even handle automatic rebuilds when a package is upgraded. Joey is looking for feedback on the design; full details may be found in the announcement.

Full Story (comments: none)

Debian on the Sharp Zaurus/SL-5xxx

Matt Zimmerman, who is lucky enough to have obtained a Zaurus PDA, has announced the beginning of an effort to make a version of the Debian distribution for this device. The Zaurus already runs Linux, of course, and Zaurus users end up grabbing packages from the Debian ARM port when they want more software. But it would be nice to have a full Debian distribution, using the Debian package manager. Matt is looking for people interested in contributing to this effort; see the announcement for the details.

Full Story (comments: none)

Gibraltar Firewall based on Debian

Here is a press release from the Debian Project about the Gibraltar Firewall Project. Gibraltar is building a router and firewall package (based on Debian, of course) which will run directly from CD. A free version is available for download now, with a commercial version (with manuals and all) in the works.

Full Story (comments: none)

Mandrake Linux Community Newsletter - Issue #46

The Mandrake Linux Community Newsletter - Issue #46 is now available. "This Week's Summary: Xerox Chooses Mandrake Linux; Latest MandrakeClub Activities; Cooker Snapshot ISOs; PPC News; Mozilla 1.0; What's New at MandrakeUser.org?; This Week's Survey; Security-related Software Updates; Headlines from MandrakeForum."

Full Story (comments: none)

Mandrake Linux Servers Invade Internet

Mandrake has sent in a press release to state that the latest Netcraft survey shows that the web server shipped with Mandrake, the Advanced Extranet Server, has "dramatically grown during the past 12 months, confirming the increased adoption of Mandrake Linux as a server platform."

Full Story (comments: none)

A Mandrake update for ImageMagick

MandrakeSoft has put out an updated version of its ImageMagick package. It seems that there is a problem with the x86 development libraries that can cause segmentation faults; this update fixes that problem.

Full Story (comments: none)

Slackware updates

The Slackware changelog notices have been coming out steadily in the runup to the 8.1 release. Recent changes include new quota code, the addition of adjtimex, a new Java runtime environment, a MySQL upgrade, the latest Evolution, and more. The June 15 changelog also notes a security fix to KHTML.

Meanwhile, for those of you who miss the old Slackware forums, UserLocal has put up a readonly version for archival purposes.

Comments (none posted)

Minor distribution updates

FreeBSD 4.6 released

FreeBSD 4.6 is now available. Quite a few changes have gone into this release, including the adoption of XFree86 4.2. See the announcement for the details.

Comments (none posted)

Embedded Coyote Linux Wolverine Beta 1

The Embedded Coyote Linux page notes the June 17 release of "Wolverine Beta 1." "This version includes PPTP authentication updates, bug fixes, and updated login and firewalling services. This version contains the majority of the functionality that will be present in the final v1.0 release."

Comments (none posted)

LEAF v1.0-rc3

The third release candidate of LEAF 1.0 (LEAF being the Linux Embedded Appliance Firewall) has been announced. Numerous packages, mostly security-oriented, have been upgraded in this release; see the announcement for details.

Comments (none posted)

Page editor: Jonathan Corbet
Next page: Development>>

Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds