LWN.net Weekly Edition for July 11, 2002
The European Commission's open source software pool
The European Commission sent out a press release on July 8 announcing a new report it had published on sharing of open source software between European governments. Those who are interested can get the full report as a 3 MB PDF file; for the rest of you, we have read it through and distilled out the main points.The focus of this report is relatively narrow. The Commission is not trying to promote open source in general, and it is not trying to get governments to use free software desktops. Instead:
In other words, the Commission thinks that open software can maybe help keep the trains running on time. Performing these governmental tasks requires large amounts of custom software. In general, there is not a market for this kind of administrative software, since there are so few buyers. So governments end up writing their own. And that, of course, leads to the obvious question:
The open source case is helped by the fact that governments will, in general, need to be able to adapt any shared software to their particular needs.
So the report's authors envision setting up a "Pool of Open Source Software" (POSS) portal where governments could share their software. The end result looks very much like a multilingual, restricted access version of SourceForge.
They have already picked out the components they expect to use in the creation of this portal: Linux, Apache, ProFTPd, MySQL, phpMyAdmin, exim or sendmail, mailman, python, fetchmail, webalizer, PHP, cvs, sourceforge, OpenSSH, etc. They picked open source tools "to reinforce the credibility" of the project, "although we do not consider this requirement as a technical one." Running this project is expected to cost about EUR 6 million over five years.
Much space is dedicated to worrying about licenses, patents, and liability. Governments, it is said, satisfy two criteria that make them especially prone to litigation: they are easy to find, and they have deep pockets. So a licensing or liability issue that attracts little attention when a small company or development group is involved could turn into a big court case for a governmental agency. To avoid such troubles, the report authors want to nail down a number of legal items with more than the usual amount of precision.
For example, very few free software licenses specify where any disputes should be resolved. The report states that the license for any software distributed through POSS should be augmented (with a separate agreement, perhaps) by a statement of jurisdiction. If a licensing issue goes to court, they want to know which court. Similarly, they want a declaration of which country's laws apply in a dispute.
Patents are a concern as well; the report seems to accept that software patents are in Europe's future. There is a discussion of an IBM submarine patent in the ebXML specification as an example of the sort of trouble that can come up. The report concludes:
The report has no suggestions, though, on how to find all of the potential patent problems in a given piece of software.
Then, there is the issue of liability for software-related problems. The report writers worry that the standard liability exclusions found in both free and proprietary licenses may not be legally valid. They hope to address this problem by instituting a review process within the POSS system - though it's hard to imagine how this group could, with confidence, issue a clean bill of health for any package.
There is one other component to the report's solution to licensing, patent, and liability issues: restricting access to the software to "public administrations," initially in Europe only. With a restricted user base, contracts can be signed that give the POSS system - and those contributing software to it - a better handle on the various legal issues. A "public administration" which obtained software from the system could, of course, redistribute it under the terms of its (open source) license; they would, then, take on the related legal issues. In practice, it would not be surprising if very few government agencies redistributed software obtained from POSS.
In other words, the software involved may be open source, but there are limits to the openness of POSS. European Union citizens wanting to look at the code used by their government may have a hard time getting access - even though said code is, in theory, under an open source license. POSS looks more like a private code sharing club than a true open source project. Sharing code may be helpful for governmental efficiency, but the "members only" approach could deprive both governments and citizens of many of the advantages of truly free software.
The end of the road for the 2600 case
The Electronic Frontier Foundation has issued a press release on the abandonment of the 2600 DVD case, which will not be appealed to the Supreme Court. This marks the end of one of the more prominent DMCA cases, and it sets some unfortunate precedents - at least, in the second federal court circuit. The ban on a piece of software as a "circumvention device" remains intact, and, chillingly, it is fine for the government to prohibit linking to content that it does not like.The EFF's position is that this is not the right case to take to the Supreme Court - the end result would be much the same as with the lower courts. It is true that the EFF's resources are limited and should not be expended tilting at windmills. One can only hope that the right case comes along and we can begin to put a stop to the erosion of freedom in the name of protecting intellectual property.
A few site changes
A few small changes have been made to the site, in response to user requests. They include:- There is a new combined security page with a
snapshot view of the various security-related resources on LWN. If
all goes well, we'll put together similar pages for other categories
of news.
- The weekly archives page is back - and
includes the table of contents for weekly editions published on the
new site.
- Comments are now presented in full-text form after an article by default. This behavior has always been available to readers with accounts. (If you do have an account, we assume that you set the option the way you wanted it and thus we did not change it).
There are many other enhancements we would like to make to the site if we can keep things going long enough. If you have not already done so, please consider donating to LWN or advertising to help keep LWN on the air.
Security
Brief items
Squid Security Update Advisory 2002:3
The Squid proxy server project has released Squid-2.4.STABLE7, which contains several security fixes. Some of the vulnerabilities are thought to be remotely exploitable. If you are running Squid, you should be looking to upgrade. Vendor alerts are listed in the vulnerability report as we get them.
Security reports
Local artsd real time shell vulnerability
Olaf Kirch looks at a posted artsd exploit (implemented using artswrapper). A local attacker may use such an exploit to get a shell with realtime scheduling priority but no other privledge escalation.
New vulnerabilities
bind buffer overflow vulnerability in DNS resolver libraries
| Package(s): | bind glibc | CVE #(s): | CAN-2002-0651 CAN-2002-0684 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Created: | July 8, 2002 | Updated: | October 1, 2003 | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Description: | The BIND 4.9.8-OW2 patch and BIND 4.9.9 release (and thus 4.9.9-OW1)
include fixes for a libc related vulnerability which does not
affect Linux. Updates from
the Internet Software Consortium (ISC)
are available from here.
No release or branch of Openwall GNU/*/Linux (Owl) is known to be
affected, due to Olaf Kirch's fixes for this problem getting into the
GNU C library more than two years ago.
Unfortunatly that does not mean that Linux systems are not vulnerable. Similar code, without Olaf Firch's fixes, is in the glibc getnetbyXXX functions. These functions are described in the SuSE alert as " used by very few applications only, such as ifconfig and ifuser, which makes exploits less likely." CERT Advisory: CA-2002-19 Buffer Overflow in Multiple DNS Resolver Libraries | ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
nn remote code execution vulnerability
| Package(s): | nn | CVE #(s): | |
| Created: | July 9, 2002 | Updated: | July 10, 2002 |
| Description: | A NNTP server may be used, maliciously, to
remotely execute code through the nn client.
Nn is a popular Unix newsreader. Versions prior to
6.6.3 are vulnerable.
The problem is fixed in nn 6.6.4 which is available here. For more information, see the security advisory. | ||
| Alerts: | (No alerts in the database for this vulnerability) | ||
Multiple vulnerabilities fixed in Squid-2.4.STABLE7
| Package(s): | squid | CVE #(s): | |||||||||||||||||||||||||
| Created: | July 8, 2002 | Updated: | November 15, 2002 | ||||||||||||||||||||||||
| Description: | Here is the security advisory for the Squid proxy server reporting several vulnerabilities in versions up to and including 2.4.STABLE7.
Several of the bugs are believed to allow remote code execution.
The security advisory lists the following changes:
| ||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||
Kernel vulnerabilities in CIPE, ICMP and netfilter.
| Package(s): | kernel 2.2 and 2.4 | CVE #(s): | |||||
| Created: | July 9, 2002 | Updated: | July 9, 2002 | ||||
| Description: | The three vulnerabilities are:
Apparently these three vulnerabilities only impact users who use CIPE (VPN tunnel), kernels prior to 2.4.0-test6 or 2.2.18 or a firewall based on netfilter that uses IRC tracking. Since the kernel tends to be customized by each Linux Distributor, your distribution may or may not be vulnerable. | ||||||
| Alerts: |
| ||||||
Acrobat reader temporary files
| Package(s): | acroread | CVE #(s): | |||||
| Created: | July 8, 2002 | Updated: | July 10, 2002 | ||||
| Description: | There is a symlink attack vulnerability in Acrobat Reader 5.05.
Acroread uses a file it creates with wide open permissions (mode 666) in /tmp; it also follows symlinks.
See the report of the bug in Acrobat Reader 5.05 for the details. The problem has also been reported in version 4.05. | ||||||
| Alerts: |
| ||||||
Resources
BOON, a buffer overrun detection tool
David Wagner has released BOON, a tool for scanning C source code for buffer overrun vulnerabilities.
Linux Security Week
The July 8th Linux Security Week newsletter from LinuxSecurity.com is available.Using MonMotha's firewall script to build safe Internet sharing with Debian GNU/Linux (LinuxOrbit)
LinuxOrbit has this tutorial on building firewalls on a Debian system. "This tutorial will give you the necessary steps to turn one of your old PCs into a firewall with IP Masquerading, using a popular Linux distribution. I will leave it to you to get and install Debian onto your machine and work out connectivity to your ISP, then I will guide you through a kernel compile and install - which is necessary to enable features in the 2.4.x series kernels which allow your Linux machine to act as a firewall."
Events
USENIX Security Symposium
The USENIX Security Symposium will be here in less than a month. The list of accepted papers has been published; there are some interesting ones.RAID 2002 Call for Participation
The Fifth International Symposium on Recent Advances in Intrusion Detection (RAID 2002) issued a call for participation. The symposium will be held October 16-18, 2002 in Zurich, Switzerland.Upcoming Security Events
| Date | Event | Location |
|---|---|---|
| July 12 - 14, 2002 | H2K2 "Hacker" conference | New York City |
| July 31 - August 1, 2002 | Black Hat Briefings 2002 | (Caesars Palace Hotel and Resort)Las Vegas, NV, USA |
| August 2 - 4, 2002 | Defcon | (Alexis Park Hotel and Resort)Las Vegas, Nevada |
| August 5 - 9, 2002 | 11th USENIX Security Symposium | San Francisco, CA, USA |
| August 6 - 9, 2002 | CERT Conference 2002 | Omaha, Nebraska, USA |
| August 19 - 21, 2002 | Canadian Security & Intelligence Conference(CSICON) | (Hyatt Regency)Calgary, Alberta Canada |
| August 28 - 30, 2002 | Workshop on Information Security Applications(WISA 2002) | Jeju Island, Korea |
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney
Kernel development
Brief items
Release status
The current development kernel is 2.5.25, which was announced by Linus on July 5. It includes a 1000 HZ internal clock on x86 processors (though that may change, the real point of interest is that the internal clock has been detached from the HZ seen in user space), some SCSI midlayer work (see last week's LWN Kernel Page for a description of the plan for SCSI), a bunch of filesystem and VM layer cleanups, an NTFS update, more kbuild tweaks, and many other changes. Those wanting details can look at the long-format changelog.Linus's BitKeeper tree for 2.5.26 contains only a small set of fixes as of this writing.
The latest prepatch from Dave Jones is 2.5.25-dj1, which catches up to the 2.5.25 kernel and throws in a number of fixes and a "fatfs crapectomy."
The latest 2.5 status summary from Guillaume Boissiere is dated July 10.
The current stable kernel is 2.4.18; Marcelo has not released any new 2.4.19 release candidates over the last week.
Alan Cox has released 2.4.19-rc1-ac1, which catches up to the first 2.4.19 release candidate and adds a small set of additional fixes.
Kernel development news
The end of the road for kiobufs?
Andrew Morton's "direct-to-BIO for O_DIRECT" patch is another step in the process of converting the file I/O subsystem over to the new BIO request structure. Files opened with O_DIRECT are a bit of a special case, in that I/O happens directly to or from a userspace buffer. Andrew's patch sets up a BIO request pointing directly to that buffer; for large operations, the result is a significant speedup.That sort of optimization is certainly worthwhile. The really interesting part of this patch, however, is that it shorts out the "kiobuf" layer for O_DIRECT, and for the raw block I/O devices as well. Kiobufs were initially implemented to support that sort of raw I/O; they were intended to be a generic abstraction for a collection of physical pages in I/O operations. Kiobufs have been gradually falling out of favor over the last couple of years, however, as their limitations have come to light. They are a relatively heavyweight data structure, with high setup and teardown costs. Kiobufs also break down operations into relatively small chunks which must be processed sequentially, slowing down large requests.
The direct-to-BIO patch has eliminated the original and largest use of kiobufs within the kernel. That leads to the obvious question: is it time to remove kiobufs from 2.5? The answer seems to be "yes," and some patches removing the last remaining uses of kiobufs have started appearing. Kiobufs, it seems, are on the way out.
The only gap left if kiobufs are removed would be direct I/O support for character devices. There are devices which can benefit from direct I/O: consider the SCSI generic layer, video devices, or high-speed tape drives. Requests have been posted for a function which would map a userspace buffer into a "scatterlist," a data structure representing memory which has been set up for DMA operations. This capability would take almost all of the pain out of supporting direct I/O in character devices; no such patch has yet been posted, though.
2.5 IDE considered harmful
The volume of the complaints about the 2.5 IDE subsystem is increasing. Consider this posting from Russell King:
...or this one from Andi Kleen...
The state of the IDE code is seen by many as a drag on the 2.5 development process as a whole. For those who are concerned, there are a few things worth looking at.
Part of the problem, apparently, is that the 2.5.25 kernel is missing several of the more recent patches, which fix serious problems. As Martin Dalecki puts it:
Martin's IDE-98 patch has not been posted as of this writing; those wanting to run 2.5.25 on an IDE system in the mean time and actually keep their files should apply this set of patches.
Interestingly, most of those patches were not posted by Martin (who has been on vacation). Instead, the recent IDE patches have been produced by Bartlomiej Zolnierkiewicz. Bartlomiej seems to take a bit more cautious approach, and even has the respect of former IDE maintainer Andre Hedrick. With luck, he will be more involved in future IDE work. Few people contest the need to "clean up" the IDE layer, but this work needs to be done in a very careful way.
Meanwhile, a different approach has been taken by Jens Axboe. It is normal for interesting features in the current development series to be backported to the previous stable kernel. Thus, for example, Alan Cox's 2.4.19-ac patch includes the O(1) scheduler from 2.5. Jens has gone the other direction and posted a patch (since updated) which "foreports" the 2.4 IDE layer to 2.5. His purpose was to have a stable platform to work on; the patch will be maintained until the 2.5 IDE layer becomes a little more trustworthy. It is not intended to be a long-term replacement for that layer.
With luck, the 2.5 IDE issues will settle out soon. Meanwhile, caution (or a SCSI system) is suggested for people running 2.5.
How scalable is too much?
In the beginning Alan Cox created the big kernel lock (BKL), and Linux became SMP-capable. The BKL ensured that only one processor could be running kernel code at any given time, thus keeping the processors from stepping on each other. It was an effective way of bringing SMP support to a kernel which had not been designed for multiple processors.The problem with the BKL, of course, is that multiple processors often want to run concurrently in kernel code. Most of the time, those processors are working on entirely different tasks and would not interfere with each other. The more processors you have, the worse the problem gets; the Linux kernel with just one big lock (i.e. 2.0) really did not function all that well with more than two processors. Any additional CPUs would just spend their time waiting to be able to get into the kernel code.
Scalability to larger systems, thus, requires finer locking. The BKL can be split into a memory management lock, a networking lock, a filesystem lock, etc. In the 2.1 development series, for example, the block I/O subsystem adopted its own lock (io_request_lock) to keep the block code and drivers from getting into trouble. Scalability was improved, since the block code no longer needed the BKL, and could execute concurrently with other kernel code.
But the io_request_lock serialized all block request handling. A process submitting requests for one drive could not run concurrently with a different process working with a different device. Floppy operations contended for the same lock as performance-critical disk requests. The I/O request lock improved scalability, but, once you get enough processors and drives, it was still a bottleneck. So, one of the first steps in the 2.5 block subsystem work was to replace io_request_lock with a per-queue lock, one for each device. The result will be better performance on large, disk-intensive systems.
Most other kernel subsystems have been going through a similar development process: global locks are replaced by multiple locks which protect smaller data structures. This increasingly fine-grained locking makes the kernel scalable to more and more processors, but it also brings some real costs. For example, most of us do not run Linux on huge systems, and probably never will. Embedded SMP systems are also rare. All that locking will have a cost, even though the compiler optimizes it out on uniprocessor systems.
The real cost, however, is in the complexity of the kernel code. As the kernel becomes populated with thousands of little locks, it becomes increasingly difficult to write correct kernel code. Which lock(s) must you have to access a given data structure, or to call a given function? In which order should locks be taken? Consider two code paths, both of which need locks L1 and L2. The first thread takes L1, the second takes L2; each then tries to take the other lock. The result is a deadlocked system. Avoiding this problem requires specifying ordering relationships for every lock in the system - and the number of those relationships grows exponentially with the number of locks.
One can try to document the locking requirements of each data structure and function in the kernel, and every lock ordering constraint. But, even if one honestly believed that such a document would be created (and, importantly, maintained), it would be a very thick, complicated manual. A kernel with many locks will be a kernel that is difficult to program.
Some people (i.e. Larry McVoy) have been arguing for years that Linux should not chase the "scalability" goal too far. Down that road lies a kernel that is twisted beyond maintainability, and, once you realize that this has happened, it is too late to go back. For the most part, scalability work has continued in the face of those warnings, but there are signs that things are beginning to change. For example, a recent patch which removed the BKL from the driverfs code was shouted down in a fairly strong way. Alexander Viro stated, in characteristic fashion:
So, while there has been no definitive statement of policy, it looks like at least some kernel developers are thinking that locking in the kernel is complex enough. There may be no 64-processor Linux in our future...
...at least, not in the classic SMP form. Larry McVoy has been pushing "cache-coherent clusters" as an alternative approach for some time. A CC/cluster takes a large machine and divides it into small group of (four, say) processors; each group runs an independent Linux kernel. The kernels have minimal interactions with each other, so locking issues fade to the background. Nobody has, yet, implemented such a cluster, though a lot of the pieces are there. If somebody runs with this idea, Linux could yet be the most scalable system of them all.
Patches and updates
Kernel trees
Architecture-specific
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Memory management
Networking
Miscellaneous
Page editor: Jonathan Corbet
Distributions
Distribution News
Debian Weekly News
The Debian Weekly News for July 9 is out. It looks at Debian ports to FreeBSD and NetBSD, the Woody release, the new wiki-based documentation project, and several other topics.Debian Woody release status update
Anthony Towns has posted a release status update for Debian "Woody." "As most of you will have noticed by now, ISS and Theo de Raadt have been kind enough to provide some stress tests for the new security infrastructure we deployed last month." In the end, there remain a few security and other issues to resolve, but the Woody release is actually starting to look like it could happen soon.
It's on: Debian miniconf @ LCA2003!
Plans are already underway for a Debian mini-conference at the 2003 Linux.conf.au. The call for speakers is out.Mandrake Linux Community Newsletter - Issue #49
The Mandrake Linux Community Newsletter for July 4 is out. It looks at MandrakeSoft's stand on UnitedLinux, the Libre Software Meeting, and more.MDKA-2002:009 - lsb update
New packages are available that bring Mandrake Linux 8.2 into compliance with the LSB (Linux Standard Base) version 1.2.
New Distributions
Caixa Mágica
Caixa Mágica comes from Portugal. There is a desktop version, "Computador Mágico", available now, and a server version, "Servidor Mágico", coming soon. This distribution is partialy based on Debian and SuSE, but much of it was rewritten, and localized in Portuguese. It includes OpenOffice. (Thanks to sitaar!COM and Henrique Rodrigues)Phayoune Secure Linux
Here's a new distribution from Thailand, Phayoune Secure Linux. The Phayoune-Desktop 0.0.11 is available now, with KDE 3.0.2, Mozilla 1.0 rc2, and much more. (Thanks to Speed Net Club)RxLinux
RxLinux seeks to centralize configuration and management of multiple Linux servers. A Web interface is used to build custom ISO CD-ROMs dedicated for specific servers. Servers, also called rxnodes, boot up from that CD-ROM and get the rest of the configuration and software from a master server. No administration is done directly on the nodes; everything is controlled from the master servers. When the rxnode has finished booting up and all software is running, it is completely independent from the rxmaster until the next reboot. Version 1.0 beta1 was released July 5, 2002.Shilosh OS
Shilosh OS provides a secure and stable operating system based on a highly modified Linux kernel, with its own package system similar to BSD's "ports", BSD Init scripts. Compatible with x86 and Power PC, it is also 99% compatible with Windows 9x. It is easy to use and includes complete documentation in many languages. Version 0.1 was released July 7, 2002.
Minor distribution updates
ALT Linux Junior
ALT Linux Junior has released version 2.0j. This distribution is available for purchase as a lighweight boxed set that includes 1 CD and a handbook. You can also download a package tree or an ISO image. It features an enhanced desktop which includes KDE 3.0.1, GNOME 1.4, OpenOffice.org 1.0, Mozilla 1.0, and more, with an additional development CD available. Supported languages include English, Russian, Ukrainian, Belarussian, German, and French.Astaro Security Linux
Astaro Security Linux has released stable verion 2.027 with major security fixes. Version 2.027 for Sun Cobalt is also out, as is the i386 version 3.202.Kondara Project dissolved and Momonga Linux launched
Kondara Project has announced its dissolution scheduled on July 15 due to some reasons, after about a month of discussion. In the meantime, some folks from the ex-Kondara team seem to be trying to fork it as Momonga Linux so their code will survive. They say the name "Momonga" (a Japanese word for the "flying squirrels") was chosen because flying squirrels are small but work hard and have a lot of guts. (Thanks to Maya Tamiya <lwn at changelog dot net>)Leka Rescue Floppy
Leka Rescue Floppy has released version 0.7.1. It looks like this will be the last update for a while. Check the website for details.NSA Security-enhanced Linux
The SELinux web site has been updated, including the mail list archives. The site includes a new release of the LSM-based SELinux prototype.PXES Linux Thin Client
PXES Linux Thin Client has released version 0.5-RC2 with bug fixes.Rock Linux
Rock Linux version 1.5.16 is available for download. The dRock project has announced the final release of dRock 1.6.0.TA-Linux
TA-Linux has released version 0.2.0-Preview1 with major feature enhancements.
Distribution reviews
Distribution Review - SuSE 8.0 Download Edition
DistroWatch reviews SuSE 8.0 Download Edition. "The fact is that SuSE 8.0 is now available for free. With this release, SuSE has made extra effort to provide a more user-friendly FTP installation routine -- with all the past releases you had to download a set of floppy images, use an obscure Windows or Linux utility to create the floppies, juggle them in and out of your floppy drive when looking for the correct Kernel modules... Things have become a lot easier, so go and get the new SuSE now. You can always reward the SuSE developers once you find out how much solid hard work they have been putting into making your computing life that much easier..."
Review: Lindows on Microtel (San Jose Mercury News)
Here's a review of the Microtel computer running Lindows from the San Jose Mercury News. "The resulting mess will make no one happy. Experienced Linux users, a savvy bunch, won't need the hand-holding provided by what the company calls LindowsOS. Ordinary non-technical consumers are likely to fall into one of the many holes in the LindowsOS structure, canceling out any benefit from the slightly lower cost of buying a personal computer without Microsoft's current Windows XP Home Edition."
Page editor: Rebecca Sobol
Development
System Applications
Audio Projects
GStreamer "Desperately Seeking Sexiness" 0.4.0 released
Version 0.4.0 of the GStreamer streaming media framework has been released with bug fixes and new features. See the release notes for more information.Ogg Traffic for July 9, 2002
The July 9, 2002 edition of Ogg Traffic is out. News includes a bunch of status reports and an updated Ogg Theora video codec and integration project web site.
Education
Linux in education report #74
The July 8, 2002 edition of the Linux in Education Report looks at efforts to get Linux into the classroom in India, Malaysia, Canada, and England. The Schoolforge Coalition is examined, and a number of new educational software packages are listed.
Electronics
New gEDA software
The gEDA News page lists new versions of the Icarus Verilog compiler, Gerber Viewer, and the GTKWave waveform viewer.
Mail Software
miltrassassin released
A new mail filtering package, miltrassassin, has been announced. "Miltrassassin is a sendmail milter, to connect sendmail to the spamd from the spamassassin package. The milter is multithreaded and implements the spamd protocol version 1.2 for tcp connection to spamd." Miltrassassin has been released under the Postcardware License.
Medical Software
OpenEMR Released (LinuxMedNews)
LinuxMedNews reports on the release of OpenEMR, a GPL licensed Electronic Medical Record System. "OpenEMR has been in development and beta testing for the past 2 years, and is finally released to the public for download. The system is cross platform, and operates on top of Apache or IIS, PHP and MySQL."
Printing
AFPL Ghostscript 7.21 developer release
A new developer release of AFPL Ghostscript has been announced "artofcode LLC and Artifex software are pleased to announce the 7.21 developer release of AFPL Ghostscript. This release, while a development snapshot, should be reasonably stable, thanks to our regression testing processes. This is the last snapshot before the DeviceN integration, and also Peter's pdfwrite font copying improvements."
Web Site Development
ASPseek v.1.2.9 released
Version 1.2.9 of ASPseek, a web site search engine, is available. A number of bugs have been fixed, see the Changes document for a detailed list.Zope-CMF-1.3-beta2 Released
Zope Corporation has announced the second beta release of version 1.3 of its Content Management Framework (CMF). The list of changes include:- A new calendar object, which manages the presentation of
calendar events within the site template.
- More customizability for filesystem-based skin methods.
- Through-the-web customization of all dynamic, context-sensitive
actions.
- Improved tracking of content modification times (no longer tied to the underlying database modification time.
Plus numerous bugfixes. The final release of version 1.3 should follow within two weeks.
Documentation
Desktop Applications
Desktop Environments
Equinox Desktop Environment 1.0-beta released
Version 1.0-beta of the Equinox Desktop Environment has been released. "Equinox Desktop Environment is desktop environment that is simple, fast with good look and feel. It use FLTK2 GUI library." The companion edelib-1.0beta has also been released.
GARNOME 0.12.1 released
Jeff Waugh has announced the release of GARNOME 0.12.1. GARNOME, of course, is "the bad-ass, bleeding edge GNOME distribution for testers and tweakers everywhere." That said, much of the new stuff in this release is KDE related; it includes KDE 3.0.2 and a whole set of new KDE packages.
Office Applications
AbiWord Weekly News
The July 8 AbiWord Weekly News is available. Things have been relatively quiet on the development front - mostly improvements in the table support. The interesting news, perhaps, is that the AbiWord Weekly News is about to turn into a subscription publication. "I feel I need to know that I'm not just continuing editing AWN because it's what I've been doing for more than a year. I need to know that the readers appreciate it - otherwise, there's little point in continuing (I mean, I know the information I put in AWN, so I hardly gain anything from doing it). So I've decided to go commercial."
Web Browsers
Mozilla Status Update
The July 4, 2002 Mozilla Status Update is out with all of the latest Mozilla project developments.Mozilla Independent Status Reports
The latest Mozilla Independent Status Reports are available. Updated projects include Diggler, K-Meleon, Livelizard, and Mycroft.New DOCTYPE sniffing in upcoming Mozilla releases (evolt.org)
evolt.org looks at additions to Mozilla that will support some common, but broken web standards. "In the upcoming 1.01 and 1.1 releases, Mozilla will add an "almost standards" mode to its mix. This mode is virtually identical to the standards mode (now being referred to as "full standards mode") but with one crucial change. In almost standards mode, Mozilla will not implement the CSS-2 line-height rules that causes many pages with pixel-precise image layouts via tables to break apart."
Languages and Tools
Caml
The Caml Hump
This week, The Caml Hump looks at lablglut: A GLUT binding for OCaml, the findlib library, OCaml-MySQL, netclient, the xstr thread-safe string tools, and the Cameleon IDE.
HTML
XHTML: The power of two languages (IBM developerWorks)
Sathyan Munirathinam introduces XHTML on IBM's developerWorks. "This article takes a pragmatic look at XHTML, a markup language that effectively bridges the gap between the simplicity of HTML and the extensibility of XML. It also covers the essential features of the various flavors of XHTML and includes discussions of the language and a number of real-world applications."
Java
Turning streams inside out, Part 1 (IBM developerWorks)
Merlin Hughes shows how to read data from an output stream using Java. "The Java I/O framework is, in general, extremely versatile. The same framework supports file access, network access, character conversion, compression, encryption and so forth. Sometimes, however, it is not quite flexible enough. For example, the compression streams allow you to write data into a compressed form but they don't let you read it in a compressed form. Similarly, some third-party modules are built to write out data, without consideration for scenarios where applications need to read in the data."
Perl
This Week in Perl6 (use Perl)
Use Perl has posted the Perl 6 Porters summary for July 1-7, 2002, a wide variety of Perl 6 topics are covered.This Week on perl5-porters (use Perl)
The Perl 5 Porters summary is available on use Perl. Topics include PerlIO::Via, an encoding.pm parsing bug, common opcodes combinations, and more.diagnostics.pm Enhanced (use Perl)
Use Perl is carrying an announcement about a new release of the Perl diagnostics core module. "Jean FORGET writes 'I have released a CPAN-ized version of the diagnostics core module. This is an alpha version. You can download and install it as any CPAN module, but you should backup first, this is an alpha version!'"
PHP
PHP Weekly Summary
The July 9, 2002 edition of the PHP Weekly Summary covers Python in PHP, Presentation system, a file_exists() bug, PHP and serial ports, TrustCommerce, the return of Jason Greene, and a PHP Bughunt.
Python
This week's Python-URL
Here is Dr. Dobb's Python-URL for July 8; look inside for pictures from the EuroPython conference, information on thread safety, the first Python Director release, and more.Daily Python-URL
This week's entries on the Daily Python-URL include Python in the enterprise, the Journyx Timesheet, Python Programming with the Java Class Libraries, CherryPy, Pythius, Eep3, Memigo, Yio, pycgirpc, Python Director, and more.PYTHON: Yes, You SHOULD Be Using it! (Linux Magazine)
Linux Magazine is running an introductory article on the Python language. "Python has been around for a dozen years and is going strong -- two production releases a year, a vibrant community, lively Net presence, yearly conferences, tracks on Python at Open Source and Web Development venues, books, articles, the works. Why is Python so popular? The reasons are simplicity, regularity, and the talent of Guido van Rossum, Python's inventor and Benevolent Dictator For Life."
Ruby
Ruby Weekly News
The July 8, 2002 Ruby Weekly News is out. Topics include Ruby documentation, Ruby as a replacement for shell scripts, packaged level protection, Ruby logos, a new irb type, and more. Some new Ruby software contributions are also included.
Tcl/Tk
This week's Tcl-URL
Dr. Dobb's Tcl-URL for July 8 is out with the usual collection of interesting happenings from the Tcl/Tk development community.
XML
Integrating data at run time with XSLT style sheets (IBM developerWorks)
Andre Tost writes about data integration with XSLT style sheets on IBM's developerWorks. "Many applications now take advantage of XML to format business data. This allows the use of self-describing, tagged data that can be handled on a wide range of platforms and programming languages. Integration between heterogeneous applications is made easier through the use of XML data formats. Web services technology, for example, promotes the use of XML-based message formats for backend application data. However, integrating that data into user output during run time can be a challenge. In this article, Andre Tost describes how data integration can be achieved through the use of XSLT style sheets."
Sorting in XSLT (O'Reilly)
Bob DuCharme shows how to use xsl:sort on O'Reilly's XML.com site. "XSLT's xsl:sort instruction lets you sort a group of similar elements. Attributes for this element let you add details about how you want the sort done -- for example, you can sort using alphabetic or numeric ordering, sort on multiple keys, and reverse the sort order."
Page editor: Forrest Cook
Linux in Business
Business News
W3C Patent Policy: Latest News
The chairman of the W3C and three undisclosed participants made an exception proposal to bring back a type of RAND track/hybrid, allowing patented material into the W3C specifications.Linux for Astronomy V7,8,9
Volumes 7, 8, and 9 of the "Linux for Astronomy" software collection have been released. "Now in its 8th year, LfA is in use by both amateur and professional astronomers worldwide. The packages on LfA represent the state-of-the-art in Astronomical data processing, and are identical to the versions used on high end scientific workstations".
Larry Ellison to talk at LinuxWorld
Just what everybody was waiting for: Oracle CEO Larry Ellison has been added to the list of keynote speakers at LinuxWorld. The press release gives the details.Linux Stock Index for July 05 to July 10, 2002
LSI at closing on July 05, 2002 ... 23.05LSI at closing on July 10, 2002 ... 22.08
The high for the week was 23.05
The low for the week was 22.08
Press Releases
Distributions and Bundled Products
- HP (PALO ALTO, Calif.): HP Expands Industry's Broadest Range of Products and Solutions for Oracle9i Real Application Clusters.
- Kasenna, Inc. (MOUNTAIN VIEW, Calif.): Kasenna(TM), M.P. Technologies, Inc. and IBM Win Contract for Broadband Content Delivery System in New Japanese Hotel.
- MSC.Software Corporation (SANTA ANA, Calif.): MSC.Software Releases World's First High Performance Computing Linux Distribution for Intel Itanium 2-Based Systems.
- Opera Software ASA (Oslo, Norway): Linux Pioneer MandrakeSoft to Distribute Opera.
- SuSE Linux (Nuremberg, Germany): Expanded System Functionality for SuSE Linux Enterprise Server 7 for IBM eServer iSeries and pSeries.
Software for Linux
- Aladdin Knowledge Systems (CHICAGO, ILLINOIS): Aladdin Releases New Linux License Manager For HASP Software Security System .
- Atrenta Inc. (SAN JOSE, Calif.): Atrenta and Xilinx Partner to Deliver Predictive Analysis for Virtex Platform FPGAs.
- Biotique Systems, Inc. (EMERYVILLE, Calif.): Biotique Systems Announces Three Initial Customers for its BLIS Genomic Integration Solution.
- InterWorking Labs (SCOTTS VALLEY, Calif.): InterWorking Labs Announces ''Boreal, the SNMP Vulnerability Test Suite''.
- MigraTEC (DALLAS): MigraTEC Launches 64Express for the Itanium Processor Family; 64Express Dramatically Reduces the Risk, Time and Cost of 32-bit to 64-bit Migration Projects.
- Network Associates, Inc. (SANTA CLARA, Calif.): Network Associates Adds McAfee(R) Anti-Virus and Encryption Support For SuSE Linux.
- Open Clustering (Surrey, UK): Press Release: Announcing Shogun - Cluster Infrastructure Manager Software from Open Clustering.
- TrueTime (SANTA ROSA, Calif.): TrueTime Introduces Industry's First Comprehensive Network Time Synchronization Solution; New Domain II Software Suite Reduces Network Operation Problems.
- Zeus Technology, Ltd. (Cambridge, United Kingdom): Zeus and HP Announce Optimized Web Server for HP-UX and Linux Itanium 2 Platforms.
Hardware with Linux support
- Bull (PARIS): Bull Commits to the Intel Itanium Processor Family.
- Caldera International, Inc., Conectiva S.A., SuSE Linux AG, and Turbolinux, Inc. (LINDON, Utah, CURITIBA, Brazil, NUREMBERG, Germany, and BRISBANE, Calif.): UnitedLinux Announces Support for Intel Itanium 2 Processor.
- HP (PALO ALTO, Calif.): HP Announces Portfolio of Itanium 2-based Systems, Solutions and Services; New Offerings Deliver Optimal Customer Value with Breakthrough Performance and Price.
- Intel (SANTA CLARA, Calif.): Intel Begins Shipping Itanium 2 Processors.
- SGI (MOUNTAIN VIEW, Calif.): SGI Announces Commitment to Deliver Intel Itanium 2 Processor-Based Systems.
- Sealevel Systems (LIBERTY, S.C.): Sealevel Systems Introduces Universal Bus, Low Profile PCI Serial I/O Adapter.
Cross Platform/Porting Product
Linux at Work
- Intel Corporation (MUNICH, Germany): Intel-Based Systems Power Audi's High-Tech Car Safety Tests.
Training and Certification
- Magic Software Enterprises (IRVINE, Calif.): Magic Software Launches Free Web Based Training Initiative for Magic eDeveloper v9.3; Latest Release Advances Web Services and Direct XML Development.
Partnerships
- MontaVista Software and Xilinx (SAN JOSE & SUNNYVALE, Calif.): MontaVista Software and Xilinx Announce Complete Linux Development Environment for Virtex-II Pro FPGA.
- Nokia and IBM (ESPOO, FINLAND AND ARMONK, N.Y.): IBM and Nokia Collaborate on Wireless Digital Media on Linux.
- Trans-enterprise Integration Corporation (NEW YORK): Trans-enterprise Joins Eclipse Board.
Financial Results
- Neoware Systems (KING OF PRUSSIA, Pa.): Neoware Q4 Revenues Expected to Exceed Estimates.
Personnel and New Offices
- VA Software (FREMONT, Calif.): VA Software Promotes Ali Jenab to CEO; Founder Larry M. Augustin Steps Aside as CEO, Remains Chairman of the Board.
Miscellaneous
- LinuxWorld Conference & Expo (FRAMINGHAM, Mass.): Larry Ellison Added to Keynote Lineup At LinuxWorld Conference & Expo.
- StarNet Communications Corp. (SUNNYVALE, Calif.): StarNet Launches X-Solutions.com Interoperability Site.
Page editor: Rebecca Sobol
Linux in the news
Recommended Reading
EC report advises open source for Europe (ZDNet)
ZDNet looks at the European Commission report recommending greater governmental use of open source software. "The study does not say that European governments should use off-the-shelf open-source software from companies such as Red Hat, but rather focuses on specialized software produced in-house by public authorities. Such software is typically used for the administration of roads, hospitals and public health, education, tax payment and recovery, justice, and territory management."
Copyright fight comes to an end (News.com)
According to this News.com article, the parties involved have decided not to appeal the 2600 (New York) DVD case. "The Electronic Frontier Foundation (EFF), which represents the magazine, said other cases in the future 'will provide a better foundation for the Supreme Court to act on the problems created by the Digital Millennium Copyright Act.'"
Tollbooths of the mind (Christian Science Monitor)
The Christian Science Monitor has an opinion column on the excesses of current copyright law. "These are mere annoyances, however, compared with what's coming next: the computer as informational Coke machine, on which we have to pay for every view. As publishers move increasingly to the Web, for example, they will be able to restrict not just access, but downloading and printing as well."
Sites bow to Microsoft's browser king (News.com)
News.com is running an article that looks into the problem of sites that use broken web standards, and only support the Internet Explorer browser. "Non-agnostic Web sites "are saying, 'We're only interested in people if they use this browser,'" said Janet Daly, a representative for standards group the World Wide Web Consortium (W3C). "That's a mistake on their part. The browser is a basic utility for people, and it's about having access to information regardless of who made that information or what authoring tool they used.""
Business
Want to Make a Living From Linux? (Linux Magazine)
Linux Magazine has some suggestions on making a living in the Linux world. "Can't stomach the idea of working on Microsoft software? Then consider picking up Web development, eXtensible Markup Language (XML), and the Web Services XML trifecta of Simple Object Access Protocol (SOAP), Web Services Definition Language (WSDL), and Universal Description, Discovery, and Integration (UDDI). Trust me, with sufficient knowledge of those protocols, you won't have any trouble finding a job this year."
Is Transparency the Killer Virtue? (Linux Journal)
Doc Searls points out transparency as, perhaps, the greatest virtue of free software in this Linux Journal article. "But most significantly, stockholders are finally--thanks to Enron and WorldCom--fed up with opaque accounting practices. How long will it take before they get equally as fed up with opaque infrastructural software?"
Interviews
Interview: John Cox (Easino)
The Easino site has an interview with John Cox, the lead developer of PostNuke. "As far as our relationship [with PHP-Nuke], quite frankly we have none. If we are aware of a security hole from the legacy code, we will forward it to Mr. Burzi, but seldom (if ever) get a reply."
Resources
Embedded Linux Newsletter for July 4, 2002 (LinuxDevices.com)
The LinuxDevices Embedded Linux Newsletter for July 4, 2002 is available. See what's new in Embedded Linux.Tips and Tricks: Learn GNU/Linux in One Stanza (Linux Journal)
The Linux Journal looks at the Linux in One Stanza Project, which seeks to distribute Linux usage tips via short email signatures. "As time went, however, the team found that readership of e-mail signature tips was about 80%, much higher than any of the other information available on the server. So, more attention was paid to developing these short, info-containing signatures to disseminate Linux-related knowledge."
Reviews
FREESCO Review (LinuxOrbit)
LinuxOrbit reviews the FREESCO firewall distribution. "I gave it a shot and was very impressed. It seems ideal for someone who wants to get a quick and secure protected network up with some enhanced services behind it."
Tabbed-Browsing Coming to KDE's Konqueror Browser (Mozillaquest)
Mozillaquest reviews the tabbed browsing capabilities of KDE's Konqueror browser. "The K Desktop Environment (KDE) certainly has done lots to narrow the gap between the Linux desktop and the Microsoft Windows desktop. And the addition of tabbed-browsing to KDE's Konqueror browser is one more large step in closing that gap. In our opinion, the K Desktop Environment already is just as good as, if not better than, the MS Windows desktop."
KWord 1.2beta2 snapshots (TuxReports)
TuxReports reviews KWord 1.2beta2. "Many bug reports were sent to the development team because people didn't realize that the application was not meant to be WYSIWYG. Apparently the team changed it's mind and the latest 1.2beta2 offering is extremely good at matching the print preview with the document."
The Simputer - Back again (TekCentral)
TekCentral takes a look at the Simputer. "A little fact that Cnet neglected to mention was that all the information required to manufacture the product is available under the Simputer Trust's own hardware license, the SGPL. As the name suggests, the license is inspired by the GNU GPL. The SGPL differs in many ways though, the main way is that if you use the information for a commercial product you must make a one-off payment to the Simputer Trust ($25,000 for devloping countries and $250,000 for developed countries)." (Thanks to Thesmelialichu)
Miscellaneous
Quiet, Sad Death of Net Pioneer (Wired)
Wired News covers the recent death of Gnutella hacker Gene Kan. "Kan, peer-to-peer file-sharing programmer extraordinaire, died on June 29. His professional life revolved around developing new ways to share information easily and quickly. Thousands of people use Gnutella to swap files, a program Kan was instrumental in developing and promoting."
Congressman vows Pigopolist legislation (Register)
The Register reports on Congressman Rick Boucher and his legislative efforts. "We don't know what holy light guides Rep. Boucher, but it's a holy light indeed: he's singular amongst public representatives in daring to reclaim the works of popular culture as something that belong to The Commons (that's us) ... rather than something that belongs in perpetuity to an industry that depends on its legitimacy on an antiquated distribution system."
IT Surfs The Ocean's Waves (TechWeb)
Here's a TechWeb article on how Johns Hopkins University is using a Linux cluster for ocean modeling. "Johns Hopkins' staff considered systems from Silicon Graphics Inc. and Sun Microsystems but ultimately chose Dell and Linux because of price. An expensive supercomputer was out of the question."
Companies pledge support for Itanium 2 (News.com)
News.com reports on the porting of various operating systems to the Itanium architecture. "MSC Software came out with its own version of Linux for Itanium 2 on Monday. The Department of Energy's (DOE) Pacific Northwest National Laboratory will incorporate HP Itanium 2 servers running MSC's Linux into a clustered supercomputer."
Page editor: Forrest Cook
Announcements
Resources
Ardour Basic Editing & Recording Howto (Quick Toots)
The Quick toots site has published a FAQ on using the Ardour multi-track audio package for editing and recording.The Perl Review, issue 0.4
The July issue of The Perl Review (PDF format) is out. Topics include Perl Golf: The Kolakoski sequence, Parroty Bits: Bit 2, BASIC Parrot!, The Facade Design Pattern, and more.
Upcoming Events
Boston GNOME Summit now open to non-foundation members
The Boston GNOME Summit is happening on July 18 to 20. Attendance at this event has now been opened up to people who are not members of the GNOME Foundation; if you would like to be a part of GNOME planning process, this could be a good event to be at.KDE report for Linux@work 2002 (KDE.org)
KDE.org has a report from the Linux@work 2002 conference that was held this June in Amsterdam.Ruby Conference 2002: Second call for presentation proposals
A second call for presentation proposals has been posted for the Ruby Conference 2002, to be held in November, 2002. The deadline for proposals is August 15.Events: July 11 - September 5, 2002
| July 11 - 14, 2002 | Uniforum NZ 2002 | Auckland, New Zealand |
| July 18 - 20, 2002 | Boston GNOME Summit | Boston, Mass. |
| July 20, 2002 | Fourth Australian Open Source Symposium(AOSS4) | (UNSW, Sydney)Sydney, Australia |
| July 22 - 26, 2002 | O'Reilly Open Source Convention | (Sheraton San Diego Hotel and Marina)San Diego, California |
| July 23, 2002 August 27, 2002 | Seattle Ruby Brigade Meeting | Seattle, Washington |
| August 1 - 2, 2002 | 3rd annual Bioinformatics Open Source Conference(BOSC 2002) | Edmonton, Canada |
| August 12 - 15, 2002 | Linux World Conference & Expo | (Moscone Center)San Francisco, California |
Web sites
Gallery of Geeks (use Perl)
Use Perl mentions the Gallery of Geeks, which features photographs of over 100 geeks. The Perl software for the gallery is also available.
Software announcements
This week's software announcements
Here are the software announcements, courtesy of Freshmeat.net. They are available in two formats:
- Sorted alphabetically,
- Sorted by license.
Miscellaneous
Perl Foundation Grant Status (use Perl)
Use Perl covers the status of the Perl Foundation grants, donations are needed to keep Perl development moving forward.comp.lang.php newsgroup started
According to php.net, a new Usenet newsgroup, comp.lang.php, has been created.
Page editor: Forrest Cook
Letters to the editor
Would you like an Education miniconference at LCA2003?
| From: | Leon Brooks <leon@cyberknights.com.au> | |
| To: | lwn@lwn.net | |
| Subject: | Would you like an Education miniconference at LCA2003? | |
| Date: | Wed, 10 Jul 2002 13:26:35 +0800 |
The LCA2003 people (http://linux.conf.au/) are currently assembling a
flock of miniconferences to be bolted on to the front of the main
Australian conference, the idea being that conference attendees can
roll up early and get something extra for free. The first cab off the
rank is Debian (http://lca.apt-cacher.org/), to enable the release of
Woody (http://lwn.net/Articles/4232/). I've been offered the task of
investigating and assembling a Linux in Education miniconf.
I plan to present at the Educational Computing Association of WA's
2002 conf (http://www.ecawa.asn.au/conferences/conf2002/conf2002.htm)
about LTSP and Mosix, which I can easily adapt to an LCA miniconf
presentation, but one solitary talk is going to be kind of
unfulfilling; I'm hoping that more people are going to be interested
in either or both of learning and teaching about Linux in Education.
I'm particularly interested in social and implementation reports from
the trenches.
If you'd attend an Education miniconf held in sunny Perth during what
is teeth-chattering winter in the USA and Europe, please say so by
sending email here: attend-lca@cyberknights.com.au - if you have
something you'd like to say in 45 minutes at the conference, please
send mail to present-lca@cyberknights.com.au as well. If I see
sufficient interest, you will be contacted and a web-page and
announcement will presently appear.
Regardless of your education interests, LCA2003 is going to be great,
so visit their website and think about booking. It's midwinter here,
and we've finally started getting cold days (16C/60F), but at the end
of January you can expect at least 30C/85F, a good fact-absorbing
temperature. It's important to book now, rather than when the first
snow falls, as the LCA committee have nailed down all the available
resources, and sooner or later will run out of seats.
Cheers; Leon
I still don't understand this SSH release fiasco
| From: | <felix@crowfix.com> | |
| To: | letters@lwn.net | |
| Subject: | I still don't understand this SSH release fiasco | |
| Date: | Thu, 4 Jul 2002 08:56:53 -0700 |
The rationale for not releasing details (like disable a specific
configuration item) is that this would have alerted the black hats to
500 lines of code in question. Thus it was better to update to the
new version which had separation of powers and at least minimized the
exploit dangers.
Then later, a patched version of the new version was released, and all
distros had very little time in which to cut new packages, sysadmins
had very little time to upgrade systems, and so on, before the black
hats analyzed the patch to see what the bug was in order to design
their exploits in order to release them to script kiddies and so on.
But the release of a specific patch narrows the bug search down much
closer than 500 lines; in fact, it narrows it down to the exact buggy
lines, directly, immediately. no analysis required.
Please also explain how upgrading SSH, new version, new functionality,
maybe new configuration, is a better solution than "Edit this line to
fix the problem".
It still smells fishy. Someone got their knickers in a knot and is
too proud to admit it.
--
... _._. ._ ._. . _._. ._. ___ .__ ._. . .__. ._ .. ._.
Felix Finch: scarecrow repairman & rocket surgeon / felix@crowfix.com
GPG = E987 4493 C860 246C 3B1E 6477 7838 76E9 182E 8151 ITAR license #4933
I've found a solution to Fermat's Last Theorem but I see I've run out of room o
Page editor: Jonathan Corbet