Sponsored link
Vyatta –
Linux & Open Source
Alternative to Cisco –
Advanced Routing,
Firewall, VPN, QoS..
Free Download ->
| |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
LWN.net Weekly Edition for July 25RealNetworks goes open source - sort of With a fair amount of hype, RealNetworks announced, on July 22, its new "Helix" platform. Helix, it is said, is an open platform for the management, delivery and playback of streaming media in multiple formats. As a way of showing how open the platform is, RealNetworks pulled in Eric Raymond to endorse the new scheme:
"It's great to see RealNetworks recognizing the power of open
source," said Eric S. Raymond, president of the Open Source
Initiative. "They'll get the reliability and security benefits of
peer review, and they are contributing an important capability to
the Internet infrastructure."
This all sounds good. A closer look turns up a lower degree of openness than one might wish for, though there is an open source component to this release. There are three components to the Helix system, being the "Helix DNA Encoder," "Helix DNA Server," and the "Helix DNA Client." The client, of course, is the code that sits on a desktop (or within a web browser, or elsewhere) and receives and plays back a media stream. This code will be released (in 90 days) under the RealNetworks Public Source License (RPSL). The RPSL is GPLish, in that it includes the usual copyleft provisions: if you distribute a modified version of the code, you must distribute source under the same license. The RPSL does have a couple of features not found in the GPL, however:
This license will eventually be submitted to the Open Source Initiative for certification as "open source." It may require some modification first: there are claims, for example, that the jurisdiction and export provisions in section 13.7 make the software non-free. Users are, among other things, unable to distribute the software to the "Taliban controlled areas of Afghanistan." The client code has not actually been released yet, so it is difficult to say for sure what will be in it. One thing that will not be there, however, is a codec for the proprietary RealAudio and RealVideo formats. So there will still be no completely free player for these formats for Linux. It will be possible, however, to use the client to make a (nice, presumably) 100% free player for Ogg Vorbis streams. In fact, RealNetworks is working with Xiph.Org to do exactly that. The Encoder product (which creates media streams) and the Server (which manages the whole thing) will not be open source; instead, they will be available under the RealNetworks Community Source License (RCSL). This license provides access to the source, but does not allow redistribution without the payment of royalties. It is a "shared source" license which will be useful to those building products with RealNetworks code, but it is not particularly exciting for the free software community. Free software hackers working on streaming media projects may, in fact, want to stay away from RCSL-licensed code entirely to avoid any risk of "contaminating" their code with RealNetworks' intellectual property. The end result is that the free software community will have more code than it did, and that is a good thing. With luck, RealNetworks will be successful with its new strategy, and will open more code in the future. (For more information, see the "Helix Community" web site).
Here come the copyright vigilantes For a view into just how weird our world is becoming, have a look at this News.com article by Declan McCullagh. Mr. McCullagh got a chance to read a draft law by U.S. Representatives Howard Berman and Howard Coble that would legalize attacks against P2P networks:
The legislation would immunize groups such as the Motion Picture
Association of America and the Recording Industry Association of
America from all state and federal laws if they disable, block or
otherwise impair a "publicly accessible peer-to-peer network."
Anyone whose computer was damaged in the process must receive the
permission of the U.S. attorney general before filing a lawsuit,
and a suit could be filed only if the actual monetary loss was more
than $250.
This is worth stating again: somebody who claims that you might be violating their copyright will be legally allowed to attack your systems. You can not challenge the attacker in court without getting permission from a federal bureaucrat - who, one assumes, may not be particularly sympathetic to your cause. For added fun, any "copyright holder" will be authorized to act in this fashion. As soon as, say, a copyrighted article is posted to Usenet, the owner of that article will have the right to take the whole thing down. If one makes the reasonable assumption that some people might just feel the need to retaliate against an attack of this nature, whether or not they are protected by federal law, it is not hard to foresee a time when the net is a rather more violent and unpleasant place than it is now. It is hard to imagine this law actually passing - though it is dangerous to assume reasonable behavior in Washington these days. But the proposal is a clear sign of the sort of power grab that is underway. Not only do they want control over every bit that passes through your computer; they also want the ability to take justice into their own hands if they don't like your behavior. Stallman's The Right To Read looks more prophetic all the time.
The end of the road Over the last several months we at LWN have looked at numerous ways of funding this operation. It takes people to write LWN, and it takes a lot of their time; it is not something that is easily handled on "off hours." Those people really would like to be paid for their time, and that is something which has not happened here for quite a while. Various approaches to bringing in money have been tried; the most successful of all was simply asking LWN readers for donations to keep the operation going. But we have not succeeded in raising even a fraction of the required funds.Other options (such as subscriptions) have been considered in depth, but there is little promise (and much aggravation) to be found in that direction. So the time has come to face the reality of the situation: what LWN is offering is not what the market is willing to pay for at this time. It's time to find something else to do. The end result is that next week's LWN Weekly Edition (August 1) will be the last. This has not been an easy decision to make, to say the least. But, barring some sort of last minute miracle (do contact us if you have one, please!), we do not see any alternative. We'll have more information next week on things like content tarballs and releasing the site source. Some parts of LWN may yet go on in a different form as well. But this particular journey is coming to an end. It has been a great ride.
Page editor: Jonathan Corbet Security Security news Using Linux to secure Microsoft Windows NAH6 of Amsterdam plans to develop and sell laptops running Microsoft Windows on top of Debian GNU/Linux to encrypt all Windows files. The software will be "free for noncommercial use." See the articles in ZDNet and News.com for more informaiton.
Feds set to enforce PC security (ZDNet) Four US Government agencies are putting together some security benchmark tests for various operating systems. "The benchmark is a program that checks the target operating system for unpatched flaws and system settings that could make PCs vulnerable to intrusions or bugs. While the first such benchmark focuses on Windows 2000 workstations, versions of the program for Windows 2000 and NT servers, Sun Microsystems' Solaris operating system, Cisco's IOS router operating system, Linux and HP-UX are in the works."
Online Security Incidents Jump in 2002 (PCWorld.com) PCWorld.com considers the implications of the 1988-2002 CERT/CC Statistics since the recent addition of the numbers for the second quarter of 2002.
Internet security incidents for the first half of 2002 are up sharply over 2001 and are on pace to substantially exceed last year's figures, according to new statistics released Thursday by the Computer Emergency Response Team Coordination Center (CERT/CC).
This increase, however, may be due to better reporting and awareness, and not due to substantially increased attack activity, according to a CERT/CC representative.
Scripting flaw threatens Web servers (News.com) News.com looks into recent PHP security vulnerabilities. "A flaw found in newer versions of the PHP Web server scripting language could allow attackers to crash, and in some cases control, computers over the Internet, an open-source developer group announced Monday. The vulnerability affects versions 4.2.0 and 4.2.1 of PHP, according to the PHP Group."Please also see the LWN.net vulnerability report. In particular, almost every Linux distributor appears to ship older (and thus not vulnerable) versions of PHP.
Security reports SSH Protocol Trick Sebastian Krahmer has written a paper which describes (PDF format) "how SSH clients can be tricked into thinking they are missing the hostkey 2 even though they already have it in their list of known keys." A shorter version of the paper appears in PHRACK 59. The paper and exploit program will be "uploaded to 7350.org as soon as the issue has been 'solved' by SSH vendors and some corrections made it into the text."
Mozilla Javascript cookie stealing vulnerabilty Andreas Sandblad reports that Mozilla allows script written in javascript to steal cookies from other domains. He reports the problem as fixed in Mozilla 1.1 Beta released 02-07-22. A Bugzilla entry describing the problem is also available.
Mailman cross-site scripting vulnerability Mailman versions 2.0.11 and prior have what appears to be an Internet Explorer client specific cross-site scripting vulnerabilty. The problem is fixed in Mailman 2.0.12 which is available from here.
Geeklog XSS and CRLF Injection Vulnerabilities Ulf Harnhammar reports that Geeklog 1.3.5sr1, and possibly earlier versions, has a cross site scripting vulnerability and a CRLF Injection hole. The problems are fixed in Geeklog 1.3.5sr2.
Geeklog is a 'blog', otherwise known as a Weblog. It allows you to create your own virtual community area, complete with user administration, story posting, messaging, comments, polls, calendar, weblinks, and more! It can run on many different operating systems, and uses PHP4 and MySQL.
Pyramid BenHur Firewall leak The BenHur Firewall from Pyramid Solutions has a bug in the active FTP portfilter ruleset that results in a firewall leak. The problem is fixed in experimental update 067 (19 Jul 2002).
BenHur is a firewall appliance based on Debian Linux using Linux
kernel 2.2.x built-in ipchains firewalling capabilites.
New vulnerabilities PHP Remote Compromise/DOS Vulnerability
Updated vulnerabilities Heap corruption vulnerability in at
Denial of service vulnerability in version 9 of BIND
bind buffer overflow vulnerability in DNS resolver libraries
Ethereal buffer overflow, infinite loop and memory management vulnerabilities
GNU fileutils race condition
Buffer overflow in groff
UW imapd remotely exploitable buffer overflow
Apache mod_ssl off-by-one local code execution and DoS vulnerability
libpng buffer overflow vulnerability
LPRng accepts jobs from any host.
Mailman 2.0.11 fixes two cross-site scripting vulnerabilities
Mozilla XMLHttpRequest file disclosure vulnerability
String format bug in pam_ldap logging
Remotely exploitable vulnerability in pine
Sharutils potential privilege escalation using uudecode
Multiple vulnerabilities fixed in Squid-2.4.STABLE7
Malformed NFS packet buffer overflow vulnerability in tcpdump
Multiple vendor telnetd vulnerability
Multiple vulnerabilities in SNMP implementations
webalizer: reverse DNS buffer overflow vulnerability
Webmin/Usermin vulnerabilities
Problems with libgtop_daemon
xchat IC server based dns query vulnerability
Resources Wireless Security Blackpaper (Ars Technica) Trey "Azariah" Dismukes has written a black paper on security and wireless networks.
Fast forward to today. While wireless networks have seen widespread adoption in the home user markets, widely reported and easily exploited holes in the standard security system have stunted wireless' deployment rate in enterprise environments. While many people don't know exactly what the weaknesses are, most have accepted the prevailing wisdom that wireless networks are inherently insecure and nothing can be done about it. Can wireless networks be deployed securely today? What exactly are the security holes in the current standard, and how do they work? Where is wireless security headed in the future? This article attempts to shed light on these questions and others about wireless networking security in an enterprise environment.
TASK 1.50 & Autopsy 1.60 release Brian Carrier announced the release of The @stake Sleuth Kit (TASK) 1.50 (with NTFS Support) and Autopsy 1.60.
The @stake Sleuth Kit (TASK) and Autopsy Forensic Browser are an open
source alternative to the common Windows-based digital forensic tools.
Autopsy provides an investigator with an HTML-based graphical interface
that allows one to browse images from compromised systems in a "File
Manager"-like interface. Windows and UNIX file systems can be analyzed
to view deleted files, create time lines of file activity, and perform
key word searches.
Web based portscan database Ryan Fox announced the initial release of the Portscan web based portscan database tool. "I have developed a web based portscan database tool, aptly named Portscan. Currently, it accepts portscans in nmap's xml format and stores them in it's database (MySQL). Searches can be performed on the database by hostname/os. "
Linux Security Week and Advisory Watch The July 22nd Linux Security Week and July 19th Linux Advisory Watch newsletters from LinuxSecurity.com are available.
Events University of Idaho Workshop on Computer Forensics The workshop will be held September 23rd, 24th and 25th, 2002, in Moscow, Idaho, USA.
Due to the generosity of our sponsors, I'm able to offer several
scholarships to academics (faculty and students) to assist with the
costs of travel and lodging. We're primarily allocating them to
faculty considering teaching a computer forensics course,
students/faculty beginning research in the area who would benefit from
a broad overview, and speakers who are presenting their research at
our workshop (speaker slots still open).
Upcoming Security Events
For additional security-related events, included training courses (which we don't list above) and events further in the future, check out Security Focus' calendar, one of the primary resources we use for building the above list. To submit an event directly to us, please send a plain-text message to lwn@lwn.net.
Page editor: Dennis Tenney
Kernel development Release status Current kernel release status The current development kernel is 2.5.28, released on July 24. It contains major changes to the interrupt handling subsystem (see below), large m68k and PPC64 updates, Russell King's long-awaited new serial driver, numerous filesystem and block device changes from Alexander Viro, and more. Those wanting the details can see the long format changelog.2.5.27 was announced by Linus on July 20 (the long format changelog is also available). The truly significant changes in this release included Rik van Riel's reverse-mapping VM and the beginning of the Linux Security Module merge. The LSM patch includes hooks mostly relating to process control; the rest should find their way in with later releases. This kernel also contains a lot of USB and RAID changes, some NFS tweaks, and various other fixes and updates. 2.5.27 also included Martin Dalecki's IDE 99 and IDE 100 patches which, for some reason, were not posted to the public list. Unfortunately, IDE 99 contains a bug which can lead to system lockups and file corruption; thus 2.5.27 gave some users more than they had bargained for. The discussion of the 2.5 IDE problems continues on linux-kernel; the latest development is that IDE hacker Bartlomiej Zolnierkiewicz, who, until recently, has been one of Martin Dalecki's defenders, has stated his intention to create his own IDE subsystem, based on the 2.4 implementation.
The current prepatch from Dave Jones is 2.5.27-dj1. "Mostly resyncing with the various trees that have sprouted in the last week, and applying obvious stuff that didn't take much thinking." Guillaume Boissiere's latest 2.5 status summary is dated July 23. Guillaume has also posted a 2.5 TODO list with the best available guesses as to what will happen between now and the Halloween feature freeze. The current stable kernel is 2.4.18. Marcelo posted the third 2.4.19 release candidate on July 19. It is, he says, the last release candidate unless something really serious comes up. Alan Cox's current prepatch is 2.4.19-rc3-ac2; in addition to numerous fixes it includes the new disk quota code from 2.5.
Kernel development news Thrashing the interrupt code Dig into the source of an old Unix system, and you will almost certainly find calls to cli() and sti(), which disable and enable interrupts, respectively. The Linux kernel, too, has these calls. In the Good Old Days, when Linux did not run on SMP systems, a call to cli() was sufficient to guarantee exclusive access to any resource of interest. Kernel code was not preemptable, so, in the absence of interrupts, no other kernel code had any possibility of running.SMP changed all that, of course. The cli() call remained, however, for the few places that really needed it - and to avoid having to change a great deal of code which relied on cli() for mutual exclusion. The cli() call became global, in that it disabled the handling of interrupts on all processors in the system. Note that it did not disable the interrupts themselves, just the processing of those interrupts. This was accomplished by way of the "big IRQ lock" (global_irq_lock); once cli() was called, any processor attempting to handle an interrupt would spin on that lock until things were released with sti(). Needless to say, spending a lot of time with interrupts globally disabled in this way is not good for performance; thus the use of cli() and sti() has been discouraged for a long time. As of 2.5.28, these functions are no longer discouraged - they are gone. Ingo Molnar sent out a patch (since revised an unbelievable number of times) which removes the global_irq_lock, the cli() and sti() primitives, and more. The result is the removal of a bunch of old legacy code, a faster IRQ handling subsystem, and a great many broken drivers. Said drivers are being fixed, but building Linux kernels for SMP systems could be a bit challenging for the next release or two. This patch also merges three different counters that the kernel used to maintain:
The soft IRQ and preemption counters could also be used to disable software IRQs and kernel preemption by setting them to a nonzero value. The two IRQ counters, taken together, indicate whether the processor is currently responding to an interrupt. In other words, all of these counters are related to each other - they describe what kind of code is running at the moment and what sorts of diversions the processor is allowed to take. So, with Ingo's patch, all three have been merged into the per-process preemption counter. This change results in some simplified code; it should be mostly transparent to the rest of the kernel. The cli() change is not transparent, though. People maintaining or writing drivers will now need to bear in mind that there is no longer any way to globally disable interrupts. You can still disable interrupts for the current processor (with local_irq_save() and friends), but other processors will still accept and handle interrupts. The only really safe way of protecting resources is most situations is with spin_lock_irq(); a number of drivers will need to be (finally) converted over to real locking before they will work again. Ingo has included a document (cli-sti-removal.txt) in the kernel source to help driver maintainers who are wondering how to handle this change.
On the initialization of structures The kernel source contains a great many structures which are initialized at compile time. Back in the 2.3 development series, substantial effort went into converting all of those initializations into the gcc designated initialization format:
struct something my_struct = {
field_1: value,
field_2: value,
...
};
The advantage of this format, of course, is that it is possible to clearly initialize a subset of the structure's fields and not have things break if the declaration of the structure changes. It was a good change which cleaned up a lot of code. There's only one problem: the C99 standard chose a different format. Standard-compliant C should instead contain initializations that look like:
struct something my_struct = {
.field_1 = value,
.field_2 = value,
...
};
After a bit of discussion, the kernel hackers have decided to, you guessed it, convert all of the structure initializations in the kernel to the new format. Those changes are starting to find their way into the mainline; all new code should certainly be done the standard way.
Implementing SMP clusters Larry McVoy's cache-coherent cluster (or SMP cluster) idea was discussed (briefly) on this page two weeks ago. Now Karim Yaghmour has posted a white paper describing how such clusters might be implemented. The design uses a modified version of Adeos to run multiple Linux kernels, each of which has control over a subset of the whole system. The result is a path toward SMP clusters that requires only minimal changes to the Linux code itself. There is still the little matter of actually doing the work, of course, but this design is a promising start.Those interested in Adeos may also want to look at the milestone 2 release which, among other things, adds SMP support.
Patches and updates Kernel trees
Core kernel code
Development tools
Device drivers
Filesystems and block I/O
Kernel building
Memory management
Networking
Architecture-specific
Security-related
Miscellaneous
Page editor: Jonathan Corbet
Distributions Distribution News Debian GNU/Linux 3.0 released Here it is at last: the announcement for Debian GNU/Linux 3.0, also known as "Woody." There's no end of improvements over 2.2 in this release; click below for the full scoop.
[2002-07-20] Debian Release Status Update This release status update covers the new testing distribution, codenamed "sarge". Now that "woody" has been released as stable, "sarge" is the new unstable.
Debian Weekly News - July 23rd, 2002 Here's the Debian Weekly News for July 23, 2002. Topics this week include free software and the European Commission; Debian swirl images for the Ericsson T65 cellular phone; and a Debian release party in Berlin.
2 tera flops Debian Cluster Here is a little story from Denmark, about a 2 tera flops Debian Cluster. (Thanks to Hans Schou)
Mandrake Linux 9.0 Beta 1 The first beta of Mandrake Linux 9.0 has been released. "As with any Beta, this one is probably loaded with nasty bugs which may cause serious problems on production systems."
Mandrake Linux Community Newsletter - Issue #51 The Mandrake Linux Community Newsletter for July 18, 2002 is available. The top story looks at Mandrake/Microtel systems at WalMart.com and contains more Mandrake news.
New Distributions Debian-Ham Debian-Ham is a floppy distribution specifically for contesting and logging. It is based on uClibc, busybox, and tlf. The current scheme uses a LILO boot floppy with a minix root floppy. Network support is included to connect to a DX cluster. The initial Freshmeat announcment was for version 0.3, released July 21, 2002.
Minor distribution updates Alindis 0.1.0 released Alindis has released version 0.1.0 with major feature enhancements.
ClumpOS ClumpOS has released R6.0 with major feature enhancements.
DeMuDi The DeMuDi project has been silent for some time, but the website now declares, "DeMuDi is in fact more than alive, and in very good shape....:-)". DeMuDi has received funding from AGNULA, a project funded by the European Community. The first official release, DeMuDi Agnula 0.9, is due out in November 2002.
e-smith Mitel Networks announced the immediate availability of version 5.5 of the SME Server. This new version includes new internationalization support (including a localization into French Canadian), improved remote access support, new interfaces for developers and much more. (Thanks to Brock Frazier)
Gentoo Linux Here are some announcements from Gentoo Linux.
If you are going to be at LinuxWorld next month, look for Gentoo folks at the PenguinPPC booth.
Lunar-Linux The Lunar-Linux project announced that the cvs module formerly known as theedge had achieved enough stability to become the first Lunar.
MSC.Linux MSC.Linux has released Itanium 2-based MSC.Linux V2002. MSC.Linux IA-64 2002 (July) for the HP zx1 chipset is also available.
Netule Netule.org is headed for an overhaul, as development moves to a SourceForge based system. The overhaul is timed to coincide with the introduction of a branch of newly Open Sourced development projects.
OpenNA OpenNA Linux has released beta4 of its distribution. Bugs have been fixed, new packages added, and lots code cleaned up since beta3.
PXES Linux Thin Client PXES Linux Thin Client has released version 0.5-RC3 with minor feature enhancements.
RxLinux RxLinux has released version 1.0.6 with major feature enhancements.
ttylinux ttylinux has released version 2.3 with minor bugfixes.
Distribution reviews Lycoris: A Linux OS Good for Grandma (OnLamp) O'Reilly's OnLamp.com reviews Lycoris' Desktop/LX. "Technically, there's more to Desktop/LX than just pretty icons (which have an obvious Windows XP style to them) added to the KDE interface. Lycoris created over 1,000 code patches for KDE in order to tightly integrate the GUI with the underlying Linux kernel and other operating system functions. For one, it revamped the KDE Control Center--the Desktop/LX configuration menu where software and hardware is added and removed from the system."
Page editor: Rebecca Sobol
Development System Applications Audio Projects Ogg Vorbis 1.0 Released Version 1.0 of the Ogg Vorbis audio codec software has been released. Downloads are available here. "This is a full release of a 1.0 encoder, decoder and tool set. The encoder, decoder and tools now implement all Vorbis 1.0 specification features including low-bitrate, cascading and channel coupling."
Ogg Vorbis News The latest Ogg Vorbis News looks at Ogg Vorbis 1.0.
Education Linux in Education Report #75 Issue #75 of the SEUL/Edu Linux in Education Report includes talk of educational software forums at several conferences, a successful school conversion to Linux, the Virtual Rainforest Project, the Linux Access Project in Dehli, and a bunch of new educational applications.
Libraries Matrix libraries for C and C++ (IBM developerWorks) IBM's developerWorks is running an article that compares three open-source matrix manipulation libraries that work with C and C++.
Networking Tools gFTP: 2.0.13 has been released Version 2.0.13 of gFTP, the GNU FTP client, has been released. A few new features and a long list of bug fixes are included.
Printing LinuxPrinting.org news LinuxPrinting.org lists version 2.0.0 of the Foomatic print filter system and version 1.2 of the HPIJS inkjet printer driver, which features new support for monochrome laser printers and more.
LPRng 3.8.13 available Version 3.8.13 of the LPRng print spooler system is available. The change logs are available within the source code.
Web Site Development Server clinic: Lightweight Web techniques (IBM developerWorks) Cameron Laird shows some tricks on using Expect for web server CGI scripting. "Was the first 'Server clinic' column serious in advertising Expect as the one language you most need? Several readers have written in since its publication with questions about how far to trust the claim. The short answer: yes. As the April 2002 column explained, Expect comes closer than any other language to being universal for the sorts of needs system programmers are likely to have with their servers. That does not mean, though, that you should spurn other languages."
Midgard Weekly Summary The Midgard Weekly Summary for July 23, 2002 is out. Topics include the release of Midgard 1.4.3, the Midgard 1.4.4 roadmap, Midgardians in Europe, the Midgard Bugtracker Usage Guide, a Midgard CVS Move, a MidCOM 0.2.0 public Beta Version, and Midgard at OSCOM in September.
Zope Members News The latest entries on the Zope Members News include Zope training in Switzerland, ZFloatMenu cross-platform support, RenderPM 0.1, ZWeather v0.2, a new Silva mailing list, ZPhotoSlides 0.2, and more.
ASPseek v.1.2.10 released A new version of the ASPseek search engine has been released. The changes include a number of bug fixes.
Desktop Applications Desktop Environments Knoda 0.5.3 released Version 0.5.3 of the Knoda relational database GUI for KDE 3 has been released, click below for a list of changes.
Games The latest PyGame entries This week's entries on PyGame include Pyrockets 0.2 and Pytris 0.9.
GUI Packages FLTK 1.1.0rc5 released Version 1.1.0rc5 of FLTK, the Fast, Light ToolKit has been released, progress marches toward the 1.1.0 release.
Interoperability Wine Weekly News The July 19, 2002 edition of the Wine Weekly News looks at Wine-20020710, Using NT Pathnames, 1000 entries on AppDB, a recently discovered memory handling problem, and more.
Samba News The latest Samba News includes a new Samba team member, the annual CIFS Conference, and more.
Office Applications Gnumeric 1.0.9 released Version 1.0.9 of the stable version of the Gnumeris spreadsheet is available with a number of minor bug fixes to the file importers.
Gnumeric 1.1.6 released Version 1.1.6 of the development version of the Gnumeric spreadsheet has been released with lots of changes. Click below for the details.
AbiWord Weekly News #101 The July 22, 2002 edition of the AbiWord Weekly News has been published. Topics include two new news editors, better tables, improved font support, automatic download of spell checker dictionaries, and bug fixes.
KC GNUe #38 Kernel Cousin GNUe #38 is available with all of the latest GNU enterprise news. The following threads are included:
Web Browsers Mozilla 1.1 Beta released Version 1.1 Beta of the Mozilla browser has been released. Most of the changes are to the JavaScript Debugger, see the release notes for more information.
mozillaZine mozillaZine looks at Mozilla 1.1 Beta, fully scriptable plug-ins for Mozilla, and more.
Creating Konqueror Service Menus Aaron J. Seigo explains how to work with Konqueror's context menus. "Creating new servicemenus is very simple, requiring nothing more than an idea and a text editor. You don't have to be a programmer or a KDE wizard to make them. In this tutorial we will be creating a set of actions that allows us to set an image as our desktop wallpaper just by right clicking on it and selecting "Use As Wallpaper". By the end of this tutorial you should be able to create your own servicemenus with ease."
Languages and Tools C GCC gets a new register allocator The GNU Compiler Collection, GCC, has a new register allocator. "Michael Matz of SuSE, Daniel Berlin, and Denis Chertykov have contributed a new register allocator. IBM and Rice University have allowed use of their register allocator software patents for graph coloring and register coalescing."
Caml The Caml Weekly News The Caml Weekly News for July 23, 2002 is available. Topics include ocamlnet-0.93, Epeire 0.8, and gpattern 1.0.
This week on the Caml Hump This week's entries on The Caml Hump include binding for the Fuse library with Mlfuse, the Epeire graphical interface for the OCaml debugger, and OCamlnet, a collection of IP protocol modules for the Objective Caml language.
Java GCJ moves toward the x86-64 architecture The GCJ Compiler is getting new support for the x86-64 architecture. "Bo Thorsen, SuSE Labs, has implemented the necessary support in FFI, boehm-gc and libjava to get libgcj running on x86-64. This is a big step towards getting libgcj fully supported on x86-64."
NetBeans: Open IDE, Open Platform, Open Source (O'Reilly) Tim Boudreau writes about NetBeans on O'Reilly's OnJava site. "You may already be familiar with the NetBeans Integrated Development Environment (IDE), the product of the NetBeans open source project -- it's a world-class multi-language IDE in its own right, and forms the the basis for development tools from Sun Microsystems (SunONE Studio), Compuware (OptimalJ), and a number of other companies. But you may not know about some of the fascinating uses to which the IDE's architecture has already been put within the industry -- outside of the realm of development tools."
Lisp LISA 1.3 released Version 1.3 of LISA, the Lisp-based Intelligent Software Agents, has been released. According to Paolo Amoroso, "This version features several significant changes including a different fact representation model, different interfaces for DEFTEMPLATE and DEFINPORT, new code documentation, removal of synchronization from multiprocessing support, and more." See the release notes for more information.
New HTML version of CLX manual A new, online version of the CLX manual is now available. "CLX is the standard Common Lisp interface to the X Window system developed by Texas Instruments and MIT in the late eighties. It is an Xlib level interface."
Perl Perl 5.8.0 released The release announcement for Perl 5.8.0 has gone out. Stuff in the new release includes improved Unicode support, a new threads implementation, 64-bit support, a big pile of new modules, and more; see the announcement for the full list.
This week on perl5-porters (15-21 July 2002) (use Perl) The Perl 5 Porters digest for July 15-21 is out. Topics include module upgrades, unused Perl features, the new bug database, finding memory leaks with Insure, Perl I/O issues, maintenance releases, hashes and memory uses, the sort pragma, and more.
This week on Perl 6 (O'Reilly) This Week on Perl 6 for July 23, 2002 is out. Topics include Parrot 0.0.7, Retro Perl, Parrot docs, MANIFESTations, Hyper operators, and more.
Parrot 0.0.7 Released (use Perl) Use Perl is carrying an announcement for version 0.0.7 of the Perl 6 Parrot compiler. This release features support for Perl 6 grammar and has a functional compiler. The following features are also new:
PHP PHP Weekly Summary The PHP Weekly Summary for July 22, 2002 is out. Topics include an Arabic manual translation, Autoconf 2.5.X and CVS, IMAP Quota support, PHP newsgroup started, cvs.php.net, Safe mode in file functions, mbstring extension, and Bug packs.
Introduction to PHP Objects, Part 1 (O'Reilly) John Coggeshall shows how to do object-oriented scripting with PHP on O'Reilly. " In today's column, I'll be introducing one of the more interesting and useful methods of writing PHP scripts -- the object-oriented method. Those of you who might have experience with an object-oriented programming language such as Java or even C++ will find themselves right at home with most of the concepts I'll begin outlining here. However, be warned -- PHP objects have a mixture of C++ and Java, making them a little different than what you might be used to. In any case, let's get started with the basics."
Pear weekly news A publication known as the PEAR Weekly News is now being published, PEAR is a framework and distribution system for reusable PHP components. "This week includes 3 new releases both beta and development versions, ready to be tested, Along with news on the PEAR Package Installer, Smarty and Developers Birthdays."
Python Daily Python-URL New on the Daily Python-URL this week are articles on PyAmazon, PyMETAR, CyberChair, pyrepl, a Free Python and Zope Hosting Directory, an Introduction to Python programming, and what's new with regular expressions,
Building GUI Applications with PythonCard and PyCrust Patrick O'Brien introduces PythonCard and PyCrust on O'Reilly. "Developing the Graphical User Interface (GUI) for a Python application is often a tedious, time-consuming, and opaque process. This is the exact opposite of how Python programmers would describe most other aspects of software development using Python. So what is it about GUI applications that causes them to be so hard? Perhaps more importantly, can anything be done to improve the situation? This article attempts to answer that question and describe how the PythonCard project is addressing these issues."
Ruby The Ruby Weekly News This week's Ruby Weekly News looks at ruby-libxml, Amrita 0.8.1, and Ruby/MaxL 1.5.0, among other things.
Scheme Scheme Weekly News The July 15, 2002 edition of the Scheme Weekly News is available with the latest from the Schem | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||