LWN.net News from the source
Brief items
[This article was contributed by LWN reader Burt Janz]
Earlier this month, Schwäbisch Hall began an IBM-hosted initiative to convert hundreds of its city-run computers to Linux. With Sony announcing that it would be dropping Microsoft Office in favor of StarOffice on most consumer systems sold in Europe, the availability of OEM-hosted Open Source desktop applications may be prompting the next step in the adoption of Linux as an alternative to Microsoft - especially in government.Now, another initiative to convert Germany's government computer operations to Linux has been announced. Joachim Jacobs, the Federal Commissioner for Data Security, apparently feels that Open Source provides a more secure set of network management tools than those available under Windows, and will begin the conversion by moving mail, file services, DHCP and DNS, and other network services to Linux. Additionally, up to 75 desktop systems will also be converted to Linux.
In his announcement, Mr. Jacobs addressed one of the primary issues cited by anti-Linux advocates: training. Herr Jacobs knows that there will be a certain amount of retraining necessary in moving to Linux, but also knows that Linux is sufficiently close to UNIX in most of his required operations so that these retraining costs should be minimal.
However, Mr. Jacobs also attacks the retraining issue in another realm: the desktop. This is the one area where Linux opponents are most vocal, and the place where Microsoft is placing its largest bets. Mr. Jacob's response to the issue is simple: since he has to retrain people every five years or so, and since he has to have a budget to do it, why not retrain them to use Open Source instead of Windows? This is a compelling argument, and could be used to make the case for "test conversions" to Linux in the corporate world.
(See also: this Heise News article (in German)).
New vulnerabilities
| Package(s): | exim | CVE #(s): | |||||
| Created: | December 17, 2002 | Updated: | December 17, 2002 | ||||
| Description: | Versions of exim prior to 4.10 have a format string vulnerability which may be used, in certain limited circumstances, for a local root exploit; see this advisory for details. | ||||||
| Alerts: |
| ||||||
| Package(s): | fetchmail | CVE #(s): | CAN-2002-1365 | ||||||||||||||||||||||||||||||||
| Created: | December 17, 2002 | Updated: | October 20, 2003 | ||||||||||||||||||||||||||||||||
| Description: | Versions of fetchmail prior to 6.2.0 have (yet another) buffer overflow vulnerability which can be exploited remotely via a suitably crafted message. See this advisory for details. | ||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||
| Package(s): | micq | CVE #(s): | |||||||||
| Created: | December 13, 2002 | Updated: | April 24, 2003 | ||||||||
| Description: | Rüdiger Kuhlmann, upstream developer of mICQ, a text based ICQ client, discovered a problem in mICQ. Receiving certain ICQ message types that do not contain the required 0xFE seperator causes all versions to crash. | ||||||||||
| Alerts: |
| ||||||||||
| Package(s): | mysql | CVE #(s): | |||||||||||||||||||||||||||||||||||||||||||||
| Created: | December 13, 2002 | Updated: | April 10, 2003 | ||||||||||||||||||||||||||||||||||||||||||||
| Description: | The MySQL database server has several buffer overflow and integer bounds checking vulnerabilities which can lead to denial of service attacks, and, possibily, remote code execution. See this e-matters advisory for details. Version 3.23.54 fixes the problems. | ||||||||||||||||||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||||||||||||||||||
| Package(s): | net-snmp | CVE #(s): | CAN-2002-1170 | ||||||||
| Created: | December 17, 2002 | Updated: | November 7, 2003 | ||||||||
| Description: | The SNMP daemon included in the Net-SNMP package versions 5.0.1 through 5.0.4 can be caused to crash if it is sent a specially crafted packet. | ||||||||||
| Alerts: |
| ||||||||||
Resources
Page editor: Jonathan Corbet
Next page:
Kernel development>>
Copyright © 2002, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds