2004 December

If you’ve been working to design your desktop theme to closely resemble Windows, why stop there? Install Windowlike, an app that completes the Windoze experience by randomly crashing your applications! Combine it with the Blue Screen of Death screensaver and it will be like you never even installed Linux!

KDE Security Advisory 20041223-1
Systems affected:
KDE 3.2 up to including KDE 3.2.3.
KDE 3.3 up to including KDE 3.3.2.
Overview:
kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains
[...]

Secunia Advisory: SA13607
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Vendor Patch
Software: LibTIFF 3.x
infamous41md has reported two vulnerabilities in LibTIFF, which can be exploited by malicious people to compromise a vulnerable system.
1) The vulnerability is caused due to an integer overflow in the “TIFFFetchStripThing()” function in “tif_dirread.c” when parsing TIFF files. This can be exploited via [...]

Ever wanted to tinker with FreeBSD, but felt intimidated by its being a more “hardcore” UNIX system? You’d probably be surprised to find there aren’t many major differences at all, and Dru Lavigne’s latest ONLamp column will help you on your way. In this first of two parts, she discusses the differences between FreeBSD and [...]

For those of you who use MPlayer or have been thinking about it, now may be a good time to upgrade: version 1.0pre6 has just been released, and contains a whole slew of new updates and upgrades, including the 1.0pre5try2 bugfixes that resolved a few security vulnerabilities.

If you’re running Mozilla or Firefox on a broadband connection, you may not think it could get much faster. If so, you’d be wrong.

PNM Handler Negative Read Length Heap Overflow Vulnerability
“…Remote exploitation of a buffer overflow in version 0.99.2 of xine could allow execution of arbitrary code….
xine-lib 1-rc8 was released to address this vulnerability and is
available for download at:
http://xinehq.de/index.php/releases
An xine patch for this vulnerability is available at:
http://cvs.sourceforge.net/viewcvs.py/ xine/xine-lib/src/input/pnm.c?r1=1.20&r2=1.21
An MPlayer patch for this vulnerability is available at:
http://www.mplayerhq.hu/MPlayer/patches/pnm_fix_20041215.diff“
Multiple Vendor Xine [...]

Secunia Advisory: SA13661
Critical: Highly critical
Impact: System access
Where: From remote
Solution Status: Unpatched
Software: SHOUTcast 1.x
Tomasz Trojanowski and Damian Put have discovered a vulnerability in SHOUTcast, which potentially can be exploited by malicious people to compromise a vulnerable system.
The vulnerability is cause due to a format string error in the URL handling within the processing of requested filenames. This [...]

A thought provoking question to be sure. Does Linux really need a killer app to succeed? As I once explained to the public, Linux needs to find a way to simply ‘work’ without having to ‘config’ everything. Once this can be done, it will really begin to become a real threat in the desktop market.
As [...]

Every dog has its day. And Yellow Dog Linux is certainly no exception to this rule. Today’s review from Apple-X was a bit mixed. It would seem that this distro of Linux may still be a bit buggy at its heart. This is unfortunate being it could be a distro with a lot to offer.

Thought this was interesting. Apparently, unpatched Linux PCs are able to remain secure online for many months at a time. Does this mean that Linux is more secure? Maybe, but I have to wonder if part of the reason is because Linux is more often than not, simply avoided as a target in the first [...]

This is an event that I would have loved to have been able to attend. The First International Conference on Open Source Systems looks like it will be a power-packed event to be sure.
At its core, this event is designed to bring together people from industry, public administration, plus many others to begin to set [...]

Feel like getting ‘extra geeky’? Well then this guide on writing emulator-friendly Linux code ought to meet your geek urges with the quickness. The article starts out simple enough, but soon works into more technical stuff later on.
Definitely a great primer though if you are interested in the inner workings of emulator basics.

Looks like the Storix System Backup Administrator package has received their certification by Novell for SuSE Linux. Definitely a red letter day for Storix, I wonder what sort of office party they were having.
Since it is almost Christmas anyway, it makes sense that have both parties at the same time, right?

I have little doubt some variant of the iPod will be a hot gift this year, and no doubt the Linux heads among you will instantly look for ways to to start synching it with your Linux boxen. Hopefully I’m about to save you some trouble.

A common question from Linux users, particularly new Linux users, is “Do I need antivirus on my system?” My answer is usually “it depends.” For the most part, unless you’re sharing files with Windows users (whether via Samba or across the Internet), dual-booting into a Windows environment, or running a mail server, you probably don’t [...]

Wait a second here, Red Hat has turned a profit? Why, when did this happen? A lot more recently than I thought apparently according to CNET. Just goes to prove that if you give something a little time, wonderous things can happen.

So, VPN’s have plum-gone Open on us, have they? Wow, that sounded completely different than I had thought it would! No matter, I am really interested in this idea of an OpenVPN though.
Definitely an Open Source project for those looking for an alternative to their existing VPN (Virtual Private Network), OpenVPN will run on just [...]

So, database companies have decided to step over to the Open side of things? The Open Source side, that is. To me it is really not all that surprising to see companies in this sector wanting to jump off the closed source boat.
Don’t get me wrong, closed source is fine - for some types [...]

When some of you read the title of this, I could almost swear that I heard someone gasp in fear of the skill that setting up Internet sharing would take with a Linux box. Actually, if you have the basics down and something to use as a reference, it is really not that bad.