Linux News for Apr 27, 2001

• AbiWord Weekly News #41 (Apr 27, 2001, 23:00)
  AbiWord Weekly News is back, providing readers with a look at the most recent bugfixes, CVS activity, and useful excerpts from the mailing lists related to this Open Source word processor. The highlight of the week for most will likely be the release of AbiWord 0.7.14.


• NeoPlanet Postpones Mozilla Work, Expands Beyond Browser Paradigm (Apr 27, 2001, 22:30)
  An early win for the Mozilla project was NeoPlanet's decision to use the Gecko engine as the foundation of some of its themeable (and rebrandable) browsing products. The company, however, has taken a turn in strategy and indefinitely suspended its plans for Mozilla.


• LinuxProgramming: Zope 2.3.2 released (Apr 27, 2001, 22:00)
  Zope 2.3.2 has been released with minor bugfixes from the last beta release of this version.


• SurePlayer.org announces first open source MPEG 1 Java Audio/Video Player (Apr 27, 2001, 21:33)
  This is a non-proprietary, open-source MPEG-1 audio/video player built on Java and, by extension, mostly platform agnostic. We say "mostly" because our own examination revealed no sound on either Netscape 4.x (which the company says they expect) or Netscape 6.01 (which isn't supposed to be the case.) At any rate, please read the announcement, try out the demos, and make sure to share your successes (or failures) with other readers.


• NE Online: "On Being Linus" (Apr 27, 2001, 21:30)
  Here's a five page interview with Linus Torvalds, covering a little of everything: from the genesis of Linux as free software, to opening the source to Transmeta's code morphing language, to the future of Open Source software: "The future won't be all Open Source. That's clear. I think it's going to be one accepted way of doing things, and it will take over in certain niches, especially in niche markets where you don't have a lot of economics of scale. I mean developing software is really expensive. It is only cheap to copy. So if you want to make money on software, you have to sell millions and millions. That's obviously what Microsoft does. And so in small projects, in niche markets, I think Open Source has the best leg-up, and then what tends to happen is that once you've found one niche, it kind of tends to spread just because it can. And I think that's going to be the pattern in most areas."


• TechWeb: Google Defies Dotcom Downturn (Apr 27, 2001, 20:56)
  Google visitors can, according to one firm, provide a web page in 0.64 seconds on average by leveraging the power of server farms using "truckloads of small systems," and it does it using Linux. This article looks into the logistics and decision-making that goes into making Google tick from a non-evangelical point of view, right down to the distribution the site's chosen.


• GNOME: Accessibility Project Launched (Apr 27, 2001, 19:35)
  "A new GNOME project, atk, which contains the initial code for ATK (Accessibility Toolkit) was created yesterday."


• The Haus: Review of Shogo for Linux (Apr 27, 2001, 18:45)
  "[Gameplay] is where the port really shines. Despite the somewhat higher requirements, it is very faithful to the original. I could find no differences between gameplay in Linux and in Win98. As a matter of fact, you can even argue that it is better in Linux because Shogo doesn't lock up with NVIDIA cards like the original does."


• SecurityFocus: "lpdw0rm" Worm Analysis (Apr 27, 2001, 18:43)
  This worm exploits unpatched Red Hat 7.0 servers running lprng, as the recent Lion worm did. According to this analysis, though, it remains a threat.


• CNET/Yahoo!: Amazon yanks "Gates," "Torvalds" reviews (Apr 27, 2001, 18:15)
  Death of a gag: Amazon's pulled dueling Linux reviews from "Bill Gates" and "Linus Torvalds."


• osOpinion: All for One -- Without Indrema (Apr 27, 2001, 17:45)
  What do TV/VCR combos have to do with the death of the Indrema? This osOpinion column maintains that the console failed to do one thing and do it well and that's what killed it. Our related stories offer a sampling of competing theories.


• LinuxSecurity.com: Linux Advisory Watch - April 27th 2001 (Apr 27, 2001, 17:15)
  "This week, advisories were released for mgetty, netscape, nedit, zope, sendfile, samba, hylafax, licq, slrn, and sudo. The vendors include Debian, FreeBSD, Mandrake, Progeny, Red Hat, and SuSE. This was still a pretty active week. The samba vulnerability and others such as sendfile and sudo are pretty serious. As always, it is important to stay current with all software you choose to implement."


• The Register: SCO channel chill bodes ill for Caldera (Apr 27, 2001, 16:45)
  Did Caldera make a serious misstep in its acquisition of SCO? This article includes correspondence from a SCO reseller who says Linux binary compatibility with SCO is cannibalizing not only SCO sales, but damaging Caldera's Linux business because of Red Hat's superior name recognition.


• SignalGround: Living Cheaply: SuSE 7.1 and USB on a Budget Box (Apr 27, 2001, 16:09)
  How's $474 sound for a reasonably speedy computer running the latest SuSE? Better yet, after reading the specs, how about coming back and tweaking them?


• Progeny Security Advisory: Older versions of NEdit make insecure use of temp files (Apr 27, 2001, 15:42)
  "NEdit, a popular GUI editor, insecurely opens a file in /tmp for printing purposes. This vulnerability could be used by a local attacker to cause a privileged user to unwittingly overwrite a file (via a symbolic link) to which the user has write access."


• The Register: Goodbye MS IE? AOL revs up for browser wars two (Apr 27, 2001, 15:16)
  We might not ordinarily be interested in a story about what a pair like Microsoft and AOL are up to, but this article hints at the possibility that Microsoft's loss (in the form of losing its status as AOL's default browser) might be Mozilla's gain.


• Debian Security Advisory: nedit symlink attack (Apr 27, 2001, 12:02)
  "The nedit (Nirvana editor) package as shipped in the non-free section accompanying Debian GNU/Linux 2.2/potato had a bug in its printing code: when printing text it would create a temporary file with the to be printed text and pass that on to the print system. The temporary file was not created safely, which could be exploited by an attacked to make nedit overwrite arbitrary files."


• Progeny Security Advisory: Vulnerabilities in FTP daemons (Apr 27, 2001, 02:13)
  This advisory discusses issues that could impact multiple FTP daemons from multiple sources and vendors. All related and similar software in Progeny Debian is summarized here.