News Bytes
By Deividson Luiz Okopnik and Howard Dyckoff
Contents: |
Please submit your News Bytes items in plain text; other formats may be rejected without reading. [You have been warned!] A one- or two-paragraph summary plus a URL has a much higher chance of being published than an entire press release. Submit items to [email protected]. Deividson can also be reached via twitter.
News in General
Debian Kernel Vulnerabilities Being Patched
Several long term kernel security vulnerabilities affecting Debian distros, including Ubuntu, are being addressed after receiving several CVE citations. The vulnerabilities are in the more recent Debian distros, including Lenny, Etch, and Squeeze. They also cover the following Ubuntu releases:
- Ubuntu 6.06 LTS;
- Ubuntu 8.04 LTS;
- Ubuntu 8.10;
- Ubuntu 9.04;
- Ubuntu 9.10.
The vulnerabilities involve Denial of Service attacks and, in at least one case, privilege escalation. One CVE involves an attacker accessing a VM guest doing a DOS attack on the host machine. The CVE numbers involved are: CVE-2010-0307, CVE-2010-0309, CVE-2010-0410, CVE-2010-0415, CVE-2010-0622 and CVE-2010-0623.
More details are here: http://www.ubuntu.com/usn/USN-914-1/.
CVE is a list of information security vulnerabilities and exposures that aims to provide common names for publicly known problems. The goal of CVE is to make it easier to share data across separate vulnerability capabilities (tools, repositories, and services) with this "common enumeration".
Metrics Reveal "Most Powerful Voices in Open Source"
In March, MindTouch, an open source alternative to Microsoft SharePoint, announced the publication of the "Most Powerful Voices in Open Source" (MPV) ranking. The list presents the top 50 most vocal, followed, and repeated/re-posted open source commentators, representing several spheres of influence, including media, vendors, OSS projects, standards bodies, community management, and more.
Created by MindTouch, the MPV ranking draws from the wide array of metrics available through Web and Enterprise 2.0 channels, including Twitter, Google News alerts, unique online visitor counts and analysis of the related "buzz" of vendor/project affiliations. This compilation was created using the MindTouch platform, federating these data sources, applying varied weighting, and processing it for delivery of the ranking. The list, which includes members worldwide from organizations such as Ars Technica, Canonical, Google, and SpringSource, is available in its entirety here: http://www.mindtouch.com/blog.
The top 5 MPVs are:
- Tim O'Reilly, founder and CEO of O'Reilly Media;
- Linus Torvalds, founder of Linux, open source advocate;
- Chris Messina, open Web advocate, Google;
- Miguel de Icaza, founder, Mono and Gnome projects;
- Jonathan Schwartz, former CEO of Sun Microsystems.
"It's about time someone has put together a metrics-based ranking of open source influencers," said Larry Augustin, CEO of SugarCRM. "Community advocacy is the major thrust of the spirit of open source, and communities have leaders. This list does a great job of identifying those leading voices."
"You'll see that this ranking is no popularity contest, there are a number of surprises outside of the 'usual suspects' often seen on this type of list," said Aaron Fulkerson, CEO of MindTouch. "This is because we let the numbers do the talking, instead of an emotions-based market perception that too frequently comes into play."
MindTouch is a leading provider of enterprise collaboration solutions in a market where more companies are operating under "lite" IT budgets. The purpose of MindTouch is to provide wiki-like ease of collaboration between humans and machines. For more information, please visit http://www.mindtouch.com/.
Linux Foundation to Host MeeGo Project
The Linux Foundation will be hosting the MeeGo project, an open source software platform for mobile computing devices. MeeGo combines Intel's Moblin and Nokia's Maemo projects into one common Linux-based platform.
MeeGo, announced in February by Intel and Nokia, will be deployed across many computing device types - including mobile computers, media phones, connected TVs, and in-vehicle infotainment systems. MeeGo is designed from the ground up for a new class of interactive computing devices.
MeeGo will be hosted by the Linux Foundation as an open source project in line with the best practices of the open source development model. MeeGo is working with existing upstream projects such as the Linux kernel, ofono, connman, X.org, D-BUS, tracker, GStreamer, Pulseaudio, and others. The companies and projects associated with MeeGo will continue to support those upstream projects.
As an open source software platform, MeeGo will help to reduce market fragmentation and complexity. Along with MeeGo, the Linux Foundation is working with companies and projects to optimize best practices for Linux-based development and lower costs for companies using Linux-based mobile operating systems. More information can be found at http://www.linuxfoundation.org/embedded/.
MeeGo and other Linux embedded issues will be discussed at the upcoming Linux Foundation Collaboration Summit in San Francisco. More information on the meeting can be found at http://events.linuxfoundation.org/.
The Linux Foundation's MeeGo project welcomes contributors and encourages developers and others to get involved at the site or find out more about joining the Linux Foundation at http://www.linuxfoundation.org/meego/. Moblin and Maemo contributors are encouraged to participate at http://www.meego.com/.
Linux Foundation Launches Free Training Webinars for Linux Pros
Starting in March, the Linux Foundation has been offering free Linux Training webinars taught by well-known Linux developers. This is an opportunity to learn directly from key developers and to sample some of the courses offered through their Linux training program.
Here's a list of upcoming training webinars:
- "How to Work with the Linux Community" by LWN.net editor and kernel
developer Jon Corbet;
- "Introduction to Embedded Linux" by author Jerry Cooperstein;
- "An Introduction to Git" by kernel maintainer and TAB chair James
Bottomley;
- "Linux System Troubleshooting and Tuning" and "Linux Administration
101" by Linux author and community manager Joe "Zonker" Brockmeier;
- "Linux Filesystem Overview" and "Linux Virtualized Storage" by
kernel developer Christoph Hellwig;
- "Btrfs: An Intro and Update" to the new file system by project lead
Chris Mason;
- "Linux Performance Tuning" by kernel developer Ted Ts'o.
The Linux Foundation is also adding sessions for those interested in embedded Linux development. This is from Amanda McPherson's Linux Foundation blog:
"...we announced a free webinar series to help connect developers to the experts they need to advance their careers. Based on the demand we're seeing in light of these recent announcements, we are announcing a new free training webinar on embedded Linux. In this free webinar, you will receive the basics of embedded Linux development and get an overview of best practices. This is a fantastic opportunity to learn about a very hot area in technology."
More information is available here: http://training.linuxfoundation.org/lp/sign-up-for-the-free-linux-training-webinar-series.
IBM Launches Development & Test Cloud Utilizing Red Hat Technology
IBM has selected Red Hat Enterprise Virtualization as a platform in its new cloud computing service for development and test. This means that the Red Hat Enterprise KVM Hypervisor Technology is a major part of the IBM Cloud.
"Our decade-long partnership with Red Hat has always been focused on customer value and innovation. Today, we are extending this partnership to include cloud computing..." said Maria Azua, vice president of Cloud Computing Enablement at IBM. "Red Hat Enterprise Virtualization is an optimal hypervisor technology for the infrastructure offerings on the IBM cloud."
Red Hat first announced plans to deliver Red Hat Enterprise Virtualization in February 2009. In November 2009, Red Hat Enterprise Virtualization for Servers was released, providing its customers with a cost-effective choice in the virtualization market. Red Hat Enterprise Virtualization offers very recent technology for the deployment of open cloud computing infrastructures.
Scott Crenshaw, vice president and general manager, Cloud Business Unit at Red Hat said, "Together, Red Hat and IBM aim to break down barriers to virtualization and cloud adoption by providing customers with a stable and robust environment to meet their enterprise applications requirements. We believe that combining Red Hat Enterprise Virtualization software with IBM's server, storage and network hardware, plus IBM's well-known enterprise support and services, as the foundational components of IBM's cloud infrastructure offers a compelling application environment for customers".
For more information about Red Hat and cloud computing, visit http://www.redhat.com/solutions/cloud/.
For more information about IBM's cloud computing products and services, visit http://www.ibm.com/cloud/.
Conferences and Events
- User2User - Mentor Graphics User Group
-
April 6, Marriott Hotel, Santa Clara, CA
http://user2user.mentor.com/.
- Ethernet Europe 2010
-
April 12 - 13, Marriott Grosvenor Square, London, UK
http://www.lightreading.com/live/event_information.asp?event_id=29206/.
- Black Hat Europe 2010
-
April 12 - 15, Hotel Rey Juan Carlos, Barcelona, Spain
http://www.blackhat.com/html/bh-eu-10/bh-eu-10-home.html.
- Texas Linux Fest
-
April 10, Austin, TX
http://www.texaslinuxfest.org/.
- MySQL Conference & Expo 2010
-
April 12 - 15, Convention Center, Santa Clara, CA
http://post.oreilly.com/rd/9z1zsrga27oif4odllegr62hds4rs0sg7jrfo5r0b28/.
- 4th Annual Linux Foundation Collaboration Summit
-
co-located with the Linux Forum Embedded Linux Conference
April 14 - 16, Hotel Kabuki, San Francisco, CA
[by invitation only]
- eComm - The Emerging Communications Conference
-
April 19 - 21, Airport Marriott, San Francisco, CA
http://america.ecomm.ec/2010/.
- Cloud Computing Conference / Virtualization Conference
-
April 19 - 21, Javits Convention Center, New York, NY
http://cloudcomputingexpo.com/.
- STAREAST 2010 - Software Testing Analysis & Review
-
April 25 - 30, Orlando, FL
http://www.sqe.com/STAREAST/.
- Usenix LEET '10, IPTPS '10
-
April 27, 28 - 30, San Jose, CA
http://usenix.com/events/.
- USENIX Symposium on Networked Systems Design & Implementation (USENIX NSDI '10)
-
April 28 - 30, San Jose, CA
At NSDI '10, meet with leading researchers to explore the design principles of large-scale networked and distributed systems. This year's 3-day technical program includes 29 technical papers with topics including cloud services, Web browsers and servers, datacenter and wireless networks, malware, and more. NSDI '10 will also feature a poster session showcasing early research in progress. Don't miss this unique opportunity to meet with premier researchers in the computer networking, distributed systems, and operating systems communities.
Register by April 5 and save! Additional discounts are available!
http://www.usenix.org/nsdi10/lg/
http://www.usenix.org/nsdi10/lg/
- Citrix Synergy-SF
-
May 12 - 14, San Francisco, Ca
http://www.citrix.com/lang/English/events.asp.
- Black Hat Abu Dhabi 2010
-
May 30 - June 2, Abu Dhabi, United Arab Emirates
http://www.blackhat.com/html/bh-ad-10/bh-ad-10-home.html.
- Southeast Linuxfest (SELF 2010)
-
June 12 - 13, Spartanburg, SC
The Southeast LinuxFest is a community event for anyone who wants to learn more about Linux and Free & Open Source software. It is part educational conference, and part social gathering. Like Linux itself, it is shared with attendees of all skill levels to communicate tips and ideas, and to benefit all who use Linux/Free and Open Source Software. The Southeast LinuxFest is the place to learn, to make new friends, to network with new business partners, and most importantly, to have fun!
Register today (FREE to attend)! Book your hotel room now and save!
http://www.southeastlinuxfest.org/registration/form/
http://www.southeastlinuxfest.org
- Über Conf 2010
-
June 14 - 17, Denver, CO
http://uberconf.com/conference/denver/2010/06/home/.
- Semantic Technology Conference
-
June 21 - 25, Hilton Union Square, San Francisco, CA
http://www.semantic-conference.com/.
- O'Reilly Velocity Conference
-
June 22 - 24, Santa Clara, CA
http://en.oreilly.com/velocity/.
Distro News
NexentaStor Community Edition 3.0 Released
NexentaStor Community Edition 3.0 has been released. This release stems from the combined community efforts of Nexenta Partners and Nexenta users.
Now with many new features, NexentaStor CE is called the 'most complete' and feature-rich free unified storage solution.
This is a major NexentaStor release, with improved hardware support and many bug fixes.
Summary of New Features:
- ZFS additions: Deduplication (based on OpenSolaris b134);
- Free for up to 12 TB of 'used' storage;
- Community edition supports easy upgrades;
- Many new features in the management interface;
- Integrated search.
Get the ISO and also the VMware releases here: http://www.nexentastor.org/projects/site/wiki/CommunityEdition/.
openSUSE 11.3 Milestone 4 Release
The fourth of seven scheduled milestone releases for 11.3 was completed and released on schedule. Milestone 4 focuses on switching to upstart as init daemon.
Here are some updates in the new release:
- OpenOffice.Org has been updated to 3.2.1 Beta1 with new features;
- NetworkManager has been updated to version 0.8;
- The conntrack-network filtering system has been added. These
are userspace tools that allow system administrators interact with the
Connection Tracking System, which is the module that provides stateful
packet inspection for iptables;
- The Mono stack has been updated to release 2.6.3 together with
monoDevelop 2.2.2;
- The Moblin team has started with the integration of the Moblin
UI into the distribution and plan to have everything ready for the
next milestone;
- The LiveCDs have virtualbox guest tools. Now features like screen resizing, seamless mode, and shared clipboards work automatically after boot-up.
Grab the milestone release from http://software.opensuse.org/developer.
Ubuntu 10.04 LTS Beta 1 released
The Ubuntu team has announced the first beta release of Ubuntu 10.04 LTS (Long-Term Support) Desktop, Server, and Netbook editions and of Ubuntu 10.04 Server for Ubuntu Enterprise Cloud (UEC) and Amazon's EC2. Codenamed "Lucid Lynx", 10.04 LTS continues Ubuntu's open source technologies into a high-quality, easy-to-use Linux distribution.
Ubuntu 10.04 LTS Desktop and Netbook Editions continue the trend of ever-faster boot speeds, with improved startup times and a streamlined, smoother boot experience.
Ubuntu 10.04 LTS Server Edition provides better integration of the Ubuntu Enterprise Cloud, with its install-time cloud setup. Ubuntu 10.04 LTS Server for UEC and EC2 brings the stability of the Ubuntu Server Edition to cloud computing, whether on Amazon EC2 or an internal Enterprise Cloud.
Desktop features include built-in integration with Twitter, identi.ca, Facebook, and other social networks with the MeMenu in the panel; new notification area, new themes, new icons, and new wallpaper; Ubuntu One Music store.
Please see http://www.ubuntu.com/testing/lucid/beta1/ for details.
Server features include the Ubuntu Enterprise Cloud installer with support of alternative installation topologies (and is now powered by Eucalyptus 1.6.2 codebase); official Ubuntu Server image releases for UEC and for Amazon's EC2; improvements over Ubuntu 8.04 LTS in safety and security for the next five years, including AppArmor profiles for many key services, kernel hardening, and an easy-to-configure firewall.
Ubuntu Netbook features include optimization to run on Intel atom based netbooks; a new consumer-friendly interface that allows users to get on-line and use their favourite applications; plus the same faster boot times and improved boot experience as Ubuntu desktop.
Kubuntu 10.04 LTS will be the first LTS to feature KDE 4 Platform and Applications. This release is focused on bug fixing and stability, but adds features such as touchpad configuration, Firefox KDE integration, Kubuntu notification improvements, and cross-desktop systray menu standardisation. Kubuntu features the Plasma Desktop while Kubuntu Netbook Remix comes out of preview status with the Plasma Netbook workspace.
See https://wiki.kubuntu.org/LucidLynx/Beta1/Kubuntu/ for more details.
Mythbuntu 10.04 introduces MythTV 0.23. This new version is significantly faster and should feel more responsive and stable than older versions. It also integrates better into the OS.
Please see http://www.mythtv.org/wiki/Release_Notes_-_0.23/ for more details about changes introduced in 0.23. See http://mythbuntu.org/10.04/beta/ for information about the Mythbuntu beta release.
To upgrade to Ubuntu 10.04 LTS Beta 1 from Ubuntu 9.10 or Ubuntu 8.04 LTS, follow these instructions: https://help.ubuntu.com/community/LucidUpgrades/.
Software and Product News
Latest Oracle Lite Synchronizes with Open Source SQLite
With the new version of Oracle Database Lite, mobile users gain continuous access to enterprise data even in the absence of a network connection. New in this release of Oracle Database Lite is the ability to bi-directionally synchronize data between the open source SQLite database and the Oracle Database.
This release also provides centralized user and device provisioning and management of SQLite-based mobile applications, allowing disconnected users to have an experience virtually identical to users who are connected.
Oracle Database Lite consists of Oracle Database Lite Client, a small-footprint SQL database that runs on many devices and platforms and can be bi-directionally synchronized with an Oracle Database server and Oracle Database Lite Mobile Server, which enables mobile users and devices to operate in occasionally connected environments, periodically synchronizing with a back-end database server.
The Oracle Database Lite Mobile Server can also be used to provision SQLite-based applications, devices on which these applications run, and users of these applications. User authentication on client devices can use a Common Access Card.
"Oracle Database Lite's Mobile Server is a great tool for data synchronization in large scale enterprises," said Zdravko Mandic, manager Research and Development, Infoart d.o.o. "Our implementation, which consists of more than 1500 client devices, would have hardly been possible without it. Oracle Database Lite works silently, in the background, synchronizing huge amounts of data to our central Oracle Database and vice versa. This automatic synchronization, combined with great device management, is essential to keeping such large deployments healthy and helps enable enterprises to stay up and running all the time."
Oracle Releases Updated Berkeley DB with Android Support
Oracle has released Oracle Berkeley DB, the small-footprint, open source embeddable database engine for mission-critical 'edge' applications. This new version introduces a new SQL API, based on SQLite, which is familiar to a large developer community and helps simplify application development.
New features include support for JDBC and ODBC connections to Oracle Berkeley DB. In addition, Oracle Berkeley DB 11g Release 2 introduces support for the Android platform, allowing developers to develop and deploy a wide range of applications on mobile devices.
Unlike traditional stand-alone databases, Berkeley DB runs directly in the application that uses it, enabling applications to execute faster in embedded environments such as handsets and mobile devices.
Key new features and benefits include:
- New SQL API;
- SQLite Tools Integration making it easier to develop, deploy, and
manage Berkeley DB applications;
- Flexible configuration including the library, cache size, database
location and transactions under the control of embedding application;
- Improved SQL concurrency using the Berkeley DB fine-grained locking
mechanism and write-ahead logging;
- Simplified Data Synchronization using the Oracle Database Lite Mobile Server.
"Oracle Berkeley DB's new SQLite-compatible SQL API offers powerful features for its users and the SQLite community at large. The combination of the two technologies provides developers with tremendous flexibility in that a single SQL/API can now be used across a broad spectrum of applications. Oracle has done a fantastic job of not only integrating the technologies, but also being an exemplary participant in the open source community by contributing time, expertise and resources to the SQLite project," said Mike Owens, author of "The Definitive Guide to SQLite."
Oracle Berkeley DB 11g Release 2 was available for download on March 31, 2010.
Red Hat Extends Its SOA Platform For Cloud Adoption
At EclipseCon in March, Red Hat announced JBoss Enterprise SOA Platform 5.0, a major update to its JBoss Enterprise Middleware portfolio. JBoss Enterprise SOA Platform 5.0 is an IDE that integrates applications, services, transactions, and business process components into an architecture for automating business and IT processes.
JBoss Enterprise SOA Platform 5.0 includes an updated enterprise services bus with enhanced protocol listeners, Web services integration, and a new rules engine that can be managed by JBoss Enterprise BRMS (business rules management system).
Also expanding Red Hat's middleware portfolio is JBoss Developer Studio 3.0. This platform now includes support for all of the JBoss Enterprise Platforms; JBoss Enterprise Application Platform, SOA, Portal and Data Services platforms. Additionally, the toolset is built on the latest major release of Eclipse 3.5, and includes new development capabilities for building SOA services and data transformation tools for developing enhanced integration services.
To expand the use of cloud-based applications and services, the JBoss Enterprise SOA Platform integrates applications and services in cloud and on-premise deployments. Cloud-based IT has the potential to further increase business process automation.
"Application development within the SOA-equipped enterprise has evolved significantly over the past two years, demanding a more eclectic and flexible arsenal of expertise and matching tools," said Brad Shimmin, Principal Analyst Application Infrastructure at Current Analysis. "Services and their underlying data must be considered together, as do cloud and premise deployments, as do rich internet applications and complex integrated services. JBoss Developer Studio 3.0 melds these disparate concerns using the agility of the Eclipse 3.5 platform and a broad quiver of supported frameworks that includes RichFaces, Seam, Spring, Struts and GWT."
Red Hat featured both JBoss Enterprise SOA Platform 5.0 and JBoss at Eclipsecon 2010 in Santa Clara, CA. For additional information on JBoss Developer Studio 3.0 and to download an evaluation copy, visit http://www.jboss.com/products/devstudio/.
Talkback: Discuss this article with The Answer Gang
Deividson Luiz Okopnik
Deividson was born in União da Vitória, PR, Brazil, on 14/04/1984. He became interested in computing when he was still a kid, and started to code when he was 12 years old. He is a graduate in Information Systems and is finishing his specialization in Networks and Web Development. He codes in several languages, including C/C++/C#, PHP, Visual Basic, Object Pascal and others.
Deividson works in Porto União's Town Hall as a Computer Technician, and specializes in Web and Desktop system development, and Database/Network Maintenance.
Howard Dyckoff
Howard Dyckoff is a long term IT professional with primary experience at
Fortune 100 and 200 firms. Before his IT career, he worked for Aviation
Week and Space Technology magazine and before that used to edit SkyCom, a
newsletter for astronomers and rocketeers. He hails from the Republic of
Brooklyn [and Polytechnic Institute] and now, after several trips to
Himalayan mountain tops, resides in the SF Bay Area with a large book
collection and several pet rocks.
Howard maintains the Technology-Events blog at
blogspot.com from which he contributes the Events listing for Linux
Gazette. Visit the blog to preview some of the next month's NewsBytes
Events.