a lot of things happened today ...
- Kernel 2.4.26 is out .......
- Mandrake 10 Official is out .. available to club members
- Lindows changes name to 'Linspire - story
- a flaw found in Mplayer - the typical buffer overflow.
A remotely exploitable buffer overflow vulnerability was found in MPlayer. A malicious host can craft a harmful HTTP header ("Location:"), and trick MPlayer into executing arbitrary code upon parsing that header.
another news from the register - X is now free of XFree86.
A new version of the X11 windowing system, used by Unix-like operating systems including Linux, will become generally available in ten days time. What's significant about this one is that it's likely to be the one that will face most users in future distributions. Known as X11R6.7, it's the first release from the XOrg consortium, which was originally founded to steer the specification in May 1999, but only recently decided to do something about, citing the glacial pace of development by the XFree86 consortium. XOrg created the XOrg Foundation which is backed by IBM, Sun and HP and blessed by Jim Gettys, one of the authors of the original X11 specification twenty years ago. XFree86 continues to be supported by a clutch of smaller Linux distributions, including Conectiva and Slackware, although the big players including Novell and Red Hat have thrown their weight behind XOrg's efforts.
The new XFree86 license has been in controversial leading to the fork of XFree86 project. The new X.org server is just an enhancement over the latest XFree86-4.4 which was claimed to be incompatible with the GPL license. Searching through the Arch repository, I found that they had placed the package for X.org server in the testing rep. Discussion in the forum also pointed out that there's still no decision by the arch developers whether to use the new server as default in the next arch release. Btw, I'm still running 4.3 version, no planning for upgrade yet. :)
