Opensource.com is running an
interview with Michael Tiemann. "Make no mistake: For Tiemann, open source is not simply a business model. It's not just a method of developing software. It isn't an ethic. It's a Platonic form—perhaps something like a force, a tendency. Throughout history, many people have tried to glimpse it, if only for a moment.
For better or for worse, forks are a part of the free software landscape.
Often a fork will result in a reinvigorated development community and the
removal of unneeded roadblocks. But not all forks work out well. What is
a distributor to do if, at some point, it concludes that it chose wrongly
when it followed a fork of an important project? Going back to the
original may not always be an easy thing to do, even if there appears to be
a consensus for that move. The presence of security concerns can make such
a change even harder to contemplate.
CentOS has updated yum-updatesd
(C5: bypass RPM package signing restriction).
Debian has updated icedove (multiple vulnerabilities).
Red Hat has updated yum-updatesd
(RHEL5: bypass RPM package signing restriction).
Scientific Linux has updated yum-updatesd (SL5: bypass RPM package signing restriction).
CyanogenMod 11.0 M9 has been released. "This release marks the first ever (non-nightly) release for the Xperia Z2 ‘sirius’, Xperia Z2 Tablets ‘castor’ and the HTC One ‘m8′ – kudos to their maintainers and all the other maintainers that bring you these releases every month!"
Mozilla has just disclosed
a problem with its Mozilla Developer Network database sanitization
system. "The issue came to light ten days ago when one of our web
developers discovered that, starting on about June 23, for a period of 30
days, a data sanitization process of the Mozilla Developer Network (MDN)
site database had been failing, resulting in the accidental disclosure of
MDN email addresses of about 76,000 users and encrypted passwords of about
4,000 users on a publicly accessible server."
The XBMC media center will be renamed Kodi. "Six
years have passed since the Xbox Media Center became XBMC, and simply put,
“XBMC” fits less now than it did even in 2008. The software only barely
runs on the original Xbox, and then only because some clever developers are
still hacking on that platform. It has never run on the Xbox 360 or Xbox
One." Trademarks were another reason for name change. The project
was unable to trademark XBMC, leading to issues with hacked and broken
implementations of the software being sold as "XBMC".
The Samba Team has put out an important-looking set of releases. "All current versions of Samba 4.x.x are vulnerable to a remote code
execution vulnerability in the nmbd NetBIOS name services daemon.
A malicious browser can send packets that may overwrite the heap of
the target nmbd NetBIOS name services daemon. It may be possible to
use this to generate a remote code execution vulnerability as the