From LinuxWorld.com: “In the second part of a two-part interview, Bob Young discusses the likelihood that Red Hat, which has not yet shown a profit, will continue funding programs like GNOME. He also says that individual members of the open source community have little in common, and draws contrasting pictures of himself and Eric Raymond.”

“Linux is mainstream. No, really. Everywhere I look, not only are Linux and open source equated, but the masses of punditry seem to be embracing it all with great fervor. This is a good thing; it’s just weird from my perspective because there’s so much more to open source software than Linux.” Complete article at ZDNet News.

“Topi Miettinen audited elvis-tiny and raised an issue covering the use and creation of temporary files. Those files are created with a predictable pattern and O_EXCL flag is not used when opening. This makes users of elvis-tiny vulnerable to race conditions and/or data lossage. This problem has been fixed in version 1.4-10 and we recommend that you upgrade your elvis-tiny packages immediately.” Full security advisory available at LWN.net.

Have you heard about the packaging system included with Debian? Are you at a loss to figure out how to actually use these new tools? Debian Planet’s users explain it all.

ZDNet’s Todd Spangler mulls over the latest developments with the online music sharing service: “EMusic President and Chief Executive Gene Hoffman, for one, believes Napster is being disingenuous. “It seems Napster would rather shut down user accounts than to deal directly with the problem of illegally distributed files,” Hoffman said. EMusic said it tried to negotiate a more “consumer-friendly way” to resolve the dispute between the two companies, but Napster refused to cooperate.””

“The Debian GNU/Linux xmcd package has historically installed two setuid helpers for accessing cddb databases and SCSI cdrom drives. More recently, the package offered the administrator the chance to remove these setuid flags, but did so incorrectly.” Full details at LWN.net.

The advisory is at LWN.net: The version of the ncurses library shipped with Debian GNU/Linux 2.2 is vulnerable to several buffer overflows in the parsing of terminfo database files.

ZDNet’s LinuxDevices.com interviews Eric Lee, President and CEO of Esfia, Asia’s newest maker of embedded Linux products.

Linux Orbit’s editor-in-chief walks readers through the process of installing PCMCIA cards and drivers not supported by Linux on two different computer. The first machine is a Toshiba Satellite P5; the second is a Quantex 1500.

Oracle
developers are in for a treat this Thanksgiving holiday — free CDs. Due to
unprecedented success of the Oracle Technology Network (OTN) free CD sampler
program, Oracle will continue to offer OTN members free CDs of Oracle’s
industry-leading software including Oracle8i(TM), Oracle JDeveloper, Oracle
Portal, and much more. Launched nearly one year ago, more than 200,000 OTN
members have already taken advantage of the free CD sampler program.
Developers interested in ordering the free CD samplers can do so by joining
the Oracle Technology Network for free.