The advisory’s at LWN.net: There are several security problems in ypbind, the daemon used by
NIS clients for binding to their NIS server(s). First, there is a
potential buffer overflow; it is not clear whether it is possible
to exploit it at all. Second, there is a denial of service attack
against ypbind that can make it run out of file descriptors.

It’s at Linux Journal, of course. Is your project on the list?

The advisory is at LWN.net: The ncurses library is used by many text/console based applications
such as mail user agents, ftp clients and other command line utilities.
A vulnerability has been found by Jouko Pynnnen
in the screen handling functions: Insufficient boundary checking leads
to a buffer overflow if a user supplies a specially drafted terminfo
database file. If an ncurses-linked binary is installed setuid root,
it is possible for a local attacker to exploit this hole and gain
elevated privileges.

From a press release at LinuxPR: Matra Datavision and SGI France announce the
joint promotion of a powerful development combination of Open
CASCADE open source 3D modeling components and Silicon Graphics
230 Visual Workstation platforms using the SGI ProPack 1.2 OpenGL
driver for Linux systems. This combination will allow CAD/CAM/CAE,
AEC and GIS developers and users on Linux platforms to obtain viewing
results for complex 3D models on a level with those of top-performance
Unix and Windows NT platforms.

Without any evidence whatsoever, Salon.com suggests the Open Source community has a motive: “The antagonistic dynamic that exists between
Microsoft and free-software hackers is
unavoidably obvious to anyone who has been
following the growth of open-source software
over the past few years … In
Europe, distaste for and distrust of
out-of-control American capitalism are widely
acknowledged motivating forces for
free-software hacking. Open vs. proprietary — it’s the good vs.
evil foundation of the hacker worldview. Hatred of Microsoft
keeps some hackers up at night, plotting their own software-led
world domination.”

LinuxMedNews posts this letter to the American Medical Association: “The future calls. Opportunity knocks. The song of hope sings: free and open
source medical software may become abundant in the near future and has
the best 1, 2, 3 chance for making the reach of medicine exceed its grasp. It
simply requires leadership in the form of funding, acceptance and
widespread advocacy of these efforts. The seeds of the future are sown, but
it won’t change overnight. Generational change is what’s occurring. Over
and over again the free and open way has succeeded in the past. While
closed-source efforts have yielded fragmentation, non-existence, or
expensive failure.”

Ok, so this has little to do with Open Source, but it’s funny. The humor site, Segfault, has a bogus graph of marijuana users by type of computers they use. “Gateway” comes out on the low end.

Popular Power has posted a preview release of client software that lets Macintosh users participate
in the company’s distributed computing system, from MacWEEK. Popular Power released a Windows client in April and a Linux version in July, and plans future
releases for Solaris and BSD Unix.

Linux PR: Akopia, the world’s leading
provider of open source e-commerce software and services announced
today the release of Interchange 4.6, software that increases efficiency,
improves productivity and simplifies the management of e-commerce.TechWeb has a full story.

The Standard reports, layoffs, no-shows and gallows humor give a Halloween mood to this year’s
conference.