BusinessWire: “At LinuxWorld New York, NuSphere is showcasing a new Linux-based version of its award-winning Nusphere(R) PHPEd(TM) product, an IDE (Integrated Development Environment) that integrates the scripting language PHP and a comprehensive set of editing, debugging and deployment tools to speed development time by up to 75 percent and significantly reduce time-to-market.” Read more here.

MozillaQuest Magazine (MozillaQuest.com) reports: “Not all wireless-network PC Card adapters are supported for the Linux operating system (OS) by their manufacturers . . . Even if you have either a vendor or third-party supplied Linux driver for a wireless-network PC Card, getting that wireless PC Card to work with your Linux installation can be tricky . . .Today, we successfully use a third-party driver to run a wireless-network PC Card on a Linux-based notebook computer. An important Part of doing this is editing the PCMCIA startup-script. That’s necessary so the Linux boot process will automatically load the wireless PC Card at boot time.”
Check this MozillaQuest.com story for the details and full story!

Anonymous Reader writes, “Sharp’s new Linux-based Zaurus PDA is expected to begin hitting retail
shelves this March for a list price $549, a company source told LinuxDevices.com. The model name will be ‘Zaurus SL-5500,’ and it will include 64MB of RAM memory and 16MB of built-in Flash storage memory (in contrast to pre-production devices which had 32MB of RAM). More details are here at LinuxDevices.com.”

Anonymous Reader writes, “Mojolin announces an affiliate program open to linux and unix community webmasters. The full announcement is here:
press release.”

Posted at LWN.net: “The RTAI development team would like to announce the availability
of RTAI 24.1.8 which now includes support for 3 architectures: i386,
PPC and MIPS. With that said, the RTAI development team would
like to remind everyone that the continuing FUD regarding RTAI’s
status in regards to the RTLinux patent is not warranted. To that
effect, the following contains a statement by Eben Moglen, the FSF’s
legal counsel, dismissing any possible doubts about RTAI’s use.”

Anonymous Reader writes, “Scott Wimer, CTO Cylant Software, discusses methods for improving the security of a computer system in spite of their vulnerabilities in order to break out of the current security cycle.

The software you depend on contains security vulnerabilities. Not all of these vulnerabilities have been found yet. Some are known only to ‘black hat’ hackers, a trump card they can play against your organization if and when they choose to.
This is not alarmism. It is an honest and rational statement of the current security risk born by organizations with networked computer systems.” It’s at Linux.box.org.

C|Net reports that Red Hat will begin offering a higher-end
and more specialized version of Linux later this year that won’t be as easy to find as
the current all-purpose package.

IDG News Service reports that Intel and Hewlett-Packard say they will lend support to an
effort to create an Open Source version of Microsoft’s .Net initiative, called Mono.

Advogato.org comments on the Microsoft antitrust settlement. “I believe that it is the responsibility of the Department of Justice, and not Microsoft, to protect the economic interests of the
computer industry by protecting competetion and innovation. The DOJ strongly argued for this position in its suit against
Microsoft, but in its recent settlement it has reversed its position, apparently concluding that what is good for Microsoft is
good for the software industry. If the DOJ truly believes this, then it should appeal the current verdict.”

Yellow Dog: “GNU enscript is a program for converting ASCII files to PostScript(TM). When it creates temporary files, it does so with predictable filenames in a manner that would follow symbolic links. This could allow a local user to overwrite files written by the user running enscript, or read the contents of the temporary files.”

From:	 dburcaw@newhope.terraplex.com
To:	 yellowdog-updates@lists.yellowdoglinux.com
Subject: [yellowdog-updates] Yellow Dog Linux Security Update: YDU-20020127-5
Date:	 28 Jan 2002 01:23:30 -0000

Yellow Dog Linux Security Announcement
--------------------------------------

Package:	enscript	
Issue Date: 	January 27, 2002	
Priority:	medium		
Advisory ID: 	YDU-20020127-5


1. 	Topic:

	Updated enscript packages that fix insecure handling of
	temporary files are available.


2. 	Problem:

	GNU enscript is a program for converting ASCII files to PostScript(TM).
	When it creates temporary files, it does so with predictable filenames in
	a manner that would follow symbolic links. This could allow a local user
	to overwrite files written by the user running enscript, or read the
	contents of the temporary files.
	(from Red Hat advisory)


3. 	Solution:

   	a) Updating via yup...
   	We suggest that you use the Yellow Dog Update Program (yup)
   	to keep your system up-to-date. The following command(s) will
   	automatically retrieve and install the fixed version of
   	this update onto your system:

   		yup update enscript 
 

   	b) Updating manually...
   	The update can also be retrieved manually from our ftp site
   	below along with the rpm command that should be used to install
   	the update.  (Please use a mirror site)

   		ftp://ftp.yellowdoglinux.com/pub/yellowdog/updates/yellowdog-2.1/ppc/
rpm -Fvh enscript-1.6.1-16.2.ppc.rpm


4. Verification

MD5 checksum			  Package
--------------------------------  ----------------------------
3adf8ce857e242d1ef38d85c5d600dad  ppc/enscript-1.6.1-16.2.ppc.rpm
ac8e00d3b93845dd02637723e6668c5f  SRPMS/enscript-1.6.1-16.2.src.rpm

If you wish to verify that each package has not been corrupted or tampered with,
examine the md5sum with the following command: rpm --checksig --nogpg filename


5. Misc.

Terra Soft has setup a moderated mailing list where these security, bugfix, and package
enhancement announcements will be posted. See http://lists.yellowdoglinux.com/ for more
information.

For information regarding the usage of yup, the Yellow Dog Update Program, see 
http://http://www.yellowdoglinux.com/support/solutions/ydl_general/yup.shtml