If you're new here, you may want to subscribe to our RSS feed. Thanks for visiting!

Secunia discovered in VLC, free software for reading and audio / video, a loophole described as critical. An attacker could take it through the control of a remote computer. We must be wary with the .WAV files pending the patch.

VLC Media Player software is well known for his performance as a multi-player video. Integrating directly libraries FFMPEG project, the software did not need codecs to read the majority of videos available on the Web. Free Software and multiplateformes, VLC also supports many audio formats, DVD, (S) VCD, streaming via MMS or RTSP protocols … It enables video capture but does not stop at mere reading. VLC is indeed capable of ensuring the role of broadcast server, transcodant flow generated by multiple codecs output.

The company Secunia has just discovered a loophole described as “highly critical” (4 / 5) in the latest version of VLC under Windows. It is possible that earlier versions are also affected. The open function () module WAV VLC allows indeed an integer overflow. Specifically, if a user opens a file .WAV in VLC specially designed to exploit the loophole, arbitrary code could be executed and the attacker could take control of the remote computer.

Given that the patch is not yet available in the stable, Secunia recommends to be very careful with .WAV files executed with VLC and update as soon as possible software to version 0.8.6i, which will correct the flaw.

First update maintenance for the distribution of GNU / Linux Ubuntu 8.04 to support long-term. More than 200 upgraded, and therefore bugs and security problems corrected to consider a deployment including more serene.

After the official launch of Ubuntu 8.04 at the end of April, some voices raised to criticize a somewhat hasty exit with a product suffering from several bugs that are not very serious for a distribution due robust as the heron (Hardy Heron) and moreover affublée the label LTS, distinctive sign of its medium to long term. An asset seduction to encourage the establishment of Ubuntu in the workplace.

The sponsor Canonical and has been trapped by a development cycle of 6 months, ignoring lift bugs that have accumulated in April, and Ubuntu 8.04 was the victim without being always the cause (but sometimes all same). Mark Shuttleworth has seemingly drawn the conclusions, declaring war on all the bugs of the free world without exception, and promise a better rebound patches concocted by the Ubuntu community for the whole community of free, - understood that this is not yet the case … This leaves pensive.

But today it is almost a new beginning for Ubuntu 8.04 LTS with the publication of an updated maintenance 8.04.1, always LTS course. More than one update, it is updated several times with those of more than 200 software packages included in the installation media. Indeed, the stability of the product is being increased, as its security.

Ubuntu 8.04 LTS + 1
Among the updates that Firefox with the latest proposed version 3.0 directly instead of the beta version, correcting a problem with the customer Samba to enable new LAN Manager authentication with old versions of Windows servers, or the correction of various problems with the interface FUSE in the new virtual file system that prevented GNOME network access to shared files. More details are available in the official announcement.

Remember that users who have already made Ubuntu 8.04, it does make a new facility. In carrying out regular updates of their system, the latter must be level with Ubuntu 8.04.1, which can be downloaded from this address. The support of Ubuntu 8.04 LTS expires in April 2011 for the Desktop, and April 2013 for the Server version.

The office suite OpenOffice.org will soon be able to edit PDF files via an extension concocted by Sun Microsytems. First tests by both governments beta for the extension for the office suite with its version 3.0.

The next version of the free OpenOffice.org office suite is scheduled for September 2008 with a version 3.0 which will bring a lot of improvements, including the level of integration within the operating system which serves as host, OOo for being multi-platform reminder that the rest will take even more meaningful with a native support in Mac OS X (without resorting to X11).

A compatibility will be provided with documents in Open XML format used by default in Microsoft Office 2007 and beyond, extensions will add other features. This is notably the case of an extension developed by Sun Microsystems, providing features for editing PDF files.

Soon modifying PDF files with OOo
Obviously under the free, this extension allows you to import PDF documents which will open within the scope of design or presentation of OOo, preserving the formatting of course, and allowing some features for basic hour d ‘edition (provided you have the rights alteration).

Sun recommends using its extension, which is a version 0.3 of development for tasks publishing relatively modest change of dates, numbers or small portions of text. Once these changes, export can be done in a PDF file said hybrid, namely a file with parties in PDF and ODF parties. The advantage is that this type of file can be opened with the word processor of OOo for example, while a PDF reader type Adobe Reader will flout the party ODF and treat the file as a PDF conventional.

Sun promises to very quickly over editing and management of import directly into Writer. Note however that the PDF forms can not yet be imported through this extension beta, which other point of importance can not be tested with the beta 2 version of OpenOffice.org 3.0.

Download the beta 2 of OpenOffice.org 3.0
Download the extension of Sun for publishing PDF

The seller of commercial distributions GNU / Linux Xandros bought its competitor Linspire. Given the large number of systems and existing versions, this kind of rapprochement is never easy. However, the two publishers are both based on Debian, using KDE and make ease of use and compatibility with Windows applications part two of their main objectives.

While Linspire was not officially for sale, we learn the takeover of the Californian firm by the Canadian company Xandros Corp.. The principal shareholders of Linspire have indeed decided to sell all possessions Linspire: commercial distribution of the same name but also the community and Freespire installer Click’n Run, appreciated for its simplicity of use . According to Carmony, a former chairman of Linspire party in July 2007, Linspire would have been mismanaged over the past ten months, to the point of being sold off at -80% of its value earlier.

Linspire had previously hit the headlines in his trial facing Microsoft. The Linux distribution at the time, based on Debian, called Lindows and was attacked by the editor of Redmond for a name considered too close to hers. It must be said that the company called the compatibility with various Windows programs, thanks to a program based on Wine. Even if Lindows had won the first trial, the company has preferred to find another name to avoid cumbersome court procedures.

Linspire is a distribution fee GNU / Linux, which focused on ease of use. In 2006, Linspire created the free distribution Freespire, mimicking the model and Community Development with Fedora Red Hat or Novell with openSUSE. In February 2007, Linspire has decided to rely on Ubuntu rather than Debian for its future versions. Finally, in July 2007, Linspire announced that it has signed agreements with Microsoft aimed interoperability but also providing legal protection to users of its products. These agreements are close to those who are still underway between Novell and Microsoft.

If Based on statistics provided by Distrowatch popularity, Linspire has plummeted in recent months from the 62nd spot for the last twelve months the 84th for the last quarter. At the same time, Freespire also saw his popularity drop by the 27th to 48th place. If these statistics are based solely on the number of page views a detailed distribution and do obviously not a perfect indicator, it tends to confirm that the two versions of Linspire failed to attract a critical mass of developers or draw their pins playing in a field in constant evolution.

Xandros
Note that another company has also concluded similar agreements with Microsoft: Xandros Corporation. This company sells GNU / Linux distributions based on the defunct Corel Linux and Debian. Different versions of Xandros Linux are intended for use both family and professional. They are also the ease of use. They include proprietary software, CrossOver, a program based on Wine and offering compatibility with some of the flagship applications for Windows. Xandros has been included in the EeePC of ASUS. Although Xandros is not so far among the first distributors GNU / Linux, its popularity last year remained stable, turning around the 35th spot, according to Distrowatch.

This acquisition seems in any case not against nature insofar as the two companies seem to sell distributions to close objectives. Both are derived distant family Debian and foremost use the KDE desktop. As to what will happen in the name of the new entity, but also the community distribution Freespire, it would require a few weeks of patience.

Panda Security is preparing to launch its new security solutions and offers its users to test free time to phase beta test.

The computer security company Panda Security has just communicate on the launch of Panda Antivirus Pro 2009 and Panda Internet Security 2009, the next versions of its antivirus solution and its suite of Internet security for the operating systems Windows XP and Windows Vista . They will be available by late summer.

Pending marketing, Panda Internet Security offers a free trial of the beta versions, while receiving regular updates. The beta-testers who will back incidents will also benefit from a 50% discount on the price of the final version.

The term “indicent”, it is understood “a failure or error occurs during the installation process, uninstall or operation of the virus. The incidents may relate to problems of interaction with other programs , Error detection or errors to update the product.” However, it is clearly stated that “comments on the aesthetics or the friendliness of the solution are regarded as suggestions and do not therefore fall within the definition of incidents”.

For those interested, they can go to this page to participate in beta-test.