HTNet - A Notepad of Tech, Business, Science and Self Improvement

The people at CNET have compiled a Top 10 Web Fads list for our consumption.

Some are predictable memes such as AYBABTU, Friendster, Ellen Feiss and The Star Wars Kid. However, in all honesty, I know jack about the top two sites; Hampsterdance and Mahir (partially offline at the moment, images have been taken off).

I’m suprised that the Goatse guy nor Tubgirl made it on the list. Probably because CNET is covering memes that are safe for work only

Wow, multiple security update in one day. Details of the updates are as follows:

Read the rest of Slackware Security Updates: Mozilla, kdenetwork, fetchmail, zlib and gxine »

Like I mentioned in the last WCS, I got some news to share. Yeah, I know that I said it’ll be made known on Tuesday, but guess what… I lied. Heh!

Anyway, Tuesday was my last day with SSD. I really enjoyed working with the highly experienced and knowledgable people there, however, I would very much prefer the direction of my career to head towards IT. I find my experiences being the Operations Manager at SSD to be a highly rewarding one. I’m a much better person today than I was before joining SSD.

I guess some of you might ask, “What are you doing now?”. Well, I’m now working as an Analyst Programmer at a company which I wouldn’t want to name at present. I’m currently under probation, so probably when my employment is confirmed, I would be more comfortable to reveal my new employers

So far, I’ve been working for two days… and I must say it sure feels “different” to (again) be working in a “big” company. But hey, I got a company laptop… how’s that for corporate perks! I’ll update more when I feel comfortable doing so

Straight to the issues, I received two emails from Slackware Security mailing list detailing the following issues (italicised text is added myself):

New emacs packages are available for Slackware 10.1 and -current to (fix) a security issue with the movemail utility for retrieving mail from a POP mail server. If used to connect to a malicious POP server, it is possible for the server to cause the execution of arbitrary code as the user running emacs.

New dnsmasq packages are available for Slackware 10.0, 10.1, and -current to fix security issues. An off-by-one overflow vulnerability may allow a DHCP client to create a denial of service condition. Additional code was also added to detect and defeat attempts to poison the DNS cache.

More details about these issues may be found in the Common Vulnerabilities and Exposures (CVE) database:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0876
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0877

There are also tons of updates for Slackware-current, including heavy stuff like the glibc packages. You can use the Slackware package browser to obtain an updated version of these packages for your Slackware installation. Lazier and smarter people like me will use updating tools such as Swaret or slapt-get

It seems that the recent Firefox, Thunderbird and the Mozilla Suite security updates may have caused some problems with third party extensions.

C|Net news has coverage on this issue. As a consequence of this impending update, developers have been asked to temporarily halt their localisation efforts. This seems to have caused a storm in the dev circle, here’s a quote from the C|Net article:

“We are getting lots of e-mails from Firefox users in Poland asking us about why isn’t Firefox 1.0.5 available in Polish,” wrote one developer in the localization newsgroup.

“A few days more, and it’s gonna be a big public relations disaster for Firefox outside the U.S.A.,” the developer added.

Another developer attacked the foundation in its bug-reporting forum.

“Tens of millions of users are still using 1.0.4 while critical security bugs are already published after en-US (U.S. English) 1.0.5 release,” the developer wrote.

At the time of this post, both the Firefox, Thunderbird and Mozilla web sites have yet to update the download link to point to the new versions.