The Royal Pingdom takes a look at popular websites that use Perl. "Perl has been around since 1987 and became an early darling of web developers. These days, however, you don't hear much about Perl. Everyone seems to be talking about trendier languages like PHP, Python and Ruby, with Perl left in the back as a neglected, not-so-hip cousin. That might lead you to think that Perl is dying, but as it turns out, it's still used by plenty of websites out there, including some pretty big hitters."

A few weeks ago LWN talked with Sam Ramji about the CodePlex Foundation. Since then the Foundation has published its new Project Acceptance and Operation Guidelines (PDF). Andy Updegrove takes a look at the new guidelines. "The Guidelines and recent reviews with Sam also provide more detail on what types of work the Foundation hopes to undertake. I think that two of the projects that are described in the Guidelines can be particularly useful. The first (mentioned earlier) is intended to provide a resource to help developers understand not only what individual OSS licenses say, but how they fit together. Given that open source is usually a mosaic of existing and new code, all of which is then further evolved, it's essential that the licensing rules that apply to composite code are compatible, rather than at internal war with each other. If this resource is well done, it will indeed be useful for hosted and outside projects alike."

A few weeks ago LWN talked with Sam Ramji about the CodePlex Foundation. Since then the Foundation has published its new Project Acceptance and Operation Guidelines (PDF). Andy Updegrove takes a look at the new guidelines. "The Guidelines and recent reviews with Sam also provide more detail on what types of work the Foundation hopes to undertake. I think that two of the projects that are described in the Guidelines can be particularly useful. The first (mentioned earlier) is intended to provide a resource to help developers understand not only what individual OSS licenses say, but how they fit together. Given that open source is usually a mosaic of existing and new code, all of which is then further evolved, it's essential that the licensing rules that apply to composite code are compatible, rather than at internal war with each other. If this resource is well done, it will indeed be useful for hosted and outside projects alike."

Debian has updated kernel (multiple vulnerabilities), kernel (multiple vulnerabilities), kernel (multiple vulnerabilities). Fedora has updated kernel (F11, F10: multiple vulnerabilities), alienarena (F11, F10: buffer overflow), alienarena-data (F11, F10: buffer overflow). Gentoo has updated horde (multiple vulnerabilities). Mandriva has updated firefox (multiple vulnerabilities). Ubuntu has updated libgd2 (multiple vulnerabilities), libhtml-parser-perl (denial of service).

Debian has updated kernel (multiple vulnerabilities), kernel (multiple vulnerabilities), kernel (multiple vulnerabilities). Fedora has updated kernel (F11, F10: multiple vulnerabilities), alienarena (F11, F10: buffer overflow), alienarena-data (F11, F10: buffer overflow). Gentoo has updated horde (multiple vulnerabilities). Mandriva has updated firefox (multiple vulnerabilities). Ubuntu has updated libgd2 (multiple vulnerabilities), libhtml-parser-perl (denial of service).

The Software Freedom Law Center (SFLC) has compiled a summary of some of the main arguments in the Bilski v. Kappos case dealing with software patents. "As a legal services organization for free and open source software (FOSS), we filed a brief in support of the respondent arguing (1) that all software is unpatentable under Supreme Court precedent, (2) that software patenting reduces the level of innovation in software, and (3) that constitutional limitations from the First Amendment prevent Congress from making patent law that covers mental steps, basic ideas, or algorithms."

The H has a report from Linux-Kongress 2009, recently held in Dresden. "Theodore Ts'o said that it is hard to predict which trends will emerge after mobile and cloud computing in two or three years – but that those who can answer this question might become rich. 2010 will (not) be the year of the Linux desktop just like the years before it, said the developer. Ts'o considers developing Linux for desktop PCs a difficult task – while the required improvements to the software stack are in progress, they aren't happening as fast as many people would like, he explained."

Anything Google can do to make Javascript more valuable to you is in its best interests, and the tools described on its blog today are pretty marvelous.

Version 3.5.5 of Firefox has been announced, it includes fixes for several stability issues. "As part of Mozilla's ongoing stability and security update process, Firefox 3.5.5 is now available for Windows, Mac, and Linux as a free download from http://firefox.com/. We strongly recommend that all Firefox users upgrade to this latest release. If you already have Firefox 3.5, you will receive an automated update notification within 24 to 48 hours."

I recently wrote this piece for MSB’S Annual Supplement.. then decided I liked it enough to post it on my Blog.. read more

DesktopLinux.com looks at the results of a study on the percentage of Linux-based netbooks. "ABI Research is projecting that in 2009 Linux will represent 32 percent of netbook sales, far higher than the seven percent figure claimed by Microsoft, says a report. ABI estimates that Linux will overtake Windows on netbooks by 2013, largely due to sales in less-developed countries."

cnet reports that Novell has laid off 3 percent of its employees. "Linux jobs in the United States are booming, up 6 percent since January, according to data from Dice.com. This will come as small consolation to Novell employees, however, which weathered another round of layoffs at the Waltham, Mass.-based company. According to several sources within the company, and confirmed by Novell's public-relations director, Ian Bruce, Novell last week laid off 100 to 130 people of its roughly 3,900 global employees. While my sources indicated that the Workgroup division was particularly hard-hit, Bruce told me that the cuts came "across the company, both geographically and productwise.""

CentOS has updated kernel (multiple vulnerabilities). Debian has updated typo3 (multiple vulnerabilities).

Linux Journal looks at an Australian legal case involving BitTorrent. "The matter at hand is a lawsuit by the Australian Federation Against Copyright Theft — yes, that's AFACT — against iiNet, an Australian internet service provider over the ISP's role in allowing its service to be used for illegal BitTorrent downloading. The basis for the case, according to trial coverage, is an earlier case — concerning photocopies of print books — which held that the University of New South Wales was liable for copyright infringement essentially because they controlled the copiers. AFACT hopes to use the same argument against iiNet, holding it liable for what goes through because it owns the tube."

IBM developerWorks has posted an introduction to the NilFS2 and exofs filesystems. "An interesting aspect of NiLFS(2) is its technique of continuous snap-shotting. As NILFS is log structured, new data is written to the head of the log while old data still exists (until it's necessary to garbage-collect it). Because the old data is there, you can step back in time to inspect epochs of the file system. These epochs are called checkpoints in NiLFS(2) and are an integral part of the file system. NiLFS(2) creates these checkpoints as changes are made, but you can also force a checkpoint to occur."

What I have not seen is any reduction in intensity when I write the word Microsoft, from readers, e-mail correspondents, or the open source people I meet. Why is that, I wonder.

Here are some stunning facts that were published at the end of July in Malaysia: More than 70 percent of Malaysian government offices are running open source software, according to figures released by the country's Open Source Competency Centre. The centre was established as part of the 2004 Malaysian Public Sector OSS Master Plan, to guide and co-ordinate the implementation of OSS in the public sector.read more

The LWN.net Weekly Edition for November 5, 2009 is available.

Jamie Strandboge writes about work he has done to add AppArmor support to sVirt on his blog. "Since virtualization is becoming more and more prevalent, improving the security stance for libvirt users is of primary concern. It was very natural to look at adding an AppArmor security driver to libvirt, and as of libvirt 0.7.2 and Ubuntu 9.10, users have just that. In terms of supported features, the AppArmor driver should be on par with the SELinux driver, where the vast majority of libvirt functionality is supported by both drivers out of the box."

There is a new null pointer vulnerability out there, associated with the pipe code. Updates are beginning to arrive from distributors. LWN subscribers can see this brief article for more information on the issue. CentOS has updated wget (C3: certificate spoofing), kernel (C3: pipe vulnerability and several others), and kernel (C4: pipe vulnerability). Fedora has updated wireshark (F11: three dissector vulnerabilities), rt (F10, F11: JavaScript injection), PyXML (F10, F11: buffer overflow), python-4Suite-XML (F10, F11: denial of service), squidguard (F10, F11: multiple vulnerabilities), mimetex (F10, F11: buffer overflow), and expat (F10, F11: buffer overflow). Fedora has also sent out a cascade of F10 advisories resulting from the latest firefox update: blam, epiphany, epiphany-extensions, evolution-rss, firefox, galeon, gecko-sharp, gnome-python2-extras, gnome-web-photo, google-gadgets, kazehakase, miro, mozvoikko, mugshot, pcmanx-gtk2, perl-Gtk2-MozEmbed, ruby-gnome2, xulrunner, and yelp. Mandriva has updated squidguard (multiple vulnerabilities) Red Hat has updated kernel (RHEL3: pipe vulnerability and several others), kernel (RHEL4: pipe vulnerability), kernel (RHEL5: pipe vulnerability and several others), kernel-rt (RHEL5: pipe vulnerability and several others), and wget (RHEL3-5: certificate spoofing). SUSE has updated firefox (multiple vulnerabilities) and IBM Java 6 (multiple vulnerabilities). SUSE has also warned users that its releases are vulnerable to the pipe null pointer problem, but that producing a kernel update takes them four days.