Press "Enter" to skip to content

OSVDB Shuts Down, Firefox Add-ons Unsafe & More…

FOSS Week in Review

Bubbling beneath the headlines in this week’s FOSS news review: ownCloud gets a new release, the Linux kernel grows by a half million lines since January 1, a new OS for the Pi 3 and FOSS Force welcomes a new columnist.

It seems as if even some FOSS writers have been buying into “Microsoft luvs Linux” this week, as some have been been bending over backwards to applaud the Ubuntu connection with bash on Windows. I only have one thing to say about that: Windows with bash support is still Windows.

In the real FOSS news this week…

You might want to think about disconnecting your Firefox add-ons. We learned from Ars Technica on Tuesday that a group of four security researchers presented a report at the Black Hat security conference in Singapore last week on security exploits being found in nine of the top ten add-ons for Mozilla’s browser. Included in the list of potentially unsafe add-ons are NoScript and Firebug, with Adblock Plus being the only add-on in the top ten with no exploitable flaws. The main problem, it seems, is that unlike many other browsers, Firefox doesn’t always isolate an addon’s functions. The entire report is available online as a PDF.

OSVDB iconSpeaking of vulnerabilities: We lost an open source security asset this week. On Tuesday we received word that OSVDB, or the Open Sourced Vulnerability Database project, an organization that’s cataloged computer security flaws since 2002, is closing up shop. The news came by way of an OSVDB blog that said, “We are not looking for anyone to offer assistance at this point, and it [the database] will not be resurrected in its previous form.” As for why the database is being shut down, the post went on to somewhat cryptically explain, “The industry simply did not want to contribute and support such an effort.” A good analysis of the details by Jon Gold was published Thursday on Network World.

ownCloud 9.0 gets first point release. News came yesterday from the fine folks at ownCloud that version 9.0.1 is now available. This brings with it all the usual security updates, performance improvements and bug fixes, but also brings a few added features. Included is support for migrating calendars and allowing group shares without use of a public key. For more details, view the changelog.

Quote of the week: If I may be so immodest, this week’s quote comes from…well, me. In a tweet on Thursday about the whole “Microsoft luvs Linux” thing, I wrote, “When I say I love chicken, that’s not a good thing for chickens.” Yuk. Yuk. I’m a card, aren’t I?

Another day, another distro: OpenMandriva announced Thursday the release of OpenMandriva Lx3 Beta 1. The blog post making the announcement contains links to download and to the release notes…. Debian 8.4 was released on Saturday. According to the announcement on the Debian website, “This update mainly adds corrections for security problems to the stable release, along with a few adjustments for serious problems.” … And FreeBSD — I know, not a Linux distro, but still an open source *nix — has released version 10.3. For a complete look at changes and improvements, see the operating system’s release announcement.

Quick takes: Thursday, Michael Larabel over at Phoronix reported that — surprise! surprise! — the Linux kernel continues to grow. At last count, there are 21,414,097 lines of code in the kernel, and by Larabel’s math, there are 553,149 more lines in today’s kernel than there were in the kernel you downloaded at the beginning of the year…. Giving Raspbian a run for its money, Ubuntu MATE 16.04 has been ported to the Raspberry Pi 2 and Raspberry Pi 3, complete with on-board Wi-Fi and Bluetooth support.

Parting shot: You might have noticed a new regular byline here on FOSS Force. Phil Shapiro has joined us as our Video Editor, and for the last couple of weeks he has been contributing a twice-weekly column in which he showcases Linux, FOSS and free tech videos that are available on the web. You can read his column — and watch the videos he presents — every Tuesday and Friday. Also, don’t forget to welcome him aboard. Not only is he a huge Linux and open source advocate, he’s an all ’round good guy to boot.

That’s all I have time for this week. Until next time, may the FOSS be with you…


  1. Sid Boyce Sid Boyce April 8, 2016

    Got 2 Pi 2’s but went for for the better performing ODROID-C2 running 64-bit Ubuntu 16.04 rather than the Pi 3.

  2. W. Anderson W. Anderson April 8, 2016

    As indicated in previous comment, “if” Microsoft “loves” and respects Linux, why then does the company NOT rescind it’s very vicious public legal threats against Linux for software Patent infringement, and publicly – or to Linus Torvalds/Free Software Foundation – show exactly what “code” is infringed. No executive of Microsoft has even formally answered that question, or given any sensible or sane response to that premise.

    FOSS advocates, organizations and commercial entities that accept Microsoft’s unproven “love” are naive at best, but most probable morbidly stupid enough to think that they will not be treated to oppressive destruction by Microsoft like every other entity on the earth serving that fate.

    The last sentiment that the FOSS world needs is self delusion.

  3. GNUguy GNUguy April 9, 2016

    Christine, you deserve the “quote of the week” award. You nailed it.

Comments are closed.

Breaking News: