Language Selection

English French German Italian Portuguese Spanish

FOSS Security Updates vs Microsoft Patch Day

Filed under
OSS
Security

It is almost that time again. The ritual of installing Microsoft patches released on the second Tuesday of each month to fix security problems with its operating systems and software. My company will be monitoring and installing these updates again for some of our local clients this week.

It is an ironic coincidence that I have received update notices from Mandriva for software installed on my Linux PC systems as well this weekend. These updates come regularly from the upstream developers through Mandriva to Mandriva end-users. These updates may be simple code fixes for bugs, upgrades to get new versions of software or security fixes to patch possible security problems. While looking at these today I thought it would be interesting to compare vulnerability wise what I am getting from Mandriva today with what Microsoft customers will be getting on Tuesday 14 September 2010.

First, to understand Microsoft’s vulnerability code words one must know the terminology Microsoft uses and what it means. This is found in this table borrowed from Microsoft:

complete story




More in Tux Machines

EMC to open-source ViPR - and lots of other stuff apparently

ViPR is software storage controller tech that separates the control and data planes of operation, enabling different data services to be layered onto a set of storage hardware products - such as EMC's own arrays, Vblocks, selected third-party arrays, JBODs and cloud storage. The data services are typically ways of accessing data, such as file services, The open source software will be called Project CoprHD* and be made available on GitHub for community development. It will include all the storage automation and control functionality and be supplied under the Mozilla Public License 2.0 (MPL 2.0). Public supporting partners for CoprHD are Intel, Verizon and SAP. Read more

Patent Pledges and Open Source Software Development

For all its benefits, one aspect of open source software does cause headaches: understanding the legal terms that control its development and use. For starters, scores of licenses have been created that the Open Source Initiative recognizes as meeting the definition of an “open source license.” While the percentage of these licenses that are in wide use is small, there are significant and important differences between many of these popular licenses. Moreover, determining what rights are granted in some cases requires referring to what the community thinks they mean (rather than their actual text), and in others by the context in which the license is used. Read more

Open Source History: Why Did Linux Succeed?

One of the most puzzling questions about the history of free and open source is this: Why did Linux succeed so spectacularly, whereas similar attempts to build a free or open source, Unix-like operating system kernel met with considerably less success? I don't know the answer to that question. But I have rounded up some theories, which I'd like to lay out here. Read more