OStatic

Just last Thursday, I wrote a post proclaiming my undying love for how quickly open source projects tend to right themselves when sailing the choppy waters of software vulnerabilities. This time around, a vulnerability had been spotted in Firefox, affecting 3.x releases on all platforms. The fix was scheduled for release sometime this week, in the browser's 3.0.8 version.

Firefox 3.0.8 made an early arrival, however, and was officially released Friday afternoon (at 3:45 PST). For those keeping score, this was roughly two days after one of the vulnerabilities it patches was discovered.

By way of Heise Online comes more detailed information about what's causing some to lose data in systems using the new ext4 file system. The ext4 file system, which is slated to eventually replace ext3 as the default file system of choice in many Linux distributions, can experience significant data loss after system crashes or unclean shutdowns.

Ted Ts'o, Linux Foundation's CTO and maintainer of the ext4 file system, says that the loss is due to how ext4 writes to disk. He says ext4, and newer file systems such as XFS and Btrfs, use delayed allocation. This means that writing data to disk can take up to a minute (compared to ext3's write time of about five seconds). The longer write time improves system performance and organization of data on the hard drive. Ts'o says that the ext4 team is working out a solution, but it's an issue that would benefit from being addressed from all angles.

Are you interested in open source software? Do you use Ubuntu at all? Will you be passing through the Los Angeles area later today or tomorrow? Think you'll be spending any time over the next two days near a computer with an internet connection? Are your weekend plans peppered with a few small gaps (or wide open expanses) of free time?

Yes? I've got some good news, then. This weekend is shaping up to be a lively one for open source enthusiasts, whether they're in sunny southern California or Tokyo, Japan.

For those in the vicinity of Southern California, SCaLE (the SoCal Linux Expo) is taking place this weekend. Lisa spoke with SCaLE organizer Gareth Greenaway a while back about how the event was shaping up, and the event schedule is packed with talks, tutorials and demonstrations for open source fans of any skill level.

If you'll notice, SCaLE is hosting a number of sessions for the Ubuntu Global Bug Jam. Not in California? Not to worry. The weekend-long Bug Jam is global in the truest sense -- and if you're unable to attend a real world meeting, the #ubuntu-bugs IRC channel can get you in on the action.

On October 24th, as Lisa reported, a serious vulnerability was discovered in the Google Android powered G1 mobile phone.

Though security researchers classified the flaw in the Android browser as serious, Google assured users that the risk wasn't necessarily as dire as it seemed, due to the way the Android operating system restricts each application to its own area.

CNet News reporter Stephen Shankland says his G1 was patched on Saturday through a quick system update.

This week, the Linux kernel and Intel developer teams announced they had discovered the probable cause of the e1000e bug. This bug was particularly destructive, as it would corrupt the EEPROM/NVM of some Intel ethernet adapter chipsets, completely disabling them. Though this issue was patched to prevent damage to these components prior to the 2.6.27 kernel's final release, the actual reason for the corruption was unclear.