Daily Roundup

OpenJDK Build Infrastructure Project Created

Jessica Thornsby

PLUS, new alliance for IBM, Red Hat, SUSE, and more!

OpenJDK Build Infrastructure Project

The OpenJDK Build Infrastructure Project has
officially been created. This project will be
used for developing “major changes” to the JDK build process, and
aims to improve the turnaround on full builds. Additional goals
include allowing for 32bit builds to happen on 64bit systems, and
allowing for more portable build tools to be used, where possible.
The Build Infrastructure Project will also aim to provide a
reliable way for incremental builds to work. Kelly O’Hair will
serve as the Project’s Moderator.

Second Draft of OpenJDK Community Bylaws

The second public draft of the OpenJDK Community Bylaws has been published. Any
comments on this second public draft, must be sent by the 2nd June,
2011. If no major changes are required, the ratification vote will
be held shortly after.

IBM, Red Hat, SUSE and More Form New

BMC Software, Eucalyptus Systems, HP, IBM, Intel, Red Hat and
SUSE have formed a new ‘Open
Virtualization Alliance
.’ This consortium aims to facilitate
the adoption of open virtualization technologies, such as the
Kernel-based Virtual Machine (KVM,) a virtual machine
implementation using the operating system’s kernel, and a core
component in the Linux kernel. The consortium will also focus on
aiding the expansion of the ecosystem of third party solutions,
around the KVM. The Open Virtualization Alliance state they will
strive to complement the process and structures that already exist
in the open source KVM project. Membership of the Open
Virtualization Alliance is tiered.

Google Begin Rolling Out Silent Android Fix

Following the discovery of an authTokens vulnerability that exposed Android
phone users’ contacts and calendars to potential attackers when
they accessed services over an unsecured network, Google have
reportedly begun rolling out a “silent fix.”
The vulnerability was discovered by researchers at Germany’s
University of Ulm, who also theorised that the vulnerability could
be exploited across all Google services that use the ClientLogin
authentication protocol for access to its data APIs.

The issue had already been fixed in Android 2.3.4, but earlier
versions were vulnerable to the attack.

comments powered by Disqus