Dell is adding Ubuntu 7.10, also known as Gutsy Gibbon, to its consumer Linux lineup in the U.S. The company has also expanded its Linux offerings abroad.

First, the Ubuntu 7.10 announcement. Dell on its blog Tuesday said that Ubuntu 7.0 will be preinstalled on the Inspiron 530 and Inspiron 1420. Ubuntu 7.10 will also be available on the Inspiron 530 in England, France and Germany.

Also see Adrian Kingsley-Hughes Ubuntu 7.10 series with the review, installation process and galleries (right).

Another feature Dell is adding is the ability to automatic DVD movie playback.

Dell writes:

The experience we wanted is simple — when you put a movie in, it plays. It is easy enough for a child and an example of the steps we are taking to make Ubuntu as enjoyable as possible.

It’s a bit comical that auto-DVD playback is a big deal, but that’s where we stand with desktop Linux. Applications that we’re all used to just aren’t quite there yet. However, that is changing rapidly. As it does the fear about jumping to desktop Linux will erode.

This takeaway was clear at IBM’s shindig yesterday. IBM is seeing employees convert to desktop Linux (Red Hat’s version), but the big hurdle is the set of applications. When applications that run on Windows run the same way on desktop Linux conversion will be easy. In IBM’s case Lotus Notes 8 had to offer the same experience on Windows and Linux to pave the way to switch.

Ubuntu is in a similar situation–once media features are easy ala built-in DVD playback–it may find some momentum. And with a refresh every six months the gap can close quickly. Gutsy Gibbon on Dell already has 3-D visual effects, a better desktop search engine, pre-installed Flash and recovery options.

But we aren’t there yet. This comment from Dell is telling:

Dell is working on bringing Ubuntu to more markets over time. In the meantime, tell your friends in the existing markets to buy a system now. The more we sell, the sooner we can expand the program.

Translation: Dell hasn’t sold enough to make it an option everywhere. It’s a chicken and egg argument. If those demand stars line up desktop Linux will be ready for prime time. Personally, I see a virtuous cycle beginning with desktop Linux, but the timing is open to debate.

cialis soft tabs vs cialis

Apple on Monday delivered another 41 patches to address multiple vulnerabilities in Mac OS X and Mac OS X Server including more than a few for Leopard.

The security update, which matches last month’s patch crop from Apple, features a few common threads. Among them:

• Leopard and Tiger are affected;
• The patches mostly cover flaws that allow hackers to take over your system;
• Execution holes abound throughout Mac OS X in iChat,  Core Foundation, cialis soft tablets Quick Look and Desktop Services;
• Apple has been busy on the security front. Last week, Apple delivered a Java runtime update and patched a bunch of QuickTime. QuickTime has been under fire of late.

In any case, it is recommended that you update. Here’s the laundry list of Apple’s latest round of patches.

CVE-2007-4708: This plugs vulnerability in Address Book’s URL handler. Apple says: “By enticing a user to visit a maliciously crafted website, a remote attacker may cause an unexpected application termination or arbitrary code execution. This update addresses the issue through improved handling of format strings.” Versions affected include Mac OS X v10.4.11 and Mac OS X Server v10.4.11. Anyone running Mac OS X 10.5 or later isn’t affected.

CVE-2007-4709: This one covers the Mac OS X v10.5.1, Mac OS X Server v10.5.1–also known as Leopard. The problem: “A path traversal issue exists in CFNetwork’s handling of downloaded files,” said Apple. In a nutshell, visiting a malicious Web site could allow the automatic download of files to arbitrary folders, which is a nice way of saying your computer has been hijacked.

CVE-2007-4710: This covers Mac OS X v10.4.11, Mac OS X Server v10.4.11 and doesn’t affect Leopard. Specifically, Apple is addressing ColorSync. The issue: “Viewing a maliciously crafted image with an embedded ColorSync profile may lead to an unexpected application termination or arbitrary code execution.” Leopard not affected.

CVE-2007-5847: Again, this ditty covers Mac OS X v10.4.11, Mac OS X Server v10.4.11. (See a trend here yet?). The problem is Core Foundation, which could disclose sensitive information. Leopard not affected.

CVE-2007-5848: This one covers a CUPs vulnerability in a printer driver. Apple says “a local admin user may be able to gain system privileges.” Leopard not affected.

CVE-2007-4351: Another CUPS problem and this one affects Leopard. Specifically, the OS X flavors impacted include Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The update corrects for a memory corruption issue in the handling of Internet Printing Protocol tags that could lead to an application crash or arbitrary code execution.

CVE-2007-5849: Another CUPs issue affecting Leopard and Leopard Server. Apple says: “If SNMP is enabled, a remote attacker may cause an unexpected application termination or arbitrary code execution. Description: “The CUPS backend SNMP program broadcasts SNMP requests to discover network print servers.”

CVE-2007-5850: This one covers desktop services in Mac OS X v10.4.11, Mac OS X Server v10.4.11. Leopard isn’t impacted. The gist: There’s a buffer overflow problem in Finder that can lead to an arbitrary code execution. Leopard not affected.

CVE-2007-5476: Affects the Flash Player plug-in for Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1 and Mac OS X Server v10.5.1. There are multiple vulnerabilities addressed by Adobe.

CVE-2007-4131: This one corrects a “maliciously crafted tar archive,” an issue with GNU Tar. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11, but Leopard in the clear.

CVE-2007-5851: iChat is the issue here. The problem: A person on local network may initiate a video connection without permission. Leopard not impacted, but does cover Mac OS X v10.4.11 and Mac OS X Server v10.4.11.

CVE-2007-5853: IO storage issue where “opening a maliciously crafted disk image may lead to an unexpected system shutdown or arbitrary code execution. Leopard in the clear, but Mac OS X v10.4.11, Mac OS X Server v10.4.11 isn’t.

CVE-2007-5854: This one fixes launch services in Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The problem: “Opening a maliciously crafted HTML file may lead to information disclosure or cross-site scripting.”

CVE-2007-6165: Another launch services problem, this time “opening an executable mail attachment may lead to arbitrary code execution with no warning.” Affects Leopard and Leopard Server.

CVE-2007-5855: Affects mail on Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The problem: “SMTP accounts set up through Account Assistant may use plaintext authentication even when MD5 Challenge-Response authentication is available.”

CVE-2007-5116 and CVE-2007-4965: Addresses problems with perl and python, respectively. Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1 impacted.

CVE-2007-5856 and CVE-2007-5857: Both address Quick Look vulnerabilities in Leopard. Previewing a movie can disclose sensitive information. There are also some URL access issues.

CVE-2007-5770 and CVE-2007-5379, CVE-2007-5380, CVE-2007-6077: Vulnerabilities abound in Ruby libraries and Rails 1.2.3. The first one listed impacts. Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. The remainder CVEs impact Leopard only.

CVE-2007-5858: A Safari fix for a information disclosure flaw. Impacts Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1. Also impacts Safari 3 Beta on Windows XP and Vista.

CVE-2007-5859: Safari RSS has issues on Mac OS X v10.4.11, Mac OS X Server v10.4.11. Maliciously crafted feed may lead to application termination or arbitrary code execution. Leopard not affected.

CVE-2007-4572, CVE-2007-5398: Addresses Samba vulnerabilities. Impacts Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1.

CVE-2006-0024: Addresses Shockwave woes in Mac OS X v10.4.11, Mac OS X Server v10.4.11, Mac OS X v10.5.1, Mac OS X Server v10.5.1.

CVE-2007-3876: Apple says: “A stack buffer overflow issue exists in the code used by the mount_smbfs and smbutil applications to parse command line arguments, which may allow a local user to cause arbitrary code. Impacts Mac OS X v10.4.11, Mac OS X Server v10.4.11.

CVE-2007-5863: Even Software Update has a few flaws. Leopard impacted by “a man-in-the-middle attack could cause Software Update to execute arbitrary commands execution with system privileges.”

CVE-2007-5860: Spin Tracer flaw affecting Leopard. “A local user may be able to execute arbitrary code with system privileges.”

CVE-2007-5861: Addresses Spotlight flaws. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11.

CVE-2007-1218, CVE-2007-3798: Vulnerabilities abound in tcpdump. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11.

CVE-2007-1659, CVE-2007-1660, CVE-2007-1661, CVE-2007-1662, CVE-2007-4766, CVE-2007-4767, CVE-2007-4768: Multiple vulnerabilities plugged in XQuery. Affects Mac OS X v10.4.11, Mac OS X Server v10.4.11.