The biggest security story from last week would have to be news that the life of Firefox 1.5 is being extended by upstream until mid may:
http://www.mozillazine.org/talkback.html?article=21543
The Mozilla project is planning to stop providing official updates for the 1.5 Firefox branch. They of course want to put their development effort into the 2.0 branch. The current plan for Red Hat and Fedora is to roll security patches into the 1.5 branch. Several distributions are going to work together to keep the 1.5 branch maintained with security patches since there is great interest in keeping 1.5 maintained for the immediate future. Chris Aillon explains this in a blog posting:
Mozilla Corp. to work more closely with Linux distributors.
This action shows a huge strength regarding Open Source software and security maintenance. When a closed source application is distributed, you have to run whatever version the author wishes you to run. If an application has the source available, and the will exists, a technically unsupported version can live on.
