Building VirtualBox is getting harder and harder these days as Oracle add non-standard hacky little scripts to the codebase, just like their horrible database installation that requires you to install RPM’s to allow the installer to run, then you must remove them afterwards or your entire system will be un-upgradeable! The build instructions here are hideously out-of-date and don’t really help much on a non-Debian system. The first bug was a dependency on a specific version of Java, or more accurately a hardcoded location for the JRE.

I’ve been playing with cross-compiling Windows programs on Linux using Fedora’s build of MingGW. Part of the Fedora build is nsiswrapper, which is a Perl script wrapper around the NSIS opensource Windows installer maker (like makeself on Linux) from Nullsoft, the creators of WinAmp. The wrapper doesn’t work very well with Qt4 as it runs lc() on all its dependency filenames, and Qt4 is heavily mixed-case like QtGui4.dll and QtCore4.dll, so I just created a .

I’ve been playing with Qt4 today, the main C++ version, not the PyQt3 Python wrapper I’ve used before. I’ve noticed that the code is very similar, pretty much the same number of lines of code for a “Hello World!” windowed application. I had my suspicions before, as the PyQt syntax doesn’t seem very Pythonic. It doesn’t really bode well for Python as a rapid application development environment for Qt programs if you can do the same in C++ without the extra overhead of an interpreter, with the same amount of effort (if you use QtDesigner, there’s probably even less difference).

Qt4 (KDE) applications like Chromium and VirtualBox have had ugly non-antialiased fonts, whereas Gtk2 (Gnome) applications look fine. I’ve found the fix – basically create a ~/.fonts.conf file with the following content, which turns on subpixel smoothing (installing freetype-freeworld did naff all): <?xml version="1.0"?> <fontconfig> <match target="font"> <edit name="autohint" mode="assign"> <bool>true</bool> </edit> </match> </fontconfig> I also changed the monospaced font in Chromium from 13pt Courier-New to 12pt Monospace, which interestingly enough made the fonts a bit bigger, and seems identical to my Firefox setup.

Myself and a colleague discovered a directory-traversal vulnerability in Cisco’s CDS, essentially you could fetch files off the filesystem using an unauthenticated HTTP request. The issue was found in v2.5.3 and has been fixed in 2.5.7 (I confirmed on 2.5.9-b5) of their software. Cisco went full-disclosure on it, fair do’s, and reported CVE-2010-1577, the following sites have my name on them (Google search): http://www.cisco.com/warp/public/707/cisco-sa-20100721-spcdn.shtml http://securitytracker.com/alerts/2010/Jul/1024234.html http://secunia.com/advisories/40701/ http://packetstormsecurity.org/1007-advisories/cisco-sa-20100721-spcdn.txt We even got on the full-disclosure mailing list – woot!