LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Tuesday, October 30th, 2012

    Time Event
    5:15p
    Tuesday's security updates
    CentOS has updated thunderbird (C6; C5: multiple vulnerabilities).

    Debian has updated icedove (multiple vulnerabilities).

    Fedora has updated dokuwiki (F17; F16: multiple vulnerabilities), firefox (F17: multiple vulnerabilities), xulrunner (F17: multiple vulnerabilities), exim (F17: arbitrary code execution), django (F16: information disclosure) and mapserver (F16: multiple vulnerabilities).

    Mageia has updated transmission (cross-site scripting), python-django (information disclosure), rpmdevtools (symlink attack) and libtiff (code execution).

    openSUSE has updated mozilla suite (multiple vulnerabilities).

    Red Hat has updated thunderbird (multiple vulnerabilities).

    Ubuntu has updated thunderbird (multiple vulnerabilities).

    8:00p
    Kroah-Hartman: Help wanted
    Greg Kroah-Hartman is looking for
    somebody     to help him put stable kernels together. "I'm looking
    for someone to help me out with the stable Linux kernel release
    process. Right now I'm drowning in trees and patches, and could use some
    one to help me sanity-check the releases I'm doing.    "
    8:11p
    EFF: Privacy in Ubuntu 12.10: Amazon Ads and Data Leaks
    The Electronic Frontier Foundation expresses
    privacy concerns     with the new internet search added to Ubuntu 12.10.
    "It's a major privacy problem if you can't find things on your own
    computer without broadcasting what you're looking for to the world. You
    could be searching for the latest version of your résumé at work because
    you're considering leaving your job; you could be searching for a domestic
    abuse hotline PDF you downloaded, or legal documents about filing for
    divorce; maybe you're looking for documents with file names that will gave
    away trade secrets or activism plans; or you could be searching for a file
    in your own local porn collection. There are many reasons why you wouldn't
    want any of these search queries to leave your computer.    " The
    article also includes instructions to opt-out.
    8:22p
    Garrett: A detailed technical description of Shim
    Matthew Garrett describes
    Shim    , the first stage bootloader used to support Secure Boot. "handle_image() is the real meat of Shim. First it has to examine the header data in read_header(), copying the relevant bits into a context structure that will be used later. Some basic sanity checks on the binary are also performed here. If we're running in secure mode (ie, Secure Boot is enabled and we haven't been toggled into insecure mode) we then need to verify that the binary matches the signature and hasn't been blacklisted."

    << Previous Day 2012/10/30
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org