Monday, December 17th, 2012

Time	Event
2:34p	World-writable memory on Samsung Android phones Here's a report on the xda-developers site stating that Samsung Android phones have an interesting feature added to the kernel: a /dev/exynos-mem device, world-writable, that gives access to all physical memory on the handset. "The good news is we can easily obtain root on these devices and the bad is there is no control over it." Owners of such phones might want to be especially careful about which software they install for a little while. (Comment on this)
6:24p	Security advisories for Monday Debian has updated icedove (multiple vulnerabilities) and tiff (code execution). Fedora has updated pki-core (F17: cross-site scripting), mysql (F17: code execution), mate-settings-daemon (F17: insecure timezones), librdmacm (F17: bogus address resolution) and xen (F16: multiple vulnerabilities). Mandriva has updated perl-cgi (header injection). openSUSE has updated libxml2 (code execution), bogofilter (12.1; 12.2: denial of service) and bind (denial of service). SUSE has updated flash-player (multiple unspecified code execution vulnerabilities) and bogofilter (code execution). Ubuntu has updated glibc (regression exposed by previous update), aptdaemon (man-in-the-middle attack) and bogofilter (code execution). (Comment on this)
9:37p	Defence of the GPL realm (The H) The H talks with Bradley Kuhn about GPL compliance. "Certainly we're in an era where lots of people are scrambling to create business models dancing around the issue of GPL compliance, and in using GPL enforcement in nefarious ways. Our community already has too much of that kind of activity, and I certainly don't want more of that. If, however, someone wanted to start another non-profit charity to do enforcement, I'd certainly welcome it and help them do it. I also encourage any individuals who hold copyrights in projects that Conservancy currently does active enforcement for – namely, BusyBox, Linux, and Samba – to get in touch with me and join our coalition. That's an easy way for those who hold copyrights to get involved with the work Conservancy's already doing in this area." (Comment on this)
10:04p	A pile of stable kernel updates Greg KH has released stable kernels 3.0.57, 3.4.24, 3.6.11 and 3.7.1. All contain important fixes. This is the last update for 3.6.x, users should upgrade to 3.7.y now. (Comment on this)
11:04p	FSFE 2012 Annual Report The Free Software Foundation Europe has published its annual report for 2012. "In order to be in charge of our own lives, we need to be able to control the computers we use. We can only do this if they run Free Software that we can use, study, share and improve. We can only do this if our computers aren't neutered to restrict their functionality, or loaded with spyware. We also need neutral networks to connect them to, so we can freely choose what to say, and to whom. With this in mind, 2012 was both a good and a bad year for our freedom." (Comment on this)

<< Previous Day

2012/12/17 [Calendar]

Next Day >>