LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Wednesday, March 5th, 2014

    Time Event
    3:11p
    Krita 2.8.0 released
    Version 2.8.0 of
    the Krita painting application is out. New features include improved
    tablet support, high-quality scaling, integration with the "Gemini" sketch
    application, a new wrap-around mode, and much more.
    3:31p
    [$] A longstanding GnuTLS certificate validation botch

    Something rather reminiscent of Apple's "goto fail;" bug has been found, but this time it hits rather closer to home for the free software community since it lives in GnuTLS. Certificate validation for SSL/TLS has been under some scrutiny lately, evidently to good effect. But this bug is arguably much worse than Apple's, as it has allowed crafted certificates to evade validation checks for all versions of GnuTLS ever released since that project got started in late 2000.

    5:44p
    Security updates for Wednesday

    CentOS has updated gnutls (C6; C5: certificate verification issue) and postgresql (C5: multiple vulnerabilities).

    Fedora has updated perl-CGI-Application (F20; F19: information leak).

    Gentoo has updated chromium (multiple vulnerabilities).

    openSUSE has updated chromium (13.1, 12.3: multiple vulnerabilities), gnutls (13.1: certificate verification issue), and pidgin (11.4: multiple vulnerabilities).

    Oracle has updated postgresql (OL5: multiple vulnerabilities).

    Red Hat has updated mongodb (denial of service), openstack-glance (information leak), openstack-nova (multiple vulnerabilities), openstack-packstack (insecure network connections), openstack-swift (timing side-channel attack), and postgresql (RHEL5: multiple vulnerabilities).

    Scientific Linux has updated postgresql (SL5: multiple vulnerabilities).

    SUSE has updated gnutls (SUSE CORE 9: certificate verification issue).

    10:32p
    [$] A thumbnail sketch of Krita 2.8

    Version 2.8 of the digital-painting application Krita has been released. The project recently formed its own backing foundation and has undertaken a concerted effort to fund development through (among other things) the sale of training materials, so a natural question might be whether or not this new release shows any substantial gains that could be attributed to the more formal project management. It is hard to say for sure, of course, but the change does look like a win—the new release includes a series of technical improvements as well as practical contributions from Krita-using artists.

    << Previous Day 2014/03/05
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org