Tuesday, April 22nd, 2014

Time	Event
2:29p	GCC 4.9.0 released Version 4.9.0 of the GNU Compiler Collection is out. "GCC 4.9.0 is a major release containing substantial new functionality not available in GCC 4.8.x or previous GCC releases." The list of new features is indeed long; see the 4.9.0 release page for lots more information. (Comment on this)
4:02p	Tuesday's security advisories Debian has updated icedove (multiple vulnerabilities). openSUSE has updated squid (13.1, 12.3: denial of service), flash-player (13.1, 12.3: multiple vulnerabilities), json-c (13.1, 12.3: denial of service), openssl (13.1, 12.3: information disclosure), and otrs (13.1, 12.3: cross-site scripting). Slackware has updated libyaml (code execution) and php (denial of service). Ubuntu has updated python-django (all: multiple vulnerabilities). (Comment on this)
6:16p	OpenSSL code beyond repair, claims creator of “LibreSSL” fork (Ars Technica) Ars Technica takes a look at the LibreSSL fork of OpenSSL created by the OpenBSD project. "The decision to fork OpenSSL is bound to be controversial given that OpenSSL powers hundreds of thousands of Web servers. When asked why he wanted to start over instead of helping to make OpenSSL better, de Raadt said the existing code is too much of a mess. "Our group removed half of the OpenSSL source tree in a week. It was discarded leftovers," de Raadt told Ars in an e-mail. "The Open Source model depends [on] people being able to read the code. It depends on clarity. That is not a clear code base, because their community does not appear to care about clarity. Obviously, when such cruft builds up, there is a cultural gap. I did not make this decision... in our larger development group, it made itself."" (Comment on this)

<< Previous Day

2014/04/22 [Calendar]

Next Day >>