LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Monday, May 12th, 2014

    Time Event
    1:35a
    Garrett: Oracle continue to circumvent EXPORT_SYMBOL_GPL()
    Matthew Garrett takes
    Oracle to task     for using shim functions to gain access to GPL-only kernel
    functions in its GPL-incompatible DTrace module. "Of course, as
    copyright holders of DTrace, Oracle could solve the problem by
    dual-licensing DTrace under the GPL as well as the CDDL. The fact that they
    haven't implies that they think there's enough value in keeping it under an
    incompatible license to risk losing a copyright infringement suit. This
    might be just the kind of recklessness that Oracle accused Google of back
    in their last case.    "
    10:16a
    PyPy 2.3 released
    The PyPy project has released version 2.3 of
    its high-performance implementation of the Python language. Along with a
    number of fixes, this release includes support for several new modules,
    the ability to embed the interpreter within hosting applications, OpenBSD
    support, and more.
    4:05p
    Security advisories for Monday

    Fedora has updated kernel (F20: multiple vulnerabilities), php (F19: privilege escalation), rxvt-unicode (F20; F19: command execution), and xen (F20; F19: code execution).

    Gentoo has updated openssh (multiple vulnerabilities, one from 2008).

    Mageia has updated chromium-browser-stable (multiple vulnerabilities), ldns (information disclosure), libpng (MG4; MG3: multiple vulnerabilities), and libxml2 (denial of service).

    Mandriva has updated ldns (information disclosure), libpng (multiple vulnerabilities), and libxml2 (denial of service).

    openSUSE has updated seamonkey (13.1, 12.3: multiple vulnerabilities).

    Slackware has updated seamonkey (multiple vulnerabilities).

    10:10p
    Linux gets fix for code-execution flaw (Ars Technica)
    Ars Technica takes
    a look     at serious bug in the Linux kernel that was introduced in 2009.
    "The memory-corruption vulnerability, which was introduced in version
    2.6.31-rc3, released no later than 2009    , allows unprivileged users to
    crash or execute malicious code on vulnerable systems, according to the
    notes accompanying proof-of-concept code
    available here    . The flaw resides in the n_tty_write function
    controlling the Linux pseudo tty
    device    .    " This flaw has been identified as CVE-2014-0196.
    The LWN vulnerability report is here.

    << Previous Day 2014/05/12
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org