[Most Recent Entries] [Calendar View]
Wednesday, October 15th, 2014
| Time | Event |
| 10:03a | White paper: the state of KVM For those with an interest in the KVM hypervisor: the Linux Foundation's Open Virtualization Alliance has published a white paper [PDF] with an overview of KVM and where it is going. "OpenStack is one of the brightest spots for KVM. As cloud deployments gain in adoption, OpenStack is the leading open source option and has tremendous community momentum behind it. KVM is the most popular hypervisor for OpenStack deployments, so as OpenStack succeeds, so will KVM." |
| 3:05p | The POODLE vulnerability Google has disclosed a new SSL vulnerability that goes by the name POODLE. In essence: a man-in-the-middle attacker can force a connection to drop back to the obsolete SSL 3.0 protocol, then recover plaintext data. "Disabling SSL 3.0 support, or CBC-mode ciphers with SSL 3.0, is sufficient to mitigate this issue, but presents significant compatibility problems, even today. Therefore our recommended response is to support TLS_FALLBACK_SCSV. This is a mechanism that solves the problems caused by retrying failed connections and thus prevents attackers from inducing browsers to use SSL 3.0. It also prevents downgrades from TLS 1.2 to 1.1 or 1.0 and so may help prevent future attacks." The OpenSSL project has issued an advisory describing its response to a few vulnerabilities, POODLE included. |
| 4:07p | Security advisories for Wednesday CentOS has updated firefox (C7; C5: multiple vulnerabilities), java-1.6.0-openjdk (C7; C5: multiple vulnerabilities), and java-1.7.0-openjdk (C7; C5: multiple vulnerabilities). Debian has updated wireshark (yet another pile of dissector flaws). openSUSE has updated rsyslog (13.1; 12.3: two vulnerabilities). Oracle has updated java-1.6.0-openjdk (OL7: multiple vulnerabilities). Red Hat has updated firefox (RHEL5,6,7: multiple vulnerabilities), java-1.6.0-openjdk (RHEL5,6,7: multiple vulnerabilities), java-1.7.0-openjdk (RHEL6,7; RHEL5: multiple vulnerabilities), and java-1.8.0-openjdk (RHEL6: multiple vulnerabilities). SUSE has updated rsyslog (SLES11 SP3: two vulnerabilities). Ubuntu has updated firefox (14.04, 12.04: multiple vulnerabilities), thunderbird (14.04, 12.04: multiple vulnerabilities), and wpa, wpasupplicant (14.04, 12.04, 10.04: command execution). |
| 4:14p | |
| 9:01p | [$] A damp discussion of network queuing ![[Steve Hemminger]](http://lwn.net/images/conf/2014/lce-lpc/SteveHemminger2-sm.jpg "Steve Hemminger")
Very few presenters at technical conferences come equipped with gallons of
water and a small inflatable swimming pool to contain it. But that is just
how Stephen Hemminger showed up at the 2014 Linux Plumbers
Conference. Stephen was there to talk about the current state of the
fight against bufferbloat; while there was some good news to share, the sad
fact is that, in a number of areas, we are still all wet.
|
| 11:46p | [$] LWN.net Weekly Edition for October 16, 2014 The LWN.net Weekly Edition for October 16, 2014 is available. |
| << Previous Day |
2014/10/15 [Calendar] |
Next Day >> |