Monday, December 8th, 2014

Time	Event
4:17a	The 3.18 kernel has been released Linus has released the 3.18 kernel. "I'd love to say that we've figured out the problem that plagues 3.17 for a couple of people, but we haven't. At the same time, there's absolutely no point in having everybody else twiddling their thumbs when a couple of people are actively trying to bisect an older issue, so holding up the release just didn't make sense." Highlights in this release include the bpf() system call, some significant networking performance improvements, dozens of new drivers, thousands of fixes, and more. (Comment on this)
6:02p	Security advisories for Monday Debian has updated getmail4 (multiple vulnerabilities) and icedove (multiple vulnerabilities). Fedora has updated arm-none-eabi-binutils-cs (F20; F19: multiple vulnerabilities), avr-binutils (F20; F19: multiple vulnerabilities), firefox (F19: multiple vulnerabilities), flac (F20: multiple vulnerabilities), graphviz (F20; F19: format string vulnerability), hivex (F20; F19: invalid hive files), kwebkitpart (F20; F19: code execution), libksba (F20; F19: denial of service), nrpe (F19: code execution), readline (F19: insecure temporary files), and thunderbird (F19: multiple vulnerabilities). Mageia has updated apache-mod_wsgi (privilege escalation), jasper (code execution), and openvpn (denial of service). openSUSE has updated apache2-mod_wsgi (13.1, 12.3: privilege escalation), docker (13.2: privilege escalation), firefox (13.2, 13.1, 12.3: multiple vulnerabilities), flac (13.2, 13.1, 12.3: multiple vulnerabilities), icecast (13.2; 13.1, 12.3: information leak/privilege escalation), openvpn (13.2, 13.1, 12.3: denial of service), and ruby19 (13.1, 12.3: two vulnerabilities). Oracle has updated docker (OL7; OL6: privilege escalation). Scientific Linux has updated kernel (SL5: restriction bypass). SUSE has updated clamav (SLE11 SP3; SLES11 SP1,2: multiple vulnerabilities). Ubuntu has updated ghostscript (10.04: code execution) and jasper (14.10, 14.04, 12.04: code execution). (Comment on this)
6:07p	[$] A quick look at the new FontForge release FontForge is the most feature-rich free-software application for building and editing font files, but that is a niche that, regrettably, attracted relatively few developers over the project's lifespan. The situation has improved considerably in the last two years, however, and the latest release introduces several significant improvements. The new features include some expansion and enhancement to the editing tools, which will appeal to existing FontForge users, but they also include other changes that may be more significant in making FontForge appealing to new users. (Comment on this)
7:07p	The SFLC's intervention in Google v. Oracle The Software Freedom Law Center has filed an interesting brief with the U.S. Supreme Court on whether the Court should review the Federal Circuit court decision stating that Android violates Oracle's copyrights by shipping some Java headers. The SFLC disagrees with the Circuit court decision, but, interestingly, still argues that the Supreme Court should not look at the case. "Given that the parties are agreed that Petitioner has the right to royalty-free use of all the material at issue under GNU GPL, and it is in addition entitled to claim that its use was licensed at all relevant times, there is no public interest in the adjudication a controversy which remains merely theoretical if not factually moot." (Comment on this)
7:55p	Kocialkowski: A hacker's journey: freeing a phone from the ground up, first part Paul Kocialkowski shares his experience with porting Replicant to the LG Optimus Black. "Every once in a while, an unexpected combination of circumstances ends up enabling us to do something pretty awesome. This is the story of one of those times. About a year ago, a member of the Replicant community started evaluating a few targets from CyanogenMod and noticed some interesting ones. After some early research, he picked a device: the LG Optimus Black (P970), bought one and started porting Replicant to it. After a few encouraging results, he was left facing issues he couldn't overcome and decided to give up with the port. As the device could still be an interesting target for Replicant, we decided to buy the phone from him so that I could pick up the work where he stalled." (Thanks to Paul Wise) (Comment on this)

<< Previous Day

2014/12/08 [Calendar]

Next Day >>