Monday, January 5th, 2015

Time	Event
5:47p	Security advisories for Monday Debian has updated strongswan (denial of service). Debian-LTS has updated polarssl (denial of service), pyyaml (denial of service), and sox (code execution). Fedora has updated claws-mail (F19: man-in-the-middle attack), claws-mail-plugins (F19: man-in-the-middle attack), curl (F19: information leak), denyhosts (F20; F19: denial of service), ettercap (F21; F20; F19: multiple vulnerabilities), freetype (F20: buffer overflow), kernel (F19: multiple vulnerabilities), libetpan (F19: man-in-the-middle attack), libssh (F21; F20; F19: denial of service), mailx (F21; F20; F19: command execution), mingw-pcre (F21; F20; F19: information leak), openjpeg (F19: multiple vulnerabilities), python-django-horizon (F21: denial of service), pyxdg (F20: symlink attacks), subversion (F21; F20: denial of service), and unrtf (F21: code execution). Mandriva has updated c-icap (denial of service), ntp (multiple code execution vulnerabilities), pcre (information leak), php (code execution), and subversion (denial of service). Ubuntu has updated strongswan (14.10, 14.04: denial of service). (Comment on this)
9:03p	Cuthbertson: NixOS and Stateless Deployment Here is a lengthy post from Tim Cuthbertson on the virtues of building servers with NixOS. "It should hopefully be obvious at this point why NixOS is better than puppet: Both are declarative, but puppet is impure and non-exhaustive - when you apply a config, puppet compares everything specified against the current state of the system. Everything not specified is left alone, which means you’re only specifying a very tiny subset of your system. With NixOS, if something is not specified, it is not present." (Comment on this)

<< Previous Day

2015/01/05 [Calendar]

Next Day >>