Monday, February 23rd, 2015

Time	Event
3:50a	Kernel prepatch 4.0-rc1 Linus has closed the merge window for this release and released 4.0-rc1 — meaning, of course, that the current plan is to call the release "4.0". "But nobody should notice. Because moving to 4.0 does *not* mean that we somehow changed what people see. It's all just more of the same, just with smaller numbers so that I can do releases without having to take off my socks again." The codename has also changed to "Hurr durr I'ma sheep." (Comment on this)
4:06p	Remote code execution vulnerability in Samba The Samba 4.1.17, 4.0.25 and 3.6.25 releases are available; they fix an unpleasant code-execution vulnerability. See this Red Hat security blog entry for more information. "CVE-2015-0240 is a security flaw in the smbd file server daemon. It can be exploited by a malicious Samba client, by sending specially-crafted packets to the Samba server. No [authentication] is required to exploit this flaw. It can result in remotely controlled execution of arbitrary code as root." (Comment on this)
6:15p	Security advisories for Monday CentOS has updated samba (C7; C6: root code execution), samba3x (C5: root code execution), and samba4 (C6: root code execution). Debian has updated e2fsprogs (incomplete fix for code execution), eglibc (multiple vulnerabilities), ruby-redcloth (cross-site scripting), samba (root code execution), sudo (information disclosure), typo3-src (authentication bypass), and xdg-utils (command execution). Fedora has updated apache-poi (F21: XML-handling flaws), apache-poi (F20: denial of service), cups (F21: buffer overflow), drupal6-views (F21; F20: multiple vulnerabilities), e2fsprogs (F20: code execution), sudo (F21: information disclosure), and tomcat (F21: multiple vulnerabilities). Mageia has updated bind (denial of service). openSUSE has updated glibc (13.2, 13.1: multiple vulnerabilities). SUSE has updated java-1_6_0-ibm (SLES10 SP4: multiple unspecified vulnerabilities), java-1_7_0-ibm (SLE11 SP3; SLES11 SP2: multiple unspecified vulnerabilities), and samba (SLE12: root code execution). (Comment on this)
8:00p	GNOME 3.15.90 The first beta in the GNOME 3.15 development series has been released. GNOME 3.15.90 features a new GNOME shell theme, redesigned notifications in GNOME shell, codec installation integrated in gnome-software, a login screen on Wayland, and more. (Comment on this)
8:26p	Morevna Production Report #1 The Beautiful Queen Marya Morevna is a Russian folk tale. The Morevna Project makes anime videos about Morevna, using free software. This progress report covers the status of their newest episode. "Our main animation tool is Synfig Studio and for the past years it was improved a lot. I guess it’s needles to say, that the new episode will be produced using the latest development version of Synfig. For current stage of the project it is important to ensure that the tool is stable enough for production, so last weeks we were concentrated on fixing the critical bugs. As result of this work, we have published the first Release Candidate for the new stable version of Synfig Studio, which is going to be numbered as 1.0 by the way." (Thanks to Paul Wise) (Comment on this)

<< Previous Day

2015/02/23 [Calendar]

Next Day >>