Thursday, May 28th, 2015

Time	Event
3:10a	This week's edition will be one day late LWN staff celebrated the US Memorial Day holiday on Monday this week, so the Weekly Edition will come out on the holiday schedule — one day later than usual. We will return to our normal schedule next week. Thank you all, as always, for supporting LWN. (Comment on this)
12:02p	[$] SourceForge replacing GIMP Windows downloads In 2013, we reported that SourceForge.net had started to redirect the download links clicked on by some users, providing those users with an installer program that bundled in not just the software the user had requested, but a set of side-loaded "utilities" as well. The practice raised the ire of many in the community, even though it was an optional service that SourceForge offered to project owners. Matters may have changed recently, however, as the GIMP project discovered that "GIMP for Windows" downloads had suddenly become side-loading installers—and that the project could no longer access the SourceForge account that was used to distribute them. (Comment on this)
1:39p	Security updates for Thursday Arch Linux has updated curl (information leak). Debian-LTS has updated dulwich (code execution), eglibc (code execution), exactimage (denial of service), and libnokogiri-ruby (information disclosure from 2012). Fedora has updated ca-certificates (F20: CA update), hostapd (F21; F20: denial of service), java-1.8.0-openjdk (F20: insecure tmp file use), LibRaw (F21: denial of service), mingw-LibRaw (F21: denial of service), openslp (F20: two denial of service flaws, one from 2010, one from 2012), php (F21; F20: multiple vulnerabilities), postgresql (F22: three vulnerabilities), and rawtherapee (F22: denial of service). Mageia has updated fuse (privilege escalation), kernel-linus (denial of service), and kernel-tmb (denial of service). openSUSE has updated glibc, glibc-testsuite, glibc-utils, glibc.i686 (13.2, 13.1: two vulnerabilities). SUSE has updated firefox (SLE12: multiple vulnerabilities). (Comment on this)
2:56p	A security study of Docker images The folks at Banyan have looked into the security state of the images stored on Docker Hub and published their results. "More than a third of all images have high priority vulnerabilities and close to two-thirds have high or medium priority vulnerabilities. These statistics are especially troublesome because these images are also some of the most downloaded images (several of them have hundreds of thousands of downloads)." (Comment on this)
4:24p	LibreOffice Viewer for Android released The Document Foundation has announced the availability of the LibreOffice viewer for Android systems. And it's not just for viewing: "LibreOffice Viewer also offers basic editing capabilities, like modifying words in existing paragraphs and changing font styles such as bold and italics. Editing is still an experimental feature which has to be enabled separately in the settings, and is not stable enough for mission critical tasks." (Comment on this)

<< Previous Day

2015/05/28 [Calendar]

Next Day >>