LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Friday, July 10th, 2015

    Time Event
    2:51p
    Friday's security updates

    Arch Linux has updated openssl (certificate verification botch).

    CentOS has updated php (C6: many vulnerabilities, some from 2014).

    Debian has updated pdns (full fix for denial of service) and pdns-recursor (full fix for denial of service).

    Gentoo has updated adobe-flash (multiple vulnerabilities, one from 2014), chromium (multiple vulnerabilities), mysql (multiple vulnerabilities), net-snmp (denial of service from 2014), openssl (certificate verification botch), oracle-jre-bin (multiple vulnerabilities, some from 2014), perl (denial of service from 2013), portage (certificate verification botch from 2013), pypam (code execution from 2012), and t1utils (multiple vulnerabilities).

    Mageia has updated openssl (certificate verification botch).

    openSUSE has updated MariaDB (13.2, 13.1: many vulnerabilities, some from 2014).

    Oracle has updated php (OL6: many vulnerabilities, some from 2014).

    Red Hat has updated php (RHEL6: many vulnerabilities, some from 2014) and php54-php (RHSC2: multiple vulnerabilities).

    Scientific Linux has updated php (SL6: many vulnerabilities, some from 2014).

    Slackware has updated openssl (certificate verification botch).

    Ubuntu has updated firefox (15.04, 14.10, 14.04: multiple vulnerabilities) and nss (two vulnerabilities).

    7:53p
    A new crop of stable kernels
    Greg Kroah-Hartman has announced the release of the 4.1.2, 4.0.8,
    3.14.48, and 3.10.84 stable kernels. All contain important
    fixes and users should upgrade. In addition, this is the second to last
    4.0.x release (i.e. there will be a 4.0.9, but that's the last), so users
    should be making plans to move to 4.1.x.
    10:26p
    Microservices 101: The good, the bad and the ugly (ZDNet)
    ZDNet has an interview about "microservices" with Red Hat VP of engineering for middleware, Dr. Mark Little. Microservices are a relatively recent software architecture that relies on small, easily replaced components and is an alternative to the well-established service-oriented architecture (SOA)—but it is not a panacea:
    "'Just because you adopt microservices doesn't suddenly mean your badly architected ball of mud is suddenly really well architected and no longer a ball of mud. It could just be lots of distributed balls of mud,' Little said.

    'That worries me a bit. I've been around service-oriented architecture for a long time and know the plus points and the negative points. I like microservices because it allows us to focus on the positive points but it does worry me that people see it as the answer to a lot of problems that it's never going to be the answer for.'    "

    << Previous Day 2015/07/10
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org