LWN.net's Journal
[Most Recent Entries]
[Calendar View]
Tuesday, July 21st, 2015
| Time |
Event |
| 8:43a |
Gorman: Continual testing of mainline kernels Mel Gorman introducesSUSE's kernel performance-testing system. " Marvin is a system that
continually runs performance-related tests and is named after another robot
doomed with repetitive tasks. When tests are complete it generates a
performance comparison report that is publicly available but rarely
linked. The primary responsibility of this system is to check SUSE Linux
for Enterprise kernels for performance regressions but it is also
configured to run tests against mainline releases." | | 4:14p |
Security advisories for Tuesday CentOS has updated bind (C7: denial of service) and thunderbird (C7; C6; C5: multiple vulnerabilities).
Debian-LTS has updated cacti (SQL
injection) and cacti (regression in
previous update).
Fedora has updated asterisk (F22:
SSL server spoofing), bind (F21: denial of
service), httpd (F22: multiple
vulnerabilities), java-1.8.0-openjdk (F22; F21:
multiple vulnerabilities), libunwind (F22:
buffer overflow), php-horde-Horde-Auth (F22; F21:
multiple vulnerabilities), php-horde-Horde-Core (F22; F21:
multiple vulnerabilities), php-horde-Horde-Form (F22; F21:
multiple vulnerabilities), php-horde-Horde-Icalendar (F22; F21:
multiple vulnerabilities), polkit (F21:
multiple vulnerabilities), and squashfs-tools (F21: two vulnerabilities).
Oracle has updated bind (OL7: denial of service) and thunderbird (OL7; OL6: multiple vulnerabilities).
Red Hat has updated bind (RHEL7:
denial of service) and thunderbird
(RHEL5,6,7: multiple vulnerabilities).
Scientific Linux has updated bind
(SL7: denial of service) and thunderbird
(SL5,6,7: multiple vulnerabilities).
SUSE has updated mariadb (SLE12: multiple vulnerabilities).
Ubuntu has updated thunderbird
(15.04, 14.10, 14.04, 12.04: multiple vulnerabilities). | | 6:15p |
New Cloud Native Computing Foundation to Drive Alignment Among Container Technologies The Linux Foundation has announcedthe Cloud Native Computing Foundation. " This new organization aims to advance the state-of-the-art for building cloud native applications and services, allowing developers to take full advantage of existing and to-be-developed open source technologies. Cloud native refers to applications or services that are container-packaged, dynamically scheduled and micro services-oriented.
Founding organizations include AT&T, Box, Cisco, Cloud Foundry Foundation, CoreOS, Cycle Computing, Docker, eBay, Goldman Sachs, Google, Huawei, IBM, Intel, Joyent, Kismatic, Mesosphere, Red Hat, Switch SUPERNAP, Twitter, Univa, VMware and Weaveworks. Other organizations are encouraged to participate as founding members in the coming weeks, as the organization establishes its governance model." | | 8:54p |
[$] Domesticating applications, OpenBSD style
One of the many approaches to improving system security consists of
reducing the attack surface of a given program by restricting the range of
system calls available to it. If an application has no need for access to
the network, say, then removing its ability to use the socket() system
call should cause no loss in functionality while reducing the scope of the
mischief that can be made should that application be compromised. In the
Linux world, this kind of sandboxing can be done using a security module or
the seccomp() system call. OpenBSD has lacked this capability so
far, but it may soon gain it via a somewhat different approach than has
been seen in Linux. |
|