Thursday, January 14th, 2016

Time	Event
1:13a	[$] LWN.net Weekly Edition for January 14, 2016 The LWN.net Weekly Edition for January 14, 2016 is available. (Comment on this)
3:03p	De Raadt: Important SSH patch coming soon Theo de Raadt suggests that a significant OpenSSH security issue is about to be exposed; the message reads, in full: "Important SSH patch coming soon. For now, every on all operating systems, please do the following: Add undocumented 'UseRoaming no' to ssh_config or use '-oUseRoaming=no' to prevent upcoming #openssh client bug CVE-2016-0777. More later." Update: that important patch appears to be OpenSSH 7.1p2, available now. "The OpenSSH client code between 5.4 and 7.1 contains experimential support for resuming SSH-connections (roaming). The matching server code has never been shipped, but the client code was enabled by default and could be tricked by a malicious server into leaking client memory to the server, including private client user keys." There are a few other security fixes there as well. (Comment on this)
4:23p	Security advisories for Thursday Debian has updated libpng (two vulnerabilities), pygments (code execution), and wordpress (cross-site scripting). Debian-LTS has updated cacti (SQL injection) and inspircd (denial of service and possible IRC network privilege escalation). Fedora has updated gajim (F23; F22: man-in-the-middle attack), nodejs-ws (F23; F22: remote information disclosure), and perl-PathTools (F23: tainting botch). Mageia has updated apache-commons-collections (code execution), kernel-linus (multiple vulnerabilities), kernel-tmb (multiple vulnerabilities), libtiff (three vulnerabilities), mono (code execution from 2009), and roundcubemail (path traversal). openSUSE has updated gajim (42.1: man-in-the-middle attack), libpng12 (42.1: code execution), libpng15 (42.1: code execution), libpng16 (42.1: code execution), libxml2 (42.1: multiple vulnerabilities), and python-rsa (signature forgery). SUSE has updated java-1_6_0-ibm (SLE10SP4: multiple vulnerabilities). Ubuntu has updated thunderbird (multiple vulnerabilities). (Comment on this)
7:13p	2016 Linux Plumbers Conference Call for Microconferences The 2016 Linux Plumbers Conference (LPC) has announced its Call for Microconferences. LPC will be held in Santa Fe, NM, USA on November 2-4, co-located with the Kernel Summit. "A microconference is a collection of collaborative sessions focused on problems in a particular area of the Linux plumbing, which includes the kernel, libraries, utilities, UI, and so forth, but can also focus on cross-cutting concerns such as security, scaling, energy efficiency, or a particular use case. Good microconferences result in solutions to these problems and concerns, while the best microconferences result in patches that implement those solutions." (Comment on this)
10:11p	Linux Foundation and Goodwill team up to provide free Linux training in Central Texas The Linux Foundation and Goodwill are working together to bring free Linux training and certification to adult students in Texas. "The scholarship program will begin with The Goodwill Excel Center and the Goodwill Career and Technical Academy in Central Texas and is expected to expand to other communities in the future. The Goodwill Excel Center is the first free public charter high school for adults in Texas. Students age 17-50 have the opportunity to earn their high school diploma, complete an in-demand professional certification and begin post-secondary education. The Extended Learning Linux Foundation Scholarship Program created by Linux Foundation and Goodwill includes free access to the Intro to Linux (LFS101x) and Essentials of System Administration (LFS201) courses, and the Linux Foundation Certified System Administrator exam at no cost. Hundreds of disadvantaged individuals from underserved communities and a variety of backgrounds are expected to enroll in the new program in the year ahead." (Comment on this)
10:24p	How conference organizers can create better attendee experiences (Opensource.com) Over at Opensource.com, VM (Vicky) Brasseur and Josh Berkus give advice to conference organizers on how they can improve their conferences for attendees. There are ten different areas they address, including "Clear communications", "Have a Code of Conduct (and train staff on what that means)", "Fix your darn badges", and "Working Wi-Fi (here be dragons)". "When asked, attendees have a lot of strong opinions on the subject of conference badges, and the majority of those opinions are not positive. Badges serve multiple purposes, but the single most important one is allowing attendees to identify each other. Yet, despite that, few conference badges do a good job of performing this one deceptively simple duty." (Comment on this)

<< Previous Day

2016/01/14 [Calendar]

Next Day >>