Monday, April 11th, 2016

Time	Event
1:57p	Kernel prepatch 4.6-rc3 The 4.6-rc3 kernel prepatch has been released, but there does not appear to be an announcement from Linus to go with it. As he predicted, the pace of change has increased a bit; 298 changesets have been merged since -rc2, out of 491 total since the closing of the merge window. (Comment on this)
3:59p	Security advisories for Monday Arch Linux has updated flashplugin (multiple vulnerabilities). Fedora has updated fuse-encfs (F23; F22: cryptography issues), kernel (F23; F22: multiple vulnerabilities), latex2rtf (F23; F22: code execution), php (F23; F22: multiple vulnerabilities), python-pillow (F23; F22: buffer overflow), qemu (F22: multiple denial of service vulnerabilities), and xen (F23; F22: information disclosure). openSUSE has updated flash-player (13.1: code execution) and xen (13.2: multiple vulnerabilities, some from 2013). (Comment on this)
6:21p	The linux-stable security tree project Sasha Levin has announced the creation of the "linux-stable security tree" project. The idea is to take the current stable updates and filter out everything that isn't identified as a security fix. "Quite a few users of the stable trees pointed out that on complex deployments, where validation is non-trivial, there is little incentive to follow the stable tree after the product has been deployed to production. There is no interest in 'random' kernel fixes and the only requirements are to keep up with security vulnerabilities." (Comment on this)
8:57p	Moglen: How Should the Free Software Movement View the Linux Foundation? Eben Moglen opines on the role of the Linux Foundation, and on GPL enforcement in general. "LF will be as favorable to copyleft as its members are. Copyleft licensing is easy for businesses to doubt: required sharing of work that could be instead 'owned' by the capital investors seems to be mere loss in conventional calculations. I have spent most of my adult lifetime not telling businesses that copyleft was in their interest, but educating them about copyleft and others’ experience with it, in order to allow them to draw their own conclusions. Experience has taught me that this process, though uncertain and unscalable, is absolutely crucial to the attainment of the free software movement’s fundamental objectives. It is, however, all too easily destroyed by any form of overly aggressive copyleft enforcement that fully confirms businesspeople’s skepticism." (Comment on this)
11:12p	FSF: Interpreting, enforcing and changing the GNU GPL, as applied to combining Linux and ZFS Richard Stallman looks at the GPL and how it is incompatible with the CDDL (Common Development and Distribution License), which is the license used by ZFS. "Likewise, the copyright holders of ZFS (the version that is actually used) can give permission to use it under the GNU GPL, version 2 or later, in addition to any other license. This would make it possible to combine that version with Linux without violating the license of Linux. This would be the ideal resolution and we urge the copyright holders of ZFS to do so. Some copyright holders choose not to enforce their licenses in specific situations. That enables users to operate as if permission were granted. However, this does not alter the meaning of the GNU GPL, and does not cause uses that the GPL disallows to either suddenly or slowly become permitted by the GPL. Such acquiescence is not the case in regard to linking Linux and ZFS; indeed, some Linux copyright holders have said they consider this copyright infringement. We have explained above the reasons why that is so." (Comment on this)

<< Previous Day

2016/04/11 [Calendar]

Next Day >>