LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Tuesday, May 10th, 2016

    Time Event
    4:25p
    Security updates for Tuesday

    CentOS has updated ImageMagick (C7; C6: multiple vulnerabilities), java-1.6.0-openjdk (C7; C6; C5: multiple vulnerabilities), and qemu-kvm (C7: code execution).

    Debian has updated qemu (two vulnerabilities) and websvn (cross-site scripting).

    Debian-LTS has updated ikiwiki (cross-site scripting), libav (code execution), and websvn (cross-site scripting).

    Oracle has updated ImageMagick (OL7; OL6: multiple vulnerabilities), java-1.6.0-openjdk (OL7; OL6; OL5: multiple vulnerabilities), and qemu-kvm (OL7: code execution).

    Red Hat has updated ImageMagick (RHEL6,7: multiple vulnerabilities), openssl (RHEL6: multiple vulnerabilities), qemu-kvm (RHEL7; RHEL6: code execution), and qemu-kvm-rhev (RHOSP8; RHELOSP7 for RHEL7; RHELOSP6 for RHEL7; RHELOSP5 for RHEL7: code execution).

    Scientific Linux has updated ImageMagick (SL6,7: multiple vulnerabilities) and qemu-kvm (SL7: code execution).

    Ubuntu has updated kernel (15.10; 14.04; 12.04: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), linux-lts-utopic (14.04: multiple vulnerabilities), linux-lts-vivid (14.04: multiple vulnerabilities), linux-lts-wily (14.04: multiple vulnerabilities), linux-raspi2 (15.10: multiple vulnerabilities), linux-ti-omap4 (12.04: multiple vulnerabilities), and openssh (15.10, 14.04, 12.04: multiple vulnerabilities).

    8:00p
    Ubuntu 16.04 proves even an LTS release can live at Linux’s bleeding edge (Ars Technica)
    Ars Technica likes
    Ubuntu's latest release    , and thinks it may be the best release
    Canonical has presented to date. Snap packaging is part of that appeal,
    but Snaps have competition. "While something like Snap packages have the potential to completely change the way distros work, it remains to be seen if Snap specifically will be what ends up reaching critical mass. It's certainly possible that Snap may prove popular enough to warrant other distros incorporating it, but it's also possible that there may end up being more than one way to handle self-contained packages. Looking at Canonical's track record does not inspire confidence. Upstart gave way to systemd, the software center gave way to GNOME Software, and even simple things like scrollbars get abandoned for upstream solutions. How Snap packages end up over the long term will be fascinating for Ubuntu users to watch, but even in the worst-case scenario, fans shouldn't have anything to worry about. If one day Ubuntu does abandon Snap in favor of another system, all the changes will likely be behind the scenes.

    In the shorter term, Snap packages should be a boon to Ubuntu, allowing users to stick with a stable base system while still leaving them free to try just-released software packages without fear of wrecking the system.    "
    9:21p
    65% of companies are contributing to open source projects (Opensource.com)
    The Future of Open Source Survey aims to examine trends in open source.
    It's hosted by Black Duck and North Bridge. Opensource.com looks
    at the results    . "The 2016
    Future of Open Source Survey     analyzed responses from nearly 3,400 professionals. Developers made their voices heard in the survey this year, comprising roughly 70% of the participants. The group that showed exponential growth were security professionals, whose participation increased by over 450%. Their participation shows the increasing interest in ensuring that the open source community pays attention to security issues in open source software and securing new technologies as they emerge.    "
    10:30p
    BitKeeper's open source release
    BitKeeper, the inspiration behind
    Git and Mercurial, has been released under the Apache 2.0 License.
    Larry McVoy is answering
    questions     on Hacker News, posting as 'luckydude'. In one comment he
    says:
    "Git/Github has all the market share. Trying to compete with that
    just proved to be too hard. So rather than wait until we were about to turn
    out the lights, we decided to open source it while we still had money in
    the bank and see what happens. We've got about 2 years of money and we're
    trying to build up some additional stuff that we can charge for. We're also
    open to being doing work for pay to add whatever it is that some company
    wants to BK, that's more or less what we've been doing for the last 18
    years. Will it work? No idea. We have a couple of years to find out. If
    nothing pans out, open sourcing it seemed like a better answer than selling
    it off.    " (Thanks to Josh Triplett)

    << Previous Day 2016/05/10
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org