LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Thursday, September 8th, 2016

    Time Event
    4:57a
    [$] An asynchronous Internet in GNOME

    At GUADEC 2016 in Karlsruhe, Germany, Jonathan Blandford challenged the GNOME project to rethink how its desktop software uses network access. The GNOME desktop assumes Internet connectivity is always available, which has the side effect of making the software stack considerably less useful and, indeed, usable to people who live in those places regarded as the developing world.

    9:00a
    [$] What's next for Apache OpenOffice
    Concerns about the viability of the Apache OpenOffice (AOO) project are not
    new; they had been in the air for a while by the time LWN looked at the project's development activity
    in early 2015. Since then, though, the worries have grown more pronounced,
    especially after AOO's recent failure to produce a release with an important
    security fix nearly one year after being notified of the vulnerability.
    The result is an
    internal discussion on whether the project should be "retired," or whether
    it will find a way to turn its fortunes around.
    5:54p
    Thursday's security advisories

    Debian-LTS has updated icu (code execution) and roundcube (three vulnerabilities, one each from 2015 and 2014).

    openSUSE has updated libsrtp (42.1: denial of service from 2015), libstorage (42.1: password disclosure), and libtcnative-1-0 (42.1: cipher downgrade from 2015).

    Red Hat has updated Kibana (RHOS3: two vulnerabilities).

    Scientific Linux has updated thunderbird (multiple vulnerabilities).

    SUSE has updated java-1_7_1-ibm (SLE11: three unspecified vulnerabilities).

    5:59p
    A bite of Python (Red Hat Security Blog)
    On the Red Hat Security Blog, Ilya Etingof describes some traps for the unwary in Python, some that have security implications. "Being easy to pick up and progress quickly towards developing larger and more complicated applications, Python is becoming increasingly ubiquitous in computing environments. Though apparent language clarity and friendliness could lull the vigilance of software engineers and system administrators -- luring them into coding mistakes that may have serious security implications. In this article, which primarily targets people who are new to Python, a handful of security-related quirks are looked at; experienced developers may well be aware of the peculiarities that follow."
    (Thanks to Paul Wise.)

    << Previous Day 2016/09/08
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org