LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Tuesday, December 6th, 2016

    Time Event
    5:01p
    Tuesday's security updates

    Debian-LTS has updated monit (regression in previous update).

    Fedora has updated dpkg (F25; F24; F23: code execution), gstreamer-plugins-bad-free (F25: code execution), gstreamer1-plugins-bad-free (F24: code execution), gstreamer1-plugins-good (F24: multiple vulnerabilities), kernel (F25; F24; F23: denial of service), and thunderbird (F25: code execution).

    Gentoo has updated arj (multiple vulnerabilities) and util-linux (command injection).

    Mageia has updated firefox (code execution), thunderbird (multiple vulnerabilities), and virtualbox (multiple vulnerabilities).

    openSUSE has updated GraphicsMagick (Leap42.1; 13.2: two vulnerabilities), ImageMagick (13.2: two vulnerabilities), mariadb (Leap42.2; Leap42.1: multiple mostly unspecified vulnerabilities), firefox, thunderbird, nss (13.1: multiple vulnerabilities), tcpreplay (Leap42.2: denial of service), kernel (13.1: multiple vulnerabilities), and thunderbird (SPH for SLE12: multiple vulnerabilities).

    Oracle has updated thunderbird (OL7; OL6: code execution).

    Red Hat has updated bind (RHEL6.2, 6.4, 6.5, 6.6, 6.7: denial of service) and sudo (RHEL6,7: privilege escalation).

    SUSE has updated java-1_6_0-ibm (SLEMLS12: multiple vulnerabilities) and firefox, nss (SLE12-SP2,SP1: multiple vulnerabilities).

    Ubuntu has updated kernel (16.10; 16.04; 14.04; 12.04: code execution), linux-lts-trusty (12.04: code execution), linux-lts-xenial (14.04: code execution), linux-raspi2 (16.10; 16.04: code execution), linux-snapdragon (16.04: code execution), and linux-ti-omap4 (12.04: code execution).

    5:51p
    [$] Maintainerless Debian?
    The maintainer model is deeply ingrained into the culture of the
    free-software community; for any bit of code, there is usually a developer
    (or a small group of developers) charged with that code's maintenance.
    Good maintainers can help a project run smoothly, while poor maintainers
    can run things into the ground. What is to be done to save a project with
    the latter type of maintainer? Forking can be an option in some cases
    but, in many others, it's not a practical alternative. The Debian project
    is currently
    discussing its approach to bad maintainers — a discussion which has taken a
    surprising turn.
    9:06p
    WordPress 4.7
    WordPress 4.7 “Vaughan” has been released. This
    version includes a new default theme, adds new features to the customizer,
    comes with REST API endpoints for posts, comments, terms, users, meta, and
    settings, and more.
    "To help give you a solid base to build from, individual themes can provide starter content that appears when you go to customize your brand new site. This can range from placing a business information widget in the best location to providing a sample menu with social icon links to a static front page complete with beautiful images. Don’t worry – nothing new will appear on the live site until you’re ready to save and publish your initial theme setup."

    << Previous Day 2016/12/06
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org