Thursday, December 15th, 2016

Time	Event
1:55a	[$] LWN.net Weekly Edition for December 15, 2016 The LWN.net Weekly Edition for December 15, 2016 is available. (Comment on this)
5:10p	Security advisories for Thursday Debian has updated game-music-emu (code execution). Fedora has updated tomcat (F25; F24; F23: three vulnerabilities). openSUSE has updated flash-player (13.2: multiple vulnerabilities), gstreamer-plugins-bad (42.1, 13.2: two code execution flaws), and python-Twisted (42.1: HTTP proxy redirect). Oracle has updated firefox (OL7; OL6; OL5: multiple vulnerabilities). Scientific Linux has updated 389-ds-base (SL7: three vulnerabilities), bind (SL7: denial of service), curl (SL7: three vulnerabilities), dhcp (SL7: denial of service), expat (SL7&6: code execution), firefox (multiple vulnerabilities), firefox (code execution), firewalld (SL7: authentication bypass), fontconfig (SL7: privilege escalation), gimp (SL7: code execution), glibc (SL7: code execution), ipsilon (SL7: information leak/denial of service), kernel (SL7: multiple vulnerabilities, some from 2015, one from 2013), krb5 (SL7: two vulnerabilities), libguestfs and virt-p2v (SL7: information leak from 2015), libreoffice (SL7: two vulnerabilities), libreswan (SL7: denial of service), libvirt (SL7: three vulnerabilities, two from 2015), mariadb (SL7: multiple vulnerabilities), memcached (SL7: three vulnerabilities), mod_nss (SL7: encryption botch), nettle (SL7: multiple vulnerabilities, three from 2015), NetworkManager (SL7: information leak), ntp (SL7: multiple vulnerabilities from 2014 and 2015), openafs (information leak), openssh (SL7: privilege escalation from 2015), pacemaker (SL7: denial of service), pacemaker (SL7: privilege escalation), pcs (SL7: two vulnerabilities), php (SL7: multiple vulnerabilities), poppler (SL7: code execution from 2015), postgresql (SL7: two vulnerabilities), python (SL7: code execution), qemu-kvm (SL7: two vulnerabilities), resteasy-base (SL7: code execution), squid (SL7: multiple vulnerabilities), sudo (SL7&6: two vulnerabilities), sudo (SL7: information disclosure), systemd (SL7: denial of service), thunderbird (code execution), thunderbird (code execution), tomcat (SL7: multiple vulnerabilities, one from 2015), util-linux (SL7: denial of service), and wget (SL7: code execution). SUSE has updated xen (SLE12: multiple vulnerabilities). Ubuntu has updated apport (three vulnerabilities). (Comment on this)
6:10p	Stable kernels 4.8.15 and 4.4.39 The 4.8.15 and 4.4.39 stable kernels have been released. As always, users of those series should upgrade. (Comment on this)
9:23p	Pythonic code review (Red Hat Security Blog) Over at the Red Hat Security Blog, Ilya Etingof writes about code reviews, in general, along with some specific thoughts on Pythonic versus non-Pythonic idioms in code. "People coming from Java tend to turn everything into a class. That's probably because Java heavily enforces the OOP paradigm. Python programmers enjoy a freedom of picking a programming model that is best suited for the task. The choice of object-based implementations look reasonable to me when there is a clear abstraction for the task being solved. Statefulness and duck-typed objects are another strong reason for going the OOP way. If the author's priority is to keep related functions together, pushing them to a class is an option to consider. Such classes may never need instantiation, though. Free-standing functions are easy to grasp, concise and light. When a function does not cause side-effects, it's also good for functional programming." (Comment on this)

<< Previous Day

2016/12/15 [Calendar]

Next Day >>