LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Monday, January 2nd, 2017

    Time Event
    1:36p
    Kernel prepatch 4.10-rc2
    The second 4.10 kernel prepatch is out for
    testing. "Hey, it's been a really slow week between Christmas Day and New Years
    Day, and I am not complaining at all.

    It does mean that rc2 is ridiculously and unrealistically small. I
    almost decided to skip rc2 entirely, but a small little meaningless
    release every once in a while never hurt anybody. So here it is.    "
    1:58p
    7 notable legal developments in open source in 2016 (opensource.com)
    Richard Fontana reviews
    legal development in 2016     on opensource.com.
    "The Federal Source Code Policy is notable for placing emphasis on
    adhering to proper standards for open development as well as open source
    licensing. Agencies releasing open source code are directed to do so in a
    manner that encourages engagement with existing communities, fosters growth
    of new communities, and facilitates contribution both by the community to
    the federal code and by federal employees and contractors to upstream
    projects.    "
    7:38p
    Security advisories for Monday

    Arch Linux has updated curl (two vulnerabilities) and libwmf (multiple vulnerabilities).

    Debian has updated libgd2 (denial of service) and libphp-phpmailer (code execution).

    Debian-LTS has updated hdf5 (multiple vulnerabilities), hplip (man-in-the-middle attack from 2015), kernel (multiple vulnerabilities), libphp-phpmailer (code execution), pgpdump (denial of service), postgresql-common (file overwrites), python-crypto (denial of service), and shutter (code execution from 2015).

    Fedora has updated curl (F24: buffer overflow), cxf (F25: two vulnerabilities), game-music-emu (F24: multiple vulnerabilities), libbsd (F25; F24: denial of service), libpng (F25: NULL dereference bug), mingw-openjpeg2 (F25; F24: multiple vulnerabilities), openjpeg2 (F24: two vulnerabilities), php-zendframework-zend-mail (F25; F24: parameter injection), springframework (F25: directory traversal), tor (F25; F24: denial of service), xen (F24: three vulnerabilities), and zookeeper (F25; F24: buffer overflow).

    Gentoo has updated bash (code execution), busybox (denial of service), chicken (multiple vulnerabilities going back to 2013), cyassl (multiple vulnerabilities from 2014), e2fsprogs (code execution from 2015), hdf5 (multiple vulnerabilities), icinga (privilege escalation), libarchive (multiple vulnerabilities, some from 2015), libjpeg-turbo (code execution), libotr (code execution), lzo (code execution from 2014), mariadb (multiple unspecified vulnerabilities), memcached (code execution), musl (code execution), mutt (denial of service from 2014), openfire (multiple vulnerabilities from 2015), openvswitch (code execution), pillow (multiple vulnerabilities, two from 2014), w3m (multiple vulnerabilities), xdg-utils (command execution from 2014), and xen (multiple vulnerabilities).

    Mageia has updated mcabber (roster push attack) and tracker (denial of service).

    openSUSE has updated firefox (13.1: multiple vulnerabilities), gd (42.2, 42.1: stack overflow), GNU Health (42.2: two vulnerabilities), roundcubemail (13.1: cross-site scripting), kernel (42.1: information leak), thunderbird (42.2, 42.1, 13.2; SPH for SLE12: multiple vulnerabilities), and xen (42.2; 42.1; 13.2: multiple vulnerabilities).

    Red Hat has updated ipa (RHEL7: two vulnerabilities) and rh-nodejs4-nodejs and rh-nodejs4-http-parser (RHSCL: multiple vulnerabilities).

    Slackware has updated libpng (NULL dereference bug), thunderbird (code execution), and seamonkey (multiple vulnerabilities).

    SUSE has updated gstreamer-plugins-good (SLE12-SP2: multiple vulnerabilities) and kernel (SLERTE12-SP1: multiple vulnerabilities).

    8:17p
    Eulogy for Pieter Hintjens
    Pieter Hintjens passed
    away     last October. "Pieter was known mostly for founding the ZeroMQ project but he was also an ambitious
    fighter for the open source philosophy, an active opponent to software
    patents and an inspiring and keen thinker on open systems of all
    kind.    " (Thanks to Viktor Horvath)
    11:19p
    Ringing in 2017 with 90 hacker-friendly single board computers (HackerBoards)
    HackerBoards.com takes
    a look     at hacker-friendly single board computers. "Community backed, open spec single board computers running Linux and Android sit at the intersection between the commercial embedded market and the open source maker community. Hacker boards also play a key role in developing the Internet of Things devices that will increasingly dominate our technology economy in the coming years, from home automation devices to industrial equipment to drones.

    This year, we identified 90 boards that fit our relatively loose requirements for community-backed, open spec SBCs running Linux and/or Android.    "

    << Previous Day 2017/01/02
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org