LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Monday, January 30th, 2017

    Time Event
    2:49p
    Kernel prepatch 4.10-rc6
    The 4.10-rc6 kernel prepatch is out for
    testing. Linus is worried that the patch activity has increased this time
    around. "It's still not all that big by historical standards, since
    4.10 has generally been pretty calm, but it's a bit distressing. I was
    hoping to do the usual 'rc7 is the last rc' release schedule for once (with
    both 4.8 and 4.9 pushing out to rc8), and I really want things to calm down
    for that to happen.    " The codename has changed again, now it's
    "Fearless Coyote".
    6:33p
    Security advisories for Monday

    Arch Linux has updated chromium (multiple vulnerabilities), firefox (multiple vulnerabilities), kernel (privilege escalation), lib32-openssl (three vulnerabilities), libimobiledevice (access restriction bypass), linux-lts (privilege escalation), linux-zen (privilege escalation), openssl (three vulnerabilities), and thunderbird (multiple vulnerabilities).

    Debian has updated lcms2 (heap memory leak), openssl (three vulnerabilities), and tcpdump (multiple vulnerabilities).

    Debian-LTS has updated bind9 (three denial of service flaws), imagemagick (multiple vulnerabilities), libgd2 (three vulnerabilities), tiff3 (invalid tiff files), and zoneminder (information leak, authentication bypass).

    Fedora has updated fedmsg (F24: insufficient signature validation), firefox (F24: multiple vulnerabilities), flatpak (F25: sandbox escape), ghostscript (F25; F24: denial of service), ikiwiki (F25; F24: three vulnerabilities), libXpm (F24: code execution), mapserver (F25; F24: code execution), and pdns (F25; F24: multiple vulnerabilities).

    Gentoo has updated a2ps (code execution from 2014), ark (code execution), chromium (multiple vulnerabilities), ffmpeg (multiple vulnerabilities), firewalld (authentication bypass), freeimage (two vulnerabilities, one from 2015), libpng (NULL dereference bug), libXpm (code execution), perl (multiple vulnerabilities, two from 2015), and squashfs-tools (two vulnerabilities from 2015).

    Mageia has updated 389-ds-base (denial of service), libvncserver (two vulnerabilities), mbedtls (two vulnerabilities), nvidia-current, ldetect-lst (three vulnerabilities), opus (code execution), pcsc-lite (privilege escalation), python-bottle (CRLF attacks), and shadow-utils (two vulnerabilities).

    openSUSE has updated gstreamer-0_10-plugins-base (42.1: code execution), gstreamer-plugins-base (42.2: code execution), and rabbitmq-server (42.2: authentication bypass).

    SUSE has updated gnutls (SLE11-SP4: multiple vulnerabilities).

    Ubuntu has updated firefox (multiple vulnerabilities) and thunderbird (multiple vulnerabilities).

    8:48p
    How to get up and running with sweet Orange Pi (Opensource.com)
    David Egts reviews the
    Orange Pi     at Opensource.com. "Compared to a $5 Raspberry Pi Zero, the Orange Pi Zero is only a few dollars more expensive, but it is much more useful out of the box because it has onboard Internet connectivity and four CPU cores instead of one. This onboard networking capability also makes the Orange Pi Zero a better gift than a Raspberry Pi Zero because the Raspberry Pi Zero needs Micro-USB-to-USB adapters and a Wi-Fi USB adapter to connect to the Internet. When giving IoT devices as gifts, you want the recipient to enjoy the product as quickly and easily as possible, instead of giving something incomplete that will just end up on a shelf."

    << Previous Day 2017/01/30
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org