LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Tuesday, January 31st, 2017

    Time Event
    3:29p
    [$] Counting beans—and more—with Beancount

    It is normally the grumpy editor's job to look at accounting software; he does so with an eye toward getting the business off of the proprietary QuickBooks application and moving to something free. It may be that Beancount deserves a look of that nature before too long but, in the meantime, a slightly less grumpy editor has been messing with this text-based accounting tool for a variety of much smaller projects. It is an interesting system, with a lot of capabilities, but its reliance on hand-rolling for various pieces may scare some folks off.

    5:46p
    Security updates for Tuesday

    Debian has updated chromium-browser (multiple vulnerabilities).

    Debian-LTS has updated libarchive (denial of service), ruby-archive-tar-minitar (file overwrites), and tcpdump (multiple vulnerabilities).

    Fedora has updated flatpak (F24: sandbox escape), irssi (F25; F24: multiple vulnerabilities), kernel (F25; F24: multiple vulnerabilities), and python-crypto (F25; F24: denial of service).

    Gentoo has updated ansible (code execution) and harfbuzz (multiple vulnerabilities).

    openSUSE has updated lcms2 (42.1: heap memory leak) and virtualbox (42.1: multiple vulnerabilities).

    Red Hat has updated kernel (RHEL7.2: two vulnerabilities), kernel (RHEL6.6; RHEL6.2 (code execution), and nagios (RHELOSP7 for RHEL7; RHELOSP6 for RHEL7; RHELOSP5 for RHEL6; RHELOSP5 for RHEL7: multiple vulnerabilities).

    SUSE has updated kernel (SLE11-SP2: multiple vulnerabilities).

    8:53p
    Time To Upgrade Your Python: TLS v1.2 Will Soon Be Mandatory
    The Python Software Foundation has announced
    that python.org and related sites will begin disabling the old TLS versions
    1.0 and 1.1. "This change was imposed on us by our content delivery
    network, Fastly, in response to a change imposed on them by the Payment Card Industry Security Standards Council. In order to continue serving websites that take credit card payments, Fastly is required to disable the old, insecure versions of TLS. Since the PSF's servers, including PyPI, use Fastly, the old versions of TLS will be disabled as well.    "
    9:21p
    Open-Sourcing Google Earth Enterprise
    Google has announced
    that Google Earth Enterprise (GEE) will be published on GitHub under the
    Apache2 license in March. GEE is an enterprise product that allows
    developers to build and host their own private maps and 3D globes. This
    release includes GEE Fusion, GEE Server, and GEE Portable Server source
    code. "Feedback is important to us and we’ve heard from our
    customers that GEE remains in-use in mission-critical applications. Many
    customers have not transitioned to other technologies. Open-sourcing GEE
    allows our customer community to continue to improve and evolve the project
    in perpetuity. Note that the Google Earth Enterprise Client, Google Maps
    JavaScript® API V3 and Google Earth API will not be open sourced. The
    Enterprise Client will continue to be made available and updated. However,
    since GEE Fusion and GEE Server are being open-sourced, the imagery and
    terrain quadtree implementations used in these products will allow
    third-party developers to build viewers that can consume GEE Server
    Databases.    " (Thanks to Paul Wise)

    << Previous Day 2017/01/31
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org