Wednesday, January 23rd, 2019

Time	Event
3:59p	Security updates for Wednesday Security updates have been issued by Debian (libjpeg-turbo and systemd), Fedora (matrix-synapse, mingw-libjpeg-turbo, and mingw-libvorbis), Mageia (libcaca, libmp4v2, libxml2, pdns-recursor, perl-Email-Address, php-pear-HTML_QuickForm, podofo, and wavpack), openSUSE (webkit2gtk3), Red Hat (qemu-kvm-rhev), Scientific Linux (perl), Slackware (httpd), and Ubuntu (ntp). (Comment on this)
4:05p	Stable kernel updates Stable kernels 4.20.4, 4.19.17, 4.14.95, and 4.9.152 have been released. They all contain important fixes and users should upgrade. (Comment on this)
6:06p	Wine 4.0 released Version 4.0 of the Wine Windows compatibility layer is out. "This release represents a year of development effort and over 6,000 individual changes" New features include initial Direct3D 12 support, a Vulkan graphics driver, support for high-DPI displays (but only on Android) and more; see the release notes for details. (Comment on this)
6:15p	Justicz: Remote Code Execution in apt/apt-get Max Justicz describes a vulnerability in apt-get and how to prevent it. "I found a vulnerability in apt that allows a network man-in-the-middle (or a malicious package mirror) to execute arbitrary code as root on a machine installing any package. The bug has been fixed in the latest versions of apt. If you’re worried about being exploited during the update process, you can protect yourself by disabling HTTP redirects while you update." (Comment on this)
6:40p	[$] The RCU API, 2019 edition Read-copy update (RCU) is a synchronization mechanism that was added to the Linux kernel in October 2002. RCU is most frequently described as a replacement for reader-writer locking, but has also been used in a number of other ways. RCU is notable in that readers do not directly synchronize with updaters, which makes RCU read paths extremely fast; that also permits RCU readers to accomplish useful work even when running concurrently with updaters. Although the basic idea behind RCU has not changed in decades following its introduction into DYNIX/ptx, the API has evolved significantly over the five years since the 2014 edition of the RCU API, to say nothing of the nine years since the 2010 edition of the RCU API. (Comment on this)
7:58p	[$] A DNS flag day A flag day for DNS is coming on February 1; it may have escaped notice even though it has been planned for nearly a year. Some DNS servers will simply be marked as "dead" by much of the rest of the internet on or after that day, which means that domain owners need to ensure their DNS records will still be available after that point. A longstanding workaround for non-compliant servers will be dropped—mostly for better performance but also in support of DNS extensions, some of which can help alleviate security problems. (Comment on this)
8:06p	Cox: Our Software Dependency Problem Here is an extensive look at handling software dependencies from Russ Cox. "Dependency managers have scaled this open-source code reuse model down: now, developers can share code at the granularity of individual functions of tens of lines. This is a major technical accomplishment. There are myriad available packages, and writing code can involve such a large number of them, but the commercial, legal, and reputational support mechanisms for trusting the code have not carried over. We are trusting more code with less justification for doing so." (Comment on this)

<< Previous Day

2019/01/23 [Calendar]

Next Day >>