Tuesday, September 3rd, 2019

Time	Event
2:39p	Security updates for Tuesday Security updates have been issued by Debian (qemu), Fedora (ansible and wavpack), openSUSE (apache-commons-beanutils, apache2, go1.12, httpie, libreoffice, qemu, and slurm), Oracle (ghostscript), Scientific Linux (ghostscript), SUSE (ardana-ansible, ardana-barbican, ardana-cinder, ardana-cluster, ardana-cobbler, ardana-db, ardana-designate, ardana-extensions-nsx, ardana-glance, ardana-heat, ardana-horizon, ardana-input-model, ardana-installer-ui, ardana-ironic, ardana-keystone, ardana-logging, ardana-magnum, ardana-monasca, ardana-mq, ardana-neutron, ardana-nova, ardana-octavia, ardana-opsconsole, ardana-opsconsole-ui, ardana-osconfig, ardana-service, ardana-ses, ardana-swift, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, crowbar-ui, java-monasca-common, java-monasca-common-kit, openstack-ceilometer, openstack-cinder, openstack-designate, openstack-heat, openstack-horizon-plugin-neutron-fwaas-ui, openstack-horizon-plugin-neutron-lbaas-ui, openstack-horizon-plugin-neutron-vpnaas-ui, openstack-ironic, openstack-ironic-python-agent, openstack-keystone, openstack-magnum, openstack-manila, openstack-monasca-notification, openstack-monasca-persister, openstack -monasca-persister-java, openstack-monasca-persister-java-kit, openstack-neutron, openstack-neutron-gbp, openstack-neutron-lbaas, openstack-nova, openstack-octavia, openstack-tempest, python-ardana-configurationprocessor, python-cinder-tempest-plugin, python-ironicclient, python-keystonemiddleware, python-monasca-tempest-plugin, python-openstackclient, python-openstacksdk, python-proliantutils, python-python-engineio, python-swiftlm, python-vmware-nsx, python-vmware-nsxlib, yast2-crowbar, pacemaker, and php72), and Ubuntu (linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-aws, linux-oracle, linux-raspi2, linux-raspi2, linux-snapdragon, and policykit-1). (Comment on this)
2:55p	Firefox 69.0 released Firefox 69.0 has been released. This release enables on-by-default Enhanced Tracking Protection for all users and gives more control over blocking playback of videos which start playing automatically. See the release notes for details. (Comment on this)
6:29p	Android 10 released Google has announced the release of Android 10, the free parts of which are available from the Android Open Source Project now. "Privacy is a central focus in Android 10, from stronger protections in the platform to new features designed with privacy in mind. Building on previous releases, Android 10 includes extensive changes to protect privacy and give users control, with improved system UI, stricter permissions, and restrictions on what data apps can use." (Comment on this)
6:41p	[$] CHAOSS project bringing order to open-source metrics Providing meaningful metrics for open-source projects has long been a challenge, as simply measuring downloads, commits, or GitHub stars typically doesn't say much about the health or diversity of a project. It's a challenge the Linux Foundation's Community Health Analytics Open Source Software (CHAOSS) project is looking to help solve. At the 2019 Open Source Summit North America (OSSNA), Sean Goggins, one of the founding members of CHAOSS, outlined what the group is currently doing and why its initial efforts didn't work out as expected. (Comment on this)
9:52p	grsecurity: Teardown of a Failed Linux LTS Spectre Fix This grsecurity blog entry looks at how an ineffective Spectre fix found its way into the stable kernel releases. If one looks past the advertising, it's a good summary of how the kernel processes can produce the wrong result. "Despite this warning, this code was merged into Thomas Gleixner's x86/tip tree verbatim, as can be seen here. Prior to merging the fix for 5.3-rc1, Linus Torvalds noticed the warning as seen on the LKML mailing list here and fixed it correctly. However, when the actual merge of the tree was performed, no mention was made of the correction to the fix, and with no specific commit mentioning the correction and fixing it alone, everyone else's processes that depended on cherry-picking specific commits ended up grabbing the bad warning-inducing change. As a further failure, instead of looking at Linus' correct fix (observable by checking out the master tree at the time), the approach seems to have been to naively silence the warning by simply swapping the order of the two lines." (Comment on this)

<< Previous Day

2019/09/03 [Calendar]

Next Day >>