Monday, March 2nd, 2020

Time	Event
1:20p	Kernel prepatch 5.6-rc4 The 5.6-rc4 kernel prepatch has been released. "Fairly reasonably sized rc4, and the diffstat looks nice and flat too (which basically means 'lots of small changes') except for a netfilter ipset fix that ended up being somewhat big and involved due to locking changes." (Comment on this)
4:58p	Security updates for Monday Security updates have been issued by Arch Linux (chromium and webkit2gtk), Debian (collabtive, dojo, firebird2.5, gst-plugins-base0.10, libapache2-mod-auth-openidc, openjdk-7, php5, python-bleach, and rrdtool), Fedora (kernel, kernel-headers, kernel-tools, mingw-openjpeg2, and openjpeg2), Mageia (hiredis, kernel, rsync, wireshark, and zsh), openSUSE (cacti, cacti-spine, libexif, proftpd, python-azure-agent, python3, and webkit2gtk3), Oracle (ppp), SUSE (permissions), and Ubuntu (libarchive). (Comment on this)
10:49p	[$] Attestation for kernel patches The kernel development process is based on trust at many levels — trust in developers, but also in the infrastructure that supports the community. In some cases, that trust may not be entirely deserved; most of us have long since learned not to trust much of anything that shows up in email, for example, but developers still generally trust that emailed patches will be what they appear to be. In his ongoing effort to bring more security to kernel development, Konstantin Ryabitsev has proposed a patch attestation scheme that could help subsystem maintainers verify the provenance of the patches showing up in their mailboxes. (Comment on this)

<< Previous Day

2020/03/02 [Calendar]

Next Day >>