Wednesday, October 14th, 2020

Time	Event
1:50p	Krita 4.4.0 released Version 4.4.0 of the Krita painting application has been released. "With a whole slew of new fill layer types, including the really versatile SeExpr based scriptable fill layer type, exciting new options for Krita’s brushes like the gradient map mode for brushes, lightness and gradient modes for brush textures, support for dynamic use of colors in gradients, webm export for animations, new scripting features — and of course, hundreds of bug fixes that make this version of Krita better than ever." See the release notes for details. (Comment on this)
2:55p	Security updates for Wednesday Security updates have been issued by Debian (jackson-databind and tomcat8), Fedora (dovecot), Oracle (firefox, spice and spice-gtk, and thunderbird), Red Hat (flash-plugin), SUSE (ansible, crowbar-core, crowbar-openstack, grafana, grafana-natel-discrete-panel, openstack-aodh, openstack-barbican, openstack-cinder, openstack-gnocchi, openstack-heat, openstack-ironic, openstack-magnum, openstack-manila, openstack-monasca-agent, openstack-murano, openstack-neutron, openstack-neutron-vpnaas, openstack-nova, openstack-sahara, python-Pillow, rubygem-crowbar-client, bind, crmsh, kernel, libproxy, php74, rubygem-activesupport-5_1, and tigervnc), and Ubuntu (dom4j, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-hwe-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux, linux-aws, linux-aws-hwe, linux-azure, linux-azure-4.15, linux-gcp, linux-gcp-4.15, linux-gke-4.15, linux-hwe, linux-kvm, linux-oem, linux-oracle, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-kvm, linux-lts-xenial, linux-raspi2, linux-snapdragon, linux, linux-lts-trusty, and linux-hwe, linux-gke-5.0, linux-gke-5.3, linux-oem-osp1, linux-raspi2-5.3). (Comment on this)
3:05p	A set of stable kernels Stable kernels 5.8.15, 5.4.71, 4.19.151, 4.14.201, 4.9.239, and 4.4.239 have been released. They all contain important fixes and users should upgrade. (Comment on this)
5:00p	BleedingTooth: critical kernel Bluetooth vulnerability Several flaws in the BlueZ kernel Bluetooth stack prior to Linux 5.9 are being reported by Intel and by Google (GHSA-h637-c88j-47wq, GHSA-7mh3-gq28-gfrq, and GHSA-ccx2-w2r4-x649). They are collectively being called "BleedingTooth", and more information will be forthcoming, though there is already a YouTube video demonstrating remote code execution using BleedingTooth. (Comment on this)
7:05p	[$] A PHP syntax for discardable assignments Recently, John Bafford revived a years-long conversation on expanding the syntax of the PHP foreach statement to include iterating solely over keys. Bafford, who wrote a patch and request for comments (RFC) on the matter back in 2016, hopes to update his work and convince the community to adopt the abbreviated syntax in PHP 8.1. The community took Bafford's general idea and expanded it into other areas of the language. (Comment on this)
9:31p	[$] Further analysis of PyPI typosquatting We have looked at the problem of confusingly named packages in repositories such as the Python Package Index (PyPI) before. In general, malicious actors create these packages with names that can be mistaken for those of legitimate packages in the repository in a form of "typosquatting". Since our 2016 article, the problem has not gone away—no surprise—but there has been some recent analysis of it, as well as some efforts to combat it. (Comment on this)

<< Previous Day

2020/10/14 [Calendar]

Next Day >>