Linux

Friday's security updates

Linux Weekly News - p, 2014-10-17 18:09

CentOS has updated openssl (C5: protocol downgrade) and openssl (C6, C7: multiple vulnerabilities).

Debian has updated openssl (multiple vulnerabilities).

Fedora has updated firefox (F20: multiple vulnerabilities), java-1.7.0-openjdk (F20: multiple vulnerabilities), java-1.8.0-openjdk (F20: multiple vulnerabilities), kernel (F20: multiple vulnerabilities), php-ZendFramework (F19; F20: multiple vulnerabilities), and thunderbird (F20: multiple vulnerabilities).

Oracle has updated cups (O6: multiple vulnerabilities), file (O6: multiple vulnerabilities), firefox (O5; O6: multiple vulnerabilities), glibc (O6: multiple vulnerabilities), java-1.6.0-openjdk (O6: multiple vulnerabilities), java-1.7.0-openjdk (O6: multiple vulnerabilities), krb5 (O6: multiple vulnerabilities), libxml2 (O7: denial of service), openssh (O6: multiple vulnerabilities), openssl (O5; O6; O7: multiple vulnerabilities), thunderbird (O6: multiple vulnerabilities), and trousers (O6: denial of service).

Red Hat has updated java-1.6.0-sun (multiple vulnerabilities), java-1.7.0-oracle (multiple vulnerabilities), libxml2 (RHEL6,7: denial of service), openssl (RHEL5: protocol downgrade), openssl (RHEL6,7: multiple vulnerabilities), and rsyslog7 (RHEL6: denial of service).

Scientific Linux has updated openssl (SL5: protocol downgrade) and openssl (SL6,7:multiple vulnerabilities ).

Ubuntu has updated openjdk-6 (10.04, 12.04: multiple vulnerabilities) and openssl (multiple vulnerabilities).

Kategóriák: Linux

The Debian init system general resolution returns

Linux Weekly News - p, 2014-10-17 07:34
Ian Jackson has resurrected the general resolution prohibiting Debian packages from depending on a single init system. This resolution failed to obtain enough seconds to proceed to a vote back in March, but this time more seconds have appeared and a vote will take place after the two-week discussion period. The initial discussion suggests that there is some support for the idea, but that not everybody appreciates seeing this resolution just before the jessie release is supposed to go into a freeze.
Kategóriák: Linux

Plasma 5.1 Brings Back Many Popular Features

LinuxToday - p, 2014-10-17 03:45
Kategóriák: Linux

Docker 1.3 released

Linux Weekly News - cs, 2014-10-16 23:47
The 1.3 release of the Docker container system is available. "First up, in this release, the Docker Engine will now automatically verify the provenance and integrity of all Official Repos using digital signatures. Official Repos are Docker images curated and optimized by the Docker community to be the best building blocks for assembling distributed applications. A valid signature provides an added level of trust by indicating that the Official Repo image has not been tampered with."
Kategóriák: Linux

GCC Undefined Behavior Sanitizer – ubsan (RH Developer Blog)

Linux Weekly News - cs, 2014-10-16 23:45
The Red Hat Developer Blog has an article about the undefined behavior sanitizer that was a part of the GCC 4.9 release. "One of the most important [checks] is the signed integer overflow checking. The practice shows that this undefined behavior is very common in real programs. Ubsan is able to check that the result of addition, subtraction, multiplication and negation does not overflow in signed arithmetic."
Kategóriák: Linux

Tor Browser 4.0 released

Linux Weekly News - cs, 2014-10-16 23:41
Version 4.0 of the Tor Browser is now available. "The primary user-facing change since the 3.6 series is the transition to Firefox 31-ESR. More importantly for censored users who were using 3.6, the 4.0 series also features the addition of three versions of the meek pluggable transport. In fact, we believe that both meek-amazon and meek-azure will work in China today, without the need to obtain bridge addresses."
Kategóriák: Linux

OpenStack Juno Brings Big Data to the Cloud

LinuxToday - cs, 2014-10-16 21:45
Kategóriák: Linux

SocketPlane Aims to Bring SDN to Docker

LinuxToday - cs, 2014-10-16 19:45
Kategóriák: Linux

Thursday's security updates

Linux Weekly News - cs, 2014-10-16 17:11

CentOS has updated thunderbird (C5: multiple vulnerabilities).

Debian has updated drupal7 (SQL injection) and wpa (code execution).

Fedora has updated php-ZendFramework2 (F21: multiple vulnerabilities) and rsyslog (F20; F21: denial of service).

Oracle has updated firefox (O7: multiple vulnerabilities), java-1.6.0-openjdk (O5: multiple vulnerabilities), and java-1.7.0-openjdk (O5; O7: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5, RHEL6: multiple vulnerabilities) and thunderbird (RHEL5, RHEL6: multiple vulnerabilities).

Slackware has updated openssl (multiple vulnerabilities).

Ubuntu has updated mysql-5.5 (12.04, 14.04: multiple vulnerabilities).

Kategóriák: Linux

Tiny $51 Tor router runs OpenWRT

LinuxToday - cs, 2014-10-16 15:45
Kategóriák: Linux