Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 23 perc 27 másodperc
For better or for worse, forks are a part of the free software landscape. Often a fork will result in a reinvigorated development community and the removal of unneeded roadblocks. But not all forks work out well. What is a distributor to do if, at some point, it concludes that it chose wrongly when it followed a fork of an important project? Going back to the original may not always be an easy thing to do, even if there appears to be a consensus for that move. The presence of security concerns can make such a change even harder to contemplate. The recent discussion on welcoming ffmpeg back into Debian illustrates the potential hazards nicely.
CentOS has updated yum-updatesd (C5: bypass RPM package signing restriction).
Debian has updated icedove (multiple vulnerabilities).
Red Hat has updated yum-updatesd (RHEL5: bypass RPM package signing restriction).
Scientific Linux has updated yum-updatesd (SL5: bypass RPM package signing restriction).
SUSE has updated openjdk (SLED11 SP3: multiple vulnerabilities).
Ubuntu has updated eglibc (multiple vulnerabilities).
CyanogenMod 11.0 M9 has been released. "This release marks the first ever (non-nightly) release for the Xperia Z2 ‘sirius’, Xperia Z2 Tablets ‘castor’ and the HTC One ‘m8′ – kudos to their maintainers and all the other maintainers that bring you these releases every month!"
Debian has updated lzo2 (code execution).
Gentoo has updated ZendFramework (SQL injection).
Mageia has updated gcc (code execution).
SUSE has updated firefox (multiple vulnerabilities).
Ubuntu has updated samba (14.04 LTS: remote code execution/privilege escalation).
Mozilla has just disclosed a problem with its Mozilla Developer Network database sanitization system. "The issue came to light ten days ago when one of our web developers discovered that, starting on about June 23, for a period of 30 days, a data sanitization process of the Mozilla Developer Network (MDN) site database had been failing, resulting in the accidental disclosure of MDN email addresses of about 76,000 users and encrypted passwords of about 4,000 users on a publicly accessible server."
Linus has released the 3.16 kernel, right on schedule. This release includes the unified control group hierarchy work, many improvements to the multiqueue block layer, and, as always, lots of new drivers and internal improvements.
The XBMC media center will be renamed Kodi. "Six years have passed since the Xbox Media Center became XBMC, and simply put, “XBMC” fits less now than it did even in 2008. The software only barely runs on the original Xbox, and then only because some clever developers are still hacking on that platform. It has never run on the Xbox 360 or Xbox One." Trademarks were another reason for name change. The project was unable to trademark XBMC, leading to issues with hacked and broken implementations of the software being sold as "XBMC". Kodi is now a registered trademark of the XBMC Foundation.
The Samba Team has put out an important-looking set of releases. "All current versions of Samba 4.x.x are vulnerable to a remote code execution vulnerability in the nmbd NetBIOS name services daemon. A malicious browser can send packets that may overwrite the heap of the target nmbd NetBIOS name services daemon. It may be possible to use this to generate a remote code execution vulnerability as the superuser (root)."
CentOS has updated kernel (C6: multiple vulnerabilities).
openSUSE has updated kernel (12.3: multiple vulnerabilities).
SUSE has updated lzo (SLES11&10: denial of service/possible code execution).
Stable kernels 3.15.8, 3.14.15, 3.10.51, and 3.4.101 have been released. All contain important fixes.
Ars Technica takes a look at an exploit that transforms keyboards, Web cams, and other types of USB-connected devices into highly programmable attack platforms. "Dubbed BadUSB, the hack reprograms embedded firmware to give USB devices new, covert capabilities. In a demonstration scheduled at next week's Black Hat security conference in Las Vegas, a USB drive, for instance, will take on the ability to act as a keyboard that surreptitiously types malicious commands into attached computers. A different drive will similarly be reprogrammed to act as a network card that causes connected computers to connect to malicious sites impersonating Google, Facebook or other trusted destinations. The presenters will demonstrate similar hacks that work against Android phones when attached to targeted computers. They say their technique will work on Web cams, keyboards, and most other types of USB-enabled devices."
Fedora has updated cups (F20: privilege escalation).
Mandriva has updated dbus (BS1.0: two denial of service flaws), file (BS1.0: denial of service), live (BS1.0: code execution), php-ZendFramework (BS1.0: SQL injection), and sendmail (BS1.0: denial of service).
openSUSE has updated apache2-mod_wsgi (13.1: off-by-one error), firefox (13.1, 12.3: multiple vulnerabilities), gpg2 (11.4: denial of service), memcached (11.4: multiple vulnerabilities), Mozilla (11.4: multiple vulnerabilities), ntp (13.1, 12.3: denial of service), php5 (13.1, 12.3: multiple vulnerabilities), ppc64-diag (13.1; 12.3: two vulnerabilities), pulseaudio (13.1, 12.3: denial of service), samba (11.4: two vulnerabilities), php5 (11.4: code execution), and xalan-j2 (11.4: information disclosure/code execution).
Red Hat has updated openstack-keystone (RHELOS3&4: privilege escalation).
The LWN.net Weekly Edition for July 31, 2014 is available.
KDE.News looks at Akademy keynote speakers Sascha Meinrath and Cornelius Schumacher. "Akademy 2014 will kick off on September 6 in Brno, Czech Republic; our keynote speakers will be opening the first two days. Continuing a tradition, the first keynote speaker is from outside the KDE community, while the second is somebody you all know. On Saturday, Sascha Meinrath will speak about the dangerous waters he sees our society sailing into, and what is being done to help us steer clear of the cliffs. Outgoing KDE e.V. Board President, Cornelius Schumacher, will open Sunday's sessions with a talk about what it is to be KDE and why it matters."
The X11 replacement protocol Wayland has been in development since 2010. Compared to X11 itself, it is still a relatively new project, but the enthusiasm with which distributions and large software projects announced their intent to support Wayland makes it at least understandable that users would ask how much longer they need to wait before Wayland is made available to them. At GUADEC 2014 in Strasbourg, France, a pair of talks presented the latest status of Wayland support in various GNOME desktop components.
Mandriva has updated apache (BS1.0: multiple vulnerabilities), java-1.7.0-openjdk (BS1.0: multiple vulnerabilities), owncloud (BS1.0: undisclosed vulnerability), and phpmyadmin (BS1.0: multiple vulnerabilities).
Oracle has updated kernel (OL6: multiple vulnerabilities).
Red Hat has updated kernel (RHEL6: multiple vulnerabilities).
Scientific Linux has updated kernel (SL6: multiple vulnerabilities).
Version 7.8 of the GDB debugger is out. New features include support for scripting in the Guile language, better Python scripting, support for debugging on little-endian PowerPC64 systems, handling of C99 variable-length arrays, and more.
The LibreOffice 4.3 release is available. New features include improved document interoperability, better comment management, "intuitive spreadsheet handling," 3D models in Impress, and more. See the release notes for details. "LibreOffice 4.3 also supports 'monster' paragraphs exceeding 65,000 characters (an example of an 11 years old bug solved thanks to the modernization of the OOo source code, which is an exclusive function of LibreOffice)."
The Electronic Frontier Foundation is probably best known for its work in the political arena. But the EFF also occasionally tries to make change happen more directly by releasing interesting technologies of its own. The organization's July 20 announcement of the Open Wireless Router project is an example of this type of initiative. Your editor has long been concerned about the state of home (and small business) router software, so it made sense to take a look. What was revealed is a project with some interesting potential — but that potential may take more resources than are currently available to realize.
The openSUSE project has announced that the "Factory" development distribution has been reworked into an independent distribution using a rolling-release model. "With a daily fresh Factory distribution making it easier for those who want to preview and test, we hope to see more users and contributors, leading to faster fixes and even higher quality. Factory is critical as it provides the base technology for openSUSE and SUSE Linux Enterprise, which is used by tens of thousands of organizations around the world."
HUP napi hírlevél
Legfrissebb HUP videók
Legfrissebb Linux játékvideók
Legfrissebb HUP képek
Legfrissebb HUP dokumentumok
Ha mostanában alsókategóriás laptopot vennék, akkor a(z) .... választanám.
TOSHIBA Satelite C50D-A-139
LENOVO IdeaPad G500 59-390509
ACER Aspire E1-532 NX.MFVEU
HP 255 G1 H6R17EA
DELL Inspiron 15 3541 14799
Csak az eredmény érdekel.
Összes szavazat: 311