[Michael] Mapbox is "running a business like you would run an open source project." Can you elaborate on what that means?

[Justin] This is the meat of my talk, but basically, the organization is flat and open. People join in on projects based on interest and available time, or start their own projects based on an idea and the ability to convince a couple coworkers that it's a worthwhile effort. If you have an idea for improvement, talk is cheap and putting in the code to demonstrate its potential is preferred. It's a very exciting way to choose direction and participation and lets everyone engage based on their interests and skill set. And nearly everything we write, anything that's easily reusable by someone else, is completely open source.

Fedora has updated claws-mail (F20: code execution), claws-mail-plugins (F20: code execution), docker-io (F20; F19: privilege escalation), openstack-nova (F20: privilege escalation), and pnp4nagios (F20; F19: cross-site scripting).

openSUSE has updated python (13.1, 12.3: missing boundary check).

Slackware has updated php (multiple vulnerabilities).

OpenBSD Journal is reporting that the first release of LibreSSL Portable is available for download from OpenBSD project servers. LibreSSL is the OpenSSL fork started in April by members of the OpenBSD development community after the "Heartbleed" vulnerability; the "Portable" version is designed to run on operating systems other than OpenBSD itself, including Linux. The announcement calls this release "an initial release to allow the community to start using and providing feedback;" it is tagged as version 2.0.0.

Debian has updated eglibc (privilege escalation), libav (code execution), and libxml2 (denial of service).

Fedora has updated ansible (F19; F20: unspecified vulnerability) and kernel (F20: multiple vulnerabilities).

Mandriva has updated apache-mod_wsgi (BS1: multiple vulnerabilities), asterisk (BS1: multiple vulnerabilities), and samba (BS1: multiple vulnerabilities).

CentOS has updated lzo (C7: denial of service/possible code execution), samba (C7: three vulnerabilities), samba, samba3x (C6; C5: two vulnerabilities), and tomcat6 (C6: multiple vulnerabilities).

Debian has updated phpmyadmin (multiple vulnerabilities).

Mageia has updated flash-player-plugin (multiple vulnerabilities).

Mandriva has updated gd (BS1.0: denial of service), liblzo (BS1.0: denial of service/possible code execution), and python (BS1.0: information leak).

Oracle has updated samba, samba3x (OL6; OL5: two vulnerabilities) and tomcat6 (OL6: multiple vulnerabilities).

Red Hat has updated flash-plugin (RHEL5&6: multiple vulnerabilities), lzo (RHEL6&7: denial of service/possible code execution), samba (RHEL7: three vulnerabilities), samba, samba3x (RHEL5&6: two vulnerabilities), and tomcat6 (RHEL6: multiple vulnerabilities).

Scientific Linux has updated lzo (SL6: denial of service/possible code execution), samba and samba3x (SL5&6: two vulnerabilities), and tomcat6 (SL6: multiple vulnerabilities).

Ubuntu has updated php5 (multiple vulnerabilities).

Filesystem notification APIs provide a mechanism by which applications can be informed when events happen within a filesystem—for example, when a file is opened, modified, deleted, or renamed. Over time, Linux has acquired three different filesystem notification APIs, and it is instructive to look at them to understand what the differences between the APIs are. It's also worthwhile to consider what lessons have been learned during the design of the APIs—and what lessons remain to be learned.

The first part of guest author Michael Kerrisk's series on filesystem notification in Linux is now available for subscribers.

CentOS has updated lzo (C6: code execution).

Debian has updated php5 (multiple vulnerabilities).

Fedora has updated owncloud (F20: undisclosed vulnerability), python-django-evolution (F20; F19: incompatible versions), ReviewBoard (F20; F19: incompatible versions), and samba (F19: multiple vulnerabilities).

Gentoo has updated adobe-flash (multiple vulnerabilities).

Mageia has updated dpkg (multiple vulnerabilities), freerdp (two vulnerabilities), gd (denial of service), liblzo (code execution), php (MG4; MG3: multiple vulnerabilities), python (two vulnerabilities), and python-simplejson (missing boundary check).

Mandriva has updated ffmpeg (BS1.0: multiple vulnerabilities), file (BS1.0: multiple vulnerabilities), gnupg (BS1.0: denial of service), iodine (BS1.0: authentication bypass), libxfont (BS1.0: multiple vulnerabilities), php (BS1.0: multiple vulnerabilities), and phpmyadmin (BS1.0: multiple cross-site scripting vulnerabilities).

openSUSE has updated kernel (11.4: privilege escalation).

Oracle has updated lzo (OL6: code execution).

Red Hat has updated cumin (MRG for RHEL6; MRG for RHEL5: two vulnerabilities).

Ubuntu has updated dbus (14.04, 13.10, 12.04: multiple denial of service flaws).

Debian has updated vlc (code execution).

Fedora has updated cacti (F19; F20: cross-site scripting), dbus (F20: denial of service), openstack-ceilometer (F20: information leak), php (F19: multiple vulnerabilities), and python-pycadf (F20: information leak).

SUSE has updated PHP5 (SLE11SP1: multiple vulnerabilities).

Debian has updated kernel (privilege escalation).

Fedora has updated file (F20: multiple vulnerabilities), kdelibs (F19: information disclosure), and mediawiki (F19; F20: prevent external resources in SVG files).

Mageia has updated ffmpeg (MG4; MG3: multiple vulnerabilities), file (multiple vulnerabilities), libxfont (multiple vulnerabilities), and samba (multiple vulnerabilities).

openSUSE has updated dbus-1 (11.4: denial of service).

SUSE has updated PHP5 (SLES10: multiple vulnerabilities) and xalan-j2 (SLE11SP3: information disclosure/code execution).

Ubuntu has updated EC2 kernel (10.04: privilege escalation), kernel (10.04; 12.04; 14.04: privilege escalation), linux-lts-quantal (12.04: privilege escalation), linux-lts-raring (12.04: privilege escalation), linux-lts-saucy (12.04: privilege escalation), and linux-lts-trusty (12.04: privilege escalation).