Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 14 perc 47 másodperc
The Apache OpenOffice blog promises that the 4.1.2 release is coming soon. "Most of the code changes for OpenOffice 4.1.2 have already been integrated. Dozens of old and new developers contributed in recent weeks. For users, improvements are expected in stability (fixes in all modules: Writer, Calc, Impress, Draw, Base), Microsoft interoperability (Sharepoint) and documents import." If "recent weeks" is taken to mean "since July 1", then six developers (0.5 dozens) 13 developers (1.08 dozens) have contributed 135 patches toward this release.
Arch Linux has updated chromium (information disclosure).
Debian has updated cyrus-sasl2 (denial of service from 2013).
Fedora has updated firefox (F22: multiple vulnerabilities), pdns (F22; F21: denial of service), rolekit (F22: information leak), xen (F22; F21: two vulnerabilities), and xpra (F22; F21: information disclosure).
SUSE has updated Xen (SLES10SP4: multiple vulnerabilities).
The 4.3-rc3 prepatch is out. "So as usual, rc3 is actually bigger than rc2 (fixes are starting to trickle in), but nothing particularly alarming stands out. Everything looks normal: the bulk is drivers (all over, but gpu and networking are the biggest parts) and architecture updates. There's also networking and filesystem updates, along with documentation."
Earlier this week, pump.io creator Evan Prodromou announced that, due to budget and time pressures, he was looking to move pump.io into a community-governed project structure. "Ideally, what I'd like to do is transfer the copyrights, domains and data to a non-profit that could collect donations to keep the servers running. Budget-wise, it's about $5K/year, including servers, domain registration, and SSL certs. It'd also be great if some of the people who have been sending in pull requests could start working on the software directly. There are a lot of PRs backed up." Subsequently, interested community members met to hash out a plan, and have now reported their plans. Pump.io will apply to be a member project of the Software Freedom Conservancy, and Prodromou has started granting administrative and commit privileges to several other developers. It is not yet clear how maintenance for Prodromou's current crop of pump.io servers will be handled, but the community does appear to be coalescing into a more active project.
Arch Linux has updated rpcbind (denial of service).
Debian has updated wireshark (multiple vulnerabilities).
Debian-LTS has updated cups (code execution).
Gentoo has updated adobe-flash (multiple vulnerabilities), cacti (multiple vulnerabilities), curl (multiple vulnerabilities), git (code execution), libtasn1 (multiple vulnerabilities), networkmanager (denial of service), and ntp (multiple vulnerabilities).
Red Hat has updated firefox (RHEL 5, 6, 7: multiple vulnerabilities).
SUSE has updated php5 (SLE12: multiple vulnerabilities).
Ubuntu has updated qemu, qemu-kvm (12.04, 14.04, 15.04: multiple vulnerabilities), simplestreams (14.04, 15.04: denial of service), and unity-firefox-extension, webapps-greasemonkey, webaccounts-browser-extension (12.04, 14.04, 15.04: denial of service).
EFF: Our Broken Patent System at Work: Patent Owner Insists the "Integers" Do Not Include the Number One
The Electronic Frontier Foundation (EFF) Deeplinks blog has an almost amusing account of a patent holder trying to define "integer" as a whole number greater than one. It seems that this strategy is likely to fail, but there is, of course, a cost associated with refuting such a ridiculous definition. "To be clear: the law allows patent applicants to redefine words if they want. But the law also says they have to be clear that they are doing that (and in any event, they shouldn't be able to do it years after the patent issues, in the middle of litigation). In Core Wireless' patent, there is no indication that it used the word "integer" to mean anything other than what we all learn in high school. (Importantly, the word "integer" doesn’t appear in the patent anywhere other than in the claims.) It appears that Core Wireless is attempting to redefine a word—a word the patent applicant freely chose—because presumably otherwise its lawsuit will fail."
Ubuntu has updated apport (privilege escalation).
The LWN.net Weekly Edition for September 24, 2015 is available.
The GNOME Project has announced the release of GNOME 3.18. "This release brings significant improvements to many of our core applications, from better Google Drive integration in Files to a list view in Boxes to firmware updates in Software, and several entirely new applications: Calendar, Characters, Todo. Improvements to our platform include automatic screen brightness handling and improved typography." See the release notes for details.
Arch Linux has updated firefox (multiple vulnerabilities).
openSUSE has updated flash-player (13.2, 13.1: multiple vulnerabilities).
Slackware has updated firefox (multiple vulnerabilities).
The release of Firefox 41 has been announced. "This release includes minor updates to personalize your Firefox Account and adds a new functionality to Firefox Hello Beta." The release notes contain more information.
In September 2014 a serious security vulnerability that became known as Shellshock was found in Bash, which is the default shell in most Linux distributions. But it quickly turned out that the initial fix for Shellshock was incomplete. Various other related bugs were found only days after the publication, amongst them two severe vulnerabilities discovered by Michał Zalewski from the Google security team. In the blog post, Zalewski mentioned that he had found these bugs with a fuzzing tool that he wrote, which almost nobody knew back then: american fuzzy lop (afl).
Subscribers can click below for the full article by guest author Hanno Böck.
Fedora 23 beta has been released. "Fedora 23 includes a number of changes that will improve all of the editions. For example, Fedora 23 makes use of compiler flags to improve security by "hardening" the binaries against memory corruption vulnerabilities, buffer overflows, and so on. This is a "behind the scenes" change that most users won't notice through normal use of a Fedora edition, but will help provide additional system security." The final release is scheduled for late October.
Fedora 23 beta is also available for AARCH64 and POWER architectures.
Arch Linux has updated flashplugin (multiple vulnerabilities).
Debian has updated kernel (multiple vulnerabilities).
Debian-LTS has updated linux-2.6 (multiple vulnerabilities).
Fedora has updated icedtea-web (F21: applet execution).
Mageia has updated flash-player-plugin (MG5: multiple vulnerabilities).
openSUSE has updated bind (13.2, 13.1: denial of service), criu (13.2: two vulnerabilities), icedtea-web (13.2, 13.1: multiple vulnerabilities), libgcrypt (13.2, 13.1: information disclosure), and python-django (13.1: multiple vulnerabilities).
Red Hat has updated flash-plugin (RHEL5,6: multiple vulnerabilities).
SUSE has updated kernel (SLE11SP3: multiple vulnerabilities).
The 4.2.1, 4.1.8, 3.14.53, and 3.10.89 stable kernel updates have been release. Each contains a relatively large set of important fixes.
As the introduction to Tom Herbert's kernel connection multiplexer (KCM) patch set notes, TCP is often used for message-oriented communication protocols even though, as a streaming transport, it has no native support for message-oriented communications. KCM is an effort to make it easier to send and receive messages over TCP which adds a couple of other interesting features as well.
Click below (subscribers only) for the full story from this week's Kernel Page.
The Free Software Foundation Europe and Open Invention Network, with the participation of the Legal Network and the Asian Legal Network, are presenting two round table events with presentations and panel discussion of industry and community speakers, titled "Open Source and Software Patent Non-Aggression, European Context". The events will be held in Berlin, Germany on October 21 and in Warsaw, Poland on October 22.
Arch Linux has updated wordpress (multiple vulnerabilities).
Mageia has updated owncloud (MG5: multiple vulnerabilities).
SUSE has updated openssh (SLE11SP3: multiple vulnerabilities).
The second 4.3 prepatch is now available for testing. "As has been the trend for a while now, rc2 tends to be reasonably small, probably because it takes a while for regression reports to start trickling in (and some people probably actively wait for rc2 to even start testing - you scaredy-cats, you)."
Version 2.3.0 of the GeoClue geolocation service has been released. The most notable change in this update is support for sharing and accessing GPS devices over a network connection. A proof-of-concept implementation of this feature is available in the Geoclue Share app for Android, which lets users relay GPS data from their device to a GNOME desktop system. Other new features include support for digital compasses and updated documentation.
HUP napi hírlevél
Legfrissebb HUP képek
A munkahelyi szakmai problémáimat rendszerint
"hazaviszem" (otthon is rágódok rajtuk, idegeskedek miattuk).
a munkaidő végénél "elengedem" (nem érdekelnek, ahogy kicsekkolok, megszűnnek számomra létezni).
Összes szavazat: 370