Népszerű fórum témák
FreeBSD Project News
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Frissült: 21 perc 57 másodperc
Debian has updated strongswan (denial of service).
Fedora has updated claws-mail (F19: man-in-the-middle attack), claws-mail-plugins (F19: man-in-the-middle attack), curl (F19: information leak), denyhosts (F20; F19: denial of service), ettercap (F21; F20; F19: multiple vulnerabilities), freetype (F20: buffer overflow), kernel (F19: multiple vulnerabilities), libetpan (F19: man-in-the-middle attack), libssh (F21; F20; F19: denial of service), mailx (F21; F20; F19: command execution), mingw-pcre (F21; F20; F19: information leak), openjpeg (F19: multiple vulnerabilities), python-django-horizon (F21: denial of service), pyxdg (F20: symlink attacks), subversion (F21; F20: denial of service), and unrtf (F21: code execution).
Ubuntu has updated strongswan (14.10, 14.04: denial of service).
The Linux community has no shortage of general-purpose distributions that can be made to serve almost any need. But many Linux deployments are not on general-purpose machines; often the owner has a more specific objective in mind. One such objective is to put together a network-attached storage (NAS) box. A general-purpose distribution can easily be used in such a setting, but there are also several specialized distributions that make the task easier. This article, the first in a series, will look at OpenMediaVault, a Debian-based NAS-oriented distribution.
Fedora has updated glpi (F19; F20, F21: SQL injection), mingw-binutils (F20; F21: multiple vulnerabilities), mingw-curl (F20; F21: multiple vulnerabilities), mingw-dbus (F20; F21: multiple vulnerabilities), mingw-freetype (F20; F21: code execution), mingw-libjpeg-turbo (F20; F21: denial of service), mingw-libxml2 (F20; F21: denial of service), mingw-openssl (F20; F21: multiple vulnerabilities), and ntp (F19; multiple vulnerabilities).
Linux Journal looks at the Purism Project and the Purism Librem 15 laptop. "The Librem 15 uses the Trisquel distribution which wasn't a distribution I had heard of before now. Basically it's a Debian-based distribution that not only removes the non-free repository by default, but it has no repositories at all that provide non-free software. It was picked for the Librem 15 because it is on the list of official FSF-approved GNU/Linux distributions and since that laptop is aiming to get the FSF stamp of approval, that decision makes sense. Since it's a Debian-based distribution, the desktop environment and most of the available software shouldn't seem too different for anyone who has used a Debian-based distribution before. Of course, if you do want to use any proprietary software (like certain multimedia codecs or official Flash plugins) you will have to hunt for those on your own. Then again, the whole point of this laptop is to avoid any software like that."
For anybody looking for a single-board computer to experiment with: LinuxGizmos has a survey of 40 of them. "Over the last year we’ve seen some new quad- and octa-core boards with more memory, built-in WiFi, and other extras. Yet, most of the growth has been in the under $50 segment where the Raspberry Pi and BeagleBone reign. Based on specs alone, standouts in price/performance that have broken the $40 barrier include the new Odroid-C1 and pcDuino3 Nano, but other good deals abound here as well."
Debian has updated php5 (code execution).
Gentoo has updated mit-krb5 (multiple vulnerabilities).
Mageia has updated castor (XML injection), couchdb (cross-site scripting), cxf (two vulnerabilities), plasma-nm (man-in-the-middle attack), sox (code execution), unzip (code execution), and xml-security (denial of service).
From Phillip Zimmermann and Ladar Levison (among others) comes the Darkmail Internet Mail Environment, an attempt to replace SMTP with a more secure protocol. It has a 108-page specification [PDF] for those wanting details, and code is available on GitHub. "In addition to the usual protection of content, a design goal for secure email must be to limit what meta-information is disclosed so that a handling agent only has access to the information it needs to see. The Dark Internet Mail Environment (DIME) achieves this with a core model having multiple layers of key management and multiple layers of message encryption."
Debian-LTS has updated ettercap (denial of service).
Fedora has updated eclipse-egit (F21: code execution), eclipse-jgit (F21: code execution), gpgme (F20: code execution), links (F20: integer overflow), mediawiki (F21; F20; F19: multiple vulnerabilities), mingw-jasper (F21; F20; F19: two code execution vulnerabilities), php (F21; F20; F19: code execution), rpm (F20: code execution), and seamonkey (F21; F20; F19: multiple vulnerabilities).
Gentoo has updated asterisk (multiple vulnerabilities), facter (privilege escalation), file (denial of service), fish (multiple vulnerabilities), flac (code execution), getmail (multiple vulnerabilities), icecast (multiple vulnerabilities), lcms (denial of service), mupdf (denial of service), openssl (multiple vulnerabilities), openvpn (denial of service), policycoreutils (privilege escalation), torque (multiple vulnerabilities, some from 2011), wireshark (multiple vulnerabilities), and xen (multiple vulnerabilities).
Mageia has updated apache-poi (two XML-handling flaws), axis (SSL hostname verification bypass), erlang (command injection), mediawiki (multiple vulnerabilities), not-yet-commons-ssl (hostname verification botch), resteasy (XML eXternal Entity (XXE) attacks), smack (two vulnerabilities), wss4j (authentication spoofing), and xlockmore (X error).
openSUSE has updated apache2 (13.2, 13.1, 12.3: two vulnerabilities), docker (13.2: multiple vulnerabilities), file (13.2; 13.1: denial of service), libreoffice (13.2, 13.1: denial of service), mailx (13.2, 13.1, 12.3: command execution), python3-rpm, rpm, rpm-python (13.2, 13.1, 12.3: code execution), subversion (13.2, 13.1, 12.3: denial of service), and xorg-x11-server (13.2, 13.1, 12.3:multiple vulnerabilities).
The second 3.19 prepatch is now available for testing but not a whole lot has changed in the last week. As Linus put it: "This -rc is tiny, for all the obvious reasons."
Parallels has announced that it will be merging its open-source OpenVZ and proprietary Parallels Cloud Server projects. "Now it's time to admit -- over the course of years OpenVZ became just a little bit too separate, essentially becoming a fork (perhaps even a stepchild) of Parallels Cloud Server. While the kernel is the same between two of them, userspace tools (notably vzctl) differ. This results in slight incompatiblities between the configuration files, command line options etc. More to say, userspace development efforts need to be doubled." The result of the merger will be open source; the name will be "Virtuozzo Core."
Best wishes to you and yours from LWN ...
The LWN.net Weekly Edition for December 25, 2014 is available.
Python is a poster child for dynamically typed languages, but if Guido van Rossum gets his way—as benevolent dictator for life (BDFL), he usually does—the language will soon get optional support for static type-checking. The discussion and debate has played out since August (at least), but Van Rossum has just posted a proposal that targets Python 3.5, which is due in September 2015, for including this "type hinting" feature. Unlike many languages (e.g. C, C++, Java), Python's static type-checking would be optional—programs can still be run even if the static checker has complaints.
The full story from this week's edition is available to subscribers below.
Bradley M. Kuhn talks about abusive behavior in the FLOSS community. "In the politics of Free, Libre and Open Source Software (FLOSS), some people regularly engage in behavior right on that line: berating, verbal abuse, and intimidation. These behaviors are consistently tolerated, accepted, and sometimes lauded in FLOSS projects and organizations. I can report from direct experience: if you think what happens on public mailing lists is bad, what happens on the private phone calls and in-person meetings is even worse. The types of behavior that would-be leaders employ would surely shock you." (Thanks to Paul Wise)
SUSE has updated kernel (SLES11 SP3; SLE11 SP3; SLE11 SP3; SLES11 SP2, SP1: multiple vulnerabilities), ntp (SLE12: two code execution vulnerabilities), openvpn (SLE12: denial of service), popt (SLE11 SP3: code execution), and xntp (SLES10 SP4: code execution).
Kernel developers have long been told that, with few exceptions, attempts to allocate memory can fail if the system does not have sufficient resources. As a result, in well-written code, every call to a function like kmalloc(), vmalloc(), or __get_free_pages() is accompanied by carefully thought-out error-handling code. It turns out, though, the behavior actually implemented in the memory-management subsystem is a bit different from what is written in the brochure. That difference can lead to unfortunate run-time behavior, but the fix might just be worse.
Click below (subscribers only) for the full article from this week's Kernel Page.
The people behind the Devuan project have released a progress report. Devuan is a fork of Debian without systemd. A repository has been set up at GitLab. "This is the most recent achievement on infrastructure development: last night the first devuan-baseconf package was built correctly through our continuous integration infrastructure, pulling directly from our source repository."
Debian has updated cpio (denial of service).
Gentoo has updated pdns-recursor (multiple vulnerabilities, some from 2009).
Mageia has updated unrtf (code execution).
openSUSE has updated unbound (13.2: denial of service).
SUSE has updated ntp (SLE11 SP3, SLES11 SP2: multiple code execution vulnerabilities).
Many of us have used NetworkManager for years, but the project only got around to putting out its 1.0.0 release now. "This release brings a more modern GObject-based client library, many bug fixes and updated translations, more flexible routing, hugely improved nmcli with password support, improved nmtui, a light-weight internal DHCP client, 'configure and quit' mode, Bluetooth DUN support with Bluez5, VPN connection persistence, improved cooperation with external tools, expanded manpages and documentation, WWAN IPv6 support, and much much more."
HUP napi hírlevél
Legfrissebb HUP videók
Legfrissebb Linux játékvideók
Legfrissebb HUP képek
Zavarna-e ha senior létedre a veled egy csapatba frissen bekerülő junior ugyanannyit, vagy csak minimálissal kevesebbet keresne?
Csak az eredmény érdekel.
Összes szavazat: 157