ls -1TörténelemNépszerű témákNépszerű fórum témákHardverAjánlott böngésző FreeBSD Project News |
Linux Weekly News
LWN.net is a comprehensive source of news and opinions from
and about the Linux community. This is the main LWN.net feed,
listing all articles which are posted to the site front page.
Webcím: http://lwn.net
Frissült: 9 perc 29 másodperc Security advisories for WednesdayCentOS has updated libvirt (C6: multiple vulnerabilities) and libXfont (C7: multiple vulnerabilities). Debian has updated php5 (out-of-bounds read flaw) and php5 (regression in previous update). Fedora has updated drupal7-ckeditor (F20; F19: cross-site scripting), geary (F20: TLS certificate issues), icecream (F20; F19: code execution), and nrpe (F20: code execution). Mandriva has updated curl (information leak), dbus (multiple vulnerabilities), and gnutls (code execution). openSUSE has updated dbus-1 (13.2, 13.1; 12.3: denial of service) and polarssl (13.2: two vulnerabilities). Red Hat has updated kernel (RHEL6.4: denial of service), libvirt (RHEL6: multiple vulnerabilities), and libXfont (RHEL6,7: multiple vulnerabilities). Scientific Linux has updated libvirt (SL6: multiple vulnerabilities) and libXfont (SL6,7: multiple vulnerabilities). Kategóriák: Linux
Today's Debian technical committee resignation: Ian JacksonIan Jackson has announced his immediate resignation from the Debian
technical committee. "While it is important that the views of the 30-40% of the project who
agree with me should continue to be represented on the TC, I myself am
clearly too controversial a figure at this point to do so. I should
step aside to try to reduce the extent to which conversations about
the project's governance are personalised.
And, speaking personally, I am exhausted."
(Thanks to Mattias Mattsson).
Kategóriák: Linux
Results for the Debian init system coupling GRThe preliminary results have been announced for the Debian general
resolution on init system coupling. The winning option was #4, the one
saying that no general resolution is required in this situation. So there
will be no change in Debian policy resulting from this vote.
Kategóriák: Linux
EFF: Let's EncryptThe Electronic Frontier Foundation (EFF) is helping to launch a new
non-profit organization that will offer free server certificates
beginning in summer 2015. "Let's
Encrypt is a new free certificate authority, which will
begin issuing server certificates in 2015. Server
certificates are the anchor for any website that wants to
offer HTTPS and encrypted traffic, proving that the server
you are talking to is the server you intended to talk to.
But these certificates have historically been expensive, as
well as tricky to install and bothersome to update. The
Let's Encrypt authority will offer server certificates at
zero cost, supported by sophisticated new security
protocols. The certificates will have automatic enrollment
and renewal, and there will be publicly available records
of all certificate issuance and revocation." Let's Encrypt will be
overseen by the Internet Security Research Group (ISRG), a California
public benefit corporation.
Kategóriák: Linux
Tuesday's security updatesCentOS has updated libxfont (C6: multiple vulnerabilities), mariadb (C7: multiple vulnerabilities), and mysql55-mysql (C5: multiple vulnerabilities). Fedora has updated oath-toolkit (F20: denial of service), python-requests-kerberos (F20; F19: authentication bypass), and qpid-cpp (F19: xml exchange can be induced to make http requests). openSUSE has updated flash-player (13.2, 13.1, 12.3: multiple vulnerabilities) and libreoffice (13.2: code execution). Red Hat has updated bash Shift_JIS (RHEL5.9: multiple vulnerabilities). Scientific Linux has updated mariadb (SL7: multiple vulnerabilities). SUSE has updated flash-player (SLED11 SP3: multiple vulnerabilities). Ubuntu has updated mountall (14.10: privilege escalation). Kategóriák: Linux
Live kernel patching for SUSE Enterprise LinuxSUSE has announced
that it is now using kGraft to make live
kernel patches available for its enterprise distribution. "Unlike
some other Linux kernel live patching technologies, SUSE Linux Enterprise
Live Patching doesn't require stopping the whole system while it performs
the patching. And because it is a fully open source solution, it allows for
easy code review of the patch sources. SUSE is engaging with the upstream
community to help ensure a sustainable future for kernel live patching on
Linux in general and SUSE Linux Enterprise specifically."
Kategóriák: Linux
Linux for lettuce (Opensource.com)Opensource.com covers
the founding of the Open Source Seed Initiative (OSSI) and its
continuing efforts to apply the concepts of open-source to plant breeding,
in an increasingly patent encumbered space.
"OSSI’s de facto leader is Jack Kloppenburg, a social scientist at
the University of Wisconsin who has been involved with issues concerning
plant genetic resources since the 1980s. He has published widely about the
concept behind OSSI, and his words are now echoed (even copied verbatim) by
public plant-breeding advocates in Germany, France, and India. As he
explains it, for most of human history, seeds have naturally been part of
the commons—those natural resources that are inherently public, like air or
sunshine. But with the advent of plant-related intellectual property and
the ownership it enables, this particular part of the commons has become a
resource to be mined for private gain. Thus the need for a protected
commons—open source seed. Inspired by open source software, OSSI’s idea is
to use “the master’s tools” of intellectual property, but in ways the
master never intended: to create and enforce an ethic of sharing."
Kategóriák: Linux
Colin Watson resigns from Debian Technical CommitteeColin Watson announced
his resignation from the Debian Technical Committee before Russ. "I
appreciate that the timing is such that this looks like a response to
Joey's mails, or perhaps to some other recent discussions. That isn't
the case. I've been doing a good deal of refactoring of my life
recently as a result of realising that I was burning
out, and right now it's important that I make an effort to spend my
Debian time on things I find relaxing rather than things I've been finding
stressful." (Thanks to Jeff Schroeder)
Kategóriák: Linux
Security advisories for MondayDebian has updated libgcrypt11 (side-channel attack). Fedora has updated kde-workspace (F20; F19: privilege escalation), kernel (F19: multiple vulnerabilities), and konversation (F20; F19: information disclosure). Gentoo has updated wget (symlink attack). Mageia has updated dbus (denial of service), gnutls (code execution), kernel (MG4; MG3: multiple vulnerabilities), kernel-linus (MG4; MG3: multiple vulnerabilities), kernel-tmb (MG4; MG3: multiple vulnerabilities), and kernel-vserver (MG4: multiple vulnerabilities). Red Hat has updated mariadb (RHEL7: multiple vulnerabilities), mariadb55-mariadb (RHSCL1: multiple vulnerabilities), and mysql55-mysql (RHEL5; RHSCL1: multiple vulnerabilities). Scientific Linux has updated mysql55-mysql (SL5: multiple vulnerabilities). Slackware has updated mozilla (multiple vulnerabilities). Kategóriák: Linux
Russ Allbery leaves the Debian technical committeeAnother resignation in the Debian camp: Russ Allbery has become the second
member of the project's technical committee to leave that committee.
"I think
project governance is a hard problem, and a worthwhile problem, and I hope
that someone with good ideas will step forward and work on that problem.
Debian is one of the largest free software projects, and one that faces a
large number of hard decisions. If we can do that work well, it would be a
valuable contribution to the broader community. But, right now, I don't
feel like I'm helping that process, and at times am making it
worse."
Kategóriák: Linux
Fog Heen: Resigning as a Debian systemd maintainerHere are Tollef
Fog Heen's comments following his resignation as one of the systemd
maintainers in Debian. "I've been a DD for almost 14 years, I should
be able to weather any storm, shouldn't I? It turns out that no, the
mountain does get worn down by the rain. It's not a single hurtful comment
here and there. There's a constant drum about this all being some sort of
conspiracy and there are sometimes flares where people wish people involved
in systemd would be run over by a bus or just accusations of
incompetence."
Kategóriák: Linux
Kernel prepatch 3.18-rc5Linus has released the 3.18-rc5 prepatch.
"So we still have a few pending issues, but things look fairly
normal. We've still got a few weeks to go before final, and the more you
can test, the better off we'll be."
Kategóriák: Linux
CyanogenMod 11 M12CyanogenMod has announced a new
milestone release of the 11.0 "KitKat" branch. The announcement also
looks forward to the 12.0 "Lollipop" branch. "No doubt the big news at the beginning of November was the release of the Android 5.0 Lollipop source code. AOSP began seeing the code on the 3rd, and completed the majority of the push on the 4th, with some remaining stragglers seeing code uploaded midday on the 12th. Work on CM12 began in earnest at the end of last week, and you can now successfully sync and build the work in progress against a handful of devices."
Kategóriák: Linux
Stable kernel updatesGreg Kroah-Hartman has released three stable kernels; 3.17.3, 3.14.24, and 3.10.60. All of them contain lots of
important fixes throughout the tree.
Kategóriák: Linux
Security advisories for FridayFedora has updated aircrack-ng (F20; F19: multiple vulnerabilities), gnutls (F20: three vulnerabilities), and python3 (F19: three vulnerabilities). Mageia has updated claws-mail (M4: SSL certificate verification botch), curl (information leak), flash-player-plugin (many vulnerabilities), getmail (three vulnerabilities), kdebase4-workspace (M3: privilege escalation), libreoffice (M4; M3: two vulnerabilities), and ruby (denial of service). openSUSE has updated openssl (13.2: multiple vulnerabilities). Oracle has updated kernel 2.6.39 (OL6; OL5: two vulnerabilities) and kernel 3.8.13 (OL7; OL6: two vulnerabilities). SUSE has updated flash-player (SLE12: three vulnerabilities) and java-1_7_0-openjdk (SLE12: multiple vulnerabilities). Kategóriák: Linux
Linux Security Distros Compared: Tails vs. Kali vs. Qubes (Lifehacker)Three security-oriented Linux distributions are compared and contrasted over at Lifehacker. The three (Tails, Kali Linux, and Qubes OS) have distinct use cases that are surveyed in the article. "The crux of Tails is anonymity. While it has cryptographic tools in place, its main purpose is to anonymize everything you're during online. This is great for most people, but it doesn't give you the freedom to do stupid things. If you log into your Facebook account under your real name, it's still going to be obvious who you are and remaining anonymous on an online community is a lot harder than it seems."
Kategóriák: Linux
The Long and Winding Road (Mageia Blog)Over on the Mageia Blog, Rémi Verschelde explains why the Mageia 5 Beta 1 took a month and a half longer than planned—but is now available. Upgrading to RPM 4.12 during the release process caused some problems, but there were other troubles along the way.
"Still, while fixing our core tools during this first mass rebuild, some important changes were made to our RPM setup. As a consequence, half of the rebuilt packages (the ones built before our RPM setup changes) were lacking some important metadata. We then decided to do a second mass rebuild in October, which went quite fine apart from some issues with the Java stack. It was already late October when the first Beta 1 ISOs could be spun and delivered to the QA team for pre-release testing." Beta 2 has been pushed back to December 16, with a final release of Mageia 5 expected on January 31.
Kategóriák: Linux
Thursday's security updatesDebian has updated iceweasel (multiple vulnerabilities). openSUSE has updated docker, go (13.2: two vulnerabilities) and libreoffice (13.1: code execution). Red Hat has updated flash-plugin (RHEL5&6: many vulnerabilities). SUSE has updated OpenSSL (SLECT10; SLE11: multiple vulnerabilities) and wget (SLE10SP4; SLE11SP2, SLE11SP1: code execution). Ubuntu has updated qemu, qemu-kvm (multiple vulnerabilities). Kategóriák: Linux
[$] LWN.net Weekly Edition for November 13, 2014The LWN.net Weekly Edition for November 13, 2014 is available.
Kategóriák: Linux
Security advisories for WednesdayCentOS has updated gnutls (C7: code execution), kdenetwork (C7: multiple vulnerabilities), kernel (C6: multiple vulnerabilities), and libvncserver (C7; C6: multiple vulnerabilities). Debian has updated file (out-of-bounds read flaw) and nss (code execution). Fedora has updated deluge (F20: deluge-web is vulnerable to POODLE), mokutil (F20; F19: multiple vulnerabilities), Pound (F20: multiple vulnerabilities), shim-signed (F20; F19: multiple vulnerabilities), and tnftp (F20: command execution). Mageia has updated apt (code execution) and php (out-of-bounds read flaw). openSUSE has updated ImageMagick (13.2, 13.1, 12.3: multiple vulnerabilities), konversation (13.2: information disclosure), libserf (13.2, 13.1, 12.3: man-in-the-middle attack), pidgin (13.2: multiple vulnerabilities), and sssd (13.2: restriction bypass). Oracle has updated gnutls (OL7: code execution), kdenetwork (OL7: multiple vulnerabilities), kernel (OL6: multiple vulnerabilities), and libvncserver (OL7; OL6: multiple vulnerabilities). Red Hat has updated gnutls (RHEL7: code execution), kdenetwork (RHEL7: multiple vulnerabilities), kernel (RHEL6: multiple vulnerabilities), and libvncserver (RHEL6,7: multiple vulnerabilities). Scientific Linux has updated gnutls (SL7: code execution), kdenetwork (SL7: multiple vulnerabilities), kernel (SL6: multiple vulnerabilities), and libvncserver (SL6,7: multiple vulnerabilities). SUSE has updated spacewalk-branding (SUSE Manager1.7: clarify CVE audit). Ubuntu has updated cinder (14.04: information disclosure), keystone (14.04: information disclosure), neutron (14.04: denial of service), and nova (14.04: two vulnerabilities). Kategóriák: Linux
|
KeresésNavigációBelépésÁllásajánlatok
HWSWFriss blogbejegyzésekHUP napi hírlevélLegfrissebb HUP videókLegfrissebb Linux játékvideókLegfrissebb HUP képekSzavazásHáztartásomban ... darab TV készülék található. nulla 26% egy 42% kettő 18% három 7% négy 2% négynél több 2% Csak az eredmény érdekel. 2% Összes szavazat: 815
InformációKövess minket!Partnerünk |
Friss hozzászólások
47 másodperc
9 perc 4 másodperc
9 perc 24 másodperc
12 perc 37 másodperc
13 perc 9 másodperc
25 perc 13 másodperc
26 perc 33 másodperc
26 perc 51 másodperc
27 perc 48 másodperc
34 perc 28 másodperc