Language Selection

English French German Italian Portuguese Spanish

LWN

Syndicate content
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
Updated: 4 hours 45 min ago

Friday's security updates

Friday 9th of January 2015 02:53:17 PM

Debian has updated curl (access restriction bypass) and file (multiple vulnerabilities).

Debian-LTS has updated file and (multiple vulnerabilities) firebird2.1 (denial of service).

Mandriva has updated asterisk (BS1: denial of service), file (BS1: multiple vulnerabilities), jasper (BS1: multiple vulnerabilities), krb5 (BS1: denial of service), libevent (BS1: denial of service), libjpeg (BS1: denial of service), nail (BS1: code execution), pwgen (BS1: multiple vulnerabilities), sox (BS1: code execution), unrtf (BS1: multiple vulnerabilities), unzip (BS1: multiple vulnerabilities), and znc (BS1: multiple vulnerabilities).

Red Hat has updated php (RHEL 6.5: multiple vulnerabilities) and python-keystoneclient (RHEL OpenStack Platform: man-in-the-middle attack).

SUSE has updated xen (SLED/SLES/SLESDK 12: multiple vulnerabilities).

Ubuntu has updated cpio (multiple vulnerabilities).

New stable kernels

Friday 9th of January 2015 01:55:31 AM

Greg Kroah-Hartman has released four new stable kernels: 3.10.64, 3.14.28, 3.17.8, and 3.18.2. Each contains important updates and fixes. The 3.17.8 release is also noteworthy because it will be the last release in the 3.17 series. 3.17 users need to move to the 3.18 series as soon as possible.

Thursday's security updates

Thursday 8th of January 2015 02:22:44 PM

CentOS has updated glibc (C6: multiple vulnerabilities).

Fedora has updated mpfr (F20; F21: buffer overflow), nss (F20: information leak), nss-softokn (F20: information leak), nss-util (F20: information leak), openvas-cli (F21: SQL injection), openvas-manager (F21: SQL injection), openvas-scanner (F21: SQL injection), tcpdump (F21: code execution), and thermostat (F20; F21: privilege escalation).

Mageia has updated apache (M4: access-restriction bypass), asterisk (M4: denial of service), ettercap (M4: multiple vulnerabilities), glibc (M4: multiple vulnerabilities), libsndfile (M4: multiple vulnerabilities), and libssh (M4: denial of service).

Mandriva has updated mediawiki (BS1: multiple vulnerabilities).

openSUSE has updated libssh (denial of service) and php5 (11.4: multiple vulnerabilities).

Oracle has updated glibc (O6: multiple vulnerabilities).

Red Hat has updated glibc (RHEL6: multiple vulnerabilities).

Scientific Linux has updated glibc (SL6: multiple vulnerabilities).

Ubuntu has updated bsd-mailx (code execution), exiv2 (14.10: denial of service), mime-support (code execution), and nss (information disclosure).

[$] LWN.net Weekly Edition for January 8, 2015

Thursday 8th of January 2015 02:03:21 AM
The LWN.net Weekly Edition for January 8, 2015 is available.

[$] Dark Mail publishes its secure-email architecture

Wednesday 7th of January 2015 08:56:41 PM

The Dark Mail Alliance has published the first description of the architecture that enables its secure-and-private alternative to the existing Internet email system. Called the Dark Internet Mail Environment (DIME), the system involves a new email message format and new protocols for email exchange and identity authentication. Nevertheless, DIME also makes an effort to be backward-compatible with existing email deployments. DIME includes several interesting ideas, but its main selling points remain its security: it not only offers end-to-end encryption, but it encrypts much of the message metadata other systems leave in cleartext, too, and it offers resistance to attacks that target servers between the sender and the recipient.

Security advisories for Wednesday

Wednesday 7th of January 2015 05:01:41 PM

Debian has updated mantis (multiple vulnerabilities).

Mageia has updated kernel (multiple vulnerabilities), libevent (denial of service), libpng (memory overwrite), nvidia (code execution), and webmin (malicious symlinks).

McIntyre: Bootstrapping arm64 in Debian

Wednesday 7th of January 2015 12:05:23 AM
Steve McIntyre provides a progress report on the status of the arm64 port for Debian 8 "Jessie". "arm64 is officially a release architecture for Jessie, aka Debian version 8. That's taken a lot of manual porting and development effort over the last couple of years, and it's also taken a lot of CPU time - there are ~21,000 source packages in Debian Jessie! As is often the case for a brand new architecture like arm64 (or AArch64, to use ARM's own terminology), hardware can be really difficult to get hold of. In time this will cease to be an issue as hardware becomes more commoditised, but in Debian we really struggled to get hold of equipment for a very long time during the early part of the port."

Tuesday's security updates

Tuesday 6th of January 2015 07:14:37 PM

CentOS has updated libvirt (C7: information disclosure).

Debian has updated libevent (denial of service).

Fedora has updated bind (F21; F19: denial of service), cpio (F20: denial of service), jasper (F21; F20; F19: three code execution vulnerabilities), python-pip (F21: denial of service), python3 (F19: two vulnerabilities), and roundcubemail (F21; F20: cross-site scripting).

Mageia has updated libvirt (denial of service), openvas-manager (sql injection), privoxy (two vulnerabilities), and python-yaml (denial of service).

Oracle has updated libvirt (OL7: information disclosure).

Red Hat has updated kernel (RHEL4: privilege escalation) and libvirt (RHEL7: information disclosure).

Scientific Linux has updated libvirt (SL7: information disclosure).

SUSE has updated bind (SLE11 SP3: denial of service), mutt (SLE12: denial of service), and suseRegister (SLE11 SP3: man-in-the-middle attack).

Ubuntu has updated cgmanager (14.10, 14.04: information disclosure).

CyanogenMod CM12 nightly builds available

Tuesday 6th of January 2015 03:22:35 PM
For those of you who have been waiting for a CyanogenMod release based on Android "Lollipop," the first nightly builds are now available. "We would like to note that at this point we consider ourselves 85% complete for our initial CM12 M release. We’ll spend the remainder of this month bringing up additional devices and finishing up the features you’ve come to love from CM11 – implementing them into the new Material UI."

Kernel prepatch 3.19-rc3

Tuesday 6th of January 2015 02:12:26 AM
The 3.19-rc3 prepatch is out for testing. "It's a day delayed - not because of any particular development issues, but simply because I was tiling a bathroom yesterday. But rc3 is out there now, and things have stayed reasonably calm. I really hope that implies that 3.19 is looking good, but it's equally likely that it's just that people are still recovering from the holiday season."

Cuthbertson: NixOS and Stateless Deployment

Monday 5th of January 2015 09:03:17 PM
Here is a lengthy post from Tim Cuthbertson on the virtues of building servers with NixOS. "It should hopefully be obvious at this point why NixOS is better than puppet: Both are declarative, but puppet is impure and non-exhaustive - when you apply a config, puppet compares everything specified against the current state of the system. Everything not specified is left alone, which means you’re only specifying a very tiny subset of your system. With NixOS, if something is not specified, it is not present."

Security advisories for Monday

Monday 5th of January 2015 05:47:46 PM

Debian has updated strongswan (denial of service).

Debian-LTS has updated polarssl (denial of service), pyyaml (denial of service), and sox (code execution).

Fedora has updated claws-mail (F19: man-in-the-middle attack), claws-mail-plugins (F19: man-in-the-middle attack), curl (F19: information leak), denyhosts (F20; F19: denial of service), ettercap (F21; F20; F19: multiple vulnerabilities), freetype (F20: buffer overflow), kernel (F19: multiple vulnerabilities), libetpan (F19: man-in-the-middle attack), libssh (F21; F20; F19: denial of service), mailx (F21; F20; F19: command execution), mingw-pcre (F21; F20; F19: information leak), openjpeg (F19: multiple vulnerabilities), python-django-horizon (F21: denial of service), pyxdg (F20: symlink attacks), subversion (F21; F20: denial of service), and unrtf (F21: code execution).

Mandriva has updated c-icap (denial of service), ntp (multiple code execution vulnerabilities), pcre (information leak), php (code execution), and subversion (denial of service).

Ubuntu has updated strongswan (14.10, 14.04: denial of service).

[$] OpenMediaVault: a distribution for NAS boxes

Friday 2nd of January 2015 10:44:03 PM
The Linux community has no shortage of general-purpose distributions that can be made to serve almost any need. But many Linux deployments are not on general-purpose machines; often the owner has a more specific objective in mind. One such objective is to put together a network-attached storage (NAS) box. A general-purpose distribution can easily be used in such a setting, but there are also several specialized distributions that make the task easier. This article, the first in a series, will look at OpenMediaVault, a Debian-based NAS-oriented distribution.

Friday's security updates

Friday 2nd of January 2015 03:09:33 PM

Fedora has updated glpi (F19; F20, F21: SQL injection), mingw-binutils (F20; F21: multiple vulnerabilities), mingw-curl (F20; F21: multiple vulnerabilities), mingw-dbus (F20; F21: multiple vulnerabilities), mingw-freetype (F20; F21: code execution), mingw-libjpeg-turbo (F20; F21: denial of service), mingw-libxml2 (F20; F21: denial of service), mingw-openssl (F20; F21: multiple vulnerabilities), and ntp (F19; multiple vulnerabilities).

openSUSE has updated libvirt (13.1: denial of service; 13.2: multiple vulnerabilities), ruby2.1 (13.2: multiple vulnerabilities), and ruby20 (13.1: multiple vulnerabilities).

More in Tux Machines

Airdroid - Transfer Files Between Android Phones/Tablets and Linux (Any Distribution)


airdroid transfer file between android phone/tablet and linux mint ubuntu

We often need to transfer large amount data in the form of mp3 Songs, Video Songs, Movies and most importantly, large Games! Transferring via USB cable takes time, so let's do it with 'Airdroid' easily and quickly.
 
 
 
 
 
 

Read at LinuxAndUbuntu

Don't Use Ubuntu, Use Mint - or elementary

Tech Drive-in today listed seven reasons he prefers elementary OS over Ubuntu. Despite all that, Michael Larabel today reported on the improved performance of Ubuntu 15.04 on newer machines. Read more

7 reasons why I prefer elementary OS Freya over Ubuntu 14.10 "Utopic Unicorn"

When we laid out our featured article on things you need to do after installing Ubuntu 14.10, we shared a few little issues we have had with the latest Ubuntu release. Well things got worse, and I decided to try something else for a change. I've been using elementary OS Freya as my daily driver since then. And I have to say, I'm mighty impressed so far. And the fact that Freya is still very much in beta makes the whole affair all the more interesting. A list of reasons why I prefer elementary OS Freya over Ubuntu 14.10 at the moment. Read more

Don't Use Ubuntu, Use Mint - or elementary

The top story today continued to be the GHOST vulnerability covered last night, probably because the name lends itself to cute headlines - most with a twist on "Ghost in the Machine." But elsewhere, the How-To-Geek said today that new users should stick to Linux Mint instead of Ubuntu. He's not the only one, Tech Drive-in today listed seven reasons he prefers elementary OS over Ubuntu. Despite all that, Michael Larabel today reported on the improved performance of Ubuntu 15.04 on newer machines. Read more