Language Selection

English French German Italian Portuguese Spanish

FOSS Security Updates vs Microsoft Patch Day

Filed under

It is almost that time again. The ritual of installing Microsoft patches released on the second Tuesday of each month to fix security problems with its operating systems and software. My company will be monitoring and installing these updates again for some of our local clients this week.

It is an ironic coincidence that I have received update notices from Mandriva for software installed on my Linux PC systems as well this weekend. These updates come regularly from the upstream developers through Mandriva to Mandriva end-users. These updates may be simple code fixes for bugs, upgrades to get new versions of software or security fixes to patch possible security problems. While looking at these today I thought it would be interesting to compare vulnerability wise what I am getting from Mandriva today with what Microsoft customers will be getting on Tuesday 14 September 2010.

First, to understand Microsoft’s vulnerability code words one must know the terminology Microsoft uses and what it means. This is found in this table borrowed from Microsoft:

complete story

More in Tux Machines

today's leftovers

  • Puppet Rolls Out New Docker Image Builds
    Folks who are focused on container technology and virtual machines as they are implemented today might want to give a hat tip to some of the early technologies and platforms that arrived in the same arena. Among those, Puppet, which was built on the legacy of the venerable Cfengine system, was an early platform that helped automate lots of virtual machine implementations. We covered it in depth all the way back in 2008. Earlier this year, Puppet Labs rebranded as simply Puppet, and also named its first president and COO, Sanjay Mirchandani, who came to the company from VMware, where he was a senior vice-president. Now, at PuppetConf, the company has announced the availability of Puppet Docker Image Build, which "automates the container build process to help organizations as they define, build and deploy containers into production environments." This new set of capabilities adds to existing Puppet functionality for installing and managing container infrastructure, including Docker, Kubernetes and Mesos, among others.
  • Five Cool Alternative Open Source Linux Shells
    We are going to look at some of the available Linux shells out there that users have access to free of charge since they are open source, they come in a number of different licenses and this mainly depends on the software creator but in essence one doesn’t have to pay to use the system; so that a major plus in whichever way we look at it. We find that there are different kinds of users when it comes to Linux, the ones who tread carefully preferring to stick to tried and tested software, the other kinds are the ones who dive into the deep end of cutting edge software; head first.
  • openSUSE Tumbleweed – Review of the Week 2016/42
    This was week 42 – The openSUSE LEAP week of the Year. It can’t be a co-incidence that the Release Candidate 1 was announced in Week 42, on the 2nd day (42.2 – European counting, we start our week on Monday, not on Sunday). But also in Tumbleweed things are not standing still: of course many of the things are well in line with what Leap received (like for example Plasma updates), but Tumbleweed rolls at a different pace ahead of the game.

Red Hat News

Leftovers: OSS and Sharing

  • The Open Source Way
    "Open source", in the world of IT, is program code that is meant for collaboration and open contribution. Intended to be modified and shared, because by design and spirit, it is meant for the public at large. It’s been said that “"open source" intimates a broader set of values—what we call "the open source way." Open source projects, products, or initiatives embrace and celebrate principles of open exchange, collaborative participation, rapid prototyping, transparency, meritocracy, and community-oriented development.” So it is a natural conclusion that in this age of open and transparent government, that the government IT manager or technician would be one of the first to want to embrace this new role of collaborative team member within a larger community.
  • Another rift in the open source BPM market: @FlowableBPM forks from @Alfresco Activiti
    In early 2013, Camunda – at the time, a value-added Activiti consulting partner as well as a significant contributor to the open source project – created a fork from Activiti to form what is now the Camunda open source BPM platform as well as their commercial version based on the open source core.
  • Pydio, an Open Source File Sharing and Sync Solution, Out in New Version
    If you've followed us here at OStatic, you've probably seen our coverage of open source file sharing, cloud and synchronization tools. For example, we've covered ownCloud and Nextcloud extensively. Not so many people know about Pydio, though, which is out in a new version Pydio7. It's an open source file sharing & sync solution that now has a host of new features and performance upgrades. It's worth downloading and trying. Through a new partnership with Collabora Productivity (the LibreOffice Cloud provider), Pydio7 now combines file sharing, document editing and online collaboration. Users can now not only access documents online, but also co-author new content and work collaboratively.
  • Chrome 55 Beta: Input handling improvements and async/await functions
    Unless otherwise noted, changes described below apply to the newest Chrome Beta channel release for Android, Chrome OS, Linux, Mac, and Windows.
  • Chrome 55 Beta Brings Async/Await To JavaScript
    Google is ending this week by rolling out the Chrome/Chromium 55 web-browser beta. Chrome 55 Beta brings support for the async and await keywords to JavaScript for Promise-based JavaScript coding. Great to see them finally improving the asynchronous JS support.
  • Open-Source Innovations Driving Demand for Hadoop
    AtScale, provider of BI (Business Intelligence) on Hadoop, has released its study titled "The Business Intelligence Benchmark for SQL-on-Hadoop engines," which is a performance test of BI workloads on Hadoop. The report also studies the strengths and weaknesses of Hive, Presto, Impala and Spark SQL, which are the most popular analytical engines for Hadoop.
  • Microsoft CEO Offers SQL Server for Linux Update [Ed: bad idea to use it [1, 2]]
  • New SafariSeat wheelchairs made from bicycle parts help East Africans roam rough terrain
  • SafariSeat, an Open Source Wheelchair for Rural Offroading
    If you’re disabled in a poorly developed part of the world, even a great modern wheelchair may be next to useless. What’s needed is a more off-road design that’s made to be easy to manufacture and repair than something built for a city with sidewalks. SafariSeat is a newly designed open-source wheelchair that hopes to make a big impact for disabled people the world over. It uses push bars for power and has large front wheels and small rear ones to easily roll over large objects. In a novel move, the designers included a moving seat that shifts bit every time you push the bars to help prevent pressure sores on the butt.
  • Five 3D printing projects for Halloween
    With Halloween fast approaching I figured it was time to add some 3D printed decorations to the office. Below are some of my pictures for fun Halloween-themed prints. I tried to pick some models that demonstrate varied printing techniques.