news.debuntu.org

An unfortunate drawback to the scratch-your-own-itch development
model on which many free software projects depend is that
creators can lose interest. Without a maintainer, code gets stale and
users are either stranded or simply jump ship to a competing project.
If the community is lucky, new developers pick up where the old ones
left off, and a project may be revived or even driven to entirely new
levels of success.

Debian has updated wireshark
(multiple vulnerabilities).

Fedora has updated perl-Module-Signature (F18; F17: code
execution) and rrdtool (F18: denial of
service).

Mageia has updated qemu
(unauthorized file access), telepathy-gabble (man-in-the-middle attack),

Version 3.3 of the LLVM compiler suite is out. It adds support for a
number of new architectures, features a number of performance improvements,
and more. "3.3 is also a major milestone for the Clang frontend: it
is now fully C++'11 feature complete. At this point, Clang is the only
compiler to support the full C++'11 standard, including important C++'11
library features like std::regex.

The Apache Software Foundation has announced
a new release of "the most popular and widely-used Open Source
version control system" — Subversion 1.8.0. "Since their
introduction in prior releases, Subversion’s merge tracking and tree
conflict detection features have been critical to its ability to serve
projects where branching and merging happens often.

The Ubuntu desktop has been committed to the Unity shell for some time;
more recently, Canonical also announced
that Ubuntu will be moving over to
the new, in-house Mir display server. That decision raised a number of
eyebrows at the time, given that most of the desktop Linux community had
long since settled on Wayland as its way forward. As time passes, though,
the degree to which Canonical is breaking from the rest of the community is
becoming increasingly clear.

Debian has updated fail2ban (denial
of service).

Fedora has updated kdeplasma-addons
(F17: weak passwords generated by PasteMacroExpander) triggering a long
list of KDE updates.

Groklaw reports
that the SCO lawsuit against IBM has officially been reopened. "The
thing that makes predictions a bit murky is that there are some other
motions, aside from the summary judgment motions, that were also not
officially decided before SCO filed for bankruptcy that could, in SCO's
perfect world, reopen certain matters. I believe they would have been
denied, if the prior judge had had time to rule on them. Now? I don't
know.

Linus has announced the 3.10-rc6 kernel
prepatch, noting that the patch rate (226 changes since -rc5) seems to be
slowing a little bit. "But even if you're a luddite, and haven't yet
learnt the guilty pleasures of a git workflow, you do want to run the
latest kernel, I'm sure. So go out and test that you can't find any
regressions. Because we have fixes all over..."

The H looks at the recent 3.2 release of the Ardour digital audio workstation, highlighting the addition of video support. Specifically, Ardour does not edit video, but allows users to import it for synchronizing with audio content. "The new video feature can display imported video tracks with frame-by-frame granularity in a timeline and allows users to lock audio tracks to individual video frames.

Fedora has updated gallery3 (F17, F18; insecure URL handling) and xen (multiple vulnerabilities).

Mandriva has updated apache
(multiple vulnerabilities) and subversion
(denial of service).

openSUSE has updated libxcb
(integer overflow), lib