lwn.net

warning: Creating default object from empty value in /var/www/home/chantra/debuntu.org/drupal-6.19/modules/taxonomy/taxonomy.pages.inc on line 34.

Ars Technica: Tor network’s ranks of relay servers cut because of Heartbleed bug

Ars Technica reports
on the impact that the "Heartbleed" bug in OpenSSL has had for the Tor
anonymizing network. "The Tor Project team has been moving to
provide patches for all of the components, and most of the core
network was quickly secured. However, a significant percentage of the relay servers, many of which serve countries with heavy Internet censorship, have remained unpatched. These systems are operated by volunteers and may run unattended."

Friday's security updates

Debian has updated openssl
(multiple vulnerabilities), qemu (code
execution), and qemu-kvm (code execution).

Mageia has updated apache-mod_security (rules bypass), cups-filters (M4: code execution), openjpeg (code execution), php (denial of service), and

Debian 6.0 to get long-term support

The Debian project has announced that the security support period for the
6.0 ("squeeze") release has been extended by nearly two years; it now runs
out in February 2016. At the end, squeeze will have received a full five
years of security support. "squeeze-lts is only going to support i386 and amd64. If you're
running a different architecture you need to upgrade to Debian 7
(wheezy). Also there are going to be a few packages which will not
be supported in squeeze-lts (e.g. a few web-based applications
which cannot be supported for five years).

ISC releases BIND 10 1.2, renames it, and turns it over to community

Internet Systems Consortium, the non-profit behind the BIND DNS server, has released version 1.2 of BIND 10, which is the last release it will make of the "applications framework for Internet infrastructure, such as DNS". That completes ISC's development effort on BIND 10, so it has renamed the project to Bundy and turned it over to the community for updates and maintenance.

Ubuntu 14.04 LTS (Trusty Tahr) released

Ubuntu has announced the release of its latest long-term support
distribution: Ubuntu 14.04 LTS (aka "Trusty Tahr"). The release notes
have all the details.

Plant Breeders Release First 'Open Source Seeds' (NPR)

NPR has a look at the cross-pollination of open source software and agriculture, resulting in the release of the first "Open Source Seeds".

QEMU 2.0.0 released

The QEMU team has announced
the release of version 2.0.0 of the QEMU "open source machine
emulator and virtualizer".

Security updates for Thursday

Debian has announced that
regular security updates for Debian 6.0 ("squeeze") will cease on May 31.
But there will be long-term support for most of the packages in squeeze on
just the i386
and amd64 architectures until February 2016.

Fedora has updated cacti (F20; F19:
multiple vulnerabilities), json-c (F20: two
denial of service flaws), and

[$] LWN.net Weekly Edition for April 17, 2014

The LWN.net Weekly Edition for April 17, 2014 is available.

Security advisories for Wednesday

CentOS has updated java-1.6.0-openjdk (C6; C5: multiple vulnerabilities) and java-1.7.0-openjdk (C6; C5: multiple vulnerabilities).

Debian has updated chromium-browser (multiple vulnerabilities) and virtualbox (code execution).

Fedora has updated

Syndicate content