lwn.net

warning: Creating default object from empty value in /var/www/home/chantra/debuntu.org/drupal-6.19/modules/taxonomy/taxonomy.pages.inc on line 34.

Riddell: Upstream and Downstream: why packaging takes time

Kubuntu developer Jonathan Riddell looks at packaging all of the pieces of KDE on his blog. His perspective is, of course, Kubuntu-focused, but the comments contain lengthy responses from Fedora and openSUSE KDE packagers, which makes for a good look at the work distributions put into packaging a huge code base like KDE. "Much of what we package are libraries and if one small bit changes in the library, any applications which use that library will crash.

Five new stable kernels

Greg Kroah-Hartman has announced the release of five new stable kernels: 3.16.1, 3.15.10, 3.14.17, 3.10.53, and 3.4.103. As usual, each has important fixes
and users should upgrade. In addition, this is the last 3.15.x release, so
users should be switching to the 3.16 series.

Security advisories for Thursday

CentOS has updated openssl (C7; C6; C5: multiple vulnerabilities).

Debian has updated gpgme1.0 (code
execution).

Gentoo has updated adobe-flash
(multiple vulnerabilities), catfish
(multiple privilege escalations), and libpng (three vulnera

[$] LWN.net Weekly Edition for August 14, 2014

The LWN.net Weekly Edition for August 14, 2014 is available.

[$] Lessons from the Novena laptop project

Flock is the annual conference for the Fedora distribution, but, like most
free-software events, the program draws on a wide range of projects.
At this year's event in Prague, keynote speaker Sean Cross spoke about
his work on the Novena
laptop
project—including some speculation as to why it is
succeeding in the demonstrably harsh space of open hardwar

Wednesday's security updates

Red Hat has updated flash-plugin (multiple vulnerabilities) and openstack-ceilometer (RHEL OpenStack
Platform: privilege escalation).

Ubuntu has updated kernel
(14.04: denial of service), linux-lts-trusty (12.04: denial of
service), and openjdk-6 (10.04, 12.04:
multiple vulnerabilities).

The Linux Plumbers Conference is almost full

The 2014 Linux Plumbers Conference (October 15-17, Düsseldorf,
Germany) has sent out an
advisory
that the registration limit is about to be reached. "We
are very rapidly approaching our attendance limit, this year faster than in
any past editions of the conference. We expect that the conference general
registration will be sold out soon, possibly even within a few days.

SFC and OSI team up to work on tax exemption issues for US organizations

The Software Freedom Conservancy (SFC) and Open Source Initiative (OSI) have announced (and here) that they are both founding members of a working group "focused on tax exemption issues for organizations in the United States". The working group will be open to participation by any concerned groups or individuals and will be looking for legal experts to join in.

LPC: An In-Depth Look: Live Kernel Patching Microconference

The Linux Plumbers Conference (LPC) has a new blog post looking at the live kernel patching microconference. "There has been a great deal of interest in live kernel patching (see this LWN.net article) over the past few months, with several different approaches proposed, including CRIU+kexec, kGraft, and kpatch, all in addition to ksplice.

Tuesday's security updates

CentOS has updated tomcat6 (C6:
two vulnerabilities, one from 2013).

Debian has updated acpi-support
(regression in earlier security fix).

Gentoo has updated libssh (key
disclosure via bad randomness).

Mageia has updated drupal (denial
of service), kdelibs4 (M3: authorization
bypass),

Syndicate content