lwn.net

warning: Creating default object from empty value in /var/www/home/chantra/debuntu.org/drupal-6.19/modules/taxonomy/taxonomy.pages.inc on line 34.

2014 Linux Security Summit schedule published

James Morris has a blog post announcing that the schedule for this year's Linux Security Summit (LSS) is now available. It starts with a keynote from James Bottomley of Parallels, then there are seven refereed talks, as well as other sessions: "Discussion session topics include Trusted Kernel Lock-down Patch Series, led by Kees Cook; and EXT4 Encryption, led by Michael Halcrow & Ted Ts’o.

OpenSSL fork LibreSSL is declared “unsafe for Linux” (Ars Technica)

Ars Technica reports
that a security researcher has found what he calls a "catastrophic failure"
in the Linux version of LibreSSL. "The failure results in cases where the same 16-bit PID is used to designate two or more processes. Linux ensures that a process can never have the same ID as the child process it spawned, but it remains possible for a process to have the same PID as its grandparent process.

KDE Plasma 5.0

KDE has announced the
release
of Plasma 5.0. "Plasma 5.0 introduces a new major version of KDE's workspace offering. The new Breeze artwork concept introduces cleaner visuals and improved readability. Central work-flows have been streamlined, while well-known overarching interaction patterns are left intact. Plasma 5.0 improves support for high-DPI displays and ships a converged shell, able to switch between user experiences for different target devices.

Tuesday's security updates

Red Hat has updated ror40-rubygem-activerecord (RHSC1: SQL
injection) and ruby193-rubygem-activerecord
(RHSC1: SQL injection).

SUSE has updated flash-player
(SLED11SP3: multiple vulnerabilities).

Google's "Project Zero"

Google's newly announced
Project Zero is focused on making the net as a whole safer from attackers.
"We're not placing any particular bounds on this project and will
work to improve the security of any software depended upon by large numbers
of people, paying careful attention to the techniques, targets and
motivations of attackers. We'll use standard approaches such as locating
and reporting large numbers of vulnerabilities.

[$] Filesystem notification, part 2: A deeper investigation of inotify

In the first article in this series, we briefly looked at the original Linux filesystem notification API, dnotify, and noted a number of its limitations. We then turned our attention to its successor, inotify, and saw how the design of the newer API addressed various problems with the dnotify API while providing a number of other benefits as well. At first glance, inotify seems to provide a complete solution for the task of creating an application that reliably monitors the state of a filesystem.

Justin Miller on how Mapbox runs like an open source project (Opensource.com)

Opensource.com has been running a series of interviews with OSCON speakers. In this article
Justin Miller, a
developer at Mapbox, talks with
Michael Harrison.

[Michael] Mapbox is "running a business like you would run an open source
project." Can you elaborate on what that means?

[Justin] This is the meat of my talk, but basically, the organization is flat and open.

Security advisories for Monday

Fedora has updated claws-mail
(F20: code execution), claws-mail-plugins
(F20: code execution), docker-io (F20; F19:
privilege escalation), openstack-nova (F20:
privilege escalation), and pnp4nagios (F20; F19: cross-site scripting).

openSUSE ha

Kernel prepatch 3.16-rc5

Linus has sent out the 3.16-rc5 prepatch.
"Things are looking normal, and as usual, I _wish_ there was a bit
less churn going on since it's getting fairly late in the rc cycle, but
honestly, it's not like there is anything that really raises any eyebrows
here."

First Release of LibreSSL Portable Available

OpenBSD Journal is reporting
that the first release of LibreSSL Portable is available for download from
OpenBSD project servers. LibreSSL is the OpenSSL fork
started in April by members of the OpenBSD development community after the
"Heartbleed" vulnerability; the "Portable" version is designed to run
on operating systems other than OpenBSD itself, including Linux.

Syndicate content