news.debuntu.org

Fedora has updated phpmyadmin (F17; F18: two
remote code execution flaws).

Mageia has updated ffmpeg (multiple
vulnerabilities), wordpress (three
vulnerabilities), ekiga, opal3, ptlib (denial of
service), nrpe (code execution), x11-server (keystrok

The LWN.net Weekly Edition for May 9, 2013 is available.

Ubuntu is considering adopting a new package format for third-party
applications that would be simpler for developers to work with. This
format would not replace dpkg in the Ubuntu system itself. "So the scope of what I've been considering is
purely leaf apps built on a fixed 'base system', which in the case of
the initial target of the Ubuntu phone/tablet work would be the run-time
part of the Ubuntu SDK."

Greg KH has updated stable kernels 3.9.1,
3.8.12, 3.4.44, and 3.0.77. All of them include important fixes.

Fedora has updated rubygem-rack (F18; F17:
multiple vulnerabilities) and rubygem-rdoc (F18; F17:
cross-site scripting).

Mandriva has updated glibc
(ES 5.0: multiple vulnerabilities) and glibc (BS 1.0: denial of service).

SUSE has updated kernel (

On a typical Linux system, each running CPU will be diverted between 100
and 1000 times each second by the periodic timer interrupt. That interrupt
is the CPU's cue to reconsider which process should be running, catch up
with read-copy-update (RCU) callbacks, and generally handle any necessary
housekeeping.

Matthew Garrett has posted an introduction to the
trusted platform module (TPM) chip and what can be done with it.
"I've been working on TPMs lately. It turns out that they're
moderately awful, but what's significantly more awful is basically all the
existing documentation. So here's some of what I've learned, presented in
the hope that it saves someone else some amount of misery."

Red Hat has updated subscription-manager (man-in-the-middle
attack).

Ubuntu has updated libxml2 (13.04:
code execution) and mesa (12.04 LTS:
code execution).

The Linux
Foundation Collaboration Summit (LFCS) seems to be a likely venue for an
update on the status of building the kernel with Clang/LLVM. Both in 2011 and 2012, we covered those updates. LFCS 2013
continued the trend as LLVMLinux
project lead Behan Webster presented the status and plans for the
project at LFCS.

The PyPy project has announced
an alpha release of its Python interpreter for the ARM architecture.
"This is the first release that supports a range of ARM devices -
anything with ARMv6 (like the Raspberry Pi) or ARMv7 (like Beagleboard,
Chromebook, Cubieboard, etc.) that supports VFPv3 should work."
Benchmark results are included in the announcement; it seems that, in many
cases, PyPy speeds things up on ARM even more than on the x86 architecture,
even in its current, unpolished state.