news.debuntu.org

Since the advent of object-oriented programming languages around the
time of Smalltalk in the 1970s, inheritance has been a mainstay of the
object-oriented vision. It is therefore a little surprising that both
"Go" and "Rust" — two relatively new
languages which support
object-oriented programming — manage to avoid mentioning it.
In this subscriber-only article, Neil Brown looks at how this classic
object-oriented concept has evolved in two recent languages.

Fedora has updated pdns-recursor (F18; F17:
ghost domain name resolving flaw).

The Mozilla blog reports
that Mozilla is using its trademarks to back up a cease-and-desist letter to
Gamma International, the maker of the infamous FinFisher surveillance
system. "We cannot abide a software company using our name to
disguise online surveillance tools that can be – and in several cases
actually have been – used by Gamma’s customers to violate citizens’ human
rights and online privacy."

As open source becomes more popular and mature, questions of
formalizing the governance and corporate structures of projects are
becoming of increasing importance, as can been seen by the rising
visibility of various
FOSS foundations. At the Linux Foundation Collaboration Summit in San
Francisco, Tony Sebro shared his insights about the value that fiscal
sponsors bring as umbrella organizations for FOSS projects.

Open Build Service (OBS) 2.4 has been released. "With OBS 2.4 it is now possible to build packages in the PKGBUILD format used for instance by the popular Arch Linux distribution. This is the third package format, after RPM and DEB, supported by the OBS which makes it feasible to build and ship software for all the major Linux distributions that use a binary package format.

Debian has updated strongswan
(authentication bypass).

Fedora has updated mediawiki (F18; F17:
multiple vulnerabilities) and qemu (host
file disclosure).

Mandriva has updated apache-mod_security (file disclosure, denial
of service), krb5 (ES 5.0;

Wayland developer Kristian Høgsberg has sent out a message detailing his
plans for Wayland 1.2 and beyond. "What I'd like to do is to release a new major version
every quarter. So we'll be aiming for 1.2 end of June, 1.3 end of
September and so on. The motivation for this is that we have a lot of
new features and new protocol in the works and a time-based release
schedule is a good way to flush out those features.

The Linux Foundation has announced
that it will be supporting three kernel internships for the upcoming
Outreach Program for Women cycle. "The official deadline for
applying to OPW is May 1st. However, the kernel project joined late, so
that deadline is flexible.

Fedora has updated haproxy (F18; F17: code
execution), php-twig-Twig (F18; F17: file disclosure), and kernel (F18: multiple vulnerabilities).

Mandriva has updated util-linux
(information disclosure) and fuse (denial
of service).

Andy Lutomirski has posted a description of a set of security
vulnerabilities fixed in recent stable updates. One is a fairly severe
user namespace vulnerability that appeared in the 3.8 kernel; another dates
back to 2.6.36. Exploit code is included.