Independent IT Consulting - Melbourne - Australia - Mobile: 0407 321 685
 
NS Computing I switched to Linux
 
 REQUEST INFO/QUOTE   PRODUCTS AND SERVICES   CUSTOMER SUPPORT   CONTACT US   ABOUT 
  Home » / » Linux Weekly News My Account | Cart Contents | Checkout 
MAIN
 Products/Services
 Linux: History
 Why Linux?
 Why Debian?
 Why Windows?
 Web Portfolio
 Web Tools
GNU/LINUX SITES
 GNU/Linux Links
 tLDP.org 
 LinuxFocus 
 Linux Gazette 
NEWS SITES
 LWN 
 Linux Journal 
 LinuxInsider 
 OSDir.com 
 OSNews 
 Slashdot 
SECURITY SITES
 US-CERT 
 HNS 
 Secunia 
 SANS ISC 
INFORMATION
 Privacy Notice
 Conditions of use
 About
 
External News - Linux Weekly News External News - Linux Weekly News
 
fase4 RDF Error: Cannot open cache/1a9807799770826213a711dc4338dc77

Exception at Line: 973
LWN.net
LWN.net is a comprehensive source of news and opinions from and about the Linux community. This is the main LWN.net feed, listing all articles which are posted to the site front page.
 
cache update: 06.05.2010 04:32:57
http://lwn.net
LinuxDevices.com is carrying a brief notefrom the "outgoing editor-in-chief"stating that the site's owner has been acquired. "At this point, the future of LinuxDevices.com is uncertain. What we can say for sure is that it has been a pleasure serving our readers -- the best in the business."
The end of LinuxDevices?
Slackware has been silent for some time (noted in this comment thread). Although we haven't seen any advisories in the LWN mailbox, the changelogsare showing some new updates. Slackware users should update their systems.
Slackware updates
Greg KH has released stable kernels 3.0.19, 3.2.3and 2.6.32.56. All of them have important fixes across the board. Update3.2.4has now been released to address a compilation problem in 3.2.3.
Stable kernels 3.0.19, 3.2.3 and 2.6.32.56
CentOShas updated ghostscript(C6; C5; C4: multiple vulnerabilities), php(C6; C5; C4: remote code execution), and C5: php53(remote code execution). Debianhas updated iceweasel(multiple vulnerabilities), iceape(multiple vulnerabilities), and php5(remote code execution). Mandrivahas updated mozilla(multiple vulnerabilities). Red Hathas updated RHEL5: php53(remote code execution), RHEL4,5,6: php(remote code execution), ghostscript(RHEL5,6; RHEL4: multiple vulnerabilities), and RHEL5.6: freetype(code execution). Scientific Linuxhas updated SL5: php53(remote code execution), SL4,5,6: php(remote code execution), and ghostscript(SL5,6; SL4: multiple vulnerabilities).
Friday's security updates
The PHP 5.3.10 release is out; it contains a fix for a remote code execution bug introduced recently by another security fix. Anybody running 5.3.9 should probably upgrade as soon as possible.
PHP 5.3.10 released with critical security fix
The H is reportingthat a critical remote code execution bug has been found in PHP that was caused by the recent fix for the widespread denial of service via hash collisionsvulnerability. "The cause of the problem is the security update to PHP 5.3.9, which was written to prevent denial of service (DoS) attacks using hash collisions. To do so, the developers limited the maximum possible number of input parameters to 1,000 in php_variables.cusing max_input_vars. Because of mistakes in the implementation, hackers can intentionally exceed this limit and inject and execute code. The bug is considered to be critical as code can be remotely injected over the web."
Critical PHP vulnerability being fixed (The H)
CentOShas updated openssl(C4: multiple vulnerabilities). Debianhas updated tomcat6(multiple vulnerabilities). Fedorahas updated BackupPC(F15; F16: cross-site scripting), polipo(F15; F16: denial of service), moodle(F15; F16: multiple vulnerabilities), firefox(F16: multiple vulnerabilities), xulrunner(F16: multiple vulnerabilities), thunderbird(F16: multiple vulnerabilities), thunderbird-lightning(F16: multiple vulnerabilities), gstreamer-plugins-bad-free(F16: multiple vulnerabilities), and libvpx(F16: multiple vulnerabilities). Mandrivahas updated apache(multiple vulnerabilities). Oraclehas updated firefox(OL4; OL5; OL6: multiple vulnerabilities), seamonkey(OL4: multiple vulnerabilities), thunderbird(OL4; OL6: multiple vulnerabilities), and openssl(OL4: multiple vulnerabilities). Red Hathas updated openssl(RHEL 4: multiple vulnerabilities) Scientific Linuxhas updated thunderbird(SL4&5; SL6: multiple vulnerabilities), firefox(multiple vulnerabilities), seamonkey(SL4: multiple vulnerabilities), and openssl(SL4: multiple vulnerabilities).
Security advisories for Thursday
Aaron Seigo answers questions about the Spark tablet, which is based on Plasma Active, that he announcedon January 29. There is more information about the hardware and software, delivery timeframe (May 2012), and pre-orders: "Pre-order registration will open early next week. This was one piece in the puzzle that was taking a bit [longer] than I hoped for to come together, but it's finally slotted in and our distribution partner has got the necessary infrastructure settled. I'll lift the veil off of the pre-order and our distribution strategy when it goes live."
Seigo: Spark answers
 
  Shopping Cart   more
0 items
 
  Order Online  
Services
Software CDs (4)
Web Hosting (1)
 
Get Firefox!
 
  What's New?   more
dyne:bolic 2.5.2
dyne:bolic 2.5.2
$10.00
 
Member of OSIA - Open Source Industry Australia
 
NS Computing, Melbourne, Australia, ABN: 75 348 682 179
Linux® is a registered trademark of Linus Torvalds