Debian Security   [more] [xml]
 2015-01-25 DSA-3139 squid - security update

Matthew Daley discovered that squid, a web proxy cache, does not properly perform input validation when parsing requests. A remote attacker could use this flaw to mount a denial of service attack, by sending specially crafted Range requests.

 2015-01-25 DSA-3138 jasper - security update

An off-by-one flaw, leading to a heap-based buffer overflow (CVE-2014-8157), and an unrestricted stack memory use flaw (CVE-2014-8158) were found in JasPer, a library for manipulating JPEG-2000 files. A specially crafted file could cause an application using JasPer to crash or, possibly, execute arbitrary code.

 2015-01-24 DSA-3137 websvn - security update

James Clawson discovered that websvn, a web viewer for Subversion repositories, would follow symlinks in a repository when presenting a file for download. An attacker with repository write access could thereby access any file on disk readable by the user the webserver runs as.

Debian Wiki   [more] [xml]
 2015-01-26T15:51:50Z CrossToolchains
 2015-01-26T14:41:02Z ReproducibleBuilds/History
write some more history
 2015-01-26T13:16:58Z BSP/2015/01/31/no/Oslo
removed self, I was double booked :\   [more] [xml]
 Mon, 26 Jan 2015 08:00:00 -0800 Top Ten Things Linux Users Say About systemd

 FOSSforce: Ladies and gentlemen, from the home office in Omaha, Nebraska, here is this week's Top Ten List:  the top ten things Linux users say about systemd.

 Mon, 26 Jan 2015 07:00:00 -0800 Armello and Perfect Golf in EA on Steam

 tuxarena: Two more games entered Early Access on Steam during the past couple of days

 Mon, 26 Jan 2015 06:00:00 -0800 Learning about Docker and Linux containers Surely you've heard of Docker by now.

 Mon, 26 Jan 2015 05:00:00 -0800 How to build a Database driven app on Linux with python and MySQL

 techarena51: CRUD (Create, Read, Update and Delete) is the basic operation of any database driven app

 Mon, 26 Jan 2015 04:00:00 -0800 LibreOffice finally arrives on Android

 ITworld: Something is better than nothing, but LibreOffice has a long way to go to solve problems that Android users face.

 Sun, 25 Jan 2015 22:00:00 -0800 How to make a file immutable on Linux

 xmodulo: chattr is a Linux command which allows one to set or unset attributes on a file, which are separate from the standard (read, write, execute) file permission.

 Sun, 25 Jan 2015 18:00:00 -0800 Designing with Linux

LinuxJournal: FreeCAD can read and write several different file formats used in modelling and 3-D printing.

 Sun, 25 Jan 2015 14:00:00 -0800 Zenwalk Linux - A Walk on the Quirky Side

LinuxInsider: Zenwalk Linux is a very usable yet uncommon Linux OS. It is more than a single distribution.

 Sun, 25 Jan 2015 10:00:00 -0800 Your anonymous code contributions probably aren't: boffins

el Reg: Coders are creatures of easily-identifiable habit

OSNews   [more] [xml]
 Mon, 26 Jan 2015 14:54:19 GMT CyanogenMod CEO wants to "take Android away from Google"
CyanogenMod CEO McMaster said some interesting things recently. To remove all doubts right from the get go, here's how McMaster introduced himself: "I'm the CEO of Cyanogen. We're attempting to take Android away from Google." Asked to detail his vision, McMaster explained that Cyanogen wants to provide a version of Android that is open down to its core, that partners can use to build highly integrated services, in a way that is not possible right now with Google’s Android. Well, either McMaster has no idea what he's talking about, or he's purposefully being disingenuous. It's most likely the latter, since he's got something to sell. Of course, all the things McMaster claims his company will make possible with Android are already possible today, have been possible for years, and are actually actively being done all over the world. There are dozens of millions - possibly hundreds of millions - of users using Google-less Android all over the world; in China, Russia, the US, and beyond. Android's openness makes it possible to replace all of Google's applications and services with those from another company, vendor, or provider. Even you can do it! Just download Yandex.Kit, for instance. The confusion seems to stem from people conflating Google Apps/Play Services with Android. This is an easy mistake to make for those not familiar with Android. Android itself (AOSP) is completely open source, and freely available to everyone to use as a base for a competing platform. Countless of Chinese companies, Russia's Yandex, Nokia, Amazon, and others have attracted millions and millions of users this way. In contrast, Google has a lot of control over Google Apps/Play Services and keeps them (mostly) proprietary. However, despite a lot of rattling of chains from Apple bloggers and Ars Technica, Google Apps and Play Services are by no means a crucial, unmissable part of Android, and they, by no means, make Android "unforkable". In fact, if you look at the APIs currently part os Play Services, they are all strictly related to Google Services (as the name implies), and not Android itself (e.g. they don't deal with things like hardware access). On top of that, despite Google Apps/Play Services being proprietary, they are "freely" available; Google basically employs a gedoogbeleid concerning their availability, and allows users of custom ROMs and non-Google Android to download them. My Jolla phone, which doesn't even run Android in the first place, has Google Apps/Play Services installed. I am not happy with the fact that the Google Apps are proprietary, mostly because I see no need for them to be as such. Google could win a lot of goodwill by opening them up again, but Google being a company, it's unlikely they will ever do so. Play Services are a bit of a different story; while I would certainly love for them to be open as well, I understand (though not necessarily agree) Google wants to maintain control over the access to their very servers. The article makes another common mistake: it claims that Android manufacturers are not allowed to release Android forks. This is based on leaked 2011 licensing terms covering the Google Apps/Play Services. However, despite these leaked terms, there are several manufacturers who release Android devices both with and without Google services; Huawei and Explay are good examples of that (they both sell regular Android phones with Google services, but also devices in Russia that use Yandex.Kit). This means that either the licensing terms from 2011 are outdated, or (more likely) they are custom, and do not apply to every manufacturer. In any case, the blanket statement that all manufacturers must choose between nothing but Android with Google services, or no Android services at all is clearly not true. In any case, I'm sure McMaster knows all this just fine - you can't be the CEO of CyanogenMod without said understanding - which makes these comments all the more paper-thin. Then again, after the scummy way CyanogenMod treated OnePlus, I'm not exactly surprised.
 Sun, 25 Jan 2015 20:44:03 GMT The untold story of the invention of the game cartridge
Consider the humble video game cartridge. It's a small, durable plastic box that imparts the most immediate, user-friendly software experience ever created. Just plug it in, and you're playing a game in seconds. If you’ve ever used one, you have two men to thank: Wallace Kirschner and Lawrence Haskel, who invented the game cartridge 40 years ago while working at an obscure company and rebounding from a business failure. Once the pair's programmable system had been streamlined and turned into a commercial product - the Channel F console - by a team at pioneering electronics company Fairchild, it changed the fundamental business model of home video games forever. By injecting flexibility into a new technology, it paved the way for massive industry growth and the birth of a new creative medium. Ah, gaming with effectively no loading times. Those were the days.
 Sat, 24 Jan 2015 23:17:30 GMT MPW, Carbon and building Classic Mac OS apps in OS X
Steven Troughton-Smith: Just to provide an example for this post, I put together a trivial drawing app called BitPaint. It isn't very interesting, but it should illustrate a few things: What's involved in bringing a trivial classic Mac app to Carbon How the Classic Mac OS build process works How much source compatibility exists between 1984's Toolbox and Carbon today The answer to the third question is surprising: a lot. In fact, Steven managed to build an application that runs on every version of Mac OS/OS X, all the way from System 1.0 to today's OS X 10.10 Yosemite. I've been following Steven's progress (and by following I mean 'looked at pretty screenshots' because I don't understand the developer stuff), and it's quite incredible to see a single codebase run on such a long string of Mac OS/OS X releases. A crucial aspect in this whole endeavour has been mpw, "an m68k binary translator/emulator whose sole purpose is to try and emulate enough of Classic Mac OS to run MPW's [note the caps!] own tools directly on OS X". I am incredibly psyched about mpw. Its developer, ksherlock, has been very responsive to everything I've come up against as I stress test it against various tools and projects. Right now it's a fully usable tool that makes Classic Mac OS compilation possible and easy to do on modern versions of OS X, without requiring emulators or ancient IDEs or the like. To my knowledge, this is the first time this has been possible (excluding legacy versions of CodeWarrior). This entire post is a must-read. News   [more] [xml]
 2015-01-26T07:13:17+00:00 Development Release: Evolve OS Beta 1
Ikey Doherty has announced the availability of the first beta release of Evolve OS, a desktop Linux distribution built from scratch, with a home-made desktop called "Budgie" and a custom package manager forked from Pardus Linux: "The Evolve OS team is proud to announce the release of Evolve....
 2015-01-26T01:38:40+00:00 DistroWatch Weekly, Issue 594
This week in DistroWatch Weekly: Reviews: First thoughts on KaOS 2014.12 News: Getting involved with Ubuntu, Snappy Ubuntu Core for embedded devices, Debian releases new installer for "Jessie", using DragonFly BSD's Slider, Fedora fixes PackageKit, features coming to Fedora 22, and FreeBSD's quarterly status report Questions and....
 2015-01-25T02:03:15+00:00 Distribution Release: 4MLinux 11.0
Zbigniew Konojacki has announced the release of 4MLinux 11.0, an updated version of the project's lightweight desktop Linux distribution built from scratch and featuring a customised JWM window manager: "The status of the 4MLinux 11.0 series has been changed to stable. Major changes in the core of the....

powered by zFeeder





Translate to Spanish