An integer underflow flaw, leading to a heap-based buffer overflow, was
found in the ksba_oid_to_str() function of libksba, an X.509 and CMS
(PKCS#7) library. By using special crafted S/MIME messages or ECC based
OpenPGP data, it is possible to create a buffer overflow, which could
cause an application using libksba to crash (denial of service), or
potentially, execute arbitrary code.
The Debian fork website, put together by the Veteran Unix Admins (VUA) group, has annouced the VUA has decided to fork the popular Debian GNU/Linux distribution. The VUA is critical of Debian's decision to adopt systemd as the distribution's default init software and to allow software packaged for Debian to depend directly on systemd. The VUA plans to create a fork of Debian using SysV Init as the default init software and is asking for donations to support the endevor.
The default init system in the next Debian v8 "Jessie" release will be systemd, bringing along a deep web of dependencies. We need to individuate those dependencies, clean them from all packages affected and provide an alternative repository where to get them. The stability of our fork is the main priority in this phase.
There has been a lot of debate over systemd in the Debian community in the past few months and it will be interesting to see if this non-systemd fork of Debian gains support.
Russian internet giant Yandex has launched an alpha version of its new Chromium-based browser for Windows and Mac OS X that incorporates a few interesting ideas of how a modern browser might look. The main difference from the interface of Chrome or Firefox is the ultimate minimalism and the fact that the tabs are moved to the bottom of the page.
It actually looks quite appealing. More information and download links can be found in Yandex' blog post.
A long-standing oddity of Windows is that its branded number has for some years now not matched the version number stamped into the kernel and other parts of the operating system. Windows 7, for example, reported itself to software as being version 6.1. Windows 8 is 6.2, and Windows 8.1 is 6.3.
Current public builds of Windows 10 repeat this trend - they purport to be version 6.4 - but not for much longer. Chinese site ITHome published a picture showing the version number to be 10.0. Version number 10.0 is also cropping up on BuildFeed which tracks build numbers, and has been further corroborated elsewhere.
Interesting little tidbit of information.
Justin Sherrill has announced the release of DragonFly BSD 4.0.1, the first stable 4.0 build of the project's UNIX-like operating system created in 2003 by Matthew Dillon as a fork of FreeBSD 4.8: "Version 4.0.1 released 25 November 2014. Version 4 of DragonFly brings Haswell graphics support, 3D....
Ferdinand Thommes has announced the release of siduction 14.1.0, a set of Debian-based desktop Linux distributions with separate Cinnamon, GNOME, KDE, LXDE, LXQt and Xfce editions: "We are very happy to present the final release of siduction 2014.1 'Indian Summer'. siduction is a distribution based on Debian’s unstable....
This week in DistroWatch Weekly: Feature: Observing Scientific Linux 7.0 News: Debian votes on init coupling, Ubuntu MATE combines classic desktop with Ubuntu packages, Mageia 3 approaches end of life, FreeBSD Foundation receives generous donation, Linux Voice releases first issue for free download Questions and answers: Blocking network....