Two vulnerabilities have been discovered in dokuwiki. Access control in
the media manager was insufficiently restricted and authentication could
be bypassed when using Active Directory for LDAP authentication.
Chad Vizino reported a vulnerability in torque, a PBS-derived batch
processing queueing system. A non-root user could exploit the flaw in
the tm_adopt() library call to kill any process, including root-owned
ones on any node in a job.
Sogeti found a denial of service flaw in libxml2, a library providing
support to read, modify and write XML and HTML files. A remote attacker
could provide a specially crafted XML file that, when processed by an
application using libxml2, would lead to excessive CPU consumption
(denial of service) based on excessive entity substitutions, even if
entity substitution was disabled, which is the parser default behavior.
What if Microsoft released an operating system in the chasm between Windows 3.1 and Windows 95? It might look something like Windows 93, an interactive art project by Jankenpopp and Zombectro that you can try right in your browser.
Those who are eager to try out OS X Yosemite on any compatible Intel-based PC can follow a simple guide to install the same using UniBeast tool. The UniBeast tool creates a bootable installer via downloaded version of OS X Yosemite.
The Warpstock annual conference was held on Oct 24 to 26 on St. Louis, Missouri. These conferences are related to the OS/2 and eComStation platform. Currently there are two reviews of the event online at OS2World and at WarpCity2 blog. Between the relevant news there is a new company called "Arca Noae" that will focus on software development for the platform. They are working on ACPI, USB, Network and other drivers for the platform. Additionally Mensys also gave some light why there haven't been activity on the last year. Arca Noae announced driver releases and software subscription products for the users of this platform.
It's got a built-in GPS, so you can wear in around and don't have to take your phone. It's svelte and stylish. The display is small (keeping the device small) but it's high resolution and touchscreen. In addition to all the standard quantified self stuff, it supports mail, messaging, calendar, and alerts. It costs $199, and it's on sale now (for preorder). Most importantly, you can load it with Starbucks credit and use it to pay for lattes. Looks like a winner.
The FTDI FT232 chip is found in thousands of electronic baubles, from Arduinos to test equipment, and more than a few bits of consumer electronics. Itâs a simple chip, converting USB to a serial port, but very useful and probably one of the most cloned pieces of silicon on Earth. Thanks to a recent Windows update, all those fake FTDI chips are at risk of being bricked. This isnât a case where fake FTDI chips wonât work if plugged into a machine running the newest FTDI driver; the latest driver bricks the fake chips, rendering them inoperable with any computer.
"The NoPhone is shatterproof, waterproof, doesn't have a camera, is Bluetooth incompatible and probably doesn't bend, but you'll be too immersed in the real world to know or care" reports The Independent. Could well be revolutionary.
Visopsys is an alternative OS for PC-compatibles. Version 0.75 is the third update this year, and is particularly focused on hardware, adding USB 3.0 (XHCI) and APIC interrupt controller support, as well as improved USB 2.0 and hub support. Downloads are available from here, and details are available in the change log
Asm.js deserves closer inspection for two reasons. First, it's the one "native browser VM" that doesn't massively reinvent wheels. Second, it's the only time a browser vendor's "next-gen JS" attempts have actually gotten everybody else to pay attention. But what are we transitioning into exactly?
A critical flaw in the open-source Wget application that is widely used on Linux and Unix systems for retrieving files has been patched quietly. A Metasploit module is available for testing. The disclosure is here. Red Hat's bug report is here.
Ars tells us The World Wide Web Consortium (W3C), the industry group that oversees the development of the specs used on the Web, today announced that the fifth major version of the hypertext markup language specification, HTML5, was today given Recommendation status, W3C's terminology for a final, complete spec.
Cnet interviews Google Senior Vice President Sundar Pichai, who's in charge of both Android and Chrome OS, and asks whether the two Google OSes will work more closely together or eventually merge. Merger is apparently not on the roadmap. The interview covers operational housekeeping among the Google OS teams, seriously moving into the "phablet" space, anti-theft mechanisms for mobiles,
Macworld UK has the details on minor interface and usability tweaks that are new or expanded in OSX Yosemite. Did you know that RSS support in Safari is back? That you could see an overview of all images that a chat partner has sent? That you can un-flattify the UI somewhat? Or that the super-useful document annotation features in Preview are now even better? Now you do.
I guess today's the day that people finally got around to trying to make Handoff work, because both Time and Gizmodo published short articles outlining the finicky steps it takes to get your Mac and iOS device to recognize each other. The key step seems to be to log off and back on to iCloud in both devices, because as with everything dealing with iCloud, it's a bit of a crap shoot. But when it does work, it's pretty nifty. The best part of the read was one of the comments on the Gizmodo with a classic quote from Anchorman: "60% of the time, it works every time."
José Antonio Calvo has announced the release of Zentyal Server 4.0, a new version of the project's Ubuntu-based distribution designed for small business servers: "The Zentyal development team is proud to announce Zentyal Server 4.0, a new release of the open-source Linux small business server with native Microsoft....
Johnny Hughes has announced the release of CentOS 6.6, un updated build of the project's legacy branch, compiled from the source code for Red Hat Enterprise Linux 6.6: "We are pleased to announce the immediate availability of CentOS 6.6 install media for i386 and x86_64 architectures. CentOS 6.6....
Barry Kauler has announced the release of Puppy Linux 6.0 "Tahrpup" edition, a minimalist distribution compatible with Ubuntu 14.04 binary packages: "We have another official Puppy Linux release. Since I retired from developing Puppy Linux early in 2014, keen members of the Puppy community forked my Woof Puppy....