Security updates have been issued by Arch Linux (bind, irssi, nrpe, perl-xml-libxml, and transmission-cli), CentOS (java-1.8.0-openjdk), Debian (awstats, libgd2, mysql-5.5, rsync, smarty3, and transmission), Fedora (keycloak-httpd-client-install and rootsh), and Red Hat (java-1.7.0-oracle and java-1.8.0-oracle).
Security updates have been issued by CentOS (linux-firmware and microcode_ctl), Fedora (icecat and transmission), Oracle (java-1.8.0-openjdk and microcode_ctl), Red Hat (java-1.8.0-openjdk), Scientific Linux (java-1.8.0-openjdk), Slackware (bind), SUSE (kernel), and Ubuntu (eglibc).
Security updates have been issued by Debian (bind9, wordpress, and xbmc), Fedora (awstats, docker, gifsicle, irssi, microcode_ctl, mupdf, nasm, osc, osc-source_validator, and php), Gentoo (newsbeuter, poppler, and rsync), Mageia (gifsicle), Red Hat (linux-firmware and microcode_ctl), Scientific Linux (linux-firmware and microcode_ctl), SUSE (kernel and openssl), and Ubuntu (bind9, eglibc, glibc, and transmission).
Security updates have been issued by Arch Linux (qtpass), Debian (libkohana2-php, libxml2, transmission, and xmltooling), Fedora (kernel and qpid-cpp), Gentoo (PolarSSL and xen), Mageia (flash-player-plugin, irssi, kernel, kernel-linus, kernel-tmb, libvorbis, microcode, nvidia-current, php & libgd, poppler, webkit2, and wireshark), openSUSE (gifsicle, glibc, GraphicsMagick, gwenhywfar, ImageMagick, libetpan, mariadb, pngcrush, postgresql94, rsync, tiff, and wireshark), and Oracle (kernel).
Security updates have been issued by Arch Linux (intel-ucode), Debian (gifsicle), Fedora (awstats and kernel), Gentoo (icoutils, pysaml2, and tigervnc), Mageia (dokuwiki and poppler), Oracle (kernel), SUSE (glibc, kernel, microcode_ctl, tiff, and ucode-intel), and Ubuntu (intel-microcode).
Nextcloud has announced
Nextcloud Talk, a fully open source video meeting software that is on-premise
hosted and end-to-end encrypted. “Nextcloud Talk makes it easier than
ever to host a privacy-respecting audio/video communication service for
home users and enterprises. Business users have optional access to the
Spreed High Performance Back-end offering enterprise-class scalability,
reliability, and features through a Nextcloud subscription. With the
easy-to-use interface, users can engage colleagues, friends, partners or
customers, working in real time through High Definition (H265 based) audio
and video in web meetings and webinars.”
Security updates have been issued by Arch Linux (glibc and lib32-glibc), Debian (ming and poco), Fedora (electron-cash, electrum, firefox, heketi, microcode_ctl, and python-jsonrpclib), openSUSE (clamav-database and ucode-intel), Red Hat (flash-plugin), SUSE (OBS toolchain), and Ubuntu (webkit2gtk).
Freedom of the Press Foundation has a
tribute to James Dolan, who died over the holidays at the age of 36. James worked with Aaron Swartz and journalist
Kevin Poulsen to build the original prototype of SecureDrop, an open-source whistleblower
submission system. “He was our first full-time employee at Freedom of
the Press Foundation, and quickly set out to teach other developers,
contributors, and anyone interested in how the system worked. He poured his
heart and soul into the work, traveling to newsrooms around North America
to teach IT staffs and journalists in person how to install and use
SecureDrop. He completely reworked the installation process, he pushed us
to get independent security audits of the system, and he helped us hire the
initial team that would take over SecureDrop once he was gone.” LWN covered a LibrePlanet talk on SecureDrop back in March 2017.
(Thanks to Paul Wise)
Security updates have been issued by Debian (awstats, gdk-pixbuf, plexus-utils, and plexus-utils2), Fedora (asterisk, gimp, heimdal, libexif, linux-firmware, mupdf, poppler, thunderbird, webkitgtk4, wireshark, and xrdp), openSUSE (diffoscope, irssi, and qemu), SUSE (java-1_7_0-ibm, kernel-firmware, and qemu), and Ubuntu (irssi, kernel, linux, linux-aws, linux-euclid, linux-kvm, linux-hwe, linux-azure, linux-gcp, linux-oem, linux-lts-trusty, linux-lts-xenial, linux-lts-xenial, linux-aws, linux-raspi2, ruby1.9.1, ruby2.3, and sssd).
The privacy focused Tails distribution has released
version 3.4. This released updates the kernel to 4.14.12 to include the
latest Meltdown and Spectre patches. Many other security issues have been
fixed in this release, and users should upgrade.
Security updates have been issued by Arch Linux (graphicsmagick and linux-lts), CentOS (thunderbird), Debian (kernel, opencv, php5, and php7.0), Fedora (electrum), Gentoo (libXfont), openSUSE (gimp, java-1_7_0-openjdk, and libvorbis), Oracle (thunderbird), Slackware (irssi), SUSE (kernel, kernel-firmware, and kvm), and Ubuntu (awstats, nvidia-graphics-drivers-384, python-pysaml2, and tomcat7, tomcat8).
Three years after the last stable release, version 3.0 of the MusE
MIDI/Audio sequencer is now available. As you might expect there many
changes since the last release including a switch to Qt5, a new Plugin Path
editor in Global Settings, a mixer makeover with lots of fixes, a
system-wide move to double precision of all audio paths, and much more.
Security updates have been issued by Arch Linux (linux-hardened, linux-lts, linux-zen, and mongodb), Debian (gdk-pixbuf, gifsicle, graphicsmagick, kernel, and poppler), Fedora (dracut, electron-cash, and firefox), Gentoo (backintime, binutils, chromium, emacs, libXcursor, miniupnpc, openssh, optipng, and webkit-gtk), Mageia (kernel, kernel-linus, kernel-tmb, openafs, and python-mistune), openSUSE (clamav-database, ImageMagick, kernel-firmware, nodejs4, and qemu), Red Hat (linux-firmware, ovirt-guest-agent-docker, qemu-kvm-rhev, redhat-virtualization-host, rhev-hypervisor7, rhvm-appliance, thunderbird, and vdsm), Scientific Linux (thunderbird), SUSE (kernel and qemu), and Ubuntu (firefox and poppler).
The OpenWrt and LEDE projects have announced
their unification under the OpenWrt name. The old OpenWrt CC 15.05
release series will receive a limited amount of security and bug fixes, but
the current LEDE 17.01 series is the most up-to-date. “The merged
project will use the code base of the former LEDE project. OpenWrt specific
patches not present in the LEDE repository but meeting LEDEs code quality
requirements got integrated into the new tree. The source code will be
hosted at git.openwrt.org with a
continuously synchronized mirror hosted at Github. The original OpenWrt
codebase has been archived on
Github for future reference.”
Security updates have been issued by Debian (poppler), Fedora (glibc, phpMyAdmin, python33, and xen), Mageia (awstats, binutils, connman, elfutils, fontforge, fossil, gdb, gimp, jbig2dec, libextractor, libical, libplist, mbedtls, mercurial, OpenEXR, openldap, perl-DBD-mysql, podofo, python-werkzeug, raptor2, rkhunter, samba, w3m, and wayland), and Ubuntu (firefox).
Linux Journal is
back. “Talk about a Happy New Year. The reason: it turns out we’re not dead. In fact, we’re more alive than ever, thanks to a rescue by readers—specifically, by the hackers who run Private Internet Access (PIA) VPN, a London Trust Media company. PIA are avid supporters of freenode and the larger FOSS community. They’re also all about Linux and the rest of the modern portfolio of allied concerns: privacy, crypto, freedom, personal agency, rewriting the rules of business and government around all of those, and having fun with constructive hacking of all kinds. We couldn’t have asked for a better rescue ship to come along for us.”