All posts by ris

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/790976/rss

Security updates have been issued by Debian (libgd2, mediawiki, otrs2, vlc, and zookeeper), Fedora (containernetworking-plugins, kernel, kernel-headers, nodejs-tough-cookie, podman, python-django, and python-urllib3), openSUSE (virtualbox), SUSE (gnome-shell, libcroco, and php7), and Ubuntu (dbus, Neovim, and vim).

Introducing Matrix 1.0 and the Matrix.org Foundation

Post Syndicated from ris original https://lwn.net/Articles/790910/rss

The Matrix team has announced
the first stable release of the Matrix protocol and specification across
all APIs. The Synapse 1.0 reference implementation, which implements the
full Matrix 1.0 API surface, has also been released. “Now, before you get too excited, it’s critical to understand that Matrix 1.0 is all about providing a stable, self-consistent, self-contained and secure version of the standard which anyone should be able to use to independently implement production-grade Matrix clients, servers, bots and bridges etc. It does not mean that all planned or possible features in Matrix are now specified and implemented, but that the most important core of the protocol is a well-defined stable platform for everyone to build on.

On the Synapse side, our focus has been exclusively on ensuring that
Synapse correctly implements Matrix 1.0, to provide a stable and secure
basis for participating in Matrix without risk of room corruption or other
nastinesses.” The announcement also covers the launch of the
Matrix.org Foundation.

Security updates for Tuesday

Post Syndicated from ris original https://lwn.net/Articles/790875/rss

Security updates have been issued by CentOS (bind and thunderbird), Mageia (firefox, ghostscript, graphicsmagick, imagemagick, postgresql, and thunderbird), Oracle (kernel), Red Hat (Advanced Virtualization and rh-haproxy18-haproxy), SUSE (bind, gstreamer-0_10-plugins-base, thunderbird, and vim), and Ubuntu (elfutils, glib2.0, and libsndfile).

Security updates for Monday

Post Syndicated from ris original https://lwn.net/Articles/790818/rss

Security updates have been issued by Arch Linux (chromium and pam-u2f), Debian (cyrus-imapd), Fedora (curl, cyrus-imapd, kernel, kernel-headers, php, and vim), openSUSE (axis, bind, bubblewrap, evolution, firefox, gnome-shell, libpng16, and rmt-server), Oracle (edk2 and kernel), and SUSE (bind, cloud7, and libvirt).

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/790411/rss

Security updates have been issued by Debian (python-django), openSUSE (curl and libtasn1), Oracle (kernel), Red Hat (etcd, kernel-alt, and rh-python36-python-jinja2), Scientific Linux (thunderbird), SUSE (libvirt), and Ubuntu (db5.3, linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2, linux, linux-aws, linux-gcp, linux-kvm, linux-raspi2, linux-snapdragon, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-aws-hwe, linux-hwe, linux-oracle, linux-hwe, and linux-raspi2, linux-snapdragon).

Security updates for Tuesday

Post Syndicated from ris original https://lwn.net/Articles/790266/rss

Security updates have been issued by Arch Linux (python-django and python2-django), Debian (heimdal), Fedora (kernel, kernel-headers, kernel-tools, and sqlite), openSUSE (containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork and GraphicsMagick), Oracle (thunderbird), Red Hat (systemd and thunderbird), SUSE (bind and firefox), and Ubuntu (qtbase-opensource-src).

Security updates for Monday

Post Syndicated from ris original https://lwn.net/Articles/790174/rss

Security updates have been issued by Arch Linux (curl, lib32-curl, lib32-libcurl-compat, lib32-libcurl-gnutls, libcurl-compat, libcurl-gnutls, and live-media), Debian (doxygen and php5), Fedora (cryptopp, drupal7-context, drupal7-ds, drupal7-module_filter, drupal7-path_breadcrumbs, drupal7-uuid, drupal7-views, drupal7-xmlsitemap, and sleuthkit), openSUSE (axis, chromium, containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork, curl, doxygen, GraphicsMagick, java-1_7_0-openjdk, libtasn1, libvirt, lxc, lxcfs, NetworkManager, php5, php7, screen, sles12sp3-docker-image, sles12sp4-image, system-user-root, and thunderbird), Oracle (kernel), SUSE (apache2-mod_jk and libpng16), and Ubuntu (doxygen).

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/789709/rss

Security updates have been issued by Arch Linux (webkit2gtk), Debian (kernel and libav), Fedora (c3p0 and community-mysql), Scientific Linux (pacemaker), SUSE (axis, libtasn1, NetworkManager, sles12sp3-docker-image, sles12sp4-image, system-user-root, and xen), and Ubuntu (freerdp, GNU Screen, keepalived, and thunderbird).

Security updates for Tuesday

Post Syndicated from ris original https://lwn.net/Articles/789595/rss

Security updates have been issued by Arch Linux (firefox and thunderbird), Debian (sox and vcftools), Fedora (safelease and sharpziplib), openSUSE (chromium, evolution, graphviz, nmap, systemd, transfig, and ucode-intel), Red Hat (pacemaker), SUSE (curl, libvirt, openssl, php7, php72, and systemd), and Ubuntu (gnome-desktop3, keepalived, and samba).

Security updates for Monday

Post Syndicated from ris original https://lwn.net/Articles/789523/rss

Security updates have been issued by Debian (curl, jackson-databind, minissdpd, php5, thunderbird, wireshark, and wpa), Fedora (curl, drupal7, firefox, kernel, libmediainfo, mediaconch, mediainfo, mod_http2, mupdf, rust, and singularity), openSUSE (containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork), Oracle (firefox and libvirt), Scientific Linux (firefox and libvirt), and SUSE (bluez, curl, gnutls, java-1_7_1-ibm, libu2f-host, libvirt, python3, screen, and xen).

openSUSE Leap 15.1 released

Post Syndicated from ris original https://lwn.net/Articles/789143/rss

The openSUSE project has announced
the release
of openSUSE Leap 15.1. “Leap releases are scalable and both the desktop and server are equally important for professional’s workloads, which is reflected in the installation menu as well as the amount of packages Leap offers and hardware it supports. Leap is well suited and prepared for usage as a Virtual Machine (VM) or container guest, allowing professional users to efficiently run network services no matter whether it’s a single server or a data center.

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/789132/rss

Security updates have been issued by CentOS (ruby and wget), Debian (proftpd-dfsg), Fedora (firefox, mupdf, nss, and wavpack), openSUSE (evolution, GraphicsMagick, graphviz, libxslt, openssl-1_0_0, ovmf, and sqlite3), Red Hat (dotnet, python27-python and python27-python-jinja2, and rh-mariadb102-mariadb and rh-mariadb102-galera), Slackware (mozilla), SUSE (gnutls, java-1_7_1-ibm, and java-1_8_0-ibm), and Ubuntu (curl, firefox, php5, and webkit2gtk).

Firefox 67 released

Post Syndicated from ris original https://lwn.net/Articles/789036/rss

The Mozilla blog takes
a look
at the Firefox 67 release. “Today’s new Firefox release
continues to bring fast and private together right at the crossroads of
performance and security. It includes improvements that continue to keep
Firefox fast while giving you more control and assurance through new
features that your personal information is safe while you’re online with
us.
” See the release
notes
for more information.

Security updates for Monday

Post Syndicated from ris original https://lwn.net/Articles/788911/rss

Security updates have been issued by Debian (cups-filters, dhcpcd5, faad2, ghostscript, graphicsmagick, jruby, lemonldap-ng, and libspring-security-2.0-java), Fedora (gnome-desktop3, java-1.8.0-openjdk-aarch32, libu2f-host, samba, sqlite, webkit2gtk3, xen, and ytnef), Mageia (docker, flash-player-plugin, freeradius, libsndfile, libxslt, mariadb, netpbm, python-jinja2, tomcat-native, and virtualbox), openSUSE (kernel and ucode-intel), and SUSE (kernel, kvm, libvirt, nmap, and transfig).

Security updates for Wednesday

Post Syndicated from ris original https://lwn.net/Articles/788517/rss

Security updates have been issued by Debian (drupal7, intel-microcode, kernel, and lemonldap-ng), Red Hat (kernel, kernel-rt, libvirt, qemu-kvm, qemu-kvm-rhev, redhat-virtualization-host, rhvm-appliance, vdsm, virt:rhel, and wget), Scientific Linux (wget), SUSE (containerd, docker, docker-runc, go, go1.11, go1.12, golang-github-docker-libnetwork, kernel, libxslt, microcode_ctl, qemu, ucode-intel, and xen), and Ubuntu (intel-microcode, kernel, linux, linux-aws, linux-azure, linux-gcp, linux-kvm, linux-raspi2, linux, linux-aws, linux-kvm, linux-raspi2, linux-snapdragon, linux-hwe, linux-azure, linux-hwe, linux-azure, linux-gcp, linux-oracle, linux-lts-trusty, linux-lts-xenial, linux-raspi2, linux-snapdragon, qemu, and samba).