Morevna Production Report #1

By ris The Beautiful Queen Marya Morevna is a Russian folk tale. The Morevna
Project makes anime videos about Morevna, using free software. This progress
report
covers the status of their newest episode. “Our main
animation tool is Synfig Studio and for the past years it was improved a
lot. I guess it’s needles to say, that the new episode will be produced
using the latest development version of Synfig. For current stage of the
project it is important to ensure that the tool is stable enough for
production, so last weeks we were concentrated on fixing the critical
bugs. As result of this work, we
have published the first Release Candidate
for the new stable version
of Synfig Studio, which is going to be numbered as 1.0 by the way.

(Thanks to Paul Wise)

From: LWN

Share

GNOME 3.15.90

By ris The first beta in the GNOME 3.15 development series has been
released. GNOME 3.15.90 features a new GNOME shell theme, redesigned
notifications in GNOME shell, codec installation integrated in
gnome-software, a login screen on Wayland, and more.

From: LWN

Share

SSL-busting code that threatened Lenovo users found in a dozen more apps

By Dan Goodin The list of software known to use the same HTTPS-breaking technology recently found preinstalled on Lenovo laptops has risen dramatically with the discovery of at least 12 new titles, including one that’s categorized as a malicious trojan by a major antivirus provider…… Web searches for many of these titles uncover forum posts in which computer users complain that some of these applications are hard to remove once they’re installed. Richard noted that he was unable to find documentation from any of the publishers explaining what effect Komodia software had on end-user PCs such as its ability to sniff passwords and other sensitive data from encrypted Web sessions.

From: LXer

Share

Security advisories for Monday

By ris

CentOS has updated samba (C7; C6: root
code execution), samba3x (C5: root code
execution), and samba4 (C6: root code execution).

Debian has updated e2fsprogs
(incomplete fix for code execution), eglibc (multiple vulnerabilities), ruby-redcloth (cross-site scripting), samba (root code execution), sudo (information disclosure), typo3-src (authentication bypass), and xdg-utils (command execution).

Fedora has updated apache-poi (F21: XML-handling flaws), apache-poi (F20: denial of service), cups (F21: buffer overflow),
drupal6-views (F21; F20: multiple vulnerabilities), e2fsprogs (F20: code execution), sudo (F21: information disclosure), and tomcat (F21: multiple vulnerabilities).

Mageia has updated bind (denial of service).

openSUSE has updated glibc (13.2,
13.1: multiple vulnerabilities).

SUSE has updated java-1_6_0-ibm
(SLES10 SP4: multiple unspecified vulnerabilities),
java-1_7_0-ibm (SLE11 SP3; SLES11 SP2: multiple unspecified
vulnerabilities), and samba (SLE12: root code execution).

From: LWN

Share