Florian Weimer of the Red Hat Product Security Team discovered a
heap-based buffer overflow flaw in LibYAML, a fast YAML 1.1 parser and
emitter library. A remote attacker could provide a YAML document with a
specially-crafted tag that, when parsed by an application using libyaml,
would cause the application to crash or, potentially, execute arbitrary
code with the privileges of the user running the application.
Nikos Mavrogiannopoulos of Red Hat discovered an X.509 certificate
verification issue in GnuTLS, an SSL/TLS library. A certificate
validation could be reported sucessfully even in cases were an error
would prevent all verification steps to be performed.
It was discovered that file, a file type classification tool, contains a
flaw in the handling of indirect magic rules in the libmagic library,
which leads to an infinite recursion when trying to determine the file
type of certain files. The Common Vulnerabilities and Exposures project
ID CVE-2014-1943 has been assigned to identify this flaw. Additionally,
other well-crafted files might result in long computation times (while
using 100% CPU) and overlong results.
Not too many people will recall the short-lived era of the "MSX" initiative which was slated to pretty much take over the non-existent middle world where consumer electronics met personal computers. It was always believed, back then, that this is where the sweet spot of profits would emerge. What emerged was instead laughable MSX. It was one of Microsoft's greatest flops.
The MSX was one of the first computers I ever used. I did basic BASIC stuff on it when I was a kid.
Out of the millions of things Samsung throws at a wall each year to see what sticks, they seem to have picked the fake leather on devices. The most recent victim? A Windows 8 laptop - the ATIV Book 9 'Style'. This thing joins the phones, tablets, and ChromeBooks Samsung has already tacked the fake leather onto.
Genuine question: is there anyone in the audience here who likes this look? If so, why?
Google is the force behind a potential delay in the first tablet to instantly switch between Windows 8.1 and Android 4.X using Intel technology, a fresh report from Asia says. A CNET source backs up this claim.
The original source is DigiTimes, so some salt may be required, but sources confirmed it to Cnet. There's no detail on exactly which steps Google has actually taken, but it's clear this reeks quite strongly of the same illegal and despicable acts Microsoft committed 15 years ago to pressure OEMs into not shipping BeOS.
Joël Cugnoni has announced the release of CAELinux 2013, an Ubuntu-based distribution with a large collection of software designed for scientific tasks: "Although seriously delayed, we are pleased to announce our new release, CAELinux 2013. CAELinux 2013 is based on Ubuntu 12.04 LTS 64-bit distribution and it contains....
Dimitris Tzemos has announced the release of Slackel 6.0 "Openbox" edition, a lightweight Linux distribution based on Slackware's "Current" branch: "Slackel 6.0 Openbox has been released. It includes the Linux kernel 3.10.30 and the latest updates from Slackware's 'Current' tree. Slackel 6.0 Openbox 32-bit image includes both PAE....
Eric Turgeon has announced that the first alpha build of the upcoming GhostBSD 4.0, a FreeBSD-BSD operating system featuring the MATE desktop environment, is now ready for download and testing: "The first ALPHA build of the 4.0-RELEASE release cycle is now available on SourceForge for the amd64 and....