Linux News TodayArch Linux distribution is carried out the transfer of all the executable files in / usr / bin

Arch Linux developers have warned users about the need for manual intervention in the next update distribution. When you upgrade, users will see an error due to a conflict of directories due to the transfer of all executable files from the directory / bin, / sbin and / usr / sbin in a single directory / usr / bin.

The above change will get rid of confusion with the location of files and simplify maintenance packages. Read More

The new version of the lightweight Linux distribution AntiX 13

The release of the lightweight LiveCD Linux distribution AntiX 13, built a packet-based Debian Wheezy as of June 1. Distribution targeted for installation on outdated hardware (minimum requirements: RAM 64 MB RAM (128 MB recommended), CPU Pentium II). The size of iso-image 674 MB. Additionally produced two reduced build size of 411 MB and 139 MB, has a smaller set of pre-installed applications.

AntiX desktop environment based on the window manager IceWM, ROX Desktop desktop and file manager SpaceFM. As an alternative window managers possible to activate Fluxbox, JWM, wmii and dwm. Of the enclosed application may be noted 22 Iceweasel (Firefox), Claws mail, LibreOffice 4, word processor AbiWord, spreadsheet Gnumeric, audio players XMMS, qmmp and goggles, video players gxine, MPlayer and GNOME MPlayer, a client for instant messaging Pidgin, configurators gppp, wicd, umt-panel2 (GPRS/UMTS/3G) and ceni. Used in the distribution kernel Linux 3.7.10 (also available in the repository kernel 3.9.2). Read More

Debian developers are changing the approach to the support of Iceweasel in stable releases of the distribution

Debian developers have released another security update for the browser Iceweasel (Firefox assembly without logos, rights belong to Mozilla). Starting with this update, support for Iceweasel, Icedove (Thunderbird) and Iceape (Seamonkey) in stable releases of Debian will be based on new principles.

Previously, the Debian developers have tried to keep unchanged the version supported by the program, bekportiruya of new issues only security fixes. However, such an approach contradicts the entered policy development Mozilla, that does not involve support branches stable for several years. Each edition of Firefox and other Mozilla products eliminates dozens of critical vulnerabilities. Because of the very rapid changes in the code to port those fixes for older versions getting harder and harder. In particular, the Debian oldstable currently available Iceweasel version 3.5.16, which has not been updated since December last year and has several dozen critical vulnerabilities.

Ultimately, the Debian developers have decided to reconsider the principles of support for Mozilla products in its distribution. Now in the stable release of Debian will use the current ESR-branch. Term support for such branches by Mozilla is one year. Since it is still significantly less than the life support stable release Debian, at the conclusion of the next support ESR-branch, it will be replaced with a new one. In particular, the above update replaces a stable release Debian Iceweasel ESR-10 version (whose support was discontinued in February) on the ESR-17 version (which will be supported until December). The developers warn of a possible violation of some supplements set of full-package Debian, and recommend, if necessary to install a fresh version from the site

In addition, developers have reported a lack of resources to support the Mozilla products in the oldstable-version of Debian (Squeeze). If in the near future there will be volunteers who are ready to take on this job, support for Iceweasel, Icedove and Iceape in oldstable-version will be discontinued. Read More

System compromise in Linux Kernel

The vulnerability allows a remote user to execute arbitrary code on the target system.

The vulnerability is caused due to a boundary error in the function “iscsi_add_notunderstood_response ()” in the file drivers / target / iscsi / iscsi_target_parameters.c while processing keys. This can be exploited by sending a too long keys cause a heap overflow to compromise a vulnerable system.

Note: Successful exploitation requires that iSCSI was configured to listen on the network. Read more