Wednesday, 6 December 2017
Saturday, 16 January 2016
Hardware support for developers this could mean more support for Laptops, ATi cards, and Open source drivers.
Friday, 23 October 2015
OiOS Systems Openindiana Security Advisory
OiOS Pro Systems (openindiana)
Security awareness: It is advised that you should update to security Update to Firefox 38.2.1 ESR or greater which can be found at
URL: http://ftp.mozilla.org/pub/firefox/releases/38.2.1esr/contrib/
Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.
A flaw was found in the processing of malformed web content. A web page
containing malicious content could cause Firefox to crash or, potentially,
execute arbitrary code with the privileges of the user running Firefox.
(CVE-2015-4497)
Security awareness: It is advised that you should update to security Update to Firefox 38.2.1 ESR or greater which can be found at
URL: http://ftp.mozilla.org/pub/firefox/releases/38.2.1esr/contrib/
Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.
A flaw was found in the processing of malformed web content. A web page
containing malicious content could cause Firefox to crash or, potentially,
execute arbitrary code with the privileges of the user running Firefox.
(CVE-2015-4497)
Saturday, 10 October 2015
Oios Pro Systems Hipster project update for developers
We are glad to announce that oios Openindiana Hipster 2015.10 snapshot is available.Please note that is in Beta aimed at developers.
Release notes: http://wiki.openindiana.org/oi/2015.10+Release+notes
-- System Administrator of Southern Federal University Computer Center
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss
Sunday, 12 July 2015
OpenSSL Security Advisory [9 Jul 2015]
OpenSSL Security Advisory [9 Jul 2015] ======================================= Alternative chains certificate forgery (CVE-2015-1793) ====================================================== Severity: High During certificate verification, OpenSSL (starting from version 1.0.1n and 1.0.2b) will attempt to find an alternative certificate chain if the first attempt to build such a chain fails. An error in the implementation of this logic can mean that an attacker could cause certain checks on untrusted certificates to be bypassed, such as the CA flag, enabling them to use a valid leaf certificate to act as a CA and "issue" an invalid certificate. This issue will impact any application that verifies certificates including SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication. This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o. OpenSSL 1.0.2b/1.0.2c users should upgrade to 1.0.2d OpenSSL 1.0.1n/1.0.1o users should upgrade to 1.0.1p This issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David Benjamin (Google/BoringSSL). The fix was developed by the BoringSSL project. Note ==== As per our previous announcements and our Release Strategy (https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions 1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these releases will be provided after that date. Users of these releases are advised to upgrade. References ========== URL for this Security Advisory: https://www.openssl.org/news/secadv_20150709.txt Note: the online version of the advisory may be updated with additional details over time. For details of OpenSSL severity classifications please see: https://www.openssl.org/about/secpolicy.html
Friday, 29 May 2015
UKOUG events
| 4th Jun 2015 |
Location: Oracle City Office, London
This event will appeal to all of our Apps
Communities with a focus on Applications Innovation. Join other Oracle
users with an interest in cloud and together discover how cloud
applications can benefit your business.
|
UKOUG |
| 7th May 2015 |
Location: Oracle City Office, London
|
UKOUG |
| 14th May 2015 |
Location: Oracle, Blythe Valley Park, Solihull
|
UKOUG |
| 20th May 2015 |
Location: London
Online registration for this event is now closed. If you would like to attend please email faye@ukoug.org
|
UKOUG |
| 21st May 2015 |
Location: Oracle, Blythe Valley Park, Solihull
|
UKOUG |
| 4th Jun 2015 |
Location: Oracle, Thames Valley Park, Reading
|
UKOUG |
| 10th Jun 2015 |
Location: Oracle Linlithgow
Agenda now live! Join us for the leading Oracle
User event in Scotland to hear the latest news on Oracle products
whilst engaging in valuable networking time with like-minded
individuals.
|
UKOUG |
| 12th Jun 2015 |
Location: Coin Street Conference Centre
|
UKOUG |
| 17th Jun 2015 |
Location: Bonhill House
Registration is now open! If you have not attended a UKOUG event before, please fill out the registration form here to attend this event.
|
UKOUG |
| 18th Jun 2015 |
Location: Millennium Gloucester Hotel, London Kensington
Join us for a day packed with Hyperion content
to hear the latest news from Oracle at this fantastic summer event. Take
your time networking with your peers and enjoy hearing from great
speakers from within the Hyperion space.
|
Tuesday, 26 May 2015
Dual or Multimonitor setup
Tuesday, 21 April 2015
Wednesday, 8 April 2015
OiOS Hipster project new release 2015.03.30
Hipster 2015.03.30 is here
We released our last snapshot ISO almost half a year ago. I believe, you want something new. You'll get it. New ISOs were just uploaded to dlc server. Let's see what has changed.
First
of all, most evident changes were made in desktop area. We've updated
Xorg server and libraries, which allowed us to incorporate some
important security fixes from Oracle x-s12-clone and Debian Xorg. Also
we've moved much more closely to Gnome 2.32. Most packages were updated
to this level, excluding packages which either have a lot of specific
patches (like gdm) or just dropped some significant functionality (like
cheese, which dropped HAL support in version 2.32). Not everything has
gone smoothly. We had to drop trusted desktop support during update. I
believe nobody seriously used it under OI. The most annoying thing is
that updated Xorg and Intel driver require some DRM updates, which are
still not ready. So, if you have Intel video card, either pkg freeze
X-incorporation and xorg, or use vesa driver.
Links:
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.usb
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.usb
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.usb.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.usb.torrent
General system changes
Links:
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.usb
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.usb
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.usb.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.usb.torrent
General system changes
All Sun Studio-compiled C++ libraries were removed from the system. The libraries were published in their current form to http://dlc.openindiana.org/c++-libs/,
so you can grub necessary libraries and LD_PRELOAD them or use in
alternative path if necessary. All X/g++/Y packages are renamed to X/Y
and moved from /usr/g++ to /usr. We continue delivering
system/library/c++/sunpro for the foreseeable future.
Text
installer was changed to install OI on EFI-labeled disk by default.
Note, in this case the entire disk is erased. If you want to install OI
on MBR-labeled disk, choose partitioned install.
Desktop software and libraries
- A lot of desktop libraries were updated
- Glib2 is updated to 2.43.4
- GTK2 is updated to 2.24.27
- pango is updated to 1.36.8
- cairo is updated to 1.14.2
- libdrm is updated to 2.4.59
- libX11 is updated to 1.6.2, xcb support is enabled in libX11
- xf86-video-ati driver updated to 6.4.16
- nvidia proprietary driver was updated to 340.76
- Mesa is updated to 10.5.1
- Xserver is updated to 1.12.4 with the latest available video/input Xorg drivers. This requires updating xorg drivers and modules. OI-shipped modules will be updated automatically, but if you use VirtualBox, you'll have to update your guest additions to at least 4.3.22 version.
- Enlightenment 0.19.3 is added as alternative desktop environment
- fontconfig was updated to 2.11.1
- libid3tag and libmtp were imported from SFE, gmtp is added
- rdesktop is updated to 1.8.3
- transmission is updated to 2.52
- XScreensaver is updated to 5.32
- gnome-commander is updated to 1.4.5
- QT 4.8.6 is added
- emacs is updated to 24.3
- Input Method Selector was added from upstream input-method gate. Bug in svc:/application/desktop-cache/input-method-cache:default service preventing correct input methods functioning in recent OI was fixed. In fact, gtk input modules cache was moved from /etc/(amd64/)gtk-2.0/gtk.immodules to /usr/lib/(amd64/)gtk-2.0/2.10.0/immodules.cache and service has to regenerate these cache files in new locations . So, after update you can safely remove /etc/(amd64/)gtk-2.0/gtk.immodules.
Development tools
- Subversion is updated to 1.7.19
- SQLite is updated to 3.8.8.3
- Python 3.4 is updated to 3.4.3
- Binutils are updated to 2.25
- OpenBLAS 0.2.13 is added
- Mercurial is updated to 3.3
- Ruby 1.9.3 is added
- Ruby 1.8 is marked obsolete, all OI software is switched to Ruby 1.9.3
- Ruby 2.2.1 is added
- Curl is updated to 7.39
- libncurses.so links are moved to /usr/lib(/amd64)
- gawk is updated to 4.0.2, this fixes issues with pkgsrc bootstrap
- MPICH is updated to 3.1.3
- Sun Studio indent in /usr/bin was replaced by GNU indent. Old one is preserved in /opt/sunstudio12.1/prod/bin/indent
Server software
- A lot of packages were updated, including apache 2.4, php 5.4, php 5.5, postgresql 9.3, samba 3.6, mariadb 5.5
- PostgreSQL 9.4 is added
- PostgreSQL 8.4 is marked obsolete
- ISC dhcp server is updated to 4.2.7
- BIND DNS server is updated to 9.9.6-P2
- rsyslog is updated to 7.4.10
- NTP is updated to 4.2.8p1
As always, we are proud to deliver to you latest illumos-gate bits.
There's also a lot of security fixes and small bug fixes.
Sunday, 11 January 2015
Hipster Project graphics concepts 2015
Bscuk wallpapers to install user>share>GDM
wiki.openindiana.org/oi/Contributing+to+hipstero
Tuesday, 6 January 2015
OiOS Hipster Project
OiOS Openindiana Hipster Concepts 2015
Are you a talented enterprise professional developer looking to make a difference in enterprise 2015 ?
Why not join the Hipster project and contribute to this really interesting project ? Is your company developing software which maybe be useful to this project ? Is your company interested in sponsoring wallpapers or theme combinations ?
Visit the project page to get started on a new direction ?
Live and installable development iso available
wiki.openindiana.org/oi/Contributing+to+hipstero
Wednesday, 22 October 2014
Startpage search engine The POODLE SSLv3 Threat
Startpage have announced an advisory claiming that Because StartPage does not support SSL v3, you are safe from POODLE when visiting StartPage.com.Readers may conclude that resetting all search engine home pages to Startpage will be an added measure to protect against Poodle.
https://support.startpage.com/index.php?/Knowledgebase/Article/View/980/0/the-poodle-sslv3-threat
see also https://unixpackages.com/
https://support.startpage.com/index.php?/Knowledgebase/Article/View/980/0/the-poodle-sslv3-threat
see also https://unixpackages.com/
Thursday, 16 October 2014
SSL heartbeat and poodle flaws in Firer Fox browsers security commentry
Firer Fox has released an add on for users of sslv3 to help secure their machines.Its easy and comes by way of add on this is the statement.Newer releases will incorporate security upgrades.
SSLv3 is now insecure, and is soon going to be disabled by default.
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
In the meantime, you can use this extension to turn off SSLv3 in your copy of Firefox. When you install the add-on, it will set the minimum TLS version to TLS 1.0 (disabling SSLv3). If you want to change that setting later, like if you really need to access an SSLv3 site, just go to Tools / Add-ons and click the "Preferences" button next to the add-on. That will give you a drop-down menu to select the minimum TLS version you want to allow.
As of version 0.2, this add-on should work with all Mozilla products, including Firefox, Firefox for Android, Thunderbird, and Seamonkey.
SSLv3 is now insecure, and is soon going to be disabled by default.
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/
In the meantime, you can use this extension to turn off SSLv3 in your copy of Firefox. When you install the add-on, it will set the minimum TLS version to TLS 1.0 (disabling SSLv3). If you want to change that setting later, like if you really need to access an SSLv3 site, just go to Tools / Add-ons and click the "Preferences" button next to the add-on. That will give you a drop-down menu to select the minimum TLS version you want to allow.
As of version 0.2, this add-on should work with all Mozilla products, including Firefox, Firefox for Android, Thunderbird, and Seamonkey.
Friday, 10 October 2014
OiOS Openindiana SSL Heartbleed bug security comment
OiOS Openindiana Open SSL has released a beta release of patched SSL
| 25-Sep-2014: | Beta 3 of OpenSSL 1.0.2 is now available, please test it now | https://www.openssl.org/ |
Subscribe to:
Posts (Atom)