Skip to main content

Posts

Showing posts from April, 2010

Mandriva Linux 2010 Spring Beta 1 available

First beta of Mandriva 2010 Spring Beta 1 released. Mandriva Spring final will be out on June 6th as planned by Mandriva Team. For those who want to test it, you can download it from your nearest mirror. For those who use Cooker like me, you don't need to download because you may get the upadates via drakrpm.

This release includes GNOME 2.30 (released on April 1st) and a preview edition of GNOME-Shell, which will be part of GNOME 3 (which is planned for release on september 2010). Of course, KDE 4.4.2 is also available, as well as various updates for many programs in the distribution. As usual all your feedbacks are really important to help in improving global quality of distribution. You can report improvements proposals and/or bugs in Mandriva Bugzilla.

Mozilla 3.6.3 released. Fixed critical security hole.

Mozilla has just announced the release of Mozilla Firefox 3.6.3. It only fixed a critical security flaw that could potentially allow remote code execution (see bug 555109).

The memory corruption flaw, demonstrated by Nils of MWR Infosecurity at Pwn2Own 2010, is caused by moving DOM nodes between documents and triggering garbage collection at the right time, leaving an incorrectly retained node which would be used later. This, in turn, could be used to execute remotely injected code. Mozilla say the exploit only affects Firefox 3.6, but that it plans to patch Firefox 3.5 in a coming release "just in case there is an alternate way of triggering the bug".

There are no other changes in Firefox 3.6.3.