Only 2 More Weeks to Submit Your Talk to APIStrat 2017

The API Strategy & Practice Conference, which will be held Oct. 31 – Nov. 2 in Portland, OR, provides a vendor-neutral event for discussion of the latest API topics and will bring together developers, IT teams, business users, executives, and others to discuss opportunities and challenges in the API space. The deadline for proposals for APIstrat is June 16 at 11:59 Pacific.

Read More

Chirp is a Simple Electron Twitter Client

twitter lite desktop appI came across a new Electron Twitter client today called Chirp — and I sort of had to write about it. See, I’ve written of my love for Twitter Lite, the social networking site’s new mobile experience before, and recommended a number of ways in which you can ‘use’ Twitter Lite in a standalone window like a traditional app (aka as a […]

This post, Chirp is a Simple Electron Twitter Client, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.

Read More

How to Protect Samba from the SambaCry Exploit

If you make use of a Linux server to share out directories and files, you’ll want to make sure you do everything you can to prevent the likes of SambaCry. Here are a few tips.

You’ve already heard of WannaCry, a ransomware attack that can lock down data on Windows machines. This particular exploit comes by way of an SMB vulnerability. Naturally, if you use Linux you know about Samba; but did you also know that, according to CVE-2017-7494:

Read More

Why Oracle Java 7 And 6 Installers No Longer Work

Oracle Java
Because I’ve received more than 50 emails about this, I though I’d make a post about it, to clear things up for everybody.
While Oracle Java 6 and 7 are not supported for quite a while, they were still available for download on Oracle’s website until recently.

However, the binaries were removed about 10 days ago (?), so the Oracle Java (JDK) 6 and 7 installers available in the WebUpd8 Oracle Java PPA no longer work.

Oracle Java 6 and 7 are now only available for those with an Oracle Support account (which is not free), so I can’t support this for the PPA packages.

From the Oracle Java downloads page:

“Updates for Java SE 7 released after April 2015, and updates for Java SE 6 released after April 2013 are only available to Oracle Customers through My Oracle Support (requires support login).

Java SE Advanced offers users commercial features, access to critical bug fixes, security fixes, and general maintenance”.

It’s highly recommended you update to Oracle Java 8. Check out the following articles for how to install Oracle Java 8 in Ubuntu (or Linux Mint and derivatives) or Debian via PPA.
If you have an Oracle Support account and you really need Oracle JDK 6 or 7, you can get the installers from the WebUpd8 PPA to work by downloading the binaries and placing them in the following folder:
  • /var/cache/oracle-jdk6-installer/ for JDK 6 (you’ll need version 6u45)
  • /var/cache/oracle-jdk7-installer/ for JDK 7 (you’ll need version 7u80 for 32bit and 64bit or 7u60 for arm)

… and then install the oracle-java6-installer or oracle-java7-installer package.

Read More

Installing Node.js 8 on Linux via Package Manager

At NodeSource, we maintain the consistently-updated Node.js repositories for Linux distributions. These aren’t repositories like most Node.js developers think of them – git repositories – but rather repositories in the sense of installing Node.js via the given Linux OS’s built-in package manager – like aptand yum.

With the release of Node.js 8 yesterday, we’ve gone ahead and built the Node.js 8 binaries and made them readily available if you’re using Node.js on a Debian- or Enterprise Linux-based distro.

Read More

USN-3306-1: libsndfile vulnerabilities

Ubuntu Security Notice USN-3306-1

1st June, 2017

libsndfile vulnerabilities

A security issue affects these releases of Ubuntu and its
derivatives:

  • Ubuntu 17.04
  • Ubuntu 16.10
  • Ubuntu 16.04 LTS
  • Ubuntu 14.04 LTS

Summary

Several security issues were fixed in libsndfile.

Software description

  • libsndfile
    – Library for reading/writing audio files

Details

Agostino Sarubbo and Jakub Jirasek discovered that libsndfile incorrectly
handled certain malformed files. A remote attacker could use this issue to
cause libsndfile to crash, resulting in a denial of service, or possibly
execute arbitrary code.

Update instructions

The problem can be corrected by updating your system to the following
package version:

Ubuntu 17.04:
libsndfile1

1.0.27-1ubuntu0.1
Ubuntu 16.10:
libsndfile1

1.0.25-10ubuntu0.16.10.1
Ubuntu 16.04 LTS:
libsndfile1

1.0.25-10ubuntu0.16.04.1
Ubuntu 14.04 LTS:
libsndfile1

1.0.25-7ubuntu2.2

To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.

After a standard system update you need to restart your session to make all
the necessary changes.

References

CVE-2017-7585,

CVE-2017-7586,

CVE-2017-7741,

CVE-2017-7742,

CVE-2017-8361,

CVE-2017-8362,

CVE-2017-8363,

CVE-2017-8365

Read More