Bienvenue sur Lilotux !
Webmail Galerie MiKael Xavier Stephane


Le Monde

L'intérim poursuit sa baisse
Sur les neuf premiers mois de l'année, l'emploi intérimaire recule, alors qu'à en croire les perspectives de l'OCDE aucune embellie sur le front de chômage n'est à attendre avant 2016.
Etudiants disparus au Mexique : un leader historique de la gauche démissionne de son parti
Après la disparition de 43 étudiants, les dirigeants politiques du Mexique affrontent une crise historique.
Le droit à l'avortement en France a 40 ans
Le 26 novembre 1974, Simone Veil montait à la tribune de l'Assemblée pour défendre son projet de loi. Les député votent une résolution pour réaffirmer ce droit, mercredi.
Aux Etats-Unis, l'affichage de calories devient obligatoire sur les menus
Afin de lutter contre l'obésité, les chaînes de restaurants et les pizzerias devront être transparentes sur la teneur en calories de leurs menus.
Sony Pictures paralysé par un piratage informatique
Son réseau informatique a été victime d'une attaque, les pirates menaçant désormais de rendre publiques des informations stratégiques sur cette filiale du groupe japonais.
Le parcours sinueux du créateur de « Tetris »
Le programmateur russe Alekseï Pajitnov a mis douze ans pour récupérer, en 1996, l'usufruit de son jeu de puzzle électronique, qui fête ses 30 ans cette année.
Braquage dans une bijouterie à Paris, une femme prise en otage
Une course-poursuite a eu lieu dans la ville entre la police et les malfaiteurs.
Bouygues Telecom attaque Free en justice pour pratiques trompeuses
Selon « Les Echos », Bouygues Telecom reproche à Free de réduire le débit de ses clients les plus gourmands en bande passante, avant qu'ils n'atteignent le seuil de consommation fixé.
Moins de moyens, plus de missions, la délicate équation des maires de France
Réunis en congrès du 25 au 27 novembre, les élus locaux déplorent la baisse des dotations d’Etat alors qu’ils doivent mettre en œuvre les réformes.
Serpent, préoccupant : les images du 25 novembre
Notre sélection de photographies d'actualité de ces dernières vingt-quatre heures à travers le monde.

Linux Weekly News

Tuesday's security updates
CentOS has updated libXfont (C5: multiple vulnerabilities).
Fedora has updated kde-runtime (F20: code execution) and moodle (F20: multiple vulnerabilities).
Mageia has updated chromium-browser- stable (multiple vulnerabilities) and graphicsmagick (denial of service).
Mandriva has updated ffmpeg (multiple vulnerabilities), imagemagick (multiple vulnerabilities), and ruby (multiple vulnerabilities).
openSUSE has updated ImageMagick (13.2, 13.1, 12.3: denial of service) and zeromq (13.2: man-in-the- middle attack).
Oracle has updated libXfont (OL5: multiple vulnerabilities).
Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities) and libXfont (RHEL5: multiple vulnerabilities).
Scientific Linux has updated libXfont (SL5: multiple vulnerabilities).
SUSE has updated firefox (SLES10 SP4: multiple vulnerabilities).
Ubuntu has updated EC2 kernel (10.04: two vulnerabilities), kde-runtime (12.04: code execution), kernel (10.04; 12.04; 14.04; 14.10: multiple vulnerabilities), linux-lts-trusty (12.04: multiple vulnerabilities), and linux-ti-omap4 (12.04: multiple vulnerabilities).
[$] Some 3.18 development statistics
As of the 3.18-rc6 release, 11,186 non-merge changesets have been pulled into the mainline repository for the 3.18 development cycle. That makes this release about 1,000 changesets smaller than its immediate predecessors, but still not a slow development cycle by any means. Since this cycle is getting close to its end, it's a good time to look at where the code that came into the mainline during this cycle came from.
Four-year-old comment security bug affects 86 percent of WordPress sites (Ars Technica)
Ars Technica reports on a recently discovered bug in WordPress 3 sites that could be used to launch malicious script-based attacks on site visitors’ browsers.
"The vulnerability, discovered by Jouko Pynnonen of Klikki Oy, allows an attacker to craft a comment on a blog post that includes malicious JavaScript code. On sites that allow comments without authentication—the default setting for WordPress—this could allow anyone to post malicious scripts within comments that could target site visitors or administrators. A proof of concept attack developed by Klikki Oy was able to hijack a WordPress site administrator’s session and create a new WordPress administrative account with a known password, change the current administrative password, and launch malicious PHP code on the server. That means an attacker could essentially lock the existing site administrator out and hijack the WordPress installation for malicious purposes." WordPress 4.0 is not vulnerable to the attack.
Security advisories for Monday
Fedora has updated clamav (F20: denial of service), facter (F20: privilege escalation), libreoffice (F20: code execution), libvirt (F20: multiple vulnerabilities), libxml2 (F19: denial of service), owncloud (F19: security restriction bypass), php-sabredav-Sabre_CalDAV (F19: security restriction bypass), php-sabredav-Sabre_CardDAV (F19: security restriction bypass), php-sabredav-Sabre_DAV (F19: security restriction bypass), php- sabredav-Sabre_DAVACL (F19: security restriction bypass), php-sabredav- Sabre_HTTP (F19: security restriction bypass), php-sabredav-Sabre_VObject (F19: security restriction bypass), polarssl (F20; F19: two vulnerabilities), python (F19: script execution), python-pillow (F20; F19: multiple vulnerabilities), and wget (F20: symlink attack).
Gentoo has updated aircrack-ng (multiple vulnerabilities), ansible (code execution), asterisk (multiple vulnerabilities), and openswan (denial of service).
Mageia has updated imagemagick (multiple vulnerabilities), moodle (multiple vulnerabilities), and polarssl (two vulnerabilities).
Mandriva has updated krb5 (ticket forgery), libvirt (information disclosure), php-smarty (two vulnerabilities), qemu (multiple vulnerabilities), srtp (denial of service), and wireshark (multiple vulnerabilities).
openSUSE has updated openssl (TLS handshake problem).
SUSE has updated firefox (SLES11 SP2: multiple vulnerabilities).
Kernel prepatch 3.18-rc6
The 3.18-rc6 prepatch is out, right on schedule. Linus says: "Steady progress towards final release, although we still have a big unknown worry in a regression that Dave Jones reported and that we haven't solved yet. In the process of chasing that one down, there's been a fair amount of looking at various low-level details, and that found some dubious issues, but no smoking gun yet."
Valid CSS! Valid HTML 4.01!