Many online media outlets are reporting the news that ownership of the popular ad-blocking browser extension AdBlock has been sold to a new owner. Not to be confused with similarly named projects AdBlock Plus and AdBlock Edge, this AdBlock announced the news of the sale to its users in a pop-up window. TheNextWeb reports that AdBlock employees refused to identify the buyer. In related news, the new owner has decided to join the "Acceptable Ads" whitelisting program run by rival AdBlock Plus. An announcement on the AdBlock Plus site confirms the move, and notes that an "independent review board" will now decide which advertisements are included the Acceptable Ads whitelist. Public nominations for the board are said to be open.
Debian-LTS has updated binutils (multiple vulnerabilities).
Fedora has updated freeimage (F22; F21: integer overflow), golang (F22; F21: multiple vulnerabilities), jakarta-commons-httpclient (F22; F21: denial of service), and openjpeg2 (F22; F21: use-after-free vulnerability).
Mageia has updated thunderbird (M5: multiple vulnerabilities).
openSUSE has updated bind (11.4: denial of service).
Red Hat has updated mod_proxy_fcgi (RHEL6: denial of service).
Scientific Linux has updated thunderbird (SL5, 6, 7: multiple vulnerabilities).
Slackware has updated mozilla-thunderbird (14.0, 14.1, current: multiple vulnerabilities), php (14.0, 14.1, current: multiple vulnerabilities), and seamonkey (14.0, 14.1, current: multiple vulnerabilities).
Mageia has updated kernel (multiple vulnerabilities).
SUSE has updated haproxy (SOSCC5, SLE12: two vulnerabilities).
CentOS has updated openldap (C7: denial of service).
Debian-LTS has updated flightgear (inadequate filesystem validation checks), freetype (denial of service), libemail-address-perl (denial of service), openssh (regression in previous update), and wordpress (multiple vulnerabilities).
Ubuntu has updated lxc (15.04, 14.04: apparmor policy bypass).
Many developers, users, and entire industries rely on virtualization, as provided by software like Xen, QEMU/KVM, or kvmtool. While QEMU can run a software-based virtual machine, and Xen can run cooperating paravirtualized OSes without hardware support, most current uses and deployments of virtualization rely on hardware-accelerated virtualization, as provided on many modern hardware platforms. Linux supports hardware virtualization via the Kernel Virtual Machine (KVM) API. In this article, we'll take a closer look at the KVM API, using it to directly set up a virtual machine without using any existing virtual machine implementation.
Subscribers can click below for guest author Josh Triplett's look at the API from this week's Kernel page.
Scientific Linux has updated openldap (SL5,6,7: denial of service).
Ubuntu has updated kernel (15.04; 14.04: two vulnerabilities), linux-lts-trusty (12.04: two vulnerabilities), linux-lts-utopic (14.04: privilege escalation), and linux-lts-vivid (14.04: two vulnerabilities).
Taken Offline: New EFF Project Shines Light on Coders and Bloggers Imprisoned For Online Free Expression
Arch Linux has updated chromium (information disclosure).
Debian has updated cyrus-sasl2 (denial of service from 2013).
Fedora has updated firefox (F22: multiple vulnerabilities), pdns (F22; F21: denial of service), rolekit (F22: information leak), xen (F22; F21: two vulnerabilities), and xpra (F22; F21: information disclosure).
SUSE has updated Xen (SLES10SP4: multiple vulnerabilities).