This is an security and bugfix update. However, there is also minor feature added to enhance usability. It will be integrated into Lubuntu very soon.
Changes since previous release 0.3.0 (see git log for details):
- Fix CVE-2016-10369, a Denial-of-Service vulnerability.
- Fix bug that prevents changing tab name, which is introduced since 0.3.0.
- The keyboard shortcut can be changed by pressing key combinations.
Source: LXDE blog.
Mathy Vanhoef discovered that wpa_supplicant and hostapd incorrectly handled WPA2. A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-2017-13077, CVE-2017-13078, CVE-2017-13079, CVE-2017-13080, CVE-2017-13081, CVE-2017-13082, CVE-2017-13086, CVE-2017-13087, CVE-2017-13088)
The second alpha of the Zesty Zapus (to become 17.04) has now been released!
First of all, we need to apologise for being offline for several days, due to server problems. Now everything’s solved and working fine. The download links have been repaired, the usual sections are still there and, of course, the blog and comment ability is restored.
Again, sorry for the annoyance and… Happy downloading!
A security issue (Firefox vulnerabilities) affects these releases of Ubuntu (also Lubuntu) and its derivatives (versions 15.10, 14.04 LTS and 12.04 LTS), that could be made to crash or run programs as your login if it opened a malicious website.
Francis Gabriel discovered a buffer overflow during ASN.1 decoding in NSS. If a user were tricked into opening a specially crafted website, an attacker could potentially exploit this to cause a denial of service via application crash, or execute arbitrary code with the privileges of the user invoking Firefox. (CVE-2016-1950)
34 vulnerabilities were discovered and fixed using 45.0+build2. But you don’t have to worry, as upgrades will come in the next hours. More information (and downloads) here.
Proud to be Irish! This will be the most used quote these forthcoming days. Prepare to celebrate one of the most famous festivities around the globe. Ane remember… if you’re enough lucky to be Irish, you’re lucky enough!
Get this Lubuntu clover themed wallpaper, and grab your LennyPatrick avatar!
Another LTS step version has been released, upgrading AMD64, i386 and PowerPC systems. Lubuntu 14.04.4 fixes lots of bugs fixes and improvements, specially within the kernel:
- Refresh hardware support in LTS releases for carefully-selected hardware
- Roll up accumulated stable updates into updated images to reduce download requirements for new deployments
- Maintain stability of existing installations
- Various bugs that required updates are rolled into this update.
The second alpha of the Xenial Xerus (to become 16.04) has now been released! As usual, you are asked to read the release notes so that you are aware of issues and thus save you time filing them again. But, please do test it as widely as possible. Features:
- LXQt is still in development, as such Xenial Xerus is GTK based
- This Xenial Xerus snapshot includes the v4.3 kernel. 16.04 will ship with the 4.4 kernel which is available for testing
- As this is an LTS, there will be a new PPC version released
Release Notes and downloads at the wiki page.