IBM WebSphere Commerce Enterprise CVE-2013-0523 Information Disclosure Vulnerability

Linux Kernel CVE-2013-2850 Heap Based Buffer Overflow Vulnerability

Linux Kernel CVE-2013-2094 Local Privilege Escalation Vulnerability

The LWN.net Weekly Edition for June 20, 2013 is available.

gurps_npc writes “Two radical pro-Israel terrorists were caught in upstate NY when they tried to solicit money from various honorable Jewish organizations to build a truck based x-ray weapon. They intended to drive the truck around and then turn on the x-ray machine, focusing on enemies of Israel. But the Jewish organizations they tried to solicit money from refused to participate. Instead they called the FBI, who promptly set up a sting. The men were arrested before the machine was in working order.”

Read more of this story at Slashdot.

sfcrazy writes “A top Monsanto executive has won the prestigious World Food Prize. Secretary of State John Kerry announced the award where Robert T. Fraley, the executive vice president and CTO of Monsanto, won the prize along with two other scientists from Belgium and the US. The award was given for devising a method to insert genes from another organism into plant sell, which could produce new genetic lines with highly favorable traits.”

Read more of this story at Slashdot.

Consumer power might still mean something

Faced with a growing tide of angry gamers, Microsoft has pulled a U-turn on its forthcoming Xbox One console’s terms and conditions to allow game sharing and internet-free gaming.…

The D programming language continues to advance and show signs of promise as a high-quality computer programming language that may eventually prove competition for C. Last month there was the 2013 D programming language conference where a lot was discussed.

Trailrunner7 writes “After years of saying that the company didn’t need a bug bounty program, Microsoft is starting one. The company today will announce the start of a new program that will pay security researchers up to $100,000 for serious vulnerabilities and as much as $50,000 for new defensive techniques that help protect against those flaws. Microsoft security officials say that the program has been a long time in development, and the factor that made this the right time to launch is the recent rise of vulnerability brokers. Up until quite recently, most of the researchers who found bugs in Microsoft products reported them directly to the company. That’s no longer the case. The system that Microsoft is kicking off on June 26 will pay researchers $100,000 for a new exploit technique that is capable of bypassing the latest existing mitigations in the newest version of Windows.”

Read more of this story at Slashdot.

Oracle Java SE CVE-2013-2467 Local Security Vulnerability

Oracle Java SE CVE-2013-2451 Local Security Vulnerability

Oracle Java SE CVE-2013-1500 Local Security Vulnerability

malachiorion writes “Does George Lucas hate metal people? I know, sounds like standard click-bait, but I think I present a relatively troll-free argument in the piece I wrote for Slate. We stuck to the Star Wars canon, pointing out the relatively grim state of affairs for droid rights, and the lack of any real sympathy for their plight from the heroes, or, it would seem, George Lucas. C-3PO is more correct than he might realize, when the says that droids ‘seem to be made to suffer.’”

Read more of this story at Slashdot.

Attention Linux developers: If you’ve ever wanted to take a class with the Linux Foundation but have been held back by enrollment costs, then here’s your chance to win a scholarship.

McAfee mocks himself and his antivirus software mercilessly in a new viral video.

Nerval’s Lobster writes “Previously, developer Jeff Cogswell focused on the respective performances of C# and Java. Now he’s looking at yet another aspect of the languages: the runtime libraries—what exactly the libraries are, how they are called, and what features the languages provide for calling into them. Examining the official Java API (now owned by Oracle) and the official .NET API owned by Microsoft, he finds both pretty complete and pretty much a ‘tie’ with regard to ease-of-use and functionality, especially since Java version 7 release 6 allows for automatic resource management. Read on and see if you agree.”

Read more of this story at Slashdot.

MakerBot Industries, creators of the popular Thing-O-Matic and Replicator line of 3-D printers, is being acquired by Stratasys, a company that’s been working on 3-D printing and production systems since 1989. ‘[Stratasys] facilitates the printing of prototypes, concepts, components, parts and more on an industrial scale and for commercial applications. … Stratasys has demonstrated it’s going to be aggressive about owning the 3D printing space, and the MakerBot buy is the consumer-focused piece in that puzzle. For MakerBot, it gives the startup access to Stratasys’ wealth of industry experience.’ According to the official news release, ‘MakerBot will operate as a separate subsidiary of Stratasys, maintaining its own identity, products and go-to-market strategy.’ MakerBot has sold 11,000 of its Replicator 2 devices in the past 9 months, accounting for half of all its 3-D printer sales since 2009.

Read more of this story at Slashdot.

Glomation released an SODIMM-style computer-on-module built around an Atmel SAMA5D3 Cortex-A5 ARM processor, and supported with a Debian Linux stack. The GECM-5100 is equipped with gigabit Ethernet and TFT LCD controllers, and it also offers USB, CAN, SDIO/MMC/SD, image sensor, serial, analog, and digital I/O interfaces.

Megaupload servers wiped – were Feds to blame?

Mega mogul Kim Dotcom says he’s “in tears” after a Dutch hosting company wiped data from servers formerly used by his now-defunct Megaupload business, an act that he claims destroyed “critical evidence” in his long-running legal battle with the US government.…

One of the biggest criticisms of Microsoft’s recently-announced Xbox One console was that it would require an internet connection once every 24 hours in order to keep playing games. Enough people complained about the DRM, and Microsoft listened. Today, they announced that they’re removing the phone-home requirement. “After a one-time system set-up with a new Xbox One, you can play any disc based game without ever connecting online again. There is no 24 hour connection requirement and you can take your Xbox One anywhere you want and play your games, just like on Xbox 360.” They’ve also scrapped the game trading and resale system they’d built, which allowed publishers to set their own rules with regard to used game sales. “There will be no limitations to using and sharing games, it will work just as it does today on Xbox 360.” Unfortunately, that also means users won’t be able to take advantage of the good parts of the original system, such as trading and gifting games without needing the disc, or sharing games with remote family members. “While we believe that the majority of people will play games online and access the cloud for both games and entertainment, we will give consumers the choice of both physical and digital content. We have listened and we have heard loud and clear from your feedback that you want the best of both worlds.” Also noteworthy: they’ve dropped region-locks as well.

Read more of this story at Slashdot.