Cinnamon 4.2 to be Available

A new release of Cinnamon will be offered in the Linux Mint 19.2 distribution, which is scheduled for release in the nearest future
01 July 2019   290

After nine months of development, a release of the Cinnamon 4.2 user environment has been formed, within which the Linux Mint distribution developer community is developing fork of the GNOME Shell shell, Nautilus file manager and window manager Mutter, aimed at providing the classic GNOME 2 environment with support for successful interaction elements from GNOME Shell . Cinnamon relies on GNOME components, but these components are shipped as a periodically synchronized fork, not bound by external dependencies to GNOME.

A new release of Cinnamon will be offered in the Linux Mint 19.2 distribution, which is scheduled for release in the coming months. In the near future, packages will be prepared that can be installed in the Linux Mint and Ubuntu from the PPA-repository, without waiting for the new version of Linux Mint.

These are main features:

  • New widgets for creating configurators, simplifying the writing of configuration dialogs and making their design more complete and consistent with the Cinnamon interface was added
  • The search bar is moved to the top in MintMenu, .
  • The Nemo file manager simplifies the process of sharing directories with Samba.
  • Some changes are ported to the Muffin window manager from the Metacity window manager developed by the GNOME project.
  • An applet for printing has been added to the main composition, which is now launched by default.
  • Some internal components were reviewed and simplified, such as DocInfo (processing of recently opened documents) and AppSys (parsing application metadata, identifying application icons, defining entries for menus, etc.)

Get more info at GitHub and Linux Mint blog.

Two Vulnerabilities to be Found at SDL

Two of six serious vulnerabilities in this cross-platform multimedia library create conditions for remote code execution.
04 July 2019   872

The SDL (Simple Direct Layer) library set, which provides tools for hardware accelerated 2D and 3D graphics rendering, input processing, audio playback, 3D output via OpenGL / OpenGL ES, and many other related operations, revealed 6 vulnerabilities. Including in the SDL2_image library, two problems have been discovered that allow organizing remote code execution in the system. Attacks can be made on applications that use SDL to load images.

Both vulnerabilities (CVE-2019-5051, CVE-2019-5051) are present in the IMG_LoadPCX_RW function and are caused by the lack of the necessary error handler and integer overflow that can be exploited through the transfer of a specially crafted PCX file. Issues have already been fixed in the SDL_image 2.0.5 release. Information about the remaining 4 vulnerabilities has not yet been disclosed.

Vulnerabilities were found by Talos, so you can find more info at their website.