Monthly Archives: August 2012

CVE-2012-3408 (puppet)

lib/puppet/network/authstore.rb in Puppet before 2.7.18, and Puppet Enterprise before 2.5.2, supports use of IP addresses in certnames without warning of potential risks, which might allow remote attackers to spoof an agent by acquiring a previously used IP address.

UK – Report: ESDS generates value for money

(ESDS)
An economic evaluation of the Economic and Social Data Service (ESDS) reveals that for every pound currently invested in data and infrastructure, the service returns £5.40 in net economic value to users and other stakeholders. This compares favourably with the return on investment previously demonstrated for the British Library and for UK academic libraries in general. Spotted by Peter Suber.

Creative Commons seeks opinions on first overhaul of licences in five years

The Creative Commons has invited comments on a new draft of its revised core licences, ahead of their finalisation at the end of the year. Creative Commons (CC) licences provide an alternative to standard copyright for those who want to encourage others to freely share their work, under certain conditions. Version 3.0 has been in place for five years now, and the Commons is trying to boost uptake by making the licences more flexible, more easily internationalised and easier to understand. One of the key changes being made is in the way CC-protected content must be attributed to the creator, and the way in which the license conditions are displayed.