FEDORA-2024-45df72afc6
Packages in this update:
edk2-20240813-2.fc40
Update description:
Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys)
edk2-20240813-2.fc40
Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys)
edk2-20240813-2.fc41
Security fix for CVE-2023-6237 (openssl: Excessive time spent checking invalid RSA public keys)
Fishermen in Tamil Nadu are reporting smaller catches of squid.
In July, I wrote about my new book project on AI and democracy, to be published by MIT Press in fall 2025. My co-author and collaborator Nathan Sanders and I are hard at work writing.
At this point, we would like feedback on titles. Here are four possibilities:
Rewiring Democracy: How AI Will Transform our Politics, Government, and Citizenship
The Thinking State: How AI Can Improve Democracy
Better Run: How AI Can Make our Politics, Government, Citizenship More Efficient, Effective and Fair
AI and the New Future of Democracy: Changes in Politics, Government, and Citizenship
What we want out of the title is that it convey (1) that it is a book about AI, (2) that it is a book about democracy writ large (and not just deepfakes), and (3) that it is largely optimistic.
What do you like? Feel free to do some mixing and matching: swapping “Will Transform” for “Will Improve” for “Can Transform” for “Can Improve,” for example. Remember, the goal here is for a title that will make a potential reader pick the book up off a shelf, or read the blurb text on a webpage. It needs to be something that will catch the reader’s attention. (Other title ideas are <a href=”https://www.schneier.com/blog/archives/2024/07/upcoming-book-on-ai-and-democracy.html””>here.
Also, FYI, this is the current table of contents:
Introduction
1. Introduction: How AI will Change Democracy
2. Core AI Capabilities
3. Democracy as an Information System
Part I: AI-Assisted Politics
4. Background: Making Mistakes
5. Talking to Voters
6. Conducting Polls
7. Organizing a Political Campaign
8. Fundraising for Politics
9. Being a Politician
Part II: AI-Assisted Legislators
10. Background: Explaining Itself
11. Background: Who’s to Blame?
12. Listening to Constituents
13. Writing Laws
14. Writing More Complex Laws
15. Writing Laws that Empower Machines
16. Negotiating Legislation
Part III: The AI-Assisted Administration
17. Background: Exhibiting Values and Bias
18. Background: Augmenting Versus Replacing People
19. Serving People
20. Operating Government
21. Enforcing Regulations
Part IV: The AI-Assisted Court
22. Background: Being Fair
23. Background: Getting Hacked
24. Acting as a Lawyer
25. Arbitrating Disputes
26. Enforcing the Law
27. Reshaping Legislative Intent
28. Being a Judge
Part V: AI-Assisted Citizens
29. Background: AI and Power
30. Background: AI and Trust
31. Explaining the News
32. Watching the Government
33. Moderating, Facilitating, and Building Consensus
34. Acting as Your Personal Advocate
35. Acting as Your Personal Political Proxy
Part VI: Ensuring That AI Benefits Democracy
36. Why AI is Not Yet Good for Democracy
37. How to Ensure AI is Good for Democracy
38. What We Need to Do Now
39. Conclusion
Everything is subject to change, of course. The manuscript isn’t due to the publisher until the end of March, and who knows what AI developments will happen between now and then.
Marco Trevisan discovered that the Ubuntu Advantage Desktop Daemon leaked
the Pro token to unprivileged users by passing the token as an argument
in plaintext. An attacker could use this issue to gain unauthorized access
to an Ubuntu Pro subscription. (CVE-2024-6388)
glibc-2.38-19.fc39
Auto-sync with upstream branch release/2.38/master
Add BuildRequires:gzip for compressed character maps and info files.
Upstream commit: 4dd8641461463b667b5503ab0ea4abcf261378a9
Add crt1-2.0.o for glibc 2.0 compatibility tests
libio: Attempt wide backup free only for non-legacy code
nptl: Use <support/check.h> facilities in tst-setuid3
posix: Use <support/check.h> facilities in tst-truncate and tst-truncate64
ungetc: Fix backup buffer leak on program exit [BZ #27821]
ungetc: Fix uninitialized read when putting into unused streams [BZ #27821]
Make tst-ungetc use libsupport
stdio-common: Add test for vfscanf with matches longer than INT_MAX [BZ #27650]
support: Add FAIL test failure helper
x86: Fix bug in strchrnul-evex512 [BZ #32078]
Fix name space violation in fortify wrappers (bug 32052)
resolv: Fix tst-resolv-short-response for older GCC (bug 32042)
Update syscall lists for Linux 6.5
Add mremap tests
mremap: Update manual entry
linux: Update the mremap C implementation [BZ #31968]
resolv: Track single-request fallback via _res._flags (bug 31476)
resolv: Do not wait for non-existing second DNS response after error (bug 30081)
resolv: Allow short error responses to match any query (bug 31890)
Linux: Make __rseq_size useful for feature detection (bug 31965)
elf: Make dl-rseq-symbols Linux only
nptl: fix potential merge of __rseq_* relro symbols
s390x: Fix segfault in wcsncmp [BZ #31934]
misc: Add support for Linux uio.h RWF_NOAPPEND flag
i386: Disable Intel Xeon Phi tests for GCC 15 and above (BZ 31782)
Force DT_RPATH for –enable-hardcoded-path-in-tests
resolv: Fix some unaligned accesses in resolver [BZ #30750]
nscd: Use time_t for return type of addgetnetgrentX
elf: Also compile dl-misc.os with $(rtld-early-cflags)
CVE-2024-33601, CVE-2024-33602: nscd: netgroup: Use two buffers in addgetnetgrentX (bug 31680)
CVE-2024-33600: nscd: Avoid null pointer crashes after notfound response (bug 31678)
CVE-2024-33600: nscd: Do not send missing not-found response in addgetnetgrentX (bug 31678)
CVE-2024-33599: nscd: Stack-based buffer overflow in netgroup cache (bug 31677)
i386: ulp update for SSE2 –disable-multi-arch configurations
nptl: Fix tst-cancel30 on kernels without ppoll_time64 support
login: structs utmp, utmpx, lastlog _TIME_BITS independence (bug 30701)
login: Check default sizes of structs utmp, utmpx, lastlog
sparc: Remove 64 bit check on sparc32 wordsize (BZ 27574)
NHS England has issued an alert regarding a critical Veeam Backup & Replication vulnerability that is being actively exploited, potentially leading to remote code execution
libgsf-1.14.53-1.fc39
Fixes for memory vulnerabilities.
libgsf-1.14.53-1.fc41
Fixes for memory vulnerabilities.
libgsf-1.14.53-1.fc40
Fixes for memory vulnerabilities.