Just finishing off the final touches to my Xen RPMs for version 4.1.3. Changes from the Xen release notes include:

Xen.org is pleased to announce the release of Xen 4.0.4 and 4.1.3.

These fix the following critical vulnerabilities:

• CVE-2012-0217 / XSA-7: PV guest privilege escalation vulnerability
• CVE-2012-0218 / XSA-8: guest denial of service on syscall/sysenter exception generation
• CVE-2012-2934 / XSA-9: PV guest host Denial of Service
• CVE-2012-3432 / XSA-10: HVM guest user mode MMIO emulation DoS vulnerability
• CVE-2012-3433 / XSA-11: HVM guest destroy p2m teardown host DoS vulnerability

We recommend all users of the 4.0 and 4.1 stable series to update to these latest point releases.

Among many bug fixes and improvements (over 100 since Xen 4.1.2):

• Updates for the latest Intel/AMD CPU revisions
• Bug fixes and improvements to the libxl tool stack
• Bug fixes for IOMMU handling (device passthrough to HVM guests)
• Bug fixes for host kexec/kdump

NOTE: My previous 4.1.2 packages were already fixed for XSA-7, XSA-8, and XSA-9.

The new packages can be installed via yum - or if you’re a first time installer, you should follow the guide.

Roundcube has just released v0.8.0 of their awesome webmail program. After spending a lot of time in beta and then release candidate, its finally here! I’ve been using Roundcube as my default webmail client for years - and it certainly is one of the best out there.

I came across an advertisement today looking for Linux Engineers with a speciality in virtualisation, PHP/Perl/Bash coding, and VoIP. Interested, I looked up the mob that was advertising it.

It turns out there is a relatively swish looking recruitment firm called Super Coders. Of course, a little digging says its also called Flat Rate Recruitment - but that doesn’t sound anywhere near as appealing :)

So I give them a call thinking that they may actually be a decent company - and of course have to leave a name and number for someone to call me back.

They did call back, but strangely enough, the position advertised had already closed (or did it even exist in the first place?) and the only thing the person who called me back was interested in is getting a resume. He did mention another possible position, but wasn’t willing to discuss it with me - Just send in a resume!.

I believe this is what is wrong with the job sector at the moment. I remember my first IT position. I registered with a job agency and it was their purpose to get me a job! Now, it seems everyone harvests resumes to justify their existence and plop the first 20 that come out of their basic search to companies that actually advertise jobs.

Why the industry has changed so much is beyond me. Has the care by recruitment agencies disappeared that much that beyond collecting their fees, they don’t care about the real suitability of the person for a job?

Anyone else come across things like this?

I finally got my butt into gear and put up a page with the stats of my NTP server.

Check it out here.

I missed a bit of a cycle, but I’ve updated the DAPs available on my site.

Cycle is current as of today.