LinuxSecurity.com: An updated wpa_supplicant package that fixes two security issues and adds one enhancement is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Important security [More...]
LinuxSecurity.com: Security fixes The XSRF token is now encoded with a random mask on each request. This makes it safe to include in compressed pages without being vulnerable to the BREACH attack. This applies to most applications that use both the xsrf_cookies and gzip options (or have gzip applied by a proxy).Backwards-compatibility notes If Tornado 3.2.2 is run at the same time as older versions on the same domain, there is some potential for issues with the differing cookie versions. The Application setting xsrf_cookie_version=1 can be used for a transitional period to generate the older cookie format on newer servers.
LinuxSecurity.com: Security fix for CVE-2015-0850CVE-2015-0850: Prevent arbitrary command execution via clone URL parameter of the method to create secondary Git repositories. Found by Ansgar Burchardt .
LinuxSecurity.com: Force cabal upload to always use digest auth and never basic authNote this only affects uploading of new source tarballs toHackage by Haskell upstream package maintainers.It is safer to upload packages via the Hackage web interface.
Intel Compute Stick with Ubuntu Goes on Sale, Lower Specs than Windows Version
The Ubuntu 14.04 LTS flavored Intel Compute Stick is finally going on sale next week, and it joins the Windows version that was already made available a while back.
Ubuntu MATE Project Donates Money to Geany, Transmission, and MATE Devs
The Ubuntu MATE team makes monthly donations to other projects that are being used by this distribution and this month's targets are Geany and Transmission, along with a couple of MATE developers.
Ubuntu MATE hardware partnership with LibreTrend
Ubuntu MATE is an official flavour of Ubuntu focussed on usability and stability, which has gained massive traction in the Linux community over recent months. Inspired by the traditional GNOME 2 interface of classic Ubuntu releases, Ubuntu MATE is the perfect distribution for easing the transition between Microsoft Windows or Mac OS and Linux.
Can Data Infrastructure Vendors Stop Hackers?
The ecosystem is based on Security-Enhanced Linux (SELinux), but it adds role-based access control with a policy for each role, so no one can get to the system root and the root can’t see user data. All access is logged, so any attempts to penetrate the system can be traced. Policies are based on roles such as security admin, audit admin and sysadmin, and each file is tagged with a security level so some users can see it while others can’t.