Language Selection

English French German Italian Portuguese Spanish

Security: SELinux, Intel, Critical Flaw In phpMyAdmin

Filed under
Security
  • Linode and Vultr no longer disables SELinux by default in Fedora Server 27

    The two virtual private server (VPS) hosting providers Linode and Vultr have been offering server instances of Fedora Server with Security-Enhanced Linux (SELinux) enforcement disabled by default. New instances deployed with Fedora Server 27 now enable SELinux in enforcing mode by default; aligning them to the upstream Fedora defaults.

    SELinux is a mandatory access control system managed by a set of security policies that the Kernel use to limit what processes and users can do on the system. One of Fedora’s differentiating features compared to other Linux distributions is its well-maintained and low-friction default SELinux policy set.

  • Massive Security Flaw In Intel CPUs: Upcoming Linux & Windows Fixes To Slow Down Your PC
  • Critical Flaw Reported In phpMyAdmin Lets Attackers Damage Databases

    A critical security vulnerability has been reported in phpMyAdmin—one of the most popular applications for managing the MySQL database—which could allow remote attackers to perform dangerous database operations just by tricking administrators into clicking a link.

    Discovered by an Indian security researcher, Ashutosh Barot, the vulnerability is a cross-site request forgery (CSRF) attack and affects phpMyAdmin versions 4.7.x (prior to 4.7.7).

More in Tux Machines

Plasma 5.12 LTS beta available in PPA for testing on Artful & Bionic

Adventurous users, testers and developers running Artful 17.10 or our development release Bionic 18.04 can now test the beta version of Plasma 5.12 LTS. Read more Also: Kubuntu 17.10 and 18.04 Users Can Now Try the KDE Plasma 5.12 LTS Desktop

Leftovers: Proprietary Software, HowTos, and GXml

Debian Developers: Google Summer of Code, Quick Recap of 2017

  • RHL'18 in Saint-Cergue, Switzerland
    In between eating fondue and skiing, I found time to resurrect some of my previous project ideas for Google Summer of Code. Most of them are not specific to Debian, several of them need co-mentors, please contact me if you are interested.
  • Quick recap of 2017
         After the Stretch release, it was time to attend DebConf’17 in Montreal, Canada. I’ve presented the latest news on the Debian Installer front there as well. This included a quick demo of my little framework which lets me run automatic installation tests. Many attendees mentioned openQA as the current state of the art technology for OS installation testing, and Philip Hands started looking into it. Right now, my little thing is still useful as it is, helping me reproduce regressions quickly, and testing bug fixes… so I haven’t been trying to port that to another tool yet. I also gave another presentation in two different contexts: once at a local FLOSS meeting in Nantes, France and once during the mini-DebConf in Toulouse, France. Nothing related to Debian Installer this time, as the topic was how I helped a company upgrade thousands of machines from Debian 6 to Debian 8 (and to Debian 9 since then). It was nice to have Evolix people around, since we shared our respective experience around automation tools like Ansible and Puppet.

Devices: Raspberry Pi and Android