Language Selection

English French German Italian Portuguese Spanish

Security: DHCP, System Updates, and Ubuntu Blobs Store

Filed under
Security
  • Protect your Fedora system against this DHCP flaw

    A critical security vulnerability was discovered and disclosed earlier today in dhcp-client. This DHCP flaw carries a high risk to your system and data, especially if you use untrusted networks such as a WiFi access point you don’t own. Read more here for how to protect your Fedora system.

    Dynamic Host Control Protocol (DHCP) allows your system to get configuration from a network it joins. Your system will make a request for DHCP data, and typically a server such as a router answers. The server provides the necessary data for your system to configure itself. This is how, for instance, your system configures itself properly for networking when it joins a wireless network.

    However, an attacker on the local network may be able to exploit this vulnerability. Using a flaw in a dhcp-client script that runs under NetworkManager, the attacker may be able to run arbitrary commands with root privileges on your system. This DHCP flaw puts your system and your data at high risk. The flaw has been assigned CVE-2018-1111 and has a Bugzilla tracking bug.

  • Security updates for Tuesday
  • Potentially Malicious Bytecoin Miner Removed from the Ubuntu Snap Store
  • Canonical on trust and security in the Snap Store

    Here's a posting from Canonical concerning the cryptocurrency-mining app that was discovered in its Snap Store.

  • Canonical finds hidden crypto-miners in the Linux Snap app store

    Last Friday, Canonical, the developer of the popular Ubuntu operating system and owner of the Snapcraft app store, spotted one application surreptitiously mining cryptocurrencies in the background.

More in Tux Machines

Plasma 5.12.5 bugfix update for Kubuntu 18.04 LTS – Testing help required

Are you using Kubuntu 18.04, our current LTS release? We currently have the Plasma 5.12.5 LTS bugfix release available in our Updates PPA, but we would like to provide the important fixes and translations in this release to all users via updates in the main Ubuntu archive. This would also mean these updates would be provide by default with the 18.04.1 point release ISO expected in late July. Read more

New Arduino boards include first FPGA model

Arduino launched a “MKR Vidor 4000” board with a SAMA21 MCU and Cyclone 10 FPGA, as well as an “Uno WiFi Rev 2” with an ATmega4809 MCU. Both boards have a crypto chip and ESP32-based WiFi module. In conjunction with this weekend’s Maker Faire Bay Area, Arduino launched two Arduino boards that are due to ship at the end of June. The MKR Vidor 4000 is the first Arduino board equipped with an field programmable . The Intel Cyclone 10 FPGA. will be supported with programming libraries and a new visual editor. The Arduino Uno WiFi Rev 2, meanwhile, revises the Arduino Uno WiFi with a new Microchip ATmega4809 MCU. It also advances to an ESP32-based u-blox NINA-W102 WiFi module, which is also found on the Vidor 4000. Read more

DragonFlyBSD 5.3 Works Towards Performance Improvements

Given that DragonFlyBSD recently landed some SMP performance improvements and other performance optimizations in its kernel for 5.3-DEVELOPMENT but as well finished tidying up its Spectre mitigation, this weekend I spent some time running some benchmarks on DragonFlyBSD 5.2 and 5.3-DEVELOPMENT to see how the performance has shifted for an Intel Xeon system. Read more

Red Hat News: KVM, OpenStack Platform 13 and More