Language Selection

English French German Italian Portuguese Spanish

Security: Updates, VirtualBox Zero-Day Vulnerability, Red Hat Enterprise Linux FIPS 140-2, Extended Security Maintenance

Filed under
Security
  • Security updates for Thursday
  • VirtualBox Zero-Day Vulnerability Goes Public, No Security Patch Yet Available

    A zero-day vulnerability in VirtualBox was publicly disclosed by an independent vulnerability researcher and exploit developer Sergey Zelenyuk. VirtualBox is a famous open sourced virtualization software which has been developed by Oracle. This recently discovered vulnerability can allow a malicious program to escape virtual machine and then execute code on OS of the host machine.

  • Red Hat Continues Drive for More Secure Enterprise IT, Re-Certifies Red Hat Enterprise Linux for FIPS 140-2
  • Keep legacy applications secure with Extended Security Maintenance

    Application updates come and go, often they provide your business with added value, but sometimes an update isn’t what is needed or wanted for a legacy application.

    Choosing not to update an application can cause issues. Often, that application becomes unsupported, and with security patches no longer available, it can see your business falling foul of regulatory demands, such as GDPR or security threats.

    Ubuntu LTS users have a five-year window for support, for ITstrategen, when that window came to an end on 12.04, some of ITstrategen’s customers still depended on servers running the now out of support operating system and without support, the security of those servers was at risk.

    The German hosting provider, which was founded in 2011 and supports some of Germany’s most successful businesses, uses Ubuntu as its server operating system.

Red Hat re-certifies Red Hat Enterprise Linux for FIPS 140-2

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Ubuntu 19.10 Puts Nvidia's Proprietary GPU Driver Right On The ISO

In Ubuntu 19.04, Canonical introduced the ability to download Nvidia's propriety graphics driver during the OS installation process (provided the user has an internet connection). That was a welcome step toward making gaming more accessible for newcomers. With the upcoming Ubuntu 19.10, however, Canonical is following in the footsteps of System76's Pop!_OS and slapping Nvidia's driver (both 390 and 418) right onto the ISO. Phoronix spotted the update via Ubuntu's Launchpad platform. What this means is that users can have the proprietary Nvidia driver -- a better option for gaming compared to the open source "Nouveau" driver -- ready to go at first boot. They also have the option to install the Nvidia binary at any point in the future without needing to add or activate a repository or download the driver. Read more

Benchmarking AMD FX vs. Intel Sandy/Ivy Bridge CPUs Following Spectre, Meltdown, L1TF, Zombieload

Now with MDS / Zombieload being public and seeing a 8~10% performance hit in the affected workloads as a result of the new mitigations to these Microarchitectural Data Sampling vulnerabilities, what's the overall performance look like now if going back to the days of AMD FX Vishera and Intel Sandybridge/Ivybridge processors? If Spectre, Meltdown, L1TF/Foreshadow, and now Zombieload had come to light years ago would it have shaken that pivotal point in the industry? Here are benchmarks looking at the the performance today with and without the mitigations to the known CPU vulnerabilities to date. As I've already delivered many benchmarks of these mitigations (including MDS/Zombieload) on newer CPUs, for this article we're looking at older AMD FX CPUs with their relevant Spectre mitigations against Intel Sandybridge and Ivybridge with the Spectre/Meltdown/L1TF/MDS mitigations. Tests were done on Ubuntu 19.04 with the Linux 5.0 kernel while toggling the mitigation levels of off (no coverage) / auto (the default / out-of-the-box mitigations used on all major Linux distributions for the default protections) / auto,nosmt (the more restricted level that also disables SMT / Hyper Threading). The AMD CPUs were tested with off/auto as in the "auto,nosmt" mode it doesn't disable any SMT as it doesn't deem it insecure on AMD platforms. Read more

Today in Techrights

today's leftovers

  • Zombieload, Nextcloud, Peppermint 10, KDE Plasma, IPFire, ArcoLinux, LuneOS | This Week in Linux 67
    On this episode of This Week in Linux, we’ll check out some Distro News from Peppermint OS, ArcoLinux, LuneOS & IPFire. We got a couple apps to talking about like Nextclou0…d and a new Wallpaper tool that has quite a bit of potential. We’ll take a look at what is to come with the next version of KDE Plasma. Intel users have gotten some more bad news regarding a new security vulnerability. Later in the show, we’ll cover some interesting information regarding a couple governments saving money by switching to Linux. Then finally we’ll check out some Linux Gaming News. All that and much more on your Weekly Source for Linux GNews!
  • Ubuntu Podcast: S12E07 – R-Type
    This week we’ve been installing Lineage on a OnePlus One and not migrating Mastodon accounts to ubuntu.social. We round up the Ubuntu community news from Kubuntu, Ubuntu MATE, Peppermint OS and we discuss some tech news. It’s Season 12 Episode 07 of the Ubuntu Podcast! Alan Pope, Mark Johnson and Martin Wimpress are connected and speaking to your brain.
  • OpenGL 4.6 / SPIR-V Support Might Be Inching Closer For Mesa Drivers
    We're quickly approaching the two year anniversary of the OpenGL 4.6 release and it's looking like the Intel/RadeonSI drivers might be inching towards the finish line for that latest major revision of the graphics API.  As we've covered many times, the Mesa drivers have been held up on OpenGL 4.6 support due to their SPIR-V ingestion support mandated by this July 2017 version of the OpenGL specification. While there are the Intel and Radeon RADV Vulkan drivers already with the SPIR-V support that is central to Vulkan, it's taken a long time re-fitting the OpenGL drivers for the likes of ARB_gl_spriv. Then again, there aren't many (actually, any?) major OpenGL games requiring version 4.6 of the specification even with its interoperability benefits thanks to SPIR-V.