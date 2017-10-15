Security: Updates/Patches and Chinese Mawlare on Top of US Malware (iOS/Android)
-
Security updates for Wednesday
Security updates have been issued by Debian (pdns), Fedora (kernel and kernel-headers), Mageia (cgit and firefox), Oracle (libssh2 and qemu-kvm), Red Hat (openstack-ironic-inspector, openstack-tripleo-common, and qemu-kvm-rhev), Scientific Linux (libssh2 and qemu-kvm), SUSE (bzip2, cronie, libtasn1, nmap, php7, php72, python-Twisted, and taglib), and Ubuntu (thunderbird and znc).
-
Google Releases July 2019's Android Security Patch to Fix over 30 Security Flaws
Google has released today the Android Security Patch for July 2019 for all supported Pixel devices to address the latest security issues, fix bugs, and add various improvements.
[...]
Apart from all the security fixes, the Android Security Patch for July 2019 also fixes various bugs for supported Pixel devices. As such, it improves the "OK Google" hotword and music detection on Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, Pixel 3a XL devices, and addresses an issue for some Pixel 3 and Pixel 3 XL devices getting stuck during boot.
Moreover, Google fixed an issue on Pixel 3, Pixel 3, XL, Pixel 3a, and Pixel 3a XL devices getting stuck in EDL mode with a blank screen, improves Unicode Japanese language support for Pixel, Pixel XL, Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, and Pixel 3a XL devices, and improves the performance of the Titan M module on the Pixel 3, Pixel 3 XL, Pixel 3a, and Pixel 3a XL.
The Android Security Patch for July 2019 is now rolling out to all supported Pixel devices, including the Pixel 2, Pixel 2 XL, Pixel 3, Pixel 3 XL, Pixel 3a, and Pixel 3a XL, and it should also be available shortly for other Android devices from major manufacturers like Essential, Sony, and others. The rollout will take a few days to arrive to all users, so make sure you update as soon as possible.
-
Chinese Border Agents Now Installing Malware On Foreigners' Cellphones
It's a pretty open intrusion. The malware makes no attempt to hide itself. It even places an icon on the device's application screen. The app has been uploaded by Motherboard and analysis shows this may possibly be for the convenience of the person scanning the phone. The app is sideloaded by border agents, who run a scan and search for the targeted content. Once this is done, those files can be viewed/exfiltrated and the app uninstalled. Also, soon after the article was published, most of the major anti-malware providers started flagging this software.
It's all part of the surveillance regime the Chinese government has directed towards the Uighur population in Xinjiang. Only now it's spread past the historically-oppressed population to visitors to the region. Pretty much anyone travelling into the region via certain checkpoints is subject to device seizures and malware installation.
-
VMware begins patching process for Linux SACK vulnerabilities
The two flaws, SACK Panic (CVE-2019-11477) and SACK Excess Resource Usage (CVE-2019-11478), were originally found and disclosed by Netflix researchers, along with two Linux bugs.
“These issues may allow a malicious entity to execute a denial of service attack against affected products, warns a July 2 company security advisory that collectively rates the vulnerabilities as important in severity. (SACK Panic has a CVSSv3 base score of 7.5, while SACK Excess Resource Usage has a score of 5.3.)
As of July 3, 11:30 a.m. ET, patches were available for SD-WAN Edge by VeloCloud, SD-WAN Gateway by VeloCloud, SD-WAN Orchestrator by VeloCloud, Unified Access Gateway and vCenter Server Appliance, and workarounds were available for Unified Access Gateway and vCloud Director for Service Providers.
-
- Login or register to post comments
- Printer-friendly version
- 695 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
OSS: OSI, Mozilla, Crunchy Data, LibreOffice, NexDock
GameShell is a portable and modular DIY retro game console
It’s the “world’s first modular, portable game console” running a GNU/Linux operating system. You can easily play retro games from Atari, GameBoy, GameBoy Advance, Nintendo Entertainment System, and more on the GameShell. Or, create your own game entirely with Preset C, Python, Lua, Javascript, or LISP. Also: Google's Fuschia operating system has been in works for years now.
Miscellaneous New Articles From Linux Magazine (Partial Paywalls)
Linux Mint 20 will ditch 32-bit architecture following Canonical's recent announcement
Clem Lefebvre, head of the Linux Mint project, has announced that Linux Mint 20 and beyond will drop support for 32-bit systems. The news comes on the heels of a decision made by Canonical to drop support for the 32-bit architecture in Ubuntu 19.10 and Ubuntu 20.04 LTS, the latter of which Linux Mint 20 will be based on. In the blog post, Lefebvre said he believes most people are happy with the decision to drop 32-bit versions and that it makes sense in 2020. Computers with a 64-bit processor have been on the market since 2003, and most of the computers that have shipped in this decade are 64-bit ready (except several infernal netbooks).
Recent comments
1 hour 3 min ago
1 hour 5 min ago
1 hour 19 min ago
1 hour 29 min ago
1 hour 35 min ago
5 hours 7 min ago
12 hours 4 min ago
20 hours 35 min ago
20 hours 47 min ago
1 day 4 hours ago