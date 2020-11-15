Security Leftovers
Security updates for Monday [LWN.net]
Security updates have been issued by Debian (libdatetime-timezone-perl and libvncserver), Fedora (chromium, kernel, kernel-headers, kernel-tools, krb5, libexif, libxml2, and thunderbird), Gentoo (chromium, libmaxminddb, and mit-krb5), Mageia (arpwatch, bluez, chromium-browser-stable, firefox and thunderbird, golang, java-1.8.0-op, kdeconnect-kde, kleopatra, libexif, lilypond, microcode, packagekit, ruby, and tpm2-tss), openSUSE (chromium, firefox, ImageMagick, kernel, openldap2, python-waitress, SDL, u-boot, ucode-intel, and zeromq), Oracle (fence-agents, firefox, freetype, kernel, python, python3, and thunderbird), Red Hat (rh-postgresql10-postgresql, rh-postgresql12-postgresql, and virt:8.2 and virt-devel:8.2), Slackware (seamonkey), and SUSE (firefox, gdm, kernel, and kernel-firmware).
Google Chrome Update Gets Serious: Homeland Security (CISA) Confirms Attacks Underway
Homeland Security cybersecurity agency says update Google Chrome as attackers home in on new security flaws.
Within the space of just three short weeks, Google has patched no less than five potentially dangerous vulnerabilities in the Chrome web browser.
These are not your common vulnerabilities either, but rather ones known as zero-days. A zero-day being a vulnerability that is being actively exploited by attackers while remaining unknown to the vendor or threat intelligence outfits.
Leaving LastPass and Adopting Another Password Manager
I've been on LastPass for years, but it's time to move on. This explains 3 reasons why and what I am switching to.
SUSE Releases Fix for SADDNS Vulnerability
Security researchers from University of California and Tsinghua University have identified a new variant of DNS cache poisoning attacks called SADDNS (“Side-channel AttackeD DNS”) due to newly identified side channel attack against ICMP replies.
This reappearance of the DNS cache poisoning attack allows remote attackers to pretend to be different hosts, if your host is reachable from the Internet, allowing person-in-the-middle against encrypted communication or software delivery.
SUSE is delivering Linux Kernel Updates to again mitigate the SADDNS attack.
SUSE also recommends to use DNSSEC, which in general avoids this kind of attack.
