Language Selection

English French German Italian Portuguese Spanish

Security and Proprietary Software

Filed under
Security
  • Linux servers are getting a welcome security upgrade

    Cybersecurity firm Sophos has acquired Linux security vendor Capsule8 in a bid to extend its protection cover to Linux servers.

    Capsule8 offers a threat detection platform for securing Linux production environments across bare-metal and virtualized servers, as well as containers, whether deployed on-premise or in the cloud.

    Acquired for an unknown sum, Sophos intends to integrate Capsule8’s protection platform into its Adaptive Cybersecurity Ecosystem (ACE) platform.

  • Critical Juniper Bug Allows DoS, RCE Against Carrier Networks

    Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited.

    [...]

    One of these can also be used for RCE, Juniper said. That bug (CVE-2021-0277, with an 8.8 CVSS rating) is an out-of-bounds read vulnerability afflicting Junos OS (versions 12.3, 15.1, 17.3, 17.4, 18.1, 18.2, 18.3, 18.4, 19.1, 19.2, 19.3, 19.4, 20.1, 20.2, 20.3 and 20.4), and Junos OS Evolved (all versions).

    Junos OS and Junos OS Evolved are network operating systems that power Juniper’s enterprise routers and switches. The former runs on FreeBSD, while the latter runs a version of Linux.

    The issue exists in the processing of specially crafted LLDP frames by the Layer 2 Control Protocol Daemon (l2cpd). LLDP is the protocol that network devices use to broadcast their identity, capabilities and neighbors on a local area network (usually over wired Ethernet).

    “Continued receipt and processing of these frames, sent from the local broadcast domain, will repeatedly crash the l2cpd process and sustain the DoS condition,” Juniper said in its advisory, issued Thursday.

    In addition to the patch, this bug has a few workarounds. For instance, users can configure a device to not load the l2cpd daemon. However, if it’s disabled, certain protocols (RSTP, MSTP, VSTP, ERP, xSTP and ERP, among others) won’t work.

  • What follows Patch Tuesday? Exploit Wednesday. Grab this bumper batch of security updates from Microsoft • The Register

    Microsoft released an XL-sized bundle of security fixes for its products for this month's Patch Tuesday, and other vendors are close behind in issuing updates.

  • SonicWall suggests people unplug their end-of-life gateways under 'active attack' by ransomware crims

    SonicWall has warned that its older Secure Mobile Access (SMA) 100 series and Secure Remote Access (SRA) gateways are being attacked in the wild by crooks to spread ransomware – and as some of those devices are end-of-life, don't expect any patches to protect them.

    In an emergency alert on Wednesday, the networking biz said miscreants are "actively targeting" the equipment to, as we understand it, steal credentials from them to compromise networks for "an imminent ransomware campaign."

More in Tux Machines

pgAdmin 4 v6.1 Released

The pgAdmin Development Team is pleased to announce pgAdmin 4 version 6.1. This release of pgAdmin 4 includes 30 bug fixes and new features. For more details please see the release notes. pgAdmin is the leading Open Source graphical management tool for PostgreSQL. For more information, please see the website. Read more Also: pgexporter 0.2.0

today's leftovers

  • GPL Had Better be a Contract

    Software Freedom Conservancy announced today that they are suing Vizio, which makes TVs, for violations of GPLv2 and LGPLv2.1. Their website has a copy of a signed complaint, the legal document you file with a court to get a lawsuit started.

    Upshot: It looks like SFC’s suing for breach of contract. They’re claiming explicitly that GPLv2 and LGPLv2.1 are contracts, that Vizio breached those contracts, and that they should be held accountable under contract law.

    The main remedy SFC requests—the thing they’re asking the court to do for them—is to order Vizio to give them full corresponding source code, as agreed under GPLv2 and LGPLv2.1. That’s called “specific performance”. It’s a remedy under contract law. Not property law or intellectual property law, like copyright law.

  • Open access switch picks up pace in Australia and New Zealand

    Australian and New Zealand universities have notched up open access deals with two major academic publishers inside a week after Springer Nature unveiled a “transformative agreement” with the Council of Australian University Librarians (Caul).

    The three-year “read and publish” arrangement covers the article processing charges that authors normally pay to move their work in front of paywalls. Researchers will be able to make their articles freely accessible if they are accepted for publication in more than 2,000 journals, provided that their universities subscribe to those journals.

  • OK Lenovo, we need to talk!

    I’ve been wanting to publicly comment on Lenovo’s statement on Linux support for a while, as there’s much to say about it, and my failing attempt at finding a suitable replacement for my venerable T510 gave me an excuse to document my love-hate relationship with Lenovo all at once.

    This is of course my own personal views and ideas, and does not reflect the Haiku project’s position on the topic, nor that of Haiku, Inc. But I feel they deserve to be brought here due to history and the direct and indirect effect it might have had on the project, including previous failed attempts at commercial applications using it.

    While Lenovo is still above many other manufacturers on some aspects, and on others domains, well, nobody does any better anyway, they purport to perpetuating the IBM legacy, so I think (sic) they should be held up to the standard they claim to follow. Yet the discussion about repair and documentation pertains to almost every vendor.

  • sh(1): make it the default shell for the root user

    This changes also simplifies making tiny freebsd images with only sh(1) as a shell

  • #13 It begins…

    Update on what happened across the GNOME project in the week from October 01 to October 08.

  • CUDA-Python Reaches "GA" With NVIDIA CUDA 11.5 Release, __int128 Preview

    NVIDIA has made available CUDA 11.5 today as the latest version of their popular but proprietary compute stack/platform. Notable with CUDA 11.5 is that CUDA-Python has reached general availability status. NVIDIA CUDA 11.5 was posted today along with updated device drivers for Windows and Linux systems. Some of the CUDA 11.5 highlights include:

  • AMD GPU Driver Looks To Make Use Of Intel's New Buddy Allocator Code In The Linux Kernel - Phoronix

    Thanks to the nature of open-source, AMD engineers for the "AMDGPU" kernel graphics driver are looking to make use of Intel's new i915 buddy allocator code they introduced as part of all their video memory management changes as part of their discrete graphics bring-up. As part of Intel's bring-up of device local memory support for their dedicated GPU enablement and adding the notion of memory regions and other changes, they added a buddy allocator implementation for allocating video memory. This is an implementation of the well known buddy system for dividing of memory into equal parts (buddies) and continuing equal splitting that until able to satisfy the memory request.

Programming Leftovers

  • Ruby Lands "YJIT" As A Speedy, In-Process JIT Compiler - Phoronix

    YJIT is a JIT compiler for Ruby that leverages the lazy Basic Block Versioning (LBBV) architecture. YJIT has been in the works for a number of years. Most exciting for end-users and developers is that YJIT yields an average speed-up of around 23% compared to the current CRuby interpreter for realistic benchmarks.

  • Release: rebuilderd v0.15.0

    rebuilderd 0.15.0 very recently released, this is a short intro into what it is, how it works and how to build our own integrations!

  • Eclipse OpenJ9 0.29 Released With Full AArch64 Linux Support, More Mature JITServer Tech

    The newest feature release to Eclipse OpenJ9 is now available, the high performance Java Virtual Machine originating from IBM J9. Eclipse OpenJ9 v0.29 was released today, one day after the GraalVM 21.3 release and one month after the OpenJDK 17 debut. But in the case of OpenJ9 v0.29 it continues to target just OpenJDK 8 and OpenJDK 11.

Security, Entrapment (Microsoft GitHub), and Microsoft FUD