Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • McAfee and FireEye rename themselves ‘Trellix’ • The Register

    Newly combined security outfits McAfee and FireEye have revealed a new name: "Trellix".

    Readers may find the name familiar, as another tech company used the same name in the 1990s and early 2000s when it offered intranet and web published tools such as Trellix Web.

  • CISA Releases Final Version of Guidance: IPv6 Considerations for TIC 3.0

    CISA has released the final version of Internet Protocol version 6 (IPv6) Considerations for Trusted Internet Connections (TIC) 3.0. This guidance supports the federal government-wide deployment and use of the modernized network protocol. The final version includes feedback provided during the public comment period that ended in October 2021. See the fact sheet Response to Comments on Guidance: IPv6 Considerations for TIC 3.0 for a comprehensive analysis of comments received. This release is in accordance with Office of Management and Budget (OMB) Memorandum 21-07, which entrusts CISA with enhancing the TIC program to support IPv6 implementation in federal IT systems.

  • The price for software security and maintainer burnout / OSI News & Updates [Ed: OSI fails to note NPM is Microsoft and GitHub banned a developer for doing what he wanted with his code. Microsoft is the ‘boss’ of OSI.]

    The price for software security and maintainer burnout

    2022 started reminding us that software security is a problem not only for open source packages. At the same time, “how to remunerate open source maintainers?” is a question with impossibly numerous answers: we need focus to find different solutions for different problems.

    Lots of security issues packed in a few weeks: December 2021 saw the Log4j package knocked down by a nasty bug. In January 2022 we witnessed an act of self-sabotation by a maintainer of two NPM packages. On New Year's Day a bug in Microsoft Exchange ruined the celebrations for many system administrators. Very different scenarios that confirm how complex and fragile our IT infrastructure is. With open source software so popular, shipped in millions of software packages, the open source communities risk becoming a punching bag for problems it cannot necessarily solve.

  • Security updates for Thursday [LWN.net]

    Security updates have been issued by Debian (drupal7), Fedora (kernel, libreswan, nodejs, and wireshark), openSUSE (busybox, firefox, kernel, and python-numpy), Oracle (gegl, gegl04, httpd, java-17-openjdk, kernel, kernel-container, and libreswan), Red Hat (kernel, kernel-rt, and libreswan), Slackware (wpa_supplicant), SUSE (busybox, firefox, htmldoc, kernel, kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-operator-container, openstack-monasca-agent, spark, spark-kit, zookeeper, and python-numpy), and Ubuntu (curl, linux, linux-aws, linux-aws-5.11, linux-aws-5.4, linux-azure, linux-azure-5.11, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.11, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oem-5.10, linux-oem-5.13, linux-oem-5.14, linux-oracle, linux-oracle-5.11, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, openvswitch, and qtsvg-opensource-src).

4 More warnings (CISA)

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Linux 5.18-rc7

	
From	Linus Torvalds 
Date	Sun, 15 May 2022 18:15:42 -0700
Subject	Linux 5.18-rc7
share 0
So things continue to be fairly calm, and as such this is likely the
last rc before 5.18 unless something bad happens next week.

All the stats here look normal, with the bulk of it being random
driver updates (network drivers, gpu, usb, etc).

There's a few filesystem fixes, some core networking, and some code
kernel stuff. And some selftest updates.

Sortlog appended, nothing really stands out (the most exciting thing
last week was literally that Andrew has started using git, which will
make my life easier, but that doesn't affect the *code*)

Please give it one last week of testing, so that we'll have a nice
solid 5.18 release.

                 Linus

Read more

today's howtos

  1. Finding files in Ubuntu 22.04

    In computing, file placement is an important activity to perform as you may forget the file location. Ubuntu 22.04 supports various built-in commands to trace down your files. However, the graphical user interface may also be used to find files.

  2. How to Convert SVG or PDF File to Base64?

    Apart from simple text, the image files or documents can also be converted to the Base64 format. These entities can then be stored securely anywhere you want. In this article, we would like to share the methods of converting the SVG files and PDF files to Base64 using the Python programming language in Ubuntu 20.04. First, we will introduce you briefly to these file formats, followed by the procedure of converting them to Base64.

  3. How to install DataGrip 2022 on a Chromebook

    Today we are looking at how to install DataGrip 2022 on a Chromebook. Please follow the video/audio guide as a tutorial where we explain the process step by step and use the commands below.

  4. GDISK Command-Line Options

    The GDISK command in Linux is used to partition the drives of your system. Moreover, it can also be used to list down the existing partitions and display relevant information about them. In this guide, we will be talking about the different command-line options that are available with the GDISK command on a Linux Mint 20.3 system.

  5. Mapfile Bash Linux Command

    The bash shell Mapfile command is often known as a reading array. The primary purpose is to read standard input lines and store them in an indexed array variable. Mapfile must also read from substitution (<<) rather than a pipe. In addition, as compared to a read loop, bash Mapfile is a much faster and more convenient solution. It returns 1 if the execution of the command gets successful and 0 in case it is not successful. If we don’t specify an array name, the bash Mapfile variable will be targeting the array variable by default. Thus, we have decided to cover some examples using the mapfile instruction on the bash.

  6. Resolve Issue: Bash Bad Substitution

    You may have received the Bad substitution syntax problem while developing Bash scripts. After browsing through forums, you may discover that you are not alone; other individuals are encountering the same mistake. It’s a typographical fault that happens when you run your Shell script, and it can happen for a variety of reasons. The wrong use of instruction substitution and erroneous characters appended to the program are two major reasons for this. Let’s see how we can make our shell script cause this error and how to resolve it. Get started with the new bash file created with Ubuntu’s “touch” query and open it within the “GNU Nano” editor.

  7. Resolve Issue: Bash Unary Operator Expected

    Errors have a diverse number of types and reasons when it comes to bash programming. One of those errors is the “unary operator expected” error in bash programming. When evaluating expressions in conditional declarations, you may run into the “unary operator expected” issue. The reasons for this error “bash unary operator expected” might be diverse. We’ll start by talking about what’s creating the problem. Following that, we’ll go over a couple of options for resolving this problem. Let’s get started with today’s article by creating a new bash file in Ubuntu 20.04 system. For this, we need to utilize the “touch” instruction within the shell terminal and name the file “unary.sh”.

today's leftovers

  • Linux Weekly Roundup #182

    Welcome to this week's Linux weekly roundup. We had another full week in the world of Linux releases with Fedora 36, Bluestar Linux 5.17.7, ALT Linux 10.0, and LXLE Focal beta. I hope you have a wonderful week and enjoy every moment!

  • libiconv - News: libiconv 1.17 released [Savannah]

    GNU libiconv 1.17 is released.

  • PS4 9.60 and PS5 5.10 Firmware updates released, do not update if possible - Wololo.net

    So as always, we (and several prominent members of the hacking scene) recommend you do not update your console, if you can, and if you’re expecting to Jailbreak it eventually.

  • Best PlayStation 2 (PS2) Emulators for Android in 2022

    The Google Play Store is packed with interesting games, but most of them pale in comparison with the best PlayStation 2 titles, such as Silent Hill 2, Ico, Shadow of the Colossus, the Ratchet and Clank series, Final Fantasy X, Kingdom Hearts 1 & 2, Wild Arms, or Persona 4, just to give some examples. These and many other games are still fun to play, even though it’s been more than two decades since Sony released the PlayStation 2 console to great success. You can play them even if you don’t own the console or any of its successors’ thanks to PlayStation 2 emulators for Android.

  • Best Roblox Anime Games

    Roblox is a unique gaming platform with a library that has millions of games created by a community of millions of developers, allowing endless hours of gameplay. If you are a fan of anime and looking for games that resemble them then we have mentioned some of the top anime games in this article.

  • Did you know Twitter has an open-source arm? This is what it's been up to [Ed: Openwashing of a truly sinister and manipulative entity]
  • KlipperScreen: All You Need to Know [Ed: Not about KDE per se. This could be a trademark problem because of KDE. Klipper started in the 1990s.]

    KlipperScreen is a program that runs on Klipper firmware and provides a GUI to control your printer. Read on to learn more about it!

OpenVMS 9.2 hits production status for x86-64

VMS Software Inc. has announced the release of OpenVMS 9.2, the first production-supported release for commercial off-the-shelf x86 hardware. The expectation is that customers will deploy the new OS [PDF] into VMs. Most recent hypervisors are supported, including VMware (Workstation 15+, Fusion 11+ and ESXi 6.7+), KVM (tested on CentOS 7.9, openSUSE Leap 15.3, and Ubuntu 18.04), and Oracle VirtualBox 6.1. Read more