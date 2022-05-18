Security Leftovers
Open Source Security: Key Benefits & Drawbacks You Should Know
This article will explore the key benefits and potential drawbacks of open source security in under a minute.
Drupal Releases Security Updates | CISA
Drupal has released security updates to address a Guzzle third-party library vulnerability that does not affect Drupal core but may affect some contributed projects or custom code on Drupal sites. Exploitation of this vulnerability could allow a remote attacker to take control of an affected website.
A Getting-Started Guide to Improving Security with Open-Source Static & Dynamic Security Scanners
As open-source software becomes increasingly common in the infrastructure of businesses, it is essential to ensure the security of the software being relied upon. An increasingly popular cyber security solution is open-source SAST (Static Application Security Testing) and DAST (Dynamic Analysis Security Testing) security scanning, which give IT technicians and developers the ability to access the code of a certain piece of software to remove threats or improve the strength of its security.
Ben Hutchings: Debian LTS work, May 2022
In May I was assigned 11 hours of work by Freexian's Debian LTS initiative and carried over 13 hours from April. I worked 8 hours, and will carry over the remaining time to June.
today's howtos
YaST in a YaST-less system
We all know how awesome YaST can be for administering your (open)SUSE system. From managing the software repositories and the installed software to adjusting the systemd services and sockets. From creating LVM logical volumes to configuring Kdump (or fadump). From inspecting the systemd journal to fine-tuning the boot loader. From configuring network interfaces to adjusting the mitigations for CPU vulnerabilities. From setting the firewall configuration to managing your subscriptions to the different SUSE products… and so much more! But all that comes with a pretty obvious price. You must install YaST and all its dependencies in the system you want to manage. Those dependencies include the Ruby runtime, either ncurses or Qt (depending if you want the text-based or the fully graphical interface) and some other packages or libraries depending on what you want to achieve. For example, you need libzypp to install software or to manage the repositories. What if you don’t want to pay that price? Well, we have an special offer for you! Now you can use YaST to administer your system without installing YaST or any of its dependencies. Ideal for lovers of minimal systems like the MicroOS variants of SUSE and openSUSE. All you need is a container engine like Docker or Podman… and you are using one anyways if you are using MicroOS, isn’t it?
Mourning Marina Zhurakhinsakaya
We are sad to inform our community that Marina Zhurakhinsakaya died on Saturday. CW: cancer - Marina died on Saturday after winning her struggle with cancer for three years. We would like to elevate Marina's message to encourage people to test themselves for genetic markers for breast cancer. You can donate in Marina's honor to Dana Farber's Metastatic Breast Cancer Research Fund...
