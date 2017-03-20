Security Leftovers
-
Security updates for Monday
-
Old Linux kernel security bug bites
OK, hands up, who knows what High-Level Data Link Control (HDLC) is? It's an archaic networking data framing protocol that's used in modems, X.25, frame-relay, ISDN, and other now uncommon networking technologies. I know it because I used to work with them back in the day. You'll get to know it now because a researcher discovered a security hole hidden within the Linux kernel driver that implements it.
-
Seven year-old Linux vulnerability now patched
An old vulnerability was just discovered in the Linux kernel, potentially allowing hackers to gain privilege escalation, or cause a denial of service. The vulnerability was quickly fixed and there have been no signs of it in the wild, although that does not necessarily mean it went unnoticed.
-
OpenSSH 7.5 released
OpenSSH 7.5 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly.
-
OpenSSH 7.5 Has Security Fixes, Removes OpenSSL 1.0 Support for Portable OpenSSH
OpenSSH, the cross-platform and open-source 100% complete SSH 2.0 protocol implementation offering both SFTP server and client support was updated today to version 7.5.
OpenSSH 7.5 comes three months after the release of OpenSSH 7.4 in late December 2016, and promises to be a maintenance update that addresses two important security issues, implements support for the "=-" syntax to make removing of methods from algorithm lists a lot easier, and fix numerous reported bugs.
-
Is Linux Mint a secure distribution?
Linux Mint has been lambasted by some in the media for security problems over the last few years. But how accurate are such perceptions? Does Linux Mint really suffer from security problems or is it all much ado about nothing?
A writer at DistroWatch wades into the controversy and examines some of the myths and misunderstandings about Linux Mint and security.
-
Linux Mint's security record
Some of the more common misunderstandings I have encountered recently have involved the Linux Mint distribution. Mint has been a popular project in recent years and, with many people using the distribution and talking about the project, there is bound to be some mis-communication. In particular, most of the rumours and misunderstandings I have encountered have revolved around Mint's security practises and history. I would like to clear up a few of the more common rumours.
-
Mozilla Firefox is the First Pwn2own 2017 Victim to be Patched
Some vendors respond to security issues faster than others. Last week, the 10th annual Pwn2own hacking challenge was hosted by Trend Micro's Zero Day Initiative (ZDI), with multiple groups of researchers taking aim at web browsers, operating systems and virtualization technology.
Mozilla's Firefox web browser was successfully exploited on March 16, the second day of the Pwn2own event. Researchers from Chaitin Security Research Lab were the only group to attack Mozilla Firefox, and earned $30,000 for demonstrating a new zero-day exploit. The day the exploit was demonstrated, the only thing publicly revealed about the exploit is that it made use of an integer overflow flaw in combination with an uninitialized memory buffer in the Windows kernel.
-
Red Hat Launches Red Hat Enterprise Linux 6.9
Red Hat, Inc. (NYSE: RHT), the world’s leading provider of open source solutions, today announced the general availability of Red Hat Enterprise Linux 6.9. The latest update to the Red Hat Enterprise Linux 6 platform, Red Hat Enterprise Linux 6.9 builds upon more than six years of enterprise-proven success, offering a more secure, stable and reliable platform for the modern enterprise and prioritizes features for critical deployments. Also: Red Hat Enterprise Linux 6.9 Released
KDevelop 5.1.0 released
We are happy to announce the release of KDevelop 5.1! Tons of new stuff entered KDevelop 5.1. Here's a summary of what's new in this version: Also:KDevelop 5.1 Released With LLDB Support, Initial OpenCL, Better Python Support
GNOME Photos 3.24.0
It was high time that we overhauled our old GtkIconView-based overview grids. Their inability to reflow the thumbnails leads to a an ugly vertical gutter of empty space unless the window is just the right size. The other problem was performance. GtkIconView gets extremely slow when the icons are updated, which usually happens when content is detected for the first time and start getting thumbnailed.
