Language Selection

English French German Italian Portuguese Spanish

Security

Ubuntu: Linux kernel vulnerabilities

Filed under
Security

Mark Dowd discovered that the netfilter iptables module did not correctly handle fragmented IPv6 packets. By sending specially crafted packets, a remote attacker could exploit this to bypass firewall rules.

Two flaws found in Firefox

Filed under
Security

A security company has reported two new flaws in the Mozilla Firefox browser that may leave locally saved files vulnerable to outside attacks.

Debian warns of Mozilla bugs

Filed under
Security

Linux distributor Debian issued a security advisory over the weekend, warning of several problems in Mozilla and associated products such as Mozilla Firefox.

M$ and Open Source Experts to Brief House of Lords

Filed under
Security

Representatives of Microsoft Corp and the open source community will this week brief members of the UK's House of Lords as part of its ongoing inquiry into personal internet security.

Automatically Scan Uploaded Files For Viruses With php-clamavlib

Filed under
Security
Ubuntu
HowTos

This guide describes how you can automatically scan files uploaded by users through a web form on your server using PHP and ClamAV. That way you can make sure that your upload form will not be abused to distribute malware. To glue PHP and ClamAV, we install the package php5-clamavlib/php4-clamavlib which is rather undocumented at this time. That package is available for Debian Etch and Sid and also for Ubuntu Dapper Drake and Edgy Eft.

Opera Has Words For Mozilla

Filed under
Software
Security

Opera Software is calling accusations made by Mozilla staffer Asa Dotzler regarding Opera's security disclosure policies, "dangerous and irresponsible."

Some unpleasant X.org vulnerabilities

Filed under
Security

iDefense Lab security researchers discovered that the expressions computing the parameters for ALLOCATE_LOCAL() in those functions are using client-provided value in an expression that is subject to integer overflows, which could lead to memory corruption. All X.Org X server version implementing the X render and dbe extensions are vulnerable.

Mozilla Takes Aim at Opera Security

Filed under
Software
Security

Opera Software may well be putting its browser users at risk by not properly disclosing security vulnerabilities to vulnerable users. At least that's the allegation made by Mozilla Corp.'s Asa Dotzler.

Opera on Handling Security

Filed under
Security

Recently, some of our users have asked why we chose to disclose a potential security issue only after the release of Opera 9.10. Let me try to give a short overview on how security issues get reported and disclosed - and not only at Opera, but in most applications: it might help some people to understand how this works.

"Apple Bug" number six hits Windows, Linux too

Filed under
Security

The Month of Apple Bugs has turned up another cross-platform issue - this time one that affects Windows, Linux and potentially other operating systems in addition to Mac OS X.

Syndicate content

More in Tux Machines

NSA partners with Apache to release open-source data traffic program

In partnership with the Apache Software Foundation, the NSA announced on Tuesday that it is releasing the source code for Niagarafiles (Nifi). The spy agency said that Nifi "automates data flows among multiple computer networks, even when data formats and protocols differ". Read more

Expensive "Free/Libre Software Laptop" Uses A NVIDIA GPU

While there's been an ongoing discussion this week about delivering a $500 "open to the core" laptop that runs Ubuntu Linux and would be comprised of open-source software down to the firmware and Coreboot, announced last week was a high-end laptop that also aims to promote free/libre software. Though don't get out your wallets quite yet. Read more

Docker Update Fixes Pair of Critical Security flaws

The open-source Docker container virtualization technology has emerged as one of the hottest and most hyped technologies of the year. Docker, however, isn't immune from security vulnerabilities, as a pair of recent updates illustrate. Read more

Linux-based AUV maps Antarctic sea ice thickness

Woods Hole Oceanographic used a Linux-based “SeaBED” AUV to build the first 3D map of Antarctic sea ice — and found it’s thicker than had been estimated. Every now and then we see some good news about climate change sprinkled in with all the increasingly dire warnings. Yesterday, the New York Times reported that solar and wind energy are starting to become competitive with natural gas. On the same day, Woods Hole Oceanographic Institute (WHOI), based in Massachusetts, announced it had published a paper in Nature Geoscience on experiments run by an autonomous, Linux-based submarine called the SeaBED. The underwater survey indicated that Antarctic sea ice was thicker than had been previously estimated. Read more