MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
security
Search

PC / Tech. > LWN.net

Tuesday March 12, 2024. 09:38 PM
The mainline kernel has just received a set of commits addressing the 'register file data sampling' hardware vulnerability. RFDS may allow a malicious actor to infer data values previously used in floating point registers, vector registers, or integer registers. RFDS does...
    25
Herb Sutter, chair of the ISO C++ standards committee, writes about the current problems with writing secure C++, and his personal opinion on next steps to address this while maintaining backward compatibility. If there were 90-98% fewer C++...
    1
Serialization is the process of transforming Python objects into a sequence of bytes which can be used to recreate a copy of the object later — or on another machine. pickle is Python's native serialization module. It can store complex Python objects, making it an...
    0
Security updates have been issued by Debian (qemu), Mageia (libtiff and thunderbird), Red Hat (kernel, kpatch-patch, postgresql, and rhc-worker-script), SUSE (compat-openssl098, openssl, openssl1, python-Django, python-Django1, and wpa_supplicant), and Ubuntu...
    12
Geoff Huston digs into the details of the KeyTrap DNS vulnerability, which was disclosed in February. It's by no means '[devastating]' for the DNS, and the fix is much the same as the previous fix. As well as limiting the number of queries that a resolver can generate to...
    2
Monday March 11, 2024. 04:59 PM
The 6.8 kernel was released on March 10 after a typical, nine-week development cycle. Over this time, 1,938 developers contributed 14,405 non-merge changesets, making 6.8 into a slower cycle than 6.7 (but busier than 6.6), with the lowest number of developers participating...
    10
Security updates have been issued by Debian (libuv1, nss, squid, tar, tiff, and wordpress), Fedora (chromium, exercism, grub2, qpdf, and wpa_supplicant), Oracle (edk2 and opencryptoki), and SUSE (cpio, openssl-1_0_0, openssl-1_1, openssl-3, sudo, tomcat, and xen).
    8
Sunday March 10, 2024. 10:37 PM
Linus has released the 6.8 kernel. So it took a bit longer for the commit counts to come down this release than I tend to prefer, but a lot of that seemed to be about various selftest updates (networking in particular) rather than any actual real sign of problems. And the...
    13
Andrew 'bunnie' Huang provides an update on his IRIS infrared chip-scanning project as the starting point for a detailed summary on how chip customers can detect forgeries and modifications in general. The technique works because although silicon looks opaque at visible...
    12
Friday March 8, 2024. 09:58 PM
Name collisions aren't just a problem for software development—organizations, projects, and software that have the same or similar names can cause serious confusion. That was certainly the case on February 28 when the Open Collective Foundation (OCF) began to notify its...
    19
Before loading a BPF program, the kernel must verify that the program is safe to run; among other things, that verification includes ensuring that the program will terminate within a bounded time. That requirement has long made writing loops in BPF a challenging task. The...
    9
Security updates have been issued by Debian (fontforge), Fedora (chromium, iwd, libell, and thunderbird), Oracle (buildah, kernel, skopeo, and tomcat), Red Hat (opencryptoki), Slackware (ghostscript), SUSE (go1.21, go1.22, google-oauth-java-client, jetty-minimal,...
    14
Thursday March 7, 2024. 04:46 PM
While programmers are used to having tools to check their code for stylistic problems, writers often limit automatic checks of their texts to spelling and, sometimes, grammar, because there are not a lot of options for further checking. If that is the case, Vale, an...
    9
Security updates have been issued by Debian (chromium and yard), Fedora (cpp-jwt, golang-github-tdewolff-argp, golang-github-tdewolff-minify, golang-github-tdewolff-parse, and suricata), Mageia (wpa_supplicant), Oracle (curl, edk2, golang, haproxy, keylime, mysql, openssh,...
    8
The LWN.net Weekly Edition for March 7, 2024 is available.
    9
Wednesday March 6, 2024. 10:02 PM
The Fedora Project switched to MariaDB as the default implementation of MySQL in Fedora 19 in 2013. Once a drop-in replacement for MySQL, MariaDB has diverged enough that this is no longer the case—and, despite concerns about Oracle and optimism that MariaDB would supplant My...
    19
The postmarketOS project, which produces a Linux distribution for phones and mobile devices, has announced that it is in the early stages of adding systemd to make it easier to support GNOME and KDE. Users who prefer the OpenRC init system are assured they will still have...
    4
QUIC is a UDP-based transport protocol that forms the foundation of HTTP/3. It was initially developed at Google in 2012, and became an IETF standard in 2021. Work on the protocol did not stop with its standardization, however. The QUIC Working Group published several...
    10
Greg Kroah-Hartman has announced another round of stable kernel updates: 6.7.9, 6.6.21, 6.1.81, 5.15.151, 5.10.212, 5.4.271, and 4.19.309 have all been released. Each contains a set of important fixes.
    14
Security updates have been issued by Debian (libapache2-mod-auth-openidc, libuv1, php-phpseclib, and phpseclib), Red Hat (buildah, cups, curl, device-mapper-multipath, emacs, fence-agents, frr, fwupd, gmp, gnutls, golang, haproxy, keylime, libfastjson, libmicrohttpd,...
    15
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Mar, Fri 29 - 10:50 CET