Friday's security updates

Linux Weekly News - p, 2015-01-23 16:35

CentOS has updated jasper (C6: multiple vulnerabilities).

openSUSE has updated dbus-1 (13.1, 13.2: multiple vulnerabilities), elfutils (13.1, 13.2: directory traversal), flash-player (13.1, 13.2: memory randomization circumvention), otrs (13.1, 13.2: authentication bypass), roundcubemail (13.2: cross-site request forgery), strongswan (13.1, 13.2: denial of service), and wireshark (13.1, 13.2: multiple vulnerabilities).

Oracle has updated jasper (O6; O7: multiple vulnerabilities).

Red Hat has updated jasper (RHEL6,7: multiple vulnerabilities), java-1.7.0-oracle (multiple vulnerabilities), and java-1.8.0-oracle (RHEL6: multiple vulnerabilities).

Scientific Linux has updated jasper (SL6,7: multiple vulnerabilities).

SUSE has updated flash-player (memory randomization circumvention) and rpm (SLE12: multiple vulnerabilities).

Ubuntu has updated elfutils (directory traversal), mysql-5.5 (12.04, 14.04, 14.10): multiple vulnerabilities, and samba (14.04, 14.10: privilege escalation).

Kategóriák: Linux

Google Pays Big Bug Bounties in Chrome 40 Fix

LinuxToday - p, 2015-01-23 13:30
Kategóriák: Linux

A two-part series on LXC networking (Flockport Labs)

Linux Weekly News - p, 2015-01-23 00:13
Flockport Labs has a two-part "LXC networking superguide" that covers a bunch of LXC networking concepts, as well as practical ideas on connecting containers (Part1 and Part 2). Part 1 starts with an introduction to LXC networking, then moves into extending layer 2 to remote hosts using a layer 3 tunnel. Part 2 looks at using LXC containers as routers. "We are going to create a bridge on 2 remote hosts over their public IPs and connect the bridges with Ethernet over GRE or L2tpv3 so containers connecting to these bridges are on the same layer 2 network. We will first show you how to do this with Ethernet over GRE and then L2tpv3. The main difference is Ethernet over GRE is less well known while L2tpv3 is more widely used for l2 extension and uses UDP, and thus could be more flexible."
Kategóriák: Linux

Going open source on Android with F-Droid

LinuxToday - cs, 2015-01-22 23:30
Kategóriák: Linux

Fedora 23: 64-bit Only?

LinuxToday - cs, 2015-01-22 21:30
Kategóriák: Linux

Linux system administrators make big bucks

LinuxToday - cs, 2015-01-22 19:30
Kategóriák: Linux

50 Open Source Mobile Tools

LinuxToday - cs, 2015-01-22 18:30
Kategóriák: Linux

TraceFS: The Newest Linux File-System

LinuxToday - cs, 2015-01-22 17:00
Kategóriák: Linux

Thursday's security advisories

Linux Weekly News - cs, 2015-01-22 16:23

Fedora has updated binutils (F21: two vulnerabilities), cross-binutils (F21; F20: multiple vulnerabilities), exiv2 (F21: denial of service), libsndfile (F21: code execution), and python-pillow (F21: denial of service).

Mageia has updated freeciv (code execution).

Oracle has updated java-1.7.0-openjdk (OL5: multiple vulnerabilities).

Red Hat has updated java-1.7.0-openjdk (RHEL6&7; RHEL5: multiple vulnerabilities), java-1.8.0-openjdk (RHEL6: multiple vulnerabilities), kernel (RHEL6.5: multiple vulnerabilities), and openssl (RHEL6&7: multiple vulnerabilities).

Kategóriák: Linux