Friday's security advisories

Linux Weekly News - p, 2016-09-16 19:15

CentOS has updated libarchive (C7; C6: multiple vulnerabilities, some from 2015).

Debian has updated tomcat7 (privilege escalation) and tomcat8 (privilege escalation).

Debian-LTS has updated mysql-5.5 (privilege escalation).

Fedora has updated curl (F24: code execution).

Mageia has updated cracklib (code execution), dropbear (three code execution flaws), jasper (two vulnerabilities from 2015), krb5 (denial of service), lcms2 (information leak), mediawiki (multiple vulnerabilities), openvpn (information leak), perl-DBD-mysql (two code execution flaws from 2014 and 2015), and perl-XSLoader (code execution).

openSUSE has updated opera (42.1: multiple vulnerabilities) and tiff (42.1: multiple vulnerabilities, three from 2015).

Red Hat has updated chromium-browser (RHEL6: multiple vulnerabilities).

Scientific Linux has updated kernel (SL7: three vulnerabilities).

Slackware has updated curl (code execution).

Kategóriák: Linux

Hutterer: Synaptics pointer acceleration

Linux Weekly News - p, 2016-09-16 14:57
For this week's development horror story, it would be hard to do better than Peter Hutterer's quest to figure out how pointer acceleration works in the Synaptics driver. "Also a disclaimer: the last time some serious work was done on acceleration was in 2008/2009. A lot of things have changed since and since the server is effectively un-testable, we ended up with the mess below that seems to make little sense. It probably made sense 8 years ago and given that most or all of the patches have my signed-off-by it must've made sense to me back then. But now we live in the glorious future and holy cow it's awful and confusing."
Kategóriák: Linux

Ghost Blogging With a Pi

LinuxToday - p, 2016-09-16 07:45
Kategóriák: Linux

Five Linux Server Distros Worth Checking Out

LinuxToday - cs, 2016-09-15 20:45
Kategóriák: Linux

Linux 4.7.4 and 4.4.21

Linux Weekly News - cs, 2016-09-15 19:45

Stable kernels 4.7.4 and 4.4.21 have been released. As is normal, they contain fixes throughout the kernel tree and users of those series should upgrade.

Kategóriák: Linux

Security updates for Thursday

Linux Weekly News - cs, 2016-09-15 19:40

Arch Linux has updated flashplugin (many vulnerabilities), lib32-flashplugin (many vulnerabilities), and mariadb (two vulnerabilities).

Debian has updated chromium-browser (multiple vulnerabilities) and mailman (cross-site request forgery).

Debian-LTS has updated autotrace (code execution), tomcat6 (privilege escalation), and tomcat7 (privilege escalation).

Fedora has updated GraphicsMagick (F24: multiple vulnerabilities).

openSUSE has updated chromium (42.1; 13.2; SPH for SLE12: multiple vulnerabilities), flash-player (13.2: multiple vulnerabilities), perl (42.1: multiple vulnerabilities, one from 2015), and virtualbox (13.2: two unspecified vulnerabilities).

Oracle has updated kernel (OL7: two vulnerabilities).

Red Hat has updated kernel (RHEL7: three vulnerabilities) and kernel-rt (RHEL7; RHEL6: three vulnerabilities).

SUSE has updated flash-player (SLE12: many vulnerabilities).

Ubuntu has updated oxide-qt (16.04, 14.04: multiple vulnerabilities) and python-imaging (12.04: three vulnerabilities, one from 2014).

Kategóriák: Linux

How to setup a honeypot

LinuxToday - cs, 2016-09-15 18:45
Kategóriák: Linux