NetBSD 7.0.1 released

NetBSD News - v, 2016-05-22 02:00
Kategóriák: *BSD

05/13 Bodhi 3.2.1

DistroWatch - szo, 2016-05-21 05:45
Kategóriák: Stuff

05/13 AUSTRUMI 3.4.2

DistroWatch - szo, 2016-05-21 05:45
Kategóriák: Stuff

Aqua Launches Container Security Platform

LinuxToday - szo, 2016-05-21 03:30
Kategóriák: Linux

A report on the CoreOS remote SSH vulnerability

Linux Weekly News - p, 2016-05-20 19:46
For those who are curious about how the CoreOS remote SSH vulnerability came to be, the company has posted a detailed report. "This misconfiguration was abetted by confirmation bias. The expected outcome of the change to the CoreOS PAM configuration was for users who presented a password present in an authentication database to be successfully authenticated. Because of the pam_permit failure case explained above, this was the observed behavior in testing, so the change was assumed to be correct. No attempt was made to determine whether the observed behavior could be explained in some other way, such as the system allowing any presented password."
Kategóriák: Linux

Security updates for Friday

Linux Weekly News - p, 2016-05-20 16:22

Arch Linux has updated bugzilla (cross-site scripting).

Debian has updated librsvg (three vulnerabilities).

Debian-LTS has updated expat (code execution) and libgd2 (denial of service).

Mageia has updated dhcpcd (code execution from 2014), expat (code execution), gdk-pixbuf2.0 (code execution), icu (code execution), imagemagick/ruby-rmagic (multiple vulnerabilities), libxml2 (two denial of service flaws), perl (denial of service), and xerces-c (code execution).

openSUSE has updated libksba (13.2: two vulnerabilities) and php5 (42.1: multiple vulnerabilities).

Red Hat has updated Red Hat OpenShift Enterprise 3.1 (unauthorized access) and Red Hat OpenShift Enterprise 3.2 (three vulnerabilities).

SUSE has updated openssl (SLE10: multiple vulnerabilities).

Kategóriák: Linux