hírolvasó

Tuesday's security updates

Linux Weekly News - k, 2014-07-22 18:35

CentOS has updated java-1.6.0-openjdk (C7; C6; C5: multiple vulnerabilities).

Fedora has updated couchdb (F20; F19: denial of service), erlang-ibrowse (F20; F19: denial of service), php-ZendFramework (F20; F19: SQL injection), and polarssl (F20; F19: denial of service).

Oracle has updated java-1.6.0-openjdk (OL6; OL5: multiple vulnerabilities).

Red Hat has updated java-1.6.0-openjdk (RHEL5,6,7: multiple vulnerabilities) and java-1.6.0-sun (RHEL5,6,7: multiple vulnerabilities).

Scientific Linux has updated java-1.6.0-openjdk (SL5,6: multiple vulnerabilities).

Ubuntu has updated cups (privilege escalation).

Kategóriák: Linux

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Exodus Intelligence Details Zero-Day Vulnerabilities In Tails OS

Slashdot - k, 2014-07-22 18:10
New submitter I Ate A Candle (3762149) writes Tails OS, the Tor-reliant privacy-focused operating system made famous by Edward Snowden, contains a number of zero-day vulnerabilities that could be used to take control of the OS and execute code remotely. At least that's according to zero-day exploit seller Exodus Intelligence, which counts DARPA amongst its customer base. The company plans to tell the Tails team about the issues "in due time", said Aaron Portnoy, co-founder and vice president of Exodus, but it isn't giving any information on a disclosure timeline. This means users of Tails are in danger of being de-anonymised. Even version 1.1, which hit public release today (22 July 2014), is affected. Snowden famously used Tails to manage the NSA files. The OS can be held on a USB stick and leaves no trace once removed from the drive. It uses the Tor network to avoid identification of the user, but such protections may be undone by the zero-day exploits Exodus holds.

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Netflix Reduces Physical-Disc Processing, Keeps Prices the Same

Slashdot - k, 2014-07-22 17:29
Nom du Keyboard writes: After seeing a drop in my DVD service from Netflix I got a customer service representative tonight to confirm that Netflix has ceased processing DVD returns on Saturdays nationwide. And that they did this without notifying their customers, or reducing prices to compensate for the reduced service. Given that the DVD selection still far outstrips their streaming selection, this may be news to others like myself who don't find streaming an adequate replacement for plastic discs. My experience up until recently, unlike Netflix's promise of a 1-3 day turnaround at their end which gives them lots of wiggle room to degrade service even further, had been of mailing in a DVD on day one, having them receive it and mail out my next selection on day two, and receiving it on day three. Now with them only working 5 days and many U.S. Post Office holidays, they're still getting the same money for significantly less. The Netflix shipping FAQ confirms the change, and a spokesperson said, "Saturdays have been low volume ship days for us."

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Netflix Reduces Physical-Disc Processing, Keeps Prices the Same

Slashdot - k, 2014-07-22 17:29
Nom du Keyboard writes: After seeing a drop in my DVD service from Netflix I got a customer service representative tonight to confirm that Netflix has ceased processing DVD returns on Saturdays nationwide. And that they did this without notifying their customers, or reducing prices to compensate for the reduced service. Given that the DVD selection still far outstrips their streaming selection, this may be news to others like myself who don't find streaming an adequate replacement for plastic discs. My experience up until recently, unlike Netflix's promise of a 1-3 day turnaround at their end which gives them lots of wiggle room to degrade service even further, had been of mailing in a DVD on day one, having them receive it and mail out my next selection on day two, and receiving it on day three. Now with them only working 5 days and many U.S. Post Office holidays, they're still getting the same money for significantly less. The Netflix shipping FAQ confirms the change, and a spokesperson said, "Saturdays have been low volume ship days for us."

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Netflix Reduces Physical-Disc Processing, Keeps Prices the Same

Slashdot - k, 2014-07-22 17:29
Nom du Keyboard writes: After seeing a drop in my DVD service from Netflix I got a customer service representative tonight to confirm that Netflix has ceased processing DVD returns on Saturdays nationwide. And that they did this without notifying their customers, or reducing prices to compensate for the reduced service. Given that the DVD selection still far outstrips their streaming selection, this may be news to others like myself who don't find streaming an adequate replacement for plastic discs. My experience up until recently, unlike Netflix's promise of a 1-3 day turnaround at their end which gives them lots of wiggle room to degrade service even further, had been of mailing in a DVD on day one, having them receive it and mail out my next selection on day two, and receiving it on day three. Now with them only working 5 days and many U.S. Post Office holidays, they're still getting the same money for significantly less. The Netflix shipping FAQ confirms the change, and a spokesperson said, "Saturdays have been low volume ship days for us."

Read more of this story at Slashdot.








Kategóriák: Napi hírek

Netflix Reduces Physical-Disc Processing, Keeps Prices the Same

Slashdot - k, 2014-07-22 17:29
Nom du Keyboard writes: After seeing a drop in my DVD service from Netflix I got a customer service representative tonight to confirm that Netflix has ceased processing DVD returns on Saturdays nationwide. And that they did this without notifying their customers, or reducing prices to compensate for the reduced service. Given that the DVD selection still far outstrips their streaming selection, this may be news to others like myself who don't find streaming an adequate replacement for plastic discs. My experience up until recently, unlike Netflix's promise of a 1-3 day turnaround at their end which gives them lots of wiggle room to degrade service even further, had been of mailing in a DVD on day one, having them receive it and mail out my next selection on day two, and receiving it on day three. Now with them only working 5 days and many U.S. Post Office holidays, they're still getting the same money for significantly less. The Netflix shipping FAQ confirms the change, and a spokesperson said, "Saturdays have been low volume ship days for us."

Read more of this story at Slashdot.








Kategóriák: Napi hírek