Hírolvasó

The openSUSE project recently announced the second release candidate (RC2) of its Aeon Desktop, formerly known as MicroOS Desktop GNOME. Aside from the new coat of naming paint, Aeon breaks ground in a few other ways by dabbling with technologies not found in other openSUSE releases. The goal for Aeon is to provide automated system updates using snapshots that can be applied atomically, removing the burden of system maintenance for "lazy developers" who want to focus on their work rather than desktop administration. System-tinkerers need not apply.

This Project Zero article looks at the exploitation of a few Android driver bugs in great detail.

As it becomes more difficult to find 0-days in core Android, third-party Linux kernel drivers continue to become a more and more attractive target for attackers. While the bulk of present-day detected ITW [in-the-wild] Android exploitation targets GPU drivers, it's equally important that other third-party drivers are encouraged towards the same security standards.

Security updates have been issued by CentOS (389-ds-base, bind, bind-dyndb-ldap, and dhcp, firefox, glibc, ipa, less, libreoffice, and thunderbird), Debian (cups), Fedora (chromium and cyrus-imapd), Mageia (golang and poppler), Oracle (bind, bind-dyndb-ldap, and dhcp, gvisor-tap-vsock, python-idna, and ruby), Red Hat (dnsmasq and expat), SUSE (libaom, php8, podman, python-pymongo, python-scikit-learn, and tiff), and Ubuntu (h2database and vte2.91).

A tervezőgrafikai szoftverek nagyágyúja frissítette éves előrejelzését a vártnál jobb negyedéves eredmények után.

Elindult a DestinE rendszer, amitől Európa az éghajlati előrejelzések hatékonyabbá válását reméli.

Total Recall.

A cég útnak indította első flip típusú készülékét, amivel újabb hézagot foltoz be a nagy márkák elleni versenyben.

Mindig voltak olyan informatikai munkahelyek, melyek nagyon jól fekszenek az önéletrajzban.

The BPF verifier is a complex program. This has the unfortunate effect of making it simultaneously more difficult for contributors to work on, and more likely to harbor unknown bugs. Shung-Hsi Yu had two concrete proposals for how to simplify the verifier to make it easier to maintain that he presented at the 2024 Linux Storage, Filesystem, Memory Management, and BPF Summit. Yu proposed changing how the verifier tracks partially known values and cleaning up the interface to hide the details of the value-tracker's internal representation.

Redirecting execution flow is a common malware technique that can be used to compromise operating systems. To protect from such attacks, the chip makers of leading architectures like x86 and arm64 have implemented control-flow-integrity (CFI) extensions, though they need system software support to function. At the Linux Security Summit North America, RISC-V kernel developer Deepak Gupta described the CFI protections for that architecture and invited community input on the kernel support for them.

Version 1.79.0 of the Rust language has been released. Changes this time include inline const expressions, the "associated item bounds syntax", and more.

Security updates have been issued by Debian (firefox-esr), Fedora (nginx-mod-modsecurity, php, and tomcat), Mageia (strongswan), Oracle (389-ds-base, buildah, c-ares, cockpit, containernetworking-plugins, fence-agents, firefox, gdk-pixbuf2, idm:DL1, ipa, kernel, libreoffice, podman, rpm-ostree, and thunderbird), Red Hat (dnsmasq and nghttp2), Slackware (mozilla), SUSE (curl, firefox, kernel, kernel-firmware-nvidia-gspx-G06, nvidia-open- driver-G06-signed, openssl-3, and python-Pillow), and Ubuntu (libmatio, libndp, linux, linux-aws, linux-aws-5.4, linux-azure, linux-azure-5.4, linux-gcp, linux-gcp-5.4, linux-gkeop, linux-hwe-5.4, linux-ibm, linux-ibm-5.4, linux-kvm, linux-oracle, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, linux-xilinx-zynqmp, linux-oem-6.5, and virtuoso-opensource).

Az Amerikai Egyesült Államok többet költ félvezetőgyártásra 2024-ben, mint az előző 27 évben összesen.

Nem minden mesterséges, ami annak látszik.

Letölthető az applikáció, indulhat a fuvarozás.

Az európai DMA mintájára készülhet a japánok új törvénye, amely leszámolna a versenytorzító gyakorlatokkal a mobilpiacon.

A cég a Rejoy-jal közösen indít visszavásárlási lehetőséget a használt készülékekre.

A Broadcom tulajdonjogának első negyedévében jelentősen esett a VMWare bevétele.

A cseh Packeta tulajdonosának kezébe kerülhet a magyar Foxpost-hálózat.

The LWN.net Weekly Edition for June 13, 2024 is available.