Search
Items tagged with: linux
German state moving 30,000 PCs to LibreOffice - The Document Foundation Blog
Following a successful pilot project, the northern German federal state of Schleswig-Holstein has decided to move from Microsoft Windows and Microsoft Office to Linux and LibreOffice (and other free and open source software) on the 30,000 PCs used in…Mike Saunders (The Document Foundation)
A Microcosm of the interactions in Open Source projects
Originally a thread on Twitter about the xz/liblzma vulnerability, when I finished typing it, I realized I had a real world slice of Open Source interaction that deserved more attention.robmensching.com
Urgent security alert for Fedora Linux 40 and Fedora Rawhide users
Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access., (Red Hat)
Uhhh heads up everyone:
https://lwn.net/ml/oss-security/20240329155126.kjjfduxw2yrlxgzm@awork3.anarazel.de/
> After observing a few odd symptoms around liblzma (part of the xz package) on Debian sid installations over the last weeks (logins with ssh taking a lot of CPU, valgrind errors) I figured out the answer:
> The upstream xz repository and the xz tarballs have been backdoored.
As far as Debian is concerned, seems like only Sid was affected (fixed):
https://lists.debian.org/debian-security-announce/2024/msg00057.html
Generally, XZ Utils versions 5.6.0 and 5.6.1.
🚨 ⚠️ Emergency PSA: A critical security exploit was discovered in the xz package recently, used for compression and decompression on nearly all Linux distributions.
Rawhide users ARE impacted and should immediately STOP using Rawhide until the package update is fully rolled back. (1/3)
Security Advisory: https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users
#Fedora #Linux #OpenSource #Security #Privacy
Urgent security alert for Fedora Linux 40 and Fedora Rawhide users
Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access., (Red Hat)
Flipping Pages: An analysis of a new #Linux #vulnerability in #nf_tables and hardened exploitation techniques
> A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets once.
Someone in the IT department of my bank (Komerční banka) is acting smarter than they should be.
When I tried to log in to the Internet banking, I got a message saying that "OS Linux is no longer secure" and recommending that I use an up-to-date OS, e.g. Windows 11.
I thought we were past these times. 🤦
I just saw that Mozilla is retiring the Mozilla Location Service which provides an open, crowdsourced alternative to proprietary location services from Google and other vendors. 😰
https://github.com/mozilla/ichnaea/issues/2065
This is used by GNOME and thus Fedora, Ubuntu, Endless OS, etc. to help provide OS-level location services without requiring every app to implement its own. And apparently a patent troll is part of the reason Mozilla stopped investing in it. 🙃
#OpenSource #Linux #GNOME #Mozilla
Retiring the Mozilla Location Service · Issue #2065 · mozilla/ichnaea
The accuracy of Mozilla Location Service (MLS) has steadily declined. With no plans to restart the stumbler program or increase investments to MLS we have made the decision to retire the service. I...GitHub
