Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Exim patches a major security bug found in all versions that left millions of Exim servers vulnerable to security attacks [Ed: If only we saw similar headlines about Microsoft Windows each time a hole was found in Photoshop...]

    A vulnerability was found in all the versions of Exim, a mail transfer agent (MTA), that when exploited can let attackers run malicious code with root privileges.

  • KeePass Password Safe 2.43

    KeePass is a free open source password manager, which helps you to manage your passwords in a secure way. You can put all your passwords in one database, which is locked with one master key or a key file. So you only have to remember one single master password or select the key file to unlock the whole database. The databases are encrypted using the best and most secure encryption algorithms currently known (AES and Twofish).

    KeePass is really free, and more than that: it is open source (OSI certified). You can have a look at its full source and check whether the encryption algorithms are implemented correctly.

  • Live Patching Case Study of GESIS

    You can save time and resources by using Live Patching. GESIS is one of the many organizations who achieved excellent results using SUSE Linux Enterprise Live Patching. Here we outline some of those results so you can make an assessment about how these can apply to your environment.

  • Linux Kernel flexcop_usb_probe Function NULL Pointer Dereference Vulnerability [CVE-2019-15291]

    A vulnerability in the Linux Kernel could allow a local attacker to cause a denial of service (DoS) condition on a targeted system.

    The vulnerability is due to a NULL pointer dereference condition that exists in the flexcop_usb_probe function, as defined in the drivers/media/usb/b2c2/flexcop-usb.c source code file of the affected software.

    An attacker with physical access to a targeted system could exploit this vulnerability by inserting a USB device that submits malicious input to the targeted system. A successful exploit could cause a DoS condition on the system.

  • Here's How Vivaldi for Android Protects Your Privacy and Keeps Your Data Secure

    After announcing the Vivaldi for Android mobile web browser, Vivaldi Technologies shared with us some details on how they managed to build a secure and privacy-aware browser on Android.
    We all know that Google's Android mobile operating system ships with a built-in web browser core, which is based on the same code that Google Chrome was built it. This internal browser core lets users view basic web pages when setting up their Android device for the first time.

    Once the device is all set up, most probably the user has installed his favorite web browser app from the Play store. This is where Vivaldi for Android comes to fill the gap, as it's not using Android's built-in browser core, which makes it secure and privacy-aware.

More in Tux Machines

Where’s the Yelp for open-source tools?

It would be great if there were a genuinely useful rating system that would help people discover excellent but less-visible open-source projects. But an easy way to work out which of the tens of thousands of projects are the vital, important ones – a software Yelp, if you will – doesn’t exist. It may never come to be. Hope springs eternal. Brian Profitt, Red Hat‘s Open Source Program Office (OSPO) manager, is working with others on a new project to make it easy to evaluate open-source projects: Project CHAOSS. This Linux Foundation project is devoted to creating analytics and metrics that help define open-source community health. Read more

DragonFly 5.8.2 released

I tagged and built 5.8.2 today, and it should be appearing on a mirror near you, momentarily. Read more

Deepin Desktop Review: A Stylish Distro and Desktop Environment

In this Linux Desktop Environment review, we have a slightly controversial choice. Deepin, both as a distribution and as a Desktop Environment, is one that not everybody feels comfortable using and trusting. However, we’ll be setting that aside, dispelling some myths, and looking at the beautiful Deepin Desktop Environment (DDE), its user experience, some notable features, and giving some recommendations on where to experience it and who should use it. Read more

The 10 Best Raspberry Pi Emulators Available in 2020

Raspberry Pi is a mini-computer as well as a marker board that comes with all the hardware built-in and is designed to make coding easier. You will find everything necessary, including RAM, CPU, and GPU on the boards. However, no matter how perfect Raspberry Pi looks, it isn’t capable of doing a lot of things, including running x86 apps. As a result, we need the Raspberry pi emulators to help us with the problems. One of the most amazing uses of these emulators is to play any of your favorite classic retro games using them on your Pi board. Read more