Language Selection

English French German Italian Portuguese Spanish

Canonical Outs Major Linux Kernel Security Updates for All Supported Ubuntu OSes

Filed under
Security
Ubuntu

As announced the other day, Canonical was quick to respond to the latest security vulnerabilities affecting Intel CPU microarchitectures, so they now published Linux kernel updates to mitigate them. These are CVE-2019-11135, CVE-2018-12207, CVE-2019-0154, and CVE-2019-0155, which could allow local attackers to either expose sensitive information or possibly elevate privileges or cause a denial of service.

On top of these security issues affecting Intel CPUs, the new Linux kernel security updates also address three vulnerabilities (CVE-2019-15791, CVE-2019-15792, and CVE-2019-15793) discovered by Google Project Zero's Jann Horn in the shiftfs implementation, which could allow a local attacker to either execute arbitrary code, cause a denial of service (system crash), or bypass DAC permissions.

Read more

More in Tux Machines

Games: Transport Fever 2, Vampire: The Masquerade - Coteries of New York, Rocket League

  • Build a transportation empire with Transport Fever 2 out now, same-day support for Linux

    Urban Games and Good Shepherd Entertainment are back, with Transport Fever 2 now officially available with same-day support for Linux. With a wide variety of transportation options available to build across multiple generations, there's a huge amount of content included. Prepare to kiss your time and friendships goodbye as we've got another great time-sink on our hands.

  • Vampire: The Masquerade - Coteries of New York for Linux is now uncertain

    Before release, the store pages for Vampire: The Masquerade - Coteries of New York very clearly listed Windows, MAC OS, Linux and now it's only available for Windows. Not to be confused with Bloodlines 2, Coteries of New York is styled like an interactive fiction (a fancy way to say: Visual Novel). It does look good though and it sounded very interesting so we were quite excited to see the mention of Linux support.

  • Rocket League's new Item Shop and Blueprints get a price reduction

    Oh Psyonix, what have you done? Rocket League recently had the loot boxes removed, with Blueprints and an Item Shop instead so you see exactly what you get but the pricing is terrible. As someone who has hundreds of hours in Rocket League, Psyonix really did disappoint with the big update recently. It could have been handled a lot better, but it came across as incredibly greedy. It's a game you have to pay for, yet they wanted us to spend a ridiculous amount of money on Credits for some of the items.

LibreOffice 6.3.4 available for download

For enterprise class deployments, TDF strongly recommend sourcing LibreOffice from one of the ecosystem partners to get long-term supported releases, dedicated assistance, custom new features and other benefits, including Service Level Agreements (SLAs). Also, the work done by ecosystem partners flows back into the LibreOffice project, benefiting everyone. Also, support for migrations and trainings should be sourced from certified professionals who provide value-added services which extend the reach of the community to the corporate world and offer CIOs and IT managers a solution in line with proprietary offerings. In fact, LibreOffice – thanks to its mature codebase, rich feature set, strong support for open standards, excellent compatibility and long-term support options from certified partners – represents the ideal solution for businesses that want to regain control of their data and free themselves from vendor lock-in. Read more

GNOME and gestures, Part 3: HdyLeaflet again

0.0.12 brings some changes to HdyLeaflet mode and child transitions. Separate mode and child transition types have been deprecated in favor of a unified transition-type property. It can take 4 values: none, slide, over, under. Crossfade doesn’t make much sense spatially and was deprecated as well, though it’s still works if used via child-transition-type property. Additionally, over and under transitions have a subtle shadow now, similar to the WebKit gesture. It’s recommended that the apps using the gesture use over transition. Read more

New Shows: The Linux Link Tech Show (TLLTS), BSD Now, Choose Linux, Destination Linux

  • The Linux Link Tech Show Episode 837

    echo dot, google services, aws, spanner, docker, alpine linux

  • EPYC Netflix Stack | BSD Now 328

    LLDB Threading support now ready, Multiple IPSec VPN tunnels with FreeBSD, Netflix Optimized FreeBSD’s Network Stack More Than Doubled AMD EPYC Performance, happy eyeballs with unwind(8), AWS got FreeBSD ARM 12, OpenSSH U2F/FIDO support, and more.

  • What We Wish We’d Known Earlier | Choose Linux 24

    All three of us have different levels of experience with Linux but there are tons of things that we wish we'd learned earlier in our journey. From gatekeeping to community culture, command line tricks to backups, and more.

  • Destination Linux Episode #151

    When we launched the Destination Linux Network we also wanted to partner with our growing community to find ways we could give back. So we put up a post on our Discourse forum and asked the community to provide us feedback on the charities you would like for us to work with. Free Geek was highly recommended by many of you and we’re so excited to partner with them and launch our first giving back campaign. Free Geek’s mission is to sustainably reuse technology and enable digital access and education to the community. The best part is they have many ways for everyone to get involved. In this episode we interview Hilary Shohoney of FreeGeek. Hilary is Free Geek’s Manager of Development and manages the relationships between Free Geek and the local community working on issues like the digital divide.