Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Friday

    Security updates have been issued by Debian (squashfs-tools, tomcat9, and wordpress), Fedora (openssh), openSUSE (kernel, mbedtls, and rpm), Oracle (httpd, kernel, and kernel-container), SUSE (firefox, kernel, and rpm), and Ubuntu (linux-azure, linux-azure-5.4).

  • Apache Releases Security Advisory for Tomcat   | CISA

    The Apache Software Foundation has released a security advisory to address a vulnerability in multiple versions of Tomcat. An attacker could exploit this vulnerability to cause a denial of service condition.

  • Security Risks of Client-Side Scanning

    Even before Apple made their announcement, law enforcement shifted their battle for back doors to client-side scanning. The idea is that they wouldn’t touch the cryptography, but instead eavesdrop on communications and systems before encryption or after decryption. It’s not a cryptographic back door, but it still a back door — and brings with it all the insecurities of a back door.

    I’m part of a group of cryptographers that has just published a paper discussing the security risks of such a system. (It’s substantially the same group that wrote a similar paper about key escrow in 1997, and other “exceptional access” proposals in 2015. We seem to have to do this every decade or so.) In our paper, we examine both the efficacy of such a system and its potential security failures, and conclude that it’s a really bad idea.

  • The Open Source Security Foundation receives $ 10 million in funding - itsfoss.net

    The Linux Foundation has announced a $ 10 million commitment to the OpenSSF (Open Source Security Foundation), an effort to improve the security of open source software. Funds raised through royalties from parent companies of OpenSSF, including Amazon, Cisco, Dell Technologies, Ericsson, Facebook, Fidelity, GitHub, Google, IBM, Intel, JPMorgan Chase, Microsoft, Morgan Stanley, Oracle, Red Hat, Snyk, and VMware …

Another roundup

  • This Week In Security: The Apache Fix Miss, Github (Malicious) Actions, And Shooting The Messenger | Hackaday

    Apache 2.4.50 included a fix for CVE-2021-41773. It has since been discovered that this fix was incomplete, and this version is vulnerable to a permutation of the same vulnerability. 2.4.51 is now available, and should properly fix the vulnerability.

    The original exploit used .%2e/ as the magic payload, which is using URL encoding to sneak the extra dot symbol through as part of the path. The new workaround uses .%%32%65/. This looks a bit weird, but makes sense when you decode it. URL encoding uses UTF-8, and so %32 decodes to 2, and %65 to e. Familiar? Yep, it’s just the original vulnerability with a second layer of URL encoding. This has the same requirements as the first iteration, cgi-bin has to be enabled for code execution, and require all denied has to be disabled in the configuration files.

KubeCon + CloudNativeCon

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Top 4 Linux Distros for Beginners (2022)

As we come into the new year, it might be part of your New Year’s Resolution to make the big move to the amazing world that is the Linux OS. If so, then the first hurdle you will have to overcome is choosing what distribution (distro) you want to use. Read more

’Nordic’ GTK Theme Brings Nord Color Scheme to Linux Desktops

If you want to bring the chilled out tones of the popular Nord theme to your Ubuntu desktop you simply must check out the ‘Nordic’ GTK theme. The Nordic GTK theme is a faithful implementation of the popular colour-scheme of the Nord theme For GTK-based desktop environment. Like the similarly-ubiquitous Dracula theme, Nord is a hugely popular colour scheme with developers, and there are a ton of ports for all kinds of applications. Originally created to provide “optimal focus and readability for code”, Nord has bloomed in popularity with developers and non-developers alike. Read more

Günther Wagner - Announce new release 0.9.0 of librest

I’m pleased to announce the release of 0.9.0 of librest, a library meant to interact with “Restful” web services. This library is very old and not really big but it handles the aspect of interaction with REST-APIs in a convenient fashion. After a long period of maintenance state i picked it up and brought it into 2022. Most of the deprecated API calls are gone now and it should be now possible to parallel-install librest with the previous release. Read more

Security Leftovers

  • GCC 12 Ready To Help Fend Off Trojan Source Attacks - Phoronix

    Disclosed a few months back were "Trojan Source" attacks against compilers where specially crafted code could be rogue but not appear so due to exploiting Unicode issues. Unicode control characters could be used to reorder tokens in source code that could alter the behavior when compiled. With the upcoming GCC 12 compiler release there is a new warning to help point out possible Trojan Source attacks.

  • Vulnerability in cryptsetup Allows Decrypting Part of LUKS2-Encrypted Device

    An attacker with physical access to the medium could use this flaw to force a user into permanently disabling the encryption layer of that medium. Many enterprises, small businesses, and government users need to encrypt their laptops to protect confidential information such as customer details, files, contact information, and much more. LUKS (Linux Unified Key Setup) is the standard for Linux hard disk encryption and it is transparent to the user as it operates below the filesystem layer. Basically, it is a block device encryption, which means that when a block from disk is read or written the encryption module at kernel level works for us, like a translator. [...] This attack requires repeated physical access to the LUKS device but no knowledge of user passphrases. The decryption step is performed after a valid user activates the device with a correct passphrase and modified metadata. There are no visible warnings for the user that such recovery happened. The attack can also be reversed afterward with possible modification of revealed plaintext.

  • Microsoft Warns of Destructive Malware Targeting Ukrainian Organizations [Ed: Highly misleading headline and misdirection, suggestive of Microsoft controlling CISA and using it to deflect blame]

    Microsoft has released a blog post on possible Master Boot Record (MBR) Wiper activity targeting Ukrainian organizations, including Ukrainian government agencies. According to Microsoft, powering down the victim device executes the malware, which overwrites the MBR with a ransom note; however, the ransom note is a ruse because the malware actually destroys the MBR and the targeted files.