You are here

Agreguesi i feed

New Google+ Breach Will Lead to Early Service Shutdown

LinuxSecurity.com - Mar, 11/12/2018 - 9:27pd
LinuxSecurity.com: As vulnerabilities go, it was the best sort: found by internal testing before it led to a security breach. Nevertheless, the latest Google+ software vulnerability was enough to push forward shutting down the service: Google now says it will be shuttered by April 2019 rather than the originally planned August 2019.

Equifax breach was 'entirely preventable' had it used basic security measures, says House report

LinuxSecurity.com - Mar, 11/12/2018 - 9:22pd
LinuxSecurity.com: A House Oversight Committee report out Monday has concluded that Equifax's security practices and policies were sub-par and its systems were old and out-of-date, and bothering with basic security measures - like patching vulnerable systems - could've prevented its massive data breach last year.

next-20181211: linux-next

Kernel Linux - Mar, 11/12/2018 - 8:23pd
Version:next-20181211 (linux-next) Released:2018-12-11

Massive botnet chews through 20,000 WordPress sites

LinuxSecurity.com - Hën, 10/12/2018 - 8:58pd
LinuxSecurity.com: WordPress users are facing another security worry following the discovery of a massive botnet. Attackers have infected 20,000 WordPress sites by brute-forcing administrator usernames and passwords. They are then using those sites to infect even more WordPress installations.

Nearly 70% of UK Firms Hit by a Cyber-Attack in 2018

LinuxSecurity.com - Hën, 10/12/2018 - 8:54pd
LinuxSecurity.com: Over two-thirds of UK firms have fallen victim to a cyber-attack over the past year, with many claiming they don't get enough guidance from the government on how to combat threats, according to RedSeal.

4.20-rc6: mainline

Kernel Linux - Hën, 10/12/2018 - 12:31pd
Version:4.20-rc6 (mainline) Released:2018-12-09 Source:linux-4.20-rc6.tar.gz Patch:full (incremental)

Security News This Week: Did Quora Get Hacked? Top Answer: Yes

LinuxSecurity.com - Dje, 09/12/2018 - 11:07pd
LinuxSecurity.com: Nearly a month after the midterm elections, details on a hack of the Republican National Congressional Committee reveals that meddling in the midterms was much worse than it seemed on election day. The hack probably should have been the biggest news of the week, but for a little distracting-and important!-thing called the Mueller probe.

Malicious sites abuse 11-year-old Firefox bug that Mozilla failed to fix

LinuxSecurity.com - Dje, 09/12/2018 - 11:03pd
LinuxSecurity.com: Malware authors, ad farmers, and scammers are abusing a Firefox bug to trap users on malicious sites.

GDPR Implementation Slow but Improving

LinuxSecurity.com - Sht, 08/12/2018 - 4:55md
LinuxSecurity.com: According to the EU GDPR (General Data Protection Regulation) Implementation Review Survey conducted by IT Governance, six months after the GDPR went into effect, the majority of organizations are failing to implement the mandatory regulations.

Addresses and Names of Customers Exposed by Bethesda in Support Tickets

LinuxSecurity.com - Sht, 08/12/2018 - 4:54md
LinuxSecurity.com: After asking for their customers' personal information in Fallout 76 support tickets, American video game publisher Bethesda Software LLC exposed those tickets to public access allowing anyone to view, edit, and resolve them.

Linux 4.19.8 Released With BLK-MQ Fix To The Recent Data Corruption Bug

LinuxSecurity.com - Sht, 08/12/2018 - 4:51md
LinuxSecurity.com: Hopefully you can set aside some time this weekend to upgrade to Linux 4.19.8 as there's the BLK-MQ fix in place for the recent "EXT4 corruption issue" that was plaguing many users of Linux 4.19.

4.9.144: longterm

Kernel Linux - Sht, 08/12/2018 - 1:05md
Version:4.9.144 (longterm) Released:2018-12-08 Source:linux-4.9.144.tar.xz PGP Signature:linux-4.9.144.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.9.144

4.14.87: longterm

Kernel Linux - Sht, 08/12/2018 - 1:03md
Version:4.14.87 (longterm) Released:2018-12-08 Source:linux-4.14.87.tar.xz PGP Signature:linux-4.14.87.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.14.87

4.19.8: stable

Kernel Linux - Sht, 08/12/2018 - 12:59md
Version:4.19.8 (stable) Released:2018-12-08 Source:linux-4.19.8.tar.xz PGP Signature:linux-4.19.8.tar.sign Patch:full (incremental) ChangeLog:ChangeLog-4.19.8

Days After Massive Breach, Marriott Customers Await Details

LinuxSecurity.com - Pre, 07/12/2018 - 10:12pd
LinuxSecurity.com: An estimated 500 million Marriott International customers had their information stolen by hackers sometime within the last four years. But almost a week after the company disclosed that theft, many of those victims are still waiting from an official acknowledgement from the company that their information was stolen.

Hacker-besieged DNA data tucked away under military care

LinuxSecurity.com - Pre, 07/12/2018 - 10:06pd
LinuxSecurity.com: On Wednesday, Genomics England - an ambitious project to map the DNA of a million Brits - proudly announced that it had completed the "100,000 Genomes Project" started in 2013, having sequenced 100,000 whole genomes in the National Health Service (NHS).

Unencrypted medical data leads to 12-state litigation

LinuxSecurity.com - Pre, 07/12/2018 - 10:02pd
LinuxSecurity.com: Twelve US states are suing an electronic healthcare record provider who lost 3.9 million personal records in 2015.

Reproducible builds folks: Reproducible Builds: Weekly report #188

Planet Debian - Mër, 05/12/2018 - 8:20pd

Here’s what happened in the Reproducible Builds effort between Sunday November 25 and Saturday December 1 2018:

Patches filed Test framework development

There were a number of updates to our Jenkins-based testing framework that powers tests.reproducible-builds.org this week, including:

  • Chris Lamb prepared a merge request to generate and serve diffoscope JSON output in addition to the existing HTML and text formats (example output). This required Holger Levsen to increase the partition holding /var/lib/jenkins/userContent/reproducible from 255G to 400G. Thanks to Profitbricks for sponsoring this virtual hardware for more than 6 years now.

  • Holger Levsen and Jelle van der Waa started to add integrate new Arch Linux build nodes, namely repro1.pkgbuild.com and repro2.pkgbuild.com,

  • In addition, Holger Levsen installed the needrestart package everywhere [] updated an interface to always use short hostname [], explained what some nodes were doing [] as well as performed the usual node maintenance ([], [], [], etc.).

  • Jelle van der Waa also fixed a number of issues in the Arch Linux integration including showing the language in the first build [] and setting LANG/LC_ALL in the first build [].

This week’s edition was written by Bernhard M. Wiedemann, Chris Lamb, Holger Levsen, Jelle van der Waa & reviewed by a bunch of Reproducible Builds folks on IRC & the mailing lists.

Benjamin Mako Hill: Banana Peels

Planet Debian - Mër, 05/12/2018 - 5:25pd

Although it’s been decades since I last played, it’s still flashbacks to Super Mario Kart and pangs of irrational fear every time I see a banana peel in the road.

Gunnar Wolf: New release of the Raspberry Pi 3 *unofficial Debian preview* image

Planet Debian - Mër, 05/12/2018 - 2:35pd

Back in June, Michael Stapelberg asked for somebody interested in adopting the unofficial Debian image for the Raspberry Pi 3 family. It didn't take me long to raise my hand.
What did take me long is to actually do it. I have adopted Raspberry3 image spec repository, with the recipes to build the image using Lars' great vmdb2, as well as the raspi3-firmware non-free Debian package.
After delaying this for too long, first in order to understand it better, and second because of the workload I had this last semester, I think we are ready to announce...

There is a new, updated preview image!

You can look at the instructions at the Debian Wiki page on RaspberryPi3. Or you can just jump to the downloads, at my people.debian.org — xzipped image (388MB, unzips to 1.5GB, and resizes to the capacity of your boot SD at first boot), verification sha256sum, and PGP-signed verification sha256sum.
There are still many things that can be improved, for sure. The main issues for me are:

  • No wireless support. Due to a bug in Linux kenel 4.18, wlan0 support is broken. It is reported, and we expect it to be fixed in the next kernel upload.
  • Hardcoded root password. This will be tackled later on — part of the issue is that I cannot ensure how this computer will be booted. I have some ideas to tackle this, though...

Other than that, what we have is a very minimal Debian system, ready for installing software!
At some point in the future, I plan to add build profiles for some common configurations. But lets go a step at a time.

Faqet

Subscribe to AlbLinux agreguesi