Language Selection

English French German Italian Portuguese Spanish

Security: DHCP, System Updates, and Ubuntu Blobs Store

Filed under
  • Protect your Fedora system against this DHCP flaw

    A critical security vulnerability was discovered and disclosed earlier today in dhcp-client. This DHCP flaw carries a high risk to your system and data, especially if you use untrusted networks such as a WiFi access point you don’t own. Read more here for how to protect your Fedora system.

    Dynamic Host Control Protocol (DHCP) allows your system to get configuration from a network it joins. Your system will make a request for DHCP data, and typically a server such as a router answers. The server provides the necessary data for your system to configure itself. This is how, for instance, your system configures itself properly for networking when it joins a wireless network.

    However, an attacker on the local network may be able to exploit this vulnerability. Using a flaw in a dhcp-client script that runs under NetworkManager, the attacker may be able to run arbitrary commands with root privileges on your system. This DHCP flaw puts your system and your data at high risk. The flaw has been assigned CVE-2018-1111 and has a Bugzilla tracking bug.

  • Security updates for Tuesday
  • Potentially Malicious Bytecoin Miner Removed from the Ubuntu Snap Store
  • Canonical on trust and security in the Snap Store

    Here's a posting from Canonical concerning the cryptocurrency-mining app that was discovered in its Snap Store.

  • Canonical finds hidden crypto-miners in the Linux Snap app store

    Last Friday, Canonical, the developer of the popular Ubuntu operating system and owner of the Snapcraft app store, spotted one application surreptitiously mining cryptocurrencies in the background.

More in Tux Machines

Colibri - A Browser Without Tabs

Almost all browsers are competing with each other in terms of functionality, speed, and performance. Though I did recently settle for Firefox as my default browser, I am still looking for better options. And this quest of mine took me to Colibri - A Browser without Tabs. And I was really interested in finding out what this meant. How could a browser be without tabs? It’s like a car without wheels. So here is a review of Colibri. Read

Ubuntu 18.10 (Cosmic Cuttlefish) Screenshot Tour and Statistics

  • Ubuntu 18.10 (Cosmic Cuttlefish) Screenshot Tour | What’s New
    Here we are going to take a screenshot tour of the latest release Ubuntu 18.10 (Cosmic Cuttlefish). Let’s go through the recent changes since the earlier long term support release Ubuntu 18.04 (Bionic Beaver). Ubuntu 18.10 (Cosmic Cuttlefish) introduces major user interface changes and more mature interface since Canonical decided ditching Unity desktop environment. Cosmic release ships with Gnome Shell 3.30.1 desktop environment for its main Desktop release and there are more variants of desktop environments you could choose from, check the release notes for further information. The default desktop and login screen “GDM” features the Cuttlefish background with the usual color scheme for Ubuntu desktop releases. It comes with multiple colorful and cheering desktop backgrounds. I will leave a link down below if you are interested to download the default Wallpapers for Ubuntu 18.10 (Cosmic Cuttlefish).
  • Canonical and Ubuntu – user statistics
    Then you arrive at the story of Canonical and Ubuntu and things aren’t quite so clear anymore, lines are blurred. Ubuntu appears everywhere, sometimes accompanied by Canonical, but frequently not. Then sometimes Canonical tries to make an appearance alone and everyone is left asking ‘what is Canonical?’ Well, no more. No more shall wondering what Canonical is be akin to a quiz question of who was the fourth Destiny’s Child. (Answer at the end) We all know Ubuntu, it’s the most popular open source operating system (OS) in the world, loved by developers for a multitude of reasons, it’s where innovation happens, and it’s everywhere. Canonical is described by Wikipedia (let’s face it that’s where your Google search takes you) as a UK-based, “privately held computer software company founded and funded by South African entrepreneur Mark Shuttleworth to market commercial support and related services for Ubuntu and related projects.” Well, that’s pretty accurate, but it doesn’t tell the whole story. You see, Canonical is passionate about Ubuntu. We love it. We all use it and we want everyone else to use the OS because we think it’s the best around and it’ll make your lives a lot easier. Canonical is full of people working on improving and adding to Ubuntu, from the OS to things that rely on the OS at the core but are more related to things such as Kubernetes, yes we really do Kubernetes, or OpenStack, AI/ML, and a whole host of technologies related to the internet of things (IoT).

today's howtos

Licensing in Kate and Other KDE News/Changes

  • MIT licensed KSyntaxHighlighting usage
    With the KDE Frameworks 5.50 release, the KSyntaxHighlighting framework was re-licensed to the MIT license. This re-licensing only covers the actual code in the library and the bundled themes but not all of the syntax highlighting definition data files. One of the main motivation points was to get QtCreator to use this, if possible, instead of their own implementation of the Kate highlighting they needed to create in the past due to the incompatible licensing of KatePart at that time (and the impossibility to do a quick split/re-licensing of the parts in question).
  • This week in Usability & Productivity, part 41
  • KDE Will Now Set Scale Factor For GTK Apps, Plasma Gets Other Scaling & UI Polishing Too
    KDE developer Nate Graham is out with his weekly recap of interesting development activities impacting Plasma, Frameworks, and the Applications stack. When the display scaling factor for KDE is set to an integer, KDE will now export that as well to the GNOME/GTK environment variables of GDK_SCALE/GDK_DPI_SCALE, for helping out GTK applications running on the KDE desktop so they should still scale appropriately. The Wayland behavior was already correct while this should help out GTK X11 applications. The GNOME/GTK scaling though only supports scaling by integer numbers.