Language Selection

English French German Italian Portuguese Spanish

Security: DHCP, System Updates, and Ubuntu Blobs Store

Filed under
Security
  • Protect your Fedora system against this DHCP flaw

    A critical security vulnerability was discovered and disclosed earlier today in dhcp-client. This DHCP flaw carries a high risk to your system and data, especially if you use untrusted networks such as a WiFi access point you don’t own. Read more here for how to protect your Fedora system.

    Dynamic Host Control Protocol (DHCP) allows your system to get configuration from a network it joins. Your system will make a request for DHCP data, and typically a server such as a router answers. The server provides the necessary data for your system to configure itself. This is how, for instance, your system configures itself properly for networking when it joins a wireless network.

    However, an attacker on the local network may be able to exploit this vulnerability. Using a flaw in a dhcp-client script that runs under NetworkManager, the attacker may be able to run arbitrary commands with root privileges on your system. This DHCP flaw puts your system and your data at high risk. The flaw has been assigned CVE-2018-1111 and has a Bugzilla tracking bug.

  • Security updates for Tuesday
  • Potentially Malicious Bytecoin Miner Removed from the Ubuntu Snap Store
  • Canonical on trust and security in the Snap Store

    Here's a posting from Canonical concerning the cryptocurrency-mining app that was discovered in its Snap Store.

  • Canonical finds hidden crypto-miners in the Linux Snap app store

    Last Friday, Canonical, the developer of the popular Ubuntu operating system and owner of the Snapcraft app store, spotted one application surreptitiously mining cryptocurrencies in the background.

More in Tux Machines

An Everyday Linux User Review Of Linux Mint 19

Well, there you have it. I have covered everything that I can think of in this review. Installation is as straight forward as downloading an ISO image, copying it to a USB and then navigating a few installation screens. The Cinnamon user interface is first class. It looks incredibly stylish and is very easy to use. The default software with Linux Mint is perfect for most purposes although I would always go with Chrome over Firefox and Evolution over Thunderbird but they are personal preferences. The software manager makes it easy to find new software and you can install either flatpak packages or debian format packages. Steam is available for playing games and you can now play Windows games without installing WINE but it isn’t yet 100% perfect. If you need Citrix then I have covered the fact that it works but there are a few pitfalls. These are not unique to Linux Mint and are generally the same on every distribution. I have shown that it is possible to run Windows 10 in a virtual machine meaning you can use Linux Mint for most tasks and swap into a virtual machine for everything else. No need to waste disk space dual booting. Timeshift is a great new tool for adding system restore points and there are various tools for keeping your system up to date, changing the look and feel of your system and for setting up hardware such as graphics cards and printers. It is easy to see why Linux Mint is so popular. It is straight forward, easy to use and consistent. Read more

FSFE Resignation and Parabola GNU/Linux-libre Needs Hardware

  • Daniel Pocock: Resigning as the FSFE Fellowship's representative
    I've recently sent the following email to fellows, I'm posting it here for the benefit of the wider community and also for any fellows who don't receive the email.
  • Parabola GNU/Linux-libre: Server loss
    However, that sponsorship has come to an end. We are alright for now; the server that 1984 Hosting is sponsoring us with is capable of covering our immediate needs. We are looking for a replacement server and are favoring a proprietor that is a "friend of freedom," if anyone in the community has a suggestion.

Red Hat: News and Financial Results

KDE and GNOME: Krita, Bionic and AppStream/AppData

  • Let’s Tally Some Votes!
    We’re about a week into the campaign, and almost 9000 euros along the path to bug fixing. So we decided to do some preliminary vote tallying! And share the results with you all, of course! On top is Papercuts, with 84 votes. Is that because it’s the default choice? Or because you are telling us that Krita is fine, it just needs to be that little bit smoother that makes all the difference? If the latter, we won’t disagree, and yesterday Boudewijn fixed one of the things that must have annoyed everyone who wanted to create a custom image: now the channel depths are finally shown in a logical order!
  • Almost Bionic
    Maybe it’s all the QA we added but issues kept cropping up with Bionic. All those people who had encrypted home folders in xenial soon found they had no files in bionic because support had been dropped so we had to add a quirk to keep access to the files. Even yesterday a badly applied patch to the installer broke installs on already partitioned disks which it turns out we didn’t do QA for so we had to rejig our tests as well as fix the problem. Things are turning pleasingly green now so we should be ready to launch our Bionic update early next week. Do give the ISO images one last test and help us out by upgrading any existing installs and reporting back. Hasta pronto.
  • Speeding up AppStream: mmap’ing XML using libxmlb
    AppStream and the related AppData are XML formats that have been adopted by thousands of upstream projects and are being used in about a dozen different client programs. The AppStream metadata shipped in Fedora is currently a huge 13Mb XML file, which with gzip compresses down to a more reasonable 3.6Mb. AppStream is awesome; it provides translations of lots of useful data into basically all languages and includes screenshots for almost everything. GNOME Software is built around AppStream, and we even use a slightly extended version of the same XML format to ship firmware update metadata from the LVFS to fwupd.