Language Selection

English French German Italian Portuguese Spanish

Security: Updates, Windows, Reproducible Builds and More

Filed under
Security
  • Security updates for Monday
  • Windows apps made on Linux hit by security fail

    Troublingly, CERT/CC doesn't know of a practical way to fix the missing relocations table bug, tagged as CVE-2018-5392.

    However, it has suggested a workaround whereby mingw-w64 can be "coerced" into outputting executables with the relocations table intact. The advisory explains how to implement the workaround.

    According to CERT/CC, the bug affects Ubuntu, Debian, Red Hat, SUSE Linux, Arch Linux, CentOS, and more. However, none of the vendors has released a statement about the bug or its fix. The vendors were notified in late July.

  • An 18-Year-Old Information Security Consultant Donates Earnings To Charity

    Mahatma Gandhi once said that “be the change you want to see in the world.” Giving back to the society is a good way of changing the world and making it a better place to live in.

    And, Sagar Bansal, who is an eighteen-year-old information security consultant from India, is trying to be the change he wants to see in the world: by giving back his earnings to support needy students in advancing their education.

  • Reproducible Builds: Weekly report #171
  • Open Source Collaborative Hopes to Make Reporting Security Bugs Safer for All

    Despite the overall increase in companies offering bug bounty rewards to those who find and report vulnerabilities, ethical security research can still be a bit of a legal minefield. For example, back in May 2018 it fell to Governor Nathan Deal of Georgia to veto a bill that would have made even it difficult to do basic, ethical cybersecurity research. In addition, there is little in the way of a coherent framework for reporting bugs, creating a wide disparity between companies on what constitutes legal disclosure. In some instances, this has led to a reluctance among some white hat hackers to disclose vulnerabilities they’ve discovered.

More in Tux Machines

Security Leftovers

Android Leftovers

Ubuntu 18.10 (Cosmic Cuttlefish) Is Now Available to Download

After six months in development, Ubuntu 18.10 (Cosmic Cuttlefish) is now finally here, and you can download the ISO images right now for all official flavors, including Kubuntu, Xubuntu, Lubuntu, Ubuntu MATE, Ubuntu Budgie, Ubuntu Kylin, and Ubuntu Studio, for 64-bit and 32-bit architectures (only Lubuntu and Xubuntu). The Ubuntu Server edition is also out and it's supported on more hardware architectures than Ubuntu Desktop, including 64-bit (amd64), ARM64 (AArch64), IBM System z (s390x), PPC64el (Power PC 64-bit Little Endian), and Raspberry Pi 2/ARMhf. A live Ubuntu Server flavor is also available only for 64-bit computers. Read more Also: Ubuntu Linux 18.10 arrives

Single-board computer guide updated: Free software is winning on ARM!

In many geeky circles, single-board computers are popular machines. SBCs come in small form factors and generally run GNU/Linux, but unfortunately, many boards like the popular Raspberry Pi are dependent on proprietary software to use. The Free Software Foundation maintains a list of system-on-chip families, sorted by their freedom status. Unfortunately, this list had not been updated in several years. While it was accurate when it was published, free software is constantly improving. Today, more and more boards are usable with free software. On the graphical side, the Etnaviv project has reached maturity, and the Panfrost project, with which I have been personally involved, has sprung up. The video processing unit on Allwinner chips has been reverse-engineered and liberated by the linux-sunxi community in tandem with Bootlin. Rockchip boards have become viable competitors to their better known counterparts. Even the Raspberry Pi has had a proof-of-concept free firmware replacement developed. Free software is winning on ARM. Read more