Language Selection

English French German Italian Portuguese Spanish

Patches for PostgreSQL and OpenEMR

Filed under
Security

"OpenEMR Security Issues"

  • Ring-KDE 3.0.0 Released, Intel Debuts 32TB Ruler-Shaped SSDs, OpenEMR Security Issues, PostgreSQL Updates and New Version of Unigine

    Several security vulnerabilities were discovered recently in OpenEMR, developer of open-source electronic health records and practice management tools, possibly affecting the data of more than 90 million patients. Info Security Magazine reports that the issues "included nine separate SQL injection vulnerabilities, four remote code execution flaws and several arbitrary file read, write and delete bugs. Others included a portal authentication bypass, unauthenticated information disclosure, and cross-site request forgery". Info Security notes that OpenEMR team has since patched "most" of the vulnerabilities.

Comment viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.

More in Tux Machines

Intel Preparing The Linux Kernel For Cascade Lake AP Multi-Die Support

Intel developers have begun posting their Linux kernel patches for enabling multi-die/package topology support to the Linux kernel as part of their Cascade Lake AP upbringing. Cascade Lake "Advanced Performance" is a multi-chip package of multiple Cascade Lake dies, expected to be up to 48 cores / 96 threads per package and twelve DDR4 memory channels. Cascade Lake SP and Cascade Lake X Linux support already has been in order -- or at least appears to be based upon previous commit activity -- while Cascade Lake AP is taking some additional work due to the new multi-die design. Cascade Lake dies are connected via Ultra Path Interconnect (UPI) links. Read more Also: Linux Seeing Support For The HyperBus

Wayland 1.17 & Weston 6.0 Reach Alpha, Officially Releasing Next Month

Out today are the first alpha releases for Wayland 1.17 and the Weston 6.0 reference compositor. This alpha release is about two weeks behind schedule but the developers have updated their plans to now ship the beta releases on 5 March, release candidates begin on 12 March, and potentially releasing the stable versions of Wayland 1.17.0 and Weston 6.0.0 on 19 March. The Wayland 1.17 Alpha release adds to the protocol support for expressing an internal server error message as well as an updated wl_seat protocol. There are also memory leak fixes for the Wayland scanner and various test updates. Details on the 1.17 alpha via wayland-devel. Also out today is the Weston 6.0 Alpha. On the Weston compositor front they have shifted to using the Meson build system while deprecating Autotools, XDG-Shell stable support, FreeRDP 2.0 updates, IVI shell improvements, and many other changes. Read more

NVIDIA 418.31.03 Linux Driver

Linux-powered robot kit aims for sweet spot between pro and kid products

Vincross has launched a Kickstarter campaign for a modular “MIND Kit” robotics kit ranging from $89 for the Linux-driven, quad -A53 compute unit to $799 for a complete kit with servo controller, motors, battery, bases, sensors, lidar, and a mic array. Vincross, which was founded in 2014 by Tsinghua University AI scientist Tianqi Sun, went to Kickstarter last year to launch its six-legged, all-terrain HEXA robot, controlled by a Linux-based MIND SDK. Now, the company has returned with a smarter and more modular MIND Kit robotics kit with an updated MIND 2.0 SDK. The company also announced a $10 funding round led by Lenovo (see farther below). Read more