Language Selection

English French German Italian Portuguese Spanish

Security: Linux 5.2 Dissection, New Patches, New ZDNet (CBS) FUD and Kali NetHunter App Store

Filed under
Linux
Security
  • Kees Cook: security things in Linux v5.2

    Gustavo A. R. Silva is nearly done with marking (and fixing) all the implicit fall-through cases in the kernel. Based on the pull request from Gustavo, it looks very much like v5.3 will see -Wimplicit-fallthrough added to the global build flags and then this class of bug should stay extinct in the kernel.

    That’s it for now; let me know if you think I should add anything here. We’re almost to -rc1 for v5.3!

  • Security updates for Wednesday

    Security updates have been issued by Debian (libreoffice), Red Hat (thunderbird), SUSE (ardana and crowbar, firefox, libgcrypt, and xrdp), and Ubuntu (nss, squid3, and wavpack).

  • Malicious Python libraries targeting Linux servers removed from PyPI [Ed: Python does not run only on Linux, but Microsoft-funded sites like ZDNet (CBS) look for ways to blame everything on "Linux", even malicious software that gets caught in the supply chain]
  • Malicious Python Libraries Discovered on PyPI, Offensive Security Launches the Kali NetHunter App Store, IBM Livestreaming a Panel with Original Apollo 11 Technicians Today, Azul Systems Announces OpenJSSE and Krita 4.2.3 Released

    Offensive Security, the creators of open-source Kali Linux, has launched the Kali NetHunter App Store, "a new one stop shop for security relevant Android applications. Designed as an alternative to the Google Play store for Android devices, the NetHunter store is an installable catalogue of Android apps for pentesting and forensics". The press release also notes that the NetHunter store is a slightly modified version of F-Droid: "While F-Droid installs its clients with telemetry disabled and asks for consent before submitting crash reports, the NetHunter store goes a step further by removing the entire code to ensure that privacy cannot be accidentally compromised". See the Kali.org blog post for more details.