Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by Debian (ffmpeg, smarty3, and strongswan), Fedora (udisks2), openSUSE (flatpak, strongswan, util-linux, and xstream), Oracle (redis:5), Red Hat (java-1.8.0-openjdk, java-11-openjdk, openvswitch2.11, redis:5, redis:6, and rh-redis5-redis), SUSE (flatpak, python-Pygments, python3, strongswan, util-linux, and xstream), and Ubuntu (linux, linux-aws, linux-aws-5.11, linux-azure, linux-azure-5.11, linux-gcp, linux-gcp-5.11, linux-hwe-5.11, linux-kvm, linux-raspi and strongswan).

  • JavaScript Packing Found in More Than 25% of Malicious Sites
  • Textbook Rental Scam - Schneier on Security

    Here’s a story of someone who, with three compatriots, rented textbooks from Amazon and then sold them instead of returning them. They used gift cards and prepaid credit cards to buy the books, so there was no available balance when Amazon tried to charge them the buyout price for non-returned books. They also used various aliases and other tricks to bypass Amazon’s fifteen-book limit. In all, they stole 14,000 textbooks worth over $1.5 million.

  • Amazon textbook rental service scammed for $1.5m

    A 36-year-old man from Portage, Michigan, was arrested on Thursday for allegedly renting thousands of textbooks from Amazon and selling them rather than returning them.

    Andrew Birge, US Attorney for the Western District of Michigan, said Geoffrey Mark Hays Talsma has been indicted on charges of mail and wire fraud, transporting stolen property across state lines, aggravated identity theft, and lying to the FBI.

    Also indicted were three alleged co-conspirators: Gregory Mark Gleesing, 43, and Lovedeep Singh Dhanoa, 25, both from Portage, Michigan, and Paul Steven Larson, 32, from Kalamazoo, Michigan

    From January 2016 through March 2021, according to the indictment, Talsma rented textbooks from the Amazon Rental program in order to sell them for a profit. The indictment describes what occurred as "a sophisticated fraud scheme."

  • Google Releases Security Updates for Chrome

    Google has released Chrome version 95.0.4638.54 for Windows, Mac, and Linux. This version addresses vulnerabilities that an attacker could exploit to take control of an affected system.

    CISA encourages users and administrators to review the Chrome Release Note and apply the necessary update as soon as possible.

More in Tux Machines

Fedora and IBM/Red Hat/CentOS Leftovers

  • Fedora Linux 35 Release Party Recordings Available Now! – Fedora Community Blog

    The Fedora community celebrated the release of Fedora Linux 35 in the third installment of our virtual Release Parties on 12–13 November 2021. A big thank you to everyone who helped to build Fedora Linux 35 as well as the organizers, participants, and attendees at the event! The recordings are now available for viewing in a YouTube Playlist. We had 12 info sessions, 3 socials, and the Fedora Museum WorkAdventure for the “Hallway Track”. We also had a session of the virtual team building event “Beat the Bomb“—a collaborative gaming activity that resulted in hilarity and chaos!

  • Fedora 36 Planning To Run Wayland By Default With NVIDIA's Proprietary Driver - Phoronix

    While all of the software components are out there now for being able to run NVIDIA's proprietary driver stack with modern (GBM-based) Wayland compositors by default, including XWayland support, Fedora Workstation currently defaults to using an X.Org based session with the green binary blob. However, for Fedora 36 next spring they are planning on using the Wayland-based desktop here too. Fedora Workstation for a while now has defaulted successfully to using the Wayland-based GNOME Shell desktop but with the NVIDIA proprietary driver they have kept to using the X.Org session. Thanks to the NVIDIA 495 series driver introducing GBM support and other improvements made to accelerated XWayland, etc, running NVIDIA's proprietary driver stack for daily Wayland-based desktop use is becoming viable.

  • Kafka Monthly Digest: November 2021

    This 46th edition of the Kafka Monthly Digest covers what happened in the Apache Kafka community in November 2021, including the imminent release of Apache Kafka 3.1.0, notable Kafka Improvement Proposals (KIPs), community project releases for Jikkou 0.7 and AKHQ 0.19.0, and more. For last month's digest, see Kafka Monthly Digest: October 2021.

  • Red Hat's CentOS Stream 9 Linux arrives | ZDNet

    Almost a year ago to the day, Red Hat changed CentOS from being a Red Hat Enterprise Linux (RHEL) clone to being a developmental rolling Linux distribution, CentOS Stream. Many users weren't happy. As a result, several replacement CentOS/RHEL clones, such as AlmaLinux and Rocky Linux, got their start. But, Red Hat continued with its plans to use CentOS to foreshadow the next edition of RHEL. Now, the new CentOS project is showing off its latest and greatest in its first totally new release: CentOS 9.

Videos/Shows: GNOME Web, Wayland, Pipewire, Destination Linux

EasyOS version 3.1.13 released

Version 3.1.13 does not have SeaMonkey, instead has BlueGriffon HTML editor and Balsa email client. Let me know how they go. If any problems, they can be changed. I am planning to create Claws and Sylpheed email client PETs for comparison, as Balsa spam filtering seems a bit weak. I received an email that samba is still broken in 3.1.11. I didn't get time to check that one. So that is something we need to look at. I tested booting up in RAM (& optionally disable drives). Works fine, there is one error message during bootup about a missing file, but that doesn't matter. Getting closer to the next major release, that will be 3.2. Read more

today's leftovers

  • Learn more about distributed databases with ShardingSphere

    Apache ShardingSphere is an open source distributed database, plus an ecosystem users and developers need for their database to provide a customized and cloud-native experience. In the three years since it joined the Apache Foundation, the ShardingSphere core team has worked hard with the community to create an open source, robust, and distributed database and a supporting ecosystem. ShardingSphere doesn't quite fit into the usual industry mold of a simple distributed database middleware solution. ShardingSphere recreates the distributed pluggable system, enabling actual user implementation scenarios to thrive and contributing valuable solutions to the community and the database industry.

  • AWS DocumentDB not MongoDB-compatible, says MongoDB Inc
  • Winners in the Month of LibreOffice, November 2021!

    At the start of November, we revved up a new Month of LibreOffice, celebrating community contributions all across the project. We do these every six months – so how many people got sticker packs this time? Check it out…