Security Leftovers
-
McAfee and FireEye rename themselves ‘Trellix’ • The Register
Newly combined security outfits McAfee and FireEye have revealed a new name: "Trellix".
Readers may find the name familiar, as another tech company used the same name in the 1990s and early 2000s when it offered intranet and web published tools such as Trellix Web.
-
CISA Releases Final Version of Guidance: IPv6 Considerations for TIC 3.0
CISA has released the final version of Internet Protocol version 6 (IPv6) Considerations for Trusted Internet Connections (TIC) 3.0. This guidance supports the federal government-wide deployment and use of the modernized network protocol. The final version includes feedback provided during the public comment period that ended in October 2021. See the fact sheet Response to Comments on Guidance: IPv6 Considerations for TIC 3.0 for a comprehensive analysis of comments received. This release is in accordance with Office of Management and Budget (OMB) Memorandum 21-07, which entrusts CISA with enhancing the TIC program to support IPv6 implementation in federal IT systems.
-
The price for software security and maintainer burnout / OSI News & Updates [Ed: OSI fails to note NPM is Microsoft and GitHub banned a developer for doing what he wanted with his code. Microsoft is the ‘boss’ of OSI.]
The price for software security and maintainer burnout
2022 started reminding us that software security is a problem not only for open source packages. At the same time, “how to remunerate open source maintainers?” is a question with impossibly numerous answers: we need focus to find different solutions for different problems.
Lots of security issues packed in a few weeks: December 2021 saw the Log4j package knocked down by a nasty bug. In January 2022 we witnessed an act of self-sabotation by a maintainer of two NPM packages. On New Year's Day a bug in Microsoft Exchange ruined the celebrations for many system administrators. Very different scenarios that confirm how complex and fragile our IT infrastructure is. With open source software so popular, shipped in millions of software packages, the open source communities risk becoming a punching bag for problems it cannot necessarily solve.
-
Security updates for Thursday [LWN.net]
Security updates have been issued by Debian (drupal7), Fedora (kernel, libreswan, nodejs, and wireshark), openSUSE (busybox, firefox, kernel, and python-numpy), Oracle (gegl, gegl04, httpd, java-17-openjdk, kernel, kernel-container, and libreswan), Red Hat (kernel, kernel-rt, and libreswan), Slackware (wpa_supplicant), SUSE (busybox, firefox, htmldoc, kernel, kubevirt, virt-api-container, virt-controller-container, virt-handler-container, virt-launcher-container, virt-operator-container, openstack-monasca-agent, spark, spark-kit, zookeeper, and python-numpy), and Ubuntu (curl, linux, linux-aws, linux-aws-5.11, linux-aws-5.4, linux-azure, linux-azure-5.11, linux-azure-5.4, linux-bluefield, linux-gcp, linux-gcp-5.11, linux-gcp-5.4, linux-gke, linux-gke-5.4, linux-gkeop, linux-gkeop-5.4, linux-hwe-5.4, linux-ibm, linux-kvm, linux-oem-5.10, linux-oem-5.13, linux-oem-5.14, linux-oracle, linux-oracle-5.11, linux-oracle-5.4, linux-raspi, linux-raspi-5.4, openvswitch, and qtsvg-opensource-src).
- Login or register to post comments
- Printer-friendly version
- 3361 reads
- PDF version
More in Tux Machines
- Highlights
- Front Page
- Latest Headlines
- Archive
- Recent comments
- All-Time Popular Stories
- Hot Topics
- New Members
digiKam 7.7.0 is releasedAfter three months of active maintenance and another bug triage, the digiKam team is proud to present version 7.7.0 of its open source digital photo manager. See below the list of most important features coming with this release. |
Dilution and Misuse of the "Linux" Brand
|
Samsung, Red Hat to Work on Linux Drivers for Future TechThe metaverse is expected to uproot system design as we know it, and Samsung is one of many hardware vendors re-imagining data center infrastructure in preparation for a parallel 3D world. Samsung is working on new memory technologies that provide faster bandwidth inside hardware for data to travel between CPUs, storage and other computing resources. The company also announced it was partnering with Red Hat to ensure these technologies have Linux compatibility. |
today's howtos
|
4 More warnings (CISA)
F5 Releases January 2022 Quarterly Security Notification
Drupal Releases Security Updates
Google Releases Security Updates for Chrome
Cisco Releases Security Updates for Multiple Products | CISA