Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Monday [LWN.net]

    Security updates have been issued by Debian (chromium, golang-1.7, golang-1.8, pillow, qtsvg-opensource-src, util-linux, and wordpress), Fedora (expat, harfbuzz, kernel, qt5-qtsvg, vim, webkit2gtk3, and zabbix), Mageia (glibc, kernel, and kernel-linus), openSUSE (bind, chromium, and zxing-cpp), Oracle (kernel), Red Hat (java-11-openjdk and kpatch-patch), Scientific Linux (java-11-openjdk), SUSE (bind, clamav, zsh, and zxing-cpp), and Ubuntu (aide, dbus, and thunderbird).

  • LogJ4 Security Inquiry – Response Required

    On Friday January 21, 2022 I received this email. I tweeted about it and it took off like crazy.

    The email comes from a fortune-500 multi-billion dollar company that apparently might be using a product that contains my code, or maybe they have customers who do. Who knows?

    My guess is that they do this for some compliance reasons and they “forgot” that their open source components are not automatically provided by “partners” they can just demand this information from.

    I answered the email very briefly and said I will be happy to answer with details as soon as we have a support contract signed.

    I think maybe this serves as a good example of the open source pyramid and users in the upper layers not at all thinking of how the lower layers are maintained. Building a house without a care about the ground the house stands on.

    I believe this email is genuine and my reply was directed to a big-company .com email address domain that did not bounce. In my tweet and here in my blog post I redact the name of the company. I most probably have the right to tell you who they are, but I still prefer to not. (Especially if I manage to land a profitable business contract with them.) I suspect we can find this level of entitlement in many companies.

  • Trend Micro : Analysis and Impact of LockBit Ransomware's First Linux and VMware ESXi Variant [Ed: Ransomware is predominantly a Windows issue, but there are attempts to shift attention and manipulate perceptions]

    The release of this variant is in line with how modern ransomware groups have been shifting their efforts to target and encrypt Linux hosts such as ESXi servers. An ESXi server typically hosts multiple VMs, which in turn hold important data or services for an organization. The successful encryption by ransomware of ESXi servers could therefore have a large impact on targeted companies. This trend was spearheaded by ransomware families like REvil and DarkSide.

More in Tux Machines

Openwashing and Linux Foundation

Android Leftovers

Stay Organized With These 7 Calendar Apps for Linux

Keep track of time and events while working on your desktop using these must-have calendar apps for Linux. Calendar apps are a necessity for keeping track of events and your to-do tasks in this hectic modern work life. These apps can help you never forget anything again. The calendar apps available for Linux have a lot of handy productivity features that will help you remember stuff, suggest important dates, and help build good habits. Read more

Games: 3000 Games On The Steam Deck, The Legend of Zelda: Ocarina of Time, 5 Best 3D Games for GNU/Linux

  • 3000 Games On The Steam Deck! - Boiling Steam

    It took less than 4 months and here we are, with 3000 games on the Steam Deck! To be precise, there are now 3014 games at the time of writing working on the Steam Deck – in two categories as usual: Steam Deck Verified: 1527 titles Steam Deck Playable: 1487 titles

  • Zelda: Ocarina of Time’s PC port now supports 60fps, save states, Linux and more

    The fan-made PC port of The Legend of Zelda: Ocarina of Time, ‘Ship of Harkinian’ now supports 60fps, Linux and more. As part of the fan development team’s latest “Ship of Harkinian Direct”, Habour Masters unveiled the frame-rate boost as well as a host of new features. In addition to 60fps, the port now runs on Linux, and new features such as save states, Gameshark-style cheats and accessibility features such as voice descriptions have been added to the game.

  • 5 Best 3D Games for Linux To Play in 2022

    It is true that Linux doesn’t have a good name for the gaming sectors like Windows and macOS. But still, there are a lot of interesting games, including many 3D games available for Linux users. Indeed, the gaming companies are now getting interested in Linux, and so they are producing more games for this system. However, if you are a Linux user and want to enjoy some games in your free time, I can help. Today, we will discuss the best 3D games for Linux.