Language Selection

English French German Italian Portuguese Spanish

Security Leftovers

Filed under
Security
  • Security updates for Wednesday

    Security updates have been issued by CentOS (httpd), Debian (libxfont, lrzsz, nss, openjdk-17, policykit-1, webkit2gtk, and wpewebkit), Mageia (polkit), openSUSE (expat, json-c, kernel, polkit, qemu, rust1.55, rust1.57, thunderbird, unbound, and webkit2gtk3), Oracle (httpd:2.4, java-11-openjdk, and polkit), Red Hat (httpd:2.4, OpenShift Container Platform 3.11.570, polkit, and Red Hat OpenStack Platform 16.1 (etcd)), Scientific Linux (polkit), Slackware (polkit), SUSE (aide, expat, firefox, json-c, kernel, polkit, qemu, rust, rust1.55, rust1.57, thunderbird, unbound, and webkit2gtk3), and Ubuntu (policykit-1 and xorg-server).

  • Qualys Research Team Warns of Significant polkit Vulnerability Affecting All Linux Users [Ed: This headline is false. It affects systemd users. And systemd isn't Linux, it's IBM vendor lock-in which isn't even compliant with UNIX philosophy.]
  • New DeadBolt ransomware targets QNAP devices, asks 50 BTC for master key [Ed: Why would anyone even connect a storage device to the open Internet in the fist place? "Smart" hype?]

    A new DeadBolt ransomware group is encrypting QNAP NAS devices worldwide using what they claim is a zero-day vulnerability in the device's software.

  • New DeadBolt Ransomware Targets NAT Devices