Language Selection

English French German Italian Portuguese Spanish

Gentoo Linux 2005.0 Security Rebuild

Filed under
Gentoo

Due to a set of remotely exploitable bugs in Gaim and Mozilla-Firefox and locally exploitable bugs in QT and Kdelibs found in the last few hours before a final 2005.0 release was completed, it was decided by all of the members of Release Engineering to rebuild the release media to resolve these bugs, prior to release.

Release Engineering would like to thank the security team for their diligence in making sure Gentoo has top-notch security resolution, and also our Architecture Leads, for having the patience to put up with all of the last-minute updates and changes, and also for their assistance in quickly verifying these packages on their architectures.

Reprinted from gentoo.org.

More in Tux Machines

Android Leftovers

FreeBSD 12 & DragonFlyBSD 5.6 Running Well On The AMD Ryzen 7 3700X + MSI X570 GODLIKE

For those wondering how well FreeBSD and DragonFlyBSD are handling AMD's new Ryzen 3000 series desktop processors, here are some benchmarks on a Ryzen 7 3700X with MSI MEG X570 GODLIKE where both of these popular BSD operating systems were working out-of-the-box. For some fun mid-week benchmarking, here are those results of FreeBSD 12.0 and DragonFlyBSD 5.6.2 up against openSUSE Tumbleweed and Ubuntu 19.04. Back in July I looked at FreeBSD 12 on the Ryzen 9 3900X but at that time at least DragonFlyBSD had troubles booting on that system. When trying out the Ryzen 7 3700X + MSI GODLIKE X570 motherboard on the latest BIOS, everything "just worked" without any compatibility issues for either of these BSDs. Read more

How to break out of a hypervisor: Abuse Qemu-KVM on-Linux pre-5.3 – or VMware with an AMD driver

A pair of newly disclosed security flaws could allow malicious virtual machine guests to break out of their hypervisor's walled gardens and execute malicious code on the host box. Both CVE-2019-14835 and CVE-2019-5049 are not particularly easy to exploit as they require specific types of hardware or events to occur. However, if successful, either could allow a miscreant to run malware on the host from a VM instance. CVE-2019-14835 was discovered and reported by Peter Pi, a member of the Tencent Blade Team. It is found in the Linux kernel versions 2.6.34 up to version 5.3, where it is patched. Read more

Sandwich-style RK3399 SBC has optional NVMe and 4G

Boardcon’s “Idea3399” SBC integrates a CM3399 module with 4GB LPDDR4 that runs Android 7.1.2 on a Rockchip RK3399. The SBC offers optional M.2-based NVMe and mini-PCIe-based 4G. Boardcon also recently unveiled a MediaTek-based CM-MT6737 module. Boardcon announced a compute module and an SBC based on it equipped with a hexa-core Rockchip RK3399 SoC. As noted by the CNXSoft story that picked up the announcement from Embedded Computing Design, the Idea3399 is the company’s second sandwich-style implementation of the RK3399, following its EM3399 from 2017. Read more