Language Selection

English French German Italian Portuguese Spanish

Apache bug prompts update advice

Filed under
Software
Security
Web

IT security company Sense of Security has discovered a serious bug in Apache's HTTP web server, which could allow a remote attacker to gain complete control of a database.

Discovered by the company's security consultant Brett Gervasoni, the vulnerability exists in Apache's core "mod_isapi" module. By exploiting the module, an attacker could remotely gain system privileges that would compromise data security.

Users of Apache 2.2.14 and earlier are advised to upgrade to Apache 2.2.15, which fixes the exploit.

According to Sense of Security spokesperson Jason Edelstein, Apache is one of the most popular pieces of web server software used today and the vulnerability was one of the most significant bugs in Apache for years.

rest here




More in Tux Machines

Calamares Pinebook

But there is an under-appreciated bit regarding images for an ARM laptop — or pre-installed Linux distro’s in general. And that’s the first-run experience. The Netrunner Pinebook image is delivered so that it boots to the Plasma 5 desktop, no passwords asked, etc. The user is called “live”, the password is “live”, and nothing is personalized. It’s possible, though not particularly secure, to use the laptop this way in a truly disposable fashion. A first-run application helps finalize the configuration of the device by creating a named user, among other things. One of the under-documented features of Calamares is that it can operate as a first-run application as well as a system installer. This is called “OEM Mode“, because it’s of greatest interest to OEMs .. but also to distro’s that ship an image for users to flash onto (micro)SD card for use in a device. Read more

MySQL 8.0 Released With Many Improvements, Faster Performance

It's a busy day in the software and hardware space today as well as a busy week for Oracle with several big releases this week. The latest is the general availability of the long-awaited MySQL 8.0 update. MySQL 8.0 is a very significant update over the MySQL 5.7 series. MySQL 8.0 features a transactional data dictionary, a new document store with NoSQL support, and up to twice as fast MySQL database performance compared to version 5.7. Read more Direct: MySQL 8.0: Up to 2x Faster

Stable kernels 4.16.3, 4.15.18 and 4.14.35

ExTiX 18.4 – “The Ultimate Linux System” – with LXQt 0.12.0, Refracta Tools, Calamares Installer and kernel 4.16.2-exton – Build 180419

I have made a new version of ExTiX – The Ultimate Linux System. I call it ExTiX 18.4 LXQt Live DVD. (The previous version was 17.8 from 171012). Read more