Language Selection

English French German Italian Portuguese Spanish

Flaw found in Firefox

Filed under
Security

Firefox versions 1.0.1 and 1.0.2 contain the vulnerability, the security information company said in an advisory on Monday. The flaw stems from an error in the JavaScript engine that can expose arbitrary amounts of heap memory after the end of a JavaScript string. As a result, an exploit may disclose sensitive information in the memory, Secunia said.

"Unlike other browser flaws, this one is not subject to phishing or access to the system. But it can expose sensitive information from other Web sites you visited and the information you entered there," said Thomas Kristensen, Secunia chief technology officer.

While the flaw is only rated as "moderately critical" by Secunia, the rapid adoption of the open-source browser means that many users may be at risk. Prior to the release of version 1.0, downloads of earlier versions of the browser had reached 8 million within the first 18 months.

The Mozilla Foundation, which makes the Firefox browser, is working on a patch, and no cases have been reported, a representative for the group said.

Secunia has developed a test that allows people to see whether their system is affected by the vulnerability.

Source

More in Tux Machines

Making GNOME Look Like Apple's Operating System

  • A macOS Mojave Inspired GTK Theme Appears
    A new GTK theme brings the luscious look of macOS Mojave to the Linux desktop. Not that you should be surprised; we’ve written before about how easy it is to make Ubuntu look like a Mac. But thanks to this new macOS Mojave inspired GTK theme that fact is truer, and more faithful, than ever.
  • Make Ubuntu Look Like macOS Mojave’s Dark Mode
    If you’re a Linux user who likes the look of the dark mode coming in macOS Mojave, you’re in luck: there’s a GTK theme just for you. The theme is available on Gnome-Look.org alongside several other macOS inspired themes. You’re looking for the one titled McOS-MJV-Dark-mode, but feel free to download more if you think you might want to switch it up later. Installing is a little tricky: you need to create a .themes directory in your home folder, then extract the folder in the downloaded archive into that folder. Next you need to install Gnome Tweaks in the Ubuntu Software Store, which you can use to change the theme. You can also use Gnome Tweaks to move the buttons to the left side of the window, where they belong. Fight me.

Android Leftovers

Servers With GNU/Linux

  • Linux Foundation Shifts Network Infrastructure to Kubernetes
    The Linux Networking Fund (LNF) is making significant progress toward embracing Kubernetes as a platform for delivering a range of networking services that are expected to be widely embraced by telecommunications carriers and cloud service providers (CSP). Arpit Joshipura, general manager of networking an orchestration for The Linux Foundation, says the latest Beijing release of the Open Networking Automation Platform (ONAP) contains several modules that have been ported to Kubernetes, with more to follow once the Casablanca release of ONAP is released.
  • A Platform Of A Certain Age And Respectability
    But seriously. The many rivals of the OS/400 platform and its follow-ons since that June 21, 1988, launch of the Application System/400 are now gone or not even on life support. We can all rattle them off, but the important ones that drove innovation for OS/400 and its children through to the current IBM i are DEC’s VMS for the VAX and Alpha systems, Hewlett Packard Enterprise’s MPE for the HP 3000 and HP-UX for the HP 9000s, and Sun Microsystems’ Solaris for the Sparc systems. You could throw in SCO Unix, Novell NetWare, and a slew of proprietary operating systems in Europe and Japan, and while you are at it, you should probably also include the IBM System/38’s CPF operating system and the IBM System/36’s SSP operating system. Even OS/2 and its PS/2 platform actually predate the AS/400 by 10 months – and they are long, long gone.
  • Uptycs Raises $13M, Launches Osquery-Based Security Platform
    No. 2 is the growing popularity of Mac and Linux-based infrastructure. Traditional enterprise workloads are deployed on Windows, so that’s where malicious activity historically occurred. But now more companies are using Mac infrastructure and transitioning new workloads to Linux in the cloud. Companies need to monitor and secure these environments as well, and Uptycs’ security platform covers all of the above.
  • CeBIT 2018: Huawei to roll-out KunLun V5 server
    Huawei is set to launch the latest server in its KunLun mission critical range with the V5, teaming up once more with Suse, further confirming that the company’s Linux Enterprise Server system is its preferred standard for the range.
  • Why an Infrastructure Transition is the Perfect Time to Invest in Security
    The idea behind containers has been around since the 1970s, when the technology was first used to isolate application code on Unix systems. However, the use of containers only became widespread in 2013 with the advent of Docker, and container orchestration tools like Kubernetes are even newer than that.

A look at Lutris – Open Gaming Platform for GNU/Linux

Lutris is quite the handy application I’ve discovered, that helps with organization and installation of games on GNU/Linux, even if they come from multiple sources. One of the project's goals is to support any game that runs on Linux regardless of whether it runs natively, through Wine, or other means. The main appeal of Lutris is that it provides an interface to manage all games installed on the machine regardless of source. While it is necessary to integrate the games in the application first, doing so is not super complicated. You may add local games right away by selecting them from the local system or visit the Lutris website to add games this way. Lutris simplifies nearly everything. Users can visit the list of support games on the Lutris website, choose to download and install the game (Note: If its a game that must be bought, you must own it first.) The website lists supported games and where you can acquire or download them. You can use filters on the site to display only free games, games of a genre, or use the built-in search to find games of interest quickly using it. Read more