Language Selection

English French German Italian Portuguese Spanish

Site Map

Blogs

Community blog and recent blog authors at Tux Machines.

Forum

forums

content

blog

More in Tux Machines

Android Leftovers

Security: Patches, L1TF/Foreshadow, PE Tree, IPFire and BootHole

  • Security updates for Thursday

    Security updates have been issued by Debian (clamav and json-c), Fedora (python2, python36, and python37), Red Hat (thunderbird), Scientific Linux (thunderbird), SUSE (java-11-openjdk, kernel, rubygem-actionview-4_2, wireshark, xen, and xrdp), and Ubuntu (openjdk-8 and ppp). 

  •        
  • Researchers Make More Discoveries Around L1TF/Foreshadow - It's Not Good

    Security researchers from Graz University of Technology and CISPA Helmholtz are out with their latest findings on CPU speculative execution vulnerabilities, namely taking another look at L1TF/Foreshadow. Their findings are bad news not only for Intel but potentially other CPU vendors as well. [...] The new vulnerability outlined in the paper is "Dereference Trap" for leaking registers from an SGX enclave in the presence of only a speculative register dereference.  The discovery of speculative dereferencing of a user-space register in the kernel as opposed to the prefetcher not only means that some mitigations may be inadequate, but they can improve the performance of the original attack and reportedly produce similar behavior on non-Intel CPUs. 

  • PE Tree: Free open source tool for reverse-engineering PE files

    PE Tree allows malware analysts to view Portable Executable (PE) files in a tree-view using pefile – a multi-platform Python module that parses and works with PE files – and PyQt5, a module that can be used to create graphical user interfaces. “PE Tree is developed in Python and supports the Windows, Linux and Mac operating systems. It can be installed and run as either a standalone application or an IDAPython plugin,” Tom Bonner, a threat researcher at BlackBerry, explained.

  •        
  • IPFire: A new location database for the Internet

    In the last couple of months, we, the IPFire development team, have launched a small side project: A new location database for the Internet. In this article, I would like to give you a brief background story on why and how it come to this... [...] Other applications would be threat prevention like we use it in IPFire. Connection attempts from certain countries can simply be blocked, or port forwardings can be limited to certain countries only. That is, however, not an exact science. The Internet changes constantly. IP address ranges are re-assigned from one party to another one, and often it can take some time until those location databases are all updated. Up to that point, you will see wrong information like the Google front page being shown in a wrong language. This might only be a bit of an inconvenience, but for a firewall, we need more recent and reliable data.

  •        
  • What to do about the BootHole vulnerability

    Late last month, security researchers discovered a major vulnerability in the software that controls how PCs boot their operating systems. This is one of those issues that sounds scarier than it is. Fixing it will be a major process, especially for Linux system administrators and corporate IT organizations with a mixture of different PC vintages and manufacturers. The problem has been named BootHole, and it could affect up to a billion computers.

Text Editing with GIMP

This is tutorial to edit photos with text using computer program GIMP. This explains the basics of writing and editing text you can apply over all your photos you they can accompany your text documents you are working on. This is the eighth aka the final part of GIMP for Authors the series. I am happy to publish this one. Enjoy editing! Read more

PHP 8.0.0 Beta 1 and RPMs of PHP 7.x

  • PHP 8.0.0 Beta 1 available for testing

    The PHP team is pleased to announce the fourth testing release of PHP 8.0.0, Beta 1. This continues the PHP 8.0 release cycle, the rough outline of which is specified in the PHP Wiki. For source downloads of PHP 8.0.0 Beta 1 please visit the download page. Please carefully test this version and report any issues found in the bug reporting system.

  • PHP 8.0 Beta Released, Now Under Feature Freeze

    The release of PHP 8.0 is now one step closer to reality with the first beta being issued today and this also marking the feature freeze for this version due out later in the year. PHP 8.0 is a big step forward for this widely used programming language with PHP JIT and other performance optimizations, JSON at long last brought into PHP core, improvements to the PHP GD imaging library, cryptographic message syntax support within PHP OpenSSL, PHP Zip improvements, and a variety of other enhancements. PHP JIT and the never-ending speed optimizations are what I am most excited about with PHP 8.0 and the performance has indeed been great in my testing and I'll have some results of PHP 8.0 Beta 1 out soon.

  • PHP version 7.2.33, 7.3.21 and 7.4.9

    RPMs of PHP version 7.4.9 are available in remi repository for Fedora 32 and remi-php74 repository for Fedora 30-31 and Enterprise Linux ≥ 7 (RHEL, CentOS). RPMs of PHP version 7.3.21 are available in remi repository for Fedora 30-31 and remi-php73 repository for Enterprise Linux ≥ 6 (RHEL, CentOS). RPMs of PHP version 7.2.33 are available in remi-php72 repository for Enterprise Linux ≥ 6 (RHEL, CentOS).