LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Thursday, December 13th, 2012

    Time Event
    2:42a
    [$] LWN.net Weekly Edition for December 13, 2012
    The LWN.net Weekly Edition for December 13, 2012 is available.
    3:58p
    A hash-based DOS attack on Btrfs
    Pascal Junod has disclosed
    a pair of denial-of-service attacks against the Btrfs filesystem based on
    hash collisions. "I have created several files with random names in
    a directory (around 500). The time required to remove them is
    negligible. Then, I have created the same number of files, but giving them
    only 55 different crc32c values. The time required to remove them is so
    large that I was not able to figure it out and killed the process after 220
    minutes (!).    " This is a local attack only, but administrators of
    Btrfs-using sites with untrusted users may want to pay attention.
    5:05p
    Thursday's security updates

    Fedora has updated bind (F17: denial of service), bogofilter (F16, F17: code execution), drupal6-ctools (F16, F17: cross-site scripting), perl (F17: HTTP header injection), perl-CGI (F17: HTTP header injection), qt (F17: information disclosure), squashfs-tools (F16, F17: code execution), and xen (F17: multiple vulnerabilities).

    Ubuntu has updated apt (information disclosure), nova (information disclosure), linux-ec2 (firewall bypass), and unity-firefox-extension (information disclosure).

    5:13p
    The Linux Foundation's year in review video
    For those with 2.5 minutes to spare: the Linux Foundation has posted a video looking back
    at the most important Linux-related events (from its point of view) that
    happened in 2012.
    5:18p
    Suricata 1.4 released
    Version 1.4 of the Suricata intrusion detection/prevention system is
    available. "The biggest new features of this release are the Unix Socket support, IP
    Reputation support and the addition of the Luajit keyword. Each of these
    new features are still in active development, and should be approached
    with some care.    " There's a lot of other new features and a number
    of performance improvements as well.

    << Previous Day 2012/12/13
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org