LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Thursday, August 21st, 2014

    Time Event
    1:56a
    [$] LWN.net Weekly Edition for August 21, 2014
    The LWN.net Weekly Edition for August 21, 2014 is available.
    4:09p
    Linux Foundation Technical Advisory Board election results
    The results from the Linux Foundation TAB election have been announced; the
    five open seats went to Chris Mason, John Linville, H. Peter Anvin, Grant
    Likely, and Kristen Accardi.
    5:46p
    Thursday's security updates

    Debian has updated libstruts1.2-java (code execution) and php5 (multiple vulnerabilities).

    Fedora has updated drupal7 (F19; F20: denial of service), drupal7-date (F19; F20: cross-site scripting), libndp (F19; F20: code execution), and wordpress (F20: denial of service).

    Mageia has updated catfish (M3; M4: privilege escalation), gpgme (code execution), phpmyadmin (multiple vulnerabilities), python-imaging, python-pillow (denial of service), and subversion (M3; M4: information leak).

    openSUSE has updated openstack-neutron (13.1: access restriction bypass), apache2 (12.3; 13.1: multiple vulnerabilities), apache2-mod_security2 (rules bypass), krb5, (code execution), openssl (multiple vulnerabilities), python (12.3; 13.1: information leak), python3 (13.1: information leak), and samba (13.1: multiple vulnerabilities).

    Red Hat has updated openstack-nova (RHEL OpenStack: multiple vulnerabilities).

    Ubuntu has updated oxide-qt (14.04: multiple vulnerabilities).

    10:40p
    FSF: GNU hackers discover HACIENDA government surveillance and give us a way to fight back

    The Free Software Foundation blog has posted an article detailing a newly discovered government surveillance project as well as a new technological countermeasure. The surveillance project is known as HACIENDA, as is reportedly a multi-national effort "to map every server in twenty-seven countries, employing a technique known as port scanning." The countermeasure, developed by Julian Kirsch, Christian Grothoff, Jacob Appelbaum, and Holger Kenn, is called TCP Stealth. According to the TCP Stealth whitepaper, the system "replaces the traditional random TCP SQN number with a token that authenticates the client and (optionally) the first bytes of the TCP payload. Clients and servers can enable TCP Stealth by explicitly setting a socket option or linking against a library that wraps existing network system calls." A Linux implementation of the scheme is available.

    << Previous Day 2014/08/21
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org