Tuesday, February 9th, 2016

Time	Event
4:44p	Tuesday's security updates Debian has updated qemu (multiple vulnerabilities), qemu (more vulnerabilities), qemu-kvm (multiple vulnerabilities), and wordpress (two vulnerabilities). Debian-LTS has updated gajim (man-in-the-middle). Mageia has updated mbedtls/hiawatha/belle-sip/linphone/pdns (code execution), openssl (man-in-the-middle), php (multiple vulnerabilities), privoxy (denial of service), and radicale (authentication bypass). Red Hat has updated sos (RHEL6: information leak). Slackware has updated curl (authentication bypass) and flac (multiple vulnerabilities). SUSE has updated java-1_8_0-ibm (SLE12-SP1: multiple vulnerabilities) and rubygem-rails-html-sanitizer (SES2.1: multiple vulnerabilities). Ubuntu has updated firefox (regression in previous update). (Comment on this)
9:41p	[$] Protecting systems with the TPM "TPM," said Matthew Garrett in his linux.conf.au 2016 talk, stands for "trusted platform module"; it is a tool that is meant to allow a system's owner to decide which software to trust. Some years ago, there was a lot of fear that the TPM would be used, instead, to take that decision away, to allow others to decide which software would be trusted to run on our systems; for that reason, some called "trusted computing" by the rather less complimentary name "treacherous computing." That scenario didn't come about, though, for a number of reasons, both technical and social. But we can still use the TPM for its original purpose; Matthew was there to talk about his work to bring about computing that we can trust. Click below (subscribers only) for the full report from LCA 2016. (Comment on this)

<< Previous Day

2016/02/09 [Calendar]

Next Day >>