Tuesday, April 12th, 2016

Time	Event
3:53p	Tuesday's security updates Debian has updated didiwiki (regression in previous update) and imagemagick (multiple vulnerabilities). openSUSE has updated cairo (13.2: denial of service), clamav-database (Leap42.1: database refresh), java-1_7_0-openjdk (Leap42.1: sandbox bypass), java-1_8_0-openjdk (Leap42.1: sandbox bypass), and kernel (Leap42.1: multiple vulnerabilities). Red Hat has updated kernel (RHEL6.6: memory leak) and openvswitch (RHOSE3.1: code execution). SUSE has updated mercurial (SLESDK12-SP1; SLESDK11-SP4: three vulnerabilities). Ubuntu has updated linux-lts-utopic (14.04: regression in previous update). (Comment on this)
5:29p	Let's Encrypt is no longer "beta" The Let's Encrypt project, which is working to enable encrypted communications across the web, has announced that it has gained more sponsors and no longer considers itself to be in a "beta" state. "Since our beta began in September 2015 we’ve issued more than 1.7 million certificates for more than 3.8 million websites. We’ve gained tremendous operational experience and confidence in our systems. The beta label is simply not necessary any more." (Comment on this)
7:17p	The "Badlock" vulnerability The details for the "Badlock" vulnerability in the SMB DCE-RPC protocol have finally been disclosed, along with the obligatory logo and domain name; there is no word on the availability of hats and T-shirts yet. It is a man-in-the-middle attack that can allow an attacker to access files in an SMB share, or gain access to Active Directory administrative tools, with the permissions of the intercepted user. "Please update your systems. We are pretty sure that there will be exploits soon. Engineers at Microsoft and the Samba Team worked together during the past months to get this problem fixed." (Comment on this)
9:51p	Stable kernel updates Stable kernels 4.5.1, 4.4.7, and 3.14.66 have been released. All of them contain important fixes throughout the tree. (Comment on this)
11:21p	[$] OpenBMC, a distribution for baseboard management controllers The Intelligent Platform Management Interface (IPMI) is a set of system-management-and-monitoring APIs typically implemented on server motherboards via an embedded system-on-chip (SoC) that functions completely outside of the host system's BIOS and operating system. While it is intended as a convenience for those who must manage dozens or hundreds of servers in a remote facility, IPMI has been called out for its potential as a serious hole in server security. At the 2016 Embedded Linux Conference in San Diego, Tian Fang presented Facebook's recent work on OpenBMC, a Linux distribution designed to replace proprietary IPMI implementations with an open-source alternative built around standard facilities like SSH. (Comment on this)

<< Previous Day

2016/04/12 [Calendar]

Next Day >>