LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Thursday, June 30th, 2016

    Time Event
    1:51a
    [$] LWN.net Weekly Edition for June 30, 2016
    The LWN.net Weekly Edition for June 30, 2016 is available.
    2:52p
    Security updates for Thursday

    Debian has updated libcommons-fileupload-java (denial of service), libreoffice (code execution), tomcat8 (multiple vulnerabilities, some from 2015), and xerces-c (denial of service).

    Debian-LTS has updated libgd2 (denial of service), php5 (multiple vulnerabilities), and xerces-c (denial of service).

    Fedora has updated setroubleshoot (F23; F22: code execution) and xguest (F23: insecure password creation).

    Ubuntu has updated libreoffice (16.04, 15.10, 12.04: code execution).

    8:03p
    etcd 3.0 released
    CoreOS has announced the
    availability of version 3.0 of the etcd distributed key-value store.
    "etcd 3.0 marks the first stable release of the etcd3 API and data
    model. Upgrades are simple, because the same etcd2 JSON endpoints and
    internal cluster protocol are still provided in etcd3. Nevertheless, etcd3
    is a wholesale API redesign based on feedback from etcd2 users and
    experience with scaling etcd2 in practice. This post highlights some
    notable etcd3 improvements in efficiency, reliability, and concurrency
    control.    "
    8:14p
    Extracting Qualcomm's KeyMaster Keys - Breaking Android Full Disk Encryption (Bits Please)
    The "Bits Please" blog has a
    detailed description     of how one breaks full-disk encryption on an
    Android phone. Included therein is a lot of information on how full-disk
    encryption works on Android devices and its inherent limitations.
    "Instead of creating a scheme which directly uses the hardware key
    without ever divulging it to software or firmware, the code above performs
    the encryption and validation of the key blobs using keys which are
    directly available to the TrustZone software! Note that the keys are also
    constant - they are directly derived from the SHK (which is fused into the
    hardware) and from two 'hard-coded' strings.
    Let's take a moment to explore some of the implications of this
    finding.    "
    11:59p
    Linux Mint 18 Cinnamon and MATE editions released
    Linux Mint 18 has been released with Cinnamon and MATE editions. "Linux Mint 18 is a long term support release which will be supported until 2021. It comes with updated software and brings refinements and many new features to make your desktop even more comfortable to use." The MATE edition has MATE 1.14 along with many other updates listed on the What's New page. The Cinnamon edition has Cinnamon 3.0 (which we recently reviewed) and lots of other new packages described on its What's New page. The release notes pages (MATE, Cinnamon) also have important information on the releases.

    << Previous Day 2016/06/30
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org