LWN.net's Journal
 
 [Most Recent Entries] [Calendar View]

Monday, November 23rd, 2020

    Time Event
    12:24a
    Kernel prepatch 5.10-rc5
    The 5.10-rc5 kernel prepatch is out.
    "The 5.10 release candidates stubbornly keeps staying fairly big,
    even though by rc5 we really should be seeing things starting to calm
    down and shrink.

    There's nothing in here that makes me particularly nervous, but in
    pure numbers of commits, this is the largest rc5 we've had in the 5.x
    series.    "
    4:10p
    Security updates for Monday
    Security updates have been issued by Debian (cimg, golang-1.7, golang-1.8, krb5, mediawiki, mupdf, php-pear, samba, thunderbird, and zabbix), Fedora (chromium, krb5, microcode_ctl, pngcheck, and rpki-client), Mageia (librepo, postgresql, python-twisted, raptor2, tcpdump, and thunderbird), openSUSE (blueman, java-11-openjdk, moinmoin-wiki, python, rmt-server, SDL, and tcpdump), Red Hat (chromium-browser and thunderbird), SUSE (c-ares, ceph, dash, firefox, java-1_8_0-openjdk, postgresql10, postgresql12, postgresql96, u-boot, and ucode-intel), and Ubuntu (openldap).
    6:06p
    Huang: Evaluating Precursor’s Hardware Security
    For those who are interested in security at the hardware level, this blog post from
    Andrew 'bunnie' Huang     is well worth a read. "Despite any claims
    you may have heard otherwise, tamper resistance is a largely unsolved
    problem. Any secrets committed to a non-volatile format are vulnerable to
    recovery by a sufficiently advanced adversary. The availability of
    near-atomic level microscopy, along with sophisticated photon and phonon
    based probing techniques, means that a lab equipped with a few million
    dollars worth of top-notch gear and well-trained technicians has a good
    chance of recovering secret key material out of virtually any non-volatile
    storage media. The hard part is figuring out where the secrets are located
    on the chip.    "
    6:22p
    GNU Guix 1.2.0 released
    GNU Guix, a functional package manager and associated free software
    distribution, was introduced
    eight years ago. The 1.2.0
    release     celebrates the anniversary. "A major highlight in this release is the ability to authenticate channels, which probably makes Guix one of the safest ways to deliver complete operating systems today. This was the missing link in our “software supply chain” and we’re glad it’s now fixed. The end result is that guix pull and related commands now cryptographically authenticate channel code that they fetch; you cannot, for instance, retrieve unauthorized commits to the official Guix repository."

    << Previous Day 2020/11/23
    [Calendar]     		Next Day >>

LWN.net   About LJ.Rossia.org