Wednesday, February 3rd, 2021

Time	Event
1:03a	[$] A major vulnerability in Sudo A longstanding hole in the Sudo privilege-delegation tool that was discovered in late January is a potent local vulnerability. Exploiting it allows local users to run code of their choosing as root by way of a bog-standard heap-buffer overflow. It seems like the kind of bug that might have been found earlier via code inspection or fuzzing, but it has remained in this security-sensitive utility since it was introduced in 2011. (Comment on this)
2:42p	LibreOffice 7.1 Community released The LibreOffice 7.1 "Community" release is out. "LibreOffice 7.1 Community adds several interoperability improvements with DOCX/XLSX/PPTX files: improvements to Writer tables (better import/export and management of table functions, and better support for change tracking in floating tables); a better management of cached field results in Writer; support of spacing below the header's last paragraph in DOC/DOCX files; and additional SmartArt improvements when importing PPTX files." The announcement also goes on at length about the new "community" label and how this release "is not targeted at enterprises". (Comment on this)
3:24p	Solus 4.2 released Version 4.2 of the desktop-oriented Solus distribution is available. "We recognized that Desktop Icons was an important part of the workflow of many users, so we spent considerable time during this development cycle ensuring there was a solution for them as well as our downstream users of Budgie. Expanding on this, Solus 4.2 defaults to having desktop icons enabled to make Solus more approachable to new users." Some more information on the desktop changes can be found in this blog entry from December. (Comment on this)
4:04p	Security updates for Wednesday Security updates have been issued by Debian (open-build-service and openldap), Fedora (jasper, libebml, and tcmu-runner), openSUSE (segv_handler), Red Hat (thunderbird), Scientific Linux (kernel), SUSE (cups and openvswitch), and Ubuntu (apport and ca-certificates). (Comment on this)
7:20p	Kroah-Hartman: Helping Out With LTS Kernel Releases Greg Kroah-Hartman has a suggestion for anybody who would like to help him maintain long-term-stable kernel releases. "All I request is that people test the -rc releases when I announce them, and let me know if they work or not for their systems/workloads/tests/whatever. [...] But, if you want to do more, I always really appreciate when people email me, or stable@vger.kernel.org, git commit ids that are needed to be backported to specific stable kernel trees because they found them in their testing/development efforts." (Comment on this)
10:55p	[$] Avoiding "supercookie" tracking The release of Firefox 85 at the end of January brought a new technique for thwarting yet-another web-tracking scheme. The use of browser cookies for tracking is well-established and the browser makers have taken steps to block the worst abuses there, but users can also take steps to manage and clear those cookies. The arms race continues, however, as tracking companies are using browser caches to store what Mozilla calls "supercookies", which allow users to be tracked across the web sites that they visit. That has led the browser makers to partition these caches by web site in order to prevent this tracking technique. (Comment on this)

<< Previous Day

2021/02/03 [Calendar]

Next Day >>