(May 10) An update for qemu-kvm-rhev is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
(May 9) Multiple vulnerabilities were discovered in the wavpack audio codec which could result in denial of service or the execution of arbitrary code if malformed media files are processed.
(May 9) Albert Dengg discovered that incorrect parsing of messages in the Prosody Jabber/XMPP server may result in denial of service. The oldstable distribution (jessie) is not affected.
(May 9) In this interview, Dave Wreski discusses Guardian Digital’s highly effective email security solutions and the myriad advantages of investing in these solutions to secure your email. …
GNOME is planning to redesign its lock and login screens for GNOME Shell. The new designs are clean, use a ‘clear spatial model’ and make use of animations.
This post, First Look: GNOME’s Stylish New Login & Lock Screens, was written by Joey Sneddon and first appeared on OMG! Ubuntu!.
News briefs for May 10, 2018.
It is here: Firefox 60 “Quantum” is available for download! Now with Client Side Decorations (CSD) and much more!
And development for Firefox 61 has already begun.
Kent Overstreet of Bcache and now, Bcachefs is working his way to push patches for Bcachefs upstream and into the Linux kernel. Bcachefs is an advanced Linux COW filesystem that boasts a lot of the features used by ZFS and Btrfs.
It would seem that the main Ubuntu distribution may not be the only *buntu to drop support for 32-bit x86 (i386) architectures. A proposal has just been put forth by Bryan Quigley to drop support for Lubuntu, Xubuntu, Kylin and Kubuntu.
While the beta for Devuan 2.0 ASCII (a Debian fork without systemd) landed back in February, yesterday marked the availability of the first official release candidate.
Igor Stoppa posted a patch to allow kernel memory
pools to be made read-only.
Memory pools are a standard way to group memory allocations in Linux so their time
cost is more predictable. With Igor’s patch, once a memory pool was made read-only,
it could not be made read-write again. This would secure the data for good and
against attackers. Of course, you could free the memory and destroy the pool. But
short of that, the data would stay read-only.
There was not much controversy about this patch. Kees Cook felt that
XFS would work
well with the feature. And, having an actual user would help Igor clarify the usage
and nail down the API.
This apparently had come up at a recent conference, and Dave Chinner was ready for
Igor’s patch. He remarked, “we have a fair amount of static data in XFS that we set
up at mount time and it never gets modified after that. I’m not so worried about
VFS level objects (that’s a much more complex issue) but there is a lot of low
hanging fruit in the XFS structures we could convert to write-once structures.”
Igor said this was exactly the kind of thing he’d had in mind.
A bunch of folks started talking about terminology and use cases, and speculating
on further abilities. No one had any negative comment, and everyone was excited to
get going with it.
The thing about a patch like this is that people can use the feature or not. It helps
them with security, or it costs them nothing. It adds an ability but adds no
complexity to the code. Unless something weird happens, I’d expect this patch to go
into the kernel as soon as the API stabilizes.
Note: If you’re mentioned above and want to post a response above the comment
section, send a message with your response text to firstname.lastname@example.org.