A stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the pwfeedback option enabled. An unprivileged user Continue Reading — Debian LTS: DLA-2094-1: sudo security update>
Unix, Linux, DevOps , Cloud computing and BigData Knowledge-Base
The GNU libc 2.31 release is out. Significant changes include some initial C2X standard support, some DNS stub resolver changes, a new pthread_clockjoin_np() POSIX threads extension, a number of changes to time-related functions, and more. … Continue Reading — GNU C Library 2.31 released
Two vulnerabilities were discovered in spamassassin, a Perl-based spam filter using text analysis. Malicious rule or configuration files, possibly downloaded from an updates server, could execute arbitrary commands under multiple scenarios. Continue Reading — Debian: DSA-4615-1: spamassassin security update>
Joe Vennix discovered a stack-based buffer overflow vulnerability in sudo, a program designed to provide limited super user privileges to specific users, triggerable when configured with the “pwfeedback” option enabled. An unprivileged user can take ad… Continue Reading — Debian: DSA-4614-1: sudo security update>
A heap-based buffer overflow vulnerability was discovered in the idn2_to_ascii_4i() function in libidn2, the GNU library for Internationalized Domain Names (IDNs), which could result in denial of service, or the execution of arbitrary code when process… Continue Reading — Debian: DSA-4613-1: libidn2 security update>
An issue was found in the IonMonkey JIT compiler of the Mozilla Firefox web browser which could lead to arbitrary code execution. For Debian 8 “Jessie”, this problem has been fixed in version Continue Reading — Debian LTS: DLA-2093-1: firefox-esr security update>
The longtime tech writer for the Yocto Project, Scott Rifenbark, has died after a battle with cancer. Project architect Richard Purdie announced the sad news on the yocto mailing list; he also reflected on Rifenbark and his impact: “I remember … Continue Reading — The...
Continue Reading — DSC Solution Challenge – How to identify a solution
In Qt5’s plugin loader code as found in qtbase-opensource-src, it was possible to (side-)load plugins from “the” local folder in addition to a system-widely defined library path. Continue Reading — Debian LTS: DLA-2092-1: qtbase-opensource-src security update>
Continue Reading — How do I CC another email address on account-related correspondence from AWS?