Tux Machines

Security Leftovers

Posted by Roy Schestowitz on Apr 22, 2024

today's leftovers

Red Hat is Upselling RHEL 9/8 and Working With Microsoft in Proprietary Setting

Linuxiac ☛ PhotoPrism’s Latest Update Introduces Two-Factor Authentication

↺ PhotoPrism’s Latest Update Introduces Two-Factor Authentication

> PhotoPrism AI-powered photos app introduces two-factor authentication in its latest update, adds numerous UI enhancements, and more.

Xe's Blog ☛ "No way to prevent this" say users of only language where this regularly happens

↺ "No way to prevent this" say users of only language where this regularly happens

> In the hours following the release of CVE-2024-2961 for the project GNU glibc, site reliability workers and systems administrators scrambled to desperately rebuild and patch all their systems to fix a vulnerability when converting strings to the ISO-2022-CN-EXT character set, which may be used to gain arbitrary code execution or arbitrary memory corruption.

↺ CVE-2024-2961

↺ GNU glibc

↺ CVE-2024-2961

↺ GNU glibc

LinuxSecurity ☛ The XZ Utils GNU/Linux Backdoor: How It Happened & What We Can Learn [Updated]

↺ The XZ Utils GNU/Linux Backdoor: How It Happened & What We Can Learn [Updated]

> The alarming discovery of a backdoor in the xz data compression library , which had the potential to compromise GNU/Linux systems, has dominated recent security news. While the backdoor did not make its way into production GNU/Linux distributions, the incident raises crucial questions about open-source security and the need for vigilance in the face of emerging threats.

gemini.tuxmachines.org