| Highly critical “Ghost” allowing code execution affects most Linux systems: Security Posted by: comforteagle
From the Updates dept.:
An extremely critical vulnerability affecting most Linux distributions gives attackers the ability to execute malicious code on servers used to deliver e-mail, host webpages, and carry out other vital functions.
The vulnerability in the GNU C Library (glibc) represents a major Internet threat, in some ways comparable to the Heartbleed and Shellshock bugs that came to light last year. The bug, which is being dubbed "Ghost" by some researchers, has the common vulnerability and exposures designation of CVE-2015-0235. While a patch was issued two years ago, most Linux versions used in production systems remain unprotected at the moment. What's more, patching systems requires core functions or the entire affected server to be rebooted, a requirement that may cause some systems to remain vulnerable for some time to come.
| Google reveals third unpatched 90-day Windows vulnerability: Security Posted by: comforteagle
From the Google, Windows, or Security? dept.:
Microsoft has heavily criticized Google and its 90-days security disclosure policy after the firm publicly revealed two zero-day vulnerabilities in Microsoft's Windows 8.1 operating system one after one just days before Microsoft planned to issue a patch to kill the bugs. But, seemingly Google don't give a damn thought.
Once again, Google has publicly disclosed a new serious vulnerability in Windows 7 and Windows 8.1 before Microsoft has been able to produce a patch, leaving users of both the operating systems exposed to hackers until next month, when the company plans to deliver a fix.
| Severe NTP Vulnerabilities: Security Posted by: comforteagle
From the What time is it? dept.:
Here is a CERT advisory warning of a number of code-execution vulnerabilities in the network time protocol (NTP) implementation. "These vulnerabilities could be exploited remotely. Exploits that target these vulnerabilities are publicly available." Most distributors already have updates available; applying them seems like a good idea.
| PostgreSQL 9.4 Released: Databases Posted by: comforteagle
From the More, Faster dept.:
he PostgreSQL Global Development Group announces the release of PostgreSQL 9.4, the latest version of the world's leading open source database system. This release adds many new features which enhance PostgreSQL's flexibility, scalability and performance for many different types of database users, including improvements to JSON support, replication and index performance.
| Android Wear Updated. Android 5.0 on the Way: Android Posted by: comforteagle
From the Wrist dept.:
Google today has announced a major update to Android Wear, bringing some long-awaited official functionality to its smartwatches — and a host of new features to go along with them.
Oh, and Android 5.0 is coming soon to your watch.
|Friday, November 28|
|·||Star Wars The Force Awakens Trailer #1 Released (0)|
|Tuesday, November 18|
|·||Android 5.0 Lollipop Released (0)|
|Friday, October 24|
|·||Ubuntu 14.10 'Utopic Unicorn' Released With Ambitious Name, But Small Changes (0)|
|Monday, September 29|
|·||Shellshock Patches Not Enough (0)|
|Thursday, September 18|
|·||Software Patents Crumbling, Thanks to the Supreme Court (0)|
|Friday, September 12|
|·||VPN Resources & How to Watch Streaming Video Anywhere in the World (0)|
|Friday, August 29|
|·||PHP 5.6.0 Released (0)|
|Friday, July 25|
|·||Oracle Linux 7 (0)|
|Monday, July 14|
|·||LibreSSL Initial Release (0)|
|Tuesday, July 08|
|·||CentOS 7 Released On X86_64 (0)|
| ||Older Articles|