In case you missed it: Linux and FreeBSD are vulnerable to several TCP-based attacks.
– CVE-2019-11477: Linux kernels 2.6.29 and above
– CVE-2019-11478: Linux kernels before 4.15
– CVE-2019-5599: FreeBSD 12 with RACK
– CVE-2019-11479: all Linux kernels so far
Check if your systems already provide security updates and update ASAP.
Mozilla releases another unscheduled update for high-rated security vulnerability in Firefox :
– attackers can escape the sandbox of Firefox/Firefox ESR using Prompt:Open
– update to FF 67.0.4 and/or FF ESR 60.7.2
– attackers could execute arbitrary code on the user's computer if combined with other vulnerabilities
Love this. Very much in the spirit of what we’re working on.
The Chinese government appears to have launched a major new internet crackdown, blocking the country’s citizens from accessing The Intercept’s website other Western news organizations. https://theintercept.com/2019/06/07/china-bans-the-intercept-and-other-news-sites-in-censorship-black-friday/
VLC media player 3.0.7 released, containing mainly fixes for security vulnerabilities discovered due to the EU-FOSSA program.
– over 40 security vulnerabilities were fixed
– detailed report: http://www.jbkempf.com/blog/post/2019/VLC-3.0.7-and-security
Looks like Sign In with Apple is going to be mandatory for many apps. That's one way to get adoption.
2019: "Our incredibly fragile tools only work with one micromanaged theme nobody likes. Please take systems integration advice from webshit design nerds because branding"
- via @[email protected]
Cat Mom. They/Him. Slowly figuring out the world. Self-taught infosec and dev.
mstdn.io is one of the instance in the fediverse. We're an open-minded generalistic instance. Learn more here!