The deluge of software vulnerabilities creates challenges for system administrators, developers, and users. Although many vulnerabilities are corner cases that are often difficult to exploit and have limited effects, there are the occasional vulnerabilities that become front page news. Many… Continue Reading →
WordPress 4.2.4 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. This release addresses six issues, including three cross-site scripting vulnerabilities and a potential SQL injection that could be used to compromise a site, which were discovered by Marc-Alexandre Montpas of Sucuri, Helen Hou-Sandí […]
WordPress 4.2.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately. A few hours ago, the WordPress team was made aware of a cross-site scripting vulnerability, which could enable commenters to compromise a site. The vulnerability was discovered by Jouko Pynnönen. […]
WordPress 4.1.2 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.1.1 and earlier are affected by a critical cross-site scripting vulnerability, which could enable anonymous users to compromise a site. This was reported by Cedric Van Bockhaven and fixed by […]
It’s been a great run, but all good things must end. Or at least, upgrade to a greater thing. Since Mageia 3 was released in May 2013 our packaging and security teams have provided hundreds of updates (actually 1136 source packages … Continue reading →
The new full-disk encryption feature that’s enabled by default in Android 5.0 Lollipop comes at a hefty price in terms of performance, according to a recent benchmark report.
WordPress 4.0.1 is now available. This is a critical security release for all previous versions and we strongly encourage you to update your sites immediately. Sites that support automatic background updates will be updated to WordPress 4.0.1 within the next few hours. If you are still on WordPress 3.9.2, 3.8.4, or 3.7.4, you will be […]
As you all know, we can’t maintain Mageia releases forever. And it’s time to say goodbye to Mageia 3. After Wednesday the 26th of November, this release won’t benefit from any more security or bugfix updates. This will allow QA … Continue reading →
ownCloud developer Lukas Reschke has sent an email to the Ubuntu Devel mailing list, requesting that ownCloud (server) is removed from the Ubuntu repositories because the package is old and there are multiple critical security bugs for which no fixes have been backported. He adds that:”Those security bugs allows an unauthenticated attacker to gain complete […]
Secure OpenVPN with two-factor authentication from WiKID.
How to whitelist an IP in Fail2ban on Debian Wheezy
How To Protect Your Web Server With Sophos UTM
WordPress 3.9.2 is now available as a security release for all previous versions. We strongly encourage you to update your sites immediately. This release fixes a possible denial of service issue in PHP’s XML processing, reported by Nir Goldshlager of the Salesforce.com Product Security Team. It was fixed by Michael Adams and Andrew Nacin of the WordPress […]
Manage Yubikeys for LUKS encryption with privacyIDEA
An Android vulnerability that exists in every version from v2.1 Eclair to v. 4.3 Jelly Bean could expose millions of users, Bluebox Security has warned. The flaw lets attackers fake the certificates of specially privileged parties, such as Adobe and Google Wallet, and serve them up with malware that bypasses detection by Android. Attackers then can take over every app running on an Android device.
Hybrid RAID 1 (Mirror) of RAM drive & SATA HDD Using LVM with LUKS [and systemd unit file] on Fedora Linux
Securing SSH On Centos 7 With WiKID Two-Factor Authentication
Two factor authentication with Yubikey for harddisk encryption with LUKS
Securing X2Go On Ubuntu Precise With WiKID Two-Factor Authentication
Manage two factor authentication in your serverfarm with privacyIDEA easily