Смотрите также связанные темы
30.04.2008 Chani Armitage (Chani): plasma and the screensaver
so, this summer I’m gonna be putting plasma widgets on the screensaver. oh god, what have I got myself into?! it’s gonna be pretty awesome… it just might take a few rather ugly hacks to get past X weirdness. let’s start by quoting the scenarios from my
19.02.2016 Linux distros aren't updating WebKit, making web browsers and email clients vulnerable
The WebKit rendering engine used in many Linux applications is a complete security mess. That's the takeaway from a blog post by Michael Catanzaro, who works on GNOME's WebKitGTK+ project.
11.07.2016 Multi-screen woes in Plasma 5.7
With Plasma 5.7 we promised improved multi-screen support. While we achieved that, some users are still experiencing issues. This is unfortunate and our users have all the reasons to be disappointed with us. We are working very hard to fix the issues which have been reported to us since the release. But there are many situations where users blame us for issues not under our control. With this blog post I want to describe some of the problems we got reported and explain them. Display hardware key not working In Bug 365147 a user reported that the notebook hardware key does not work. This is rat...
10.03.2008 VMware ESX Server 3.5, Patch ESX350-200802305-SG: Security Update to the OpenSSL Package (1003208)
726 for more information on security best practices. urlz; alertz Symptoms There are no symptoms for this security issue. Deployment Considerations...
10.03.2008 ESX Server 3.5, Patch ESX350-200802415-SG: Security Update to Samba Packages (1003462)
5398), CVE-2007-4572 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4572) Summary This patch provides updates to the Samba package distributed with the service console for ESX Server 3.5.0. The patch addresses...
24.03.2008 John Layt: Easter progress on printng
Well it's Easter, and rather than being somewhere warm or interesting (or both), I'm stuck here in cold and wet London. This is partly due to my own lack of organisation, but also due to some dodgy fraudster types who managed to clone my debit card and withdraw large sums of my cash from an ATM in Tunisia (I haven't even been there!). Ironic really, given the number of banking security projects I've worked on :-) Well the cash has been refunded, I've been waiting two weeks for the replacement card to arrive, and without easy access to cash I'm reluctant to board a plane or train to anywhere, ...
31.03.2008 Best practices for securing virtual networks
Hezi Moore, co-founder and CTO of Reflex Security, has a nice 3-part primer on how to start thinking about your virtual networks as a guest post on VMblog. While Hezi does mention virtual appliances, he avoids turning this into an...
18.11.2015 Screenlocker integration in KWin Wayland
Since last few weeks I was working on the Lockscreen integration with KWin Wayland session, this is most important bit of the Plasma on Wayland session. Currently in X11 lockscreen is managed by ksmserver (KDE’s session manager). It suffers from various security problems which are mentioned on blog post by Martin Gräßlin. This blog post also mentions that in Wayland lockscreen functionality should be moved in kwin_wayland, so that compositor is aware that screen is locked, what windows are owned by greeter, and what should get input events. To provide screenlocker integration i...
30.05.2016 Ещё одна критическая уязвимость в ImageMagick
В ImageMagick и GraphicMagick обнаружена ещё одна уязвимость (CVE-2016-5118), приводящая к выполнению произвольных shell-команд при обработке файлов со специальными именами. Уязвимость заключается в отсутствии проверки имени файлов на наличие недопустимых символов:% rm -f hello.txt
% convert '|echo Hello > hello.txt;' null:
% ls hello.txt
hello.txt
Как и в случае с предыдущей уязвимостью, возможна атака с помощью специально сформированных SVG-файлов (которые позволяют указывать внутри себя ссылки на другие файлы):xlink:href="|echo Hello > hello.txt; cat /usr/lib/firefox/browser/icon...
15.01.2018 AMD чипы уязвимы к обоим вариантам Spectre
В последний четверг (11 JAN 2018) AMD сообщила что ее чипы чувствительны к обоим варинатам Spectre. Днем позже AMD сообщила что риск от одного из них «близок к нулю». А патчи для Ryzen и EPYC исправляющие другой из них будут на этой неделе. Патчи для более старых процессоров обещаны на следующей неделе.Эти новости привели к падению стоимости акций на 4%. amd, bug, security, баг, безопасность
|
