≡ Menu

security updates

The Flashback Trojan, is a trojan horse affecting personal computer systems running Apple Mac OS X. More than half a million Apple computers have been infected with the Flashback Trojan.
[click to continue…]

Adobe announced that the Flash player for Linux will only be available for Google Chrome browser on Linux and has announced their plans to abandon future updates of Flash player for Linux. From the blog post:

For Flash Player releases after 11.2, the Flash Player browser plugin for Linux will only be available via the "Pepper" API as part of the Google Chrome browser distribution and will no longer be available as a direct download from Adobe. Adobe will continue to provide security updates to non-Pepper distributions of Flash Player 11.2 on Linux for five years from its release.

[click to continue…]

Download CentOS 6 CD / DVD ISO

CentOS Linux version 6 has been released. It is a community-supported operating system based on Red Hat Enterprise Linux (RHEL) version 6. CentOS Linux is considered as the most popular Linux distribution for web servers with almost 30% of all Linux servers using it.
[click to continue…]

Generally, all Linux distributions needs a scheduled reboot once to stay up to date with important kernel security updates. RHN (or other distro vendors) provides Linux kernel security updates. You can apply kernel updates using yum command or apt-get command line options. After each upgrade you need to reboot the server. Ksplice service allows you to skip reboot step and apply hotfixes to kernel without rebooting the server. In this post I will cover a quick installation of Ksplice for RHEL 5.x and try to find out if service is worth every penny.
[click to continue…]

Debian project today released a pair of security updates to plug at least ten security holes in its core called Linux kernel. Several vulnerabilities have been discovered in the Linux kernel that may lead to a denial of service or privilege escalation. This update has been rated as having important security impact.
[click to continue…]

You may be aware that after kernel upgrade and kernel security patching you need to reboot Linux box. Now, there is a new patch called - Ksplice. It provides rebootless Linux kernel security update. It is available under GPL 2 and has been tested on Linux kernel versions from 2.6.8 to the recently released 2.6.25 and on several Linux distributions including Debian, Ubuntu, Red Hat Enterprise Linux and Gentoo Linux.

Ksplice allows system administrators to apply security patches to the Linux kernel without having to reboot. Ksplice takes as input a source code change in unified diff format and the kernel source code to be patched, and it applies the patch to the corresponding running kernel. The running kernel does not need to have been prepared in advance in any way.

To be fully automatic, Ksplice's design is limited to patches that do not introduce semantic changes to data structures, but most Linux kernel security patches don't make these kinds of changes. An evaluation against Linux kernel security patches from May 2005 to December 2007 finds that Ksplice can automatically apply 84% of the 50 significant kernel vulnerabilities from this interval.

Ksplice has been implemented for Linux on the x86-32 and x86-64 architectures.

=> Ksplice: Rebootless Linux kernel security updates (via zdnet)

Now Novell Says Linux Consumer Desktop Too Tough

Finally, both Red Hat and Novell is in total agreement - both of them thinks making money with Linux desktop is hard. According to Ron Hovsepian, CEO, Novell India Engineering:

The market for the desktop for the next three to five years is mainly enterprise-related.

As usual, I recommend Ubuntu Linux for both consumer Desktop and Laptop user:

  • Ubuntu will always be free of charge, including enterprise releases and security updates.
  • Ubuntu comes with full commercial support from Canonical and hundreds of companies around the world.
  • Ubuntu includes the very best translations and accessibility infrastructure that the free software community has to offer.
  • Ubuntu CDs contain only free software applications; we encourage you to use free and open source software, improve it and pass it on.