Tux Machines

Security: Reproducible Builds, Patches, Schneier, and Samba

Posted by Roy Schestowitz on Nov 18, 2022

=> Mageia 9 Alpha 1 Looks Solid, Out For Testing | Free, Libre, and Open Source Software Leftovers

=> ↺ Ionut Arghire

Reproducible Builds (diffoscope): diffoscope 227 released

=> ↺ Reproducible Builds (diffoscope): diffoscope 227 released

The diffoscope maintainers are pleased to announce the release of diffoscope version 227. This version includes the following changes:

Security updates for Friday [LWN.net]

=> ↺ Security updates for Friday [LWN.net]

Security updates have been issued by Debian (asterisk, firefox-esr, php-phpseclib, phpseclib, python-django, and thunderbird), Fedora (grub2, samba, and thunderbird), Mageia (firefox, sudo, systemd, and thunderbird), Slackware (freerdp), SUSE (firefox, go1.18, go1.19, kernel, openvswitch, python-Twisted, systemd, and xen), and Ubuntu (expat, git, multipath-tools, unbound, and webkit2gtk).

Successful Hack of Time-Triggered Ethernet

=> ↺ Successful Hack of Time-Triggered Ethernet

Time-triggered Ethernet (TTE) is used in spacecraft, basically to use the same hardware to process traffic with different timing and criticality.

First Review of A Hacker’s Mind

=> ↺ First Review of A Hacker’s Mind

I got a starred review. Libraries make decisions on what to buy based on starred reviews. Publications make decisions about what to review based on starred reviews. This is a big deal.

Samba Patches Vulnerability That Can Lead to DoS, Remote Code Execution | SecurityWeek.Com

=> ↺ Samba Patches Vulnerability That Can Lead to DoS, Remote Code Execution | SecurityWeek.Com

Samba this week released patches for an integer overflow vulnerability that could potentially lead to arbitrary code execution.

An open source Server Message Block (SMB) implementation for Linux and Unix systems, Samba can be used as an Active Directory Domain Controller (AD DC).

Tracked as CVE-2022-42898 and impacting multiple Samba releases, the newly addressed security defect exists in the Service for User to Proxy (S4U2proxy) handler, which provides “a service that obtains a service ticket to another service on behalf of a user.”

Also referred to as ‘constrained delegation’, the feature relies on request and response messages from the Kerberos ticket-granting service (TGS) exchange. Heimdal and MIT Kerberos libraries in Samba ensure Kerberos support and implement the Key Distribution Center (KDC).

=> gemini.tuxmachines.org