Tux Machines

Security Leftovers

Posted by Roy Schestowitz on May 10, 2023

=> Haiku Makes Huge Progress on RISC-V Support and 432-Core Chiplet-Based RISC-V Chip | Rongpin DR4-S905/DR4-A311D SoM features Amlogic S905D3 or A311D processor

WebKitGTK Arbitrary Code Execution, Info Disclosure Bugs Fixed - Update Now

=> ↺ WebKitGTK Arbitrary Code Execution, Info Disclosure Bugs Fixed - Update Now

Several high-severity vulnerabilities have been found in the WebKitGTK web engine, including a use after free issue that may have been actively exploited (CVE-2023-28205).

These bugs could result in the exposure of sensitive information and the execution of arbitrary code.

Chromium 111.0.5563.147 compiled in OE

=> ↺ Chromium 111.0.5563.147 compiled in OE

Compiled Chromium in OpenEmbedded, bumping from 111.0.5563.64. Did an rsync with the EasyOS package repository, uploaded these:

I posted recently about the need to recompile 'p11-kit' (fix for flatpaks): [...]

‘Don’t Copy That Floppy’: The Untold History of Apple II Software Piracy

=> ↺ ‘Don’t Copy That Floppy’: The Untold History of Apple II Software Piracy

A computer historian tells the story of one of the earliest copy protection battles of the personal computer era.

PHP Vuln Threatens Confidentiality of Impacted Systems

=> ↺ PHP Vuln Threatens Confidentiality of Impacted Systems

It was recently discovered that PHP could be made to bypass password checking if a specially crafted input was provided (CVE-2023-0567).

This flaw could possibly allow applications to accept any password as valid, contrary to expectations, potentially leading to the compromise of critical systems and sensitive information.

How to hack a smart fridge [Ed: Nobody needs a fridge that connected to WiFi]

=> ↺ How to hack a smart fridge

Do you know how many internet-connected devices there are inside your home? I certainly don’t.

=> gemini.tuxmachines.org