Updated packages that resolve CVE-2014-6271 and CVE-2014-7169 (collectively known as “Shellshock”) have now been built for Fedora 19, 20 and 21 Alpha. These packages still need to make their way through the package release system and to the mirrors, but they should be available through the regular update channels shortly.
It is easy to see why new users get so frustrated with open source OSes. It should work out of the box with minimal hassle, so let's take the hard part out of it for them.
In today's Android roundup: Google could release Android L on November 1st. Plus: A guide on how to switch from iOS to Android, and how to repair a bent iPhone 6 Plus.
The vulnerability reported in the GNU Bourne Again Shell (Bash) yesterday, dubbed "Shellshock," may already have been exploited in the wild to take over Web servers as part of a botnet. More security experts are now weighing in on the severity of the bug, expressing fears that it could be used for an Internet "worm" to exploit large numbers of public Web servers. And the initial fix for the issue still left Bash vulnerable to attack, according to a new US CERT National Vulnerability Database entry. A second vulnerability in Bash allows for an attacker to overwrite files on the targeted system.
A parsing flaw related to functions and environments in Bash could allow attackers to inject code. The unaffected packages listed in GLSA 201409-09 had an incomplete fix.
After a series of clashes with Google, Europe's data privacy watchdogs have drawn up a list of measures they'd like to see the search giant implement.
One night earlier this year, while playing around with a new anonymous-sharing app called Secret, Benjamin Caudill was gripped by a familiar sensation: This thing is not secure.
If you are wondering how to deploy the OpenStack cloud and Trove, the database as a service on OpenStack in production, take a look at this video which goes into great detail about both.
When Red Hat declared they were going all in on the cloud and OpenStack this week, they effectively announced the end of the client-server era as the dominant computing paradigm inside organizations. Enterprise Linux and client-server aren't going away tomorrow of course, but it's fair to say the torch has been passed.
We just wrote about an audio equipment manufacturer trying to argue that it was criminal for someone to resell their products. While this was obviously crazy, never underestimate the lengths that some companies will go through these days to try to block people from selling products they (thought they had) legally bought. And guess what tool they're using to block you from actually owning the products you bought? Why copyright, of course. It's yet another example of how copyright is often used to block property rights rather than to create them.
Mod_Security is free and open source web application firewall for Apache and Nginx. It is very useful for protecting your web server from various attacks by blocking most of the known exploits using regular expressions and rule sets. Mod_security can detect attacks by monitoring and analyzing the HTTP traffic in real time.
The Blackwell series cemented Wadjet Eye Games' position as one of the most beloved modern developers of classic point-and-click adventures. Today the first three games will be available for purchase on Linux.
Toradex is adding a Freescale i.MX6-based model to its SODIMM-style Colibri family, with up 4GB eMMC flash, industrial temperature range, and Linux support. The “Colibri i.MX6? computer-on-module follows the same 67.6 x 36.77mm, SODIMM-style form-factor as earlier Colibri COMs like the Freescale Vybrid VF6xx based Colibri VF61. Toradex has already supported the Freescale i.MX6 on its larger Apalis iMX6 computer-on-module format.
In this guide we will show you how install HumHub on an Ubuntu VPS with Nginx and MariaDB. HumHub is a flexible open source social network application written in PHP on top of the Yii framework. HumHub has a bunch of great features such sharing documents and files, responsive design, user spaces, activity stream and many more.
A new documentary about the life of Aaron Swartz was released in June this year. It recounts the story of one of the most impactful young talents of the Internet age, and the tragic saga of his quest to make the world a better place.
DevAssistant automates the process of setting up development environments for a few of the most popular programming languages and development frameworks.
Just days after reports surfaced that the iPhone 6 Plus aluminum is susceptible to bending, the folks at Blendtec are performing their classic blender test on the new product. They pit the Apple phablet against Samsung's Galaxy Note 3 (a fair match, we'd say) to see which would incur less overall damage.
We often find ourselves running applications we received in binary format. These include not only traditional software installed on our computers, but also unauthenticated programs received over the network and run in web browsers. Most of the time these applications are too complex to be bug-free, or can come from an adversary trying to get access to our system. Firejail is a sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications.
Oracle appears to have had little luck finding takers for its enterprise distro since first releasing it in 2006. The release came about as an apparent move to punish Red Hat for its acquisition of open-source middleware provider JBoss, which Oracle saw as a move into its territory by a company it had considered as something of a partner. In other words, Oracle Linux, essentially a slightly modified clone of RHEL, began life as one side of a tit for tat - as Oracle's way of saying, "Two can play at that game, buster."
Have you ever been in the situation where you are running the same command over and over again for multiple files? If so, you know how tedious and inefficient this can feel. The good news is that there is an easier way, made possible through the xargs command in Unix-based operating systems. With this command […]Continue reading...