Skip to comments.
Major security flaw threatens Linux users
Network World ^
| 4 March 2014
| Jon Gold
Posted on 03/05/2014 10:20:50 AM PST by ShadowAce
click here to read article
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-57 last
To: ShadowAce
So...what package would a Mint 15 or 16 user install? An Ubuntu patch?
41
posted on
03/05/2014 11:49:13 AM PST
by
Bloody Sam Roberts
(Truth sounds like hate...to those who hate truth.)
To: Bloody Sam Roberts
I would think that Ubuntu (like Fedora) already has a patch in the repositories--or at least in the pipeline. Fedora's version is in the updates-testing repository, so it should arrive in mainstream fairly soon.
Look for a package by the name of gnutls or similar.
42
posted on
03/05/2014 11:52:10 AM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: CodeToad
Sweet! Thanks for that. You're quite welcome.
I work in the DO-178C arena and know what it takes to build bug-free, safety critical systems. It isnt easy because it is old school where most programmers just want to code.
Tell me about it — in my last job I was doing the backend of a system dealing with medical/insurance records (in PHP) and wrote an importation module that took a CSV file as input, I would not be surprised if that module is not the best commented in that company's code-base. Anyway, after everything was up and running we pushed it over to the production machine where it promptly failed. Turns out that the dev machine had a newer version of PHP, which had a CSV-parsing function, and the production machine did not. So I wrote my own CSV-parsing function pushed that to production and everything worked great.
Talking with the other main dev on that project about it later I got the response "Why not just use string-split? Done." … This data being things like names (Last, First), Addresses, lists... IOW, a non-parsing method would be (and is) wholly inadequate for all but the most trivial CSV-files. *sigh*
43
posted on
03/05/2014 11:58:27 AM PST
by
OneWingedShark
(Q: Why am I here? A: To do Justly, to love mercy, and to walk humbly with my God.)
To: GeronL
This update was patched last week. I updated a bunch of my Ubuntu 12.04 servers over the weekend, and this patch was in it.
Hooray for open source and community awareness!
44
posted on
03/05/2014 12:14:06 PM PST
by
rarestia
(It's time to water the Tree of Liberty.)
To: Dr. Bogus Pachysandra
45
posted on
03/05/2014 12:20:54 PM PST
by
Bloody Sam Roberts
(Truth sounds like hate...to those who hate truth.)
To: rarestia
46
posted on
03/05/2014 12:24:40 PM PST
by
GeronL
(Vote for Conservatives not for Republicans!)
To: Bloody Sam Roberts
lol
That 5th dimension trickster always shows up unexpectedly!
47
posted on
03/05/2014 12:26:25 PM PST
by
GeronL
(Vote for Conservatives not for Republicans!)
To: Billthedrill
The bad news is that you cant download it unless you can spell Mavrogiannopolous. Funny lol. Oddly, I didn't get this update for SUSE last night. Will have to check which actual packages are involved. Called GnuTLS?
48
posted on
03/05/2014 12:30:46 PM PST
by
steve86
(Some things aren't really true but you wouldn't be half surprised if they were.)
To: wonkowasright
49
posted on
03/05/2014 12:38:25 PM PST
by
dhs12345
To: GeronL
50
posted on
03/05/2014 12:40:36 PM PST
by
dhs12345
To: Mastador1
51
posted on
03/05/2014 12:41:45 PM PST
by
dhs12345
To: Dead Corpse
Nor am I implying that, only that ALL software is vulnerable and as people get bored with attacking MS they will move on to the next popular targets which are Apple and Linux.
52
posted on
03/05/2014 12:54:08 PM PST
by
Mastador1
(I'll take a bad dog over a good politician any day!)
To: ShadowAce
I just checked the Fedora repos. From the description it looks like the 'keyutils' and 'keyutils-libs' are what are affected.
yum -y update
Pretty simple. :-)
53
posted on
03/05/2014 5:55:15 PM PST
by
zeugma
(Is it evil of me to teach my bird to say "here kitty, kitty"?)
To: dhs12345
This is the first time I have heard of an issue with Linux in 3 years. I am not current on the techie stuff, though. There's stuff often enough, that it's a good idea to keep your system fully patched. Fortunately, you don't see a lot of stuff like the viruses seen in the Windows world. The vast majority of security-related issues that come up are local exploits that you don't really have to worry about as long as you trust yourself from hacking your own computer.
No operating system is perfect, which is why responsible computer users keep themselves reasonably updated, and keep their attack surface as shallow as it can be.
54
posted on
03/05/2014 6:00:35 PM PST
by
zeugma
(Is it evil of me to teach my bird to say "here kitty, kitty"?)
To: bigtoona
The worst thing about getting a virus on Linux or Apple is the fact that neither one of them has their act together with regard to fixing and distributing the hotfixes to end users. hahahaahahahahahahahahahahahahaha
wow. it's amazing how woefully uninformed some folks are.
"sudo yum -y update" is so incredibly difficult to do to get all of your software as up to date as it can be. Microsoft is still crap for updating because everything is so decentralized. Yeah, you can get Microsoft updates from one place, but the vast majority of everything else you need to actually do anything beyond playing solitaire have to be updated separately.
55
posted on
03/05/2014 6:05:08 PM PST
by
zeugma
(Is it evil of me to teach my bird to say "here kitty, kitty"?)
To: zeugma
wow. it's amazing how woefully uninformed some folks are. Yeah--when I first saw that, I just shook my head. People are so willing to make pronouncements on things they know nothing about.
56
posted on
03/06/2014 4:50:29 AM PST
by
ShadowAce
(Linux -- The Ultimate Windows Service Pack)
To: zeugma
Ya. I have been taking a risk because I am running. Ubuntu 10 which is no longer LTS. I don't like the unified interface.
57
posted on
03/06/2014 10:00:49 AM PST
by
dhs12345
Navigation: use the links below to view more comments.
first previous 1-20, 21-40, 41-57 last
Disclaimer:
Opinions posted on Free Republic are those of the individual
posters and do not necessarily represent the opinion of Free Republic or its
management. All materials posted herein are protected by copyright law and the
exemption for fair use of copyrighted works.
FreeRepublic.com is powered by software copyright 2000-2008 John Robinson