REF: https://blog.cloudflare.com/unimog-cloudflares-edge-load-balancer/
REF: https://blog.cloudflare.com/unimog-cloudflares-edge-load-balancer/
---------- Forwarded message ---------
From: Steve Beattie <steve.beattie@canonical.com>
Date: Sep 8, 2020 4:16PM
Or Cohen discovered that the AF_PACKET implementation in the Linux
kernel did not properly perform bounds checking in some situations. A
local attacker could use this to cause a denial of service (system
crash) or possibly execute arbitrary code.
References:
https://usn.ubuntu.com/4489-1
CVE-2020-14386
|
---------- Forwarded message ---------
From: Steve Beattie <steve.beattie@canonical.com>
Date: Sep 2, 2020 12:11PM
Timothy Michaud discovered that the i915 graphics driver in the Linux
kernel did not properly validate user memory locations for the
i915_gem_execbuffer2_ioctl. A local attacker could possibly use this to
cause a denial of service or execute arbitrary code. (CVE-2018-20669)
It was discovered that the Kvaser CAN/USB driver in the Linux kernel did
not properly initialize memory in certain situations. A local attacker
could possibly use this to expose sensitive information (kernel memory).
(CVE-2019-19947)
Chuhong Yuan discovered that go7007 USB audio device driver in the Linux
kernel did not properly deallocate memory in some failure conditions. A
physically proximate attacker could use this to cause a denial of service
(memory exhaustion). (CVE-2019-20810)
It was discovered that the elf handling code in the Linux kernel did not
initialize memory before using it in certain situations. A local attacker
could use this to possibly expose sensitive information (kernel memory).
(CVE-2020-10732)
It was discovered that the Linux kernel did not correctly apply Speculative
Store Bypass Disable (SSBD) mitigations in certain situations. A local
attacker could possibly use this to expose sensitive information.
(CVE-2020-10766)
It was discovered that the Linux kernel did not correctly apply Indirect
Branch Predictor Barrier (IBPB) mitigations in certain situations. A local
attacker could possibly use this to expose sensitive information.
(CVE-2020-10767)
It was discovered that the Linux kernel could incorrectly enable Indirect
Branch Speculation after it has been disabled for a process via a prctl()
call. A local attacker could possibly use this to expose sensitive
information. (CVE-2020-10768)
Luca Bruno discovered that the zram module in the Linux kernel did not
properly restrict unprivileged users from accessing the hot_add sysfs file.
A local attacker could use this to cause a denial of service (memory
exhaustion). (CVE-2020-10781)
It was discovered that the XFS file system implementation in the Linux
kernel did not properly validate meta data in some circumstances. An
attacker could use this to construct a malicious XFS image that, when
mounted, could cause a denial of service. (CVE-2020-12655)
It was discovered that the bcache subsystem in the Linux kernel did not
properly release a lock in some error conditions. A local attacker could
possibly use this to cause a denial of service. (CVE-2020-12771)
It was discovered that the Virtual Terminal keyboard driver in the Linux
kernel contained an integer overflow. A local attacker could possibly use
this to have an unspecified impact. (CVE-2020-13974)
Kyungtae Kim discovered that the USB testing driver in the Linux kernel did
not properly deallocate memory on disconnect events. A physically proximate
attacker could use this to cause a denial of service (memory exhaustion).
(CVE-2020-15393)
It was discovered that the NFS server implementation in the Linux kernel
did not properly honor umask settings when setting permissions while
creating file system objects if the underlying file system did not support
ACLs. An attacker could possibly use this to expose sensitive information
or violate system integrity. (CVE-2020-24394)
It was discovered that the Kerberos SUNRPC GSS implementation in the Linux
kernel did not properly deallocate memory on module unload. A local
privileged attacker could possibly use this to cause a denial of service
(memory exhaustion). (CVE-2020-12656)
References:
https://usn.ubuntu.com/4485-1
CVE-2018-20669, CVE-2019-19947, CVE-2019-20810, CVE-2020-10732,
CVE-2020-10766, CVE-2020-10767, CVE-2020-10768, CVE-2020-10781,
CVE-2020-12655, CVE-2020-12656, CVE-2020-12771, CVE-2020-13974,
CVE-2020-15393, CVE-2020-24394
REF: https://blog.cloudflare.com/two-clicks-to-enable-regional-zero-trust-compliance/
---------- Forwarded message ---------
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Date: Sep 1, 2020 10:31PM
It was discovered that FreeRDP incorrectly handled certain memory
operations. A remote attacker could use this issue to cause FreeRDP to
crash, resulting in a denial of service, or possibly execute arbitrary
code.
References:
https://usn.ubuntu.com/4481-1
CVE-2020-11095, CVE-2020-11096, CVE-2020-11097, CVE-2020-11098,
CVE-2020-11099, CVE-2020-15103, CVE-2020-4030, CVE-2020-4031,
CVE-2020-4032, CVE-2020-4033
---------- Forwarded message ---------
From: Marc Deslauriers <marc.deslauriers@canonical.com>
Date: Aug 28, 2020 2:17AM
Amit Klein discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
smuggling attack, resulting in cache poisoning. (CVE-2020-15810)
Régis Leroy discovered that Squid incorrectly validated certain data. A
remote attacker could possibly use this issue to perform an HTTP request
splitting attack, resulting in cache poisoning. (CVE-2020-15811)
Lubos Uhliarik discovered that Squid incorrectly handled certain Cache
Digest response messages sent by trusted peers. A remote attacker could
possibly use this issue to cause Squid to consume resources, resulting in a
denial of service. (CVE-2020-24606)
References:
https://usn.ubuntu.com/4477-1
CVE-2020-15810, CVE-2020-15811, CVE-2020-24606
---------- Forwarded message ---------
From: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Date: Aug 28, 2020 1:49AM
It was discovered that NSS incorrectly handled some inputs.
An attacker could possibly use this issue to expose sensitive information.
References:
https://usn.ubuntu.com/4476-1
CVE-2020-12403
What if we told you that with your Plex Pass, plus an antenna and tuner you can watch and record local shows, news, and sports? And, what if we told you that as of this month you can also skip commercials (without getting rid of them) for all the stuff you record? Looks like we just did. |
The newest member of the TriCaster family, TriCaster® 2 Elite, has the tools you already use and love, plus now offers you integration with Zoom, Skype, Microsoft® Teams, Discord, Slack and Tencent – so you can continue to reach your customers and engage with new audiences. This new feature is called Live Call Connect.
REF: https://www.newtek.com/tricaster/2-elite/
REF: https://blog.cloudflare.com/analysis-of-todays-centurylink-level-3-outage/
---------- Forwarded message ---------
From: Leonidas S. Barbosa <leo.barbosa@canonical.com>
Date: Aug 27, 2020 9:59PM
It was discovered that Chrony incorrectly handled certain symbolic links.
An attacker could possibly use this issue to cause a denial of service or
expose sensitive information.
References:
https://usn.ubuntu.com/4475-1
CVE-2020-14367
Ready, set… hut, hut, stream!
Football kicks off tonight as Houston takes on Kansas City. See how to catch the game and the rest of the action this season.
---------- Forwarded message ---------
From: Chris Coulson <chris.coulson@canonical.com>
Date: Aug 27, 2020 3:03AM
Multiple security issues were discovered in Firefox. If a user were
tricked in to opening a specially crafted website, an attacker could
potentially exploit these to cause a denial of service, trick the user
in to installing a malicious extension, spoof the URL bar, leak sensitive
information between origins, or execute arbitrary code. (CVE-2020-15664,
CVE-2020-15665, CVE-2020-15666, CVE-2020-15670)
It was discovered that NSS incorrectly handled certain signatures.
An attacker could possibly use this issue to expose sensitive information.
(CVE-2020-12400, CVE-2020-12401, CVE-2020-6829)
A data race was discovered when importing certificate information in to
the trust store. An attacker could potentially exploit this to cause an
unspecified impact. (CVE-2020-15668)
References:
https://usn.ubuntu.com/4474-1
CVE-2020-12400, CVE-2020-12401, CVE-2020-15664, CVE-2020-15665,
CVE-2020-15666, CVE-2020-15668, CVE-2020-15670, CVE-2020-6829
REF: https://blog.cloudflare.com/what-happens-when-the-whole-world-goes-remote-not-to-worry-we-were-built-for-this/
---------- Forwarded message ---------
From: Samuli Seppänen <samuli@openvpn.net>
Date: Sat, Sep 12, 2020 at 1:20 AM
OpenVPN 2.5 is a new major release with many new features:
100 new titles on Hulu in September
Check out our list of all the new titles arriving on Hulu, including Woke, Trolls World Tour, Because I Said So, Madagascar: A Little Wild, The Addams Family, and more.
it adds Mpeg2 UDP output for SD, HD720p and HD1080i modes.
H264 UDP works for the all video modes :
SD / HD 720p / HD1080i / HD 1080p / 4K ( from 23.98 to 60 fps )
REF: https://www.magicsoft.tv
REF: https://blog.cloudflare.com/asynchronous-htmlrewriter-for-cloudflare-workers/
Ever need to pull information from multiple websites, generate dummy data, blur image details or create a set of thumbnails? If you've had to do any of these kinds of menial tasks more than once, you should be automating it. |
What’s arriving this month on Netflix
Watch Millie Bobby Brown and Henry Cavill star in the new Enola Holmes series, or catch Robert Pattinson in the original thriller The Devil All the Time. See our guide to Netflix in September.
---------- Forwarded message ---------
From: Checkmk Announcements <checkmk-announce@lists.mathias-kettner.de>
Date: Fri, Aug 21, 2020 at 3:52 AM
This maintenance release ships with 29 changes affecing all editions of Checkmk,
1 Enterprise Edition specific changes and 1 Managed Services Edition specific changes.
WATO:
* 11030 FIX: Service Discovery: Skip not existing checks
* 11027 FIX: LDAP: Validate usage of suffix
* 11024 FIX: Analyze configuration: Avoid crash on timeout when contacting remote sites
User interface:
* 10750 FIX: Reduce long waiting times for some users when loading sites
* 11035 FIX: Fixed pnp4nagios graphs on systems with php-7.4
* 11191 FIX: Fixed misleading snmp error message
HW/SW inventory:
* 10987 FIX: HW/SW Inventory Service: Fix "State when inventory fails"
Event console:
* 11029 FIX: Prevent duplicated rule packs when updating mkp
Core & setup:
* 11263 SEC: Fix piggyback path traversal
NOTE: Please refer to the migration notes!
* 10620 FIX: Fix parsing of invalid state history files
* 10621 FIX: Fix bug where scheduler would become inactive
Checks & agents:
* 10497 FIX: solaris_services: Fixed discovery of services if output additionally contains time information
* 10633 FIX: skype: fixed magnitude of latency value
* 10835 FIX: mssql_counters.cache_hits: Services go stale if no data is sent from agent
* 10997 FIX: mk_postgres: Fixed query "Last vaccum"
* 11228 FIX: hp_proliant_temp: Do not discover temperature sensors if temperature could not be determined
* 11226 FIX: hitachi_hus_dku: Fixed informational text about component: "Processor" -> "Power Supply"
* 10996 FIX: f5_bigip_vserver: Fixed scaling of connections duration min/max/mean
* 10073 FIX: f5_bigip_vserver: Fixed ValueError while ip parsing
NOTE: Please refer to the migration notes!
* 10994 FIX: f5_bigip_mem: Discover only if memory total and used values are available
* 10998 FIX: df.include: Fix discovery of empty filesystem groups
* 10817 FIX: check_dns: Act case-insensitive
* 10692 FIX: Windows Agent supports UNC-like paths in section fileinfo
* 10984 FIX: Show upper levels in bandwidth graph
* 10988 FIX: Periodic service discovery: Fix not working "rediscovery scheduled" on clusters
* 10831 FIX: HW/SW Inventory: Unsorted branches may pollute inventory archive
* 11028 FIX: Fixed plugins README
* 10840 FIX: Fix evaluation of time specific parameters if default parameters are tuple based
* 10992 FIX: Check_MK Service: Fix "'ascii' codec can't decode byte" while collecting service results
You can download Checkmk from our download page:
* https://checkmk.com/download.php
New in September on The Roku Channel
Check out this month’s new arrivals like Con Air, Time Traveler's Wife, and Dumb & Dumber: When Harry Met Lloyd—all streaming free.
From August 23rd by Sidney Fussell
Not controlling the software you run on your smart device gives new meaning to the phrase "everything you say can be used against you." In this article, we learn about the frightening upswing in use of these devices in police investigations. Remember, if you don't control your devices, they can be used to control you, and the smartest thing you can do with "smart" devices is avoid them!
REF: https://www.wired.com/story/star-witness-your-smart-speaker/
REF: https://blog.cloudflare.com/rendering-react-on-the-edge-with-flareact-and-cloudflare-workers/
---------- Forwarded message ---------
From: Laura Arjona Reina <larjona@debian.org>
Date: Aug 30, 2020 8:27AM
On Saturday 29 August 2020, the annual Debian Developers and
Contributors Conference came to a close.
DebConf20 has been held online for the first time, due to the
coronavirus (COVID-19) disease pandemic.
All of the sessions have been streamed, with a variety of ways of
participating: via IRC messaging, online collaborative text documents,
and video conferencing meeting rooms.
With more than 850 attendees from 80 different countries and a total of
over 100 event talks, discussion sessions, Birds of a Feather (BoF)
gatherings and other activities, DebConf20 [1] was a large success.
REF: https://debconf20.debconf.org
Super-charged streaming
Save $20 on our most powerful and feature-packed streaming player. From fast channel launch and personal shortcut buttons to private listening and lost remote finder, Roku Ultra has all the bells and whistles.
ActivePython 3.8.2 Community Edition is now available for download from the ActiveState Platform. Python 3.8 offers a number of minor improvements including the walrus operator (:=), which assigns values to variables as part of a larger expression.
Python 2.7 Security Fix
If you’re still using Python 2, you might be aware that urllib3 was recently found to have a critical vulnerability. For our enterprise users, we’ve released ActivePython 2.7.18.1 to address this issue. Learn more about our Python 2 support offering.
Get caught up on all the latest ActiveState Platform updates.