Security Projects - Page 5.95
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Fwupd 1.8.6 is out as the newest stable release of this open-source firmware updating tool most notably used by Linux systems but also supported on various BSDs and even Windows.
Linux 6.0 comes with many notable hardware support additions and other improvements, here is a reminder of all what is great about this imminent kernel release.
It's been two weeks since the release of LLVM 15.0 and its sub-projects like Clang 15.0 so per their rapid release rhythm, LLVM 15.0.1 is out with the initial batch of fixes.
At the Kernel Maintainers Summit, the question wasn't, "Would Rust make it into Linux?" Instead, it was, "What to do about its compilers?"
A few years ago developers knew eBPF as a handy way to build firewalls yet now it's used everywhere for everything. Get ready for io_uring to do the same.
The GCC compiler and related GNU toolchain infrastructure has long been hosted by Sourceware.org that has been sponsored by Red Hat the past two decades. But now the GNU Toolchain Infrastructure (GTI) project is being established as it works to leverage the Linux Foundation's IT services to provide more robust and secure infrastructure for these critical open-source projects.
Wolfi is a Linux undistro that focuses on resolving security issues with the software supply chain. Explore more here.
Open-source security has been high on the agenda this year, with a number of initiatives, projects, and guidance launched in 2022 to help improve the cyber resiliency of open-source code, software and development.
Following the July disclosure of the Retbleed CPU security vulnerability affecting older processors and an AMD change made in August, here is a fresh look at the performance impact of the Retbleed mitigations on Linux, including if opting for the IBPB-based Retbleed mitigation, and the accumulated CPU security mitigation impact for Zen 2 with the flagship Ryzen 9 3950X processor.
A change queued up as part of the "x86/mm" TIP changes expected to land for Linux 6.1 will now have the default kernel configuration warn at kernel boot time around any W+X mappings that pose a security risk.
SOS.dev initiative will combat software supply chain attacks by encouraging researchers to suggest security improvements to key projects.
'Experimental mitigations' in a custom kernel could make life harder for hackers.
Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows.
Another big ticket feature has made it for the Linux 6.0 kernel: the Runtime Verification infrastructure for running Linux on safety-critical systems.
Emmabuntüs 1.02 is here almost seven months after Emmabuntüs 1.01 and it’s based on the Debian GNU/Linux 11.4 “Bullseye” release that arrived last month with 79 security updates and 81 miscellaneous bug fixes.
Linus Torvalds has announced the release and general availability of the Linux 5.19 kernel series as a major branch that brings more new features, improved hardware support, and lots of bug and security fixes.
Everyone knows the phrase “software is eating the world” by Marc Andreessen from over a decade ago. Software powers and touches nearly every aspect of modern society, both personally and professionally, and is critical to the modern economy and national security.
4,000 Google Titan security keys should help to protect critical Python projects from software supply chain attacks.
If you spent the early days of June fighting kernel panics in Ubuntu 20.04, you were not alone – and we now know why.
A "sched/fair" change for Linux 5.20 aims to enhance the efficiency when searching for an idle CPU under heavy system load. The change led by Intel should improve the kernel's efficiency when the system is overloaded but as with most low-level tuning does run the risk of regressions.