Thank you for subscribing to our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week’s most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: Apache SpamAssassin Leads A Growing List of Open-Source Projects Taking Steps to Correct Instances of Racism and White Privilege and Top Tips for Securing Your Linux System in 2020. We also examine various topics including a bluetooth reconnection flaw leaving users vulnerable to spoofing attacks, the release of Claws Mails version 3.17.6 with Phishing URL Warning and additional privacy options and the Zephyr Project - an initiative that aims to build an open-source RTOS for the IoT. Happy Monday - and happy reading!

Apache SpamAssassin Leads A Growing List of Open-Source Projects Taking Steps to Correct Instances of Racism and White Privilege - Over the past few weeks, a heated debate has arisen on the Apache SpamAssassin users list regarding the replacement of racially charged terms like whitelist and blacklist used in the  Apache Spamassassin Project s code with more inclusive language. Certain community members have been very supportive of Apache SpamAssassins efforts to remove racially insensitive language from the project, while others have loudly voiced their disapproval.

Top Tips for Securing Your Linux System in 2020 - Linux servers are at greater risk than ever. While only a few years ago Linux users could count themselves as the lucky few who didnt have to worry about malware and computer viruses, this era has unfortunately come to an end . Attackers now view Linux servers as a viable target that often provides a valuable return on investment. In March of 2018, 15,762 new Linux malware variants were developed - a significant increase from the 4,706 new variants developed in March of 2017 .

  The next generation of the Purism Linux laptop is on its way (Jul 14)
 

Are you looking for a free software and security first Linux desktop? If so, keep an eye out for Purism's forthcoming Librem 14 laptop.
  Rust programming language: Crates package API tokens revoked over serious security flaw (Jul 15)
 

The project behind the Rust programming language has revoked all API keys from its  crates.io  package web app. These API keys were not randomly generated and were being stored in plain text.
  Report: Most Popular Home Routers Have ‘Critical’ Flaws (Jul 13)
 

A new report reveals that common home routers from Netgear, Linksys, D-Link and other vendors contain serious security vulnerabilities that even updates dont fix. While Linux can be a very secure OS in theory, researchers have found that many of these vulnerable routers are powered by very old versions of Linux that lack support and are riddled with security issues as a result.
  Linux kernel will no longer use terms ‘blacklist’ and ‘slave’ (Jul 13)
 

As part of a growing effort in the open-source community to eliminate racially charged language from community projects, the Linux kernel will no longer use the terms 'blacklist' and 'slave'.
  Programming languages: Now Rust project looks for a way into the Linux kernel (Jul 14)
 

Have you heard that Linus Torvalds has given the Rust programming language a nod of approval, confirming that the language will be adapted for use in the Linux kernel?
  Claws Mail 3.17.6 Released with Phishing URL Warning, More Privacy Options (Jul 16)
 

Looking for a lightweight, open-source email client? If so, you'll want to familiarize yourself with  Claws Mail version 3.17.6, which features a new phishing URL warning and added privacy options.
  Real-Time All the Time: The Zephyr Project Secures Security (Jul 17)
 

Have you heard about the growing  Zephyr Project , hosted by the Linux Foundation, that aims to build an open-source real-time operating system (RTOS) for the IoT? The project was recently evaluated by the NCC Group, and  was deemed "a mature and highly active project with increasing market share".
  Bluetooth Reconnection Flaw Could Lead to Spoofing Attacks (Jul 20)
 

Purdue University security researchers recently discovered a vulnerability affecting  IoT devices  running Bluetooth which could lead to spoofing attacks. The vulnerability has a broad impact on mainstream platforms that support BLE communications, including Linux, Android and iOS.