Thank you for reading our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week's most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.


Today’s newsletter highlights our two most recent feature articles: 21Nails: Multiple Critical Vulnerabilities Discovered in Exim Mail Server - Patch Now! and Protect Your WordPress Sites with CrowdSec. We also examine various topics including support for Apple's popular M1 chip as part of the upcoming Linux kernel 5.13 release, the release LibreOffice 7.1.3 with over 100 bug fixes and various improvements, and the release of KDE Frameworks 5.82 with more than 200 changes, improvements and bug fixes. Happy Monday - and happy reading!

Yours in Open Source,

Brittany Signature 150

LinuxSecurity.com Feature Extras:

21Nails: Multiple Critical Vulnerabilities Discovered in Exim Mail Server - Patch Now! - The Qualys Research Team has discovered multiple critical vulnerabilities in the popular Exim mail server, which they have named 21Nails.  Some of these flaws can be chained together to obtain full remote unauthenticated code execution and gain root privileges. 

Protect Your WordPress Sites with CrowdSec - The CrowdSec team is expanding the capabilities of their open-source and free security solution by finalizing the release of its brand new application bouncer on the WordPress marketplace.

  Linux Kernel 'Linux 5.13' Will Support Apple M1 System-on-Chip | Now Available for Public Testing (May 12)
 

The upcoming Linux kernel 5.13 release will support Apple's popular M1 chip. As of yesterday, the candidate version is available for public testing!
  KDE Frameworks 5.82 Released with More Than 200 Changes (May 10)
 

The KDE Project has released KDE Frameworks 5.82 as the monthly update for May 2021 of their open-source collection of over 80 add-on libraries to Qt that provides various common functionality for KDE apps and the KDE Plasma desktop environment. The release brings over 200 changes, improvements and bug fixes.
  Microsoft brings Threat and Vulnerability Management capability to Linux (May 12)
 

Microsoft is bringing its Threat and Vulnerability Management (TVM) capability to Linux, allowing admins to review recently discovered vulnerabilities within applications and potential misconfigurations across Linux and remediate any affected managed and unmanaged devices. The popular product is in public preview for Linux as of yesterday.
  Using Dynamic Admission Control to Secure Your Kubernetes’ Supply Chain (May 13)
 

Kubernetes adoption is up - and so is the number of security incidents in container and Kubernetes environments. One of the ways that organizations can tackle this issue is by focusing on securing the container supply chain.
  LibreOffice 7.1.3 Office Suite Released with More Than 100 Bug Fixes (May 11)
 

The Document Foundation has announced the general availability of LibreOffice 7.1.3 as the third maintenance update to the latest LibreOffice 7.1 office suite series. This release brings over 100 bug fixes, along with various improvements.
  Protect Your Online Privacy With The Tor Browser Bundle (May 10)
 

For anyone looking to protect their privacy online, Tor is an invaluable tool. It is both one of the most reliable ways to hide your identity and one of the easiest to use on  Linux .
  How to connect Ubuntu Linux Desktop 21.04 to an Active Directory domain (May 14)
 

Canonical has made it easy for admins to join Ubuntu Desktop to Active Directory domains, enabling users to work on a more reliable and secure platform and making Linux desktops a more viable option for businesses. Learn how to connect Ubuntu Linux Desktop 21.04 to an Active Directory domain in this tutorial.
  How to configure firewalld rules in Linux (May 11)
 

Learn how to add, remove, enable, and disable firewalld rules & zones in this guide.
  Bolt-On Security the Linux Way (May 13)
 

Learn how to easily and securely encrypt files on Linux in this tutorial.
  Croc: Securely Transfer Files and Folders Between Computers (May 14)
 

Croc is a  free and open-source   command line tool that enables computers to easily and securely transfer files and folders using code phrases. Learn how to install and use croc in this tutorial.