Thank you for subscribing to our Linux Security Week newsletter! In this weekly newsletter, we strive to provide readers with a comprehensive overview of the week’s most relevant open source security news. We want to provide you with the type of content you are interested in, and would love to hear your thoughts on this week's articles.

Today’s newsletter highlights our two most recent feature articles: RavenDB 5.0: A Versatile Open-Source NoSQL Database with an Intense Focus on Security and Securing A Linux Web Server: Preventing Information Leakage. We also examine various topics including the discovery of three malicious npm JavaScript packages opening shells on Linux and Windows systems and Google’s addition of the Wireguard VPN protocol to Android 12’s Linux Kernel 5.4 tree. Happy Monday - and happy reading!

RavenDB 5.0: A Versatile Open-Source NoSQL Database with an Intense Focus on Security - RavenDB is at the forefront of data management innovation - leveraging open-source development and an intense focus on usability to offer efficient, versatile and highly secure database services to business application developers worldwide. The latest release of the open-source NoSQL document database, RavenDB 5.0, accommodates both local and hosted environments, and adds time series support and document compression to its robust feature set.

Securing A Linux Web Server: Preventing Information Leakage - Information leakage is a serious threat to the security of a Linux server, and can result in a host of severe consequences including significant downtime and the compromise of sensitive data. Luckily, server administrators can mitigate the risk of information leakage through a series of configuration changes.

  Linux 5.9: Not a game-changer, but a good, solid Linux kernel (Oct 15)
 

The latest Linux kernel release is certainly not a game-changer, but does offer some notable performance improvements that will make certain groups of users much happier.
  Google and Intel warn of high-severity Bluetooth security bug in Linux (Oct 15)
 

Google and Intel are warning of a high-severity Bluetooth security bug in all but the most recent version of the Linux Kernel - but 'high-severity' doesn't necessarily mean high risk.
  Linux 5.9 Release – Main Changes, Arm, MIPS & RISC-V Architectures (Oct 12)
 

Linus Torvalds has just announced the release of Linux 5.9 on  lkml : "Ok, so Ill be honest " I had hoped for quite a bit fewer changes this last week, but at the same time there doesnt really seem to be anything particularly scary in here. Its just more commits and more lines changed than I would have wished for."
  Google quietly adds revolutionary VPN protocol to next Android OS (Oct 16)
 

Google has added support for Wireguard - a VPN that uses state-of-the-art cryptography to provide users with the highest level of privacy, security and speed - to Android 12's Linux Kernel 5.4 tree.
  How to Secure Your Kubernetes Cluster (Oct 13)
 

Kubernetes is hot in the DevOps space - mainly due to the open-source platform's portability and scalability. However, misconfigurations are the biggest risk for cloud environments"and Kubernetes is no exception. Learn how to secure Kubernetes clusters in this Container Journal tutorial.
  How to install dnscrypt proxy with adblocker on Linux (Oct 14)
 

Learn how to install the dnscrypt proxy application with an adblocker/malware blocker on Linux with WireGuard or OpenVPN in this nixCraft tutorial.
  Three npm packages found opening shells on Linux, Windows systems (Oct 19)
 

Three malicious npm JavaScript packages have been found opening shells on Linux and Windows systems. According to npm staff: "Any computer that has this package installed or running should be considered fully compromised."