Security Projects - Page 7 - Results from #120

Discover Security Projects News

Following Retbleed, The Combined CPU Security Mitigation Impact For AMD Zen 2 / Ryzen 9 3950X

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Following the July disclosure of the Retbleed CPU security vulnerability affecting older processors and an AMD change made in August, here is a fresh look at the performance impact of the Retbleed mitigations on Linux, including if opting for the IBPB-based Retbleed mitigation, and the accumulated CPU security mitigation impact for Zen 2 with the flagship Ryzen 9 3950X processor.

LinuxSecurity.com Team
Sep 11, 2022

Linux 6.1 Default Kernel Config To Warn At Boot Of W+X Mappings

A change queued up as part of the "x86/mm" TIP changes expected to land for Linux 6.1 will now have the default kernel configuration warn at kernel boot time around any W+X mappings that pose a security risk.

LinuxSecurity.com Team
Sep 11, 2022

Secure Open Source Rewards Program Launched to Help Protect Critical Upstream Software

SOS.dev initiative will combat software supply chain attacks by encouraging researchers to suggest security improvements to key projects.

LinuxSecurity.com Team
Aug 19, 2022

Google Wants to Make Linux Kernel Flaws Harder to Exploit

'Experimental mitigations' in a custom kernel could make life harder for hackers.

LinuxSecurity.com Team
Aug 12, 2022

GitHub Dependabot Now Alerts Developers On Vulnerable GitHub Actions

Cloud-based code hosting platform GitHub has announced that it will now start sending Dependabot alerts for vulnerable GitHub Actions to help developers fix security issues in CI/CD workflows.

LinuxSecurity.com Team
Aug 11, 2022

Linux 6.0 Adding Run-Time Verification For Running On Safety Critical Systems

Another big ticket feature has made it for the Linux 6.0 kernel: the Runtime Verification infrastructure for running Linux on safety-critical systems.

LinuxSecurity.com Team
Aug 04, 2022

Emmabuntüs 1.02 Brings Debian Bullseye 11.4 Goodies, Improves UEFI/Secure Boot Support

Emmabuntüs 1.02 is here almost seven months after Emmabuntüs 1.01 and it’s based on the Debian GNU/Linux 11.4 “Bullseye” release that arrived last month with 79 security updates and 81 miscellaneous bug fixes.

LinuxSecurity.com Team
Aug 04, 2022

Linux Kernel 5.19 Officially Released, Linus Torvalds Teases Linux 6.0 as Next Kernel Series

Linus Torvalds has announced the release and general availability of the Linux 5.19 kernel series as a major branch that brings more new features, improved hardware support, and lots of bug and security fixes.

LinuxSecurity.com Team
Aug 03, 2022

How OpenSSF Scorecards Can Help to Evaluate Open-Source Software Risks

Everyone knows the phrase “software is eating the world” by Marc Andreessen from over a decade ago. Software powers and touches nearly every aspect of modern society, both personally and professionally, and is critical to the modern economy and national security.

LinuxSecurity.com Team
Aug 02, 2022

Python Programming: PyPl Is Rolling Out 2FA for Critical Projects, Giving Away 4,000 Security Keys

4,000 Google Titan security keys should help to protect critical Python projects from software supply chain attacks.

LinuxSecurity.com Team
Jul 12, 2022

How a Botched Kernel Patch Broke Ubuntu – and Why It May Happen Again

If you spent the early days of June fighting kernel panics in Ubuntu 20.04, you were not alone – and we now know why.

LinuxSecurity.com Team
Jul 11, 2022

Intel Brews Linux Change For More Efficient Idle CPU Searching Under Heavy System Load

A "sched/fair" change for Linux 5.20 aims to enhance the efficiency when searching for an idle CPU under heavy system load. The change led by Intel should improve the kernel's efficiency when the system is overloaded but as with most low-level tuning does run the risk of regressions.

LinuxSecurity.com Team
Jun 29, 2022

Microsoft's CBL-Mariner 2.0 Linux Distro Now Supports Kernel Live Patching, PXE Boot

Last month Microsoft issued the first production release of CBL-Mariner 2.0, its in-house Linux distribution used for powering services from Microsoft Azure to WSL use-cases and more. CBL-Mariner 2.0 this weekend saw a rather large monthly update with a number of fixes, package updates, and new additions to this "Common Base Linux" platform.

LinuxSecurity.com Team
Jun 28, 2022

Rust in the Linux Kernel by 2023, Linus Torvalds Predicts

Rust, the fast-growing systems programming language, may be merged into the Linux kernel next year, or “maybe the next release,” according to Linux creator Linus Torvalds.

LinuxSecurity.com Team
Jun 23, 2022

Linux Mint Project Takes Over Development of Timeshift Backup Tool and Makes it a XApp

There has been an interesting development in this month’s Linux Mint news segment regarding the future of the backup utility Timeshift which has become a core part of the distro in recent years. It turns out that Tony George, the developer behind the project doesn’t have time to work on Timeshift any longer and has agreed for the Mint team to take over. As part of the plans, Timeshift will now become a XApp, a suite of apps developed by the Mint team.

LinuxSecurity.com Team
Jun 02, 2022

Google: Here comes our 'Open Source Maintenance Crew'

The Google Open Source Maintenance Crew will support under-resourced critical open-source products to fix security issues.

LinuxSecurity.com Team
May 26, 2022

Citi Donates Software Supply Chain Security Kit to OpenSSF

The financial services company's prototype system based on CNCF's software supply chain security guidelines joins OpenSSF's $150 million open source standards campaign.

LinuxSecurity.com Team
May 20, 2022

Open source security: Linux Foundation project presents 10-point plan

The Open Source Software Security Foundation (OpenSSF), a project of the Linux Foundation, has come up with a 10-point plan to improve the safety of the software supply chain, costed at $147.9M over two years, though it relies in part on developers changing their behaviour to take more account of security issues.

LinuxSecurity.com Team
May 19, 2022

Open-source security: It's too easy to upload 'devastating' malicious packages, warns Google

The Google and OpenSSF Package Analysis project aims to reduce security risks created by developers' crazy package-updating schedules.

LinuxSecurity.com Team
May 05, 2022

Linux Kernel 5.17 Released, With Major Security Fixes But Not Much Else

After a short delay, Linus Torvalds has announced the latest version of the Linux kernel, version 5.17, which adds major security enhancements.

LinuxSecurity.com Team
Mar 23, 2022

Security Projects - Page 7

Strengthen Your Linux Software Development Pipeline with Code Security Scanners

Linux Security Modules (LSM): SELinux vs AppArmor vs TOMOYO

OpenSSL's New Governance Structure: A Beacon of Progress for Open-Source Security