Other Sites

9to5Linux

HandBrake 1.8.2 Video Transcoder Adds FFmpeg 7.0.2 Support and Fixes Bugs

HandBrake 1.8.2 is the second maintenance update to the latest HandBrake 1.8 stable series fixing various bugs like an issue where an encoded file could be outputted with the wrong filename when using the queue on Linux systems.

KDE Frameworks 6.5 Released with Plasma Wayland and Dolphin Improvements

KDE Frameworks 6.5 is here to improve the accessibility of multiple controls on the Shortcuts page in System Settings, standardize the red X symbolism for “remove this abstract thing” that the HIG (Human Interface Guidelines) recommends in the Breeze icon theme, and improve support for apps on the Plasma Wayland session.

Internet Society

What is Indigenous Connectivity? And Why Should We All Care?

In a small Paraguayan village, women from the Nivaclé Indigenous people are using the Internet to sell carob flour directly to consumers in the capital city of Asunción, bringing larger profits for their hard work back to their communities.

LinuxGizmos.com

Yuzuki Chameleon: A $25 Raspberry Pi-Like Board with Allwinner H616 SoC

At the heart of the Yuzuki Chameleon is the Allwinner H616 chip, which includes a quad-core Cortex-A53 processor and an ARM G31 GPU. The board offers up to 2GB of RAM and 128GB of eMMC storage, along with an onboard MicroSD card slot for additional storage options.

WIZnet Reveals New Enhanced Raspberry Pi Pico Boards with Ethernet Functionality

The W5500-EVB-Pico2 features the W5500 Ethernet Controller, which supports eight independent hardware sockets. This allows for handling multiple network connections simultaneously. Additionally, it includes 32 Kbytes of internal memory for TX/RX buffers, which is beneficial for managing larger data packets efficiently.

Pimoroni’s Debuts Latest RP2350-Based Development Boards and Kits

Pimoroni has introduced a range of new products centered around the Raspberry Pi RP2350 microcontroller. These offerings are designed for hobbyists, educators, and developers, providing various features for different project requirements.

news

A zero-day flaw using the 0.0.0.0 IP address

posted by Roy Schestowitz on Aug 10, 2024,
updated Aug 10, 2024

Scoop News Group ☛ Researchers find decades-old vulnerability in major web browsers

The flaw, called ‘0.0.0.0 day,’ has to do with how browsers handle network requests.

PC Mag ☛ Zero-Day IP Address Exploit Lets Hackers Attack Mac, Linux Computers

A zero-day flaw using the 0.0.0.0 IP address has seen a spike in use and been exploited by hackers in recent months, potentially putting users of major web browsers like Safari, Chrome, and Firefox on macOS or Linux at risk, a new report reveals.
Hacker News ☛ 0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

Cybersecurity researchers have discovered a new "0.0.0.0 Day" impacting all major web browsers that malicious websites could take advantage of to breach local networks.
Laptop Magazine ☛ An 18-year-old browser exploit leaves MacBooks and Linux laptops vulnerable — but a fix is coming

Sometimes, we've seen big companies take up to a few months to fix a glaring bug, risk, or other issue within an OS or a browser, but usually, issues are fixed within days or weeks. However, a vulnerability recently brought up by Oligo Security has gone without a fix for much longer: 18 years.

Update

A couple more:

Major browser providers scramble to patch an 18-year-old vulnerability affecting MacOS and Linux systems but Windows remains gloriously immune

We Windows users are sometimes the butt of the joke when it comes to cybersecurity issues. Or at least, we often used to be. Still, if I receive one more lecture on why Linux or Mac systems are more secure, I'll at least have this article to point to. Not always, I shall say. Not always.
Browsers on MacOS and Linux have failed to block malicious instructions sent to 0.0.0.0 – for 18 years

If a malicious website pings a 0.0.0.0 IP address, web browsers on Linux or MacOS won't question it – they’ll route the request to the application listening on a specified port. Security company Oligo Security has discovered that these open doors for attackers to mess with systems haven’t been closed for 18 years.

Other Recent Tux Machines' Posts

Software Leftovers: FOSS picks
A zero-day flaw using the 0.0.0.0 IP address: Some new flaw
Canonical Announces Shift in Ubuntu Kernel Selection Strategy: Canonical's Kernel Team is shifting policy, adopting a bold new approach to offering the latest Linux features in Ubuntu
1 in 10 Desktop/Laptop Users in Sweden Uses a Chromebook, Says statCounter [original]: This is not about freedom, but at least it's not Microsoft or Windows
KDE Frameworks 6.5 Released with Plasma Wayland and Dolphin Improvements: The KDE Project released today KDE Frameworks 6.5 as the latest version of this collection of more than 70 add-on libraries to Qt that provide commonly needed functionality for the Plasma desktop and KDE apps.
System76 Launches Pop!_OS 24.04 LTS with COSMIC Alpha Desktop Environment: Linux hardware vendor System76 announced today the release and general availability of the long-awaited Pop!_OS 24.04 LTS distribution featuring the Rust-based COSMIC Alpha desktop environment.
Today in Techrights: Some of the latest articles
today's leftovers: IBM, SUSE, Ubuntu, and more
Making Linux Boot Faster and New Work by Bootlin: Linux and Bootlin news
Programming Leftovers: Programming related picks for today
Open Hardware/Modding: Raspberry Pi, FriendlyELEC, and More: Some hardware news
Security Leftovers: Security related news with Linux focus
today's leftovers: IBM, SUSE, and more
HandBrake 1.8.2 Video Transcoder Adds FFmpeg 7.0.2 Support and Fixes Bugs: HandBrake 1.8.2 has been released today for this powerful and popular open-source, cross-platform, and free video transcoder/converter for GNU/Linux, macOS, and Windows systems.
Open Hardware: DEF CON 32, RP2350, RP2350, and More: hardware stories
Applications and Web Browsers: Web focus
Desktop Environments, KDE, and GNOME: Some desktop side news
Kernel, Programming, and Standards: mostly technical posts
today's howtos: many howtos for today
This Week in GNOME: #160 Web Happening: Update on what happened across the GNOME project in the week from August 02 to August 09
Windows TCO: Ransomware, Cybersecurity and Infrastructure Security Agency (CISA), and More: Microsoft issues
Games: Humble Bundle, OpenTESArena, The Protagonish, and More: 9 new articles by GamingOnLinux
Open Source Software, howtos and Installations: E-Mage is a cross-platform tool for losslessly image compression
This week in KDE: SVG Breeze cursors and more thumbnails: First up is something cool: support for SVG-based cursor themes
Thanks to Nextcloud, FOSS Webmail Client Roundcube Now Has Support on Steroids: How Nextcloud came to the aid of a popular open source project, in part by getting three other open source projects involved
DebConf24 Coverage: by Debian devs
Today in Techrights: Some of the latest articles
Security Leftovers: Security stories
Devices: Raspberry Pi, Digi International, and More: Hardware and more
Android Leftovers: Nova Launcher, savior of cruft-filled Android phones, is on life support
TUXEDO launches InfinityBook Pro 14 Gen9 Linux laptop: TUXEDO Computers has launched the 9th generation of its InfinityBook Pro 14
First Look: Vertical Tabs and Sidebar Enhancements in Firefox: Finally, the much-anticipated Firefox vertical tabs feature is here in Nightly 131, so don't waste your time; get a first-hand impression
Linux Kernel 6.9 Reaches End of Life, Users Must Upgrade to Linux Kernel 6.10: This is your friendly reminder that the Linux 6.9 kernel series has reached the end of its supported life and that you should consider upgrading to Linux kernel 6.10 as soon as possible.
WINE shortcuts in Plasma menu are broken - How to fix: All right. This is a somewhat niche, convoluted topic. Let me start with some background information
Programming Leftovers: Programming related leftovers
Red Hat Leftovers: IBM and redhat.com
Open Hardware/Modding: Raspberry Pi and More: hardware leftovers
Software Leftovers: FOSS picks mostly
Security Leftovers: Security related
today's howtos: half a dozen howtos
IPFire 2.29 - Core Update 187 released: Finally it is time for another release of IPFire
Mozilla: Performance, Bug Bounty Program and Buzzwords, Thunderbird, Firefox Nightly, and Rust: Mozilla news for today
today's howtos: several more howtos for the day
OpenBSD -current moves to 7.6-beta: The release is traditionally about November 1st, but we shall see what happens this year. Snapshots are already beginning to show up on the mirrors.
Open Hardware Leftovers: Open Hardware stories
Free Software: Some FOSS stories
Mozilla Firefox 129 Is Now Available for Download, Here’s What’s New: The Mozilla Firefox 129 open-source, free, and cross-platform web browser is now available for download ahead of its official release on August 6th, 2024.
Programming Leftovers: Programming related links
Ubuntu Kylin – official Chinese version of Ubuntu: Ubuntu Kylin is the official Chinese version of the Ubuntu distribution
Free and Open Source Software: This is free and open source software
KDE Plasma 6.1.4 Desktop Released with Various Improvements and Bug Fixes: The KDE Project released today KDE Plasma 6.1.4 as the fourth stable update in the latest KDE Plasma 6.1 series of this modern and beloved desktop environment for GNU/Linux systems.
Windows TCO: 10 Stories and Cautionary Tales: Some TCO stories about Microsoft
Elevate Your KDE Plasma Experience With These 15 Essential Widgets: Are you using these KDE Plasma widgets to enhance your user experience
Top 7 Open Source CCTV/IP/Camera Monitoring Software: Open source IP or CCTV camera monitoring software are special software that allow you to manage
Xubuntu Development Update August 2024: August marks the fourth month of development for Xubuntu 24.10, “Oracular Oriole.”
I'm a pro Linux user, and this distribution is one of the most unique I've tried: If you're looking to try something new with Linux that is not only cool-looking but also has a lot to offer users of every type, Rhino Linux is sure to impress
Games: DOOM, Roblox, and More: 7 new stories from GamingOnLinux
Today in Techrights: Some of the latest articles
LWN Reports on Linux Kernel: Now outside the paywall
GUADEC Report and Dan Yeaw on Python in GNOME: reports from LWN
More informative kernel panics for Fedora: The feature introduces a few tradeoffs, including currently limited driver support, so the proposal spawned a good deal of discussion

Tux Machines

Other Sites

9to5Linux

HandBrake 1.8.2 Video Transcoder Adds FFmpeg 7.0.2 Support and Fixes Bugs

KDE Frameworks 6.5 Released with Plasma Wayland and Dolphin Improvements

Internet Society

What is Indigenous Connectivity? And Why Should We All Care?

LinuxGizmos.com

Yuzuki Chameleon: A $25 Raspberry Pi-Like Board with Allwinner H616 SoC

WIZnet Reveals New Enhanced Raspberry Pi Pico Boards with Ethernet Functionality

Pimoroni’s Debuts Latest RP2350-Based Development Boards and Kits

news

A zero-day flaw using the 0.0.0.0 IP address

Scoop News Group ☛ Researchers find decades-old vulnerability in major web browsers

PC Mag ☛ Zero-Day IP Address Exploit Lets Hackers Attack Mac, Linux Computers

Hacker News ☛ 0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

Laptop Magazine ☛ An 18-year-old browser exploit leaves MacBooks and Linux laptops vulnerable — but a fix is coming

Major browser providers scramble to patch an 18-year-old vulnerability affecting MacOS and Linux systems but Windows remains gloriously immune

Browsers on MacOS and Linux have failed to block malicious instructions sent to 0.0.0.0 – for 18 years

Other Recent Tux Machines' Posts