Security Leftovers
-
LWN ☛ Security updates for Friday
Security updates have been issued by Debian (distro-info-data), Fedora (libtiff), Mageia (firefox and oath-toolkit), Red Hat (krb5), and SUSE (openssl-1_1).
-
Scoop News Group ☛ Change Healthcare breach affected 100 million Americans, marking a new record
The company notified the Health and Human Services Department about the figure this week, the first it has specified.
-
Scoop News Group ☛ Report: Chinese hackers used telecom access to go after phones of Trump, Vance
U.S. authorities said they are investigating “unauthorized access to telecommunications infrastructure” by hackers linked to China.
-
OpenSSF (Linux Foundation) ☛ Cybersecurity Awareness Month 2024: Stay Secure, Stay Informed
October is Cybersecurity Awareness Month! Proclaimed since 2004, October is the month dedicated to raising awareness about cybersecurity and taking simple steps to keep individuals and organizations safe. This year, let’s focus on collective action across different sectors. This post explores more about what actions different stakeholders can take in order to increase their cybersecurity awareness and resilience.
-
Diffoscope ☛ Reproducible Builds (diffoscope): diffoscope 282 released
The diffoscope maintainers are pleased to announce the release of diffoscope version
282. This version includes the following changes:* Ignore errors when listing .ar archives. (Closes: #1085257)
-
Forbes ☛ Urgent New Nvidia Security Warning For 200 Million Linux And Windows Gamers
With more than 200 million gamers using Nvidia graphics to power their gaming experience across Linux and Windows platforms, security advisories need to be taken very seriously. When that advisory concerns no less than eight new high-severity vulnerabilities, only a total lamer gamer would ignore it. Here’s what you need to know about Nvidia security vulnerabilities CVE‑2024‑0117 through CVE‑2024‑0121.
-
Security Week ☛ Nvidia Patches High-Severity Flaws in Windows, Linux Graphics Drivers
Technology giant Nvidia has rolled out urgent security updates to fix at least 8 high-severity vulnerabilities in GPU drivers for Windows and Linux, and in its virtual GPU (vGPU) software.
The company shipped updates for five security defects affecting Nvidia’s graphics drivers for Windows that allow an unprivileged user to cause an out-of-bounds read.
Tracked as CVE‑2024‑0117 to CVE‑2024‑0121, these bugs could be exploited for code execution, escalation of privilege, denial-of-service, information disclosure, and data tampering, Nvidia said in an advisory.