DSA-5570-1 nghttp2 – security update
It was discovered that libnghttp2, a library implementing the HTTP/2 protocol, handled request cancellation incorrectly. This could result in denial of service. https://security-tracker.debian.org/tracker/DSA-5570-1 Read More
DSA-5571-1 rabbitmq-server – security update
It was discovered that missing input sanitising in the HTTP API endpoint of RabbitMQ, an implementation of the AMQP protocol, could result in denial of...
Look Out for the Cyber Grinch! How to Shop Safely This Holiday Season
Yes, there is a Cyber Grinch. In fact, you’ll find evidence of an entire host of grinches online — the cybercrooks who, with the help...
Not all cybercriminals are evil geniuses
I thought some of you might enjoy this. Here’s a video of a recent after-dinner talk I gave, exploring (in a hopefully fun way!) whether...
USN-6494-2: Linux kernel vulnerabilities
Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local...
USN-6495-2: Linux kernel vulnerabilities
Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local...
USN-6496-2: Linux kernel vulnerabilities
Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for...
USN-6502-4: Linux kernel vulnerabilities
Ivan D Barrera, Christopher Bednarz, Mustafa Ismail, and Shiraz Saleem discovered that the InfiniBand RDMA driver in the Linux kernel did not properly check for...