Just how severe is this DNS cache poisoning attack revealed this week? We'll break it down and explain why Linux is affected. Plus, the feature now removed from APT, more performance patches in the Kernel, and a big batch of project updates.
Linux has a serious security problem that once again enables DNS cache poisoning — We can actually guess the ephemeral port in the embedded UDP packet and package it in an ICMP probe to a DNS resolver. If the guessed port is correct, it causes some global resource in the Linux kernel to change, which can be indirectly observed. This is how the attacker can infer which ephemeral port is used.
KDE Discover gets update to prevent you breaking your Linux system — Another change to make things look a bit friendlier in Discover is if you have issues upgrading, it will instantly shove a load of technical details in your face. To normal consumers, that's clearly not going to do much to help and probably scare them away. Now, instead, it will provide a very clear and friendly message, with the option to get more details to report the issue.
Add support for list issue - Jens Axboe — With the support in 5.16-rc1 for allocating and completing batches of IO, the one missing piece is passing down a list of requests for issue.
FWUPD 1.7.2 Released With Fixes, Faster & Smaller Daemon — FWUPD 1.7.2 adds support for handling exported MTD block devices, tweaking the compiler flags to reduce the install size by around 300 Kb, speeding up the FWUPD daemon startup by ~40% by postponing some work, and a variety of fixes. The fixes range from a possible DFU crash to DLI download troubles and other device-specific corrections.
Podden och tillhörande omslagsbild på den här sidan tillhör Jupiter Broadcasting. Innehållet i podden är skapat av Jupiter Broadcasting och inte av, eller tillsammans med, Poddtoppen.