Useful security software from the Snap Store

Overall, most Linux distributions offer sane, reasonable defaults that balance security and functionality quite well. However, most of the security mechanisms are transparent, running in the background, and you still might require some additional, practical software to bolster your security array. Back in July, we talked about handy productivity applications available in the Snap Store, […]

Enhanced Livepatch desktop integration available with Ubuntu 18.04.3 LTS

Ubuntu 18.04.3 LTS has just been released. For the Desktop, newer stable versions of GNOME components have been included, as well as a new feature – Livepatch desktop integration. As usual with LTS point releases, the main changes are a refreshed hardware enablement stack (newer versions of the kernel, xorg & drivers) and a number […]

The post Enhanced Livepatch desktop integration available with Ubuntu 18.04.3 LTS appeared first on Ubuntu Blog.

Enhanced Livepatch desktop integration available with Ubuntu 18.04.3 LTS

Ubuntu 18.04.3 LTS has just been released. For the Desktop, newer stable versions of GNOME components have been included, as well as a new feature – Livepatch desktop integration. As usual with LTS point releases, the main changes are a refreshed hardware enablement stack (newer versions of the kernel, xorg & drivers) and a number […]

Charmed Kubernetes update for upstream API server vulnerability

An upstream Kubernetes vulnerability (CVE-2019-11247) has been identified where the API server mistakenly allows access to a cluster-scoped custom resource, if the request is made as if the resource were namespaced. Authorisations for the resource accessed in this manner are enforced using roles and role bindings within the namespace. This means that a user with […]

The post Charmed Kubernetes update for upstream API server vulnerability appeared first on Ubuntu Blog.

Charmed Kubernetes update for upstream API server vulnerability

An upstream Kubernetes vulnerability (CVE-2019-11247) has been identified where the API server mistakenly allows access to a cluster-scoped custom resource, if the request is made as if the resource were namespaced. Authorisations for the resource accessed in this manner are enforced using roles and role bindings within the namespace. This means that a user with […]

The post Charmed Kubernetes update for upstream API server vulnerability appeared first on Ubuntu Blog.

Ubuntu updates for TCP SACK Panic vulnerabilities

Issues have been identified in the way the Linux kernel’s TCP implementation processes Selective Acknowledgement (SACK) options and handles low Maximum Segment Size (MSS) values. These TCP SACK Panic vulnerabilities could expose servers to a denial of service attack, so it is crucial to have systems patched. Updated versions of the Linux kernel packages are […]

The post Ubuntu updates for TCP SACK Panic vulnerabilities appeared first on Ubuntu Blog.

Introducing the Ubuntu security podcast

The Ubuntu Security Podcast is a weekly podcast covering all the latest news and developments from the Ubuntu Security team. Each week the team discuss the various security updates that have been published across the Ubuntu releases, describing the technical details of both the security vulnerabilities as well as the fixes involved. Due to the […]

The post Introducing the Ubuntu security podcast appeared first on Ubuntu Blog.