From Fedora Project Wiki

< FWN‎ | Beats

No edit summary
No edit summary
Line 6: Line 6:
Contributing Writer: [[JoshBressers]]
Contributing Writer: [[JoshBressers]]


=== Story ===
=== OSS-Security ===
content
The existence of the OSS-Security Community was [http://www.bress.net/blog/archives/115-Announcing-oss-security.html announced] last week.  If you're interested in the unique challenges that Open Source software faces with respect to security, feel free to join the discussions within the group.  As all communities go, the idea here is to grow a self sustaining community, not something that's just a few people doing all the work.
 
=== Flash Player ===
There were rumblings of a 0day Flash Player flaw in the wild.  It turned out to be unpatched copies of Flash Player as noted on the
[http://blogs.adobe.com/psirt/2008/05/potential_flash_player_issue.html Adobe Product Security Blog].  This is just another example of why it's very important to keep your system updated properly.
 
=== Samba ===
A quite serious Samba flaw was [http://us1.samba.org/samba/security/CVE-2008-1105.html released] last week.
 
Initially this was thought to be quite minor, until it was noticed that it's possible for a Samba server to connect back to a client when doing certain printing actions.  This means that this particular Samba client issue also affected the server.  Quite tricky.

Revision as of 19:54, 30 May 2008

Security Week

In this section, we highlight the security stories from the week in Fedora.

Contributing Writer: JoshBressers

OSS-Security

The existence of the OSS-Security Community was announced last week. If you're interested in the unique challenges that Open Source software faces with respect to security, feel free to join the discussions within the group. As all communities go, the idea here is to grow a self sustaining community, not something that's just a few people doing all the work.

Flash Player

There were rumblings of a 0day Flash Player flaw in the wild. It turned out to be unpatched copies of Flash Player as noted on the Adobe Product Security Blog. This is just another example of why it's very important to keep your system updated properly.

Samba

A quite serious Samba flaw was released last week.

Initially this was thought to be quite minor, until it was noticed that it's possible for a Samba server to connect back to a client when doing certain printing actions. This means that this particular Samba client issue also affected the server. Quite tricky.