Skip to main content

Search

Items tagged with: Redhat

Red Hat released an urgent security alert for Fedora 41 and Rawhide users:

> PLEASE IMMEDIATELY STOP USAGE OF ANY FEDORA 41 OR FEDORA RAWHIDE INSTANCES for work or personal activity.

https://www.redhat.com/en/blog/urgent-security-alert-fedora-41-and-rawhide-users

> Although Fedora 40 beta contained the 5.6 version of xz in an update, the build environment prevents the injection from correctly occurring, and has not been shown to be compromised. Fedora 40 has now reverted to the 5.4.x versions of xz.

#RedHat #Fedora #FedoraRawhide #Fedora41

Yesterday, Red Hat Information Risk and Security and Red Hat Product Security learned that the latest versions of the “xz” tools and libraries contain malicious code that appears to be intended to allow unauthorized access. Specifically, this code is present in versions 5.6.0 and 5.6.1 of the libraries - at this time, only Fedora 41 and Fedora Rawhide contain these libraries. This vulnerability was assigned CVE-2024-3094. Although Fedora 40 beta contained the 5.6 version of xz in an update, the build environment prevents the injection from correctly occurring, and has not been shown to be compromised. Fedora 40 has now reverted to the 5.4.x versions of xz. PLEASE IMMEDIATELY STOP USAGE OF ANY FEDORA 41 OR FEDORA RAWHIDE INSTANCES for work or personal activity.

Urgent security alert for Fedora Linux 40 and Fedora Rawhide users

, (Red Hat)
#Fedora #Redhat #fedorarawhide #fedora41

When Red Hat was a smaller corporation, it was common to see the following quote — attributed to Mahatma Gandhi — used internally and in external marketing:

"First they ignore you.
Then they laugh at you.
Then they fight you.
Then you win."

Interestingly, this quote didn't originate from Gandhi at all. It originated from Nicholas Klein, a trade union activist addressing the Amalgamated Clothing Workers of America.

https://en.wikipedia.org/wiki/Nicholas_Klein

#RedHat #Union #WorkersRights #FOSS

A photograph of Red Hat chairperson Paul Cormier presenting to an audience. In the background, a presentation slide with the misattributed quote bullet pointed. Photograph of a Red Hat poster showing the misattributed quote.
Photograph of a Red Hat office showing the misattributed quote painted on the wall.

American lawyer and labor supporter

Contributors to Wikimedia projects (Wikimedia Foundation, Inc.)
#foss #union #Redhat #workersrights

Earlier today at #almalinux we patched CVE-2023-38403 in iperf3 and released it prior to anyone else in the EL-ecosystem. We promptly submitted PRs with #centos and #fedora.

A lot was learned during this process so we can nail down the processes of doing our own patches while contributing upstream and ultimately deliver on our promises from https://almalinux.org/blog/future-of-almalinux/

#rhel #redhat

AlmaLinux OS - Forever-Free Enterprise-Grade Operating System

An Open Source, community owned and governed, forever-free enterprise Linux distribution.
AlmaLinux OS
#Fedora #Redhat #almalinux #centos #rhel

This #osspodcast episode @kurtseifried and I discuss the #RedHat news

The reality is they're still better than a lot of companies claiming to do #OpenSource but it feels like a betrayal because they were the hero of open source for so long

https://opensourcesecurity.io/2023/07/02/episode-382-red-hat-you-were-the-chosen-one/

Episode 382 – Red Hat, you were the chosen one!

Josh and Kurt talk about Red Hat closing up the RHEL source code. Kurt and Josh both worked at Red Hat in the past. This isn’t a show that bashes Red Hat, and it’s not a show praising t…
Open Source Security
#opensource #OSSPodcast #Redhat @kurtseifried (he/him)

Unfortunately, too many believe that "open source is about corporations". This #Redhat blogpost and the quote shows how disturbing things get when the communal aspect of open source gets privatized - adopting the methods of their closed source brethren.
https://www.redhat.com/en/blog/red-hats-commitment-open-source-response-gitcentosorg-changes?sc_cid=701f2000000tyBjAAI

Red Hat’s commitment to open source: A response to the git.centos.org changes

More about Red Hat's decision to make CentOS Stream the primary repository for RHEL sources.
Red Hat
#Redhat