Firefox 67.0 Released, ownCloud Announces New Server Version 10.2, Google Launches “Glass Enterprise Edition 2” Headset, Ubuntu Expands Its Kernel Uploader Team and Kenna Security Reports Almost 20% of Popular Docker Containers Have No Root Password

News briefs for May 21, 2019.

Firefox 67.0 was released today. From the Mozilla
blog
: “Today’s new
Firefox release continues to bring fast and private together right at the
crossroads of performance and security. It includes improvements that
continue to keep Firefox fast while giving you more control and assurance
through new features that your personal information is safe while you’re
online with us.”
You can download it
from
here
, and see the release
notes
for details.

ownCloud
announces its new server version 10.2
, which introduces advanced sharing permissions,
a secure view feature and automatic synchronization between federated clouds.
From the press release: “the new server version of ownCloud focuses on more
freedom and security in file distribution. The “Advanced Sharing Permissions”
feature in particular provides developers with far-reaching options for
implementing individual release functions at user and group level as well as
providing data with special security settings.”

Google has launched a “Glass Enterprise Edition 2” headset. According to
Linux
Gizmos
, the new
device has a “faster processor, longer battery life, improved camera and wireless
features, and a reduced $999 price” compared with the previous Glass
Enterprise Edition. It “runs Android Oreo on a faster, quad-core, 1.7GHz
Snapdragon XR1 SoC with an 8MP camera, WiFi-ac, BT 5.x, a USB Type-C port,
and longer battery life.”

Ubuntu has expanded its Kernel Uploader Team. Phoronix
reports
that it’s “a sign of the times with the Linux kernel being
affected by an increasing number of CVEs (and particularly high profile ones
at that), there are now more Ubuntu developers with upload rights for sending
down new kernel upgrades.” New to the Kernel Uploaders Team are Tyler Hicks,
Juerg Haefliger and Khalid Elmously.

Kenna
Security reports that “nearly 20% of the 1000 most popular Docker containers
have no root password”
. Researcher Jerry Gamblin built
a script to find null root Docker containers,
available
on GitHub
that found some well known names: “govuk/governmentpaas,
hashicorp, microsoft, monsanto, and mesosphere. kylemanna/openvpn is the most
popular container on the list and it has over 10,000,000 pulls.” He also
notes that “The findings are interesting, but I don’t want to be overly
alarmist. Just because a container has no root password does not mean that it
is automatically vulnerable. These findings could lead to configuration-based
vulnerabilities in certain situations, as was the case with this the Alpine
Linux vulnerability.”

Powered by WPeMatico

The featured image was randomly selected. It is an unlikely coincidence if it is related to the post.