This week, Fedora announced its decision to change the classification of CC0. Fedora will no longer allow software licensed under the Creative Commons “No Rights Reserved” license. Also this week, Intel published its second quarter financial results and announced that the company is shutting down its Optane memory business. Linus Torvalds announced the release of an extra release candidate for Linux Kernel 5.19. The final release was delayed due to a Retbleed vulnerability, which took too much time to mitigate.
Fedora to abandon Creative Commons “No Rights Reserved”
The Fedora Project has announced that it will change the classification of CC0. Fedora will no longer allow software licensed under the Creative Commons “No Rights Reserved” license. Richard Fontana, senior Commercial Counsel at Red Hat, unveiled the news through a mailing list. According to the announcement, it will be an unusual change, and some very important Fedora packages will be impacted. The Fedora team aims to prevent any future legal patent issues related to its software under the CC0 license. Creative Commons CC0 license grants software developers to waive copyright to their work.
Intel is shutting down its Optane memory business
Intel has officially announced that the CPU giant is shutting down its Optane memory business completely. The tech giant announced the decision in its second quarter financial report. By shutting down the Optane memory business, the company is writing off $559. Optane memory business includes Optane Memory, Optane persistent memory, and Optane SSD solutions. The decision can be related to Micron’s $900 million deal to sell its semiconductor factory to Texas Instruments, which will end its 3D XPoint supplies for Intel Optane products.
Confluence vulnerability leaks hardcoded passwords
Atlassian announced that the company has patched a vulnerability that allows attackers to steal hardcoded credentials in Confluence Server and Data Center. These credentials allowed unauthenticated attackers to log into these servers. These credentials with the “disabledsystemuser” username, are created by the Questions for Confluence app, which is installed on more than 8,000 servers. It affects Questions for Confluence versions 2.7.34, 2.7.35, and 3.0.2. The vulnerability is currently being exploited in the wild.
Some new features of KDE Plasma 5.26 have been revealed
KDE developers have shared some insights regarding the improvements and new features that will land in KDE Plasma 5.26. The developer announced that they have added a highlight effect for the mouse-hovered windows in the Present Windows and Desktop Grid, which effectively makes it easier to notice. They also added a new loading bar for the app reviews section while they are being loaded. The draggable handles in the Panel Edit Mode toolbar are now capable of displaying tooltips of their function and double-clicking reset their states.
PrestaShop zero-day vulnerability under attack
PrestaShop, preferred by approximately 300,000 online stores globally, confirmed that attackers are targeting a vulnerability to perform code execution that may allow them to steal payment information. The company stated that attackers are exploiting a vulnerability to inject malicious code to steal sensitive information from checkout pages. Attackers are injecting a fake payment form to steal credit card information. The team urged users to update the software and all of the modules to the latest versions.
Google supports CSRB’s call for log4j
The U.S. Department of Homeland Security announced that the Cyber Safety Review Board published its first report on the log4j software library vulnerabilities. Google will share its experiences to participate in the development of the CSRB report on log4j software library vulnerabilities. Google aims to kick off an industry-wide discussion by sharing this information and making progress on the security and sustainability of the ecosystem. Google also said that they are applauding the Board’s recognition that public and private sector stakeholders need to make significant investments for the future to improve the nation’s digital security over the long term.
Linux kernel 5.19 rc8 is now ready
The development of Linux kernel 5.19 rc8 has been completed and Linus Torvalds has announced the release of it. Torvalds had stated that the 5.19 version would require an extra Release Candidate due to the Retbleed vulnerability taking too much time to mitigate. Linux kernel 5.19 rc8 delivers additional fixes for the Retbleed vulnerability patches that have been landed in the latest release candidate version. Linux kernel 5.19 rc8 also delivers some fixes for Intel GuC firmware that have also been causing issues with Alder Lake P graphics. Those two issues now seem to be solved and ready to be shipped with the final release of Linux kernel 5.19.