libarchive Security Flaws, Novice Linux, Slack's Latest
Today in Linux news several security flaws were found in libarchive, a library used to decompress several package types present on a great number of Linux systems. In other news Slackware-current has seen a lot of activity the last few days and Red Hat stock took a bit of dip in after hours trading this evening following an earnings report. Jamie Watson shared his recommendations of Linux distributions for novice users and Bruce Byfield today wrote that a lot of the things Windows users nostalgically miss are still a part of Linux.
Several security vulnerabilities in libarchive were made public by Cisco's Talos group yesterday. libarchive is used to compress, decompress, and archive files on Linux, free BSDs, Macs, and Chrome. IDG's Lucian Constantin summed, "The Cisco Talos researchers found an integer overflow, a buffer overflow and a heap overflow in the libarchive code that handles 7-Zip, mtree and rar files, respectively." He also reported that patches were applied upstream for those bugs, but they haven't trickled down to many distributions yet.
Several market sites reported that Red Hat stock dipped a bit in after hours trading after the release of first quarter 2017 financial results today. All the numbers looked good to me, revenue up 18%, cloud-related up 39%, and cash on hand up 18%. Nevertheless, Red Hat's projected second quarter outlook was a bit less than analysts' and an announced $1 billion stock buy back drove its share price down in after hours trading. The stock saw over a 7% drop after close.
Slackware-current has received several updates since our last report. libarchive was updated Monday to fix those security flaws, Cairo was rebuilt to address a crashing condition, Bash was upgraded to 4.3.046, PulseAudio and friends to newly released 9.0, and Nano was upgraded to 2.6.0. Oh, Screen was added by request.
In other news: