After several months of work, a new version of the Cine Encoder 3.3 video converter is available for working with HDR video. The program can be used to change HDR metadata such as Master Display, maxLum, minLum, and other parameters. The following encoding formats are available: H265, H264, VP9, MPEG-2, XDCAM, DNxHR, ProRes. Cine Encoder is written in C++, uses the utilities FFmpeg, MkvToolNix […]
Enthusiasts have launched the DUR (Debian User Repository) repository, which is positioned as an analogue of the AUR (Arch User Repository) repository for Debian, allowing third-party developers to distribute their packages without being included in the main distribution repositories. As in the AUR, the metadata and assembly instructions for packages in the DUR are defined using the PKGBUILD format. To build deb packages from PKGBUILD files, […]
Qu Wenruo of SUSE, who maintains the Btrfs file system, has drawn attention to abuses associated with sending useless cosmetic patches to the Linux kernel, the changes in which are limited to fixing typos in the text or removing debug messages from internal tests. Usually, such small patches are sent by novice developers who are just learning how to interact in the community. This time […]
Valve has published the release of the Proton 6.3-5 project, which is based on the developments of the Wine project and is aimed at enabling gaming applications created for Windows and presented in the Steam catalog to run on Linux. The developments of the project are distributed under the BSD license. Proton allows you to directly run Windows-only game applications on the Steam Linux client. The package includes a DirectX implementation […]
A vulnerability has been identified in app directories built on the Pling framework that could allow an XSS attack to execute JavaScript code in the context of other users. Sites such as store.kde.org, appimagehub.com, gnome-look.org, xfce-look.org and pling.com are affected by the problem. The crux of the problem is that the Pling platform allows you to add multimedia blocks in HTML format, for example, to insert a YouTube video or image. Added via […]
Western Digital has advised users to urgently disconnect their WD My Book Live and My Book Live Duo storage devices from the Internet due to widespread complaints about the removal of all contents of the drives. At the moment, it is only known that as a result of the activity of unknown malware, a remote initiation of a device reset to its original state is performed, […]
Vulnerabilities have been identified in the implementation of remote OS recovery and firmware update technologies promoted by Dell (BIOSConnect and HTTPS Boot) that allow replacing installed BIOS / UEFI firmware updates and remotely executing code at the firmware level. Running code can change the initial state of the operating system and be used to bypass applicable security mechanisms. Vulnerabilities affect 129 models of various laptops, tablets and […]
A vulnerability (CVE-2021-3600) has been identified in the eBPF subsystem, which allows running handlers inside the Linux kernel in a special virtual machine with JIT, that allows a local unprivileged user to execute their code at the Linux kernel level. The problem is caused by incorrect truncation of 32-bit registers when performing "div" and "mod" operations, which can lead to reading and writing data outside the allocated memory area. […]
Google has announced a change in plans to end Chrome's support for third-party cookies that are set when accessing sites other than the current page's domain. Such cookies are used to track user movements between sites in the code of advertising networks, social network widgets and web analytics systems. Chrome originally planned to stop supporting third-party cookies by 2022, but […]
Linux4yourself or "Linux for yourself" is presented - the first release of an independent Russian-language offshoot of Linux From Scratch - a guide to creating a Linux system using only the source texts of the necessary software. All project sources are hosted on GitHub under the MIT license. The user is offered the use of a multilib system, EFI support and a small set of additional software for […]
The recording company Sony Music obtained an order in the district court of Hamburg (Germany) to block pirated sites at the Quad9 project level, which provides free access to the publicly available DNS resolver “9.9.9.9”, as well as “DNS over HTTPS” services (“dns.quad9 .net/dns-query/") and "DNS over TLS" ("dns.quad9.net"). The court decided to block domain names found to be distributing music content that violates copyright, despite […]
In the PyPI (Python Package Index) catalog, several packages have been identified that include code for hidden cryptocurrency mining. Problems were present in the packages maratlib, maratlib1, matplatlib-plus, mllearnlib, mplatlib and learninglib, the names of which were chosen to be similar in spelling to popular libraries (matplotlib) with the expectation that the user would make a mistake when writing and not notice the differences (typesquatting). The packages were placed in April under the account […]
