Chrome OS to Get Version 75

New Chrome OS 75 build is available for most current Chromebooks
27 June 2019   285

Google introduced the release of the Chrome OS 75 operating system, based on the Linux kernel, the upstart system manager, ebuild / portage assembly tools, open components and the Chrome 75 web browser. The Chrome OS user environment is limited to a web browser. apps, however, Chrome OS includes a full multi-window interface, desktop and taskbar. Chrome OS 75 build is available for most current Chromebooks. Enthusiasts have formed informal assemblies for ordinary computers with x86, x86_64, and ARM processors. The source code is distributed under the free Apache 2.0 license.

These are some of the features:

  • Feature to let parents grant more time to their kids on Chrome OS devices
  • Enabling kid friendly Assistant for child accounts
  • Linux (Beta) can now access Android devices over USB
  • Files app support for 3rd party file provider apps implementing Android DocumentsProvider APIs
  • Add support for PIN code with native printers for managed devices

Get more info at official blog.  

Two Vulnerabilities to be Found at SDL

Two of six serious vulnerabilities in this cross-platform multimedia library create conditions for remote code execution.
04 July 2019   872

The SDL (Simple Direct Layer) library set, which provides tools for hardware accelerated 2D and 3D graphics rendering, input processing, audio playback, 3D output via OpenGL / OpenGL ES, and many other related operations, revealed 6 vulnerabilities. Including in the SDL2_image library, two problems have been discovered that allow organizing remote code execution in the system. Attacks can be made on applications that use SDL to load images.

Both vulnerabilities (CVE-2019-5051, CVE-2019-5051) are present in the IMG_LoadPCX_RW function and are caused by the lack of the necessary error handler and integer overflow that can be exploited through the transfer of a specially crafted PCX file. Issues have already been fixed in the SDL_image 2.0.5 release. Information about the remaining 4 vulnerabilities has not yet been disclosed.

Vulnerabilities were found by Talos, so you can find more info at their website.