News briefs for June 26, 2018.
The EFF yesterday announced the launch of STARTTLS Everywhere, "EFF's initiative to improve the security of the email ecosystem". The goal with STARTTLS is "to do for email what we've done for web browsing: make it simple and easy for everyone to help ensure their communications aren't vulnerable to mass surveillance." You can find out how secure your current email provider is at https://www.starttls-everywhere.org, and for a more technical deep dive into STARTTLS Everywhere, go here.
GitLab announced yesterday that it is moving from Azure to Google Cloud. GitLab claims the decision to switch to Google Cloud is "because of our desire to run GitLab on Kubernetes. Google invented Kubernetes, and GKE has the most robust and mature Kubernetes support." The migration is planned for Saturday, July 28, 2018, and GitLab will utilize its Geo product for the migration.
Mozilla announced the release of Firefox version 61.0 today. New features include "faster page rendering with Quantum CSS improvements and the new retained display list feature", "faster switching between tabs on Windows and Linux", "convenient access to more search engines", improved security with "on-by-default support for the latest draft of the TLS 1.3 specification" and much more. See the release notes for all the details.
SUSE Linux Enterprise 15, "a multimodal operating system that bridges traditional data center technologies with software-defined infrastructure", was announced yesterday. Some new features include a unified intaller, installation without network using Packages media, migration from openSUSE Leap to SUSE Linux Enterprise Server. SUSE Linux Enterprise 15 also includes major updates to the software selection with Salt, Python 3 and Directory Server. See the release notes for more information.
Oracle has new patches for Spectre and the Lazy FPU issue, ZDNet reports. The fix addresses CVE-2018-3640 (Spectre variant 3a) and CVE-2018-3639 (Spectre variant 4). The fix for Spectre version 4 requires both software and microcode updates, while the fix for version 3a requires only microcode updates. In addition, "Oracle has also released updates for Red Hat Compatible Kernel (RHCK) to address CVE-2018-3665, the Lazy FPU issue that affects operating systems and VMs running on x86 microprocessors."