News

This update removes the usage of the C (Credential) flag for the binfmt_misc registration within the qemu-user package, as it allowed for privilege escalation when running a suid/sgid binary under qemu-user. This means suid/sgid foreign-architecture binaries are not running with elevated privileges under qemu-user anymore. If you relied on this behavior of qemu-user in the past (running suid/sgid foreign-arch binaries), this will require changes to your deployment.

In Bookworm the affected packages are qemu-user-static (and qemu-user-binfmt) instead of qemu-user.

Additionally, two security issues were fixed the in SR-IOV support of QEMU system emulation.

https://security-tracker.debian.org/tracker/DSA-5983-1

Two security issues were discovered in the Squid proxy caching server, which could result in the execution of arbitrary code, information disclosure or denial of service.

https://security-tracker.debian.org/tracker/DSA-5982-1

A security issues was discovered in Chromium which could result in the execution of arbitrary code, denial of service, or information disclosure.

https://security-tracker.debian.org/tracker/DSA-5981-1

Matt Garman, Amazon's cloud boss, has a warning for business leaders rushing to swap workers for AI: Don't ditch your junior employees. From a report: The Amazon Web Services CEO said on an episode of the "Matthew Berman" podcast published Tuesday that replacing entry-level staff with AI tools is "one of the dumbest things I've ever heard." "They're probably the least expensive employees you have. They're the most leaned into your AI tools," he said. "How's that going to work when you go like 10 years in the future and you have no one that has built up or learned anything?" Garman said companies should keep hiring graduates and teaching them how to build software, break down problems, and adopt best practices. He also said the most valuable skills in an AI-driven economy aren't tied to any one college degree. "If you spend all of your time learning one specific thing and you're like, 'That's the thing I'm going to be expert at for the next 30 years,' I can promise you that's not going to be valuable 30 years from now," he said.

Read more of this story at Slashdot.

Meta announced today that it is splitting its Meta Superintelligence Labs into four divisions focused on AI research, superintelligence development, products, and infrastructure. The reorganization accompanies potential downsizing of the AI division's thousands of employees and executive departures, according to New York Times. Vice President of Generative AI Loredana Crisan is expected to announce her departure Tuesday. The company is exploring third-party AI models for its products rather than relying solely on internal technology. Chief AI Officer Alexandr Wang's team has abandoned Meta's previous frontier model Behemoth and is developing a new model from scratch, the report added.

Read more of this story at Slashdot.

Microsoft has removed the ability to disable automatic app updates in the Microsoft Store, according to screenshots from Deskmodder.de. Windows users can now only pause updates for one to five weeks. The Registry tweak that previously allowed users to modify update behavior has been removed. Group Policy editor remains the sole method for creating update exemptions on workstations and enterprise systems, but this tool is unavailable in Windows Home editions. The change is being deployed gradually to all Windows users. Microsoft has not commented on the modification, which affects all apps distributed through the Microsoft Store including both UWP and Win32 applications added in 2024.

Read more of this story at Slashdot.

Global fertility rates have fallen from five children per woman in the mid-twentieth century to 2.2 today, with approximately half of countries now below the 2.1 replacement threshold, according to data from the Institute for Health Metrics and Evaluation at the University of Washington. Mexico's rate dropped from seven children in 1970 to 1.6 in 2023. South Korea recorded 0.75 in 2024, down from 4.5 in 1970. The IHME projects over three-quarters of countries will fall below replacement level by 2050. A UN survey of 14,000 people across 14 countries found 39% cited financial limitations as a primary reason for not having children. China's population peaked around 2022 at 1.4 billion, while the U.S. Census Bureau predicts America's population will peak in 2080 at 370 million.

Read more of this story at Slashdot.