Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Version 4.0of the FFmpeg multimedia toolkit is out. There is a long list of new filters, formats, and more; see the announcement for details.
FFmpeg 4.0 released

The furor over the Meltdown and Spectre vulnerabilities has calmed a bit ? for now, at least ? but that does not mean that developers have stopped worrying about them. Spectre variant 1 (the bounds-check bypass vulnerability) has been of particular concern because, while the kernel is thought to contain numerous vulnerable spots, nobody really knows how to find them all. As a result, the defenses that have been developed for variant 1 have only been deployed in a few places. Recently, though, Dan Carpenter has enhancedthe smatchtool to enable it to find possibly vulnerable code in the kernel.
[$] Finding Spectre vulnerabilities with smatch

Greg Kroah-Hartman has released stable kernel 4.9.95with important fixes throughout the tree. Users should update.
Stable kernel 4.9.95 released

Security updates have been issued by Debian(libreoffice and mysql-5.5), Fedora(corosync), Oracle(java-1.8.0-openjdk), Red Hat(java-1.8.0-openjdk), Scientific Linux(java-1.8.0-openjdk), and Ubuntu(openssl).
Security updates for Friday

In the performance-conscious world of high-speed networking, anything that can be done to avoid copying packet data is welcome. The MSG_ZEROCOPYfeatureadded in 4.14 enables zero-copy transmission of data, but does not address the receive side of the equation. It now appears that the 4.18 kernel will include a zero-copy receive mechanismby Eric Dumazet to close that gap, at least for some relatively specialized applications.
[$] Zero-copy TCP receive

Stable kernels 4.16.3, 4.15.18, and 4.14.35have been released. This is the last 4.15.y kernel and users should move to 4.16.y.
Stable kernel updates

Security updates have been issued by Debian(opencv and wireshark), Fedora(corosync and pcs), Oracle(firefox, kernel, libvncserver, and libvorbis), Slackware(gd), SUSE(kernel), and Ubuntu(apache2).
Security updates for Thursday

The Weekly Edition for April 19, 2018 is available.
[$] Weekly Edition for April 19, 2018

It is normally the grumpy editor's job to look at accounting software; he does so with an eye toward getting the business off of the proprietary QuickBooks application and moving to something free. It may be that Beancountdeserves a look of that nature before too long but, in the meantime, a slightly less grumpy editor has been messing with this text-based accounting tool for a variety of much smaller projects. It is an interesting system, with a lot of capabilities, but its reliance on hand-rolling for various pieces may scare some folks off.
[$] Counting beans?and more?with Beancount

The release of pip 10.0 has been announced. Some highlights of this release include the removal of Python 2.6 support, limited PEP 518support (with more to come), a new "pip config"command, and other improvements.
Pip 10.0 has been released

The new PyPIhas been launched. Browser traffic and API calls (including "pip install") have been redirected from the old to the new site. The old PyPI will shut down on April 30. LWN coveredthe new PyPI last week.
New PyPI launched

Developers of database management systems are, by necessity, concerned about getting data safely to persistent storage. So when the PostgreSQL community found out that the way the kernel handles I/O errors could result in data being lost without any errors being reported to user space, a fair amount of unhappiness resulted. The problem, which is exacerbated by the way PostgreSQL performs buffered I/O, turns out not to be unique to Linux, and will not be easy to solve even there.
[$] PostgreSQL's fsync() surprise

Security updates have been issued by Debian(freeplane and jruby), Fedora(kernel and python-bleach), Gentoo(evince, gdk-pixbuf, and ncurses), openSUSE(kernel), Oracle(gcc, glibc, kernel, krb5, ntp, openssh, openssl, policycoreutils, qemu-kvm, and xdg-user-dirs), Red Hat(corosync, glusterfs, kernel, and kernel-rt), SUSE(openssl), and Ubuntu(openssl and perl).
Security updates for Wednesday

Security updates have been issued by Debian(corosync, linux-tools, qemu, qemu-kvm, and r-cran-readxl), openSUSE(evince, memcached, nodejs4, ntp, pdns-recursor, python-gunicorn, python3-gunicorn, and python3), and Ubuntu(ruby1.9.1, ruby2.0, ruby2.3).
Security updates for Tuesday

Microsoft has issued a press releasedescribing the security dangers involved with the Internet of things ("a weaponized stove, baby monitors that spy, the contents of your refrigerator being held for ransom") and introducing "Microsoft Azure Sphere"as a combination of hardware and software to address the problem. "Unlike the RTOSes common to MCUs today, our defense-in-depth IoT OS offers multiple layers of security. It combines security innovations pioneered in Windows, a security monitor, and a custom Linux kernel to create a highly-secured software environment and a trustworthy platform for new IoT experiences."
Introducing Microsoft Azure Sphere

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
Vuln: Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability

FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
Vuln: FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability

Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
Vuln: Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability

FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
Vuln: FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability

Seagate Media Server stored Cross-Site Scripting vulnerability
Bugtraq: Seagate Media Server stored Cross-Site Scripting vulnerability

[slackware-security] gd (SSA:2018-108-01)
Bugtraq: [slackware-security] gd (SSA:2018-108-01)

WebKitGTK+ Security Advisory WSA-2018-0003
Bugtraq: WebKitGTK+ Security Advisory WSA-2018-0003

[SECURITY] [DSA 4174-1] corosync security update
Bugtraq: [SECURITY] [DSA 4174-1] corosync security update

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus