Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Tuukka Turunen presentsa roadmap for Qt. "Qt 3D was first released with Qt 5.7 and in Qt 5.8 the focus was mostly on stability and performance. With Qt 5.9 we are providing many new features which significantly improve the functionality of Qt 3D. Notable new features include support for mesh morphing and keyframe animations, using Qt Quick items as a texture for 3D elements, as well as support for physically based rendering and particles. There are also multiple smaller features and improvements throughout the Qt 3D module."
Turunen: Qt Roadmap for 2017

CentOShas updated firefox(C7; C6; C5: multiple vulnerabilities). Debianhas updated tomcat7(regression in previous update) and tomcat8(regression in previous update). Gentoohas updated archive-tar-minitar(file overwrites) and ghostscript-gpl(multiple vulnerabilities). openSUSEhas updated profanity(42.2, 42.1: user impersonation). SUSEhas updated php7(SLE12: multiple vulnerabilities). Ubuntuhas updated kernel(14.04: three vulnerabilities), linux, linux-raspi2(16.10: three vulnerabilities), linux, linux-snapdragon(16.04: multiple vulnerabilities), linux, linux-ti-omap4(12.04: three vulnerabilities), linux-lts-trusty(12.04: three vulnerabilities), linux-lts-xenial(14.04: multiple vulnerabilities), and tcpdump(multiple vulnerabilities).
Wednesday's security advisories

Issues of when and how to enforce free-software licenses, and who should do it, have been on some people's mindsrecently, and Richard Fontana from Red Hat decided to continue the discussion at FOSDEM. This was a fairly lawyerly talk; phrases like "alleged violation"and "I think that..."were scattered throughout it to a degree not normally found in talks by developers. This is because Fontana is a lawyer at Red Hat, and he was talking about ideas which, while they are not official Red Hat positions, were developed following discussions between him and other members of the legal team at Red Hat. Subscribers can click below for the full report of the talk by guest author Tom Yates.
[$] Principled free-software license enforcement

The year-2038 apocalypseis now just under 21 years away. For those who are curious about how the GNU C Library plans to deal with this problem, there is a draft design documentout for review. "In order to avoid duplicating APIs for 32-bit and 64-bit time, glibc will provide either one but not both for a given application; the application code will have to choose between 32-bit or 64-bit time support, and the same set of symbols (e.g. time_t or clock_gettime) will be provided in both cases."
A draft glibc year-2038 design document

The 2017 Linux Plumbers Conference is set for September 13 to 15 in Los Angeles, California. The core of this event is the microconferences, focused gatherings that address a specific range of problems. The call for microconferencesfor the 2017 event is now out. "Good microconferences result in solutions to these problems and concerns, while the best microconferences result in patches that implement those solutions."
Linux Plumbers Conference call for microconferences

A group of Google developers has announcedthe release of (an early version of) a new global filesystem called "Upspin". "Upspin looks a bit like a global file system, but its real contribution is a set of interfaces, protocols, and components from which an information management system can be built, with properties such as security and access control suited to a modern, networked world. Upspin is not an 'app' or a web service, but rather a suite of software components, intended to run in the network and on devices connected to it, that together provide a secure, modern information storage and sharing network."
The "Upspin"global filesystem

David Egts takes a lookat the ESP8266 WiFi chip, on "What is the ESP8266 exactly? The ESP8266 is a 32-bit RISC CPU made by Espressif Systems. Its clock runs at 80MHz, and it supports up to 16MB of flash RAM for program storage. These specifications are quite impressive when compared to an Arduino UNO, which runs at 16MHz, only has 32KB of RAM, and is several times more expensive. Another big difference is that the ESP8266 requires only 3.3 volts of power while most Arduinos require 5 volts. Keep this voltage difference in mind when extending your existing Arduino knowledge and projects to the ESP8266 to prevent magic smoke."
Internet-enable your microcontroller projects for under $6 with ESP8266 (

CentOShas updated openssl(C7; C6: two vulnerabilities). Debian-LTShas updated gtk-vnc(two vulnerabilities). Fedorahas updated kernel(F25; F24: two vulnerabilities), mingw-gstreamer1(F25: denial of service), mingw-gstreamer1-plugins-bad-free(F25: two vulnerabilities), mingw-gstreamer1-plugins-base(F25: multiple vulnerabilities), mingw-gstreamer1-plugins-good(F25: multiple vulnerabilities), mingw-wavpack(F25; F24: multiple vulnerabilities), and xen(F25: denial of service). Gentoohas updated adobe-flash(multiple vulnerabilities), dropbear(multiple vulnerabilities), firefox(multiple vulnerabilities), libass(multiple vulnerabilities), libvncserver(two vulnerabilities), mariadb(multiple vulnerabilities), mysql(multiple vulnerabilities), nagios-core(multiple vulnerabilities, one from 2008), ocaml(information leak), opus(code execution), php(multiple vulnerabilities), pycrypto(denial of service), qemu(multiple vulnerabilities), redis(three vulnerabilities), tcpdump(multiple vulnerabilities), thunderbird(multiple vulnerabilities), tigervnc(code execution), and xen(code execution). Mageiahas updated ruby-archive-tar-minitar(file overwrites). openSUSEhas updated libplist(42.1: multiple vulnerabilities) and nodejs(42.1: three vulnerabilities). Oraclehas updated openssl(OL7; OL6: two vulnerabilities). SUSEhas updated flash-player(SLE12-SP1: multiple vulnerabilities). Ubuntuhas updated gtk-vnc(14.04, 12.04: two vulnerabilities), spice(16.10, 16.04, 14.04: two vulnerabilities), and tomcat6, tomcat7(14.04, 12.04: denial of service).
Security updates for Tuesday

After taking a few years off, Jon Masters is restarting his kernel podcast. "In this week?s edition: Linus Torvalds announces Linux 4.10, Alan Tull updates his FPGA manager framework, and Intel?s latest 5-level paging patch series is posted for review. We will have this, and a summary of ongoing development in the first of the newly revived Linux Kernel Podcast."
The return of the Linux kernel podcast

Debian-LTShas updated gst-plugins-bad0.10(two vulnerabilities), gst-plugins-base0.10(two vulnerabilities), gst-plugins-good0.10(two vulnerabilities), gst-plugins-ugly0.10(two vulnerabilities), and wireshark(denial of service). Fedorahas updated bind(F24: denial of service), python-peewee(F25; F24: largely unspecified), sshrc(F25: unspecified), and zoneminder(F25; F24: information disclosure). Gentoohas updated glibc(multiple vulnerabilities, most from 2014 and 2015), mupdf(three vulnerabilities), and ntfs3g(privilege escalation). Mageiahas updated gnutls(multiple vulnerabilities), gtk-vnc(two vulnerabilities), iceape(multiple vulnerabilities), jitsi(user spoofing), libarchive(denial of service), libgd(multiple vulnerabilities), lynx(URL spoofing), mariadb(multiple vulnerabilities, almost all unspecified), netpbm(multiple vulnerabilities), openjpeg2(multiple vulnerabilities), tomcat(information disclosure), and viewvc(cross-site scripting). openSUSEhas updated chromium(42.2, 42.1: multiple vulnerabilities), firebird(42.2, 42.1: access restriction bypass), java-1_7_0-openjdk(42.2, 42.1: multiple vulnerabilities), mcabber(42.2: user spoofing), mupdf(42.2, 42.1: multiple vulnerabilities), open-vm-tools(42.1: CVE with no description from 2015), opus(42.2, 42.1: code execution), tiff(42.2, 42.1: code execution), and vim(42.1: code execution). Red Hathas updated openssl(RHEL7&6: two vulnerabilities). Scientific Linuxhas updated openssl(SL7&6: two vulnerabilities). SUSEhas updated kernel(SLE12: denial of service) and kernel(SLE11: multiple vulnerabilities, some from 2004, 2012, and 2015). Ubuntuhas updated python-crypto(16.10, 16.04, 14.04: regression in previous update).
Monday's security advisories

Linus has releasedthe 4.10 kernel. "On the whole, 4.10 didn't end up as small as it initially looked. After the huge release that was 4.9, I expected things to be pretty quiet, but it ended up very much a fairly average release by modern kernel standards."Features of note in this release include some long-awaited writeback throttlingwork, the ability to attach a BPF network filterto a control group, encryption in UBIFS filesystems, Intel cache-allocation technologysupport, and more. See the KernelNewbies 4.10 pagefor lots of details.
The 4.10 kernel has been released

The 4.9.11and 4.4.50stable kernel updates are available; each contains the usual set of important fixes.
Stable kernels 4.9.11 and 4.4.50

The SystemTapteam has announced the 3.1 release of the tool that allows extracting performance and debugging information at runtime from the kernel as well as various user-space programs. New features include support for adding probes to Python 2 and 3 functions, Java probes now convert all parameters to strings before passing them to probes, a new @variance()statistical operator has been added, new sample scripts have been added, and more.
SystemTap 3.1 has been released

Arch Linuxhas updated diffoscope(file overwrite), flashplugin(multiple vulnerabilities), and lib32-flashplugin(multiple vulnerabilities). Debianhas updated spice(two vulnerabilities). Debian-LTShas updated spice(two vulnerabilities). Gentoohas updated imagemagick(multiple vulnerabilities). openSUSEhas updated expat(42.2, 42.1: two vulnerabilities, one from 2012), guile(42.2, 42.1: information disclosure), libgit2(42.2: multiple vulnerabilities), mariadb(42.2, 42.1: multiple vulnerabilities), mysql-community-server(42.1: multiple vulnerabilities), openssl(42.2; 42.1: multiple vulnerabilities), and postfixadmin(42.2, 42.1: security bypass). SUSEhas updated java-1_7_0-openjdk(SLE12: multiple vulnerabilities). Ubuntuhas updated bind9(denial of service), python-crypto(16.10, 16.04, 14.04: code execution), and webkit2gtk(16.10, 16.04: multiple vulnerabilities).
Security updates for Friday

The Go team has announcedthe release of Go 1.8. "The compiler back end introduced in Go 1.7for 64-bit x86 is now used on all architectures, and those architectures should see significant performance improvements. For instance, the CPU time required by our benchmark programs was reduced by 20-30% on 32-bit ARM systems. There are also some modest performance improvements in this release for 64-bit x86 systems. The compiler and linker have been made faster. Compile times should be improved by about 15% over Go 1.7. There is still more work to be done in this area: expect faster compilation speeds in future releases."See the release notesfor more details.
Go 1.8 released

[SECURITY] [DSA 3788-2] tomcat8 regression update
Bugtraq: [SECURITY] [DSA 3788-2] tomcat8 regression update

[security bulletin] HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information
Bugtraq: [security bulletin] HPESBHF03709 rev.1 - HPE Network products including Comware, IMC, and VCX running OpenSSL, Remote Denial of Service (DoS), Disclosure of Sensitive Information

APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1
Bugtraq: APPLE-SA-2017-02-21-2 Logic Pro X 10.3.1

PDFMate PDF Converter Pro - Buffer Overflow Vulnerability
Bugtraq: PDFMate PDF Converter Pro - Buffer Overflow Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus