Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The IPythoninteractive development system project has announced its 3.0 release. "Support for languages other than Python is greatly improved, notebook UI has been significantly redesigned, and a lot of improvement has happened in the experimental interactive widgets. The message protocol and document format have both been updated, while maintaining better compatibility with previous versions than prior updates. The notebook webapp now enables editing of any text file, and even a web-based terminal (on Unix platforms)."(LWN looked at IPythonin 2014).
IPython 3.0 released

Version 2.2.0 of the VLCmedia player has been released. According to the announcement, highlights in the new version include automatic, hardware-accelerated rotation of portrait-orientation videos such as those shot on smartphones, resuming playback at the last point watched in the previous session, in-application download and installation of extensions, support for interactive Blu-Ray menus, and "compatibility with a very large number of unusual codecs."The release is available for Linux, Android, and Android TV, plus various Windows and Apple platforms.
VLC 2.2.0 released

Version 3.6 of the LLVM compiler suite is out. Changes include "many many bug fixes, optimization improvements, support for more proposed C++1z features in Clang, better native Windows compatibility, embedding LLVM IR in native object files, Go bindings, and more."Details can be found in the LLVM 3.6 release notesand the Clang 3.6 release notes.
LLVM 3.6 Released

Greg Kroah-Hartman has released the latest stable kernels: 3.18.8, 3.14.34, and 3.10.70. All contain important updates and fixes.
New kernel releases

Debianhas updated request-tracker4(multiple vulnerabilities). Debian-LTShas updated cups(code execution) and request-tracker3.8(multiple vulnerabilities). Oraclehas updated openssl(O5: multiple vulnerabilities). SUSEhas updated Samba(SLES11: code execution). Ubuntuhas updated cups(code execution) and eglibc, glibc(multiple vulnerabilities).
Friday's security updates

Ars Technica takes a lookat Linux gaming and at what effect SteamOS has had already for gaming on Linux. The article also considers the future and where SteamOS might (or might not) take things. "This all brings up another major question for SteamOS followers: how long is this "beta"going to last, exactly? While Valve has unquestionably built a viable Linux gaming market from practically nothing, the company's lackadaisical development timeline might be holding the market back from growing even more. In the last year, the initial excitement behind the SteamOS beta launch seems to have given way to "Valve Time"malaisein some ways."
The state of Linux gaming in the SteamOS era (Ars Technica)

CentOShas updated thunderbird(C6; C5: multiple vulnerabilities). Debianhas updated cups(code execution), iceweasel(multiple vulnerabilities), kfreebsd-9(denial of service), and libgtk2-perl(code execution). Fedorahas updated libhtp(F20: denial of service). Gentoohas updated samba(multiple vulnerabilities, some from 2012 and 2013). Mageiahas updated apache-poi(denial of service), cabextract(privilege escalation), e2fsprogs(two code execution flaws), firefox, thunderbird(multiple vulnerabilities), and sympa(information disclosure). openSUSEhas updated cups(13.2, 13.1: code execution) and snack(13.2, 13.1: code execution from 2012). Oraclehas updated firefox(OL5: multiple vulnerabilities) and thunderbird(OL6: multiple vulnerabilities). Red Hathas announcedthat RHEL 5.9 support will end on March 31. Scientific Linuxhas updated firefox(multiple vulnerabilities) and thunderbird(SL6, SL5: multiple vulnerabilities). Slackwarehas updated thunderbird(multiple vulnerabilities) and firefox(multiple vulnerabilities). SUSEhas updated java-1_5_0-ibm(SLE10SP4: many vulnerabilities) and java-1_6_0-ibm(SLE11SP2: two unspecified vulnerabilities). Ubuntuhas updated EC2 kernel(10.04: two vulnerabilities), firefox(14.10, 14.04, 12.04: many vulnerabilities), kernel(14.10; 14.04; 12.04; 10.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), linux-lts-utopic(14.04: multiple vulnerabilities), and linux-ti-omap4(12.04: multiple vulnerabilities).
Security advisories for Thursday

The Weekly Edition for February 26, 2015 is available.
[$] Weekly Edition for February 26, 2015

[Perspective transform]The newest update to the Kritadigital painting application has been released. Version 2.9 introduces several new user-interface features, updates to the layers system, and a variety of tool and rendering improvements. The 2.9 development cycle was also the project's first to be centered around a crowdfunding campaign.
[$] What's new in Krita 2.9

CentOShas updated firefox(C7; C6; C5: multiple vulnerabilities). Debian-LTShas updated openjdk-6(multiple vulnerabilities). Fedorahas updated dump(F21; F20: code execution) and samba(F21; F20: root code execution). Gentoohas updated grep(denial of service). Mageiahas updated freetype2(many vulnerabilities) and samba(root code execution). openSUSEhas updated samba(13.2, 13.1: two vulnerabilities). Oraclehas updated firefox(OL7; OL6: multiple vulnerabilities). Red Hathas updated firefox(RHEL5,6,7: multiple vulnerabilities) and thunderbird(RHEL5,6: multiple vulnerabilities). SUSEhas updated Samba(SLE11 SP3: root code execution). Ubuntuhas updated freetype(many vulnerabilities).
Security advisories for Wednesday

Mozilla has released Firefox 36.0. The release notesmention a few new features, including support for the full HTTP/2 protocol. This version will no longer accept insecure RC4 ciphers whenever possible and certificates with 1024-bit RSA keys will be phased out. See the release notes for more information.
Firefox 36 released

Videos from FOSDEM sessions are availablein mp4 format. WebM versions will become available later. (Thanks to Scott Dowdle)
FOSDEM videos

A traditional feature of the tools track at the Linux Foundation's Collaboration Summitis an update from the developers of the GNU C Library (glibc); that tradition was upheld in fine form at the 2015 event. Glibc developer Roland McGrath noted that while the project is a critical component in vast numbers of Linux installations, it does not have a lot of developers working on it. Still, even with a relatively small developer base, some real progress has been made over the last year.
[$] A GNU C Library update

Debianhas updated kernel(multiple vulnerabilities). Debian-LTShas updated samba(root code execution). Fedorahas updated php(F21: two vulnerabilities), sox(F21: code execution), sudo(F20: information disclosure), and unzip(F20: multiple vulnerabilities). Oraclehas updated samba(OL7; OL6: root code execution), samba3x(OL5: root code execution), and samba4(OL6: root code execution). Red Hathas updated libyaml(RHEL6: denial of service), samba(RHEL7; RHEL6.2, 6.4, 6.5; RHEL6: root code execution), samba3x(RHEL5; RHEL5.6, 5.9: root code execution), and samba4(RHEL6; RHEL6.4, 6.5: root code execution). Scientific Linuxhas updated samba(SL7; SL6,7; SL5: root code execution) and samba4(SL6: root code execution). SUSEhas updated php5(SLE12: multiple vulnerabilities). Ubuntuhas updated ca-certificates(certificate update), e2fsprogs(code execution), and samba(14.10, 14.04, 12.04: root code execution).
Tuesday's security updates

The Beautiful Queen Marya Morevna is a Russian folk tale. The Morevna Project makes anime videos about Morevna, using free software. This progress reportcovers the status of their newest episode. "Our main animation tool is Synfig Studio and for the past years it was improved a lot. I guess it?s needles to say, that the new episode will be produced using the latest development version of Synfig. For current stage of the project it is important to ensure that the tool is stable enough for production, so last weeks we were concentrated on fixing the critical bugs. As result of this work, we have published the first Release Candidatefor the new stable version of Synfig Studio, which is going to be numbered as 1.0 by the way."(Thanks to Paul Wise)
Morevna Production Report #1

Drupal Global Redirect Module Open Redirection Vulnerability
Vuln: Drupal Global Redirect Module Open Redirection Vulnerability

Bitweaver 'rankings.php' Local File Include Vulnerability
Vuln: Bitweaver 'rankings.php' Local File Include Vulnerability

IBM DB2 Administration Server (DAS) 'validateUser()' Stack Buffer Overflow Vulnerability
Vuln: IBM DB2 Administration Server (DAS) 'validateUser()' Stack Buffer Overflow Vulnerability

ENOVIA Unspecified Security Vulnerability
Vuln: ENOVIA Unspecified Security Vulnerability

[ MDVSA-2015:049 ] cups
Bugtraq: [ MDVSA-2015:049 ] cups

[CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2
Bugtraq: [CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2

BEdita CMS - XSS & CSRF Vulnerability in Version 3.5.0
Bugtraq: BEdita CMS - XSS &CSRF Vulnerability in Version 3.5.0

SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home
Bugtraq: SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus