Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The CoreOS project has announcedversion 1.0 of its rktcontainer manager. As part of the release, rkt's command-line interface and on-disk format have been declared stable. The announcement also highlights a number of new security features, including "KVM-based container isolation, SELinux support, TPM integration, image signature validation, and privilege separation"and notes that rkt will run Docker images.
The rkt container manager reaches 1.0

Arch Linuxhas updated libbsd(denial of service). Debianhas updated krb5(multiple vulnerabilities). Fedorahas updated nettle(F23: improper cryptographic calculations), salt(F22: information leak), and webkitgtk4(F23: multiple vulnerabilities). SUSEhas updated MozillaFirefox, MozillaFirefox-branding-SLE, mozilla-nss(SLE12: multiple vulnerabilities) and MozillaFirefox, MozillaFirefox-branding-SLED, mozilla-nss(SLE11: multiple vulnerabilities).
Friday's security updates

Over at, Eric Brown looksat the newly announced Ubuntu Touch tablet. The hardware: "The Aquaris M10 is equipped with a 64-bit, quad-core, Cortex-A53 MediaTek MT8163A system-on-chip clocked to 1.5GHz, along with a high-powered ARM Mali-T720 MP2 GPU. The tablet ships with 2GB of RAM, 16GB flash, and a microSD slot."It is said to have 1920x1200 resolution and an 8 megapixel camera capable of HD recording. The interface will change to take advantage of larger displays and additional input devices (e.g. keyboard, mouse). "It appears that the upcoming Ubuntu 16.04 ?Xenial Xerus? LTS release due in April will be the first true convergence release. According to PC World, it will still be optional, however, with a traditional Unity 7 build with available alongside the newly converged Unity 8 with the new Mir display server. The new tablet, and Unity 8,will feature Ubuntu Touch?s Scopes interface, which presents frequently used content and services as an alternative to traditional apps. In addition to automatically changing the interface in response to new screens and input devices, Ubuntu is also providing convergence on the application development level. Developers are already developing single apps that can automatically morph into desktop, phone, and tablet formats."
First Ubuntu Touch Tablet Brings Convergence at Last (

Debian-LTShas updated openjdk-6(multiple vulnerabilities). Fedorahas updated nodejs-is-my-json-valid(F23: denial of service), phpmyadmin(F23: multiple vulnerabilities), and prosody(F22: insecure key handling). Gentoohas updated qemu(multiple vulnerabilities). Slackwarehas updated mozilla(unspecified), mplayer(file contents leak), openssl(cipher downgrade), and php(three vulnerabilities).
Thursday's security advisories

The Weekly Edition for February 4, 2016 is available.
[$] Weekly Edition for February 4, 2016

Arch Linuxhas updated lib32-nettle(improper cryptographic calculations) and nettle(improper cryptographic calculations). Debianhas updated openjdk-6(multiple vulnerabilities). Fedorahas updated openstack-heat(F23: denial of service) and openstack-swift(F23: denial of service). openSUSEhas updated kernel(13.2: multiple vulnerabilities). Red Hathas updated kernel(RHEL7.1: multiple vulnerabilities). Ubuntuhas updated qemu, qemu-kvm(15.10, 14.04, 12.04: multiple vulnerabilities).
Security advisories for Wednesday

Michael Catanzaro describes the sad state of WebKit securityon Linux distributions and the challenges of security support for such a complex package in general. "We regularly receive bug reports from users with very old versions of WebKit, who trust their distributors to handle security for them and might not even realize they are running ancient, unsafe versions of WebKit. I strongly recommend using a distribution that releases WebKitGTK+ updates shortly after they?re released upstream. That is currently only Arch and Fedora. (You can also safely use WebKitGTK+ in Debian testing ? except during its long freeze periods ? and Debian unstable, and maybe also in openSUSE Tumbleweed. Just be aware that the stable releases of these distributions are currently not receiving our security updates.)"Lots of information here, worth a read for anybody interested in the topic.
Catanzaro: On WebKit security updates

Arch Linuxhas updated curl(authentication bypass), lib32-curl(authentication bypass), python-django(permission bypass), and python2-django: permission bypass). Fedorahas updated bind(F22: two denial of service flaws), chrony(F22: packet modification), curl(F22: authentication bypass), firefox(F22: multiple vulnerabilities), and qemu(F22: multiple vulnerabilities). openSUSEhas updated firefox(13.1: multiple vulnerabilities), privoxy(Leap42.1, 13.2; 13.1: two denial of service flaws), seamonkey(Leap42.1, 13.2; 13.1: multiple vulnerabilities), firefox(Leap42.1, 13.2: multiple vulnerabilities), and xulrunner(Leap42.1: code execution). Red Hathas updated java-1.6.0-ibm(RHEL5,6: multiple vulnerabilities), java-1.7.0-ibm(RHEL5: multiple vulnerabilities), java-1.7.1-ibm(RHEL6,7: multiple vulnerabilities), java-1.8.0-ibm(RHEL7: multiple vulnerabilities), and redis(RHELOSP7-OT; RHELOSP7; RHELOSP6: denial of service). Ubuntuhas updated kernel(15.10; 15.04; 14.04; 12.04: multiple vulnerabilities), linux-lts-trusty(12.04: multiple vulnerabilities), linux-lts-utopic(14.04: multiple vulnerabilities), linux-lts-vivid(14.04: multiple vulnerabilities), linux-lts-wily(14.04: multiple vulnerabilities), linux-raspi2(15.10: multiple vulnerabilities), linux-ti-omap4(12.04: multiple vulnerabilities), openjdk-6(12.04: multiple vulnerabilities), and openjdk-7(15.10, 15.04, 14.04: multiple vulnerabilities).
Tuesday's security advisories

[The usbclassd board]The Black Forest firedestroyed over 500 Colorado houses in June 2013; one of those belonged to longtime Debian developer Bdale Garbee. As he reported during his talk at the 2016 linux.conf.auMultimedia and Music miniconf, the house has been redesigned and rebuilt and life is generally better now. Part of the rebuilding process included the incorporation of a whole-house audio system; naturally, Bdale took a unique approach to that task. His talk showed what can be done when one starts from scratch ? and doesn't mind designing a circuit board along the way.
[$] Whole-house audio with free hardware and software

This Red Hat blog postcelebrates the fifteenth anniversary of the first SELinux release. "With the question of open source security long behind us, we are now focused on providing an even more flexible security model through SELinux. With the rise of composite, distributed applications that can span hundreds of physical and virtual machines as well as disparate cloud instances and Linux container deployments, one-off usage of SELinux is not enough. Instead, we are focused on providing ?defense in depth? for modern computing scenarios, effectively building and deploying SELinux policies at each level of the datacenter."
Fifteen years of SELinux

CentOShas updated qemu-kvm(C7; C6: code execution). Debianhas updated freetype(denial of service), privoxy(two denial of service flaws), prosody(insecure handling of dialback keys), radicale(two vulnerabilities), and rails(multiple vulnerabilities). Debian-LTShas updated gosa(code injection), mysql-5.5(multiple vulnerabilities), phpmyadmin(two vulnerabilities), prosody(two vulnerabilities), and tiff(multiple vulnerabilities). Fedorahas updated curl(F23: authentication bypass), firefox(F23: multiple vulnerabilities), gsi-openssh(F22: multiple vulnerabilities), imlib2(F23: denial of service), kernel(F23; F22: multiple vulnerabilities), krb5(F23: three vulnerabilities), moodle(F23; F22: two vulnerabilities), nginx(F23: multiple vulnerabilities), ntp(F23: multiple vulnerabilities), openssl(F23: two vulnerabilities), phpMyAdmin(F22: multiple vulnerabilities), privoxy(F23; F22: two denial of service flaws), webkitgtk4(F22: multiple vulnerabilities), and xen(F22: multiple vulnerabilities). Gentoohas updated openssl(multiple vulnerabilities). openSUSEhas updated ecryptfs-utils(Leap42.1; 13.1: two vulnerabilities), giflib(Leap42.1: heap-based buffer overflow), and kernel(13.1: multiple vulnerabilities).
Security updates for Monday

The 4.5-rc2kernel prepatch is out. Linus says things aren't going so slowly anymore: "As late as Friday, I was planning on talking about how nice it is to see this new trend of tiny rc2 releases, because there really hadn't been very many pull requests at all. But it turns out the pull requests were just heavily skewed to the end of the week, and 4.5-rc2 isn't particularly small after all. It pretty much doubled over the weekend."Still, he seems to think that things are working well enough.
Kernel prepatch 4.5-rc2

The 4.4.1, 4.3.5, and 4.1.17stable kernel updates are out. These contain a relatively large number of changes as Greg Kroah-Hartman continues to work through the patch backlog.
The stable update stream continues

The KDE neonproject ? which arguably could be seen as a replacement for the Kubuntu distribution ? has been announcedat FOSDEM. "More than ever people expect a stable desktop with cutting-edge features, all in a package which is easy to use and ready to make their own. KDE Neon is the intersection of these needs using a stable Ubuntu long-term release as its core, packaging the hottest software fresh from the KDE Community ovens. Compute knowing you have a solid foundation and enjoy the features you experience in the world's most customisable desktop."
KDE neon announced

Greg Kroah-Hartman has released stable kernels 3.14.60and 3.10.96, each containing important updates throughout the tree.
New stable kernels

JasPer 'jas_matrix_create()' Function Integer Overflow Vulnerability
Vuln: JasPer 'jas_matrix_create()' Function Integer Overflow Vulnerability

Oracle Java SE CVE-2015-4902 Remote Security Vulnerability
Vuln: Oracle Java SE CVE-2015-4902 Remote Security Vulnerability

Oracle Java SE CVE-2015-4806 Remote Security Vulnerability
Vuln: Oracle Java SE CVE-2015-4806 Remote Security Vulnerability

Oracle Java SE CVE-2015-4805 Remote Security Vulnerability
Vuln: Oracle Java SE CVE-2015-4805 Remote Security Vulnerability

CVE-2015-3252: Apache CloudStack VNC authentication issue
Bugtraq: CVE-2015-3252: Apache CloudStack VNC authentication issue

CVE-2015-3251: Apache CloudStack VM Credential Exposure
Bugtraq: CVE-2015-3251: Apache CloudStack VM Credential Exposure

[SECURITY] [DSA 3466-1] krb5 security update
Bugtraq: [SECURITY] [DSA 3466-1] krb5 security update

WordPress User Meta Manager Plugin [Blind SQLI]
Bugtraq: WordPress User Meta Manager Plugin [Blind SQLI]

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus