Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
Lubomir Rintel takes a lookat new features in NetworkManager 1.4. "It is now possible to randomize the MAC address of Ethernet devices to mitigate possibility of tracking. The users can choose between different policies; use a completely random address, or just use different addresses in different networks. For Wi-Fi devices, the same randomization modes are now supported and does no longer require support from wpa-supplicant."Also a newly added API for using configuration snapshots that automatically roll back after a timeout, IPv6 tokenized interface identifiers can be configured, new features in nmcli, and more are covered. (Thanks to Paul Wise)
Rintel: NetworkManager 1.4: with better privacy and easier to use

Fedorahas updated eog(F23: out-of-bounds write). openSUSEhas updated ImageMagick(Leap42.1: three vulnerabilities). Red Hathas updated qemu-kvm-rhev(RHOSP9: two vulnerabilities) and Red Hat OpenShift Enterprise 2.2.10(RHOSE: multiple vulnerabilities). Ubuntuhas updated eog(out-of-bounds write), harfbuzz(16.04, 14.04: two vulnerabilities), and libidn(multiple vulnerabilities).
Thursday's security updates

The Weekly Edition for August 25, 2016 is available.
[$] Weekly Edition for August 25, 2016

On August 25, 1991, an obscure student in Finland named Linus Benedict Torvalds posted a messageto the comp.os.minix Usenet newsgroup saying that he was working on a free operating system as a project to learn about the x86 architecture. He cannot possibly have known that he was launching a project that would change the computing industry in fundamental ways. Twenty-five years later, it is fair to say that none of us foresaw where Linux would go ? a lesson that should be taken to heart when trying to imagine where it might go from here.
[$] 25 Years of Linux ? so far

The Gentoo community is mourning the loss of Jonathan Portnoy. "Jon was an active member of the International Gentoo community, almost since its founding in 1999. He was still active until his last day. His passing has struck us deeply and with disbelief. We all remember him as a vivid and enjoyable person, easy to reach out to and energetic in all his endeavors."
In Memory of Jonathan ?avenj? Portnoy

CentOShas updated kernel(C6: TCP injection). Debian-LTShas updated libgcrypt11(flawed random number generation). Fedorahas updated eog(F24: out-of-bounds write), kernel(F23: use-after-free), mariadb(F23: multiple vulnerabilities), mingw-lcms2(F24: heap memory leak), postgresql(F23: multiple vulnerabilities), and python(F23: proxy injection). openSUSEhas updated libidn(Leap 42.1: multiple vulnerabilities) and kernel(13.2: multiple vulnerabilities). Oraclehas updated kernel(O6: TCP injection). Red Hathas updated kernel(RHEL 7.1: multiple vulnerabilities; RHEL6: TCP injection) and qemu-kvm-rhev(RHOSP8: multiple vulnerabilities). Scientific Linuxhas updated kernel(SL6: TCP injection). Slackwarehas updated gnupg(flawed random number generation), kernel(14.2: TCP injection), and libgcrypt(flawed random number generation).
Wednesday's security updates

Version 5.0.0 of the KDevelop integrated development environment (IDE) has been released, marking the end of a two-year development cycle. The highlight is a move to Clang for C and C++ support: "The most prominent change certainly is the move away from our own, custom C++ analysis engine. Instead, C and C++ code analysis is now performed by clang."The announcement goes on to describe other benefits of using Clang, such as more accurate diagnostics and suggested fixes for many syntax errors. KDevelop has also been ported to KDE Frameworks 5 and Qt 5, which opens up the possibility of Windows releases down the line.
KDevelop 5.0 released

Arch Linuxhas updated libgcrypt(information disclosure). Fedorahas updated kernel(F24: use-after-free vulnerability), pagure(F24: cross-site scripting), and postgresql(F24: multiple vulnerabilities). Red Hathas updated qemu-kvm-rhev(RHEL7 OSP5; RHEL7 OSP7; RHEL6 OSP5; RHEL7 OSP6: multiple vulnerabilities). SUSEhas updated MozillaFirefox(SLE12: multiple vulnerabilities).
Tuesday's security updates

Google has announcedthat the Android 7.0 release has started rolling out to recent-model Nexus devices. "It introduces a brand new JIT/AOT compiler to improve software performance, make app installs faster, and take up less storage. It also adds platform support for Vulkan, a low-overhead, cross-platform API for high-performance, 3D graphics. Multi-Window support lets users run two apps at the same time, and Direct Reply so users can reply directly to notifications without having to open the app. As always, Android is built with powerful layers of security and encryption to keep your private data private, so Nougat brings new features like File-based encryption, seamless updates, and Direct Boot."See this pagefor a video-heavy description of new features.
Android 7.0 "Nougat"released

Greg Kroah-Hartman has announced the release of the 4.7.2, 4.4.19, and 3.14.77stable kernels. As usual, they contain fixes throughout the tree and users of those series should upgrade.
Stable kernels 4.7.2, 4.4.19, and 3.14.77

Arch Linuxhas updated linux-lts(connection hijacking). CentOShas updated kernel(C7: connection hijacking). Debian-LTShas updated cracklib2(code execution) and suckless-tools(screen lock bypass). Fedorahas updated firewalld(F24: authentication bypass), glibc(F24: denial of service on armhfp), knot(F24; F23: denial of service), libgcrypt(F24: bad random number generation), and perl(F23: privilege escalation). openSUSEhas updated apache2-mod_fcgid(42.1, 13.2: proxy injection), gd(13.2: multiple vulnerabilities), iperf(SPHfSLE12; 42.1, 13.2: denial of service), pdns(42.1, 13.2: denial of service), python3(42.1, 13.2: multiple vulnerabilities), roundcubemail(42.1; 13.2; 13.1: multiple vulnerabilities, two from 2015), and typo3-cms-4_7(42.1, 13.2: three vulnerabilities from 2013 and 2014). Scientific Linuxhas updated kernel(SL7: connection hijacking) and python(SL6&7: three vulnerabilities).
Monday's security advisories

The 4.8-rc3kernel prepatch is out. "It all looks pretty sane, I'm not seeing anything hugely scary here."
Kernel prepatch 4.8-rc3

The Fedora engineering steering committee has agreedthat the upcoming Fedora 25 release should use the Wayland display manager by default. "There are still some bugs that are important to solve. However, there is still time to work on them. And the legacy Xorg session option will not be removed, and will be clearly documented how to fallback in cases where users need it."If this plan holds, it may be an important step in the long-awaited move away from the X Window system.
Fedora 25 to run Wayland by default

The kdenlive video editor project has announced the 16.08.0 release. "Kdenlive 16.08.0 marks a milestone in the project?s history bringing it a step closer to becoming a full-fledged professional tool."Highlights include three-point editing, pre-rendering of timeline effects, Krita image support, and more.
kdenlive 16.08.0 released

CentOShas updated python(C7; C6: multiple vulnerabilities). Fedorahas updated ca-certificates(F24: update to CA certificates) and spice(F23: multiple vulnerabilities). Oraclehas updated kernel(O7: TCP injection) and python(O7; O6: multiple vulnerabilities). Red Hathas updated kernel(RHEL7; RHEL6: TCP injection), kernel-rt(RHEL7: TCP injection), python(RHEL 6,7: multiple vulnerabilities), python27-python(RHSC: multiple vulnerabilities), python33-python(RHSC: multiple vulnerabilities), realtime-kernel(RHEM2.5: TCP injection), rh-mariadb101-mariadb(RHSC: multiple vulnerabilities), rh-python34-python(RHSC: multiple vulnerabilities), and rh-python35-python(RHSC: multiple vulnerabilities). SUSEhas updated the Linux Kernel(SLE12: multiple vulnerabilities) and xen(SLE11: multiple vulnerabilities). Ubuntuhas updated gnupg(12.04, 14.04, 16.04: flawed random-number generation), libgcrypt11, libgcrypt20(12.04, 14.04, 16.06: flawed random-number generation), and postgresql-9.1, postgresql-9.3, postgresql-9.5(12.04, 14.04, 16.04: multiple vulnerabilities).
Friday's security updates

Cisco Adaptive Security Appliance Products CVE-2016-6366 Buffer Overflow Vulnerability
Vuln: Cisco Adaptive Security Appliance Products CVE-2016-6366 Buffer Overflow Vulnerability

Linux Kernel 'ovl_copy_up_locked()' Local Denial of Service Vulnerability
Vuln: Linux Kernel 'ovl_copy_up_locked()' Local Denial of Service Vulnerability

Linux Kernel Local Denial of Service Vulnerability
Vuln: Linux Kernel Local Denial of Service Vulnerability

Sudo Local Information Disclosure Vulnerability
Vuln: Sudo Local Information Disclosure Vulnerability

[SECURITY] [DSA 3654-1] quagga security update
Bugtraq: [SECURITY] [DSA 3654-1] quagga security update

Necroscan <= v0.9.1 Buffer Overflow
Bugtraq: Necroscan

[SECURITY] [DSA 3652-1] imagemagick security update
Bugtraq: [SECURITY] [DSA 3652-1] imagemagick security update

APPLE-SA-2016-08-25-1 iOS 9.3.5
Bugtraq: APPLE-SA-2016-08-25-1 iOS 9.3.5

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus