Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
In the performance-conscious world of high-speed networking, anything that can be done to avoid copying packet data is welcome. The MSG_ZEROCOPYfeatureadded in 4.14 enables zero-copy transmission of data, but does not address the receive side of the equation. It now appears that the 4.18 kernel will include a zero-copy receive mechanismby Eric Dumazet to close that gap, at least for some relatively specialized applications.
[$] Zero-copy TCP receive

Stable kernels 4.16.3, 4.15.18, and 4.14.35have been released. This is the last 4.15.y kernel and users should move to 4.16.y.
Stable kernel updates

Security updates have been issued by Debian(opencv and wireshark), Fedora(corosync and pcs), Oracle(firefox, kernel, libvncserver, and libvorbis), Slackware(gd), SUSE(kernel), and Ubuntu(apache2).
Security updates for Thursday

The Weekly Edition for April 19, 2018 is available.
[$] Weekly Edition for April 19, 2018

It is normally the grumpy editor's job to look at accounting software; he does so with an eye toward getting the business off of the proprietary QuickBooks application and moving to something free. It may be that Beancountdeserves a look of that nature before too long but, in the meantime, a slightly less grumpy editor has been messing with this text-based accounting tool for a variety of much smaller projects. It is an interesting system, with a lot of capabilities, but its reliance on hand-rolling for various pieces may scare some folks off.
[$] Counting beans?and more?with Beancount

The release of pip 10.0 has been announced. Some highlights of this release include the removal of Python 2.6 support, limited PEP 518support (with more to come), a new "pip config"command, and other improvements.
Pip 10.0 has been released

The new PyPIhas been launched. Browser traffic and API calls (including "pip install") have been redirected from the old to the new site. The old PyPI will shut down on April 30. LWN coveredthe new PyPI last week.
New PyPI launched

Developers of database management systems are, by necessity, concerned about getting data safely to persistent storage. So when the PostgreSQL community found out that the way the kernel handles I/O errors could result in data being lost without any errors being reported to user space, a fair amount of unhappiness resulted. The problem, which is exacerbated by the way PostgreSQL performs buffered I/O, turns out not to be unique to Linux, and will not be easy to solve even there.
[$] PostgreSQL's fsync() surprise

Security updates have been issued by Debian(freeplane and jruby), Fedora(kernel and python-bleach), Gentoo(evince, gdk-pixbuf, and ncurses), openSUSE(kernel), Oracle(gcc, glibc, kernel, krb5, ntp, openssh, openssl, policycoreutils, qemu-kvm, and xdg-user-dirs), Red Hat(corosync, glusterfs, kernel, and kernel-rt), SUSE(openssl), and Ubuntu(openssl and perl).
Security updates for Wednesday

Security updates have been issued by Debian(corosync, linux-tools, qemu, qemu-kvm, and r-cran-readxl), openSUSE(evince, memcached, nodejs4, ntp, pdns-recursor, python-gunicorn, python3-gunicorn, and python3), and Ubuntu(ruby1.9.1, ruby2.0, ruby2.3).
Security updates for Tuesday

Microsoft has issued a press releasedescribing the security dangers involved with the Internet of things ("a weaponized stove, baby monitors that spy, the contents of your refrigerator being held for ransom") and introducing "Microsoft Azure Sphere"as a combination of hardware and software to address the problem. "Unlike the RTOSes common to MCUs today, our defense-in-depth IoT OS offers multiple layers of security. It combines security innovations pioneered in Windows, a security monitor, and a custom Linux kernel to create a highly-secured software environment and a trustworthy platform for new IoT experiences."
Introducing Microsoft Azure Sphere

Alpine Linux-based postmarketOS is touch-optimized and pre-configured for installation on smartphones and other mobile devices. The postmarketOS blog introduces postmarketOS-lowlevelwhich is a community project aimed at creating free bootloaders and cellular modem firmware, currently focused on MediaTek phones. "But before we get started, please keep in mind that these are moon shots. So while there is some little progress, it's mostly about letting fellow hackers know what we've tried and what we're up to, in the hopes of attracting more interested talent to our cause. After all, our philosophy is to keep the community informed and engaged during the development phase!"
postmarketOS Low-Level

Security updates have been issued by Arch Linux(lib32-openssl and zsh), Debian(patch, perl, ruby-loofah, squirrelmail, tiff, and tiff3), Fedora(gnupg2), Gentoo(go), Mageia(firefox, flash-player-plugin, nxagent, puppet, python-paramiko, samba, and thunderbird), Red Hat(flash-plugin), Scientific Linux(python-paramiko), and Ubuntu(patch, perl, and ruby).
Security updates for Monday

Version 1.10 of the Subversion version-control system is out. Improvements include a new interactive resolver for merge conflicts, better path-based authorization, LZ4 compression, and more; see the release notesfor details.
Apache Subversion 1.10.0 released

By the time the 4.17 merge window was closed and 4.17-rc1was released, 11,769 non-merge changesets had been pulled into the mainline repository. 4.17 thus looks to be a typically busy development cycle, with a merge window only slightly more busy than 4.16 had. Some 6,000 of those changes were pulled after last week's summarywas written. There was a lot of the usual maintenance work in those patches (over 10% of those changes were to device-tree files, for example), but also some more significant changes.
[$] The second half of the 4.17 merge window

Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability
Vuln: Apache Commons FileUpload CVE-2016-3092 Denial Of Service Vulnerability

FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability
Vuln: FasterXML Jackson-databind CVE-2017-15095 Incomplete Fix Remote Code Execution Vulnerability

Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability
Vuln: Multiple Huawei Products CVE-2017-17167 Information Disclosure Vulnerability

FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability
Vuln: FasterXML Jackson-databind CVE-2018-7489 Incomplete Fix Remote Code Execution Vulnerability

Seagate Media Server stored Cross-Site Scripting vulnerability
Bugtraq: Seagate Media Server stored Cross-Site Scripting vulnerability

[slackware-security] gd (SSA:2018-108-01)
Bugtraq: [slackware-security] gd (SSA:2018-108-01)

WebKitGTK+ Security Advisory WSA-2018-0003
Bugtraq: WebKitGTK+ Security Advisory WSA-2018-0003

[SECURITY] [DSA 4174-1] corosync security update
Bugtraq: [SECURITY] [DSA 4174-1] corosync security update

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus