Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
After taking a few years off, Jon Masters is restarting his kernel podcast. "In this week?s edition: Linus Torvalds announces Linux 4.10, Alan Tull updates his FPGA manager framework, and Intel?s latest 5-level paging patch series is posted for review. We will have this, and a summary of ongoing development in the first of the newly revived Linux Kernel Podcast."
The return of the Linux kernel podcast

Debian-LTShas updated gst-plugins-bad0.10(two vulnerabilities), gst-plugins-base0.10(two vulnerabilities), gst-plugins-good0.10(two vulnerabilities), gst-plugins-ugly0.10(two vulnerabilities), and wireshark(denial of service). Fedorahas updated bind(F24: denial of service), python-peewee(F25; F24: largely unspecified), sshrc(F25: unspecified), and zoneminder(F25; F24: information disclosure). Gentoohas updated glibc(multiple vulnerabilities, most from 2014 and 2015), mupdf(three vulnerabilities), and ntfs3g(privilege escalation). Mageiahas updated gnutls(multiple vulnerabilities), gtk-vnc(two vulnerabilities), iceape(multiple vulnerabilities), jitsi(user spoofing), libarchive(denial of service), libgd(multiple vulnerabilities), lynx(URL spoofing), mariadb(multiple vulnerabilities, almost all unspecified), netpbm(multiple vulnerabilities), openjpeg2(multiple vulnerabilities), tomcat(information disclosure), and viewvc(cross-site scripting). openSUSEhas updated chromium(42.2, 42.1: multiple vulnerabilities), firebird(42.2, 42.1: access restriction bypass), java-1_7_0-openjdk(42.2, 42.1: multiple vulnerabilities), mcabber(42.2: user spoofing), mupdf(42.2, 42.1: multiple vulnerabilities), open-vm-tools(42.1: CVE with no description from 2015), opus(42.2, 42.1: code execution), tiff(42.2, 42.1: code execution), and vim(42.1: code execution). Red Hathas updated openssl(RHEL7&6: two vulnerabilities). Scientific Linuxhas updated openssl(SL7&6: two vulnerabilities). SUSEhas updated kernel(SLE12: denial of service) and kernel(SLE11: multiple vulnerabilities, some from 2004, 2012, and 2015). Ubuntuhas updated python-crypto(16.10, 16.04, 14.04: regression in previous update).
Monday's security advisories

Linus has releasedthe 4.10 kernel. "On the whole, 4.10 didn't end up as small as it initially looked. After the huge release that was 4.9, I expected things to be pretty quiet, but it ended up very much a fairly average release by modern kernel standards."Features of note in this release include some long-awaited writeback throttlingwork, the ability to attach a BPF network filterto a control group, encryption in UBIFS filesystems, Intel cache-allocation technologysupport, and more. See the KernelNewbies 4.10 pagefor lots of details.
The 4.10 kernel has been released

The 4.9.11and 4.4.50stable kernel updates are available; each contains the usual set of important fixes.
Stable kernels 4.9.11 and 4.4.50

The SystemTapteam has announced the 3.1 release of the tool that allows extracting performance and debugging information at runtime from the kernel as well as various user-space programs. New features include support for adding probes to Python 2 and 3 functions, Java probes now convert all parameters to strings before passing them to probes, a new @variance()statistical operator has been added, new sample scripts have been added, and more.
SystemTap 3.1 has been released

Arch Linuxhas updated diffoscope(file overwrite), flashplugin(multiple vulnerabilities), and lib32-flashplugin(multiple vulnerabilities). Debianhas updated spice(two vulnerabilities). Debian-LTShas updated spice(two vulnerabilities). Gentoohas updated imagemagick(multiple vulnerabilities). openSUSEhas updated expat(42.2, 42.1: two vulnerabilities, one from 2012), guile(42.2, 42.1: information disclosure), libgit2(42.2: multiple vulnerabilities), mariadb(42.2, 42.1: multiple vulnerabilities), mysql-community-server(42.1: multiple vulnerabilities), openssl(42.2; 42.1: multiple vulnerabilities), and postfixadmin(42.2, 42.1: security bypass). SUSEhas updated java-1_7_0-openjdk(SLE12: multiple vulnerabilities). Ubuntuhas updated bind9(denial of service), python-crypto(16.10, 16.04, 14.04: code execution), and webkit2gtk(16.10, 16.04: multiple vulnerabilities).
Security updates for Friday

The Go team has announcedthe release of Go 1.8. "The compiler back end introduced in Go 1.7for 64-bit x86 is now used on all architectures, and those architectures should see significant performance improvements. For instance, the CPU time required by our benchmark programs was reduced by 20-30% on 32-bit ARM systems. There are also some modest performance improvements in this release for 64-bit x86 systems. The compiler and linker have been made faster. Compile times should be improved by about 15% over Go 1.7. There is still more work to be done in this area: expect faster compilation speeds in future releases."See the release notesfor more details.
Go 1.8 released

Arch Linuxhas updated gvim(code execution) and vim(code execution). Red Hathas updated openstack-cinder, openstack-glance, and openstack-nova(OSP7.0: denial of service from 2015). SUSEhas updated kernel(SLE12: many vulnerabilities, some from 2015 and 2014). Ubuntuhas updated libgc(code execution) and openjdk-6(12.04: multiple vulnerabilities).
Thursday's security updates

Mark Radcliffe surveys the most important legal issuessurrounding free and open-source software on "The challenge for the Linux community is to decide when to bring litigation to enforce the GPLv2. What it means in many situations is that to be compliant is currently left to individual contributors rather than being based on a set of community norms. As Theodore Ts'o noted, this issue really concerns project governance. Although permitting individual contributors to make these decisions may be the Platonic ideal, the tradeoff is ambiguity for users trying to be compliant as well as the potential for rogue members of the community (like McHardy) to create problems. The members of the Linux community and other FOSS communities need to consider how they can best assist the members of their community to understand what compliance means and to determine when litigation might be useful in furtherance of the community's goals."
Top 10 FOSS legal stories in 2016 (

The Weekly Edition for February 16, 2017 is available.
[$] Weekly Edition for February 16, 2017

The TensorFlow 1.0 releaseis available, bringing an API stability guarantee to this machine-learning library from Google. "TensorFlow 1.0 introduces a high-level API for TensorFlow, with tf.layers, tf.metrics, and tf.losses modules. We've also announced the inclusion of a new tf.keras module that provides full compatibility with Keras, another popular high-level neural networks library."
TensorFlow 1.0 released

Tom Callaway seems to be a very nice person who has been overclocked to about 140% normal human speed. In only 20 minutes he gave an interesting and highly-amusing talk that could have filled a 45-minute slot on the legal principles that underpin Fedora, how they got that way, and how they work out in practice. Subscribers can click below for the full report from FOSDEM by guest author Tom Yates.
[$] This is why I drink: a discussion of Fedora's legal state

Greg KH has released stable kernels 4.9.10and 4.4.49. Both contain the usual set of important fixes.
Stable kernel updates

CentOShas updated bind(C7: denial of service). Debianhas updated libevent(three vulnerabilities). Debian-LTShas updated libevent(three vulnerabilities). Fedorahas updated lynx(F25: invalid URL parsing) and xen(F25: multiple vulnerabilities). Oraclehas updated bind(OL7: denial of service). Red Hathas updated bind(RHEL7: denial of service), flash-plugin(RHEL6: multiple vulnerabilities), and kernel(RHEL7.1: code execution). Scientific Linuxhas updated bind(SL7: denial of service). SUSEhas updated java-1_8_0-ibm(SLE12-SP1,2: multiple vulnerabilities) and kernel(SLE12-SP1: multiple vulnerabilities). Ubuntuhas updated php5(14.04, 12.04: multiple vulnerabilities).
Wednesday's security updates

TechRepublic reportsthat the Munich, Germany city council has voted to begin the move back to proprietary desktop software. "Under a proposal backed by the general council, the administration will investigate how long it will take and how much it will cost to build a Windows 10 client for use by the city's employees. Once this work is complete, the council will vote again on whether to replace LiMux, a custom version of the Linux-based OS Ubuntu, across the authority from 2021."
Linux champion Munich takes decisive step towards returning to Windows (TechRepublic)

PDFMate PDF Converter Pro - Buffer Overflow Vulnerability
Bugtraq: PDFMate PDF Converter Pro - Buffer Overflow Vulnerability

[SECURITY] [DSA 3790-1] spice security update
Bugtraq: [SECURITY] [DSA 3790-1] spice security update

[SYSS-2017-004] Simplessus Files: Path Traversal
Bugtraq: [SYSS-2017-004] Simplessus Files: Path Traversal

[SYSS-2017-001] Simplessus Files: SQL Injection
Bugtraq: [SYSS-2017-001] Simplessus Files: SQL Injection

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus