Issues on Linux and Security
button Home

Welcome to LinuxSecure

I found some scripts on my workstation that have not been published and may be interesting for some people. Actually, I will not prepare them for publishing, but you can contact me, if you are interested in one or more of them.

  • A tool for the backup of network components. The script runs as a daemon and can be configured via config files. It reads in the config files containing the passwords of the components once, so you can store them in a crypt storage. There exist severeal templates for ssh, scp, telnet. The intention is to make automated backups from router, switches, firewalls etc.
  • Postfixanalyser was written for the trendmicro mail virusscanner. You can search for mails and you will get a status for the found mails: when did the system receive it, when was it working with the mail the last time, whats the status of the mail, where there any problem while delivering the mail. The second feature was a simple statistic: bytes and number of mails received and send, mails by status (received from extern, queued, sent to trend, received from trend, queued, delivered) and mails by problem (deferred and not sent to scanner (scanner rejected), deferred and not sent to scanner (scanner down), sent to trend, but deferred before, dereffed and not sent to extern (mta rejected), deferred and not sent to extern (mta down), sent to extern, but deferred befor).
  • A logscanner and a scanner for the checkpoint objects file.
  • A tool, that parses the registry of the genugate firewall and produces a more human readable output in html.
  • A ftp-script for the honeynet.
  • Various backupscripts in Perl and Bash.
  • Various iptables scrips.
  • A script called minilinux to create a small linux out of a huge running system.
  • Pigsparty was a small projetct that was never finished. The idea was to convert snort rule sets into iptables rule sets.
  • A snort admin interface in php.
  • A perlmodule and some programs (e.g. mfl) for the preparation and analysis of longitudinal data with a focus of same domains.

back to top

button Whats New
[2005-02-18] mp3riot version 1.3 released
[2004-10-08] mp3riot version 1.2 is out.
[2004-04-30] Added section Bridging
[2004-01-09] working progress on mp3riot version 1.2
The registrationfor the NetDev 2.2networking conference is now open. It will be held in Seoul, Korea November 8-10. As usual, it will be preceded by the invitation-only Netconffor core kernel networking hackers. "Netdev 2.2 is a community-driven conference geared towards Linux netheads. Linux kernel networking and user space utilization of the interfaces to the Linux kernel networking subsystem are the focus. If you are using Linux as a boot system for proprietary networking, then this conference _may not be for you_."LWN covered these conferences in 2016and earlier this year; with luck, we will cover these upcoming conferences as well.
NetDev 2.2 registration is now open

Security updates have been issued by Arch Linux(newsbeuter), Debian(augeas, curl, ioquake3, libxml2, newsbeuter, and strongswan), Fedora(bodhi, chicken, chromium, cryptlib, cups-filters, cyrus-imapd, glibc, mingw-openjpeg2, mingw-postgresql, qpdf, and torbrowser-launcher), Gentoo(bzip2, evilvte, ghostscript-gpl, Ked Password Manager, and rar), Mageia(curl, cvs, fossil, jetty, kernel, kernel-linus, kernel-tmb, libmspack, mariadb, mercurial, potrace, ruby, and taglib), Oracle(kernel), Red Hat(xmlsec1), and Ubuntu(graphite2 and strongswan).
Security updates for Monday

Gentoo has long provided a hardened kernel package, but that is coming to an end. "As you may know the core of sys-kernel/hardened-sources has been the grsecurity patches. Recently the grsecurity developers have decided to limit access to these patches. As a result, the Gentoo Hardened team is unable to ensure a regular patching schedule and therefore the security of the users of these kernel sources. Thus, we will be masking hardened-sources on the 27th of August and will proceed to remove them from the package repository by the end of September."
The end of Gentoo's hardened kernel

The 4.13-rc6kernel prepatch is out. "So everything still looks on target for a normal release schedule, which would imply rc7 next weekend, and then the final 4.13 the week after that. Unless something happens, of course. Tomorrow is the solar eclipse, and maybe it brings doom and gloom even beyond the expected Oregon trafficalypse. You never know."
Kernel prepatch 4.13-rc6

Power-efficient workqueues were first introduced in the 3.11 kernel release; since then, fifty or so subsystems and drivers have been updated to use them. These workqueues can be especially useful on handheld devices (like tablets and smartphones), where power is at a premium. ARM platforms with power-efficient workqueues enabled on Ubuntu and Android have shown significant improvements in energy consumption (up to 15% for some use cases).
[$] Power-efficient workqueues

Security updates have been issued by Debian(kernel and libmspack), Fedora(groovy18 and nasm), openSUSE(curl, java-1_8_0-openjdk, libplist, shutter, and thunderbird), Oracle(git, groovy, kernel, and mercurial), Red Hat(rh-git29-git), SUSE(openvswitch), and Ubuntu(c-ares, clamav, firefox, libmspack, and openjdk-7).
Security updates for Friday

Security updates have been issued by CentOS(git), Debian(firefox-esr and mariadb-10.0), Gentoo(bind and tnef), Mageia(kauth, kdelibs4, poppler, subversion, and vim), openSUSE(fossil, git, libheimdal, libxml2, minicom, nodejs4, nodejs6, openjpeg2, openldap2, potrace, subversion, and taglib), Oracle(git and kernel), Red Hat(git, groovy, httpd24-httpd, and mercurial), Scientific Linux(git), and SUSE(freeradius-server, ImageMagick, and subversion).
Security updates for Thursday

The Weekly Edition for August 17, 2017 is available.
[$] Weekly Edition for August 17, 2017

Stable kernels 4.12.8, 4.9.44, 4.4.83, and 3.18.66have been released. Each contains important fixes throughout the tree and users should upgrade.
Stable kernel updates

A bug that allows an attacker to overwrite a function pointer in the kernel opens up a relatively easy way to compromise the kernel?doubly so, if an attacker simply needs to wait for the kernel use the compromised pointer. There are various techniques that can be used to protect kernel function pointers that are set at either compile or initialization time, but there are some pointers that are routinely set as the kernelruns; timer completion functions are a good example. An RFC patch posted to the kernel-hardening mailing list would add a way to detect that those function pointers have been changed in an unexpected way and to stop the kernel from executing that code.
[$] A canary for timer-expiration functions

Earlier this month we reportedthat the Krita Foundation was having some financial difficulties. The Krita Foundation has an updatewith thanks to all who donated. "So, even though we?re going to get another accountant?s bill of about 4500 euros, we?ve still got quite a surplus! As of this moment, we have ?29,657.44 in our savings account! That means that we don?t need to do a fund raiser in September. Like we said, we?ve still got some features to finish."
Thank you from Krita

The startup time for the Python interpreter has been discussed by the core developers and others numerous times over the years; optimization efforts are made periodically as well. Startup time can dominate the execution time of command-line programs written in Python, especially if they import a lot of other modules. Python startup time is worse than some other scripting languages and more recent versions of the language are taking more than twice as long to start up when compared to earlier versions (e.g. 3.7 versus 2.7). The most recent iteration of the startup time discussion has played out in the python-dev and python-ideas mailing lists since mid-July. This time, the focus has been on the collections.namedtuple()data structure that is used in multiple places throughout the standard library and in other Python modules, but the discussion has been more wide-ranging than simply that.
[$] Reducing Python's startup time

Security updates have been issued by CentOS(firefox, httpd, and java-1.7.0-openjdk), Fedora(cups-filters, potrace, and qpdf), Mageia(libsoup and mingw32-nsis), openSUSE(kernel), Oracle(httpd, kernel, spice, and subversion), Red Hat(httpd, java-1.7.1-ibm, and subversion), Scientific Linux(httpd), Slackware(xorg), SUSE(java-1_8_0-openjdk), and Ubuntu(firefox, linux, linux-aws, linux-gke, linux-raspi2, linux-snapdragon, linux-lts-xenial, postgresql-9.3, postgresql-9.5, postgresql-9.6, and ubufox).
Security updates for Wednesday

The Solus distribution project has announcedthe availability of Solus 3. "This is the third iteration of Solus since our move to become a rolling release operating system. Unlike the previous iterations, however, this is a release and not a snapshot. We?ve now moved away from the 'regular snapshot' model to accommodate the best hybrid approach possible - feature rich releases with explicit goals and technology enabling, along with the benefits of a curated rolling release operating system."Headline features include support for the Snap packaging format, a lot of desktop changes, and numerous software updates. (LWN looked at Solusin 2016).
Solus 3 released

The GNOME project was founded by Miguel de Icaza and Federico Mena Quintero on August 15, 1997, so today the project celebratesits 20th birthday. "There have been 33 stable releases since the initial release of GNOME 1.0 in 1999. The latest stable release, GNOME 3.24 ?Portland,? was well-received. ?Portland? included exciting new features like the GNOME Recipes application and Night Light, which helps users avoid eyestrain. The upcoming version of GNOME 3.26 ?Manchester,? is scheduled for release in September of this year. With over 6,000 contributors, and 8 million lines of code, the GNOME Project continues to thrive in its twentieth year."
GNOME turns 20

GraphicsMagick CVE-2017-11642 Denial of Service Vulnerability
Vuln: GraphicsMagick CVE-2017-11642 Denial of Service Vulnerability

augeas CVE-2017-7555 Memory Corruption Vulnerability
Vuln: augeas CVE-2017-7555 Memory Corruption Vulnerability

Mozilla Firefox CVE-2017-7783 Denial of Service Vulnerability
Vuln: Mozilla Firefox CVE-2017-7783 Denial of Service Vulnerability

Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability
Vuln: Apache Log4j CVE-2017-5645 Remote Code Execution Vulnerability

[SECURITY] [DSA 3948-1] ioquake3 security update
Bugtraq: [SECURITY] [DSA 3948-1] ioquake3 security update

[SECURITY] [DSA 3946-1] libmspack security update
Bugtraq: [SECURITY] [DSA 3946-1] libmspack security update

[SECURITY] [DSA 3928-2] firefox-esr security update
Bugtraq: [SECURITY] [DSA 3928-2] firefox-esr security update

Microsoft Resnet - DNS Configuration Web Vulnerability
Bugtraq: Microsoft Resnet - DNS Configuration Web Vulnerability

News, Infocus, Columns, Vulnerabilities, Bugtraq ...
More rss feeds from SecurityFocus