LWN.net Logo

LWN.net Weekly Edition for March 2, 2006

A grumpy editor's bayesian followup

This article is part of the LWN Grumpy Editor series.
The Grumpy Editor's guide to bayesian spam filters was published one week ago. As has become traditional, it would seem, LWN readers have pointed out tools which evaded your editor's first pass. So here is the inevitable followup with a couple more filters and an updated table at the end.

SpamAssassin

One commenter complained last week about your editor having run SpamAssassin with the network tests enabled. The original reasoning had been that SpamAssassin, by its nature, comes with a large set of rules, and, for the purpose of the review, selectively disabling some of them was not appropriate. Still, the network tests do have a couple of important effects on the end result. As will be seen below, they make the filter much more effective; in your editor's experience, the source blacklists earn most of the credit there. But they also slow things down.

Your editor re-ran the test with network tests disabled, with the following results:

Batch: 1 2 3 4 5
Fn Fp T FnFpT Fn Fp T FnFpT Fn Fp T Size
SpamAssassin 8 0 1.1 301.1 5 0 1.1 301.0 2 0 1.0 10
SA untrained 32 0 0.6 901.0 18 0 1.0 1501.0 7 0 1.0 10
SA Local default 181 0 0.3 25900.3 271 0 0.3 22600.3 161 0 0.3 10
SA Local tweaked 53 0 0.3 4300.3 50 0 0.3 4400.3 37 0 0.3 10

(Last week's results have been included for comparison). The "default" results are actually a mistake on your editor's part, but, since they illustrate an interesting point, they have been included in the above table.

When SpamAssassin runs its bayesian filter on a message, it encodes the results as if a specific rule had fired. If the filter is absolutely convinced that the message is good, the score is adjusted by the value attached to the BAYES_00 rule. For obviously spam messages, BAYES_99 comes into play; there are several levels between the two as well. SpamAssassin, out of the box, assigns 3.5 points to BAYES_99. Since five points are required, by default, to condemn a message, the bayesian filter can never do that on its own. Any message, to be considered spam, must trigger some tests outside of the bayesian filter.

The "default" results, above, came about because your editor got a little over-zealous when clearing out the bayesian and whitelist databases for a new round of tests; so they use the default scoring for BAYES_99. The "tweaked" results, instead, have the score for that rule raised to 5.0 points, allowing the bayesian filter to condemn mail on its own. The difference in the results can be clearly seen from the table: spam filtering performance is vastly improved, with no false positives. With the default configuration, local-only SpamAssassin had the second-worst false negative rate of all the filters tested. Your editor is at a loss to understand why SpamAssassin comes configured to allow the bayesian filter to be bypassed so easily.

Back to the original point of running this test: putting SpamAssassin into the "local tests only" mode clearly worsens performance significantly, while also improving run time.

Popfile

A number of people were dismayed at the omission of popfile, a proxy-based filter coded in Perl. Popfile is intended to sit between the mail client and the POP or IMAP server; it filters mail before presenting it to the user. It includes a built-in web server which provides filtering statistics and allows the user to perform training.

Perhaps the most interesting feature in Popfile, however, is its approach to filtering. While the other filters reviewed are very much oriented around filtering spam, Popfile tries to be more general. So, instead of filtering into just two categories (plus the "unsure" result provided by a number of filters), popfile can handle an arbitrary number of categories. So it not only picks out the spam, but it can sort the rest of a mail stream based on whatever criteria the user might set. This approach makes Popfile a potentially more useful tool, but it has implications on its spam filtering performance, as will be seen from the testing results.

Your editor tested Popfile 0.22.4, using its standalone "pipe" and "insert" tools.

Batch: 1 2 3 4 5
Fn Fp T FnFpT Fn Fp T FnFpT Fn Fp T Size
Popfile 0 21 1.0 0161.1 1 24 1.0 0101.0 1 12 1.0 10
PF learn all 0 28 2.8 0283.5 0 44 4.2 0165.0 0 18 5.9 40

On one hand, Popfile was the most effective at removing spam of any of the filters reviewed; its false negative rate is almost zero. On the other hand, the false positive rate was high - unacceptably so. Popfile normally uses a "train on errors" approach; your editor ran a second test where the filter was trained on every message just to see if that would help with the false positive rate. Instead, that rate got worse, and the filter slowed down to a glacial pace. Clearly Popfile and comprehensive training were not meant to go together.

Your editor has a hypothesis explaining the behavior seen here. Bayesian filters which concern themselves only with spam have a built-in bias: false positives are bad and must be avoided. Popfile, instead, has no notion of a "false positive"; it only has various "buckets" into which mail can be sorted. The tool does not understand that some types of errors are worse than others. So, while most filters will err on the side of false negatives, Popfile just goes for whatever seems right. As a result, it catches more spam - and more of everything else.

From this experience, your editor has concluded that spam filtering should be done independently from any other sort of mail sorting. If bayesian filters are to be used for sorting of legitimate mail, it might be best to use two separate filters in series.

SpamOracle

SpamOracle is a straightforward Graham-style bayesian filter. It happens to be written in Caml, leading your editor to go looking for compilers; Fedora Extras came through nicely on that front. Initial training is easy and fast, and SpamOracle works well with procmail.

As a filter, however, it is not one of the more effective ones. Your editor ran two tests on SpamOracle v1.4, using train-on-errors and comprehensive training strategies.

Batch: 1 2 3 4 5
Fn Fp T FnFpT Fn Fp T FnFpT Fn Fp T Size
SpamOracle TOE 462 0 0.1 54600.1 445 0 0.1 46300.1 343 0 0.1 1.1
SpamOracle comp 461 0 0.2 51100.2 433 0 0.2 42000.2 339 0 0.3 2.6

As can be seen here, SpamOracle is fast, and it manages to avoid false positives altogether. Its filtering rate is poor, however, to the point that your editor would not want to have to depend on it to hold the spam stream at bay. Comprehensive training slowed the process down significantly, but did not improve the results in any appreciable way.

Thunderbird

There were some requests that Thunderbird be included in this evaluation. The problem is that Thunderbird's filter is buried deep within a monolithic graphical application, making it difficult to test in any sort of automated manner. Your editor, being the lazy person that he is, has no inclination to click through 15,000 messages to evaluate how well Thunderbird has classified them.

As it happens, your editor uses Thunderbird for a low-bandwidth mail account which receives a mere 100 spams per day or so. The Thunderbird interface is certainly convenient; there is a nice "junk" button for training the filter (though the way it toggles to "not junk" can be confusing). Thunderbird can be configured to automatically sideline spam into a folder, and to age messages out of that folder after a given time. False positives are rare, in your editor's experience, but the false negative rate is relatively high. It is also impossible, as far as your editor can tell, to get any information on the filter and how it makes its decisions.

Conclusion

Here is the updated table, with the new and old results:

Test False neg. False pos. Time Size
bogofilter 4065.5% 0.02 5
bogofilter -u 2683.0% 0.06 32
CRM114 140.1% 160.3% 0.06 24
CRM114 pretrain 140.2% 150.3% 0.06 24
DSPAM teft 500.6% 0.1 305
DSPAM toe 670.7% 150.3% 0.1 276
DSPAM tum 830.9% 0.1 305
Popfile 20.02% 831.4% 1.0 10
Popfile comp 00% 1442.4% 4.3 40
SpamAssassin 210.2% 1.1 10
SpamAssassin untrained 810.9% 0.9 10
SpamAssassin local default 109812.2% 0.3 10
SpamAssassin local tweaked 2272.5% 0.3 10
SpamBayes 1852.1% 10.02% 0.4 4
SpamBayes comp 2943.3% 0.8 16
SpamOracle TOE 225925.1% 0.1 1.1
SpamOracle comp 216424.0% 0.2 2.6
SpamProbe train 2222.5% 30.05% 0.1 81
SpamProbe receive 2572.9% 40.07% 0.7 201

There is little in the new results to change the conclusions arrived at last week. The filters which stand out are SpamAssassin (in some modes at least), and DSPAM. Most of the others demonstrated overly high error rates, either with false negatives (annoying) or false positives (unacceptable). Stay tuned, however; there is clearly a great deal of work being done in this area.

Comments (21 posted)

Linux fragmenting at last?

Back in January, Novell announced that it was releasing the "AppArmor" security framework under the GPL. AppArmor had been developed by Immunix, and acquired by Novell last year. Novell makes a number of claims about AppArmor, but the one at the top of the list appears to be relative simplicity: AppArmor is said to be easier to understand, configure, and maintain than SELinux.

Dan Walsh, a Red Hat developer working on SELinux, has criticized this move:

Couldn't Novell have spent their money on making SELinux easier to use? No, [Novell] chooses to split the user and developer community. I am not sure what their goals are, but I feel this hurts Linux and the open source movement.

For years, critics have claimed that Linux would fragment much like Unix did, and that would be the downfall of the system. So far, Linux has steadfastly refused to fragment in this manner. But now we have a Linux developer saying that the same thing is happening. Red Hat and Novell also appear to be taking different approaches to 3D-enhanced window systems. Novell is pushing Xgl, Red Hat has AIGLX, and Linux users are left wondering when and how all that activity will yield better graphics support for them. At this level, too, it looks like Linux might finally be heading for a breakup.

Or is it? Perhaps we are simply seeing the development community at work.

With regard to SELinux, it is important to note that there is no real consensus, yet, on how the security problem should be solved. SELinux is a powerful system, beyond doubt; it allows the capabilities of users and programs to be specified in great detail. But SELinux is also highly complex, to the point that a large percentage of system administrators find themselves unable to cope with it. The fedora-devel list just had a discussion on how to get administrators to keep SELinux enabled on their systems. One participant, who teaches administration courses, noted:

By no means is this limited to home users. I would say that the *vast* majority of corporate admins just turn off SELinux. The story behind how & why they learned to do that to begin with only vary in details. It's almost always, "I had problems installing X or doing Y and I found a document on the Internet that said that SELinux was in the way and didn't work right anyway and was too complicated and didn't do me any good and that I couldn't learn enough about it to even understand what was happening, let alone deal with it, in less than a month and ... well, so I just turn off SELinux and then I don't have to deal with it."

The point here is not to criticize SELinux; that has been adequately done elsewhere. Instead, the real point is there is not, at this time, any sort of broad consensus that SELinux is the right tool for everybody's security problems. It may turn out that the best solution is to put more effort into making SELinux easier to deal with, but it seems premature to claim that SELinux will be the answer to security problems on Linux. It makes sense, in other words, to spend some time considering other approaches - especially those which are already implemented and relatively stable.

If SELinux is truly a superior solution, that will eventually become clear and users will vote with their keyboards. But to claim, at this point, that SELinux is the only solution and that looking at alternatives hurts the community would be a mistake. This community thrives on choices, and, to an extent, it thrives on competition between related projects. Since the alternatives are all free software, users are able to choose what works for them, and the best ideas (and code) can move from one project to another.

The process would be helped, however, if Novell would pull together the AppArmor source and submit it properly for review and eventual merging into the mainline kernel.

The story with Xgl and AIGLX is the same. There is no real consensus, yet, on how 3D graphics will be best supported in the X window system. So two groups have put together two different implementations, each with its advantages. It is easy to present this story as a classic developer flamewar, but that does not seem to match the reality of the situation. A look at the X.org mailing list, for example, shows Xgl developer David Reveman agreeing to adopt some interfaces put forward by the AIGLX group. Over the long term, the development community will almost certainly coalesce around the approach which seems to work best, but, for now, it is too early to say which one (if either) will be most successful.

If there is a problem here at all, it is that the distributors are being quick to make products out of technology which may not be entirely ready for prime time. Red Hat has operated this way for a very long time; anybody who remembers being pushed into, for example, the ELF or glibc2 transitions by Red Hat Linux upgrades knows that some of that code was a little rough around the edges then. But, by pushing that code out to the users, Red Hat almost certainly accelerated the stabilization process.

What we are seeing now is that Novell wants to get into the same game and put more leading technology into the traditionally conservative (by comparison) SUSE distribution. When things work well, Novell will be able to claim leading-edge features and the code will get wider testing, sooner. There is nothing that requires Novell, as it moves SUSE Linux toward the leading edge, to follow Red Hat's decisions on which approaches to adopt.

The risk is that each distributor's user base will find itself locked in to a different set of still-green technologies, making it harder for the development community to settle on a single choice. In the cases of security policies and 3D acceleration, however, the potential for lock-in seems low; most users will not care about which approach they use, as long as the system works well. So, most likely, those critics who have predicted the death by fragmentation of Linux will have to wait a while longer yet.

Comments (52 posted)

Testing the bleeding edge

There is nothing like the joy of running a development distribution. Nowhere else can one find the same combination of huge updates (it's amazing how often the X bitmap fonts seem to change), unstable software, broken dependencies, and, for extra spice, the occasional blown-away configuration file. Whether it's called sid, Dapper, Rawhide, Cooker, or something else, a development distribution is a sure way to learn - usually at inopportune times - about what is happening at the leading edge of the development community.

Development distributions are also a good way to keep track of what developers and packagers are doing. A development distribution is alive, forever changing, forever interesting. It is a constant reminder that Linux and free software are a process, not a product. When compared to the vitality of a development distribution, stable releases seem flat and boring.

These distributions exist for a reason: having more people testing the system will help the creation of more stable releases. So developers want to have outsiders running the development version. But those developers might, perhaps, prefer to do without users who don't know what they are getting into. Consider, for example, this note sent to the fedora-testers list:

I think somewhere along the way netizens appear to think that Rawhide is stable (or at least for public consumption). I'd think we need to discuss how we can provide more constructive information for developers and send a clear message to non-testers that Rawhide (a.k.a FC5 ) is not for general use.

Another participant responded with this suggestion:

I can scream that the development tree will eat your children and destroy not only your data but your neighbor's data until I'm blue in the face... but for people who don't want to hear the warning.. they will choose not to hear the warning... and the only way for them to learn is to actually have rawhide eat their data. So i say.. every week there should be a deliberate package update in the development tree which destroys data. Thrown into the package pool at random, with an appropriate changelog entry so those of us who read the daily rawhide reports will know exactly which package to exclude.

One can safely assume that this idea was offered in a tongue in cheek mode. But the discussion as a whole does raise a question: who should be running development distributions, and for what purposes?

Development releases routinely come with warnings about their explosive nature and admonitions not to use them for any serious purpose. But the fact is that the only way to find the problems with these distributions is to use them for serious purposes. There is little to be learned by putting the distribution on a test box, noting that the installer works, and admiring the pretty desktop graphics. It's only through serious use that one discovers, say, that the web server does not handle load as well as before, that the compiler produces bogus code in certain situations, that emacs feels pretty today, or that the Wesnoth sound effects have stopped working. These are all things which are best discovered before the release is shipped; having to put together Wesnoth patches in a hurry to satisfy a service contract to a large corporation is just a real pain.

So it is important to have "real users" working with development distributions; those are the users who will come up with many of the important bug reports. Discouraging them can be a counterproductive thing to do. On the other hand, these users do need to know what they are getting into. A development distribution will bite back, sooner or later, and it's important to be able to put the pieces back together when that happens. Testers who are not prepared when disaster strikes will not, in the long run, be helpful to the development process.

This aspect of the free software development process is not often talked about. But, without widespread testing in real-world environments, software will not stabilize as well as it should. Proprietary companies run closed beta programs to obtain this testing; the free software world, for the most part, has moved away from that mode in favor of open development repositories. Open development systems are a good thing, they allow a wide variety of participants to try out the software. But these development releases are not for everybody; finding the right way to communicate that fact may be an ongoing challenge.

Comments (18 posted)

Page editor: Jonathan Corbet

Security

Some mailer difficulties

Thunderbird users generally take some comfort from the fact that their mail client can be configured to refuse to load external images which might be called for in HTML mail. The loading of such images is, at a minimum, a privacy problem - it lets somebody know that a given message has been read. Remote images can be used to note the times that messages are read, or to judge the effectiveness of spam delivery. So turning off this "feature" makes a lot of sense.

Unfortunately, it turns out that Thunderbird 1.5 does not block all external loads, even when image loading is turned off. In particular, it seems that <iframe> tags can be used to force remote loads to happen. Thunderbird can also be made to request style sheets from remote sites. Either of those operations will, once again, disclose that the message was read, along with the usual ancillary information such as the user's IP address.

It has been pointed out that at least one company is exploiting this Thunderbird "feature" already. The message describing the exploit also has a temporary workaround for those who don't want to wait for an official fix; it works by setting restrictive limits on the allowed HTML tags - which seems like a good idea in any case.

Alan Cox, meanwhile, has found a problem with evolution. If it receives a sufficiently large message with enough links in it, it will grow to vast size and think for a long time. On a large enough system, with enough time, it will succeed in rendering the message; on smaller systems, it will run out of memory and crash. And, if that weren't enough:

Worse, and the reason this becomes more than irritating is that evolution tries to be smart when it is killed or dies. On restarting it will go to great trouble to attempt to restart in the same position it died or was shut down - which triggers the DoS again each time evolution is opened.

Alan reported the problem in January, and has been dismayed to see that no fixes or advisories have been issued so far. So he has disclosed the vulnerability, presumably with the idea of inspiring some effort to get it fixed. We'll see if it works.

Comments (2 posted)

New vulnerabilities

postgresql: improper validation with Asserts enabled

Package(s):postgresql CVE #(s):CVE-2006-0678
Created:February 27, 2006 Updated:February 28, 2006
Description: PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a different vulnerability than CVE-2006-0553.
Alerts:
Ubuntu USN-258-1 2006-02-27

Comments (none posted)

squirrelmail: multiple vulnerabilities

Package(s):squirrelmail CVE #(s):CVE-2006-0188 CVE-2006-0195 CVE-2006-0377
Created:February 28, 2006 Updated:June 8, 2006
Description: Webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS. (CVE-2006-0188)

Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" specifier, which is processed by certain web browsers including Internet Explorer. (CVE-2006-0195)

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection." (CVE-2006-0377)

Alerts:
Fedora-Legacy FLSA:190884 2006-06-06
Red Hat RHSA-2006:0283-01 2006-05-03
Gentoo 200603-09 2006-03-12
Debian DSA-988-1 2006-03-08
Fedora FEDORA-2006-133 2006-03-03
Mandriva MDKSA-2006:049 2006-02-27

Comments (none posted)

xpdf: potential vulnerabilities

Package(s):xpdf gpdf CVE #(s):CVE-2006-1244
Created:February 27, 2006 Updated:April 13, 2006
Description: Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in gpdf, the Portable Document Format (PDF) viewer with Gtk bindings.
Alerts:
Ubuntu USN-270-1 2006-04-13
Debian DSA-1019-1 2006-03-24
Debian DSA-998-1 2006-03-14
Debian DSA-984-1 2006-03-02
Debian DSA-983-1 2006-02-28
Debian DSA-982-1 2006-02-27

Comments (none posted)

Updated vulnerabilities

ADOdb: PostgresSQL command injection

Package(s):adodb CVE #(s):CVE-2006-0410
Created:February 6, 2006 Updated:April 17, 2006
Description: Andy Staudacher discovered that ADOdb does not properly sanitize all parameters. By sending specifically crafted requests to an application that uses ADOdb and a PostgreSQL backend, an attacker might exploit the flaw to execute arbitrary SQL queries on the host.
Alerts:
Gentoo 200604-07 2006-04-14
Debian DSA-1031-1 2006-04-08
Debian DSA-1030-1 2006-04-08
Debian DSA-1029-1 2006-04-08
Gentoo 200602-02 2006-02-06

Comments (none posted)

apache: cross-site scripting

Package(s):apache CVE #(s):CVE-2005-3352
Created:December 14, 2005 Updated:May 10, 2006
Description: Versions 1 and 2 of the apache web server suffer from a cross-site scripting vulnerability in the mod_imap module; see this bugzilla entry for details.
Alerts:
Slackware SSA:2006-129-01 2006-05-10
SuSE SUSE-SR:2006:004 2006-02-24
Fedora-Legacy FLSA:175406 2006-02-18
Gentoo 200602-03 2006-02-06
Fedora FEDORA-2006-052 2006-01-20
Red Hat RHSA-2006:0158-01 2006-01-17
Ubuntu USN-241-1 2006-01-12
Trustix TSLSA-2005-0074 2005-12-23
Mandriva MDKSA-2006:007 2006-01-05
Red Hat RHSA-2006:0159-01 2006-01-05
OpenPKG OpenPKG-SA-2005.029 2005-12-14

Comments (none posted)

auth_ldap: format string vulnerability

Package(s):auth_ldap CVE #(s):CVE-2006-0150
Created:January 10, 2006 Updated:February 28, 2006
Description: The auth_ldap package is an httpd module that allows user authentication against information stored in an LDAP database. A format string flaw was found in the way auth_ldap logs information. It may be possible for a remote attacker to execute arbitrary code as the 'apache' user if auth_ldap is used for user authentication.
Alerts:
Fedora-Legacy FLSA:177694 2006-02-27
Debian DSA-952-1 2006-01-23
Mandriva MDKSA-2006:017 2006-01-19
Red Hat RHSA-2006:0179-01 2006-01-10

Comments (none posted)

blender: integer overflow

Package(s):blender CVE #(s):CVE-2005-4470
Created:January 6, 2006 Updated:June 15, 2006
Description: Damian Put discovered that Blender did not properly validate a 'length' value in .blend files. Negative values led to an insufficiently sized memory allocation. By tricking a user into opening a specially crafted .blend file, this could be exploited to execute arbitrary code with the privileges of the Blender user.
Alerts:
Debian-Testing DTSA-29-1 2006-06-15
Debian DSA-1039-1 2006-04-24
Gentoo 200601-08 2006-01-13
Ubuntu USN-238-2 2006-01-06
Ubuntu USN-238-1 2006-01-06

Comments (none posted)

bluez-hcidump: buffer overflow

Package(s):bluez-hcidump CVE #(s):CVE-2006-0670
Created:February 18, 2006 Updated:March 10, 2006
Description: A buffer overflow in l2cap.c in hcidump allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
Alerts:
Debian DSA-990-1 2006-03-10
Ubuntu USN-256-1 2006-02-21
Mandriva MDKSA-2006:041 2006-02-17

Comments (none posted)

BomberClone: remote execution of arbitrary code

Package(s):bomberclone CVE #(s):CVE-2006-0460
Created:February 17, 2006 Updated:March 14, 2006
Description: Stefan Cornelius of the Gentoo Security team discovered multiple missing buffer checks in BomberClone's code. By sending overly long error messages to the game via network, a remote attacker may exploit buffer overflows to execute arbitrary code with the rights of the user running BomberClone.
Alerts:
Debian DSA-997-1 2006-03-13
Gentoo 200602-09 2006-02-16

Comments (none posted)

bzip2: race condition and infinite loop

Package(s):bzip2 CVE #(s):CAN-2005-0953 CAN-2005-1260
Created:May 17, 2005 Updated:January 10, 2007
Description: A race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete. Also specially crafted bzip2 archives may cause an infinite loop in the decompressor.
Alerts:
rPath rPSA-2007-0004-1 2007-01-09
Debian DSA-741-1 2005-07-07
Red Hat RHSA-2005:474-01 2005-06-16
OpenPKG OpenPKG-SA-2005.008 2005-06-10
SuSE SUSE-SR:2005:015 2005-06-07
Debian DSA-730-1 2005-05-27
Mandriva MDKSA-2005:091 2005-05-18
Ubuntu USN-127-1 2005-05-17

Comments (2 posted)

CASA: buffer overflow

Package(s):CASA CVE #(s):CVE-2006-0736
Created:February 22, 2006 Updated:February 22, 2006
Description: The pam_micasa module from the CASA authentication system suffers from a remotely exploitable buffer overflow. "Since this module is added to /etc/pam.d/sshd automatically on installation of CASA it was possible for remote attackers to gain root access to any machine with CASA installed." If you are using CASA, fixing this one in a hurry would be a good idea.
Alerts:
SuSE SUSE-SA:2006:010 2006-02-22

Comments (none posted)

ktools: buffer overflow

Package(s):centericq CVE #(s):CVE-2005-3863
Created:December 7, 2005 Updated:August 29, 2006
Description: From the Debian-Testing alert: Mehdi Oudad "deepfear" and Kevin Fernandez "Siegfried" from the Zone-H Research Team discovered a buffer overflow in kkstrtext.h of the ktools library, which is included in (at least) centericq and motor.
Alerts:
Gentoo 200608-27 2006-08-29
Debian DSA-1088-1 2006-06-03
Debian DSA-1083-1 2006-05-31
Gentoo 200512-11 2005-12-20
Debian-Testing DTSA-23-1 2005-12-05

Comments (none posted)

cpio: arbitrary code execution

Package(s):cpio CVE #(s):CVE-2005-4268
Created:January 2, 2006 Updated:March 17, 2010
Description: Richard Harms discovered that cpio did not sufficiently validate file properties when creating archives. Files with e. g. a very large size caused a buffer overflow. By tricking a user or an automatic backup system into putting a specially crafted file into a cpio archive, a local attacker could probably exploit this to execute arbitrary code with the privileges of the target user (which is likely root in an automatic backup system).
Alerts:
CentOS CESA-2010:0145 2010-03-17
Red Hat RHSA-2010:0145-01 2010-03-15
rPath rPSA-2007-0094-1 2007-05-07
Red Hat RHSA-2007:0245-02 2007-05-01
Ubuntu USN-234-1 2006-01-02

Comments (none posted)

curl: buffer overflow

Package(s):curl CVE #(s):CVE-2005-4077
Created:December 8, 2005 Updated:March 27, 2006
Description: The curl file transfer utility has a buffer overflow vulnerability in the URL authentication code. If an overly long URL is used, a buffer overflow can result, allowing for local unauthorized access.
Alerts:
Gentoo 200603-25 2006-03-27
Debian DSA-919-2 2006-03-10
Trustix TSLSA-2005-0072 2005-12-16
Red Hat RHSA-2005:875-01 2005-12-20
Gentoo 200512-09 2005-12-16
Ubuntu USN-228-1 2005-12-12
Fedora FEDORA-2005-1137 2005-12-12
Fedora FEDORA-2005-1136 2005-12-12
Debian DSA-919-1 2005-12-12
OpenPKG OpenPKG-SA-2005.028 2005-12-10
Mandriva MDKSA-2005:224 2005-12-08
Fedora FEDORA-2005-1129 2005-12-08
Fedora FEDORA-2005-1130 2005-12-08

Comments (none posted)

cyrus-imapd: buffer overflows

Package(s):cyrus-imapd CVE #(s):CAN-2005-0546
Created:February 23, 2005 Updated:April 10, 2006
Description: Cyrus-imapd, prior to version 2.2.12, contains several buffer overflows which could be exploited by an (authenticated) attacker to run code on the server system.
Alerts:
Fedora-Legacy FLSA:156290 2006-04-04
Red Hat RHSA-2005:408-01 2005-05-17
Fedora FEDORA-2005-339 2005-04-27
OpenPKG OpenPKG-SA-2005.005 2005-04-05
Conectiva CLA-2005:937 2005-03-17
Mandrake MDKSA-2005:051 2005-03-04
Ubuntu USN-87-1 2005-02-28
SuSE SUSE-SA:2005:009 2005-02-24
Gentoo 200502-29 2005-02-23

Comments (none posted)

dia: missing input sanitizing

Package(s):dia CVE #(s):CAN-2005-2966
Created:October 4, 2005 Updated:April 6, 2006
Description: Joxean Koret discovered that the SVG import plugin did not properly sanitize data read from an SVG file. By tricking an user into opening a specially crafted SVG file, an attacker could exploit this to execute arbitrary code with the privileges of the user.
Alerts:
Debian DSA-1025-1 2006-04-06
Mandriva MDKSA-2005:187 2005-10-20
Gentoo 200510-06 2005-10-06
Debian DSA-847-1 2005-10-08
SuSE SUSE-SR:2005:022 2005-10-07
Ubuntu USN-193-1 2005-10-04

Comments (none posted)

emacs21: format string vulnerability in "movemail"

Package(s):emacs21 CVE #(s):CAN-2005-0100
Created:February 7, 2005 Updated:May 15, 2006
Description: Max Vozeler discovered a format string vulnerability in the "movemail" utility of Emacs. By sending specially crafted packets, a malicious POP3 server could cause a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user and the "mail" group.
Alerts:
Fedora-Legacy FLSA:152898 2006-05-12
Debian DSA-685-1 2005-02-17
Mandrake MDKSA-2005:038 2005-02-15
Gentoo 200502-20 2005-02-15
Fedora FEDORA-2005-146 2005-02-14
Fedora FEDORA-2005-145 2005-02-14
Red Hat RHSA-2005:133-01 2005-02-15
Red Hat RHSA-2005:110-01 2005-02-15
Red Hat RHSA-2005:134-01 2005-02-10
Red Hat RHSA-2005:112-01 2005-02-10
Fedora FEDORA-2005-116 2005-02-08
Fedora FEDORA-2005-115 2005-02-08
Debian DSA-671-1 2005-02-08
Debian DSA-670-1 2005-02-08
Ubuntu USN-76-1 2005-02-07

Comments (none posted)

enscript: arbitrary code execution

Package(s):enscript CVE #(s):CAN-2004-1184 CAN-2004-1185 CAN-2004-1186
Created:January 21, 2005 Updated:May 27, 2006
Description: Erik Sjölund has discovered several security relevant problems in enscript, a program to convert ASCII text into Postscript and other formats. Unsanitized input can cause the execution of arbitrary commands via EPSF pipe support. Due to missing sanitizing of filenames it is possible that a specially crafted filename can cause arbitrary commands to be executed. Multiple buffer overflows can cause the program to crash.
Alerts:
rPath rPSA-2006-0083-1 2006-05-26
Fedora-Legacy FLSA:152892 2005-12-17
Red Hat RHSA-2005:040-01 2005-02-15
Mandrake MDKSA-2005:033 2005-02-10
Gentoo 200502-03 2005-02-02
Red Hat RHSA-2005:039-01 2005-02-01
Fedora FEDORA-2005-096 2005-01-31
Fedora FEDORA-2005-092 2005-01-28
Fedora FEDORA-2005-091 2005-01-28
Fedora FEDORA-2005-016 2005-01-26
Fedora FEDORA-2005-015 2005-01-26
Ubuntu USN-68-1 2005-01-24
Debian DSA-654-1 2005-01-21

Comments (none posted)

evolution: format string issues

Package(s):evolution CVE #(s):CAN-2005-2549 CAN-2005-2550
Created:August 15, 2005 Updated:March 23, 2006
Description: Evolution has format string issues. SITIC advisory SA05-001 contains more information.
Alerts:
Debian DSA-1016-1 2006-03-23
SuSE SUSE-SA:2005:054 2005-09-16
Red Hat RHSA-2005:267-01 2005-08-29
Gentoo 200508-12 2005-08-23
Mandriva MDKSA-2005:141 2005-08-17
Fedora FEDORA-2005-742 2005-08-11
Fedora FEDORA-2005-743 2005-08-11

Comments (2 posted)

fetchmail: multidrop bug

Package(s):fetchmail CVE #(s):CVE-2005-4348
Created:December 20, 2005 Updated:May 27, 2006
Description: Fetchmail contains a bug which allows a malicious mail server to crash the client by sending a message without headers. This occurs when running in multidrop mode.
Alerts:
rPath rPSA-2006-0084-1 2006-05-26
Fedora-Legacy FLSA:164512 2006-05-12
Slackware SSA:2006-045-01 2006-02-15
Debian DSA-939-1 2006-01-13
Ubuntu USN-233-1 2006-01-02
Mandriva MDKSA-2005:236 2005-12-23
Fedora FEDORA-2005-1187 2005-12-20
Fedora FEDORA-2005-1186 2005-12-20

Comments (none posted)

ffmpeg: buffer overflow

Package(s):ffmpeg CVE #(s):CVE-2005-4048
Created:December 15, 2005 Updated:March 17, 2006
Description: The avcodec_default_get_buffer() function of the ffmpeg library has a buffer overflow vulnerability. A user can be tricked into playing a maliciously created PNG movie, allowing the attacker to run arbitrary code with the user's privileges.
Alerts:
Debian DSA-1005-1 2006-03-16
Debian DSA-1004-1 2006-03-16
Debian DSA-992-1 2006-03-10
Gentoo 200603-03 2006-03-04
Gentoo 200602-01 2006-02-05
Gentoo 200601-06 2006-01-10
Ubuntu USN-230-2 2005-12-16
Ubuntu USN-230-1 2005-12-14
Mandriva MDKSA-2005:228 2005-12-14
Mandriva MDKSA-2005:229 2005-12-14
Mandriva MDKSA-2005:232 2005-12-14
Mandriva MDKSA-2005:230 2005-12-14
Mandriva MDKSA-2005:231 2005-12-14

Comments (none posted)

Foomatic: Arbitrary command execution in foomatic-rip

Package(s):foomatic CVE #(s):CAN-2004-0801
Created:September 20, 2004 Updated:May 31, 2006
Description: There is a vulnerability in the foomatic-filters package. This vulnerability is due to insufficient checking of command-line parameters and environment variables in the foomatic-rip filter. This vulnerability may allow both local and remote attackers to execute arbitrary commands on the print server with the permissions of the spooler.
Alerts:
SuSE SUSE-SA:2006:026 2006-05-30
Fedora-Legacy FLSA:2076 2004-11-05
Conectiva CLA-2004:880 2004-10-27
Fedora FEDORA-2004-303 2004-09-21
Gentoo 200409-24 2004-09-20

Comments (none posted)

gaim: buffer overflow

Package(s):gaim CVE #(s):CAN-2005-2103
Created:August 10, 2005 Updated:February 27, 2006
Description: Gaim suffers from a heap-based buffer overflow which can be exploited via a hostile "away message" to execute arbitrary code.
Alerts:
Fedora-Legacy FLSA:158543 2006-02-25
Slackware SSA:2005-242-03 2005-08-31
Fedora FEDORA-2005-751 2005-08-17
Fedora FEDORA-2005-750 2005-08-17
Mandriva MDKSA-2005:139 2005-08-15
Gentoo 200508-06 2005-08-15
Ubuntu USN-168-1 2005-08-12
Red Hat RHSA-2005:589-01 2005-08-09

Comments (none posted)

gdb: multiple vulnerabilities

Package(s):gdb CVE #(s):CAN-2005-1704 CAN-2005-1705
Created:May 20, 2005 Updated:August 11, 2006
Description: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the BFD library, resulting in a heap overflow. A review also showed that by default, gdb insecurely sources initialization files from the working directory. Successful exploitation would result in the execution of arbitrary code on loading a specially crafted object file or the execution of arbitrary commands.
Alerts:
Red Hat RHSA-2006:0354-01 2006-08-10
Red Hat RHSA-2006:0368-01 2006-07-20
Mandriva MDKSA-2005:215 2005-11-23
Fedora FEDORA-2005-1033 2005-10-27
Fedora FEDORA-2005-1032 2005-10-27
Red Hat RHSA-2005:801-01 2005-10-18
Red Hat RHSA-2005:763-01 2005-10-11
Red Hat RHSA-2005:709-01 2005-10-05
Red Hat RHSA-2005:673-01 2005-10-05
Red Hat RHSA-2005:659-01 2005-09-28
Fedora FEDORA-2005-498 2005-06-29
Fedora FEDORA-2005-497 2005-06-29
Gentoo 200506-01 2005-06-01
Trustix TSLSA-2005-0025 2005-05-31
Mandriva MDKSA-2005:095 2005-05-30
Ubuntu USN-136-2 2005-05-27
Ubuntu USN-136-1 2005-05-27
Ubuntu USN-135-1 2005-05-27
Gentoo 200505-15 2005-05-20

Comments (5 posted)

gdk-pixbuf: multiple vulnerabilities

Package(s):gdk-pixbuf gtk2 CVE #(s):CVE-2005-3186 CVE-2005-2976 CVE-2005-2975
Created:November 15, 2005 Updated:March 20, 2006
Description: The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. A bug was found in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code when the file was opened by a victim.

Ludwig Nussel discovered an integer overflow bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code or crash when the file was opened by a victim.

Ludwig Nussel also discovered an infinite-loop denial of service bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to stop responding when the file was opened by a victim.

Alerts:
Fedora-Legacy FLSA:173274 2006-03-16
Debian DSA-913-1 2005-12-01
Debian DSA-911-1 2005-11-29
Trustix TSLSA-2005-0066 2005-11-18
Mandriva MDKSA-2005:214 2005-11-18
Ubuntu USN-216-1 2005-11-16
SuSE SUSE-SA:2005:065 2005-11-16
Gentoo 200511-14 2005-11-16
Fedora FEDORA-2005-1088 2005-11-15
Fedora FEDORA-2005-1087 2005-11-15
Fedora FEDORA-2005-1086 2005-11-15
Fedora FEDORA-2005-1085 2005-11-15
Red Hat RHSA-2005:811-01 2005-11-15
Red Hat RHSA-2005:810-01 2005-11-15

Comments (none posted)

gedit: format string vulnerability

Package(s):gedit CVE #(s):CAN-2005-1686
Created:June 9, 2005 Updated:February 5, 2009
Description: A format string vulnerability has been discovered in gedit. Calling the program with specially crafted file names caused a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the gedit user.
Alerts:
Fedora FEDORA-2009-1189 2009-01-29
Fedora FEDORA-2009-1187 2009-01-29
Debian DSA-753-1 2005-07-12
Mandriva MDKSA-2005:102 2005-06-15
Red Hat RHSA-2005:499-01 2005-06-13
Gentoo 200506-09 2005-06-11
Ubuntu USN-138-1 2005-06-09

Comments (1 posted)

gettext: Insecure temporary file handling

Package(s):gettext CVE #(s):CAN-2004-0966
Created:October 11, 2004 Updated:March 1, 2006
Description: gettext insecurely creates temporary files in world-writeable directories with predictable names. A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When gettext is called, this would result in file access with the rights of the user running the utility, which could be the root user.
Alerts:
Mandriva MDKSA-2006:051 2006-02-28
Fedora-Legacy FLSA:136323 2006-01-09
Gentoo 200410-10:02 2004-10-10
OpenPKG OpenPKG-SA-2004.055 2004-12-23
Ubuntu USN-5-1 2004-10-27
Gentoo 200410-10 2004-10-10

Comments (1 posted)

gnupg: false positive signature verification

Package(s):gnupg CVE #(s):CVE-2006-0455
Created:February 17, 2006 Updated:March 10, 2006
Description: Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, verifies external signatures of files successfully even though they don't contain a signature at all. See this update from the gnuPG team for more information.
Alerts:
SuSE SUSE-SA:2006:014 2006-03-10
SuSE SUSE-SR:2006:005 2006-03-03
SuSE SUSE-SA:2006:013 2006-03-01
Trustix TSLSA-2006-0008 2006-02-17
SuSE SUSE-SA:2006:009 2006-02-20
Gentoo 200602-10 2006-02-18
OpenPKG OpenPKG-SA-2006.001 2006-02-18
Mandriva MDKSA-2006:043 2006-02-17
Fedora FEDORA-2006-116 2006-02-17
Ubuntu USN-252-1 2006-02-17
Debian DSA-978-1 2006-02-17

Comments (2 posted)

gnutls: denial of service

Package(s):gnutls CVE #(s):CVE-2006-0645
Created:February 13, 2006 Updated:March 6, 2006
Description: Several flaws were found in the way libtasn1 decodes DER. An attacker could create a carefully crafted invalid X.509 certificate in such a way that could trigger this flaw if parsed by an application that uses GNU TLS. This could lead to a denial of service (application crash). It is not certain if this issue could be escalated to allow arbitrary code execution.
Alerts:
Debian DSA-986-1 2006-03-06
Debian DSA-985-1 2006-03-06
Fedora-Legacy FLSA:181014 2006-02-27
Gentoo 200602-08 2006-02-16
Ubuntu USN-251-1 2006-02-16
Mandriva MDKSA-2006:039 2006-02-13
Fedora FEDORA-2006-107 2006-02-10
Red Hat RHSA-2006:0207-01 2006-02-10

Comments (none posted)

grip: buffer overflow

Package(s):grip CVE #(s):CAN-2005-0706
Created:March 10, 2005 Updated:November 19, 2008
Description: Grip, a CD ripper, has a buffer overflow vulnerability that can occur when the CDDB server returns more than 16 matches.
Alerts:
Fedora FEDORA-2008-9604 2008-11-19
Fedora FEDORA-2008-9521 2008-11-19
Fedora-Legacy FLSA:152919 2005-09-15
Mandriva MDKSA-2005:074 2005-04-20
Mandriva MDKSA-2005:075 2005-04-20
Gentoo 200504-07 2005-04-08
Mandrake MDKSA-2005:066 2005-04-01
Red Hat RHSA-2005:304-01 2005-03-28
Gentoo 200503-21 2005-03-17
Fedora FEDORA-2005-203 2005-03-09
Fedora FEDORA-2005-202 2005-03-09

Comments (none posted)

gzip: arbitrary command execution

Package(s):gzip CVE #(s):CAN-2005-0758
Created:August 1, 2005 Updated:January 10, 2007
Description: zgrep in gzip before 1.3.5 does not handle shell metacharacters like '|' and '&' properly when they occurred in input file names. This could be exploited to execute arbitrary commands with user privileges if zgrep is run in an untrusted directory with specially crafted file names.
Alerts:
OpenPKG OpenPKG-SA-2007.002 2007-01-08
Mandriva MDKSA-2006:027 2006-01-30
Mandriva MDKSA-2006:026 2006-01-30
Fedora-Legacy FLSA:158801 2005-11-14
Fedora-Legacy FLSA:157696 2005-08-10
Ubuntu USN-161-1 2005-08-04
Ubuntu USN-158-1 2005-08-01

Comments (2 posted)

heimdal: remote denial of service

Package(s):heimdal CVE #(s):CVE-2006-0677
Created:February 17, 2006 Updated:February 24, 2006
Description: A remote Denial of Service vulnerability was discovered in the heimdal implementation of the telnet daemon. A remote attacker could force the server to crash due to a NULL de-reference before the user logged in, resulting in inetd turning telnetd off because it forked too fast.
Alerts:
SuSE SUSE-SA:2006:011 2006-02-24
Ubuntu USN-253-1 2006-02-17

Comments (none posted)

heimdal: privilege escalation

Package(s):heimdal CVE #(s):CVE-2006-0582
Created:February 13, 2006 Updated:March 17, 2006
Description: A privilege escalation flaw has been found in the heimdal rsh (remote shell) server. This allowed an authenticated attacker to overwrite arbitrary files and gain ownership of them.
Alerts:
Gentoo 200603-14 2006-03-17
Debian DSA-977-1 2006-02-16
Ubuntu USN-247-1 2006-02-10

Comments (none posted)

imagemagick: arbitrary command execution

Package(s):imagemagick CVE #(s):CVE-2005-4601 CVE-2006-0082
Created:January 24, 2006 Updated:March 24, 2006
Description: Florian Weimer discovered that the delegate code did not correctly handle file names which embed shell commands (CVE-2005-4601). Daniel Kobras found a format string vulnerability in the SetImageInfo() function (CVE-2006-0082). By tricking a user into processing an image file with a specially crafted file name, these two vulnerabilities could be exploited to execute arbitrary commands with the user's privileges. These vulnerability become particularly critical if malicious images are sent as email attachments and the email client uses imagemagick to convert/display the images (e. g. Thunderbird and Gnus).
Alerts:
SuSE SUSE-SR:2006:006 2006-03-17
Gentoo 200602-13 2006-02-26
Slackware SSA:2006-045-03 2006-02-15
Red Hat RHSA-2006:0178-01 2006-02-14
Gentoo 200602-06 2006-02-13
Debian DSA-957-2 2006-01-31
Mandriva MDKSA-2006:024 2006-01-26
Debian DSA-957-1 2006-01-26
Ubuntu USN-246-1 2006-01-24

Comments (none posted)

imap: buffer overflow in c-client

Package(s):imap CVE #(s):CAN-2003-0297
Created:February 18, 2005 Updated:April 10, 2006
Description: A buffer overflow flaw was found in the c-client IMAP client. An attacker could create a malicious IMAP server that if connected to by a victim could execute arbitrary code on the client machine.
Alerts:
Fedora-Legacy FLSA:184074 2006-04-04
Fedora-Legacy FLSA:152912 2005-05-12
Red Hat RHSA-2005:114-01 2005-02-18

Comments (none posted)

ipsec-tools: denial of service

Package(s):ipsec-tools CVE #(s):CVE-2005-3732
Created:December 1, 2005 Updated:June 8, 2006
Description: ipsec-tools has a remote denial of service vulnerability in the racoon daemon. If racoon is running in aggressive mode, it fails to check all peer payloads during When the daemon the IKE negotiation phase, allowing a malicious peer to crash the daemon. One should always be careful around aggressive racoons.
Alerts:
Fedora-Legacy FLSA:190941 2006-06-06
Red Hat RHSA-2006:0267-01 2006-04-25
Debian DSA-965-1 2006-02-06
Mandriva MDKSA-2006:020 2006-01-25
SuSE SUSE-SA:2005:070 2005-12-20
Gentoo 200512-04 2005-12-12
Ubuntu USN-221-1 2005-12-01

Comments (none posted)

kdebase: local root vulnerability

Package(s):kdebase CVE #(s):CAN-2005-2494
Created:September 7, 2005 Updated:August 11, 2006
Description: The kdebase package (and kcheckpass in particular) found in KDE versions 3.2.0 through 3.4.2 suffers from a lock file handling error which can enable a local attacker to obtain root access. See this advisory for details.
Alerts:
Red Hat RHSA-2006:0582-01 2006-08-10
Debian DSA-815-1 2005-09-16
Slackware SSA:2005-251-01 2005-09-09
Ubuntu USN-176-1 2005-09-07
Mandriva MDKSA-2005:160 2005-09-06

Comments (none posted)

kdelibs: heap overflow

Package(s):kdelibs CVE #(s):CVE-2006-0019
Created:January 19, 2006 Updated:March 17, 2006
Description: Konqueror's kjs JavaScript interpreter engine has a heap overflow vulnerability. Specially crafted JavaScript code could be placed on a web site, leading to arbitrary code execution. Other kde applications are also subject to this vulnerability.
Alerts:
Fedora-Legacy FLSA:178606 2006-03-16
Slackware SSA:2006-045-05 2006-02-15
Gentoo 200601-11 2006-01-22
Mandriva MDKSA-2006:019 2006-01-20
Fedora FEDORA-2006-050 2006-01-20
SuSE SUSE-SA:2006:003 2006-01-20
Debian DSA-948-1 2005-01-20
Ubuntu USN-245-1 2006-01-20
Red Hat RHSA-2006:0184-01 2006-01-19

Comments (none posted)

kdelibs: kate backup file permission leak

Package(s):kdelibs kate kwrite CVE #(s):CAN-2005-1920
Created:July 19, 2005 Updated:September 21, 2010
Description: Kate / Kwrite, as shipped with KDE 3.2.x up to including 3.4.0, creates a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. See this advisory for more information.
Alerts:
Gentoo 200611-21 2006-11-27
Debian DSA-804-2 2005-11-10
Debian DSA-804-1 2005-09-08
Red Hat RHSA-2005:612-01 2005-07-27
Ubuntu USN-150-1 2005-07-21
Mandriva MDKSA-2005:122 2005-07-20
Fedora FEDORA-2005-594 2005-07-19

Comments (1 posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CAN-2005-0449 CAN-2005-0209 CAN-2005-0529 CAN-2005-0530 CAN-2005-0532 CAN-2005-0384 CAN-2005-0210 CAN-2005-0504 CAN-2005-0003
Created:March 24, 2005 Updated:May 31, 2006
Description: A number of vulnerabilities have been found in the Linux kernel, including a PPP-related denial of service problem, an integer overflow in the epoll() code, memory corruption in the ELF loader, and exploitable overflows in the ISO9660 code.
Alerts:
Debian DSA-1082-1 2006-05-29
Debian DSA-1069-1 2006-05-20
Debian DSA-1070-1 2006-05-21
Debian DSA-1067-1 2006-05-20
Conectiva CLA-2005:945 2005-03-31
Fedora FEDORA-2005-262 2005-03-28
SuSE SUSE-SA:2005:018 2005-03-24

Comments (none posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2005-3356 CVE-2005-4605 CVE-2005-4618 CVE-2005-4639 CVE-2006-0095 CVE-2006-0096
Created:January 18, 2006 Updated:March 7, 2006
Description: The latest set of kernel vulnerabilities includes:

  • A reference counting bug in sys_mq_open(), exploitable by a local user to crash the kernel. (CVE-2005-3356)

  • A misuse of signed data types in /proc, potentially providing read access to random kernel memory. (CVE-2005-4605)

  • An off-by-one error in sysctl(), with the potential for arbitrary code execution. (CVE-2005-4618)

  • A buffer overflow in the TwinHan DST Frontend/Card DVB driver; potential code execution. (CVE-2005-4639)

  • A potential key disclosure in dm-crypt. (CVE-2006-0095)

  • Missing capability check could (maybe) allow arbitrary users to load new firmware into SDLA WAN cards. (CVE-2006-0096)
Alerts:
Red Hat RHSA-2006:0132-01 2006-03-07
Trustix TSLSA-2006-0004 2006-01-27
Ubuntu USN-244-1 2006-01-18

Comments (none posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2005-2709 CVE-2005-2973 CVE-2005-3055 CVE-2005-3180 CVE-2005-3271 CVE-2005-3272 CVE-2005-3273 CVE-2005-3274 CVE-2005-3275 CVE-2005-3276
Created:November 22, 2005 Updated:March 15, 2006
Description: Al Viro discovered a race condition in the /proc file handler of network devices. A local attacker could exploit this by opening any file in /proc/sys/net/ipv4/conf/<interface>/ and waiting until that interface was shut down. Under certain circumstances this could lead to a kernel crash or even arbitrary code execution with full kernel privileges. (CVE-2005-2709)

Tetsuo Handa discovered a local Denial of Service vulnerability in the udp_v6_get_port() function. On computers which use IPv6, a local attacker could exploit this to trigger an infinite loop in the kernel. (CVE-2005-2973)

Harald Welte discovered a Denial of Service vulnerability in the USB devio driver. A local attacker could exploit this by sending an "USB Request Block" (URB) and terminating the sending process before the arrival of the answer, which left an invalid pointer and caused a kernel crash. (CVE-2005-3055)

Pavel Roskin discovered an information leak in the Orinoco wireless card driver. When increasing the buffer length for storing data, the buffer was not padded with zeros, which exposed a random part of the system memory to the user. (CVE-2005-3180)

A resource leak has been discovered in the handling of POSIX timers in the exec() function. This could be exploited to a Denial of Service attack by a group of local users. (CVE-2005-3271)

Stephen Hemminger discovered a weakness in the network bridge driver. Packets which had already been dropped by the packet filter could poison the forwarding table, which could be exploited to make the bridge forward spoofed packages. (CVE-2005-3272)

David S. Miller discovered a buffer overflow in the rose_rt_ioctl() function. By calling the function with a large "ngidis" argument, a local attacker could cause a kernel crash. (CVE-2005-3273)

Neil Horman discovered a race condition in the connection timer handling. This allowed a local attacker to set up an expiration handler which modified the connection list while the list still being traversed, which could result in a kernel crash. This vulnerability only affects multiprocessor (SMP) systems. (CVE-2005-3274)

Patrick McHardy noticed a logic error in the network address translation (NAT) connection tracker. A remote attacker could exploit this by causing two packets for the same protocol to be NATed at the same time, which resulted in a kernel crash. (CVE-2005-3275)

Paolo Giarrusso discovered an information leak in the sys_get_thread_area(). The returned structure was not properly cleared, which exposed a small amount of kernel memory to userspace programs. This could possibly expose confidential data. (CVE-2005-3276)

Alerts:
Red Hat RHSA-2006:0144-01 2006-03-15
Red Hat RHSA-2006:0140-01 2006-01-19
Red Hat RHSA-2006:0101-01 2006-01-17
Mandriva MDKSA-2005:235 2005-12-21
Debian DSA-922-1 2005-12-14
Debian DSA-921-1 2005-12-14
SuSE SUSE-SA:2005:068 2005-12-14
SuSE SUSE-SA:2005:067 2005-12-06
Mandriva MDKSA-2005:220 2005-11-30
Mandriva MDKSA-2005:219 2005-11-30
Mandriva MDKSA-2005:218 2005-11-30
Fedora FEDORA-2005-1104 2005-11-28
Trustix TSLSA-2005-0064 2005-11-11
Ubuntu USN-219-1 2005-11-22

Comments (2 posted)

kernel multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2005-3527 CVE-2005-3783 CVE-2005-3784 CVE-2005-3805 CVE-2005-3806 CVE-2005-3808
Created:January 20, 2006 Updated:April 18, 2006
Description: Here's another set of vulnerabilities in the Linux kernel:
  • A race condition in the 2.6 kernel could allow a local user to cause a DoS by triggering a core dump in one thread while another thread has a pending SIGSTOP (CVE-2005-3527).
  • The ptrace functionality in 2.6 kernels prior to 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which could allow local users to cause a DoS (CVE-2005-3783).
  • The auto-reap child process in 2.6 kernels prior to 2.6.15 include processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a crash (CVE-2005-3784).
  • A locking problem in the POSIX timer cleanup handling on exit on kernels 2.6.10 to 2.6.14 when running on SMP systems, allows a local user to cause a deadlock involving process CPU timers (CVE-2005-3805).
  • The IPv6 flowlabel handling code in 2.4 and 2.6 kernels prior to 2.4.32 and 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a crash by triggering a free of non-allocated memory (CVE-2005-3806).
  • An integer overflow in 2.6.14 and earlier could allow a local user to cause a hang via 64-bit mmap calls that are not properly handled on a 32-bit system (CVE-2005-3808).
Alerts:
Mandriva MDKSA-2006:072 2006-04-17
Debian DSA-1018-2 2006-04-05
Debian DSA-1018-1 2006-03-26
Debian DSA-1017-1 2006-03-23
Fedora-Legacy FLSA:157459-2 2006-03-16
Fedora-Legacy FLSA:157459-1 2006-03-16
Fedora-Legacy FLSA:157459-4 2006-03-16
Fedora-Legacy FLSA:157459-3 2006-03-16
SuSE SUSE-SA:2006:012 2006-02-27
Mandriva MDKSA-2006:044 2006-02-21
Red Hat RHSA-2006:0191-01 2006-02-01
Mandriva MDKSA-2006:018 2006-01-20

Comments (none posted)

xpdf heap based buffer overflow

Package(s):kpdf xpdf kdegraphics poppler CVE #(s):CVE-2006-0301
Created:February 3, 2006 Updated:March 17, 2006
Description: Another heap based buffer overflow has been found in xpdf and other programs that share the same code. This one is in Splash.cc and it can cause crashes and possibly arbitrary code execution.
Alerts:
Fedora-Legacy FLSA:175404 2006-03-16
Mandriva MDKSA-2006:054 2006-03-08
Gentoo 200602-12 2006-02-21
Debian DSA-979-1 2006-02-17
Ubuntu USN-249-1 2006-02-13
Slackware SSA:2006-045-04 2006-02-15
Slackware SSA:2006-045-09 2006-02-15
Debian DSA-974-1 2006-02-15
Debian DSA-972-1 2006-02-15
Debian DSA-971-1 2006-02-14
Red Hat RHSA-2006:0206-01 2006-02-13
Red Hat RHSA-2006:0201-01 2006-02-13
Gentoo 200602-05 2006-02-12
Gentoo 200602-04 2006-02-12
Fedora FEDORA-2006-104 2006-02-10
Fedora FEDORA-2006-103 2006-02-10
Fedora FEDORA-2006-105 2006-02-10
Mandriva MDKSA-2006:032 2006-02-02
Mandriva MDKSA-2006:031 2006-02-02

Comments (none posted)

libdbi-perl: insecure temporary file

Package(s):libdbi-perl CVE #(s):CAN-2005-0077
Created:January 25, 2005 Updated:March 2, 2006
Description: Javier Fernández-Sanguino Peña from the Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.
Alerts:
Fedora-Legacy FLSA:178989 2006-03-01
Gentoo 200501-38:03 2005-01-26
Red Hat RHSA-2005:072-01 2005-02-15
Mandrake MDKSA-2005:030 2005-02-08
Red Hat RHSA-2005:069-01 2005-02-01
Gentoo 200501-38 2005-01-26
Ubuntu USN-70-1 2005-01-25
Debian DSA-658-1 2005-01-25

Comments (none posted)

libgadu: memory alignment bug

Package(s):libgadu CVE #(s):CAN-2005-2370
Created:July 29, 2005 Updated:June 25, 2007
Description: Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service.
Alerts:
Debian DSA-813-1 2005-09-15
Red Hat RHSA-2005:627-01 2005-08-09
Debian DSA-769-1 2005-07-29

Comments (none posted)

libgd2: buffer overflows in PNG handling

Package(s):libgd2 CVE #(s):CAN-2004-0990 CAN-2004-0941
Created:October 29, 2004 Updated:June 28, 2006
Description: Several buffer overflows have been discovered in libgd's PNG handling functions.
If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo website that lets users upload images. Therefore this vulnerability might lead to privilege escalation to a web server's privileges.
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function.
Alerts:
Mandriva MDKSA-2006:114 2006-06-27
Red Hat RHSA-2006:0194-01 2006-02-01
Fedora-Legacy FLSA:152838 2005-07-15
Red Hat RHSA-2004:638-01 2004-12-17
Ubuntu USN-33-1 2004-11-29
Debian DSA-602-1 2004-11-29
Debian DSA-601-1 2004-11-29
Mandrake MDKSA-2004:132 2004-11-15
Ubuntu USN-25-1 2004-11-15
Fedora FEDORA-2004-412 2004-11-11
Fedora FEDORA-2004-411 2004-11-11
Ubuntu USN-21-1 2004-11-09
Debian DSA-591-1 2004-11-09
Debian DSA-589-1 2004-11-09
Gentoo 200411-08 2004-11-03
OpenPKG OpenPKG-SA-2004.049 2004-10-30
Ubuntu USN-11-1 2004-10-28

Comments (none posted)

libmail-audit-perl: insecure temporary file creation

Package(s):libmail-audit-perl CVE #(s):CVE-2005-4536
Created:January 31, 2006 Updated:March 20, 2006
Description: Niko Tyni discovered that the Mail::Audit module, a Perl library for creating simple mail filters, logs to a temporary file with a predictable filename in an insecure fashion when logging is turned on.
Alerts:
Debian DSA-960-3 2006-03-20
Debian DSA-960-2 2006-01-31
Debian DSA-960-1 2006-01-31

Comments (none posted)

libpam-ldap: authentication bypass

Package(s):libpam-ldap CVE #(s):CAN-2005-2641
Created:August 25, 2005 Updated:October 6, 2006
Description: libpam-ldap, the PAM LDAP interface, has a vulnerability in which it fails to authenticate with an LDAP server which is not configured properly, allowing an authentication bypass.
Alerts:
rPath rPSA-2006-0183-1 2006-10-05
Mandriva MDKSA-2005:190 2005-10-20
Gentoo 200508-22 2005-08-31
Debian DSA-785-1 2005-08-25

Comments (none posted)

libpng: heap based buffer overflow

Package(s):libpng CVE #(s):CVE-2006-0481
Created:February 13, 2006 Updated:December 15, 2008
Description: A heap based buffer overflow bug was found in the way libpng strips alpha channels from a PNG image. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash or execute arbitrary code when the file is opened by a victim.
Alerts:
Gentoo 200812-15 2008-12-14
Red Hat RHSA-2006:0205-01 2006-02-13

Comments (1 posted)

libungif: memory corruption

Package(s):libungif CVE #(s):CAN-2005-2974
Created:November 3, 2005 Updated:March 20, 2006
Description: The libungif library has a vulnerability in the GIF file colormap handling code. A maliciously crafted GIF file can cause out of bounds memory writing and register corruption.
Alerts:
Fedora-Legacy FLSA:174479 2006-03-16
SuSE SUSE-SR:2005:026 2005-11-11
Mandriva MDKSA-2005:207 2005-11-09
Debian DSA-890-1 2005-11-09
Ubuntu USN-214-1 2005-11-07
Gentoo 200511-03 2005-11-04
Red Hat RHSA-2005:828-01 2005-11-03
Fedora FEDORA-2005-1046 2005-11-03
Fedora FEDORA-2005-1045 2005-11-03

Comments (none posted)

libxml2 - arbitrary code execution

Package(s):libxml2 CVE #(s):CAN-2004-0110
Created:February 26, 2004 Updated:August 19, 2009
Description: Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing routines. These routines can overflow a buffer if passed a very long URL. If an attacker is able to find an application using libxml2 that parses remote resources and allows them to influence the URL, then this flaw could be used to execute arbitrary code.
Alerts:
Fedora FEDORA-2009-8594 2009-08-15
Fedora FEDORA-2009-8582 2009-08-15
Fedora-Legacy FLSA:1324 2004-07-19
Conectiva CLA-2004:836 2004-03-31
Gentoo 200403-01 2004-03-06
Trustix TSLSA-2004-0010 2004-03-05
OpenPKG OpenPKG-SA-2004.003 2004-03-05
Netwosix NW-2004-0004 2004-03-04
Debian DSA-455-1 2004-03-03
Mandrake MDKSA-2004:018 2004-03-03
Red Hat RHSA-2004:091-02 2004-03-03
Whitebox WBSA-2004:090-01 2004-03-01
Red Hat RHSA-2004:090-01 2004-02-26
Fedora FEDORA-2004-087 2004-02-25
Red Hat RHSA-2004:091-01 2004-02-26

Comments (none posted)

libxml2: multiple buffer overflows

Package(s):libxml2 CVE #(s):CAN-2004-0989
Created:October 28, 2004 Updated:August 19, 2009
Description: libxml2 prior to version 2.6.14 has multiple buffer overflow vulnerabilities, if a local user passes a specially crafted FTP URL, arbitrary code may be executed.
Alerts:
Fedora FEDORA-2009-8594 2009-08-15
Fedora FEDORA-2009-8582 2009-08-15
Ubuntu USN-89-1 2005-02-28
Red Hat RHSA-2004:650-01 2004-12-16
Conectiva CLA-2004:890 2004-11-18
Red Hat RHSA-2004:615-01 2004-11-12
Mandrake MDKSA-2004:127 2004-11-04
Debian DSA-582-1 2004-11-02
Gentoo 200411-05 2004-11-02
Trustix TSLSA-2004-0055 2004-10-29
OpenPKG OpenPKG-SA-2004.050 2004-10-31
Ubuntu USN-10-1 2004-10-28
Fedora FEDORA-2004-353 2004-10-28

Comments (none posted)

libXpm: new buffer overflows

Package(s):libXpm CVE #(s):CAN-2005-0605
Created:March 4, 2005 Updated:March 8, 2006
Description: A new vulnerability has been discovered in libXpm, which is included in OpenMotif and LessTif, that can potentially lead to remote code execution.
Alerts:
Fedora-Legacy FLSA:168264 2006-03-07
Fedora-Legacy FLSA:152803 2006-01-09
Fedora FEDORA-2005-815 2005-08-26
Fedora FEDORA-2005-808 2005-08-25
Red Hat RHSA-2005:198-01 2005-06-08
Red Hat RHSA-2005:473-01 2005-05-24
Red Hat RHSA-2005:412-01 2005-05-11
Debian DSA-723-1 2005-05-09
Mandriva MDKSA-2005:081 2005-05-05
Mandriva MDKSA-2005:080 2005-04-28
Red Hat RHSA-2005:044-01 2005-04-06
Red Hat RHSA-2005:331-01 2005-03-30
Fedora FEDORA-2005-273 2005-03-29
Fedora FEDORA-2005-272 2005-03-29
Ubuntu USN-97-1 2005-03-16
Gentoo 200503-15 2005-03-12
Ubuntu USN-92-1 2005-03-07
Gentoo 200503-08 2005-03-04

Comments (none posted)

lynx: arbitrary command execution

Package(s):lynx CVE #(s):CVE-2005-2929
Created:November 14, 2005 Updated:September 14, 2009
Description: An arbitrary command execute bug was found in the lynx "lynxcgi:" URI handler. An attacker could create a web page redirecting to a malicious URL which could execute arbitrary code as the user running lynx.
Alerts:
Gentoo 200909-15 2009-09-12
Fedora-Legacy FLSA:152832 2005-12-17
OpenPKG OpenPKG-SA-2005.026 2005-12-03
Fedora FEDORA-2005-1079 2005-11-14
Fedora FEDORA-2005-1078 2005-11-14
Gentoo 200511-09 2005-11-13
Mandriva MDKSA-2005:211 2005-11-12
Red Hat RHSA-2005:839-01 2005-11-11

Comments (none posted)

mailman: denial of service

Package(s):mailman CVE #(s):CVE-2005-3573
Created:December 2, 2005 Updated:March 8, 2006
Description: Scrubber.py in Mailman 2.1.4 - 2.1.6 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service.
Alerts:
Red Hat RHSA-2006:0204-01 2006-03-07
Debian DSA-955-1 2006-01-25
Ubuntu USN-242-1 2006-01-16
Mandriva MDKSA-2005:222 2005-12-02

Comments (none posted)

metamail: buffer overflow

Package(s):metamail CVE #(s):CVE-2006-0709
Created:February 21, 2006 Updated:March 17, 2006
Description: A buffer overflow bug was found in the way Metamail processes certain mail messages. An attacker could create a carefully-crafted message such that when it is opened by a victim and parsed through Metamail, it runs arbitrary code as the victim.
Alerts:
Gentoo 200603-16 2006-03-17
Debian DSA-995-1 2006-03-13
Mandriva MDKSA-2006:047 2006-02-22
Red Hat RHSA-2006:0217-01 2006-02-21

Comments (none posted)

mod_auth_pgsql: format string flaws

Package(s):mod_auth_pgsql CVE #(s):CVE-2005-3656
Created:January 6, 2006 Updated:February 28, 2006
Description: The mod_auth_pgsql package is an httpd module that allows user authentication against information stored in a PostgreSQL database. Several format string flaws were found in the way mod_auth_pgsql logs information. It may be possible for a remote attacker to execute arbitrary code as the 'apache' user if mod_auth_pgsql is used for user authentication.
Alerts:
Fedora-Legacy FLSA:177326 2006-02-27
Gentoo 200601-05 2006-01-10
Debian DSA-935-1 2006-01-10
Mandriva MDKSA-2006:009 2006-01-06
Ubuntu USN-239-1 2006-01-09
Red Hat RHSA-2006:0164-01 2006-01-05

Comments (none posted)

mod_python: remote access vulnerability

Package(s):mod_python CVE #(s):CAN-2005-0088
Created:February 10, 2005 Updated:April 10, 2006
Description: mod_python has a vulnerability in the publisher handler that may allow a remote user to use a specially crafted URL to allow access to objects that should be protected. An information leak can result.
Alerts:
Fedora-Legacy FLSA:152896 2006-04-04
Conectiva CLA-2005:926 2005-03-02
Debian DSA-689-1 2005-02-23
Red Hat RHSA-2005:100-01 2005-02-15
Gentoo 200502-14 2005-02-13
Trustix TSLSA-2005-0003 2005-02-11
Ubuntu USN-80-1 2005-02-11
Red Hat RHSA-2005:104-01 2005-02-10
Fedora FEDORA-2005-140 2005-02-10
Fedora FEDORA-2005-139 2005-02-10

Comments (none posted)

mozilla: multiple vulnerabilities

Package(s):mozilla CVE #(s):CVE-2005-4134 CVE-2006-0292 CVE-2006-0296
Created:February 2, 2006 Updated:May 4, 2006
Description: Mozilla has three new vulnerabilities. The Javascript interpreter has a problem with dereferencing objects. A user can visit a specially crafted web page which can crash the browser or cause it to execute arbitrary code.

The XULDocument.persist() function has a bug that can be triggered by viewing specially crafted web sites, RDF data can be injected into the localstore.rdf file, allowing arbitrary javascript code to be executed.

The Mozilla history saving mechanism is vulnerable to a denial of service attack, visiting sites with extra-long titles can cause a crash or very slow startup the next time the browser is run.

Alerts:
Ubuntu USN-275-1 2006-04-27
Debian DSA-1046-1 2006-04-27
Fedora-Legacy FLSA:180036 2006-02-23
Mandriva MDKSA-2006:037 2006-02-07
Mandriva MDKSA-2006:036 2006-02-07
Fedora FEDORA-2006-076 2006-02-02
Fedora FEDORA-2006-075 2006-02-02
Red Hat RHSA-2006:0200-01 2006-02-02
Red Hat RHSA-2006:0199-01 2006-02-02

Comments (none posted)

mysql: low-impact security fix

Package(s):mysql CVE #(s):CAN-2005-1636
Created:July 20, 2005 Updated:February 22, 2006
Description: An update to MySQL version 4.1.12 fixes a low-impact security problem (bz#158689).
Alerts:
Mandriva MDKSA-2006:045 2006-02-21
Red Hat RHSA-2005:685-01 2005-10-05
Debian DSA-783-1 2005-08-24
Fedora FEDORA-2005-557 2005-07-20

Comments (1 posted)

nbd: arbitrary code execution

Package(s):nbd CVE #(s):CVE-2005-3534
Created:January 6, 2006 Updated:March 7, 2011
Description: Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.
Alerts:
SuSE SUSE-SR:2006:001 2006-01-13
Ubuntu USN-237-1 2006-01-06

Comments (none posted)

ncpfs: multiple vulnerabilities

Package(s):ncpfs CVE #(s):CAN-2005-0013 CAN-2005-0014
Created:January 31, 2005 Updated:May 15, 2006
Description: Erik Sjolund discovered two vulnerabilities in the programs bundled with ncpfs: there is a potentially exploitable buffer overflow in ncplogin (CAN-2005-0014), and due to a flaw in nwclient.c, utilities using the NetWare client functions insecurely access files with elevated privileges (CAN-2005-0013).
Alerts:
Fedora-Legacy FLSA:152904 2006-05-12
Fedora FEDORA-2005-435 2005-08-16
Red Hat RHSA-2005:371-01 2005-05-17
Mandrake MDKSA-2005:028 2005-02-01
Gentoo 200501-44 2005-01-30

Comments (none posted)

nfs-utils: arbitrary code execution

Package(s):nfs-utils CVE #(s):CAN-2004-0946
Created:January 11, 2005 Updated:February 27, 2006
Description: Arjan van de Ven discovered a buffer overflow in rquotad on 64bit architectures; an improper integer conversion could lead to a buffer overflow. An attacker with access to an NFS share could send a specially crafted request which could then lead to the execution of arbitrary code.
Alerts:
Fedora-Legacy FLSA:138098 2006-02-25
Red Hat RHSA-2005:014-01 2005-01-12
Mandrake MDKSA-2005:005 2005-01-11

Comments (none posted)

noweb: insecure temporary file

Package(s):noweb CVE #(s):CVE-2005-3342
Created:February 13, 2006 Updated:February 27, 2006
Description: Javier Fernández-Sanguino Peña from the Debian Security Audit project discovered that a script in noweb, a web like literate-programming tool, creates a temporary file in an insecure fashion.
Alerts:
Gentoo 200602-14 2006-02-26
Ubuntu USN-254-1 2006-02-21
Debian DSA-968-1 2006-02-13

Comments (none posted)

ntp: uses wrong gid

Package(s):ntp CVE #(s):CAN-2005-2496
Created:August 26, 2005 Updated:August 11, 2006
Description: When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group. This problem is now fixed by this update.
Alerts:
Red Hat RHSA-2006:0393-01 2006-08-10
Mandriva MDKSA-2005:156 2005-09-06
Debian DSA-801-1 2005-09-05
Ubuntu USN-175-1 2005-09-01
Fedora FEDORA-2005-812 2005-08-26

Comments (none posted)

openmotif: buffer overflows

Package(s):openmotif CVE #(s):CVE-2005-3964
Created:December 29, 2005 Updated:July 27, 2006
Description: The libUil component of the OpenMotif toolkit has a pair of buffer overflow vulnerabilities that can possibly be used for the execution of arbitrary code.
Alerts:
Fedora FEDORA-2006-854 2006-07-26
Red Hat RHSA-2006:0272-01 2006-04-04
Gentoo 200512-16 2005-12-28

Comments (none posted)

OpenSSH: double shell expansion

Package(s):openssh CVE #(s):CVE-2006-0225
Created:January 23, 2006 Updated:July 20, 2006
Description: OpenSSH has a double shell expansion vulnerability in local to local and remote to remote copy with scp.
Alerts:
Red Hat RHSA-2006:0298-01 2006-07-20
Red Hat RHSA-2006:0044-01 2006-03-07
Ubuntu USN-255-1 2006-02-21
Gentoo 200602-11 2006-02-20
Fedora-Legacy FLSA:168935 2006-02-18
OpenPKG OpenPKG-SA-2006.003 2006-02-18
Slackware SSA:2006-045-06 2006-02-15
SuSE SUSE-SA:2006:008 2006-02-14
Mandriva MDKSA-2006:034 2006-02-06
Fedora FEDORA-2006-056 2006-01-23

Comments (none posted)

pcre3: arbitrary code execution

Package(s):pcre3 CVE #(s):CAN-2005-2491
Created:August 23, 2005 Updated:March 10, 2006
Description: A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.
Alerts:
Red Hat RHSA-2006:0197-01 2006-03-09
Fedora-Legacy FLSA:168516 2006-03-07
Debian DSA-821-1 2005-09-28
Debian DSA-819-1 2005-09-23
Debian DSA-817-1 2005-09-22
Gentoo 200509-08 2005-09-12
Red Hat RHSA-2005:358-01 2005-09-08
Red Hat RHSA-2005:761-02 2005-09-08
Trustix TSLSA-2005-0045 2005-08-26
OpenPKG OpenPKG-SA-2005.018 2005-09-05
SuSE SUSE-SA:2005:051 2005-09-05
Gentoo 200509-02 2005-09-03
Debian DSA-800-1 2005-09-02
Ubuntu USN-173-4 2005-08-31
Slackware SSA:2005-242-01 2005-08-31
SuSE SUSE-SA:2005:049 2005-08-30
SuSE SUSE-SA:2005:048 2005-08-30
Ubuntu USN-173-3 2005-08-30
Mandriva MDKSA-2005:155 2005-08-29
Mandriva MDKSA-2005:154 2005-08-26
Mandriva MDKSA-2005:153 2005-08-26
Mandriva MDKSA-2005:151 2005-08-25
Mandriva MDKSA-2005:152 2005-08-25
Gentoo 200508-17 2005-08-25
Ubuntu USN-173-2 2005-08-24
Fedora FEDORA-2005-803 2005-08-24
Fedora FEDORA-2005-802 2005-08-24
Ubuntu USN-173-1 2005-08-23

Comments (none posted)

perl: setuid vulnerabilities

Package(s):perl CVE #(s):CAN-2005-0155 CAN-2005-0156
Created:February 2, 2005 Updated:August 11, 2006
Description: There are two vulnerabilities with perl when it is used in a setuid mode. The PERLIO_DEBUG environment variable can be used to overwrite arbitrary files; there is also an associated buffer overflow which can be exploited to gain root access.
Alerts:
Red Hat RHSA-2006:0605-01 2006-08-10
Fedora FEDORA-2005-353 2005-05-02
Red Hat RHSA-2005:103-01 2005-02-15
Gentoo 200502-13 2005-02-11
SuSE SUSE-SR:2005:004 2005-02-11
Mandrake MDKSA-2005:031 2005-02-08
Red Hat RHSA-2005:105-01 2005-02-07
Ubuntu USN-72-1 2005-02-02

Comments (none posted)

perl: integer overflow

Package(s):perl CVE #(s):CVE-2005-3962 CVE-2005-3912
Created:December 1, 2005 Updated:February 27, 2006
Description: Perl has an sprintf integer overflow vulnerability that may be used for a denial of service, remote code execution and information leakage.
Alerts:
Fedora-Legacy FLSA:176731 2006-02-25
Debian DSA-943-1 2006-01-16
Red Hat RHSA-2005:881-01 2005-12-20
Red Hat RHSA-2005:880-01 2005-12-20
SuSE SUSE-SA:2005:071 2005-12-20
Fedora FEDORA-2005-1145 2005-12-14
Fedora FEDORA-2005-1144 2005-12-14
Ubuntu USN-222-2 2005-12-12
Trustix TSLSA-2005-0070 2005-12-09
Mandriva MDKSA-2005:225 2005-12-08
Gentoo 200512-02 2005-12-07
Gentoo 200512-01 2005-12-07
OpenPKG OpenPKG-SA-2005.025 2005-12-03
Mandriva MDKSA-2005:223 2005-12-02
Ubuntu USN-222-1 2005-12-02
Fedora FEDORA-2005-1116 2005-12-01
Fedora FEDORA-2005-1113 2005-12-01

Comments (none posted)

PHP: safe_mode bypass

Package(s):php CVE #(s):CVE-2005-3391
Created:February 8, 2006 Updated:March 10, 2006
Description: A vulnerability in the PHP GD extension (prior to version 4.4.1) can enable a remote attacker to bypass safe_mode restrictions.
Alerts:
Mandriva MDKSA-2006:035-1 2006-03-09
Slackware SSA:2006-045-07 2006-02-15
Mandriva MDKSA-2006:035 2006-02-07

Comments (none posted)

php: multiple vulnerabilities

Package(s):php CVE #(s):CVE-2006-0207 CVE-2006-0208
Created:February 2, 2006 Updated:March 23, 2006
Description: PHP has a response splitting vulnerability, remote attackers can inject arbitrary HTTP headers via an unknown method, possibly using a Set-Cookie header. Also, a number of cross-site scripting vulnerabilities can be used by remote attackers to inject arbitrary web scripts or html pages.
Alerts:
Gentoo 200603-22 2006-03-22
Ubuntu USN-261-1 2006-03-10
Mandriva MDKSA-2006:028 2006-02-01

Comments (none posted)

phpbb2: multiple vulnerabilities

Package(s):phpbb2 CVE #(s):CVE-2005-3310 CVE-2005-3415 CVE-2005-3416 CVE-2005-3417 CVE-2005-3418 CVE-2005-3419 CVE-2005-3420 CVE-2005-3536 CVE-2005-3537
Created:December 22, 2005 Updated:February 11, 2008
Description: The phpbb2 web forum has a number of vulnerabilities including: a web script injection problem, a protection mechanism bypass, a security check bypass, a remote global variable bypass, cross site scripting vulnerabilities, an SQL injection vulnerability, a remote regular expression modification problem, missing input sanitizing, and a missing request validation problem.
Alerts:
Debian DSA-925-1 2005-12-22

Comments (none posted)

phpMyAdmin: multiple vulnerabilities

Package(s):phpmyadmin CVE #(s):CVE-2005-4079 CVE-2005-3665
Created:December 12, 2005 Updated:November 20, 2006
Description: Stefan Esser reported multiple vulnerabilities found in phpMyAdmin. The $GLOBALS variable allows modifying the global variable import_blacklist to open phpMyAdmin to local and remote file inclusion, depending on your PHP version (CVE-2005-4079, PMASA-2005-9). Furthermore, it is also possible to conduct an XSS attack via the $HTTP_HOST variable and a local and remote file inclusion because the contents of the variable are under total control of the attacker (CVE-2005-3665, PMASA-2005-8).
Alerts:
Debian DSA-1207-2 2006-11-19
Debian DSA-1207-1 2006-11-09
SuSE SUSE-SA:2006:004 2006-01-26
Gentoo 200512-03 2005-12-11

Comments (none posted)

postgresql: database initialization errors

Package(s):postgresql CVE #(s):CAN-2005-1409 CAN-2005-1410
Created:May 4, 2005 Updated:February 28, 2006
Description: PostgreSQL suffers from two vulnerabilities in how databases are set up by default; they allow a local attacker (one with access to the database) to crash the back end and, perhaps, execute code with the privileges of the server process. See this advisory for details and workarounds.
Alerts:
Fedora-Legacy FLSA:157366 2006-02-27
Mandriva MDKSA-2005:093 2005-05-26
Red Hat RHSA-2005:433-01 2005-06-01
Gentoo 200505-12 2005-05-15
Fedora FEDORA-2005-368 2005-05-10
Ubuntu USN-118-1 2005-05-04

Comments (none posted)

pound: HTTP Request Smuggling Attack

Package(s):pound CVE #(s):CVE-2005-3751
Created:January 10, 2006 Updated:June 8, 2006
Description: HTTP requests with conflicting Content-Length and Transfer-Encoding headers could lead to HTTP Request Smuggling Attack, which can be exploited to bypass packet filters or poison web caches.
Alerts:
Gentoo 200606-05 2006-06-07
Debian DSA-934-1 2006-01-09

Comments (none posted)

pstotext: remote execution of arbitrary code

Package(s):pstotext netpbm CVE #(s):CAN-2005-2471
Created:August 1, 2005 Updated:March 28, 2006
Description: Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. An attacker could craft a malicious PostScript file and entice a user to run pstotext on it, resulting in the execution of arbitrary commands with the permissions of the user running pstotext. See this Secunia advisory for more information.
Alerts:
Debian DSA-1021-1 2006-03-28
Debian DSA-792-1 2005-08-31
Red Hat RHSA-2005:743-01 2005-08-22
Fedora FEDORA-2005-728 2005-08-17
Fedora FEDORA-2005-727 2005-08-17
Ubuntu USN-164-1 2005-08-11
Mandriva MDKSA-2005:133 2005-08-09
Gentoo 200508-04 2005-08-05
Gentoo 200507-29 2005-07-31

Comments (2 posted)

Py2Play: remote execution of arbitrary Python code

Package(s):Py2Play CVE #(s):CAN-2005-2875
Created:September 19, 2005 Updated:September 6, 2006
Description: Py2Play uses Python pickles to send objects over a peer-to-peer game network, that clients accept without restriction the objects and code sent by peers. A remote attacker participating in a Py2Play-powered game can send malicious Python pickles, resulting in the execution of arbitrary Python code on the targeted game client.
Alerts:
Gentoo 200509-09:02 2005-09-17
Debian DSA-856-1 2005-10-10
Gentoo 200509-09 2005-09-17

Comments (none posted)

scorched3d: multiple vulnerabilities

Package(s):scorched3d CVE #(s):
Created:November 15, 2005 Updated:August 11, 2006
Description: Luigi Auriemma discovered multiple flaws in the Scorched 3D game server, including a format string vulnerability and several buffer overflows. A remote attacker could exploit these vulnerabilities to crash a game server or execute arbitrary code with the rights of the game server user.
Alerts:
Gentoo 200511-12:03 2005-11-15
Gentoo 200511-12 2005-11-15

Comments (none posted)

spamassassin: denial of service

Package(s):spamassassin CVE #(s):CVE-2005-3351
Created:November 9, 2005 Updated:March 7, 2006
Description: Spamassassin through version 3.0.4 can be made to dump core if a message arrives with too many addresses in the To: field.
Alerts:
Red Hat RHSA-2006:0129-01 2006-03-07
Mandriva MDKSA-2005:221 2005-12-02
Fedora FEDORA-2005-1066 2005-11-09
Fedora FEDORA-2005-1065 2005-11-09

Comments (none posted)

squid: authentication handling

Package(s):squid CVE #(s):CAN-2005-2917
Created:September 30, 2005 Updated:March 15, 2006
Description: Upstream developers of squid, the popular WWW proxy cache, have discovered that changes in the authentication scheme are not handled properly when given certain request sequences while NTLM authentication is in place, which may cause the daemon to restart.
Alerts:
Red Hat RHSA-2006:0045-01 2006-03-15
Red Hat RHSA-2006:0052-01 2006-03-07
Fedora-Legacy FLSA:152809 2006-02-18
Mandriva MDKSA-2005:181 2005-10-11
Ubuntu USN-192-1 2005-09-30
Debian DSA-828-1 2005-09-30

Comments (none posted)

struts: cross-site scripting vulnerability

Package(s):struts CVE #(s):CVE-2005-3745
Created:January 12, 2006 Updated:March 8, 2006
Description: The Struts error display system has a cross-site scripting vulnerability. An attacker may be able to maliciously craft a URL that can trick a user into thinking they are looking at a trusted site when they are not.
Alerts:
Red Hat RHSA-2006:0161-01 2006-03-07
Red Hat RHSA-2006:0157-01 2006-01-11

Comments (none posted)

sudo: vulnerability via scripts

Package(s):sudo CVE #(s):CAN-2005-4158 CVE-2006-0151
Created:December 16, 2005 Updated:September 1, 2006
Description: Perl and Python scripts run via Sudo can be subverted.
Alerts:
Mandriva MDKSA-2006:159 2006-08-31
Debian DSA-946-2 2006-04-08
Slackware SSA:2006-045-08 2006-02-15
SuSE SUSE-SR:2006:002 2006-01-20
Debian DSA-946-1 2006-01-20
Ubuntu USN-235-2 2006-01-09
Ubuntu USN-235-1 2006-01-05
Mandriva MDKSA-2005:234 2005-12-20
Fedora FEDORA-2005-1147 2005-12-16

Comments (none posted)

sudo: race condition

Package(s):sudo CVE #(s):CAN-2005-1993
Created:June 21, 2005 Updated:February 24, 2006
Description: Charles Morris discovered a race condition in sudo which could lead to privilege escalation. If /etc/sudoers allowed a user the execution of selected programs, and this was followed by another line containing the pseudo-command "ALL", that user could execute arbitrary commands with sudo by creating symbolic links at a certain time.
Alerts:
Fedora-Legacy FLSA:162750 2006-02-23
Debian DSA-735-2 2005-07-07
Debian DSA 735-1 2005-07-01
Red Hat RHSA-2005:535-04 2005-06-29
SuSE SUSE-SA:2005:036 2005-06-24
OpenPKG OpenPKG-SA-2005.012 2005-06-23
Gentoo 200506-22 2005-06-23
Slackware SSA:2005-172-01 2005-06-22
Mandriva MDKSA-2005:103 2005-06-21
Fedora FEDORA-2005-473 2005-06-21
Fedora FEDORA-2005-472 2005-06-21
Ubuntu USN-142-1 2005-06-21

Comments (none posted)

tar: buffer overflow

Package(s):tar CVE #(s):CVE-2006-0300
Created:February 22, 2006 Updated:April 10, 2006
Description: A buffer overflow (exploitable via a carefully-crafted archive file) has been discovered in GNU tar, versions 1.14 and above.
Alerts:
Fedora-Legacy FLSA:183571-2 2006-04-04
Gentoo 200603-06 2006-03-10
Debian DSA-987-1 2006-03-07
OpenPKG OpenPKG-SA-2006.006 2006-03-05
Red Hat RHSA-2006:0232-01 2006-03-01
Trustix TSLSA-2006-0010 2006-02-24
Ubuntu USN-257-1 2006-02-23
Mandriva MDKSA-2006:046 2006-02-21

Comments (none posted)

File overwrite vulnerability in tar and unzip

Package(s):tar unzip CVE #(s):CAN-2001-1267 CAN-2001-1268 CAN-2001-1269 CAN-2002-0399
Created:October 1, 2002 Updated:April 10, 2006
Description: The tar utility does not properly filter file names containing "../", meaning that a hostile archive can, if unpacked by an unsuspecting user, overwrite any file that is writable by that user. GNU tar versions 1.13.19 and earlier are vulnerable; unzip through version 5.42 has the same vulnerability.
Alerts:
Fedora-Legacy FLSA:183571-1 2006-04-04
Red Hat RHSA-2006:0195-01 2006-02-21
Conectiva CLA-2002:538 2002-10-29
Mandrake MDKSA-2002:066 2002-10-10
Mandrake MDKSA-2002:065 2002-10-10
EnGarde ESA-20021003-022 2002-10-03
Gentoo unzip-20021001 2002-10-01
Gentoo tar-20021001 2002-10-01
Red Hat RHSA-2002:096-24 2002-09-18

Comments (1 posted)

tcpdump: multiple DoS issues

Package(s):tcpdump CVE #(s):CAN-2005-1280 CAN-2005-1279 CAN-2005-1278
Created:May 2, 2005 Updated:April 10, 2006
Description: The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. (CAN-2005-1280)

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet, which is not properly handled by RT_ROUTING_INFO, or LDP packet, which is not properly handled by the ldp_print function. (CAN-2005-1279)

The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet. (CAN-2005-1278)

Alerts:
Fedora-Legacy FLSA:156139 2006-04-04
Debian DSA-850-1 2005-10-09
Mandriva MDKSA-2005:087 2005-05-11
Red Hat RHSA-2005:417-02 2005-05-11
Red Hat RHSA-2005:421-02 2005-05-11
Gentoo 200505-06 2005-05-09
Ubuntu USN-119-1 2005-05-06
Fedora FEDORA-2005-351 2005-05-02

Comments (none posted)

tetex: integer overflows

Package(s):tetex CVE #(s):CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628
Created:January 19, 2006 Updated:May 23, 2006
Description: The teTeX PDF parsing library has an integer overflow vulnerability. A carefully crafted PDF file can be used by an attacker to crash teTeX and possibly execute arbitrary code.
Alerts:
Slackware SSA:2006-142-01 2006-05-23
Fedora-Legacy FLSA:152868 2006-05-12
Gentoo 200603-02 2006-03-04
Red Hat RHSA-2006:0160-01 2006-01-19

Comments (none posted)

texinfo: temporary file vulnerability

Package(s):texinfo CVE #(s):CAN-2005-3011
Created:October 5, 2005 Updated:November 9, 2006
Description: Texinfo prior to version 4.8-r1 suffers from a temporary file vulnerability.
Alerts:
Ubuntu USN-194-2 2006-01-09
Fedora FEDORA-2005-991 2005-10-14
Fedora FEDORA-2005-990 2005-10-14
Mandriva MDKSA-2005:175 2005-10-06
Ubuntu USN-194-1 2005-10-06
Gentoo 200510-04 2005-10-05

Comments (none posted)

tin: buffer overflow

Package(s):tin CVE #(s):CVE-2006-0804
Created:February 19, 2006 Updated:November 24, 2006
Description: An allocation off-by-one bug exists in the TIN news reader version 1.8.0 and earlier which can lead to a buffer overflow.
Alerts:
Gentoo 200611-18 2006-11-24
OpenPKG OpenPKG-SA-2006.005 2006-02-19

Comments (none posted)

tutos: SQL injection and cross-site scripting

Package(s):tutos CVE #(s):CVE-2004-2161 CVE-2004-2162
Created:February 22, 2006 Updated:February 22, 2006
Description: The tutos groupware package has (old) SQL injection and cross-site scripting vulnerabilities.
Alerts:
Debian DSA-980-1 2006-02-22

Comments (none posted)

udev: insecure files in /dev/input

Package(s):udev CVE #(s):CVE-2005-3631
Created:December 20, 2005 Updated:February 28, 2006
Description: Richard Cunningham discovered a flaw in the way udev sets permissions on various files in /dev/input. It may be possible for an authenticated attacker to gather sensitive data entered by a user at the console, such as passwords.
Alerts:
Fedora-Legacy FLSA:175818 2006-02-27
Red Hat RHSA-2005:864-01 2005-12-20

Comments (none posted)

unzip: long file name buffer overflow

Package(s):unzip CVE #(s):CVE-2005-4667
Created:February 6, 2006 Updated:May 2, 2007
Description: A buffer overflow in UnZip 5.50 and earlier allows local users to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.
Alerts:
Red Hat RHSA-2007:0203-02 2007-05-01
Fedora-Legacy FLSA:180159 2006-04-04
Debian DSA-1012-1 2006-03-21
Mandriva MDKSA-2006:050 2006-02-27
Ubuntu USN-248-2 2006-02-15
Ubuntu USN-248-1 2006-02-13
Fedora FEDORA-2006-098 2006-02-06

Comments (1 posted)

up-imapproxy: format string vulnerabilities

Package(s):up-imapproxy CVE #(s):CAN-2005-2661
Created:October 10, 2005 Updated:March 7, 2006
Description: up-imapproxy contains two format string vulnerabilities which could be exploited to execute arbitrary code.
Alerts:
Gentoo 200603-04 2006-03-06
Debian DSA-852-1 2005-10-09

Comments (none posted)

uw-imap: buffer overflow

Package(s):uw-imap CVE #(s):CAN-2005-2933
Created:October 11, 2005 Updated:April 10, 2006
Description: "infamous41md" discovered a buffer overflow in uw-imap, the University of Washington's IMAP Server that allows attackers to execute arbitrary code.
Alerts:
Fedora-Legacy FLSA:184098 2006-04-04
Fedora-Legacy FLSA:170411 2006-04-04
Fedora FEDORA-2005-1112 2005-12-08
Fedora FEDORA-2005-1115 2005-12-08
Red Hat RHSA-2005:850-01 2005-12-06
Red Hat RHSA-2005:848-01 2005-12-06
Mandriva MDKSA-2005:194 2005-10-26
Trustix TSLSA-2005-0055 2005-10-07
Mandriva MDKSA-2005:189 2005-10-20
SuSE SUSE-SR:2005:023 2005-10-14
Gentoo 200510-10 2005-10-11
Debian DSA-861-1 2005-10-11

Comments (none posted)

vixie-cron: crontab allows any user to read another users crontabs

Package(s):vixie-cron CVE #(s):CAN-2005-1038
Created:April 15, 2005 Updated:March 15, 2006
Description: crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235. See also this Security Focus report.
Alerts:
Red Hat RHSA-2006:0117-01 2006-03-15
Red Hat RHSA-2005:361-01 2005-10-05
Fedora FEDORA-2005-320 2005-04-15

Comments (none posted)

w3c-libwww: possible stack overflow

Package(s):w3c-libwww CVE #(s):CVE-2005-3183
Created:October 14, 2005 Updated:May 2, 2007
Description: xtensive testing of libwww's handling of multipart/byteranges content from HTTP/1.1 servers revealed multiple logical flaws and bugs in Library/src/HTBound.c
Alerts:
Red Hat RHSA-2007:0208-02 2007-05-01
Ubuntu USN-220-1 2005-12-01
Mandriva MDKSA-2005:210 2005-11-09
Fedora FEDORA-2005-953 2005-10-07
Fedora FEDORA-2005-952 2005-10-07

Comments (1 posted)

xine-lib: buffer overflows

Package(s):xine-lib CVE #(s):CAN-2004-1379
Created:September 22, 2004 Updated:April 10, 2006
Description: xine-lib (through version 1_rc6) contains buffer overflows in the subtitle parsing and DVD sub-picture decoder code.
Alerts:
Fedora-Legacy FLSA:152873 2006-04-04
Debian DSA-657-1 2005-01-25
Mandrake MDKSA-2004:105 2004-10-06
Slackware SSA:2004-266-04 2004-09-22
Gentoo 200409-30 2004-09-22

Comments (none posted)

xine-ui - insecure temporary file creation

Package(s):xine-ui CVE #(s):CAN-2004-0372
Created:April 6, 2004 Updated:April 27, 2006
Description: Shaun Colley discovered a problem in xine-ui, the xine video player user interface. A script contained in the package to possibly remedy a problem or report a bug does not create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking xine.
Alerts:
Gentoo 200404-20 2004-04-27
Slackware SSA:2004-111-01 2004-04-20
Mandrake MDKSA-2004:033 2004-04-19
Debian DSA-477-1 2004-04-06

Comments (none posted)

xloadimage: buffer overflows

Package(s):xloadimage CVE #(s):CAN-2005-3178
Created:October 10, 2005 Updated:May 15, 2006
Description: Three buffer overflows were discovered in xloadimage when handling the image title name. A malicious user can construct a NIFF file that when viewed and processed (with either zoom, reduce or rotate) by xloadimage, will cause the program to overwrite the return address and execute arbitrary code.
Alerts:
Fedora-Legacy FLSA:152923 2006-05-12
Gentoo 200510-26 2005-10-30
Mandriva MDKSA-2005:192 2005-10-20
Red Hat RHSA-2005:802-01 2005-10-18
Debian DSA-859-1 2005-10-10
Debian DSA-858-1 2005-10-10
Fedora FEDORA-2005-981 2005-10-10

Comments (none posted)

xorg-x11: heap overflow

Package(s):xorg-x11 CVE #(s):CAN-2005-2495
Created:September 12, 2005 Updated:March 8, 2006
Description: The pixmap memory allocation code in the X.Org X window system is vulnerable to an integer overflow, a local user can use this to execute arbitrary code with elevated privileges.
Alerts:
Fedora-Legacy FLSA:168264-2 2006-03-07
Slackware SSA:2005-269-02 2005-09-26
SuSE SUSE-SA:2005:056 2005-09-26
Debian DSA-816-1 2005-09-19
Fedora FEDORA-2005-894 2005-09-16
Fedora FEDORA-2005-893 2005-09-16
Trustix TSLSA-2005-0049 2005-09-16
Red Hat RHSA-2005:501-01 2005-09-15
Mandriva MDKSA-2005:164 2005-09-13
Red Hat RHSA-2005:396-01 2005-09-13
Red Hat RHSA-2005:329-01 2005-09-12
Ubuntu USN-182-1 2005-09-12
Gentoo 200509-07 2005-09-12

Comments (none posted)

xpdf: buffer overflow

Package(s):xpdf CVE #(s):CAN-2005-0064
Created:January 19, 2005 Updated:March 15, 2007
Description: iDEFENSE has found yet another xpdf buffer overflow; see this advisory for details.
Alerts:
Fedora FEDORA-2007-1219 2007-03-14
Gentoo 200506-06 2005-06-09
Red Hat RHSA-2005:026-01 2005-03-16
Red Hat RHSA-2005:066-01 2005-02-15
Red Hat RHSA-2005:057-01 2005-02-15
Red Hat RHSA-2005:053-01 2005-02-15
Red Hat RHSA-2005:034-01 2005-02-15
Fedora-Legacy FLSA:2353 2005-02-10
Fedora-Legacy FLSA:2352 2005-02-10
Gentoo 200502-10 2005-02-09
Red Hat RHSA-2005:049-01 2005-02-01
SuSE SUSE-SR:2005:002 2005-01-26
Red Hat RHSA-2005:059-01 2005-01-26
Mandrake MDKSA-2005:020 2005-01-25
Mandrake MDKSA-2005:019 2005-01-25
Mandrake MDKSA-2005:016 2005-01-25
Mandrake MDKSA-2005:021 2005-01-25
Mandrake MDKSA-2005:018 2005-01-25
Mandrake MDKSA-2005:017 2005-01-25
Fedora FEDORA-2005-061 2005-01-25
Fedora FEDORA-2005-062 2005-01-25
Fedora FEDORA-2005-059 2005-01-25
Fedora FEDORA-2005-060 2005-01-25
Conectiva CLA-2005:921 2005-01-25
Fedora FEDORA-2004-049 2005-01-24
Fedora FEDORA-2004-048 2005-01-24
Gentoo 200501-32 2005-01-23
Gentoo 200501-31 2005-01-23
Gentoo 200501-30 2005-01-22
Gentoo 200501-28 2005-01-21
Fedora FEDORA-2005-052 2005-01-20
Fedora FEDORA-2005-051 2005-01-20
Ubuntu USN-64-1 2005-01-19
Debian DSA-645-1 2005-01-19
Debian DSA-648-1 2005-01-19

Comments (1 posted)

xpdf: heap overflows

Package(s):xpdf gpdf kpdf poppler CVE #(s):CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627
Created:January 11, 2006 Updated:March 10, 2006
Description: Xpdf, the associated poppler library, and other applications using that library are susceptible to a new set of buffer overflows discovered by Chris Evans and infamous41md. These overflows could be exploited, via a malicious PDF file, to execute arbitrary code on the target system.
Alerts:
Fedora-Legacy FLSA:176751 2006-03-07
Mandriva MDKSA-2006:030 2006-02-02
Debian DSA-962-1 2006-02-01
Debian DSA-961-1 2006-02-01
Gentoo 200601-17 2006-01-30
Debian-Testing DTSA-28-1 2005-01-25
Debian DSA-950-1 2006-01-23
Trustix TSLSA-2006-0002 2006-01-13
Debian DSA-940-1 2006-01-13
Mandriva MDKSA-2006:012 2006-01-12
Fedora FEDORA-2005-028 2006-01-12
Fedora FEDORA-2005-029 2006-01-12
Debian DSA-938-1 2006-01-12
Debian DSA-937-1 2006-01-12
SuSE SUSE-SA:2006:001 2006-01-11
Red Hat RHSA-2006:0177-01 2006-01-11
Red Hat RHSA-2006:0163-01 2006-01-11
Mandriva MDKSA-2006:011 2006-01-10
Mandriva MDKSA-2006:010 2006-01-10
Debian DSA-936-1 2006-01-11

Comments (none posted)

xpdf: denial of service

Package(s):xpdf kpdf CVE #(s):CAN-2005-2097
Created:August 9, 2005 Updated:August 2, 2006
Description: A flaw was discovered in Xpdf in that could allow an attacker to construct a carefully crafted PDF file that would cause Xpdf to consume all available disk space in /tmp when opened.
Alerts:
Debian DSA-1136-1 2006-08-02
Mandriva MDKSA-2005:138-1 2005-09-19
Debian DSA-780-1 2005-08-22
SuSE SUSE-SR:2005:019 2005-08-19
Fedora FEDORA-2005-732 2005-08-17
Fedora FEDORA-2005-733 2005-08-17
Gentoo 200508-08 2005-08-16
Fedora FEDORA-2005-730 2005-08-15
Fedora FEDORA-2005-729 2005-08-15
Mandriva MDKSA-2005:136 2005-08-11
Mandriva MDKSA-2005:135 2005-08-11
Mandriva MDKSA-2005:134 2005-08-11
Mandriva MDKSA-2005:138 2005-08-11
Red Hat RHSA-2005:708-01 2005-08-10
Red Hat RHSA-2005:706-01 2005-08-09
Red Hat RHSA-2005:671-01 2005-08-09
Red Hat RHSA-2005:670-01 2005-08-09
Ubuntu USN-163-1 2005-08-09

Comments (none posted)

xpdf: integer overflows

Package(s):xpdf, poppler, cupsys, tetex-bin CVE #(s):CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627
Created:January 5, 2006 Updated:November 30, 2006
Description: xpdf has a number of integer overflows. A remote attacker can trick a user into opening a maliciously crafted pdf file, allowing the attacker to execute code with the privileges of the local user. This also affects the Poppler library, cupsys and tetex-bin.
Alerts:
Fedora FEDORA-2006-1220 2006-11-30
Debian DSA-932-1 2006-01-09
Debian DSA-931-1 2006-01-09
Ubuntu USN-236-2 2006-01-09
Mandriva MDKSA-2006:008 2006-01-06
Mandriva MDKSA-2006:006 2006-01-05
Mandriva MDKSA-2006:005 2006-01-05
Mandriva MDKSA-2006:004 2006-01-05
Mandriva MDKSA-2006:003 2006-01-05
Ubuntu USN-236-1 2006-01-05

Comments (none posted)

zlib: buffer overflow

Package(s):zlib CVE #(s):CAN-2005-1849
Created:July 21, 2005 Updated:April 11, 2006
Description: zlib has a vulnerability that can cause code that executes it to crash if a corrupted file is opened.
Alerts:
Mandriva MDKSA-2006:070 2006-04-10
Debian DSA-1026-1 2006-04-06
Gentoo 200603-18 2006-03-21
Ubuntu USN-151-4 2005-11-09
Ubuntu USN-151-3 2005-10-28
Fedora-Legacy FLSA:162680 2005-09-14
Debian DSA-797-1 2005-09-01
Gentoo 200508-01 2005-08-01
Gentoo 200507-28 2005-07-30
SuSE SUSE-SA:2005:043 2005-07-28
OpenPKG OpenPKG-SA-2005.014 2005-07-28
Mandriva MDKSA-2005:124 2005-07-22
Slackware SSA:2005-203-03 2005-07-23
Ubuntu USN-151-2 2005-07-22
Fedora FEDORA-2005-626 2005-07-22
Fedora FEDORA-2005-625 2005-07-22
Gentoo 200507-19 2005-07-22
Red Hat RHSA-2005:584-01 2005-07-21
Ubuntu USN-151-1 2005-07-21
Debian DSA-763-1 2005-07-20

Comments (none posted)

Page editor: Jonathan Corbet

Kernel development

Brief items

Kernel release status

The current 2.6 prepatch is 2.6.16-rc5, released on February 26. Says Linus: "There's not much to say about this: people have been pretty good, and it's just a random collection of fixes in various random areas." Details can be found in the long-format changelog.

The mainline git repository contains, as of this writing, several dozen fixes merged since -rc5 was released.

The current -mm tree is 2.6.15-rc5-mm1. Recent changes to -mm include a relayfs API change, a new set of notifier patches, a big rework of the /proc code, and the return of the swap prefetching patch.

Comments (none posted)

Kernel development news

Quote of the week

It's not funny anymore. The current rate at which new GPL violations get reported and/or discovered, especially from the appliance/embedded market is really alarming.

For example, I haven't yet seen a single linux-based NAS product that was even remotely license compliant when first analyzing it. And I'm not only talking about the SoHo NAS boxes with one or two hard disk drives, but even about enterprise storage systems.

-- Harald Welte

Comments (11 posted)

A bowtie on the OSDL board

Last month, Greg Kroah-Hartman announced that OSDL had accepted a set of recommendations aimed at improving its relations with the kernel development community. One of those recommendations was naming a kernel developer to the OSDL board of directors. OSDL has now followed through by announcing (click below for the press release) that SCSI subsystem maintainer James Bottomley will be joining the board.

Full Story (comments: 6)

ABI stability documentation

Last week's Kernel Page looked at the stability of the user-space interface, especially regarding areas like sysfs, which are not always regarded as being part of the kernel ABI. This week, Greg Kroah-Hartman has made an attempt to make the issue more evident through a set of ABI stability documents. Included in his patch is a proposal for a different way of looking at ABI stability issues.

Linus has, in the recent past, taken a hard line on changes interfaces to user-space:

If you cannot maintain a stable kernel interface, then you damn well should not send your patches in for inclusion in the standard kernel. Keep your own "HAL-unstable" kernel and ask people to test it there.

It really is that easy. Once a system call or other kernel interface goes into the standard kernel, it stays that way. It doesn't get switched around to break user space.

Greg, has, instead, taken the approach that not all kernel interfaces should be seen as stable from the outset. So he has proposed five different classifications for ABI stability:

  • Stable. Interfaces classified as stable will not break "for at least two years," and probably quite a bit longer. The Linux system call interface is classified in this way.

  • Testing. A "testing" interface is one which has been through most of the development process. It is not expected to change, but, that notwithstanding, the possibility of an incompatible change before the interface becomes "stable" does exist. This is the time for user-space programs to begin to make real use of the interface, but user-space developers need to pay attention to what is happening on the kernel side. The sysfs files under /sys/class have been designated as having a "testing" level of stability by Greg's documentation.

  • Unstable. This classification is for relatively new interfaces which are expected to change as problems in the initial implementation become clear. Sysfs files under /sys/devices are classified as "unstable."

  • Private. This class describes interfaces which are intended to be hidden behind a user-space library and which should not be used directly by applications. The ALSA sound system is an example of a "private" interface.

  • Obsolete marks interfaces which are destined to be removed, and which should not be used at all. Few long-timer observers will be surprised to see that Greg marked devfs as being obsolete.

Linus doesn't like the unstable and private classifications, calling them "excuses for bad habits." But it is true that inclusion in the mainline can stress an interface in surprising ways, leading to a need for changes. Interface design is hard, even if you don't have to get everything right the first time. So it may make some sense to allow unstable interfaces into the kernel for a short while - as long as they are clearly documented as such. Thus far, there has been no way to warn developers that a certain interface, perhaps, shouldn't be relied upon quite yet.

The notion of private interfaces looks harder to justify. There has been some talk of shipping user-space libraries for private interfaces with the kernel, just to help ensure that the whole package provides a stable application interface for any release. That seems like a fairly unlikely change, however, at least for big interfaces like ALSA.

Changes will likely be made (this scheme might be classified "unstable" at this point), but it seems probable that it will, in some form, be adopted. That can only be a good thing for people interested in a stable user-space interface; once the expectations have been reasonably well documented, it will be easier to live up to them.

Comments (2 posted)

Some patches of interest

There's a few patches in circulation which merit a quick look.

What if you could improve kernel performance by 10% without writing any code? Arjan van de Ven has posted a patch which, he says, does just that - at least, for some specific benchmarks. This patch uses an obscure gcc option which causes the compiler to put every function into its own ELF section. Then, the linker is instructed to arrange those functions into a specific order in the final executable.

A typical, current x86-64 kernel (the architecture Arjan has been working with) fills on the order of 4MB of memory. The kernel uses large pages to hold its text, but a kernel of that size will still require at least two translation buffer (TLB) entries to cover its entire code body. But some kernel functions are used more heavily than others; much of the code in the kernel - error handling, for example - never gets run at all if you are lucky. So, if all of the regularly-used functions are moved to the beginning of the kernel image, the kernel should be able to operate with a single TLB entry for its text - most of the time. TLB entries are important: if an address is found in the TLB, the processor can avoid looking it up in the page tables, speeding access significantly. They are also scarce. So allowing the kernel to operate within a single TLB entry makes a big difference.

There are some details to work out yet. Optimizing TLB use will require that the kernel be loaded at a TLB-aligned address, which is not currently done on many architectures. There is another part of Arjan's patch which, using another gcc option, can move blocks marked with unlikely() into a separate section. Since this option can expand the code, require long-distance jumps within functions, and make stack backtraces hard to read, it is not yet clear whether it makes sense or not. Then, there is the issue of ordering the functions properly. That task will require looking at a lot of kernel profiles to be sure that some workloads won't be optimized at the expense of others. But, once these issues are taken care of, a reorganized and faster kernel will likely result.

On another front: it is generally easy to see, on a Linux system, what resources a given process is using. What's harder to find out is what the process is not using because the resources are not available. As a way of giving more visibility to that side of the equation, Shailabh Nagar has been working on a set of task delay accounting patches. This facility is intended for use with large-scale load management applications, but the information may be useful in other contexts as well.

This patch adds a new structure (struct task_delay_info) which is attached to the task structure. It contains a lock, a couple of timestamp variables, and sets of delay counters. Whenever a process goes into a delayed state (meaning, currently, waiting on a run queue, performing synchronous block I/O, or waiting for a page fault), the time is noted. At the end of the delay, when the process can run again, the system notes how much time has passed and updates a counter in the task_delay_info structure. Thus, over time, one can get a picture of how much time the process has spent waiting for things when it would have rather been executing.

Perhaps the most complicated part of the patch set is the netlink interface used to report delay statistics back to user space. This interface has been carefully written to be as generic as possible on the theory that it may eventually be used for other sorts of process-related reporting as well. There has been a request that some of this information, at least, also be made available through /proc, so that it could be easily displayed by tools like top.

Finally, those who worked with kernel modules in 2.4 and prior kernels will remember the MODULE_PARM() macro, used to define load-time parameters. This macro has been deprecated since 2004, but there are still a few hundred uses of MODULE_PARM() spread across several dozen files in the 2.6.16-rc kernels. These old uses came to attention recently when gcc started optimizing them out. Given the choice between making the old macro work with current gcc and simply getting rid of it, Rusty Russell chose to get rid of it. This patch has not yet been merged anywhere, but it seems uncontroversial. If there are any out-of-tree modules still using MODULE_PARM(), updating them soon might be a good idea.

Comments (9 posted)

The ipw3945 project

While there are a number of hopeful developments around the support of wireless network cards in Linux, that support remains one of the larger roadblocks for many users. It is thus always a welcome thing when a major manufacturer announces Linux support - and the beginnings of a working driver - for their products. So when Intel recently announced a project to support its 3945ABG wireless adapters, there was a certain amount of celebration. There was also come criticism, however, which highlights an ongoing issue with wireless support under Linux.

The ipw3945 project currently has a developer release of the driver, with a stable version expected within a few weeks. This release supports all of the basic features one would expect, with some additional features (quality of service, for example) "not officially supported." It should, in other words, be enough to allow use of the device.

It would seem that there is little to complain about here. But there is this little paragraph from the announcement:

In order to meet the requirements of all geographies into which our adapters ship (over 100 countries) we have placed the regulatory enforcement logic into a user space daemon that we provide as a binary under the same license agreement as the microcode. We provide that binary pre-compiled as both a 32-bit and 64-bit application. The daemon utilizes a sysfs interface exposed by the driver in order to communicate with the hardware and configure the required regulatory parameters.

The requirement for a binary-only blob brought out some concerns from developers who think that the regulatory-agency requirement has been overblown, and that it is not actually necessary to lock down the code in this way. Others disagree, noting that regulations in many parts of the world are quite strict with regard to allowing any user modification of hardware which can transmit. It is probably true that, in order to be able to offer this product in many parts of the world, Intel must lock down much of this logic in binary-only code.

Given that, however, Intel has chosen an interesting way to go about it. The closed code is not part of the driver itself; it is a daemon which runs entirely in user space. The driver itself is fully free software. So there is no non-free code going into the kernel, which is surely a step in the right direction.

The regulatory daemon controls the hardware by way of a special file exported through sysfs. The driver then interprets those commands - which enable or disable specific channels, set maximum power values, and so on - and programs the hardware accordingly. A quick look at the (15,000-line) driver source is sufficient to find the code which actually controls the transmitter's parameters.

So, in other words, this arrangement has not actually locked down much of anything. The daemon comes with the usual "thou shalt not reverse engineer" provisions, but there are people in parts of the world who can safely ignore that requirement. It would seem that little work beyond running the daemon under strace would be required. It might also be possible to write a replacement just by studying the driver code, without looking at the Intel-supplied daemon at all. One way or another, it seems likely that a free replacement for the regulatory daemon will come along, sooner or (not much) later.

Comments (15 posted)

Patches and updates

Kernel trees

Build system

Core kernel code

Development tools

  • Junio C Hamano: GIT 1.2.3. (February 23, 2006)

Device drivers

Documentation

Filesystems and block I/O

Janitorial

Memory management

Architecture-specific

Security-related

Miscellaneous

Page editor: Jonathan Corbet

Distributions

News and Editorials

Solaris Express - A review

February 28, 2006

This article was contributed by Ravi Kumar

Solaris Express is the latest version of SunOS, which draws its roots from BSD 4.1. In fact Solaris Express is actually "SunOS release 5.11 version snv_27." Over the years Sun Microsystems has put in a great deal of work building on the original Unix code base by introducing more features as well as improving the overall security of the operating system. Until a few years back, Solaris enjoyed a major share of the commercial Unix market with many enterprises opting to run it on their servers. But the popularity of GNU/Linux gradually started eating up the market share of most Unix flavors, including Solaris. Last year, with an eye on regaining the lost ground, Sun finally opened up the code of Solaris and released it as OpenSolaris under Sun's Common Development and Distribution License (CDDL).

Solaris Express is the developmental version of Solaris built using the OpenSolaris code and has a release cycle of 6 months. The most recent version is 1/06; it is made available for free download but Sun provides technical support for an annual subscription fee of $99 which allows one to use it in a commercial setup. Solaris Express is released for both Intel and Sparc platforms.

Installation details

I have been using Sun Solaris for the past year but it was only recently that I decided to download and try out the latest developmental version. I downloaded all five CD images from their website with an aim of installing the OS on my PC. Out of the five CDs, the first one is the installation CD, the 2nd, 3rd and 4th contain the software and the last CD contains the multi-language pack.

You can install Solaris using either the GUI installer or the text installer. The computer on which I was installing Solaris was a Pentium IV 2.0 GHz, 256 MB DDR RAM PC. For using the GUI installer though, the minimum requirement is 350 MB RAM. I suspect this high memory usage could be because the GUI installer has been created using the Java language. Keeping these constraints in mind, I opted for the text installation method.

The first job of the installer is to collect system information, such as the choice of language, whether to use services like LDAP, NIS, or Kerberos authentication, the date and time settings, networking, root password and so on. After this, you are provided with two choices of installation. Them being :

  1. Standard - which allows one to choose between initial install and an upgrade and
  2. Flash - Which installs from one or more flash archives.

I chose the standard installation and, after the obligatory license agreement, I was provided the option of installing additional software. In fact, you can opt to install the full Solaris 10 documentation, a set of early access software, the Java Enterprise System and publicly available tools and utilities which will complement the Solaris environment. I was also given the choice of installing all the software or a subset of it targeted at different user groups like developers, end-users or a bare bones networking core installation tailored for gateways.

Solaris Express insists on being installed on a primary partition and it takes up space of around 4.4 GB to install the entire distribution including the OEM support. But, as noted above, the user is given the choice of installing just a subset of the packages, in which case the space utilized will be less. I already had a primary partition lying vacant and so I did not have to go through the hassle of repartitioning my hard disk. That said, the fdisk utility which the installer provides to partition one's hard disk is quite easy to use.

Once the partitioning has been completed, the copying of system files takes place and then the system is rebooted. Solaris Express automatically detected the Windows XP OS on my machine and accordingly configured and installed the GRUB boot loader. It failed to recognize the Linux and FreeBSD systems installed in other partitions on my hard disk though.

Solaris Express is foremost an operating system designed to be used as a server system. Sun has, however, tried to make it more user friendly on the desktop by bundling the Java Desktop System, which is based on GNOME but with a layer of Java underneath. The Java Desktop System is really slick and is a pleasure to use. It contains almost all the GUI tools and software that come with GNOME 2.6 as well as a few others like Star Office 7 and system configuration tools like the Java Desktop System Configuration Manager, which provides user settings as well as the ability to lock down user desktop systems. I really liked the Sun Control Station which is a GUI tool for such jobs as software updating, resolving dependencies and monitoring the health of the system just to name a few.

Unique strengths of Solaris Some of the advantages of Solaris Express over its predecessors (Solaris 9 and down) are as follows:
  • Solaris comes bundled with DTrace - a tool kit which can be used to tune the performance of processes running on the system. The language that DTrace uses, named "D," has a lot of similarities with C/C++. Using DTrace, one can monitor over 32,000 points of instrumentation (also called probes) which give feed back useful for tracking down problems.
  • Another area where Solaris excels is in the power and sophistication of its security features. They are:

    • RBAC (Role Based Access Control) - Administrators use RBAC to delegate limited authority to a subset of users. Central to RBAC is what is called a role. A role is similar to a user in that it has a user ID, a password, and even a home directory. Roles also have associations to specific tasks or capabilities assigned to them. A user that is authorized to assume a role simply switches to that role using the 'su' command just as they would traditionally switch user to root. While Linux has sudo to achieve similar goals, RBAC has a distinct advantage in that it is fully integrated into Solaris.
    • Process Right Management - The administrators can grant individual processes only the privileges they need to perform the work assigned to them using this tool.
    • System partitioning using containers - Containers have been long touted as a principal advantage Solaris has over Linux. Though the gap is closing quickly with the development of virtualization technologies like User-mode Linux and Xen. But containers are well integrated in Solaris and are said to have superior performance and resource efficiency over virtual machines, which require an entirely separate instance of the operating system for each virtual unit. For example, you can run your DNS, LDAP and other servers in separate containers, all acting as independent systems. And since each container can have its own IP address, it opens up endless possibilities for the administrator.
Drawbacks of Solaris

If those are the strengths of Solaris, then it has its own set of drawbacks too. I found the memory requirements for using the graphical installer of Solaris Express quite high when compared with those of Red Hat or SuSE. The hardware compatibility is some thing which needs to be improved and, even though it detected most of the devices on my Intel machine, its hardware support is nowhere near that supported by Linux. No doubt, Solaris has a lot of strengths as a server system, but it needs to improve on the variety of hardware support and bring down the minimum memory requirements for using the graphical installer

Comments (5 posted)

New Releases

Gentoo Linux 2006.0

The first Gentoo Linux in the 2006 series has been released. "Major highlights in the release include KDE 3.4.3, GNOME 2.12.2, XFCE 4.2.2, GCC 3.4.4 and a 2.6.15 kernel. This is also the first release with the Gentoo Linux Installer officially debuting on the x86 LiveCD, which will fully replace the Universal and PackageCD set. The LiveCD also features a fully-fledged Gnome environment. Later releases will include KDE support as well as a new LiveDVD." Plus improvements across many architectures including PPC64, PPC, EM64T, Alpha and SPARC.

Comments (none posted)

Mandriva Linux One 2006

A beta version of Mandriva Linux One 2006.0 is available. This is a live CD with a complete Mandriva Linux system that can be installed to hard drive or run from the CD. Update: a new beta was released March 1.

Full Story (comments: none)

Updated Kubuntu 5.10 LiveCd 5.10-060216

A Kubuntu 5.10 LiveCD with the latest KDE is available.

Full Story (comments: none)

NexentaOS (elatte) Alpha 3 released

NexentaOS, a GNU/Solaris distribution, has released a third alpha release. This release includes OpenOffice 2.0, and lots more.

Full Story (comments: none)

SUSE Linux 10.1 Beta5 is ready

SUSE Linux 10.1 Codename "Agama Lizard" Beta5 is out. "Beta5 is still for the adventurous experts and not for anybody without a good Linux experience."

Full Story (comments: none)

Distribution News

Debian Project Leader Election 2006

The nomination period is at an end, with seven candidates standing forth to be counted. Jeroen van Wolffelaar, Ari Pollak, Steve McIntyre, Anthony Towns, Andreas Schuldei, Jonathan Walther and Bill Allombert will be campaigning for the position of Debian Project Leader.

Full Story (comments: none)

Mandriva 2006 to offer built-in online music service feature through Mindawn

Mandriva and The Kompany have announced a partnership to include Mindawn, an open platform for digital content, with Mandriva Linux 2006.

Full Story (comments: none)

Ubuntu-Women mailing list

The creation of the Ubuntu-Women mailing list has been announced (click below). "This list is meant for all Ubuntu users, volunteers, developers and for those who wish to involve more women in the Ubuntu community."

Full Story (comments: none)

Ubuntu-be, the Belgian Ubuntu Community

Belgian Ubuntu users have announced the creation of Ubuntu-be, a community devoted to spreading Ubuntu in and around Belgium.

Full Story (comments: none)

FUDCon Delhi 2006

FUDCon Delhi 2006 was held February 9, 2006. The website now has the presentations, reports and pictures available.

Comments (none posted)

Distribution Newsletters

Debian Weekly News

The Debian Weekly News for February 22, 2006 covers the Martus project, Etch beta1 has broken installation media, a device driver test page, the Debian Live Initiative, team maintenance for Debian packages, and more.

Full Story (comments: none)

Debian Weekly News

The Debian Weekly News for February 28, 2006 is out, with a look at the GFDL Position Statement call for votes, DPL nominations, the mirror split implementation, the inclusion of AMD64 architecture, weekly polls and social pressure, non-maintainer upload policy, and several other topics.

Full Story (comments: none)

Fedora Weekly News Issue 35

This week the Fedora Weekly News has articles on Announcing Fedora Core 5 Test 3, Attention: Proprietary video driver users, FUDCon Delhi 2006 Report, FOSDEM 2006 Report, Nrpms.net ReadMe, Review: Fedora Core 5 Benchmarks, Red Hat offers Linux eye candy alternative, and more.

Comments (none posted)

Gentoo Weekly Newsletter

The Gentoo Weekly Newsletter for February 27, 2006 covers the release of Gentoo Linux 2006.0, a FOSDEM report, the 3rd European Gentoo Developer Meeting, request for help on Bugday, Gentoo on display in Chemnitz again, and several other topics.

Comments (none posted)

DistroWatch Weekly, Issue 140

The DistroWatch Weekly for February 27, 2006 is out. "Written entirely by Robert Storey, this week's issue looks ahead at the upcoming 64-bit Mini-ITX processors, passes on a link to a freely downloadable copy of The Complete FreeBSD, and investigates "bcrypt" and "dm-crypt", the much-loved encryption utilities for the paranoid. In the first looks section, Robert investigates the newest OpenBSD-based live CDs - OliveBSD."

Comments (none posted)

Package updates

Fedora updates

Updates for Fedora Core 4: gnbd-kernel (updated GFS & Cluster Suite packages for kernel-2.6.15-1.1831_FC4), cman-kernel (updated GFS & Cluster Suite packages for kernel-2.6.15-1.1831_FC4), dlm-kernel (updated GFS & Cluster Suite packages for kernel-2.6.15-1.1831_FC4), GFS-kernel (updated GFS & Cluster Suite packages for kernel-2.6.15-1.1831_FC4), module-init-tools (minor fixes), udev (bug fixes), gnupg (fix a keyring read error), gawk (bug fix), util-linux (bug fix).

Comments (none posted)

Slackware updates

This week's Slackware changelog (click below) shows additional official patches to bash, updates to util-linux, linux-faqs, linux-howtos and samba. During the xfsprogs update acl, attr and xfsdump were split out and upgraded separately. Also bind has been modified to use rndc.

Full Story (comments: none)

Trustix updates

Trustix Secure Linux has fixed various bugs in bind, iptables, kernel, logrotate, mc, opencdk, openssh, smartmontools and the kernel.

Comments (none posted)

Newsletters and articles of interest

Linux distros for older hardware (Linux.com)

Joe 'Zonker' Brockmeier tests several Linux distributions on an old, under-powered Pentium II PC. "It's worth mentioning that Linux is also a great option for putting old non-x86 hardware to use. I have a few old Sun UltraSPARC 10 machines with 256MB of RAM that run Debian Linux just fine. I also have an old, green iMac that runs Debian and other PowerPC distros well enough -- but Windows isn't an option for those machines at all. If you want to make the best of old hardware, processor speed is much less important than RAM for Linux. If you can't afford a new machine, but can afford to max out your RAM, you'll see much better performance. I wouldn't recommend running a Linux desktop with less than 64MB of RAM, and 128MB is enough for most applications."

Comments (32 posted)

Distribution reviews

More Power to Gentoo Linux (internetnews.com)

Internetnews.com takes a quick look at Gentoo 2006.0. "IBM spokesperson John E. Charlson confirmed that IBM provided the Gentoo.org team with a POWER5 Open Power 720, which is hosted by the Oregon State University Open Source Lab, osuosl.org. Charlson noted that IBM has also worked with Gentoo to provide discounts to a couple key PPC maintainers on 970-based (64-bit) Apple Quads. Charlson also explained how IBM sees Gentoo is optimized for POWER5. According to Charlson, Gentoo creates "stages" that are downloaded as source by the user to be run on a particular architecture. These stages are then compiled on the users box."

Comments (none posted)

64 Studio: Building a native 64-bit creative distribution (Free Software Magazine)

Free Software Magazine covers the 64 Studio distribution, which includes many audio applications. "Most of the packages in 64 Studio come from the unofficial Pure 64 port of Debian testing, with some from Ubuntu, some from DeMuDi and some custom built. A more obvious choice might be Red Hat, given that many of the high end (which is to say expensive) proprietary tools used in Hollywood studios and elsewhere are sold as binary-only Red Hat packages. However, the split between Red Hat Enterprise and Fedora Core presents serious problems for any derived distribution. You could rebuild Red Hat Enterprise from source as long as you removed all Red Hat trademarks, but that's a lot of extra work -- and you'd have to follow Red Hat's agenda for its distribution, which you couldn't have any input to."

Comments (none posted)

My desktop OS: SUSE 10.0 (NewsForge)

NewsForge hears from a SUSE fan. "I'm a student, and I use my computer mainly for word processing, surfing the Internet, listening to music, and watching videos. I am also a musician, and have set up a small home studio around my computer. For years I used Windows, but I wasn't happy with the software or Microsoft's marketing strategies. After moving to SUSE 10.0, I am quite satisfied."

Comments (none posted)

Page editor: Rebecca Sobol

Development

Introducing DVD-R Tools

The DVD-R Tools project has been formed by Bernhard Rosenkraenzer to fill a void in the Linux DVD authoring landscape:

dvdrtools is a fork of cdrtools, with the primary goals of remaining 100% Free Software (dvdrtools is a fork of the last version of cdrtools without any "you are not allowed to modify this section" comments), and adding support for DVD-R/DVD-RW drives and media.
[DVD-R Tools]

For a bit of history on issues surrounding the cdrecord code, see, for example, some comments about that code's author (Jörg Schilling) by Danny O'Brien in his To Evil! column, and a comment from Linus Torvalds regarding cdrecord and SCSI device numbering issues. In a classic open-source software move, the solution for dealing with personality issues involving the author of some extremely useful code was to fork the project and move on.

Version 0.3.1 of DVD-R Tools and the associated dvdrecord utility was announced on February 25, the description further clarifies the goals of the project:

It is a fork of cdrtools that (as the name indicates) adds support for writing to DVD-R and DVD-RW disks using purely Free Software, that tries to do things the Linux way ("dvdrecord dev=/dev/cdrom whatever.iso") without suggesting to use 2.4 kernels or even other operating systems, uses a standard make system, is maintained in a public svn repository, and does away with a lot of the libc functionality-clones found in cdrtools.

The NEWS file from the software distribution details the progress that has been made since the project's inception. The code is available for download here.

The DVD-R Tools project aims to clean up the cdrecord code, remove support for obsolete compilers, remove duplication of code and in general, produce a more typical open-source software collection. Instead of the typical "standing on the shoulders of giants" concept, this code fork adds ".. in order to to grab the bottom rung of a new ladder".

Comments (6 posted)

System Applications

Clusters and Grids

Linux Cluster Manager 2.21-1 Released (SourceForge)

Version 2.21-1 of Linux Cluster Manager is out with a number of new features. "LCM is a graphical tool for monitoring and managing multiple Linux systems from a central location. Features include real time monitoring and status information, remote command execution, and a range of imaging features."

Comments (none posted)

Database Software

PostgreSQL Weekly News

The February 26, 2006 edition of the PostgreSQL Weekly News is online with the latest PostgreSQL database articles and resources.

Full Story (comments: none)

Interoperability

Samba 3.0.21c available

Version 3.0.21c of Samba has been released. "This is the latest stable release of Samba. This is the version that production Samba servers should be running for all current bug-fixes."

Full Story (comments: none)

LDAP Software

LAT 1.0 released

Version 1.0 of LAT, the LDAP Administration Tool, has been released. This is a stable release, an unstable development branch has been created.

Full Story (comments: none)

Libraries

CILib 0.5.3 Released (SourceForge)

Version 0.5.3 of CILib is available. "CILib is a framework for developing Computational Intelligence software in swarm intelligence, evolutionary computing, neural networks, artificial immune systems, fuzzy logic and robotics. This version includes dataset support for all problems, if required, as well as the new skeleton framework for niching algorithms. The packages within the source tree have been refactored and renamed to conform to specifications. Many bug fixes and feature additions have been completed."

Comments (none posted)

Networking Tools

Help Network Clients Help Themselves

M. Tim Jones discusses SLP on IBM developerWorks. "The Service Location Protocol (SLP) is an Internet Standard RFC and software framework that allows networking applications to discover and configure network services. You can use SLP to develop zero-configuration applications and simplify administration of networked devices. This article introduces SLP and its architecture, and then demonstrates the protocol's use with an open source implementation."

Comments (none posted)

Web Site Development

axoloTLS 0.93 released

Version 0.93 of axoloTLS has been announced. "axoloTLS is an embedded SSL library that comes with a small HTTPS server. The web server is around 50-60kB in size and comes complete with CGI capabilities."

Full Story (comments: 1)

Five 1.2.1 and 1.3.2 released

Two bug fix versions of Five have been announced. "Five is a Zope 2 product that allows you to integrate Zope 3 technologies into Zope 2, today. Among others, it allows you to use Zope 3 interfaces, ZCML-based configuration, adapters, browser pages (including skins, layers, and resources), automated add and edit forms based on schemas, object events, as well as Zope 3-style i18n message catalogs."

Comments (none posted)

mod_python 3.2.8 released

Version 3.2.8 of mod_python, the Apache Python language extension, is out with a security fix. See the online documentation for information on this version.

Comments (none posted)

Desktop Applications

Audio Applications

The grad_Boxster Mic-In-Room Simulator

The grad_Boxster microphone simulation project has been announced. "Announcing grad_Boxster for creating impulse response functions (IR's) for rectangular parallelepipeds --- for example concert halls modelled as giant boxes --- but using the *gradient* of the solution field projected on a direction specified by the user, similar to the operation of a pressure-gradient microphone --- in a room."

Full Story (comments: none)

Jokosher adds Cairo-based waveforms

Jokosher is a relatively new multi-track audio editor. "Jokosher is a multi-track non-linear audio editor with a prime focus on usability. It is developed in Python and is Open Source." The latest additions to the project include Cairo-based waveforms which brings smooth visualizations of audio data.

Comments (none posted)

Snd-ls V0.9.5.4 and Das_Watchdog V0.2.1 announced

A dual announcement for Snd-ls V0.9.5.4 and Das_Watchdog V0.2.1 has been made. Snd-ls is a distribution of the sound editor Snd and Das_Watchdog is a watchdog for the linux operating system.

Full Story (comments: none)

Desktop Environments

GARNOME 2.12.3.1 announced

Version 2.12.3.1 of GARNOME, the bleeding edge GNOME distribution, is out: "It includes updates and fixes after the GNOME 2.12.3 freeze, together with a host of third-party GNOME packages, Bindings and the Mono(tm) Platform -- this release irons out yet-more bugs, hopefully adds yet-more stability and ships with the latest and greatest stable releases."

Full Story (comments: none)

GNOME Software Announcements

The following new GNOME software has been announced this week: You can find more new GNOME software releases at gnomefiles.org.

Comments (none posted)

KDE Software Announcements

The following new KDE software has been announced this week: You can find more new KDE software releases at kde-apps.org.

Comments (none posted)

KDE partners with Catalan Government (KDE.News)

KDE.News covers a collaboration between the KDE Catalan l10n team and the Catalan Government. "It was announced on Tuesday that the KDE Catalan l10n team will work together with TERMCAT (Catalan link), the organisation that standarises new words, usually technology related, in the Catalan language."

Comments (none posted)

Q and A About The KDE Usability Project (KDE.News)

Celeste Lyn Paul answers some common questions about the KDE Usability Project on KDE.News. "The KDE Usability Project reports I posted last week received a lot of feedback. There were several motivations for posting the reports, and I think it was a success. They are a useful reference for developers and other usability specialists as well as provides a public appearance for what the project does. Some of the feedback included questions about the project and reports. So, as webmaster of usability.kde.org and a project representative, let me answer some of these questions for you."

Comments (none posted)

GUI Packages

pyFltk 1.1 announced

Version 1.1, the initial release of pyFltk, has been announced. "This is to announce the first official release of pyFltk-1.1, the Python bindings for the cross platform GUI toolkit fltk-1.1 This release candidate has been tested with fltk-1.1.7 and requires Python2.4. pyFltk is a lighweight, easy-to-use GUI toolkit for Python. It can be used where simplicity, speed, small footprint, and ease-of-use are important."

Comments (none posted)

Interoperability

Wine Weekly Newsletter

The February 26, 2006 edition of the Wine Weekly Newsletter is out with the latest coverage of the Wine project.

Comments (none posted)

Office Suites

OpenOffice.org build oob680.1.0 announced

Build oob680.1.0 of OpenOffice.org has been announced. It adds some new features, bug fixes, and build improvements.

Full Story (comments: none)

OpenOffice.org Newsletter

The February, 2006 edition of the OpenOffice.org Newsletter is online with the latest OpenOffice.org office suite developments.

Full Story (comments: none)

RSS Software

ROME in a Day: Parse and Publish Feeds in Java

Mark Woodman explores ROME in an O'Reilly XML.com article. "Knowing that RSS and Atom feeds are "just" XML, you might think that parsing and creating syndicated feeds in Java should be a snap. Pick any one type of RSS, and you might be right. Unfortunately, there are at least ten flavors of RSS and Atom out there: RSS 0.90, RSS 0.91 Netscape, RSS 0.91 Userland, RSS 0.92, RSS 0.93, RSS 0.94, RSS 1.0, RSS 2.0, Atom 0.3, and the newest addition to the bunch, Atom 1.0. Then there are all the namespace modules, like Dublin Core, Media, and so on. It's all messy enough to make a grown programmer cry. Wipe those tears, Java developers, and say hello to ROME."

Comments (none posted)

Web Browsers

Minutes of the Firefox Team Status Meeting (MozillaZine)

The minutes from the February 21, 2006 Firefox Team Status Meeting have been announced. "Issues discussed include Alpha 1 status, blockers, release requirements and status updates on Firefox 2 features."

Comments (none posted)

Minutes of the Firefox Team Status Meeting (MozillaZine)

The minutes from the February 28, 2006 Firefox team meeting have been announced. "Issues discussed include Alpha 1 status, blockers and status updates on Firefox 2 features."

Comments (none posted)

Languages and Tools

C

GCC 4.1.0 has been released

Version 4.1.0 of GCC, the GNU Compiler Collection, has been released. A recent GCC 4.1 Status Report has some preliminary information on the release, the GCC 4.1 Changes, New Features, and Fixes document has more information on the series.

Comments (2 posted)

Caml

Caml Weekly News

The February 21-28, 2006 edition of the Caml Weekly News is out with new Caml language articles.

Full Story (comments: none)

Java

Asynchronous Messaging Made Easy With Spring JMS (O'ReillyNet)

Srini Penchikala writes about SpringJMS on O'Reilly. "Java Messaging Service (JMS) requires a lot of work to set up sessions and manage messages, work that can distract you from your application-specific logic. The Spring framework's SpringJMS offers a simpler solution that keeps the JMS administration out of your face. Srini Penchikala takes a look."

Comments (none posted)

Lisp

SBCL 0.9.10 released

Version 0.9.10 of Steel Bank Common Lisp has been announced. "This version makes it possible to deliver standalone executables on some of the supported platforms, provides a new garbage collector, provides a larger dynamic heap size under Linux/PowerPC, and fixes some bugs."

Full Story (comments: none)

Perl

Advanced Subroutine Techniques (O'Reilly)

Rob Kinyon discusses advanced Perl subroutine techniques on O'Reilly. "In "Making Sense of Subroutines," I wrote about what subroutines are and why you want to use them. This article expands on that topic, discussing some of the more common techniques for subroutines to make them even more useful. Several of these techniques are advanced, but you can use each one by itself without understanding the others. Furthermore, not every technique is useful in every situation. As with all techniques, consider these as tools in your toolbox, not things you have to do every time you open your editor."

Comments (none posted)

PHP

PHP OpenID 0.9.2 Released

Version 0.9.2 of the PHP OpenID library has been announced. "JanRain, Inc. is proud to announce the release of our OpenID library for PHP! This release includes improved documentation, bugfixes, a reorganized package structure, improved example code, and many other improvements."

Full Story (comments: none)

Python

Dr. Dobb's Python-URL!

The February 27, 2006 edition of Dr. Dobb's Python-URL! is online with a new collection of Python article links.

Full Story (comments: none)

Tcl/Tk

Dr. Dobb's Tcl-URL!

The February 27, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.

Full Story (comments: none)

Build Tools

Prebuild 1.3.0 announced

Version 1.3.0 of Prebuild is out with support for several new targets and some bug fixes. "Prebuild is an XML-driven pre-build tool allowing developers to easily generate project or make files for major IDE's and .NET development tools including: Visual Studio 2005, Visual Studio 2003, Visual Studio 2002, SharpDevelop, MonoDevelop, and NAnt."

Full Story (comments: none)

IDEs

Integrating Ant with Eclipse, Part 2 (O'ReillyNet)

O'Reilly is running part two of a series on Integrating Ant with Eclipse. "It's one thing to be able to run Ant builds from within Eclipse, but the integration of the top Java build tool and IDE goes deeper than this. In this excerpt from Ant: The Definitive Guide, 2nd Edition, Steve Holzner shows how to customize your Ant/Eclipse integration."

Comments (none posted)

Page editor: Forrest Cook

Linux in the news

Recommended Reading

Free software? You can't just give it away (Times)

The Times Online has an article by Gervase Markham of the Mozilla Foundation, who recently had an interesting discussion with a British government official. "'I can't believe that your company would allow people to make money from something that you allow people to have free access to. Is this really the case?' she asked. 'If Mozilla permit the sale of copied versions of its software, it makes it virtually impossible for us, from a practical point of view, to enforce UK anti-piracy legislation, as it is difficult for us to give general advice to businesses over what is/is not permitted.'"

Comments (13 posted)

What Corporate Projects Should Learn from Open Source (O'ReillyNet)

O'ReillyNet looks into project management. "[It] is rare to find a corporate environment where the project team has anything approaching the level of planning, documentation, or review found in successful open source projects. For some reason, as soon as a budget and a deadline are involved, all of the lessons we've learned over the years and applied successfully to open source projects seem to fly out the window."

Comments (2 posted)

A survey of free font licenses (NewsForge)

Bruce Byfield presents a survey of free font licenses. "Suddenly, it's free font license time. The Bitstream Vera license, the starting point for most free font licenses, is several years old. In late January, SIL International's Non-Roman Script Initiative announced the SIL Open Font license. A new draft of the STIX License is due in March, with fonts scheduled to be released in beta in April and in final form in June. Each of these licenses has been developed in consultation with the free and open source software (FOSS) communities and strives to balance the philosophy of the communities with the concerns of font designers."

Comments (8 posted)

Trade Shows and Conferences

KDE at FOSDEM 2006 (KDE.News)

KDE.News takes a look at the Free and Open Source Software Developers' European Meeting (FOSDEM), with a focus on KDE developers. "Last weekend, the Free and Open Source Software Developers' European Meeting took place in Brussels. KDE was present there with a lot of developers, a devroom and several interesting talks. Among the speakers were Jonathan Riddell from the Kubuntu Distribution, Sebastian Kügler from the KDE's Marketing Working Group, Bart Coppens from the Krita development team and Raphael Langerhorst & Sander Koning from the KOffice teams."

Comments (none posted)

PyCon Day 2 coverage

Ted Leung covers day 2 of the PyCon Python conference in his blog. "As far as the new features of Python 2.5, Guido said that 2.5 will have the most new stuff in it since 2.2. There's a fair amount of stuff related to expanding the usefulness of generators for coroutines and for managing various kinds of resources."

Comments (none posted)

SCALE4x, Los Angeles 2006: Attack of the Corporate Coders? (FedoraNews)

Oisin Feeley covers the SCALE4x conference on FedoraNews. "But there was a dearth of strong voices advocating the importance of Freedom and Openness. A prevalent (although minority) voice was one of expedience and collusion with one of the main causes of the retarding of software development: proprietary hardware and software. This was expressed both by the first keynote speaker who confessed honestly that she didn't know the difference between free beer and free speech, and by Novell's beautiful demonstration of Xgl which is currently limited to proprietary nVidia hardware."

Comments (1 posted)

The SCO Problem

IBM vs. SCO: Now It's IBM's Turn (eWeek)

eWeek notes that IBM has filed a number of discovery motions in the SCO case. "For years, it's all been about what The SCO Group could discover about IBM, Linux and Unix. The shoe's on the other foot now, as the U.S. District Court in Utah has revealed that IBM has launched discovery motions against Microsoft, Sun Microsystems, Hewlett-Packard and BayStar Capital. In general, IBM is looking for detailed information about each company's recent dealings with SCO. This includes their financial relationships, and any access or use of Unix source code by their programmers."

Also, Groklaw examines a subpoena from IBM to Houlihan Valuation Advisers, a company that performed a secret evaluation of Caldera in 2001. "It's looking very bad for SCO."

Comments (8 posted)

SCO's Motion to Depose Denied (Groklaw)

Groklaw has coverage of a bad day in court for SCO. "Judge Wells asks 'How can you interpret my order in any other way than how it was phrased?'" In the end, SCO's attempts to depose various third parties were rejected, and one of the many "motions to compel" was denied for now.

Comments (none posted)

Companies

Software, as a service, on a client (ZDNet)

ZDNet looks at the novel way in which rPath makes money from open-source software. "Want to rent out a Linux application that can run on an ordinary Windows box with VMWare? Keith Boswell has a deal for you. Boswell is vp-marketing with rPath, a company that has turned $6.4 million in venture capital into rBuilder, which does what I just described. Let's let Boswell explain it himself. "rBuilder takes a look at the application, combines the files it needs with our version of Linux and turns it into an application image. It’s an enabling platform." The kernel comes from the company's own rPath Linux."

Comments (none posted)

HP picks Red Hat for AdvancedTCA Blade Server (IT Manager's Journal)

IT Manager's Journal covers an announcement from HP. "Hewlett-Packard has announced that it will certify Red Hat Enterprise Linux (RHEL) 4 as the preferred operating system for its new AdvancedTCA Blade Server, which the company debuted last week at the 3GSM World Congress. The new blade server is HP's most recent addition to its Advanced Open Telecom Platform (AOTP) blueprint, a line based on the Advanced Telecom Computing Architecture (ATCA) industry standard created by the PCI Industrial Manufacturer's Group (PICMG). The AOTP is HP's suite of hardware, carrier-grade Linux, and software that supports the ATCA standard."

Comments (none posted)

Legal

Patent terrorists ruin an industry (ZDNet)

Ed Burnette covers the rejection of a wireless email patent in the Blackberry case in a ZDNet editorial. "Look at all the harm patents have done to our industry. Look at GIF. JPG. ZIP. FAT32. Linux. MPEG-4. Developing a video compression format is like walking through a minefield. Patent holders fight over future hi-def DVD royalties, resulting in years of delay and increased cost to the consumer. And so forth. Holding companies with no products are the worst as they extort money from real developers just doing their job. And now, we have the so called "defensive patents"."

Comments (20 posted)

Interviews

Breaking down barriers to Linux desktop adoption (SearchOpenSource)

SearchOpenSource.com interviews Jono Bacon about Linux desktop adoption. "People reject Linux desktops for illogical reasons, says IT consultant and developer Jono Bacon. For example, they fault Linux OpenOffice desktops for not having all the features in Microsoft Windows Office, even though few actually use all of the Microsoft stuff. So, in essence, they're saying they want desktops cluttered with unnecessary features."

Comments (6 posted)

People Behind KDE: Boudewijn Rempt

The "People behind KDE" series interviews Krita maintainer Boudewijn Rempt. "If even KDE people like Mirko Boehm can say that we've proved by now that the one thing KDE cannot do is create an office suite, then KOffice has a problem... Because actually, we've shown that we can do it! KOffice 1.5 is going to be so great -- from little changes like the new guides in KPresenter and Kivio to big changes in Krita. Even KWord, which had languished for a long time, has received a lot of work and is now much, much more robust."

Comments (1 posted)

John the Ripper 1.7, by Solar Designer (Security Focus)

Federico Biancuzzi interviews Solar Designer, creator of the John the Ripper password cracker. "Solar Designer: For the past 9 years I've been spending much of my time on computer and network security. In particular, I've been developing free Unix security tools and other (non-security) software designed to be safe to use, as well as making existing software and technologies safer to use (discovering, dealing with, and sometimes publicizing vulnerabilities whenever that seemed appropriate). This is what the Openwall Project is about."

Comments (none posted)

Resources

Running Apache2 With PHP5 And PHP4 At The Same Time (HowtoForge)

HowtoForge has a tutorial that shows how to install and configure Apache2 with PHP5 and PHP4 enabled at the same time. "This tutorial shows how to install and configure Apache2 with PHP5 and PHP4 enabled at the same time. Because it is not possible to run both PHP5 and PHP4 as Apache modules, we must run one of them as CGI, the other one as Apache module. In this document I will use PHP5 as Apache module and PHP4 as CGI, and I will describe the setup for the Linux distributions Debian Sarge (3.1) and Ubuntu 5.10 (Breezy Badger)."

Comments (none posted)

Making apt Work for You: A Book Excerpt (Linux Journal)

Linux Journal presents a book excerpt on the apt utility from the book Linux Patch Management: Keeping Linux Systems Up to Date by Michael Jang. "One of the popular Linux patch management systems is based on the Advanced Package Tool, known as apt. While it was developed for Debian Linux, it is the standard patch management tool for a number of Debian and Red Hat-based distributions, including Knoppix, Xandros, and even the Lineox rebuild of Red Hat Enterprise Linux. But if you prefer apt, the associated tools can be installed on most Linux distributions. In this chapter, you'll learn the fundamentals of apt, including some of its more useful commands."

Comments (7 posted)

AMIA oswg releases Open Source EHR Review (LinuxMedNews)

LinuxMedNews mentions a new Open Source Electronic Health Records review site. "The American Medical Informatics Association Open Source Working Group is presenting Review of Open Source Electronic Health Records (EHR). This review will cover the top Open Source projects that posses Medical Practice Management, Medical Billing Software, and Electronic Health Records. To start with, three systems will be evaluated; MirrorMed/ClearHealth, FreeMED and OpenEMR."

Comments (none posted)

Free Linux handheld app stack to gain easier porting (LinuxDevices)

LinuxDevices covers an application environment for Linux-based handheld and mobile devices. "The GPE (GPE palmtop environment) project is planning a "device abstraction" layer aimed at simplying (sic) new device ports, according to maintainer Florian Boor. The GPE project integrates a variety of free software components, including the X window system, GTK+ graphics toolkit, matchbox window manager, and MiniMo browser. It also maintains its own login and configuration programs, as well as widget and type libraries, screenshot and other utilities, and a PIM (personal information manager) application suite."

Comments (none posted)

CLI Magic: Getting into Motion (Linux.com)

Linux.com shows how to keep an eye on your home or office with an old webcam, a Linux box and Motion. "Linux recognizes that the camera has been connected, but you still need to install some drivers. Although this is not difficult, this is the part that can put people off. The drivers aren't hard to install, but you need the kernel source in place before you can compile the drivers. This can be a bit daunting if you haven't compiled drivers before. You'll need to check with your own distribution, but I'll show you how to do it with Debian to give you an idea of how easy it is."

Comments (1 posted)

Desktop publishing with Writer and Scribus (Linux.com)

Linux.com covers desktop publishing with Scribus and OpenOffice Writer. "Although OpenOffice.org Writer offers many tools that allow you to create sophisticated layouts, you might want to use a dedicated desktop publishing application to lay out a brochure or a book. The latest version of the open source DTP application Scribus, 1.3.2, can import Writer's .odt documents, which makes Writer and Scribus a perfect combo for DTP work. Here's a brief overview of Scribus' essential tools and features from Writer users' point of view."

Comments (none posted)

My sysadmin toolbox (Linux.com)

Adam Williamson, Mandriva employee and amateur systems administrator looks at a few of his favorite tools. "My first tool is htop. Most Linux users, when they first wanted to find out what was eating all their CPU time, were taught about top. Top tells you what processes are running and how many resources they're using ... in just about the most unfriendly way possible. Htop does exactly the same thing as top, but is much less likely to induce migraines."

Comments (14 posted)

Using Wikis and Blogs to Ease Administration (Linux Journal)

Linux Journal has a tutorial on TWiki and WordPress and shows how wikis and blogs can be useful for system administration and documentation. "I find that one of the most difficult aspects of system administration is keeping documentation accurate and up to date. Documenting how you fixed a pesky problem today will help you remember how to fix it months later when it occurs again. If you ever have worked with others, you realize how critical good documentation is. Even if you are the only system administrator, you still will reap the benefits of good documentation, even more so if another sysadmin is ever brought on board."

Comments (1 posted)

Reviews

Ajax Foundations, Ajax at Work: Book Reviews (Linux Journal)

Linux Journal has a pair of mini reviews for Ajax Foundations and Ajax at Work. "Foundations of Ajax is the smaller of the two books, and it certainly feels as though it's geared to someone just getting started with Ajax. The first third of the book--three chapters and 74 four pages--covers the philosophy and technology behind Ajax. Then, after a chapter on implementing basic Ajax techniques, the book moves on to another big block--three chapters and 92 pages--covering JavaScript development. The final chapter presents a case study in three parts; introducing patterns, describing a framework (written by the authors) and building an Ajax project. The book closes with two appendices and a good index."

Comments (none posted)

Develop your own filesystem with FUSE (developerWorks)

IBM developerWorks takes a look at FUSE. "Before the advent of user space filesystems, filesystem development was the job of the kernel developer. Creating filesystems required knowledge of kernel programming and the kernel technologies (like vfs). And debugging required C and C++ expertise. But other developers needed to manipulate a filesystem -- to add personalized features (such as adding history or forward-caching) and enhancements."

Comments (11 posted)

My domains, MyDNS (Linux.com)

Joe 'Zonker' Brockmeier reviews MyDNS on Linux.com. "Why would you want to use MyDNS rather than the Berkeley Internet Name Domain (BIND), which is pretty much the standard name server? First, BIND is dangerously close to a monoculture when it comes to name servers -- if BIND has a major security issue, most of the Internet suddenly has a major security issue. Several years ago, BIND had a string of vulnerabilities that convinced me that it would be a Good Thing™ if more people used alternatives to BIND."

Comments (18 posted)

Using SQL-Ledger in a small business (NewsForge)

NewsForge looks at SQL-Ledger for small business accounting. "SQL-Ledger is a Web-based accounting system that does business-class double-entry bookkeeping. It can have multiple users on the system at one time, with individual privileges, using individual forms. Data entry can be audit-safe, with deletion allowed or not. As the project's Web site explains, "Accounting data is stored in a SQL Server. For the display any text or GUI browser can be used. The entire system is linked through a chart of accounts. Each item in inventory is linked to income, expense, inventory and tax accounts. When items are sold and purchased the accounts are automatically updated.""

Comments (none posted)

Accelerated X flame wars! -- Maybe not (Free Software Magazine)

Free Software Magazine looks at XGL and AIGLX. "When I first heard about these two competing solutions my immediate response was "Oh no! Not ANOTHER flame war...". But once I examined the two of them, I found that they're not as mutually exclusive as it first seemed. To explain why I'll go through a summary of how each works and the differences and similarities between them." (Found on GnomeDesktop)

Comments (14 posted)

Page editor: Forrest Cook

Announcements

Non-Commercial announcements

Austin Group details plan and scope for next revision of joint standard

The Austin Group has announced an effort to produce the next version of its joint standard. "The Austin Group met at the Standards Council of Canada, Ottawa, ON, on February 21-24 2006 to consider the goals and plan the precise milestones for the next revision of the joint standard (that is ISO/IEC 9945 (POSIX), IEEE Std 1003.1 and The Open Group Base Specifications Issue 6)."

Full Story (comments: none)

Join the Fellowship and win a Free HP notebook PC

The Free Software Foundation Europe is offering new incentives to active members. "Like last year's PDA, donated by xtops.de the Free Software Foundation Europe will be raffling off two HP notebooks to all active Fellows on 1 April this year. For two lucky Fellows, April Fool's Day will be anything but foolish. "This is a great start into the second year of our Fellowship," says Georg Greve, president of FSFE. "The Fellowship is essential to our activities. It allows us to pursue activities like the Microsoft antitrust case, or our work at the United Nations. These may seem far away, but if we do not defend our freedoms also in these places, we are bound to lose them everywhere.""

Full Story (comments: none)

New python.org and Call for Volunteers

A Call for Volunteers has been sent out for the new python.org site. "We would like to announce that the beta python site will be made live on the 5th March 2006. In order to ensure that the switch is as smooth as possible, we are asking for some volunteers to help in finalising the migration and checking of content and links. Guido van Rossum will be announcing this during his keynote speech at Pycon and there will be sprints from 27th February through to the 2nd March. All the information you'll need is here."

Comments (none posted)

Commercial announcements

Bizgres MPP 2.1 Available for Public Download

Version 2.1 of Bizgres MPP, the scalable data warehousing clustered version of PostgreSQL, is available for a free trial. "Bizgres MPP 2.1 is based on PostgreSQL 8.1 and will support most PostgreSQL applications out of the box. It allows you to spread your database across multiple servers, and run parallelized queries over databases up to 100 terabytes in size, with data read rates over 10GB/second. Bizgres MPP is built on a fault-tolerant shared-nothing architecture which allows for cluster expansion, using commodity hardware."

Full Story (comments: none)

DNUK Selects Chelsio's T210-CX iSCSI Target Solution

Chelsio Communications has announced the selection of its T210-CX4 10GbE TOE/iSCSI acceleration adapters by DNUK for use in Linux systems. "Chelsio's T210-CX4 TOE/iSCSI adapter and iSCSI Target software v1.0 is a proven turnkey solution set that offers significant cost savings for storage target systems by leveraging the volume, scalability, and simplicity of off-the-shelf server platforms, standard Ethernet connectivity, and copper CX-4 cabling."

Comments (none posted)

Empower Technologies Introduces TI development kit

Empower Technologies has announced a new development kit for the TI OMAP5912 dual-core processor. "A one-stop development solution, Empower's LDK5912 comes complete with both hardware and software offerings that enable developers to create reference consumer electronics products at significantly reduced development time, risk and cost. The kit runs LinuxDA out of the box, so developers can use the LDK5912 to compile, download and test applications within minutes of set-up."

Comments (none posted)

Gigabytes and Silver Strand Solutions announce Gigastrand International

Gigabytes Computer Store and Silver Strand Solutions have joined together to announce Gigastrand International. Gigastrand International will supply computers and home entertainment systems using the Linspire Operating System. In addition, Gigastrand International will provide specialized materials for people with niche interests such as using Linspire to to be an audiophile, run a small business, and much more.

Full Story (comments: none)

Linux Networx Announces Linux Supercomputing Storage Solutions

Linux Networx has announced the availability of new supercomputing storage solutions. "Integrating the appropriate storage configuration within a supercomputing system has been proven to power performance acceleration and utilization increases by a factor of 20 or more. Linux Networx storage solutions combine best-in-class hardware, management software and high performance file systems to best meet the unique requirements of each supercomputing environment. Linux Networx storage solutions are tightly integrated with the company's LS series of Linux Supersystems -- a family designed to deliver new levels of Total Application Throughput."

Comments (none posted)

Novell Continues Linux Market Leadership in China

Novell, Inc. has announced its continuing leadership in the Chinese Linux market. "Novell holds a 25.1 percent share of the Linux market in China, surpassing other local and international Linux distributors. Novell's success in China reflects a strong commitment to Chinese open source development and to Novell's growing customer base in this rapidly expanding market."

Comments (none posted)

New Books

Building Extreme PCs--O'Reilly's Latest Release

O'Reilly has published the book Building Extreme PCs by Ben Hardwidge.

Full Story (comments: none)

Writing Security Tools and Exploits--latest from Syngress

Syngress has published the book Writing Security Tools and Exploits by James C. Foster and Vincent Liu.

Full Story (comments: none)

Resources

The "First Ever Think Tank Report on the Future of Commercial Open Source"

SDForum and the Olliance Group have announced the availability of a report from an "open source think tank" event held in January. This group got together and came up with a number of not entirely earth-shaking conclusions. "There are not enough developers to participate in all the open source communities. With too many projects and not enough focus on key projects -- there is simply not enough talent to mature open source fast enough." The Olliance site requires registration to obtain the report, but said report is under the Creative Commons Attribution license. So you can also get a copy from LWN [PDF].

Comments (5 posted)

Contests and Awards

VMware Announces Ultimate Virtual Appliance Challenge

VMware, Inc. has announced the Ultimate Virtual Appliance Challenge. "VMware, Inc., the global leader in virtual infrastructure software for industry-standard systems, today announced the Ultimate Virtual Appliance Challenge contest with prizes totaling $200,000 to foster continued innovation in developing virtual appliances. Virtual appliances are pre-built, pre-configured and ready-to-run software applications, all packaged within virtual machines. They can be run using VMware virtualization products, including VMware Player and VMware Server which are both available for free download at http://www.vmware.com/download/."

Comments (none posted)

Education and Certification

IBM Linux tutorials for LPI exams

IBM developerWorks has a series of tutorials to help you prepare for system administrator certification and the topics in LPI exams 201 and 202. Tutorials generally require a free registration.

Comments (none posted)

Event Reports

Coverage of LPI at LinuxWorld Mexico

The Linux Professional Institute has provided coverage of their presence at the recent LinuxWorld Mexico conference. "LPI attended the first annual Linux World Mexico and hosted exam labs, a trade show booth, and a special press conference on LPI's 30,000 certificant."

Full Story (comments: none)

Upcoming Events

DEF CON 14 Call for Papers

A call for papers has gone out for the DEF CON 14 security conference. DEF CON 14 will be held on August 4-6, 2006 at the Riviera Hotel & Casino in Las Vegas, NV. Papers are due by June 15.

Full Story (comments: none)

Geoffrey Moore will present Keynote at 2006 Desktop Linux Summit

Desktop Linux Summit has announced its keynote speaker, author Geoffrey A. Moore. "Moore will speak from his newest book, "Dealing with Darwin: How Great Companies Innovate at Every Phase of Their Evolution," and hold a book signing for attendees. The event, sponsored by industry leaders such as Novell and Red Hat, will be held April 24-25, 2006 at the Manchester Grand Hyatt in downtown San Diego."

Comments (none posted)

Novell Brainshare Conference

Novell's global BrainShare Conference will take place on March 19-24, 2006, in Salt Lake City, UT.

Full Story (comments: none)

Novell and Red Hat Take Top Sponsorships at Desktop Linux Summit

Novell and Red Hat will be the top sponsors at the fourth annual Desktop Linux Summit. "The Desktop Linux Summit today announced that Linux industry giants Novell and Red Hat have signed on as platinum sponsors for the show, which is the only event to focus exclusively on Linux and open source software for the desktop. In its fourth year, the Summit will be held April 24-25, 2006 at the Manchester Grand Hyatt in downtown San Diego, California."

Full Story (comments: none)

OOoCon 2006 location chosen

The location for OOoCon 2006 has been chosen. The event will take place in Lyon, France.

Full Story (comments: none)

2nd PyWeek Python Game Programming Challenge

The second PyWeek Python Game Programming Challenge has been announced. "The date for the second PyWeek challenge has been set: Sunday 26th March to Sunday 2nd April (00:00UTC to 00:00UTC). The PyWeek challenge invites entrants to write a game in one week from scratch either as an individual or in a team. Entries must be developed in Python, during the challenge, and must incorporate some theme chosen at the start of the challenge."

Comments (none posted)

64 Studio and Lionstracs at Sounds Expo 2006

The Linuxaudio.org members, 64 Studio audio distribution and Lionstracs will have exhibits at the London Sounds Expo trade show on March 9-11, 2006.

Full Story (comments: none)

CFP: 13th Annual Tcl/Tk Conference

A Call For Papers has gone out for the 13th Annual Tcl/Tk Conference. The event will take place on October 9-13, 2006 in Naperville, Illinois, submissions should be in by May 31.

Full Story (comments: none)

O'Reilly Where 2.0: The Future of Mapping and Local Search

O'Reilly has announced the 2006 Where 2.0 conference. "There's a new world of technology taking shape, moving the computing ecosystem to higher ground: geospatial. Pioneered by grassroots developers, startup projects, and innovative mash-ups, these new mapping and location-related tools and services are promising both disruptions and opportunities. To explore this technology frontier, O'Reilly Media is planning the second Where 2.0 Conference, happening June 13-14 at the Fairmont Hotel in San Jose, California."

Full Story (comments: none)

Events: March 2 - April 27, 2006

Date Event Location
March 2 - 3, 2006Black Hat Europe Briefings and Training 2006(Grand Hotel Krasnapolsky)Amsterdam, the Netherlands
March 2 - 3, 2006SELinux Symposium and Developer Summit(Wyndham Hotel)Baltimore, MD
March 3 - 4, 2006LinuxForum 2006Copenhagen, Denmark
March 3 - 5, 2006Akademy-es 2006Barcelona, Spain
March 6 - 9, 2006O'Reilly Emerging Technology Conference(ETech)(Manchester Grand Hyatt)San Diego, CA
March 8 - 10, 2006New Orleans Plone Symposium(Astor Crowne Plaza)New Orleans, LA
March 16, 2006FOSS means Business(Spires Conference Centre)Belfast, Northern Ireland
March 17 - 19, 2006Libre Graphics Meeting 2006(Ecole d'Ingénieurs CPE)Lyon, France
March 18 - 19, 2006Rockbox International Developers Conference 2006Stockholm, Sweden
March 19 - 24, 2006Novell BrainShare 2006(Salt Palace Convention Center)Salt Lake City, UT
March 21 - 23, 2006UKUUG Spring Conference 2006Durham, UK
March 25, 2006Penguin DaySeattle, WA
March 25, 2006Bleepfest 06(Christchurch Spitalfields Crypt)London, England
March 29 - 31, 2006PHP Quebec 2006(Plaza Montreal Hotel)Montreal, Canada
April 3 - 6, 2006Embedded Systems Conference(ESC)(McEnery Convention Center)San Jose, CA
April 3 - 7, 2006CanSecWest/core06(Marriott Renaissance Harbourside hotel)Vancouver, Canada
April 3 - 4, 2006Freedom To Connect 2006(FTC)(AFI Silver Theater)Washington, DC
April 3 - 6, 2006LinuxWorld Conference and Expo(Boston Convention and Exposition Center)Boston, MA
April 7 - 9, 2006Notocaon 3(Holiday Inn Select Cleveland)Cleveland, OH
April 11 - 12, 2006CELF Embedded Linux ConferenceSan Jose, California
April 15 - 16, 2006LayerOne 2006(Pasadena Hilton)Pasadena, California
April 19 - 22, 2006Forum Internacional Software Livre 7.0(FISL)Porto Alegre, Brazil
April 20 - 22, 2006International Conference on Availability, Reliability and Security(AReS 2006)Vienna, Austria
April 21 - 23, 2006Penguicon 4.0Livonia, Michigan
April 23 - 26, 2006ItaniumR Conference and Expo 2006(Gelato ICE)San Jose, CA
April 24 - 26, 2006LinuxWorld & NetworkWorld Canada 2006 Conference & Expo(Metro Toronto Convention Centre, North Bldg.)Toronto, Canada
April 24 - 27, 2006MySQL Users ConferenceSanta Clara, CA
April 24 - 25, 20062006 Desktop Linux Summit(Manchester Grand Hyatt)San Diego, CA
April 24 - 26, 2006SambaXP 2006(Clarion Parkhotel)Göttingen, Germany
April 26 - 28, 2006php|tek 2006(Orlando Airport Marriott Hotel)Orlando, FL
April 27 - 30, 2006Linux Audio Conference(LAC2006)(ZKM)Karlsruhe, Germany

Comments (none posted)

Web sites

New GNOME developers forum

The new GnomeDev.com site is online with a wired variety of GNOME developer topics.

Full Story (comments: none)

Audio and Video programs

FOSDEM videos available

For those of you who couldn't make it to FOSDEM: Michael Opdenacker has posted videos of a number of the talks. The list includes sessions by David Weinehall, Richard Stallman, Jeff Waugh, and others.

Full Story (comments: 2)

Page editor: Forrest Cook

Copyright © 2006, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds