LWN.net Logo

LWN.net Weekly Edition for March 9, 2006

Some notes from the Coverity survey

Back in January, LWN reported on a grant awarded to Coverity by the U.S. Department of Homeland Security. Coverity (working with Stanford) would apply its static analysis tools to the code bases of a large set of free software projects and report on the results. The effort was designed to help provide a sense of the quality of free software while simultaneously helping to improve that quality.

Coverity has now announced its first set of results in the form of a press release, a table of defect counts, and a glossy report. The main point made in the report - and picked up on by most of the media coverage - is that the software which makes up the "LAMP stack" (kernel, Apache, MySQL, PostgreSQL, PHP, Perl, Python) has a significantly lower rate of defects than the larger set of projects reviewed. From this result, one might well conclude that the most heavily-used and carefully-reviewed projects tend to have better code. Perhaps not a breathtaking result, but it's still nice to know.

The projects with the lowest defect density include Ethereal, OpenVPN, Perl, and xmms; the all-time winner is xmms, with a total of six detected errors. At the other end of the scale, one finds Amanda, Firebird, NetSNMP, OpenLDAP, Samba, X, and Xine. The MySQL code base turned up 136 defects (a density of 0.224 per thousand lines of code), while PostgreSQL has 295 (density of 0.362). Those results are interesting in the context of this quote from the report:

For example, MySQL, PostgreSQL, and Berkeley DB have certified versions of their software that contain zero Coverity defects.

We asked Coverity CTO Ben Chelf about the discrepancy between this claim and the published results, and heard back:

We are working with the community now to determine exactly why that is. Obviously the code changes over time so that is one potential factor for the new issues. We hope that by opening up this mainline access, we can assure that all _future_ versions of many of these packages will contain zero Coverity defects.

Unfortunately, that response does not really answer the question. The possibilities would seem to be: (1) whoever paid for the "certified versions" has not fed the resulting fixes back into the mainline; (2) all of the detected defects have been introduced into the code base since the certification run was done, or (3) the tests run on the "certified versions" were less comprehensive. None of those ideas is particularly reassuring.

That notwithstanding, the work being done at Coverity is clearly helping to clean up the code of the projects being surveyed. Patches for some bugs found in the kernel are already circulating, and various other projects are looking at the results as well. With regard to Samba, the Coverity folks provided us with a quote from Jeremy Allison:

Coverity has found bugs in parts of Samba that we had previously considered completely robust and tested. It's like having a developer on the team with an inhuman attention to detail, who points out all the corner cases and boundary conditions you hadn't considered when you first wrote the code. It's making a *major* contribution to the code quality of the Samba project.

Running static analysis tools on the code is a clear win for software quality and Coverity, by chasing down the resources to pay for this kind of work, is helping the free software community. Even so, we could not resist asking Mr. Chelf this question: wouldn't it help the community even more to release the checker under a free license, so that the community could do its own analysis and improve the tool as well? He responded:

We want to have a very strong relationship with the open source community for a long time to come. We recognize that open source software is a more and more critical part of many organizations' (commercial and non-commercial) infrastructure. As we keep a healthy finger on the heartbeat of what the community wants from this type of technology, we feel we'll be the best ones to provide it, regardless of form. Does that mean open source? It's too early to say at this point.

In other words, we'll have to content ourselves with the reports from Coverity - when Coverity sees fit to provide them - for the foreseeable future. It is vastly preferable to not having those reports.

Still, there would be a great advantage to having static analysis tools which did not depend on any one corporation's generosity to run. The community seems to be a bit slow in the development of these tools, however. The "sparse" utility, written by Linus Torvalds, is regularly used to find certain types of bugs in the kernel. It has seen little use beyond the kernel, however, and has not developed anything close to the capabilities of Coverity's tools. The once-promising smatch project seems to have stalled for the last two years. Various other projects exist (Wikipedia has a list), but none seem to have reached any sort of critical mass.

The free software community prides itself on the quality of its code. Static analysis techniques will clearly be an important part of maintaining that quality in the future. Many eyeballs do indeed shake out bugs; adding some automated eyeballs to the mix will help find even more of them. We have been lucky that a company which has developed some interesting static analysis techniques has - for a few years, now - shared the results of its analysis with parts of the free software community. We should hope that this generosity continues for a long time, but we may also want to think about creating some tools of our own for the day when that generosity runs out.

Comments (43 posted)

The next generation office suite

OpenOffice.org is a great package. It provides powerful capabilities in a number of areas - document editing, spreadsheets, presentations, etc. - and makes it possible for Linux users to interoperate with the large part of the world which is dependent on proprietary office applications. Much of the time, OpenOffice is the tool needed to enable Linux to replace a proprietary desktop system. It would be a hard tool to live without.

That said, there is some truth in a comment recently posted by Jeff Waugh:

OpenOffice.org is not aggressively competitive with Microsoft Office - it's playing to match the feature matrix instead of leapfrogging and defining new ground to fight on. That is not a winning strategy, particularly when the stakes involve the future of Software Freedom in the hands of users around the world.

This statement is, perhaps, not entirely true; OpenOffice has, for example, been a big part of the push toward the Open Document Format. The open format push has most certainly shifted the battle, to the point that even Microsoft has had to respond. Beyond that, however, it is hard to point to a long list of new things which OpenOffice has brought to the office productivity arena. It is mostly a good copy of that other office application.

Critics of free software are fond of claims that the community is restricted to imitating developments done in the proprietary world. Free software, it is said, is not where innovation is done. To a great extent, OpenOffice could be said to validate that claim. It is not clear that this situation can change; OpenOffice is a large and intimidating code base which can be hard to contribute to, and the project's mission would seem to argue against the creation of surprising new features.

The community is not limited to OpenOffice, however. Jeff's posting points to a weblog entry by Marc Maurer, wherein he (by way of a large Flash file) demonstrates the long-anticipated collaborative editing addition to AbiWord. Authors, connected by the net, can simultaneously work on the same document and see each others' changes as they happen. Now every document can be written by committee, a process known to produce superior results.

Seriously, however, there are clear advantages to being able to work in this mode. Perhaps the tiresome process of sending document files around as attachments and trying to integrate changes from others could eventually fade away. And the world has shown, many times, that if people are given new ways to communicate and work together, they will do surprising things with that capability. So this addition to AbiWord (hopefully due to show up in the 2.6 release) is a welcome step forward.

Meanwhile, the KDE project recently held a "GUI and functionality design competition" for KOffice 2. the results of this competition have now been posted; they show that a number of smart people are thinking about where KOffice could go from here. The winning entry [PDF] from Martin Pfeiffer takes a long look at how people work with documents. His ideas, if realized, could take much of the tiresome clicking out of the editing process and make the task of putting together documents (especially large ones) much more straightforward and fun.

The fact that much effort in the free software community has gone into the replication of features available elsewhere is not particularly surprising. If one wants to build a user community for a software package, one is well advised to provide the capabilities that the target users have come to expect. In many areas, however, that goal has been met, and the time has come to move into new capabilities that users do not - yet - expect to find. By many accounts, office suites are one of those areas. We have the capabilities that most users need; it will be fun to watch as developers create features that users do not yet know that they need.

Comments (12 posted)

Some lessons from MythTV

Your editor's eighth-grade son was looking around for an end-of-year school project. Fearing the alternatives (most of which seemed to involve explosives), your editor made the logical suggestion: let's build a MythTV box together. That project looked like a good Linux learning project which might just yield a device which would be useful around the house. Plus, with what he thought was expert Linux guidance (kids are so gullible sometimes), the project couldn't fail.

Well, it didn't fail, but it was not always clear that a successful outcome was in the works. For the benefit of others who may be considering the creation of such a box, here's a few things your editor learned on the way.

Do not expect it to be easy. Contemporary Linux users tend to be a spoiled bunch. For the most part, any of thousands of programs can be installed by way of a single package manager operation. Often these programs come pre-configured in some sort of minimally working way; finishing the job is just a matter of making a few tweaks. So what could be so hard about installing MythTV? After all, there are packages for many distributions just waiting to be used.

Even with pre-built packages, installing MythTV reminds your editor of installing Linux back in 1993. Remember trying to come up with an XFree86 configuration file for a previously unknown monitor? MythTV is somewhat like that. There's a great deal of configuration to perform, and a lot of parameters to tweak. Get one wrong, and the whole thing fails in mysterious ways. Anybody who is not up for a long setup experience would be well advised to stick with simpler tasks - like writing new sendmail rulesets.

Choose your hardware with care. MythTV requires a fairly strong system in general; it's not a suitable application for that Pentium 100 system gathering dust in the basement. A capable (but supported!) video card is required. Then, there is the issue of choosing a TV card.

HD3000 Your editor, after some digging, stumbled across the pcHDTV HD3000 tuner card. It had a number of seemingly nice features, such as the ability to tune in high-definition TV broadcasts while avoiding obvious obnoxious misfeatures - broadcast flag compliance, for example. What won your editor's heart, however, was the statement that, while Linux was supported, Windows drivers were not available. How could a card which supported only Linux fail to work?

And it does work, once one gets it configured correctly. That involves tracking down the firmware and putting it in the right place, ensuring that the correct modules get loaded (something that doesn't seem to happen by default), and going through a lengthy process of figuring out which stations can actually be tuned and carefully instructing MythTV to avoid all the others. That last step, incidentally, requires a development version of the dvb-apps package obtained from CVS. Then one finds out that, in order to cope with a high-definition signal, one needs a seriously fast processor; that 1.8GHz Athlon you have gathering dust in the basement just won't cut it. Meanwhile, getting plain old, low-resolution TV out of the card, while said to be possible, has proved to be a challenge in real life.

Expect pitfalls. One of the many MythTV configuration screens is for setting up the TV card(s). One of the options given there is the pcHDTV HD3000. Every day, some well-meaning MythTV user probably tells the system that his or her pcHDTV HD3000 is a pcHDTV HD3000, while a hundred experienced users, if they only knew, would be shouting "NO, YOU FOOL! It's a trap!" at the top of their lungs. This poor user is heading for some significant pain; MythTV will never work in that configuration.

As the battle-hardened veterans know, an HD3000 card should be configured as a DVB device (described in the documentation as "a video standard primarily found in Europe"). Then it will work. One can only imagine a legion of sadistic MythTV hackers leaving the pcHDTV-HD3000 option on the menu as a way of ensuring that beginning users spend more time staring at Google than watching TV.

The allegedly easy path isn't necessarily so. Part of the work plan involved researching the best distribution for the creation of a MythTV box. What better way for an eighth grader to learn about how Linux systems are created? He quickly settled on KnoppMyth, which comes with claims like:

KnoppMyth can be installed in as little as 10 minutes (depending upon your hardware speed) then all you have to wait for is the first week of TV scheduling to be downloaded. If all your hardware is supported under Linux, you may not have to edit any configuration files.

Why bother with anything else when you can get all of the pieces off a single disk?

KnoppMyth does not appear to be a project which receives a great deal of development time; the 5.0 release has been in the works for quite a while. A number of the download links on the main page are dead. It still uses version 0.18 of MythTV. More to the point, however: while one may not have to edit configuration files, nothing gets one out of the need to go through a couple dozen MythTV setup and configuration screens. There are dozens of operating parameters to tweak. TV cards must be set up. A separate step is required to set up video sources. Yet another step exists just to connect the configured TV cards with the configured video sources. Then there's the set of channel configuration screens. One has to figure out where the programming information will come from and set that up. Then one has to actually make the resulting combination work - something your editor never succeeded in doing.

Among other things, KnoppMyth did not set up the video card (a Radeon 9250-based card) correctly in its XFree86-based graphics system, with the result that the XVideo extension was not available. Suffice to say that MythTV (along with lower-level tools like mplayer) is not happy without XVideo.

So your editor dumped the whole mess and installed Fedora Core 4, which had no trouble figuring out the video configuration. The excellent Fedora Myth(TV)ology document made most of the rest of the setup relatively easy - modulo the level-60 secret incantations required to make the HD3000 work properly.

Don't expect it to tell you anything.. The MythTV setup program will not work properly if the MythTV backend daemon is running. But it won't check for said daemon, and it won't say why it is failing. MythTV has a built-in logging system with eight log levels, but your editor has yet to find anything of interest there. Other things just fail silently, with no indication of why, for example, an attempt to watch TV in real time yields a black screen for ten seconds before returning to the menu.

In summary: MythTV may have a lot of things to recommend it, but there is some work to be done to make it installable by normal people. Today's MythTV reminds your editor of installing early Slackware releases: a long and fiddly process with the occasional trap to avoid. The Linux installation problem has been nicely solved; if the target hardware is supported, putting together a Linux system to use that hardware is usually a straightforward task. What has been done for Linux as a whole can certainly be done for MythTV. Until it has been done, MythTV is likely to be inaccessible to many who would like to use it.

Having written the summary, your editor would like to briefly touch on two other lessons.

It's seriously cool. Once the system works, it does just what it is claimed to do. It can watch and record television, skip over advertisements, move around quickly in the program, handle multiple tuners, juggle conflicting recording schedules, work with a wide variety of remote controls, browse the web, play games, etc. Packaged in a suitably powerful and quiet box, MythTV could be a welcome part of one's larger entertainment complex.

We may not be able to build MythTV boxes for much longer. The capabilities provided by MythTV go against everything the Powers That Be in the entertainment industry want us to have. As they continue to push for hostile legislation and DRM-encumbered hardware, they will eventually make the creation of a MythTV box impossible. Hardware which can tune in tomorrow's signals, and which makes the result available to software that doesn't know the secret handshakes, will be unavailable. MythTV is a powerful - if rough-edged - tool; it's how access to video programming should be. It would be a shame if MythTV were to smooth out the setup experience, only to be obliterated by legal systems worldwide.

Comments (27 posted)

Page editor: Jonathan Corbet

Security

An introduction to Elliptic Curve Cryptography

March 8, 2006

This article was contributed by Jake Edge.

Elliptic Curve Cryptography (ECC) has been gaining momentum as a replacement for RSA public key cryptography largely based on its efficiency, but also because the US National Security Agency (NSA) included it, while excluding RSA, from its Suite B cryptography recommendations. Suite B is a set of algorithms that the NSA recommends for use in protecting both classified and unclassified US government information and systems.

Public key cryptography is the basis for tools like ssh as well as Secure Sockets Layer (SSL) for encrypting web traffic. For readers who would like more information, a nice introduction to public key cryptography and the RSA algorithm can be found on Wikipedia.

ECC is based on some very deep math involving elliptic curves in a finite field. It relies on the difficulty of solving the Elliptic Curve Discrete Logarithm Problem (ECDLP) in much the same way that RSA depends on the difficulty of factoring the product of two large primes. The best known method for solving ECDLP is fully exponential, whereas the number field sieve (for factoring) is sub-exponential. This allows ECC to use drastically smaller keys to provide the equivalent security; a 160-bit ECC key is equivalent to a 1024-bit RSA key.

Smaller key sizes lead to faster processing, which is very interesting to folks that are implementing encryption on small, mobile devices with limited resources in terms of power, CPU and memory. It is also very desirable for large web servers that will be handling many encrypted sessions. These are the technical considerations driving adoption. The NSA's recommendation makes it very attractive to companies that sell encryption products to the government and many non-governmental entities will also want products that implement ECC.

In order to use elliptic curves as part of a public key cryptosystem, both parties must agree on a set of domain parameters that fully specify the curve that is being used. Various groups, notably the US National Institute for Standards and Technology (NIST) and the Standards for Efficient Cryptography Group (SECG) have recommendations for the domain parameters to be used for various key sizes. The Internet Engineering Task Force (IETF) also has a draft specification for adding ECC to SSL/TLS.

Sun Microsystems has donated ECC code to OpenSSL and the Network Security Services (NSS) library; this allows the Apache web server and Mozilla browsers (and many other programs) to use ECC.

Unfortunately, as with RSA before its patent expired, the ECC landscape is littered with patent claims; some of dubious enforceability due to prior art. Sun claims patents on ECC technology, but has provided a "patent peace" provision in its license that states that it will not enforce its patent claims and asks that anyone holding patents associated with the code not enforce them against Sun.

The wild card in the ECC patent arena seems to be Certicom which claims a large number of ECC patents and has not made a clear statement of its intentions with regard to open source implementations. The NSA licensed Certicom's patents for $25 million to allow them and their suppliers to use ECC, lending some credence to at least some of the Certicom patents. Other companies also have patents on various pieces of ECC technology.

As is often the case with patents, it is well nigh impossible to determine what the patents cover and if an implementation infringes without going to court. Ironically, the clearest description of what is and is not patented is an RSA Laboratories FAQ entry:

In all of these cases, it is the implementation technique that is patented, not the prime or representation, and there are alternative, compatible implementation techniques that are not covered by the patents.

Of course, this is not legal advice from RSA and may or may not be how it is interpreted by the courts. We will all have to wait and see how it plays out if one or more of the patent holders decides to sue.

[The author wishes to thank his employer, Privacy Networks, for sending him to the RSA 2006 conference which inspired this article.]

Comments (7 posted)

New vulnerabilities

bmv: integer overflow

Package(s):bmv CVE #(s):CVE-2005-3278
Created:March 2, 2006 Updated:March 8, 2006
Description: The bmv PostScript viewer has an integer overflow vulnerability. If a specially crafted PostScript file is read by bmv, it may be possible to execute arbitrary code.
Alerts:
Debian DSA-981-1 2006-02-26

Comments (none posted)

flex: buffer overflow

Package(s):flex CVE #(s):CVE-2006-0459
Created:March 7, 2006 Updated:March 28, 2006
Description: Chris Moore discovered a buffer overflow in a particular class of lexicographical scanners generated by flex. This could be exploited to execute arbitrary code by processing specially crafted user-defined input to an application that uses a flex scanner for parsing.
Alerts:
Debian DSA-1020-1 2006-03-28
Gentoo 200603-07 2006-03-10
Ubuntu USN-260-1 2006-03-06

Comments (none posted)

freeciv: denial of service

Package(s):freeciv CVE #(s):CVE-2006-0047
Created:March 8, 2006 Updated:March 16, 2006
Description: The freeciv "civserver" application is susceptible to a denial of service vulnerability.
Alerts:
Gentoo 200603-11 2006-03-16
Debian DSA-994-1 2006-03-13
Mandriva MDKSA-2006:053 2006-03-07

Comments (none posted)

initscripts: privilege escalation

Package(s):initscripts CVE #(s):CVE-2005-3629
Created:March 7, 2006 Updated:March 15, 2006
Description: A bug was found in the way initscripts handled various environment variables when the /sbin/service command is run. It is possible for a local user with permissions to execute /sbin/service via sudo to execute arbitrary commands as the 'root' user.
Alerts:
Red Hat RHSA-2006:0015-01 2006-03-15
Red Hat RHSA-2006:0016-01 2006-03-07

Comments (none posted)

irssi-text: denial of service

Package(s):irssi-text CVE #(s):CVE-2006-0458
Created:March 2, 2006 Updated:March 8, 2006
Description: irssi-text has a remote denial of service vulnerability that is caused by incomplete verification of arguments by the DCC ACCEPT command handler. A remote attacker can crash irssi and cause a denial of service.
Alerts:
Ubuntu USN-259-1 2006-03-01

Comments (none posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2006-0741 CVE-2006-0555
Created:March 2, 2006 Updated:March 23, 2006
Description: The Linux kernel has multiple vulnerabilities including a sanity check problem with sys_mbind that can lead to a local denial of service, an ELF vulnerability that can crash Intel EM64T systems and an NFS client panic problem that can be triggered by direct I/O from a local user.
Alerts:
Mandriva MDKSA-2006:059 2006-03-22
Ubuntu USN-263-1 2006-03-13
Trustix TSLSA-2006-0012 2006-03-10
Fedora FEDORA-2006-131 2006-03-02

Comments (none posted)

Mozilla Thunderbird: remote code execution and DoS

Package(s):mozilla-thunderbird CVE #(s):CVE-2006-0884
Created:March 3, 2006 Updated:May 4, 2006
Description: The WYSIWYG rendering engine in Mozilla Thunderbird 1.0.7 and earlier allows user-complicit attackers to bypass javascript security settings and obtain sensitive information or cause a crash via an e-mail containing a javascript URI in the SRC attribute of an IFRAME tag, which is executed when the user edits the e-mail.
Alerts:
Debian DSA-1051-1 2006-05-04
Mandriva MDKSA-2006:052 2006-03-02

Comments (1 posted)

WordPress: SQL injection

Package(s):wordpress CVE #(s):
Created:March 6, 2006 Updated:March 8, 2006
Description: Patrik Karlsson reported that WordPress 1.5.2 makes use of an insufficiently filtered User Agent string in SQL queries related to comments posting. This vulnerability was already fixed in the 2.0-series of WordPress.
Alerts:
Gentoo 200603-01 2006-03-04

Comments (none posted)

zoo: stack-based buffer overflow

Package(s):zoo CVE #(s):CVE-2006-0855
Created:March 7, 2006 Updated:March 16, 2006
Description: Stack-based buffer overflow in the fullpath function in misc.c for zoo 2.10 and earlier allows user-complicit attackers to execute arbitrary code via a crafted ZOO file that causes the combine function to return a longer string than expected.
Alerts:
Gentoo 200603-12 2006-03-16
Debian DSA-991-1 2006-03-10
Gentoo 200603-05 2006-03-06

Comments (none posted)

Updated vulnerabilities

ADOdb: PostgresSQL command injection

Package(s):adodb CVE #(s):CVE-2006-0410
Created:February 6, 2006 Updated:April 17, 2006
Description: Andy Staudacher discovered that ADOdb does not properly sanitize all parameters. By sending specifically crafted requests to an application that uses ADOdb and a PostgreSQL backend, an attacker might exploit the flaw to execute arbitrary SQL queries on the host.
Alerts:
Gentoo 200604-07 2006-04-14
Debian DSA-1031-1 2006-04-08
Debian DSA-1030-1 2006-04-08
Debian DSA-1029-1 2006-04-08
Gentoo 200602-02 2006-02-06

Comments (none posted)

apache: cross-site scripting

Package(s):apache CVE #(s):CVE-2005-3352
Created:December 14, 2005 Updated:May 10, 2006
Description: Versions 1 and 2 of the apache web server suffer from a cross-site scripting vulnerability in the mod_imap module; see this bugzilla entry for details.
Alerts:
Slackware SSA:2006-129-01 2006-05-10
SuSE SUSE-SR:2006:004 2006-02-24
Fedora-Legacy FLSA:175406 2006-02-18
Gentoo 200602-03 2006-02-06
Fedora FEDORA-2006-052 2006-01-20
Red Hat RHSA-2006:0158-01 2006-01-17
Ubuntu USN-241-1 2006-01-12
Trustix TSLSA-2005-0074 2005-12-23
Mandriva MDKSA-2006:007 2006-01-05
Red Hat RHSA-2006:0159-01 2006-01-05
OpenPKG OpenPKG-SA-2005.029 2005-12-14

Comments (none posted)

blender: integer overflow

Package(s):blender CVE #(s):CVE-2005-4470
Created:January 6, 2006 Updated:June 15, 2006
Description: Damian Put discovered that Blender did not properly validate a 'length' value in .blend files. Negative values led to an insufficiently sized memory allocation. By tricking a user into opening a specially crafted .blend file, this could be exploited to execute arbitrary code with the privileges of the Blender user.
Alerts:
Debian-Testing DTSA-29-1 2006-06-15
Debian DSA-1039-1 2006-04-24
Gentoo 200601-08 2006-01-13
Ubuntu USN-238-2 2006-01-06
Ubuntu USN-238-1 2006-01-06

Comments (none posted)

bluez-hcidump: buffer overflow

Package(s):bluez-hcidump CVE #(s):CVE-2006-0670
Created:February 18, 2006 Updated:March 10, 2006
Description: A buffer overflow in l2cap.c in hcidump allows remote attackers to cause a denial of service (crash) through a wireless Bluetooth connection via a malformed Logical Link Control and Adaptation Protocol (L2CAP) packet.
Alerts:
Debian DSA-990-1 2006-03-10
Ubuntu USN-256-1 2006-02-21
Mandriva MDKSA-2006:041 2006-02-17

Comments (none posted)

BomberClone: remote execution of arbitrary code

Package(s):bomberclone CVE #(s):CVE-2006-0460
Created:February 17, 2006 Updated:March 14, 2006
Description: Stefan Cornelius of the Gentoo Security team discovered multiple missing buffer checks in BomberClone's code. By sending overly long error messages to the game via network, a remote attacker may exploit buffer overflows to execute arbitrary code with the rights of the user running BomberClone.
Alerts:
Debian DSA-997-1 2006-03-13
Gentoo 200602-09 2006-02-16

Comments (none posted)

bzip2: race condition and infinite loop

Package(s):bzip2 CVE #(s):CAN-2005-0953 CAN-2005-1260
Created:May 17, 2005 Updated:January 10, 2007
Description: A race condition in bzip2 1.0.2 and earlier allows local users to modify permissions of arbitrary files via a hard link attack on a file while it is being decompressed, whose permissions are changed by bzip2 after the decompression is complete. Also specially crafted bzip2 archives may cause an infinite loop in the decompressor.
Alerts:
rPath rPSA-2007-0004-1 2007-01-09
Debian DSA-741-1 2005-07-07
Red Hat RHSA-2005:474-01 2005-06-16
OpenPKG OpenPKG-SA-2005.008 2005-06-10
SuSE SUSE-SR:2005:015 2005-06-07
Debian DSA-730-1 2005-05-27
Mandriva MDKSA-2005:091 2005-05-18
Ubuntu USN-127-1 2005-05-17

Comments (2 posted)

ktools: buffer overflow

Package(s):centericq CVE #(s):CVE-2005-3863
Created:December 7, 2005 Updated:August 29, 2006
Description: From the Debian-Testing alert: Mehdi Oudad "deepfear" and Kevin Fernandez "Siegfried" from the Zone-H Research Team discovered a buffer overflow in kkstrtext.h of the ktools library, which is included in (at least) centericq and motor.
Alerts:
Gentoo 200608-27 2006-08-29
Debian DSA-1088-1 2006-06-03
Debian DSA-1083-1 2006-05-31
Gentoo 200512-11 2005-12-20
Debian-Testing DTSA-23-1 2005-12-05

Comments (none posted)

cpio: arbitrary code execution

Package(s):cpio CVE #(s):CVE-2005-4268
Created:January 2, 2006 Updated:March 17, 2010
Description: Richard Harms discovered that cpio did not sufficiently validate file properties when creating archives. Files with e. g. a very large size caused a buffer overflow. By tricking a user or an automatic backup system into putting a specially crafted file into a cpio archive, a local attacker could probably exploit this to execute arbitrary code with the privileges of the target user (which is likely root in an automatic backup system).
Alerts:
CentOS CESA-2010:0145 2010-03-17
Red Hat RHSA-2010:0145-01 2010-03-15
rPath rPSA-2007-0094-1 2007-05-07
Red Hat RHSA-2007:0245-02 2007-05-01
Ubuntu USN-234-1 2006-01-02

Comments (none posted)

curl: buffer overflow

Package(s):curl CVE #(s):CVE-2005-4077
Created:December 8, 2005 Updated:March 27, 2006
Description: The curl file transfer utility has a buffer overflow vulnerability in the URL authentication code. If an overly long URL is used, a buffer overflow can result, allowing for local unauthorized access.
Alerts:
Gentoo 200603-25 2006-03-27
Debian DSA-919-2 2006-03-10
Trustix TSLSA-2005-0072 2005-12-16
Red Hat RHSA-2005:875-01 2005-12-20
Gentoo 200512-09 2005-12-16
Ubuntu USN-228-1 2005-12-12
Fedora FEDORA-2005-1137 2005-12-12
Fedora FEDORA-2005-1136 2005-12-12
Debian DSA-919-1 2005-12-12
OpenPKG OpenPKG-SA-2005.028 2005-12-10
Mandriva MDKSA-2005:224 2005-12-08
Fedora FEDORA-2005-1129 2005-12-08
Fedora FEDORA-2005-1130 2005-12-08

Comments (none posted)

cyrus-imapd: buffer overflows

Package(s):cyrus-imapd CVE #(s):CAN-2005-0546
Created:February 23, 2005 Updated:April 10, 2006
Description: Cyrus-imapd, prior to version 2.2.12, contains several buffer overflows which could be exploited by an (authenticated) attacker to run code on the server system.
Alerts:
Fedora-Legacy FLSA:156290 2006-04-04
Red Hat RHSA-2005:408-01 2005-05-17
Fedora FEDORA-2005-339 2005-04-27
OpenPKG OpenPKG-SA-2005.005 2005-04-05
Conectiva CLA-2005:937 2005-03-17
Mandrake MDKSA-2005:051 2005-03-04
Ubuntu USN-87-1 2005-02-28
SuSE SUSE-SA:2005:009 2005-02-24
Gentoo 200502-29 2005-02-23

Comments (none posted)

dia: missing input sanitizing

Package(s):dia CVE #(s):CAN-2005-2966
Created:October 4, 2005 Updated:April 6, 2006
Description: Joxean Koret discovered that the SVG import plugin did not properly sanitize data read from an SVG file. By tricking an user into opening a specially crafted SVG file, an attacker could exploit this to execute arbitrary code with the privileges of the user.
Alerts:
Debian DSA-1025-1 2006-04-06
Mandriva MDKSA-2005:187 2005-10-20
Gentoo 200510-06 2005-10-06
Debian DSA-847-1 2005-10-08
SuSE SUSE-SR:2005:022 2005-10-07
Ubuntu USN-193-1 2005-10-04

Comments (none posted)

emacs21: format string vulnerability in "movemail"

Package(s):emacs21 CVE #(s):CAN-2005-0100
Created:February 7, 2005 Updated:May 15, 2006
Description: Max Vozeler discovered a format string vulnerability in the "movemail" utility of Emacs. By sending specially crafted packets, a malicious POP3 server could cause a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the user and the "mail" group.
Alerts:
Fedora-Legacy FLSA:152898 2006-05-12
Debian DSA-685-1 2005-02-17
Mandrake MDKSA-2005:038 2005-02-15
Gentoo 200502-20 2005-02-15
Fedora FEDORA-2005-146 2005-02-14
Fedora FEDORA-2005-145 2005-02-14
Red Hat RHSA-2005:133-01 2005-02-15
Red Hat RHSA-2005:110-01 2005-02-15
Red Hat RHSA-2005:134-01 2005-02-10
Red Hat RHSA-2005:112-01 2005-02-10
Fedora FEDORA-2005-116 2005-02-08
Fedora FEDORA-2005-115 2005-02-08
Debian DSA-671-1 2005-02-08
Debian DSA-670-1 2005-02-08
Ubuntu USN-76-1 2005-02-07

Comments (none posted)

enscript: arbitrary code execution

Package(s):enscript CVE #(s):CAN-2004-1184 CAN-2004-1185 CAN-2004-1186
Created:January 21, 2005 Updated:May 27, 2006
Description: Erik Sjölund has discovered several security relevant problems in enscript, a program to convert ASCII text into Postscript and other formats. Unsanitized input can cause the execution of arbitrary commands via EPSF pipe support. Due to missing sanitizing of filenames it is possible that a specially crafted filename can cause arbitrary commands to be executed. Multiple buffer overflows can cause the program to crash.
Alerts:
rPath rPSA-2006-0083-1 2006-05-26
Fedora-Legacy FLSA:152892 2005-12-17
Red Hat RHSA-2005:040-01 2005-02-15
Mandrake MDKSA-2005:033 2005-02-10
Gentoo 200502-03 2005-02-02
Red Hat RHSA-2005:039-01 2005-02-01
Fedora FEDORA-2005-096 2005-01-31
Fedora FEDORA-2005-092 2005-01-28
Fedora FEDORA-2005-091 2005-01-28
Fedora FEDORA-2005-016 2005-01-26
Fedora FEDORA-2005-015 2005-01-26
Ubuntu USN-68-1 2005-01-24
Debian DSA-654-1 2005-01-21

Comments (none posted)

evolution: format string issues

Package(s):evolution CVE #(s):CAN-2005-2549 CAN-2005-2550
Created:August 15, 2005 Updated:March 23, 2006
Description: Evolution has format string issues. SITIC advisory SA05-001 contains more information.
Alerts:
Debian DSA-1016-1 2006-03-23
SuSE SUSE-SA:2005:054 2005-09-16
Red Hat RHSA-2005:267-01 2005-08-29
Gentoo 200508-12 2005-08-23
Mandriva MDKSA-2005:141 2005-08-17
Fedora FEDORA-2005-742 2005-08-11
Fedora FEDORA-2005-743 2005-08-11

Comments (2 posted)

fetchmail: multidrop bug

Package(s):fetchmail CVE #(s):CVE-2005-4348
Created:December 20, 2005 Updated:May 27, 2006
Description: Fetchmail contains a bug which allows a malicious mail server to crash the client by sending a message without headers. This occurs when running in multidrop mode.
Alerts:
rPath rPSA-2006-0084-1 2006-05-26
Fedora-Legacy FLSA:164512 2006-05-12
Slackware SSA:2006-045-01 2006-02-15
Debian DSA-939-1 2006-01-13
Ubuntu USN-233-1 2006-01-02
Mandriva MDKSA-2005:236 2005-12-23
Fedora FEDORA-2005-1187 2005-12-20
Fedora FEDORA-2005-1186 2005-12-20

Comments (none posted)

ffmpeg: buffer overflow

Package(s):ffmpeg CVE #(s):CVE-2005-4048
Created:December 15, 2005 Updated:March 17, 2006
Description: The avcodec_default_get_buffer() function of the ffmpeg library has a buffer overflow vulnerability. A user can be tricked into playing a maliciously created PNG movie, allowing the attacker to run arbitrary code with the user's privileges.
Alerts:
Debian DSA-1005-1 2006-03-16
Debian DSA-1004-1 2006-03-16
Debian DSA-992-1 2006-03-10
Gentoo 200603-03 2006-03-04
Gentoo 200602-01 2006-02-05
Gentoo 200601-06 2006-01-10
Ubuntu USN-230-2 2005-12-16
Ubuntu USN-230-1 2005-12-14
Mandriva MDKSA-2005:228 2005-12-14
Mandriva MDKSA-2005:229 2005-12-14
Mandriva MDKSA-2005:232 2005-12-14
Mandriva MDKSA-2005:230 2005-12-14
Mandriva MDKSA-2005:231 2005-12-14

Comments (none posted)

Foomatic: Arbitrary command execution in foomatic-rip

Package(s):foomatic CVE #(s):CAN-2004-0801
Created:September 20, 2004 Updated:May 31, 2006
Description: There is a vulnerability in the foomatic-filters package. This vulnerability is due to insufficient checking of command-line parameters and environment variables in the foomatic-rip filter. This vulnerability may allow both local and remote attackers to execute arbitrary commands on the print server with the permissions of the spooler.
Alerts:
SuSE SUSE-SA:2006:026 2006-05-30
Fedora-Legacy FLSA:2076 2004-11-05
Conectiva CLA-2004:880 2004-10-27
Fedora FEDORA-2004-303 2004-09-21
Gentoo 200409-24 2004-09-20

Comments (none posted)

gdb: multiple vulnerabilities

Package(s):gdb CVE #(s):CAN-2005-1704 CAN-2005-1705
Created:May 20, 2005 Updated:August 11, 2006
Description: Tavis Ormandy of the Gentoo Linux Security Audit Team discovered an integer overflow in the BFD library, resulting in a heap overflow. A review also showed that by default, gdb insecurely sources initialization files from the working directory. Successful exploitation would result in the execution of arbitrary code on loading a specially crafted object file or the execution of arbitrary commands.
Alerts:
Red Hat RHSA-2006:0354-01 2006-08-10
Red Hat RHSA-2006:0368-01 2006-07-20
Mandriva MDKSA-2005:215 2005-11-23
Fedora FEDORA-2005-1033 2005-10-27
Fedora FEDORA-2005-1032 2005-10-27
Red Hat RHSA-2005:801-01 2005-10-18
Red Hat RHSA-2005:763-01 2005-10-11
Red Hat RHSA-2005:709-01 2005-10-05
Red Hat RHSA-2005:673-01 2005-10-05
Red Hat RHSA-2005:659-01 2005-09-28
Fedora FEDORA-2005-498 2005-06-29
Fedora FEDORA-2005-497 2005-06-29
Gentoo 200506-01 2005-06-01
Trustix TSLSA-2005-0025 2005-05-31
Mandriva MDKSA-2005:095 2005-05-30
Ubuntu USN-136-2 2005-05-27
Ubuntu USN-136-1 2005-05-27
Ubuntu USN-135-1 2005-05-27
Gentoo 200505-15 2005-05-20

Comments (5 posted)

gdk-pixbuf: multiple vulnerabilities

Package(s):gdk-pixbuf gtk2 CVE #(s):CVE-2005-3186 CVE-2005-2976 CVE-2005-2975
Created:November 15, 2005 Updated:March 20, 2006
Description: The gdk-pixbuf package contains an image loading library used with the GNOME GUI desktop environment. A bug was found in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code when the file was opened by a victim.

Ludwig Nussel discovered an integer overflow bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to execute arbitrary code or crash when the file was opened by a victim.

Ludwig Nussel also discovered an infinite-loop denial of service bug in the way gdk-pixbuf processes XPM images. An attacker could create a carefully crafted XPM file in such a way that it could cause an application linked with gdk-pixbuf to stop responding when the file was opened by a victim.

Alerts:
Fedora-Legacy FLSA:173274 2006-03-16
Debian DSA-913-1 2005-12-01
Debian DSA-911-1 2005-11-29
Trustix TSLSA-2005-0066 2005-11-18
Mandriva MDKSA-2005:214 2005-11-18
Ubuntu USN-216-1 2005-11-16
SuSE SUSE-SA:2005:065 2005-11-16
Gentoo 200511-14 2005-11-16
Fedora FEDORA-2005-1088 2005-11-15
Fedora FEDORA-2005-1087 2005-11-15
Fedora FEDORA-2005-1086 2005-11-15
Fedora FEDORA-2005-1085 2005-11-15
Red Hat RHSA-2005:811-01 2005-11-15
Red Hat RHSA-2005:810-01 2005-11-15

Comments (none posted)

gedit: format string vulnerability

Package(s):gedit CVE #(s):CAN-2005-1686
Created:June 9, 2005 Updated:February 5, 2009
Description: A format string vulnerability has been discovered in gedit. Calling the program with specially crafted file names caused a buffer overflow, which could be exploited to execute arbitrary code with the privileges of the gedit user.
Alerts:
Fedora FEDORA-2009-1189 2009-01-29
Fedora FEDORA-2009-1187 2009-01-29
Debian DSA-753-1 2005-07-12
Mandriva MDKSA-2005:102 2005-06-15
Red Hat RHSA-2005:499-01 2005-06-13
Gentoo 200506-09 2005-06-11
Ubuntu USN-138-1 2005-06-09

Comments (1 posted)

gettext: Insecure temporary file handling

Package(s):gettext CVE #(s):CAN-2004-0966
Created:October 11, 2004 Updated:March 1, 2006
Description: gettext insecurely creates temporary files in world-writeable directories with predictable names. A local attacker could create symbolic links in the temporary files directory, pointing to a valid file somewhere on the filesystem. When gettext is called, this would result in file access with the rights of the user running the utility, which could be the root user.
Alerts:
Mandriva MDKSA-2006:051 2006-02-28
Fedora-Legacy FLSA:136323 2006-01-09
Gentoo 200410-10:02 2004-10-10
OpenPKG OpenPKG-SA-2004.055 2004-12-23
Ubuntu USN-5-1 2004-10-27
Gentoo 200410-10 2004-10-10

Comments (1 posted)

gnupg: false positive signature verification

Package(s):gnupg CVE #(s):CVE-2006-0455
Created:February 17, 2006 Updated:March 10, 2006
Description: Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP replacement, verifies external signatures of files successfully even though they don't contain a signature at all. See this update from the gnuPG team for more information.
Alerts:
SuSE SUSE-SA:2006:014 2006-03-10
SuSE SUSE-SR:2006:005 2006-03-03
SuSE SUSE-SA:2006:013 2006-03-01
Trustix TSLSA-2006-0008 2006-02-17
SuSE SUSE-SA:2006:009 2006-02-20
Gentoo 200602-10 2006-02-18
OpenPKG OpenPKG-SA-2006.001 2006-02-18
Mandriva MDKSA-2006:043 2006-02-17
Fedora FEDORA-2006-116 2006-02-17
Ubuntu USN-252-1 2006-02-17
Debian DSA-978-1 2006-02-17

Comments (2 posted)

gnutls: denial of service

Package(s):gnutls CVE #(s):CVE-2006-0645
Created:February 13, 2006 Updated:March 6, 2006
Description: Several flaws were found in the way libtasn1 decodes DER. An attacker could create a carefully crafted invalid X.509 certificate in such a way that could trigger this flaw if parsed by an application that uses GNU TLS. This could lead to a denial of service (application crash). It is not certain if this issue could be escalated to allow arbitrary code execution.
Alerts:
Debian DSA-986-1 2006-03-06
Debian DSA-985-1 2006-03-06
Fedora-Legacy FLSA:181014 2006-02-27
Gentoo 200602-08 2006-02-16
Ubuntu USN-251-1 2006-02-16
Mandriva MDKSA-2006:039 2006-02-13
Fedora FEDORA-2006-107 2006-02-10
Red Hat RHSA-2006:0207-01 2006-02-10

Comments (none posted)

grip: buffer overflow

Package(s):grip CVE #(s):CAN-2005-0706
Created:March 10, 2005 Updated:November 19, 2008
Description: Grip, a CD ripper, has a buffer overflow vulnerability that can occur when the CDDB server returns more than 16 matches.
Alerts:
Fedora FEDORA-2008-9604 2008-11-19
Fedora FEDORA-2008-9521 2008-11-19
Fedora-Legacy FLSA:152919 2005-09-15
Mandriva MDKSA-2005:074 2005-04-20
Mandriva MDKSA-2005:075 2005-04-20
Gentoo 200504-07 2005-04-08
Mandrake MDKSA-2005:066 2005-04-01
Red Hat RHSA-2005:304-01 2005-03-28
Gentoo 200503-21 2005-03-17
Fedora FEDORA-2005-203 2005-03-09
Fedora FEDORA-2005-202 2005-03-09

Comments (none posted)

gzip: arbitrary command execution

Package(s):gzip CVE #(s):CAN-2005-0758
Created:August 1, 2005 Updated:January 10, 2007
Description: zgrep in gzip before 1.3.5 does not handle shell metacharacters like '|' and '&' properly when they occurred in input file names. This could be exploited to execute arbitrary commands with user privileges if zgrep is run in an untrusted directory with specially crafted file names.
Alerts:
OpenPKG OpenPKG-SA-2007.002 2007-01-08
Mandriva MDKSA-2006:027 2006-01-30
Mandriva MDKSA-2006:026 2006-01-30
Fedora-Legacy FLSA:158801 2005-11-14
Fedora-Legacy FLSA:157696 2005-08-10
Ubuntu USN-161-1 2005-08-04
Ubuntu USN-158-1 2005-08-01

Comments (2 posted)

heimdal: privilege escalation

Package(s):heimdal CVE #(s):CVE-2006-0582
Created:February 13, 2006 Updated:March 17, 2006
Description: A privilege escalation flaw has been found in the heimdal rsh (remote shell) server. This allowed an authenticated attacker to overwrite arbitrary files and gain ownership of them.
Alerts:
Gentoo 200603-14 2006-03-17
Debian DSA-977-1 2006-02-16
Ubuntu USN-247-1 2006-02-10

Comments (none posted)

imagemagick: arbitrary command execution

Package(s):imagemagick CVE #(s):CVE-2005-4601 CVE-2006-0082
Created:January 24, 2006 Updated:March 24, 2006
Description: Florian Weimer discovered that the delegate code did not correctly handle file names which embed shell commands (CVE-2005-4601). Daniel Kobras found a format string vulnerability in the SetImageInfo() function (CVE-2006-0082). By tricking a user into processing an image file with a specially crafted file name, these two vulnerabilities could be exploited to execute arbitrary commands with the user's privileges. These vulnerability become particularly critical if malicious images are sent as email attachments and the email client uses imagemagick to convert/display the images (e. g. Thunderbird and Gnus).
Alerts:
SuSE SUSE-SR:2006:006 2006-03-17
Gentoo 200602-13 2006-02-26
Slackware SSA:2006-045-03 2006-02-15
Red Hat RHSA-2006:0178-01 2006-02-14
Gentoo 200602-06 2006-02-13
Debian DSA-957-2 2006-01-31
Mandriva MDKSA-2006:024 2006-01-26
Debian DSA-957-1 2006-01-26
Ubuntu USN-246-1 2006-01-24

Comments (none posted)

imap: buffer overflow in c-client

Package(s):imap CVE #(s):CAN-2003-0297
Created:February 18, 2005 Updated:April 10, 2006
Description: A buffer overflow flaw was found in the c-client IMAP client. An attacker could create a malicious IMAP server that if connected to by a victim could execute arbitrary code on the client machine.
Alerts:
Fedora-Legacy FLSA:184074 2006-04-04
Fedora-Legacy FLSA:152912 2005-05-12
Red Hat RHSA-2005:114-01 2005-02-18

Comments (none posted)

ipsec-tools: denial of service

Package(s):ipsec-tools CVE #(s):CVE-2005-3732
Created:December 1, 2005 Updated:June 8, 2006
Description: ipsec-tools has a remote denial of service vulnerability in the racoon daemon. If racoon is running in aggressive mode, it fails to check all peer payloads during When the daemon the IKE negotiation phase, allowing a malicious peer to crash the daemon. One should always be careful around aggressive racoons.
Alerts:
Fedora-Legacy FLSA:190941 2006-06-06
Red Hat RHSA-2006:0267-01 2006-04-25
Debian DSA-965-1 2006-02-06
Mandriva MDKSA-2006:020 2006-01-25
SuSE SUSE-SA:2005:070 2005-12-20
Gentoo 200512-04 2005-12-12
Ubuntu USN-221-1 2005-12-01

Comments (none posted)

kdebase: local root vulnerability

Package(s):kdebase CVE #(s):CAN-2005-2494
Created:September 7, 2005 Updated:August 11, 2006
Description: The kdebase package (and kcheckpass in particular) found in KDE versions 3.2.0 through 3.4.2 suffers from a lock file handling error which can enable a local attacker to obtain root access. See this advisory for details.
Alerts:
Red Hat RHSA-2006:0582-01 2006-08-10
Debian DSA-815-1 2005-09-16
Slackware SSA:2005-251-01 2005-09-09
Ubuntu USN-176-1 2005-09-07
Mandriva MDKSA-2005:160 2005-09-06

Comments (none posted)

kdelibs: heap overflow

Package(s):kdelibs CVE #(s):CVE-2006-0019
Created:January 19, 2006 Updated:March 17, 2006
Description: Konqueror's kjs JavaScript interpreter engine has a heap overflow vulnerability. Specially crafted JavaScript code could be placed on a web site, leading to arbitrary code execution. Other kde applications are also subject to this vulnerability.
Alerts:
Fedora-Legacy FLSA:178606 2006-03-16
Slackware SSA:2006-045-05 2006-02-15
Gentoo 200601-11 2006-01-22
Mandriva MDKSA-2006:019 2006-01-20
Fedora FEDORA-2006-050 2006-01-20
SuSE SUSE-SA:2006:003 2006-01-20
Debian DSA-948-1 2005-01-20
Ubuntu USN-245-1 2006-01-20
Red Hat RHSA-2006:0184-01 2006-01-19

Comments (none posted)

kdelibs: kate backup file permission leak

Package(s):kdelibs kate kwrite CVE #(s):CAN-2005-1920
Created:July 19, 2005 Updated:September 21, 2010
Description: Kate / Kwrite, as shipped with KDE 3.2.x up to including 3.4.0, creates a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. See this advisory for more information.
Alerts:
Gentoo 200611-21 2006-11-27
Debian DSA-804-2 2005-11-10
Debian DSA-804-1 2005-09-08
Red Hat RHSA-2005:612-01 2005-07-27
Ubuntu USN-150-1 2005-07-21
Mandriva MDKSA-2005:122 2005-07-20
Fedora FEDORA-2005-594 2005-07-19

Comments (1 posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CAN-2005-0449 CAN-2005-0209 CAN-2005-0529 CAN-2005-0530 CAN-2005-0532 CAN-2005-0384 CAN-2005-0210 CAN-2005-0504 CAN-2005-0003
Created:March 24, 2005 Updated:May 31, 2006
Description: A number of vulnerabilities have been found in the Linux kernel, including a PPP-related denial of service problem, an integer overflow in the epoll() code, memory corruption in the ELF loader, and exploitable overflows in the ISO9660 code.
Alerts:
Debian DSA-1082-1 2006-05-29
Debian DSA-1069-1 2006-05-20
Debian DSA-1070-1 2006-05-21
Debian DSA-1067-1 2006-05-20
Conectiva CLA-2005:945 2005-03-31
Fedora FEDORA-2005-262 2005-03-28
SuSE SUSE-SA:2005:018 2005-03-24

Comments (none posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2005-3356 CVE-2005-4605 CVE-2005-4618 CVE-2005-4639 CVE-2006-0095 CVE-2006-0096
Created:January 18, 2006 Updated:March 7, 2006
Description: The latest set of kernel vulnerabilities includes:

  • A reference counting bug in sys_mq_open(), exploitable by a local user to crash the kernel. (CVE-2005-3356)

  • A misuse of signed data types in /proc, potentially providing read access to random kernel memory. (CVE-2005-4605)

  • An off-by-one error in sysctl(), with the potential for arbitrary code execution. (CVE-2005-4618)

  • A buffer overflow in the TwinHan DST Frontend/Card DVB driver; potential code execution. (CVE-2005-4639)

  • A potential key disclosure in dm-crypt. (CVE-2006-0095)

  • Missing capability check could (maybe) allow arbitrary users to load new firmware into SDLA WAN cards. (CVE-2006-0096)
Alerts:
Red Hat RHSA-2006:0132-01 2006-03-07
Trustix TSLSA-2006-0004 2006-01-27
Ubuntu USN-244-1 2006-01-18

Comments (none posted)

kernel: multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2005-2709 CVE-2005-2973 CVE-2005-3055 CVE-2005-3180 CVE-2005-3271 CVE-2005-3272 CVE-2005-3273 CVE-2005-3274 CVE-2005-3275 CVE-2005-3276
Created:November 22, 2005 Updated:March 15, 2006
Description: Al Viro discovered a race condition in the /proc file handler of network devices. A local attacker could exploit this by opening any file in /proc/sys/net/ipv4/conf/<interface>/ and waiting until that interface was shut down. Under certain circumstances this could lead to a kernel crash or even arbitrary code execution with full kernel privileges. (CVE-2005-2709)

Tetsuo Handa discovered a local Denial of Service vulnerability in the udp_v6_get_port() function. On computers which use IPv6, a local attacker could exploit this to trigger an infinite loop in the kernel. (CVE-2005-2973)

Harald Welte discovered a Denial of Service vulnerability in the USB devio driver. A local attacker could exploit this by sending an "USB Request Block" (URB) and terminating the sending process before the arrival of the answer, which left an invalid pointer and caused a kernel crash. (CVE-2005-3055)

Pavel Roskin discovered an information leak in the Orinoco wireless card driver. When increasing the buffer length for storing data, the buffer was not padded with zeros, which exposed a random part of the system memory to the user. (CVE-2005-3180)

A resource leak has been discovered in the handling of POSIX timers in the exec() function. This could be exploited to a Denial of Service attack by a group of local users. (CVE-2005-3271)

Stephen Hemminger discovered a weakness in the network bridge driver. Packets which had already been dropped by the packet filter could poison the forwarding table, which could be exploited to make the bridge forward spoofed packages. (CVE-2005-3272)

David S. Miller discovered a buffer overflow in the rose_rt_ioctl() function. By calling the function with a large "ngidis" argument, a local attacker could cause a kernel crash. (CVE-2005-3273)

Neil Horman discovered a race condition in the connection timer handling. This allowed a local attacker to set up an expiration handler which modified the connection list while the list still being traversed, which could result in a kernel crash. This vulnerability only affects multiprocessor (SMP) systems. (CVE-2005-3274)

Patrick McHardy noticed a logic error in the network address translation (NAT) connection tracker. A remote attacker could exploit this by causing two packets for the same protocol to be NATed at the same time, which resulted in a kernel crash. (CVE-2005-3275)

Paolo Giarrusso discovered an information leak in the sys_get_thread_area(). The returned structure was not properly cleared, which exposed a small amount of kernel memory to userspace programs. This could possibly expose confidential data. (CVE-2005-3276)

Alerts:
Red Hat RHSA-2006:0144-01 2006-03-15
Red Hat RHSA-2006:0140-01 2006-01-19
Red Hat RHSA-2006:0101-01 2006-01-17
Mandriva MDKSA-2005:235 2005-12-21
Debian DSA-922-1 2005-12-14
Debian DSA-921-1 2005-12-14
SuSE SUSE-SA:2005:068 2005-12-14
SuSE SUSE-SA:2005:067 2005-12-06
Mandriva MDKSA-2005:220 2005-11-30
Mandriva MDKSA-2005:219 2005-11-30
Mandriva MDKSA-2005:218 2005-11-30
Fedora FEDORA-2005-1104 2005-11-28
Trustix TSLSA-2005-0064 2005-11-11
Ubuntu USN-219-1 2005-11-22

Comments (2 posted)

kernel multiple vulnerabilities

Package(s):kernel CVE #(s):CVE-2005-3527 CVE-2005-3783 CVE-2005-3784 CVE-2005-3805 CVE-2005-3806 CVE-2005-3808
Created:January 20, 2006 Updated:April 18, 2006
Description: Here's another set of vulnerabilities in the Linux kernel:
  • A race condition in the 2.6 kernel could allow a local user to cause a DoS by triggering a core dump in one thread while another thread has a pending SIGSTOP (CVE-2005-3527).
  • The ptrace functionality in 2.6 kernels prior to 2.6.14.2, using CLONE_THREAD, does not use the thread group ID to check whether it is attaching to itself, which could allow local users to cause a DoS (CVE-2005-3783).
  • The auto-reap child process in 2.6 kernels prior to 2.6.15 include processes with ptrace attached, which leads to a dangling ptrace reference and allows local users to cause a crash (CVE-2005-3784).
  • A locking problem in the POSIX timer cleanup handling on exit on kernels 2.6.10 to 2.6.14 when running on SMP systems, allows a local user to cause a deadlock involving process CPU timers (CVE-2005-3805).
  • The IPv6 flowlabel handling code in 2.4 and 2.6 kernels prior to 2.4.32 and 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a crash by triggering a free of non-allocated memory (CVE-2005-3806).
  • An integer overflow in 2.6.14 and earlier could allow a local user to cause a hang via 64-bit mmap calls that are not properly handled on a 32-bit system (CVE-2005-3808).
Alerts:
Mandriva MDKSA-2006:072 2006-04-17
Debian DSA-1018-2 2006-04-05
Debian DSA-1018-1 2006-03-26
Debian DSA-1017-1 2006-03-23
Fedora-Legacy FLSA:157459-2 2006-03-16
Fedora-Legacy FLSA:157459-1 2006-03-16
Fedora-Legacy FLSA:157459-4 2006-03-16
Fedora-Legacy FLSA:157459-3 2006-03-16
SuSE SUSE-SA:2006:012 2006-02-27
Mandriva MDKSA-2006:044 2006-02-21
Red Hat RHSA-2006:0191-01 2006-02-01
Mandriva MDKSA-2006:018 2006-01-20

Comments (none posted)

xpdf heap based buffer overflow

Package(s):kpdf xpdf kdegraphics poppler CVE #(s):CVE-2006-0301
Created:February 3, 2006 Updated:March 17, 2006
Description: Another heap based buffer overflow has been found in xpdf and other programs that share the same code. This one is in Splash.cc and it can cause crashes and possibly arbitrary code execution.
Alerts:
Fedora-Legacy FLSA:175404 2006-03-16
Mandriva MDKSA-2006:054 2006-03-08
Gentoo 200602-12 2006-02-21
Debian DSA-979-1 2006-02-17
Ubuntu USN-249-1 2006-02-13
Slackware SSA:2006-045-04 2006-02-15
Slackware SSA:2006-045-09 2006-02-15
Debian DSA-974-1 2006-02-15
Debian DSA-972-1 2006-02-15
Debian DSA-971-1 2006-02-14
Red Hat RHSA-2006:0206-01 2006-02-13
Red Hat RHSA-2006:0201-01 2006-02-13
Gentoo 200602-05 2006-02-12
Gentoo 200602-04 2006-02-12
Fedora FEDORA-2006-104 2006-02-10
Fedora FEDORA-2006-103 2006-02-10
Fedora FEDORA-2006-105 2006-02-10
Mandriva MDKSA-2006:032 2006-02-02
Mandriva MDKSA-2006:031 2006-02-02

Comments (none posted)

libdbi-perl: insecure temporary file

Package(s):libdbi-perl CVE #(s):CAN-2005-0077
Created:January 25, 2005 Updated:March 2, 2006
Description: Javier Fernández-Sanguino Peña from the Debian Security Audit Project discovered that the DBI library, the Perl5 database interface, creates a temporary PID file in an insecure manner. This can be exploited by a malicious user to overwrite arbitrary files owned by the person executing the parts of the library.
Alerts:
Fedora-Legacy FLSA:178989 2006-03-01
Gentoo 200501-38:03 2005-01-26
Red Hat RHSA-2005:072-01 2005-02-15
Mandrake MDKSA-2005:030 2005-02-08
Red Hat RHSA-2005:069-01 2005-02-01
Gentoo 200501-38 2005-01-26
Ubuntu USN-70-1 2005-01-25
Debian DSA-658-1 2005-01-25

Comments (none posted)

libgadu: memory alignment bug

Package(s):libgadu CVE #(s):CAN-2005-2370
Created:July 29, 2005 Updated:June 25, 2007
Description: Szymon Zygmunt and Michal Bartoszkiewicz discovered a memory alignment error in libgadu (from ekg, console Gadu Gadu client, an instant messaging program) which is included in gaim, a multi-protocol instant messaging client, as well. This can not be exploited on the x86 architecture but on others, e.g. on Sparc and lead to a bus error, in other words a denial of service.
Alerts:
Debian DSA-813-1 2005-09-15
Red Hat RHSA-2005:627-01 2005-08-09
Debian DSA-769-1 2005-07-29

Comments (none posted)

libgd2: buffer overflows in PNG handling

Package(s):libgd2 CVE #(s):CAN-2004-0990 CAN-2004-0941
Created:October 29, 2004 Updated:June 28, 2006
Description: Several buffer overflows have been discovered in libgd's PNG handling functions.
If an attacker tricked a user into loading a malicious PNG image, they could leverage this into executing arbitrary code in the context of the user opening image. Most importantly, this library is commonly used in PHP. One possible target would be a PHP driven photo website that lets users upload images. Therefore this vulnerability might lead to privilege escalation to a web server's privileges.
Multiple buffer overflows in the gd graphics library (libgd) 2.0.21 and earlier may allow remote attackers to execute arbitrary code via malformed image files that trigger the overflows due to improper calls to the gdMalloc function.
Alerts:
Mandriva MDKSA-2006:114 2006-06-27
Red Hat RHSA-2006:0194-01 2006-02-01
Fedora-Legacy FLSA:152838 2005-07-15
Red Hat RHSA-2004:638-01 2004-12-17
Ubuntu USN-33-1 2004-11-29
Debian DSA-602-1 2004-11-29
Debian DSA-601-1 2004-11-29
Mandrake MDKSA-2004:132 2004-11-15
Ubuntu USN-25-1 2004-11-15
Fedora FEDORA-2004-412 2004-11-11
Fedora FEDORA-2004-411 2004-11-11
Ubuntu USN-21-1 2004-11-09
Debian DSA-591-1 2004-11-09
Debian DSA-589-1 2004-11-09
Gentoo 200411-08 2004-11-03
OpenPKG OpenPKG-SA-2004.049 2004-10-30
Ubuntu USN-11-1 2004-10-28

Comments (none posted)

libmail-audit-perl: insecure temporary file creation

Package(s):libmail-audit-perl CVE #(s):CVE-2005-4536
Created:January 31, 2006 Updated:March 20, 2006
Description: Niko Tyni discovered that the Mail::Audit module, a Perl library for creating simple mail filters, logs to a temporary file with a predictable filename in an insecure fashion when logging is turned on.
Alerts:
Debian DSA-960-3 2006-03-20
Debian DSA-960-2 2006-01-31
Debian DSA-960-1 2006-01-31

Comments (none posted)

libpam-ldap: authentication bypass

Package(s):libpam-ldap CVE #(s):CAN-2005-2641
Created:August 25, 2005 Updated:October 6, 2006
Description: libpam-ldap, the PAM LDAP interface, has a vulnerability in which it fails to authenticate with an LDAP server which is not configured properly, allowing an authentication bypass.
Alerts:
rPath rPSA-2006-0183-1 2006-10-05
Mandriva MDKSA-2005:190 2005-10-20
Gentoo 200508-22 2005-08-31
Debian DSA-785-1 2005-08-25

Comments (none posted)

libpng: heap based buffer overflow

Package(s):libpng CVE #(s):CVE-2006-0481
Created:February 13, 2006 Updated:December 15, 2008
Description: A heap based buffer overflow bug was found in the way libpng strips alpha channels from a PNG image. An attacker could create a carefully crafted PNG image file in such a way that it could cause an application linked with libpng to crash or execute arbitrary code when the file is opened by a victim.
Alerts:
Gentoo 200812-15 2008-12-14
Red Hat RHSA-2006:0205-01 2006-02-13

Comments (1 posted)

libungif: memory corruption

Package(s):libungif CVE #(s):CAN-2005-2974
Created:November 3, 2005 Updated:March 20, 2006
Description: The libungif library has a vulnerability in the GIF file colormap handling code. A maliciously crafted GIF file can cause out of bounds memory writing and register corruption.
Alerts:
Fedora-Legacy FLSA:174479 2006-03-16
SuSE SUSE-SR:2005:026 2005-11-11
Mandriva MDKSA-2005:207 2005-11-09
Debian DSA-890-1 2005-11-09
Ubuntu USN-214-1 2005-11-07
Gentoo 200511-03 2005-11-04
Red Hat RHSA-2005:828-01 2005-11-03
Fedora FEDORA-2005-1046 2005-11-03
Fedora FEDORA-2005-1045 2005-11-03

Comments (none posted)

libxml2 - arbitrary code execution

Package(s):libxml2 CVE #(s):CAN-2004-0110
Created:February 26, 2004 Updated:August 19, 2009
Description: Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6. When fetching a remote resource via FTP or HTTP, libxml2 uses special parsing routines. These routines can overflow a buffer if passed a very long URL. If an attacker is able to find an application using libxml2 that parses remote resources and allows them to influence the URL, then this flaw could be used to execute arbitrary code.
Alerts:
Fedora FEDORA-2009-8594 2009-08-15
Fedora FEDORA-2009-8582 2009-08-15
Fedora-Legacy FLSA:1324 2004-07-19
Conectiva CLA-2004:836 2004-03-31
Gentoo 200403-01 2004-03-06
Trustix TSLSA-2004-0010 2004-03-05
OpenPKG OpenPKG-SA-2004.003 2004-03-05
Netwosix NW-2004-0004 2004-03-04
Debian DSA-455-1 2004-03-03
Mandrake MDKSA-2004:018 2004-03-03
Red Hat RHSA-2004:091-02 2004-03-03
Whitebox WBSA-2004:090-01 2004-03-01
Red Hat RHSA-2004:090-01 2004-02-26
Fedora FEDORA-2004-087 2004-02-25
Red Hat RHSA-2004:091-01 2004-02-26

Comments (none posted)

libxml2: multiple buffer overflows

Package(s):libxml2 CVE #(s):CAN-2004-0989
Created:October 28, 2004 Updated:August 19, 2009
Description: libxml2 prior to version 2.6.14 has multiple buffer overflow vulnerabilities, if a local user passes a specially crafted FTP URL, arbitrary code may be executed.
Alerts:
Fedora FEDORA-2009-8594 2009-08-15
Fedora FEDORA-2009-8582 2009-08-15
Ubuntu USN-89-1 2005-02-28
Red Hat RHSA-2004:650-01 2004-12-16
Conectiva CLA-2004:890 2004-11-18
Red Hat RHSA-2004:615-01 2004-11-12
Mandrake MDKSA-2004:127 2004-11-04
Debian DSA-582-1 2004-11-02
Gentoo 200411-05 2004-11-02
Trustix TSLSA-2004-0055 2004-10-29
OpenPKG OpenPKG-SA-2004.050 2004-10-31
Ubuntu USN-10-1 2004-10-28
Fedora FEDORA-2004-353 2004-10-28

Comments (none posted)

libXpm: new buffer overflows

Package(s):libXpm CVE #(s):CAN-2005-0605
Created:March 4, 2005 Updated:March 8, 2006
Description: A new vulnerability has been discovered in libXpm, which is included in OpenMotif and LessTif, that can potentially lead to remote code execution.
Alerts:
Fedora-Legacy FLSA:168264 2006-03-07
Fedora-Legacy FLSA:152803 2006-01-09
Fedora FEDORA-2005-815 2005-08-26
Fedora FEDORA-2005-808 2005-08-25
Red Hat RHSA-2005:198-01 2005-06-08
Red Hat RHSA-2005:473-01 2005-05-24
Red Hat RHSA-2005:412-01 2005-05-11
Debian DSA-723-1 2005-05-09
Mandriva MDKSA-2005:081 2005-05-05
Mandriva MDKSA-2005:080 2005-04-28
Red Hat RHSA-2005:044-01 2005-04-06
Red Hat RHSA-2005:331-01 2005-03-30
Fedora FEDORA-2005-273 2005-03-29
Fedora FEDORA-2005-272 2005-03-29
Ubuntu USN-97-1 2005-03-16
Gentoo 200503-15 2005-03-12
Ubuntu USN-92-1 2005-03-07
Gentoo 200503-08 2005-03-04

Comments (none posted)

lynx: arbitrary command execution

Package(s):lynx CVE #(s):CVE-2005-2929
Created:November 14, 2005 Updated:September 14, 2009
Description: An arbitrary command execute bug was found in the lynx "lynxcgi:" URI handler. An attacker could create a web page redirecting to a malicious URL which could execute arbitrary code as the user running lynx.
Alerts:
Gentoo 200909-15 2009-09-12
Fedora-Legacy FLSA:152832 2005-12-17
OpenPKG OpenPKG-SA-2005.026 2005-12-03
Fedora FEDORA-2005-1079 2005-11-14
Fedora FEDORA-2005-1078 2005-11-14
Gentoo 200511-09 2005-11-13
Mandriva MDKSA-2005:211 2005-11-12
Red Hat RHSA-2005:839-01 2005-11-11

Comments (none posted)

mailman: denial of service

Package(s):mailman CVE #(s):CVE-2005-3573
Created:December 2, 2005 Updated:March 8, 2006
Description: Scrubber.py in Mailman 2.1.4 - 2.1.6 does not properly handle UTF8 character encodings in filenames of e-mail attachments, which allows remote attackers to cause a denial of service.
Alerts:
Red Hat RHSA-2006:0204-01 2006-03-07
Debian DSA-955-1 2006-01-25
Ubuntu USN-242-1 2006-01-16
Mandriva MDKSA-2005:222 2005-12-02

Comments (none posted)

metamail: buffer overflow

Package(s):metamail CVE #(s):CVE-2006-0709
Created:February 21, 2006 Updated:March 17, 2006
Description: A buffer overflow bug was found in the way Metamail processes certain mail messages. An attacker could create a carefully-crafted message such that when it is opened by a victim and parsed through Metamail, it runs arbitrary code as the victim.
Alerts:
Gentoo 200603-16 2006-03-17
Debian DSA-995-1 2006-03-13
Mandriva MDKSA-2006:047 2006-02-22
Red Hat RHSA-2006:0217-01 2006-02-21

Comments (none posted)

mod_python: remote access vulnerability

Package(s):mod_python CVE #(s):CAN-2005-0088
Created:February 10, 2005 Updated:April 10, 2006
Description: mod_python has a vulnerability in the publisher handler that may allow a remote user to use a specially crafted URL to allow access to objects that should be protected. An information leak can result.
Alerts:
Fedora-Legacy FLSA:152896 2006-04-04
Conectiva CLA-2005:926 2005-03-02
Debian DSA-689-1 2005-02-23
Red Hat RHSA-2005:100-01 2005-02-15
Gentoo 200502-14 2005-02-13
Trustix TSLSA-2005-0003 2005-02-11
Ubuntu USN-80-1 2005-02-11
Red Hat RHSA-2005:104-01 2005-02-10
Fedora FEDORA-2005-140 2005-02-10
Fedora FEDORA-2005-139 2005-02-10

Comments (none posted)

mozilla: multiple vulnerabilities

Package(s):mozilla CVE #(s):CVE-2005-4134 CVE-2006-0292 CVE-2006-0296
Created:February 2, 2006 Updated:May 4, 2006
Description: Mozilla has three new vulnerabilities. The Javascript interpreter has a problem with dereferencing objects. A user can visit a specially crafted web page which can crash the browser or cause it to execute arbitrary code.

The XULDocument.persist() function has a bug that can be triggered by viewing specially crafted web sites, RDF data can be injected into the localstore.rdf file, allowing arbitrary javascript code to be executed.

The Mozilla history saving mechanism is vulnerable to a denial of service attack, visiting sites with extra-long titles can cause a crash or very slow startup the next time the browser is run.

Alerts:
Ubuntu USN-275-1 2006-04-27
Debian DSA-1046-1 2006-04-27
Fedora-Legacy FLSA:180036 2006-02-23
Mandriva MDKSA-2006:037 2006-02-07
Mandriva MDKSA-2006:036 2006-02-07
Fedora FEDORA-2006-076 2006-02-02
Fedora FEDORA-2006-075 2006-02-02
Red Hat RHSA-2006:0200-01 2006-02-02
Red Hat RHSA-2006:0199-01 2006-02-02

Comments (none posted)

nbd: arbitrary code execution

Package(s):nbd CVE #(s):CVE-2005-3534
Created:January 6, 2006 Updated:March 7, 2011
Description: Kurt Fitzner discovered that the NBD (network block device) server did not correctly verify the maximum size of request packets. By sending specially crafted large request packets, a remote attacker who is allowed to access the server could exploit this to execute arbitrary code with root privileges.
Alerts:
SuSE SUSE-SR:2006:001 2006-01-13
Ubuntu USN-237-1 2006-01-06

Comments (none posted)

ncpfs: multiple vulnerabilities

Package(s):ncpfs CVE #(s):CAN-2005-0013 CAN-2005-0014
Created:January 31, 2005 Updated:May 15, 2006
Description: Erik Sjolund discovered two vulnerabilities in the programs bundled with ncpfs: there is a potentially exploitable buffer overflow in ncplogin (CAN-2005-0014), and due to a flaw in nwclient.c, utilities using the NetWare client functions insecurely access files with elevated privileges (CAN-2005-0013).
Alerts:
Fedora-Legacy FLSA:152904 2006-05-12
Fedora FEDORA-2005-435 2005-08-16
Red Hat RHSA-2005:371-01 2005-05-17
Mandrake MDKSA-2005:028 2005-02-01
Gentoo 200501-44 2005-01-30

Comments (none posted)

ntp: uses wrong gid

Package(s):ntp CVE #(s):CAN-2005-2496
Created:August 26, 2005 Updated:August 11, 2006
Description: When starting xntpd with the -u option and specifying the group by using a string not a numeric gid the daemon uses the gid of the user not the group. This problem is now fixed by this update.
Alerts:
Red Hat RHSA-2006:0393-01 2006-08-10
Mandriva MDKSA-2005:156 2005-09-06
Debian DSA-801-1 2005-09-05
Ubuntu USN-175-1 2005-09-01
Fedora FEDORA-2005-812 2005-08-26

Comments (none posted)

openmotif: buffer overflows

Package(s):openmotif CVE #(s):CVE-2005-3964
Created:December 29, 2005 Updated:July 27, 2006
Description: The libUil component of the OpenMotif toolkit has a pair of buffer overflow vulnerabilities that can possibly be used for the execution of arbitrary code.
Alerts:
Fedora FEDORA-2006-854 2006-07-26
Red Hat RHSA-2006:0272-01 2006-04-04
Gentoo 200512-16 2005-12-28

Comments (none posted)

OpenSSH: double shell expansion

Package(s):openssh CVE #(s):CVE-2006-0225
Created:January 23, 2006 Updated:July 20, 2006
Description: OpenSSH has a double shell expansion vulnerability in local to local and remote to remote copy with scp.
Alerts:
Red Hat RHSA-2006:0298-01 2006-07-20
Red Hat RHSA-2006:0044-01 2006-03-07
Ubuntu USN-255-1 2006-02-21
Gentoo 200602-11 2006-02-20
Fedora-Legacy FLSA:168935 2006-02-18
OpenPKG OpenPKG-SA-2006.003 2006-02-18
Slackware SSA:2006-045-06 2006-02-15
SuSE SUSE-SA:2006:008 2006-02-14
Mandriva MDKSA-2006:034 2006-02-06
Fedora FEDORA-2006-056 2006-01-23

Comments (none posted)

pcre3: arbitrary code execution

Package(s):pcre3 CVE #(s):CAN-2005-2491
Created:August 23, 2005 Updated:March 10, 2006
Description: A buffer overflow has been discovered in the PCRE, a widely used library that provides Perl compatible regular expressions. Specially crafted regular expressions triggered a buffer overflow. On systems that accept arbitrary regular expressions from untrusted users, this could be exploited to execute arbitrary code with the privileges of the application using the library.
Alerts:
Red Hat RHSA-2006:0197-01 2006-03-09
Fedora-Legacy FLSA:168516 2006-03-07
Debian DSA-821-1 2005-09-28
Debian DSA-819-1 2005-09-23
Debian DSA-817-1 2005-09-22
Gentoo 200509-08 2005-09-12
Red Hat RHSA-2005:358-01 2005-09-08
Red Hat RHSA-2005:761-02 2005-09-08
Trustix TSLSA-2005-0045 2005-08-26
OpenPKG OpenPKG-SA-2005.018 2005-09-05
SuSE SUSE-SA:2005:051 2005-09-05
Gentoo 200509-02 2005-09-03
Debian DSA-800-1 2005-09-02
Ubuntu USN-173-4 2005-08-31
Slackware SSA:2005-242-01 2005-08-31
SuSE SUSE-SA:2005:049 2005-08-30
SuSE SUSE-SA:2005:048 2005-08-30
Ubuntu USN-173-3 2005-08-30
Mandriva MDKSA-2005:155 2005-08-29
Mandriva MDKSA-2005:154 2005-08-26
Mandriva MDKSA-2005:153 2005-08-26
Mandriva MDKSA-2005:151 2005-08-25
Mandriva MDKSA-2005:152 2005-08-25
Gentoo 200508-17 2005-08-25
Ubuntu USN-173-2 2005-08-24
Fedora FEDORA-2005-803 2005-08-24
Fedora FEDORA-2005-802 2005-08-24
Ubuntu USN-173-1 2005-08-23

Comments (none posted)

perl: setuid vulnerabilities

Package(s):perl CVE #(s):CAN-2005-0155 CAN-2005-0156
Created:February 2, 2005 Updated:August 11, 2006
Description: There are two vulnerabilities with perl when it is used in a setuid mode. The PERLIO_DEBUG environment variable can be used to overwrite arbitrary files; there is also an associated buffer overflow which can be exploited to gain root access.
Alerts:
Red Hat RHSA-2006:0605-01 2006-08-10
Fedora FEDORA-2005-353 2005-05-02
Red Hat RHSA-2005:103-01 2005-02-15
Gentoo 200502-13 2005-02-11
SuSE SUSE-SR:2005:004 2005-02-11
Mandrake MDKSA-2005:031 2005-02-08
Red Hat RHSA-2005:105-01 2005-02-07
Ubuntu USN-72-1 2005-02-02

Comments (none posted)

PHP: safe_mode bypass

Package(s):php CVE #(s):CVE-2005-3391
Created:February 8, 2006 Updated:March 10, 2006
Description: A vulnerability in the PHP GD extension (prior to version 4.4.1) can enable a remote attacker to bypass safe_mode restrictions.
Alerts:
Mandriva MDKSA-2006:035-1 2006-03-09
Slackware SSA:2006-045-07 2006-02-15
Mandriva MDKSA-2006:035 2006-02-07

Comments (none posted)

php: multiple vulnerabilities

Package(s):php CVE #(s):CVE-2006-0207 CVE-2006-0208
Created:February 2, 2006 Updated:March 23, 2006
Description: PHP has a response splitting vulnerability, remote attackers can inject arbitrary HTTP headers via an unknown method, possibly using a Set-Cookie header. Also, a number of cross-site scripting vulnerabilities can be used by remote attackers to inject arbitrary web scripts or html pages.
Alerts:
Gentoo 200603-22 2006-03-22
Ubuntu USN-261-1 2006-03-10
Mandriva MDKSA-2006:028 2006-02-01

Comments (none posted)

phpbb2: multiple vulnerabilities

Package(s):phpbb2 CVE #(s):CVE-2005-3310 CVE-2005-3415 CVE-2005-3416 CVE-2005-3417 CVE-2005-3418 CVE-2005-3419 CVE-2005-3420 CVE-2005-3536 CVE-2005-3537
Created:December 22, 2005 Updated:February 11, 2008
Description: The phpbb2 web forum has a number of vulnerabilities including: a web script injection problem, a protection mechanism bypass, a security check bypass, a remote global variable bypass, cross site scripting vulnerabilities, an SQL injection vulnerability, a remote regular expression modification problem, missing input sanitizing, and a missing request validation problem.
Alerts:
Debian DSA-925-1 2005-12-22

Comments (none posted)

phpMyAdmin: multiple vulnerabilities

Package(s):phpmyadmin CVE #(s):CVE-2005-4079 CVE-2005-3665
Created:December 12, 2005 Updated:November 20, 2006
Description: Stefan Esser reported multiple vulnerabilities found in phpMyAdmin. The $GLOBALS variable allows modifying the global variable import_blacklist to open phpMyAdmin to local and remote file inclusion, depending on your PHP version (CVE-2005-4079, PMASA-2005-9). Furthermore, it is also possible to conduct an XSS attack via the $HTTP_HOST variable and a local and remote file inclusion because the contents of the variable are under total control of the attacker (CVE-2005-3665, PMASA-2005-8).
Alerts:
Debian DSA-1207-2 2006-11-19
Debian DSA-1207-1 2006-11-09
SuSE SUSE-SA:2006:004 2006-01-26
Gentoo 200512-03 2005-12-11

Comments (none posted)

postgresql: improper validation with Asserts enabled

Package(s):postgresql CVE #(s):CVE-2006-0678
Created:February 27, 2006 Updated:February 28, 2006
Description: PostgreSQL 7.3.x before 7.3.14, 7.4.x before 7.4.12, 8.0.x before 8.0.7, and 8.1.x before 8.1.3, when compiled with Asserts enabled, allows local users to cause a denial of service (server crash) via a crafted SET SESSION AUTHORIZATION command, a different vulnerability than CVE-2006-0553.
Alerts:
Ubuntu USN-258-1 2006-02-27

Comments (none posted)

pound: HTTP Request Smuggling Attack

Package(s):pound CVE #(s):CVE-2005-3751
Created:January 10, 2006 Updated:June 8, 2006
Description: HTTP requests with conflicting Content-Length and Transfer-Encoding headers could lead to HTTP Request Smuggling Attack, which can be exploited to bypass packet filters or poison web caches.
Alerts:
Gentoo 200606-05 2006-06-07
Debian DSA-934-1 2006-01-09

Comments (none posted)

pstotext: remote execution of arbitrary code

Package(s):pstotext netpbm CVE #(s):CAN-2005-2471
Created:August 1, 2005 Updated:March 28, 2006
Description: Max Vozeler reported that pstotext calls the GhostScript interpreter on untrusted PostScript files without specifying the -dSAFER option. An attacker could craft a malicious PostScript file and entice a user to run pstotext on it, resulting in the execution of arbitrary commands with the permissions of the user running pstotext. See this Secunia advisory for more information.
Alerts:
Debian DSA-1021-1 2006-03-28
Debian DSA-792-1 2005-08-31
Red Hat RHSA-2005:743-01 2005-08-22
Fedora FEDORA-2005-728 2005-08-17
Fedora FEDORA-2005-727 2005-08-17
Ubuntu USN-164-1 2005-08-11
Mandriva MDKSA-2005:133 2005-08-09
Gentoo 200508-04 2005-08-05
Gentoo 200507-29 2005-07-31

Comments (2 posted)

Py2Play: remote execution of arbitrary Python code

Package(s):Py2Play CVE #(s):CAN-2005-2875
Created:September 19, 2005 Updated:September 6, 2006
Description: Py2Play uses Python pickles to send objects over a peer-to-peer game network, that clients accept without restriction the objects and code sent by peers. A remote attacker participating in a Py2Play-powered game can send malicious Python pickles, resulting in the execution of arbitrary Python code on the targeted game client.
Alerts:
Gentoo 200509-09:02 2005-09-17
Debian DSA-856-1 2005-10-10
Gentoo 200509-09 2005-09-17

Comments (none posted)

scorched3d: multiple vulnerabilities

Package(s):scorched3d CVE #(s):
Created:November 15, 2005 Updated:August 11, 2006
Description: Luigi Auriemma discovered multiple flaws in the Scorched 3D game server, including a format string vulnerability and several buffer overflows. A remote attacker could exploit these vulnerabilities to crash a game server or execute arbitrary code with the rights of the game server user.
Alerts:
Gentoo 200511-12:03 2005-11-15
Gentoo 200511-12 2005-11-15

Comments (none posted)

spamassassin: denial of service

Package(s):spamassassin CVE #(s):CVE-2005-3351
Created:November 9, 2005 Updated:March 7, 2006
Description: Spamassassin through version 3.0.4 can be made to dump core if a message arrives with too many addresses in the To: field.
Alerts:
Red Hat RHSA-2006:0129-01 2006-03-07
Mandriva MDKSA-2005:221 2005-12-02
Fedora FEDORA-2005-1066 2005-11-09
Fedora FEDORA-2005-1065 2005-11-09

Comments (none posted)

squid: authentication handling

Package(s):squid CVE #(s):CAN-2005-2917
Created:September 30, 2005 Updated:March 15, 2006
Description: Upstream developers of squid, the popular WWW proxy cache, have discovered that changes in the authentication scheme are not handled properly when given certain request sequences while NTLM authentication is in place, which may cause the daemon to restart.
Alerts:
Red Hat RHSA-2006:0045-01 2006-03-15
Red Hat RHSA-2006:0052-01 2006-03-07
Fedora-Legacy FLSA:152809 2006-02-18
Mandriva MDKSA-2005:181 2005-10-11
Ubuntu USN-192-1 2005-09-30
Debian DSA-828-1 2005-09-30

Comments (none posted)

squirrelmail: multiple vulnerabilities

Package(s):squirrelmail CVE #(s):CVE-2006-0188 CVE-2006-0195 CVE-2006-0377
Created:February 28, 2006 Updated:June 8, 2006
Description: Webmail.php in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary web pages into the right frame via a URL in the right_frame parameter. NOTE: this has been called a cross-site scripting (XSS) issue, but it is different than what is normally identified as XSS. (CVE-2006-0188)

Interpretation conflict in the MagicHTML filter in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to conduct cross-site scripting (XSS) attacks via style sheet specifiers with invalid (1) "/*" and "*/" comments, or (2) a newline in a "url" specifier, which is processed by certain web browsers including Internet Explorer. (CVE-2006-0195)

CRLF injection vulnerability in SquirrelMail 1.4.0 to 1.4.5 allows remote attackers to inject arbitrary IMAP commands via newline characters in the mailbox parameter of the sqimap_mailbox_select command, aka "IMAP injection." (CVE-2006-0377)

Alerts:
Fedora-Legacy FLSA:190884 2006-06-06
Red Hat RHSA-2006:0283-01 2006-05-03
Gentoo 200603-09 2006-03-12
Debian DSA-988-1 2006-03-08
Fedora FEDORA-2006-133 2006-03-03
Mandriva MDKSA-2006:049 2006-02-27

Comments (none posted)

struts: cross-site scripting vulnerability

Package(s):struts CVE #(s):CVE-2005-3745
Created:January 12, 2006 Updated:March 8, 2006
Description: The Struts error display system has a cross-site scripting vulnerability. An attacker may be able to maliciously craft a URL that can trick a user into thinking they are looking at a trusted site when they are not.
Alerts:
Red Hat RHSA-2006:0161-01 2006-03-07
Red Hat RHSA-2006:0157-01 2006-01-11

Comments (none posted)

sudo: vulnerability via scripts

Package(s):sudo CVE #(s):CAN-2005-4158 CVE-2006-0151
Created:December 16, 2005 Updated:September 1, 2006
Description: Perl and Python scripts run via Sudo can be subverted.
Alerts:
Mandriva MDKSA-2006:159 2006-08-31
Debian DSA-946-2 2006-04-08
Slackware SSA:2006-045-08 2006-02-15
SuSE SUSE-SR:2006:002 2006-01-20
Debian DSA-946-1 2006-01-20
Ubuntu USN-235-2 2006-01-09
Ubuntu USN-235-1 2006-01-05
Mandriva MDKSA-2005:234 2005-12-20
Fedora FEDORA-2005-1147 2005-12-16

Comments (none posted)

tar: buffer overflow

Package(s):tar CVE #(s):CVE-2006-0300
Created:February 22, 2006 Updated:April 10, 2006
Description: A buffer overflow (exploitable via a carefully-crafted archive file) has been discovered in GNU tar, versions 1.14 and above.
Alerts:
Fedora-Legacy FLSA:183571-2 2006-04-04
Gentoo 200603-06 2006-03-10
Debian DSA-987-1 2006-03-07
OpenPKG OpenPKG-SA-2006.006 2006-03-05
Red Hat RHSA-2006:0232-01 2006-03-01
Trustix TSLSA-2006-0010 2006-02-24
Ubuntu USN-257-1 2006-02-23
Mandriva MDKSA-2006:046 2006-02-21

Comments (none posted)

File overwrite vulnerability in tar and unzip

Package(s):tar unzip CVE #(s):CAN-2001-1267 CAN-2001-1268 CAN-2001-1269 CAN-2002-0399
Created:October 1, 2002 Updated:April 10, 2006
Description: The tar utility does not properly filter file names containing "../", meaning that a hostile archive can, if unpacked by an unsuspecting user, overwrite any file that is writable by that user. GNU tar versions 1.13.19 and earlier are vulnerable; unzip through version 5.42 has the same vulnerability.
Alerts:
Fedora-Legacy FLSA:183571-1 2006-04-04
Red Hat RHSA-2006:0195-01 2006-02-21
Conectiva CLA-2002:538 2002-10-29
Mandrake MDKSA-2002:066 2002-10-10
Mandrake MDKSA-2002:065 2002-10-10
EnGarde ESA-20021003-022 2002-10-03
Gentoo unzip-20021001 2002-10-01
Gentoo tar-20021001 2002-10-01
Red Hat RHSA-2002:096-24 2002-09-18

Comments (1 posted)

tcpdump: multiple DoS issues

Package(s):tcpdump CVE #(s):CAN-2005-1280 CAN-2005-1279 CAN-2005-1278
Created:May 2, 2005 Updated:April 10, 2006
Description: The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. (CAN-2005-1280)

tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted BGP packet, which is not properly handled by RT_ROUTING_INFO, or LDP packet, which is not properly handled by the ldp_print function. (CAN-2005-1279)

The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet. (CAN-2005-1278)

Alerts:
Fedora-Legacy FLSA:156139 2006-04-04
Debian DSA-850-1 2005-10-09
Mandriva MDKSA-2005:087 2005-05-11
Red Hat RHSA-2005:417-02 2005-05-11
Red Hat RHSA-2005:421-02 2005-05-11
Gentoo 200505-06 2005-05-09
Ubuntu USN-119-1 2005-05-06
Fedora FEDORA-2005-351 2005-05-02

Comments (none posted)

tetex: integer overflows

Package(s):tetex CVE #(s):CVE-2005-3191 CVE-2005-3192 CVE-2005-3193 CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627 CVE-2005-3628
Created:January 19, 2006 Updated:May 23, 2006
Description: The teTeX PDF parsing library has an integer overflow vulnerability. A carefully crafted PDF file can be used by an attacker to crash teTeX and possibly execute arbitrary code.
Alerts:
Slackware SSA:2006-142-01 2006-05-23
Fedora-Legacy FLSA:152868 2006-05-12
Gentoo 200603-02 2006-03-04
Red Hat RHSA-2006:0160-01 2006-01-19

Comments (none posted)

texinfo: temporary file vulnerability

Package(s):texinfo CVE #(s):CAN-2005-3011
Created:October 5, 2005 Updated:November 9, 2006
Description: Texinfo prior to version 4.8-r1 suffers from a temporary file vulnerability.
Alerts:
Ubuntu USN-194-2 2006-01-09
Fedora FEDORA-2005-991 2005-10-14
Fedora FEDORA-2005-990 2005-10-14
Mandriva MDKSA-2005:175 2005-10-06
Ubuntu USN-194-1 2005-10-06
Gentoo 200510-04 2005-10-05

Comments (none posted)

tin: buffer overflow

Package(s):tin CVE #(s):CVE-2006-0804
Created:February 19, 2006 Updated:November 24, 2006
Description: An allocation off-by-one bug exists in the TIN news reader version 1.8.0 and earlier which can lead to a buffer overflow.
Alerts:
Gentoo 200611-18 2006-11-24
OpenPKG OpenPKG-SA-2006.005 2006-02-19

Comments (none posted)

unzip: long file name buffer overflow

Package(s):unzip CVE #(s):CVE-2005-4667
Created:February 6, 2006 Updated:May 2, 2007
Description: A buffer overflow in UnZip 5.50 and earlier allows local users to execute arbitrary code via a long filename command line argument. NOTE: since the overflow occurs in a non-setuid program, there are not many scenarios under which it poses a vulnerability, unless unzip is passed long arguments when it is invoked from other programs.
Alerts:
Red Hat RHSA-2007:0203-02 2007-05-01
Fedora-Legacy FLSA:180159 2006-04-04
Debian DSA-1012-1 2006-03-21
Mandriva MDKSA-2006:050 2006-02-27
Ubuntu USN-248-2 2006-02-15
Ubuntu USN-248-1 2006-02-13
Fedora FEDORA-2006-098 2006-02-06

Comments (1 posted)

up-imapproxy: format string vulnerabilities

Package(s):up-imapproxy CVE #(s):CAN-2005-2661
Created:October 10, 2005 Updated:March 7, 2006
Description: up-imapproxy contains two format string vulnerabilities which could be exploited to execute arbitrary code.
Alerts:
Gentoo 200603-04 2006-03-06
Debian DSA-852-1 2005-10-09

Comments (none posted)

uw-imap: buffer overflow

Package(s):uw-imap CVE #(s):CAN-2005-2933
Created:October 11, 2005 Updated:April 10, 2006
Description: "infamous41md" discovered a buffer overflow in uw-imap, the University of Washington's IMAP Server that allows attackers to execute arbitrary code.
Alerts:
Fedora-Legacy FLSA:184098 2006-04-04
Fedora-Legacy FLSA:170411 2006-04-04
Fedora FEDORA-2005-1112 2005-12-08
Fedora FEDORA-2005-1115 2005-12-08
Red Hat RHSA-2005:850-01 2005-12-06
Red Hat RHSA-2005:848-01 2005-12-06
Mandriva MDKSA-2005:194 2005-10-26
Trustix TSLSA-2005-0055 2005-10-07
Mandriva MDKSA-2005:189 2005-10-20
SuSE SUSE-SR:2005:023 2005-10-14
Gentoo 200510-10 2005-10-11
Debian DSA-861-1 2005-10-11

Comments (none posted)

vixie-cron: crontab allows any user to read another users crontabs

Package(s):vixie-cron CVE #(s):CAN-2005-1038
Created:April 15, 2005 Updated:March 15, 2006
Description: crontab in Vixie cron 4.1, when running with the -e option, allows local users to read the cron files of other users by changing the file being edited to a symlink. NOTE: there is insufficient information to know whether this is a duplicate of CVE-2001-0235. See also this Security Focus report.
Alerts:
Red Hat RHSA-2006:0117-01 2006-03-15
Red Hat RHSA-2005:361-01 2005-10-05
Fedora FEDORA-2005-320 2005-04-15

Comments (none posted)

w3c-libwww: possible stack overflow

Package(s):w3c-libwww CVE #(s):CVE-2005-3183
Created:October 14, 2005 Updated:May 2, 2007
Description: xtensive testing of libwww's handling of multipart/byteranges content from HTTP/1.1 servers revealed multiple logical flaws and bugs in Library/src/HTBound.c
Alerts:
Red Hat RHSA-2007:0208-02 2007-05-01
Ubuntu USN-220-1 2005-12-01
Mandriva MDKSA-2005:210 2005-11-09
Fedora FEDORA-2005-953 2005-10-07
Fedora FEDORA-2005-952 2005-10-07

Comments (1 posted)

xine-lib: buffer overflows

Package(s):xine-lib CVE #(s):CAN-2004-1379
Created:September 22, 2004 Updated:April 10, 2006
Description: xine-lib (through version 1_rc6) contains buffer overflows in the subtitle parsing and DVD sub-picture decoder code.
Alerts:
Fedora-Legacy FLSA:152873 2006-04-04
Debian DSA-657-1 2005-01-25
Mandrake MDKSA-2004:105 2004-10-06
Slackware SSA:2004-266-04 2004-09-22
Gentoo 200409-30 2004-09-22

Comments (none posted)

xine-ui - insecure temporary file creation

Package(s):xine-ui CVE #(s):CAN-2004-0372
Created:April 6, 2004 Updated:April 27, 2006
Description: Shaun Colley discovered a problem in xine-ui, the xine video player user interface. A script contained in the package to possibly remedy a problem or report a bug does not create temporary files in a secure fashion. This could allow a local attacker to overwrite files with the privileges of the user invoking xine.
Alerts:
Gentoo 200404-20 2004-04-27
Slackware SSA:2004-111-01 2004-04-20
Mandrake MDKSA-2004:033 2004-04-19
Debian DSA-477-1 2004-04-06

Comments (none posted)

xloadimage: buffer overflows

Package(s):xloadimage CVE #(s):CAN-2005-3178
Created:October 10, 2005 Updated:May 15, 2006
Description: Three buffer overflows were discovered in xloadimage when handling the image title name. A malicious user can construct a NIFF file that when viewed and processed (with either zoom, reduce or rotate) by xloadimage, will cause the program to overwrite the return address and execute arbitrary code.
Alerts:
Fedora-Legacy FLSA:152923 2006-05-12
Gentoo 200510-26 2005-10-30
Mandriva MDKSA-2005:192 2005-10-20
Red Hat RHSA-2005:802-01 2005-10-18
Debian DSA-859-1 2005-10-10
Debian DSA-858-1 2005-10-10
Fedora FEDORA-2005-981 2005-10-10

Comments (none posted)

xorg-x11: heap overflow

Package(s):xorg-x11 CVE #(s):CAN-2005-2495
Created:September 12, 2005 Updated:March 8, 2006
Description: The pixmap memory allocation code in the X.Org X window system is vulnerable to an integer overflow, a local user can use this to execute arbitrary code with elevated privileges.
Alerts:
Fedora-Legacy FLSA:168264-2 2006-03-07
Slackware SSA:2005-269-02 2005-09-26
SuSE SUSE-SA:2005:056 2005-09-26
Debian DSA-816-1 2005-09-19
Fedora FEDORA-2005-894 2005-09-16
Fedora FEDORA-2005-893 2005-09-16
Trustix TSLSA-2005-0049 2005-09-16
Red Hat RHSA-2005:501-01 2005-09-15
Mandriva MDKSA-2005:164 2005-09-13
Red Hat RHSA-2005:396-01 2005-09-13
Red Hat RHSA-2005:329-01 2005-09-12
Ubuntu USN-182-1 2005-09-12
Gentoo 200509-07 2005-09-12

Comments (none posted)

xpdf: buffer overflow

Package(s):xpdf CVE #(s):CAN-2005-0064
Created:January 19, 2005 Updated:March 15, 2007
Description: iDEFENSE has found yet another xpdf buffer overflow; see this advisory for details.
Alerts:
Fedora FEDORA-2007-1219 2007-03-14
Gentoo 200506-06 2005-06-09
Red Hat RHSA-2005:026-01 2005-03-16
Red Hat RHSA-2005:066-01 2005-02-15
Red Hat RHSA-2005:057-01 2005-02-15
Red Hat RHSA-2005:053-01 2005-02-15
Red Hat RHSA-2005:034-01 2005-02-15
Fedora-Legacy FLSA:2353 2005-02-10
Fedora-Legacy FLSA:2352 2005-02-10
Gentoo 200502-10 2005-02-09
Red Hat RHSA-2005:049-01 2005-02-01
SuSE SUSE-SR:2005:002 2005-01-26
Red Hat RHSA-2005:059-01 2005-01-26
Mandrake MDKSA-2005:020 2005-01-25
Mandrake MDKSA-2005:019 2005-01-25
Mandrake MDKSA-2005:016 2005-01-25
Mandrake MDKSA-2005:021 2005-01-25
Mandrake MDKSA-2005:018 2005-01-25
Mandrake MDKSA-2005:017 2005-01-25
Fedora FEDORA-2005-061 2005-01-25
Fedora FEDORA-2005-062 2005-01-25
Fedora FEDORA-2005-059 2005-01-25
Fedora FEDORA-2005-060 2005-01-25
Conectiva CLA-2005:921 2005-01-25
Fedora FEDORA-2004-049 2005-01-24
Fedora FEDORA-2004-048 2005-01-24
Gentoo 200501-32 2005-01-23
Gentoo 200501-31 2005-01-23
Gentoo 200501-30 2005-01-22
Gentoo 200501-28 2005-01-21
Fedora FEDORA-2005-052 2005-01-20
Fedora FEDORA-2005-051 2005-01-20
Ubuntu USN-64-1 2005-01-19
Debian DSA-645-1 2005-01-19
Debian DSA-648-1 2005-01-19

Comments (1 posted)

xpdf: potential vulnerabilities

Package(s):xpdf gpdf CVE #(s):CVE-2006-1244
Created:February 27, 2006 Updated:April 13, 2006
Description: Derek Noonburg has fixed several potential vulnerabilities in xpdf, which are also present in gpdf, the Portable Document Format (PDF) viewer with Gtk bindings.
Alerts:
Ubuntu USN-270-1 2006-04-13
Debian DSA-1019-1 2006-03-24
Debian DSA-998-1 2006-03-14
Debian DSA-984-1 2006-03-02
Debian DSA-983-1 2006-02-28
Debian DSA-982-1 2006-02-27

Comments (none posted)

xpdf: heap overflows

Package(s):xpdf gpdf kpdf poppler CVE #(s):CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627
Created:January 11, 2006 Updated:March 10, 2006
Description: Xpdf, the associated poppler library, and other applications using that library are susceptible to a new set of buffer overflows discovered by Chris Evans and infamous41md. These overflows could be exploited, via a malicious PDF file, to execute arbitrary code on the target system.
Alerts:
Fedora-Legacy FLSA:176751 2006-03-07
Mandriva MDKSA-2006:030 2006-02-02
Debian DSA-962-1 2006-02-01
Debian DSA-961-1 2006-02-01
Gentoo 200601-17 2006-01-30
Debian-Testing DTSA-28-1 2005-01-25
Debian DSA-950-1 2006-01-23
Trustix TSLSA-2006-0002 2006-01-13
Debian DSA-940-1 2006-01-13
Mandriva MDKSA-2006:012 2006-01-12
Fedora FEDORA-2005-028 2006-01-12
Fedora FEDORA-2005-029 2006-01-12
Debian DSA-938-1 2006-01-12
Debian DSA-937-1 2006-01-12
SuSE SUSE-SA:2006:001 2006-01-11
Red Hat RHSA-2006:0177-01 2006-01-11
Red Hat RHSA-2006:0163-01 2006-01-11
Mandriva MDKSA-2006:011 2006-01-10
Mandriva MDKSA-2006:010 2006-01-10
Debian DSA-936-1 2006-01-11

Comments (none posted)

xpdf: denial of service

Package(s):xpdf kpdf CVE #(s):CAN-2005-2097
Created:August 9, 2005 Updated:August 2, 2006
Description: A flaw was discovered in Xpdf in that could allow an attacker to construct a carefully crafted PDF file that would cause Xpdf to consume all available disk space in /tmp when opened.
Alerts:
Debian DSA-1136-1 2006-08-02
Mandriva MDKSA-2005:138-1 2005-09-19
Debian DSA-780-1 2005-08-22
SuSE SUSE-SR:2005:019 2005-08-19
Fedora FEDORA-2005-732 2005-08-17
Fedora FEDORA-2005-733 2005-08-17
Gentoo 200508-08 2005-08-16
Fedora FEDORA-2005-730 2005-08-15
Fedora FEDORA-2005-729 2005-08-15
Mandriva MDKSA-2005:136 2005-08-11
Mandriva MDKSA-2005:135 2005-08-11
Mandriva MDKSA-2005:134 2005-08-11
Mandriva MDKSA-2005:138 2005-08-11
Red Hat RHSA-2005:708-01 2005-08-10
Red Hat RHSA-2005:706-01 2005-08-09
Red Hat RHSA-2005:671-01 2005-08-09
Red Hat RHSA-2005:670-01 2005-08-09
Ubuntu USN-163-1 2005-08-09

Comments (none posted)

xpdf: integer overflows

Package(s):xpdf, poppler, cupsys, tetex-bin CVE #(s):CVE-2005-3624 CVE-2005-3625 CVE-2005-3626 CVE-2005-3627
Created:January 5, 2006 Updated:November 30, 2006
Description: xpdf has a number of integer overflows. A remote attacker can trick a user into opening a maliciously crafted pdf file, allowing the attacker to execute code with the privileges of the local user. This also affects the Poppler library, cupsys and tetex-bin.
Alerts:
Fedora FEDORA-2006-1220 2006-11-30
Debian DSA-932-1 2006-01-09
Debian DSA-931-1 2006-01-09
Ubuntu USN-236-2 2006-01-09
Mandriva MDKSA-2006:008 2006-01-06
Mandriva MDKSA-2006:006 2006-01-05
Mandriva MDKSA-2006:005 2006-01-05
Mandriva MDKSA-2006:004 2006-01-05
Mandriva MDKSA-2006:003 2006-01-05
Ubuntu USN-236-1 2006-01-05

Comments (none posted)

zlib: buffer overflow

Package(s):zlib CVE #(s):CAN-2005-1849
Created:July 21, 2005 Updated:April 11, 2006
Description: zlib has a vulnerability that can cause code that executes it to crash if a corrupted file is opened.
Alerts:
Mandriva MDKSA-2006:070 2006-04-10
Debian DSA-1026-1 2006-04-06
Gentoo 200603-18 2006-03-21
Ubuntu USN-151-4 2005-11-09
Ubuntu USN-151-3 2005-10-28
Fedora-Legacy FLSA:162680 2005-09-14
Debian DSA-797-1 2005-09-01
Gentoo 200508-01 2005-08-01
Gentoo 200507-28 2005-07-30
SuSE SUSE-SA:2005:043 2005-07-28
OpenPKG OpenPKG-SA-2005.014 2005-07-28
Mandriva MDKSA-2005:124 2005-07-22
Slackware SSA:2005-203-03 2005-07-23
Ubuntu USN-151-2 2005-07-22
Fedora FEDORA-2005-626 2005-07-22
Fedora FEDORA-2005-625 2005-07-22
Gentoo 200507-19 2005-07-22
Red Hat RHSA-2005:584-01 2005-07-21
Ubuntu USN-151-1 2005-07-21
Debian DSA-763-1 2005-07-20

Comments (none posted)

Page editor: Jonathan Corbet

Kernel development

Brief items

Kernel release status

The current 2.6 prepatch remains 2.6.16-rc5; no new -rc releases have been made over the last week. A slow trickle of patches continues to find its way into the mainline git repository as bugs are tracked down and fixed.

The current -mm release is 2.6.16-rc5-mm3. Recent changes to -mm include a patch to allow NFS mounts from a common server to share superblocks, CPU hotplug support for the x86-64 architecture, a continuation of the /proc rework, and some device mapper work.

The current stable 2.6 kernel is 2.6.15.6, released on March 5, following shortly after 2.6.15.5. The two updates carry a few dozen patches, a number of which address security-related issues.

Comments (none posted)

Kernel development news

Quote of the week

Users of Suspend2 can rest assured that I will not allow the patches to suffer bitrot. I will be continuing to use them myself, and will therefore have the best of incentives to keep them up-to-date.

Now for the downside: I won't, however, be making any sort of concerted effort at getting them merged into the vanilla kernel after my move, and am not inclined to make a big effort beforehand.

-- Nigel Cunningham

Comments (2 posted)

Double kfree() errors

Less than 24 hours after Coverity announced the availability of a new set of machine-detected potential kernel bugs, Dave Jones started posting fixes. Judging from these fixes, a number of the problems detected this time around are double-free errors - passing the same pointer to kfree() twice. Freeing memory twice is a sure way to corrupt core kernel data structures, leading to trouble in unpredictable places far from where the real bug is to be found. Avoiding this kind of error would make life easier for everybody involved.

To that end, Dave tossed out a simple idea: have kfree() poison pointers so that a second call can be detected immediately. His first proposal looked like this:

    #define kfree(foo) \
	        __kfree(foo); \
	        foo = KFREE_POISON;

This code was not meant to be incorporated as-is; for starters, it probably needs a pair of braces. But there were a couple of other problems which popped up. One of them is that, since passing a NULL pointer to kfree() is legal, passing it twice is also legal. But this code would break that case. Whether that would be a problem for real code is unclear. Al Viro pointed out a more serious issue: the pointer passed to kfree() is not always an lvalue which can be assigned to. So simply redefining kfree() in this way would lead to compilation errors.

The end result is that a transparent, in-place replacement for kfree() may be hard to implement. An alternative might be the creation of a safe_kfree() variant, combined with some serious pressure to use that variant. Then, perhaps, double-free errors could be caught when they happen.

Or, instead, one could use the double-free checking already built into the kernel. The slab allocator, which is (among other things) the engine behind kmalloc() and kfree(), has options for poisoning (writing special values to) all memory which it handles. One value (0x5a in every byte) marks uninitialized memory, while another (0x6b) is written into memory when it is freed. The resulting patterns jump out nicely in oops listings, often making the cause of the problem immediately obvious. But the use-after-free value can also enable the detection of double-free errors - assuming that the memory is not reallocated between kfree() calls.

The problem, it seems, is that not a whole lot of developers are running with slab poisoning enabled. As a result, they are working without a valuable debugging tool and allowing certain kinds of bugs to persist in the code base. So a part of the solution to the problem may well be a stronger effort to get developers to turn the slab poisoning option on. Beyond that, any sort of checking added to kfree() (or a variant) should be harder to disable than the existing debugging options.

Comments (4 posted)

RCU and open file accounting

David Miller has been making great progress in his port of the Linux kernel to Sun's new "Niagara" (SPARC) CPU architecture. He has run into one little problem, however:

I just wanted to report that I am hitting the "VFS: file-max limit xxx reached" problem quite easily on my 32-cpu Niagara machine with 16GB of ram with current 2.6.x GIT. It seems far too easy to get a box into this state due to SLAB fragmentation and RCU. And once you get a machine into this state it is totally unusable.

Our test case is usually a "make -j8192" kernel build along with a parallel bootstrap of gcc. That puts about 256 processes on each cpu's runqueue, I doubt ksoftirqd can run much at all.

The file limit problem was last discussed here in October, when it delayed the release of the 2.6.14 kernel. A fix merged at that time made the problem harder to trigger, but, as David's experience shows, the problem has not been solved altogether. One might argue that a relatively small number of users run the sort of workload that David is playing with. But the point remains: with current kernels, including the upcoming 2.6.16 release, it is possible for a suitably-written program to run the open file count to its maximum, thus denying any sort of service to other users. This seems like a problem which one might want to fix.

One piece of the puzzle here is the way that the open file count is managed. Currently, that count is decremented in the slab destructor set up for file structures. This method works, but it can cause the decrement to be delayed by an arbitrary amount of time, with the result that the open file count overstates the number of files which are actually held open by processes in the system. Moving that operation out of the slab destructor can help to keep the count more in sync with reality.

The core of the problem, however is the use of the read-copy-update (RCU) mechanism for management of file structures. When a file is closed, the task of freeing the structure is queued in RCU. Using RCU lets the kernel ensure that the structure is not freed while references to it remain, but without the sort of locking overhead that comes with other techniques. As a result, performance is measurably improved on SMP systems.

When there is a lot of opening and closing of files going on (such as, say, when a wild-eyed developer starts an 8192-process kernel build), the length of the RCU callback queue can get quite long. By the time that the RCU code decides that the system has quiesced and it is safe to invoke the RCU callbacks, the queue might have thousands of entries. Working through the entire callback queue led to latency problems elsewhere in the system, so 2.6.14 included a patch which put an upper limit on the number of callbacks which would be processed in any single iteration.

The limit helped with the latency problem. But, if the generation of RCU callbacks continues at a high rate, the length of the callback queue can only grow. Every entry in the queue represents memory which could be returned to the system, but which has not yet been made available. So, as the queue grows, memory gets fragmented and the system heads towards the dreaded out-of-memory state.

An attempt at a solution can be found in this patch by Dipankar Sarma, which has been sitting in the -mm tree for a while. Dipankar's patch puts a configurable upper limit on the number of RCU callbacks which will be processed in any single batch; that allows system administrators to tune the batch size to their particular needs. On a server which is dealing with large number of file requests, and on which latency is not a crucial issue, the batch size can be set to a large number.

The patch also adds a high-water limit. If the length of the RCU callback queue ever exceeds that limit, the RCU code will (1) set the batch limit to infinity (or the integer representation thereof) and (2) send out an inter-processor interrupt forcing every CPU on the system to schedule. The combination of these actions will cause the system to work through the entire RCU queue at the soonest possible time. Once the queue length goes below a low-water limit, the old batch limit will be restored.

It is, in other words, a somewhat unsubtle approach; the system is given a kick in the rear and told to go clean up its mess. But, it seems, that is exactly what the system needs at such a time. The cleanup task can only be deferred for so long; the work eventually needs to be done regardless. David has reported that the patches fix the problem on his Niagara system, and suggests that they should be merged into 2.6.16. It is a fairly significant patch to merge at this late point in the cycle, but there seems to be a reasonably high level of confidence in its stability. So, chances are that it will be included as a preferable alternative to shipping 2.6.16 with a known problem.

Comments (6 posted)

Some upcoming sysfs enhancements

A glance at Greg Kroah-Hartman's state of the driver core and sysfs message shows that a number of changes are queued up for future kernel cycles. A couple of those add new features to sysfs, and seem worth a mention.

Attribute files in sysfs serve as a channel for sharing information between the kernel and user space. As more of the information interface moves to sysfs, an increasing number of user-space programs will be making use of sysfs attributes. Often, these programs will want to respond when the value of a sysfs attribute changes. In current kernels, however, there is no easy way for an application to know when an attribute has changed; the only option is to repeatedly re-read the file and check for new values.

The current -mm kernels include a patch by Neil Brown which makes it possible to create pollable attributes. With such attributes, user space need only open the attribute of interest pass it to poll() with the POLLERR and POLLPRI events selected. When poll() returns, the file can be reopened and reread to obtain the new value.

Internally, the patch adds a wait queue head to every kobject on the system; that queue is inserted into a poll table in response to a poll() call. The sysfs code has no way of knowing, however, when the value of any given sysfs attribute has changed, so the subsystem implementing a pollable attribute must make explicit calls to:

    void sysfs_notify(struct kobject *kobj, char *dir, char *attr);

Here, kobj and attr describe the attribute whose value has been changed. The dir argument need only be supplied when the given kobject has a special subdirectory (and the attribute is in that directory). This call will cause any polling process to wake up and see that a new value is available.

With the current code, there is no way to mark attributes which can be polled. Any process which calls poll() on an attribute which does not support polling will end up waiting rather longer than the developer intended.

While sysfs attributes are normally low-bandwidth items - holding generally a single value - the relayfs subsystem (added in 2.6.14) is meant to be a high-bandwidth pipe from the kernel to user space. Relayfs is often used for debugging tasks, such as relaying large amounts of kernel trace data for later analysis. User space gets at that data stream by opening a channel file created in the special-purpose relayfs filesystem.

As it turns out, relayfs contains a fairly nice internal abstraction for its file operations, making it possible to create entries for relay channels in other filesystems. Paul Mundt recently put together a patch taking advantage of this feature to allow kernel code to create relayfs channels in sysfs. The reaction to this capability was positive; indeed, it was seen as a better interface to the relay code than relayfs itself. So Paul's patches have grown into a full reworking of the relay interface, with the separate relayfs filesystem going away entirely.

Most of the interfaces remain unchanged; in particular, almost the entire kernel API (as described in the documentation file) remains as it was before. But now there is a pair of new functions:

    int sysfs_create_relay_file(struct kobject *kobj, 
                                struct relay_attribute *attr);
    void sysfs_remove_relay_file(struct kobject *kobj, 
                                 struct relay_attribute *attr);

A simple call to sysfs_create_relay_file() will add a relay channel attribute to the given kobject. The relay_attribute structure must be filled in with information about the actual channel. On the user-space side, the only change is that the application must look in a different place to find the relay channel. All of the supported operations (mmap() in particular) work as before.

Barring last-minute objections, both of these patches seem likely to be merged for 2.6.17.

Comments (7 posted)

Patches and updates

Kernel trees

Core kernel code

Development tools

Device drivers

Documentation

Filesystems and block I/O

Memory management

Networking

Miscellaneous

Page editor: Jonathan Corbet

Distributions

News and Editorials

Interview with DPL Branden Robinson

Branden Robinson, outgoing Debian Project Leader, was kind enough to answer a few questions via email.

LWN: Now that your term is winding down, do you feel that you have accomplished what you hoped to accomplish?

No. In and of itself that is not a bad thing; it's better to have a surfeit of ideas than a paucity of them, but even so I found the position to be a subtly different kind of challenge than I expected.

Still, I learned a great deal about the inner workings of the Debian Project's infrastructure that I don't think I could really have come to understand any other way. I look forward to being a resource for the next Debian Project Leader.

The important work that Debian has to do will continue.

Project Scud was announced almost exactly one year ago. Since then, has this project helped with the management of the Debian project?

In ways, it has. The DPL team was valuable to me in my role in that I think it was essential in either keeping me informed about various behind-the-scenes happenings, or in offering differing perspectives on things I already knew about.

Should some variant of it be continued into the coming year?

I think so, yes -- however, the DPL Team had a big problem with visibility to the Debian Project at large, and that was a significant liability. It felt to me like the DPL Team was constantly engaged with somewhat sensitive personnel issues that were difficult to air publicly in a way that was both constructive and fair to all the parties involved.

The level of harmony within the team, however, was very high, and it was a good working environment. We all exhibited respect for each other and were able to work constructively even where we had differences of opinion. I had been afraid that we wouldn't gel, and with the exception of one member who simply didn't (and doesn't) have the time to participate, I think we did.

Quite apart from who wins the DPL election, I value the stronger relationships I've forged with Debian developers over the past year, both within and apart from the DPL Team.

When it comes to the team approach being continued into the coming year, I think it's inevitable. Whether it's called "the DPL team" or "Project Scud" or doesn't have a name at all, but is instead "the guys the DPL drinks with at the pub", I feel certain the concept will continue to exist in some form, just as it predates its explicit identification last year.

The role of DPL is a multifaceted one, and it's just plain good leadership to share the responsibilities. Just as the DPL has the trust of the developers, so too must a DPL demonstrate trust in others. The best leaders find ways to trust new people, rather limiting their horizons.

Are there things you are particularly happy about? Or particularly unhappy about?

I'm particularly happy that the day-to-day machinery of Debian, of package maintenance, quality assurance, release management, propagation of unstable packages to testing, and so on, continued to hum along as it should. Debian's technical processes are, for the most part, highly developed and mature, and not something the Project Leader needs to meddle with. That was deliberate in the design of the Debian Constitution, and I think that is a point of continuing success.

The Sarge release, and, critically, the maturity of the d-i (debian-installer) project are also achievements I'm enthusiastic about. I don't claim credit for them in my capacity as DPL, except insofar as I was smart enough to know not to meddle with something that was working. Our release management processes have started to seriously hum over the past year. I think we really have a handle on management of major transitions. The BTS has seen major improvements, the devscripts package has more useful tools, and more people are leveraging these new features to get their work done.

On the downside, I'm particularly unhappy that a few particularly thorny issues occupied virtually 100% of my time. I made a conscious decision even before I was elected to grapple with what the Project has identified as the most critical issues, not necessarily those where I could make a big splash for myself or grab headlines.

One consequence is that things I have achieved are difficult to measure; another is that I didn't have much time left over to work on even the somewhat strange things I consider "fun", like coming up with a new set of trademark usage guidelines. That's still being managed ad hoc, and it doesn't really need to be.

It pays to keep in mind, though, that the most visible thing Debian does is get free software to our users. That's the primary mission, and every time I dwell on my frustrations, I need to remind myself that Debian is fundamentally succeeding in that mission. The free software landscape is littered with the remains of projects that have failed in it. Consequently, it is invaluable to maintain one's sense of perspective.

Why did you chose not to run for a second term?

There are factors on a few fronts. As you may gather from my previous answers, I have a bit of battle fatigue. More importantly, however, I have come to appreciate the wisdom that a few people in the Debian Project have already expressed. First, you don't necessarily have to be the DPL to get things accomplished. The DPL is not a strong executive under our constitution, and some of the DPL's constitutional powers, such as the dismissal of a delegate against his or her will, have never been exercised. Secondly, many developers don't seem to really appreciate the first point. It's often been remarked that the Debian Project only seems to seriously grapple with internal management issues once a year during the elections. In between, most people seem to just wait for the Project Leader to pull a rabbit out of a hat.

While it's certainly possible that a more talented leader than myself could do so (or simply be the straw the breaks the camel's back), it would be healthier if more developers were more involved with those issues.

What I'd like to do next is see if I can mold myself into an example of what I'm beginning to think of as the "good Debian citizen". I've had the benefit of an "insider's view" of what's right and wrong at the core of the Project -- what I think is critical now is to better uphold clause four of our Social Contract, in which we commit to openness with our users. That clause talks specifically about bug tracking, but many within the Project think we should apply it more generally.

Some Debian developers have an ambivalent relationship with the Project's "insiders" because, simultaneously, they are details of infrastructure management that most of them don't care to know about -- except when they're perceived as not working. In that case, they demand satisfaction. I don't particularly decry this so much as note it to be human nature.

What do you think will be the biggest challenge for the next DPL?

Infrastructure reform, which seems to eat every DPL that dares to grapple with it, will threaten to do so with the next leader as well.

Is there anything else you would like to add?

It has been a tremendous honor to serve my fellow Debian developers and users in this office. I've had a few opportunities to speak before audiences familiar with Debian during my term -- the Open Source World Conference in Màlaga, Spain, and at Free Software and Open Source Days in Istanbul, Turkey, are two recent examples.

Everywhere I go in my capacity as a Debian representative, I meet many people who have boundless enthusiasm for the Debian Project and the work that we do. In many cases these are people who are as young as I was when I started using Debian, ten years ago, or even younger. Many of them want to be involved but want advice on how to contribute -- they don't know if they have anything to offer the project. The advice I offer is simple: identify something you care about, where your natural interests tend to flow, and throw yourself into it. A GNU/Linux distribution is an infinitely improvable thing -- that is, we're never going to run out of ways to improve it. When there aren't features to be added or bugs to be fixed, there are translations to be made, documentation to be written, or licenses to be fixed. It seems basic to Debian old-timers, but it's a new insight to Debian's vigorous youth.

At the GPLv3 launch conference in Boston this past January, I troubled Eben Moglen for a recipe on how to grow the Free Software community. His advice was simple, as most good advice is: "Each one, teach one." Over the past year I've been able to impart just a little bit of my meager knowledge to a great many people. That has been the most rewarding part of this job.

Comments (2 posted)

New Releases

New Quantian release 0.7.9.2 available

Quantian 0.7.9.2 is the second Quantian release based on Knoppix 4.0.2. Quantian adds hundreds of scientific / numeric packages, as well as an openMosix enabled 2.4.27 kernel, to the CDROM version of Knoppix.

Full Story (comments: none)

SUSE Linux 10.1 Beta6 is ready

The sixth beta for the Agama Lizard (aka SUSE Linux 10.1) is out. The team has decided to spend more time strengthening this release, and have revised the schedule. The final release is now expected on April 13, 2006.

Full Story (comments: none)

Distribution News

Debian voting issues

The candidates for Debian Project Leader will debate each other on IRC on Thursday March 16, 2006 from 22:30 UTC to 01:00 UTC the following day. The announcement also contains a Call for Questions and a Call for Panelists.

So far (as of March 5th) on 174 Debian developers (out of a potential 972) have voted on the GFDL position statement. Voting ends on March 11. Details of the general resolution can be found here.

Comments (none posted)

Other Debian news

Christian Perrier reports on proposed changes to su. "As reported in #276419, su in the login Debian package doesn't permit to specify options to the invoked shell and doesn't respect quoted arguments. We plan to revert this behavior and follow su's documentation and other implementations."

Martin Schulze has announced the return of the packages.debian.org service. "This service had to move to a new machine after it consumed too much I/O traffic due to archive reorganisation."

Martin Schulze also looks at the contents of the Debian backup server. "The backup of a resource is more than just a copy of the current state. It consists of 10 to 100 versions, representing several past days. Each day a new copy is created on the backup system. Copies older than the configured number of copies get purged."

This Bits from the kernel team takes a look back at what already happened after the sarge release and what you should expect for etch.

Comments (none posted)

Announcing fedora-security-list

A new list has been created for the discussion of security issues in Fedora, including Fedora Extras and Fedora Legacy.

Full Story (comments: none)

Ubuntu - Dapper UI Sprint

Mark Shuttleworth reports that the Dapper UI sprint has been happening in London and on #dapper-look. "We are reviewing progress on UBZ desktop specs, as well as the artwork, theming and icons for Dapper in both Ubuntu and Kubuntu."

Full Story (comments: none)

CFP: Debian Quality Assurance meeting in Extremadura

The Region of Extremadura in Spain has generously offered to host a number of work meetings for Debian during 2006. A Quality Assurance meeting is planned for December 13-17, 2006 (Wed-Sun). "This first announcement is a Call for Participation: if you have been involved in Debian QA, are interested in contributing or have some good QA ideas, you may want to consider attending this meeting." Space is limited.

Full Story (comments: none)

Distributions at FOSDEM

We have a couple of FOSDEM reports. The Debian-Java team met and discussed Debian-Java policy changes, Debian-Java welcomes women, and Java in kFreeBSD port.

The openSUSE project participated at FOSDEM with both a "DevRoom" and a small booth. "For those of you who didn't make it to FOSDEM, we have recorded the nine talks and three speed talks about openSUSE, SUSE Linux, and the work of SUSE R&D." There's a picture gallery too.

Comments (none posted)

New Distributions

andLinux

andLinux is a complete Linux distribution that runs seamlessly in Windows, using CoLinux. There is no need to partition, dual boot, configure or dedicate a machine. Users will have a complete Linux environment running along with Windows in a matter of minutes. The latest version is Proof Of Concept v2.1, which includes CDrom and floppy access, sound, faster networking and much more.

Comments (none posted)

Sharif Linux

Sharif Linux is a bilingual English/Persian operating system maintained by Sharif FarsiWeb. It is based on GNU/Linux and is customized for the computing requirements of Iran and the Persian language, specially for enterprise-level and educational uses. The current version of Sharif Linux, version 1.4, includes GNOME 2.10, including Evolution 2.2.3 and Evince 0.4.0, OpenOffice.org 2.0.1, Firefox 1.0.7, FarsiWeb fonts 0.4, Linux kernel 2.6.15, and much more.

Comments (1 posted)

Distribution Newsletters

Debian Weekly News

The Debian Weekly News for March 7, 2006 covers the call for votes on the General Resolution to address the Debian project's position on the GNU Free Documentation License, requirements and rights for official Debian sub-projects, Debian GNU/kFreeBSD for AMD64, the IRC debate for the Project Leader Election, QA activities, and several other topics.

Full Story (comments: none)

Fedora Weekly News Issue 36

This week the Fedora Weekly News looks at the Call for Papers: FUDCon Wiesbaden 2006, Announcing fedora-security-list, Running OLPC within VMWare Player, Updated QEMU-Admin tool with network bridging, Security wars: Novell SELinux killer rattles Red Hat, and more.

Comments (none posted)

Gentoo Weekly Newsletter

The Gentoo Weekly Newsletter for the week of March 6, 2006 covers Gentoo Linux 2006.0 download statistics, a Portage fix, the PPC team meeting, the Gentoo event calendar for London, San Jose and Bonn, and several other topics.

Comments (none posted)

February OpenSolaris Community Newsletter

The February edition of the OpenSolaris Community Newsletter is available. Topics include OpenSolaris Charter was approved, Community started ramping up on the formation of development projects, more source and binary technology released, variety of contributions continue to be offered, some external code contributions have led to ARC cases, source code management conversations are increasing and more.

Comments (none posted)

Ubuntu Documentation Newsletter - second edition

This issue of the Ubuntu Documentation Newsletter looks at Documents for Ubuntu 6.04, Kubuntu Documentation, Wiki Documentation, and more.

Full Story (comments: none)

DistroWatch Weekly, Issue 141

The DistroWatch Weekly for March 6, 2006 is out. "As more and more distributions provide bootable disks containing a complete operating system, it is clear that these "live CDs", as they are often referred to, are having a huge impact on our daily computing lives; today we report on Debian Live and Mandriva One, as well as on several efforts to accelerate the boot process of KNOPPIX. Having trouble with finding all the interesting software sources for your Ubuntu installation? Then worry not, the new Ubuntu source-o-matic makes it easy. Also in this issue: Click-N-Run for Ubuntu, a new Linux web site with podcasts for Linux beginners, a couple of entertaining links for Monday laughs, and a first look at the brand new Rubix Linux 1.0. Finally, we are pleased to inform that the February 2006 DistroWatch donation has gone to FreeBSD Foundation."

Comments (none posted)

Package updates

Fedora updates

Updates for Fedora Core 4: dhcp (bug fixes), system-config-netboot (bug fixes), xterm (bug fixes), squirrelmail (fix broken languages), shadow-utils (bug fix), ncurses (cleanup), mc (bug fixes), gnbd-kernel (update to 2.6.11.5 kernel), cman-kernel (update to 2.6.11.5 kernel), dlm-kernel (update to 2.6.11.5 kernel), GFS-kernel (update to 2.6.11.5 kernel).

Comments (none posted)

Mandriva updates

Mandriva has provided new libaio packages in main to provide out-of-the-box support for Oracle Express in Mandriva Linux 2006. Samba has been updated for Corporate 3.0 users.

Comments (none posted)

Slackware updates

Slackware has upgraded bash-completion and proftpd. Various python packages have been recompiled against Berkeley DB 4.2.52. There a few fixes for coreutils, xfsprogs and dmapi. The full slackware-current changelog has all the gory details.

Comments (none posted)

Trustix updates

Trustix has fixed various bugs in postfix and samba for TSL 2.2 & 3.0.

Full Story (comments: none)

Distribution reviews

My desktop OS: GRML (NewsForge)

NewsForge takes a look at a relatively unknown distribution called GRML. "GRML says it's for "users of texttools and system administrators," but GRML actually offers more. It's Linux that "just works." My users are not geeks, but GRML makes all our lives easy."

Comments (6 posted)

Five things I dislike about SUSE 10 (Linux.com)

Joe Barr is not happy with his boxed set of SUSE Linux 10.0. "The open version of SUSE is touted as making all the latest stuff available earlier than you can get it in the commercial version, with perhaps a few bumps in the road as a result, for hobbyists and aficionados to play with and test and help debug the latest application releases before they get rolled up into the professional edition. It turns out the retail version has exactly the same set of bumps in the road as the open version."

Comments (3 posted)

Page editor: Rebecca Sobol

Development

Using Linux to manage a large audio collection

Recently, your author decided to dig into a long-delayed project, the consolidation of a large collection of music onto a hard drive-based archive. Over the years, a large collection of music has been built up, the majority of which is live concert recordings from various tape trading networks. Prices of hard drives in the several hundred gigabyte size range have been steadily falling, making an online audio archive possible and affordable.

Music recording technology has gone through an amazing number of technology changes in the last 30 years. First there were reel-to-reel tapes, then audio cassettes. VHS-HiFi was a short-lived medium that offered improvements over cassettes until the audio DAT tape showed up. After that was CD-R media. Add to that vinyl records, commercial CDs, sound tracks from video tapes, and live recordings from multi-track digital recorders. Recently, a large number of BitTorrent sites have been good sources of live music recordings.

Your author is somewhat picky about audio standards, although he routinely shuns audiophile audio hardware. The Microsoft .wav file format seemed like the universal standard to use as an archive medium. The 44.1K sampling rate was chosen due to its compatibility with audio CDs. Compressed formats like Ogg Vorbis and MP3 have their uses for portable players, but for archiving purposes, .wav is for the most part, the best sounding and most universally workable standard.

Taking that one step further, .wav files can be bit-for-bit converted to and from FLAC, the Free Lossless Audio Codec. FLAC typically squashes music by about 50% of its original size, and .flac files can be played directly with music players such as XMMS. It is trivial to re-convert .flac files to .wav for burning CD-Rs.

The standard Linux filesystem was chosen as way of storing the archive. It offers a wealth of handy command-line utilities for management, and GUI-based interfaces for those who prefer the that mode of operation. Some conventions were chosen for representing the music from a typical live concert. Each concert gets stored in a unique directory named ArtistYYYYMMDD. Individual songs were stored in their own .wav files with a similar naming scheme: ArtistYYYYMMDDd#T##.wav where YYYYMMDD is the date, d# is the (optional) disk number from a multi-CD set and T## is the track number. Additionally, a file called ArtistYYYYMMDD.txt can be included to contain a textual description of the audio source, processing information, song lists, and other information. It would be nice to have a meta-data file such as an XML file that contains more information in a computer readable format, but that's for the future.

A big collection of CD-burning source material was recently rescued from an old computer system and a big pile of backup tapes from the same machine. The majority of this data consisted of 1-2 GB .wav files that were created by copying audio DATs into a CMI8732-based sound card with a lossless S/PDIF digital audio interface. The audio stream was converted to .wav files with the obsolete SoundRecorder utility, or Cinelerra. Sound from analog sources was fed into the computer using an external Flying Cow Analog to S/PDIF converter.

Many of the audio DATs were recorded with a 48Khz audio sampling rate; those were converted to 44.1Khz files with SoX. Most of the source material was stereo volume normalized with Ecasound and some custom audio scripts. Volume normalization is a bit of an art, it usually works best on large parts of the source .wav file, broken up by concert sets, or where the person running the recorder tweaked the recording level. Normalizing groups of songs gets rid of annoying volume changes from song to song.

Although Cinelerra is primarily a video editor, it has the critical ability of being able to digest a 2GB audio file without choking. It also has the ability to mark audio edit points throughout the source material, and bulk-render individual .wav files as marked by the edit points.

After all of that, the music archive is showing many signs of improvement. All of the long gaps and audience chatter has been removed from the source material. The volume of the .wav files is fairly constant from concert to concert. The songs are now accessible individually. Your author was lucky in that he discovered how poor the CD-R medium is for long time archiving before he deleted his source .wav files. CD-R media degrades with heat, dirt, and repeated handling.

Now that the music archive is coming together, some big advantages are beginning to surface. It is possible to copy the entire archive to another computer with a one line ssh/tar command. This is extremely powerful for backing up the data or copying sections to a friend's computer. A spare computer can easily be retrofitted with a large hard drive, then turned into a music library audio appliance. Although not as portable as an mp3 player, the entire archive can be copied to a laptop for listening away from home.

This is very much a work in progress, it is also a process that will never be finished. The archive is up to 45Gb and is growing daily. Some software remains to be written. A random music player should be easy to write with just a few lines of Python code. That could be extended to include more advanced features such as noting song groups that should always be played together, and skipping files that contain short spoken segments such as a band introduction. In the source material, files are occasionally split into two pieces due to the editing out of a bad section in the middle, your author is still searching for a way to join two .wav files into one to fix that problem.

Linux and the wide variety of open-source tools have made this entire process a breeze, if somewhat time consuming. Audio recording has gone through a series of diverging technologies, this distillation effort has reversed that trend.

Comments (19 posted)

System Applications

Database Software

MySQL 5.1.7-beta has been released

Version 5.1.7-beta of the MySQL database is available for testing. "This is the first published Beta release in the 5.1 series. All attention will continue to be focused on fixing bugs and stabilizing 5.1 for later production release."

Full Story (comments: none)

pgAdmin III v1.4.2 Released

Version 1.4.2 of pgAdmin has been released. "The pgAdmin Development Team are pleased to announce the release of version 1.4.2 of pgAdmin, the Open Source administration and development platform for PostgreSQL 7.3 and above. pgAdmin can be run on Linux, FreeBSD, Mac OSX, Solaris and Windows."

Comments (none posted)

PostgreSQL Weekly News

The March 5, 2006 edition of the PostgreSQL Weekly News is online with new PostgreSQL information and events.

Full Story (comments: none)

Mail Software

Bogofilter 1.0.2 released

Version 1.0.2 of Bogofilter, a Bayesian spam filter, is available. "This release fixes has some minor configuration script scripts, some minor option errors, suppresses multiple messages when the database nears its maximum size, has an emacs VM entry in the FAQ and updated emacs VM support."

Full Story (comments: none)

Gotmail 0.8.8 Released

Version 0.8.0 of Gotmail, a Perl interface to hotmail.com, is out. "This is a simple maintenance release with only a few basic bug fixes applied including better dealing with spaces in folder names and extra lines in config files."

Full Story (comments: none)

Web Site Development

Campsite 2.5 announced

Version 2.5 of Campsite, an open-source multi-lingual content management system for news websites, is out. "Version 2.5 is a major feature release."

Full Story (comments: none)

Using Ajax from Perl (O'Reilly)

Dominic Mitchell discusses the use of Ajax from Perl on O'Reilly. "If you're even remotely connected to web development, you can't have failed to have heard of Ajax at some point in the last year. It probably sounded like the latest buzzword and was one of those things you stuck on the "must read up on later" pile. While it's definitely a buzzword, it's also quite a useful one. Ajax stands for "Asynchronous JavaScript and XML." It's a term coined by Jesse James Garret in "Ajax: A New Approach to Web Applications." Ignore the football team, they're mere impostors. ;-) What does that actually mean? In short, it's about making your web pages more interactive."

Comments (none posted)

Scheduling Jobs in a Java Web Application (O'ReillyNet)

Chris Hardin discusses Java Web Application scheduling on O'Reilly. "Web application frameworks are built to service requests when they come in, typically from web users. This seems fine, but what if you need to execute code at specific times (for example, to generate reports in the middle of the night when CPU use is low)? Quartz provides best-of-breed Java scheduling functionality, and in this article, Chris Hardin shows how to get Struts to load up Quartz and your scheduled work."

Comments (none posted)

Miscellaneous

Open Graphics schematics posted

The Open Graphics project is working toward the development of a completely open 3D graphics adaptor for use with free systems. Last week, the project announced its intent to release the first set of schematics for wider review. The schematic [PDF] and a slightly outdated bill of materials are now available. Quite a bit of work remains to turn this design into an actual product, but the developers are working with the apparent hope of getting something out this year.

Comments (12 posted)

New Live CD showcasing XGL (FootNotes)

If you are curious about what can be done with all the 3D work going on: FootNotes has a blurb about the Kororaa live CD, a Gentoo-based live system with all the Xgl goodies on it.

Comments (11 posted)

Desktop Applications

Audio Applications

FUPlayer 0.2.1 is available

Stable version 0.2.3 of FUPlayer has been announced, it features bug fixes. "FUPlayer is a full featured music manager and player for the GNOME desktop. With it, you can play music from your hard drive, create playlists, do real file management using its Trash, and play, rip, and burn audio CD's. It features an interface similar to those of many modern manager-style players, but with many improvements, such as true non-modal search and browse functionality, find-as-you-type, and drag destination highlighting." See the CHANGELOG file for more information.

Comments (none posted)

QjackCtl 0.2.20 released

Version 0.2.20 of QjackCtl, a Qt interface to the JACK Audio Connection Kit (JACK) is out with a number of new capabilities.

Full Story (comments: none)

Rhythmbox needs YOU! (GnomeDesktop)

The Rhythmbox project needs volunteers to work on its music player playlist feature. "Rhythmbox 0.9.3 gained support for all mass-storage audio players (auto-detected if HAL knows about them, or via .is_audio_player). What it doesn't have is support for playlists on all those players. Last night we committed support for reading playlists from PSPs, and we want to add support for the rest. If you have an audio player which uses playlists (and isn't an iPod or PSP), you need to run to bugzilla and tell us about it."

Comments (none posted)

CAD

Twenty-ninth release of PythonCAD available

Release 29 of PythonCAD has been announced. "The twenty-ninth release of PythonCAD contains various improvements to the internal entity creation and manipulation code. The routines for transferring entities between layers has been reworked, as have the routines for deleting entities. This code rework flushed out a number of bugs and sub-optimal code issues which have been resolved."

Full Story (comments: none)

Desktop Environments

GNOME 2.14 Release Candidate (2.13.92) Released!

GNOME 2.13.92 has been released. "This is our last unstable release before the big .0 release. Lots of new features and bug fixes have been added during this cycle, probably more than what you can remember if you've been running all the unstable releases so far."

Full Story (comments: 1)

GARNOME 2.13.92 (aka 2.14 RC) is out

Version 2.13.92 of GARNOME, the GNOME testing distribution, is out. "This release includes all of GNOME 2.13.92 (aka 2.14 Release Candidate) plus a whole bunch of updates that were released after the GNOME freeze date."

Full Story (comments: none)

GNOME Software Announcements

The following new GNOME software has been announced this week: You can find more new GNOME software releases at gnomefiles.org.

Comments (none posted)

KDE Software Announcements

No new KDE software announcements were received this week. You can find the latest KDE software releases at kde-apps.org.

Comments (2 posted)

Electronics

gEDA 20060123 announced

The OpenCollector Database has an announcement for a new release of the gEDA suite, a collection of electronic design automation (EDA) tools. "This release includes schematic backup and autosaving, a new "L" net drawing mode, improved PNG export, new file selection dialog boxes (when using at least GTK+ 2.4.x), embedded picture support, spice-sdb backend improvements, and many bugfixes."

Comments (none posted)

Kicad 2006-03-07 released

Release 2006-03-07 of Kicad, a printed circuit and electronic circuit CAD application for KDE, is available with bug fixes and other improvements.

Comments (none posted)

Financial Applications

Release of GnuCash 1.9.2 (unstable) (GnomeDesktop)

Unstable version 1.9.2 of GnuCash, a financial management application, has been announced. "The GnuCash development team proudly announces GnuCash 1.9.2 aka "With extra flavor enhancements", the third of several unstable 1.9.x releases of the GnuCash Open Source Accounting Software which will eventually lead to the stable version 2.0.0. This release contains many bugfixes since the second release but is still only intended for developers and adventurous testers who want to help tracking down bugs."

Comments (none posted)

Games

Ember 0.4.0 released

Version 0.4.0 of Ember has been announced on the WorldForge game site. "Ember is a fully functional 3d client for the WorldForge project. It’s meant to be as extensible as possible, to allow for future world builders to adapt it to their worlds or games. This release adds a lot of new features and refactored code. One of the main changes is the addition of scripting language support. Many of the existing gui components and widgets have been converted to Lua code. Together with a build in code editor and a new more robust widget look this makes for a solid foundation for further gui development."

Comments (none posted)

Interoperability

Wine 0.9.9 released

Version 0.9.9 of Wine has been announced. Changes include: Many new features and improvements in Richedit, More Web browser support, Recursive directory change notifications, Wine installation is now fully relocatable, Direct3D 8 and 9 now use the same code, Many debugger improvements, Systray is now handled by the explorer process and Lots of bug fixes.

Comments (none posted)

Wine Weekly Newsletter

The March 5, 2006 edition of the Wine Weekly Newsletter is out with the latest Wine project news.

Comments (none posted)

Music Applications

dssi-vst 0.4 released

Version 0.4 of dssi-vst, a DSSI plugin wrapper for Win32 VST plugins, is out. "The main change since the 0.3.1 release is that dssi-vst now builds with newer versions of the Wine tools. Wine 0.9.5 or newer is now required. This release also builds with version 2.4 of the VST SDK, although it should still work with the older 2.3 as well."

Full Story (comments: none)

Qsynth 0.2.5 released

Version 0.2.5 of Qsynth, a Qt interface to FluidSynth, is out with new features and bug fixes.

Full Story (comments: none)

Office Suites

OpenOffice.org 2.0.2 released

OpenOffice.org 2.0.2 is out. This release adds integrated spellchecking dictionaries, some new import filters, KDE address book interoperability, and a new set of icons.

Full Story (comments: 6)

Miscellaneous

File permissions in Nautilus (GnomeDesktop)

GnomeDesktop.org points to a blog about Nautilus file permission modifications. "Christian Neumair has posted an overview of some of the work he is doing with regards to changing file permissions within Nautilus. A very good read for those that are interested."

Comments (none posted)

Languages and Tools

Caml

Caml Weekly News

The March 7, 2006 edition of the Caml Weekly News is out with new Caml language articles.

Full Story (comments: none)

Java

GNU Classpath 0.90 released

Version 0.90 of the GNU Classpath essential Java libraries have been released. Changes include: "JTables can be rearranged and resized. Free Swing text components support highlighting and clipboard. Much improved styled text. Fast event dispatching and lower memory consumption. Better support for mixing lightweight and heavyweight components in AWT containers. GNU Crypto and Jessie cryptographic algorithms have been added providing ssl3/tls1 and https support. Unicode 4.0.0 support. GIOP and RMI stub and tie source code tools. XML validaton support for RELAX NG and W3C XML schemas. New file backend for util.prefs. Updated gnu.regexp from POSIX to util.regex syntax."

Full Story (comments: none)

PHP

PHP OpenID 1.0.0 Released

Version 1.0.0 of the PHP OpenID library is available. "JanRain, Inc. is proud to announce the first stable release of our OpenID library for PHP! This release incorporates improved documentation, bugfixes, a configuration helper for the server example, and support for installation with the PEAR command-line installer."

Full Story (comments: none)

PHP Weekly Summary for February 27, 2006

The PHP Weekly Summary for February 27, 2006 is out. Topics include: True labelled break goes off-list, portable string API in HEAD, segfault recovery, life without $this, stack overflow prevention, deprecation macros in 5_1, and late static binding patch.

Comments (none posted)

Python

PyCon Python IDE review

Jonathan Ellis presents a Python IDE review from the recent PyCon convention. "I presented an IDE review at PyCon last Friday. It was basically a re-review of what I thought were the 3 most promising IDEs from the Utah Python User Group IDE review, to which I added SPE, which was by far the most popular of the ones we left out that time. The versions reviewed are: PyDev 1.0.2, SPE 0.8.2.a, Komodo 3.5.2, Wing IDE 2.1 beta 1".

Comments (none posted)

Dr. Dobb's Python-URL!

The March 6, 2006 edition of Dr. Dobb's Python-URL! is online with a new collection of Python article links.

Full Story (comments: none)

Ruby

Ruby Weekly News

The March 5, 2006 edition of the Ruby Weekly News looks at the latest discussions from the ruby-talk mailing list.

Comments (none posted)

Tcl/Tk

Dr. Dobb's Tcl-URL!

The March 6, 2006 edition of Dr. Dobb's Tcl-URL! is online with new Tcl/Tk articles and resources.

Full Story (comments: none)

Miscellaneous

SchemaSpy 2.1.2 released (SourceForge)

Version 2.1.2 of SchemaSpy has been announced. "SchemaSpy analyzes schema metadata, letting you click through the hierarchy of your tables' parent/child relationships either graphically or through HTML tables. It works with just about any RDBMS given an appropriate JDBC driver. SchemaSpy also identifies several common schema anomalies."

Comments (none posted)

Page editor: Forrest Cook

Linux in the news

Recommended Reading

Jon Maddog Hall on Linux, saving money and ruling the world (ComputerWorld)

ComputerWorld has an interview with Jon 'maddog' Hall. "Customers will realize that return on investment (ROI) overrules total cost of ownership (TCO), and they will tell Microsoft that they, as customers, will not buy any more software from Microsoft unless it is 'free'. Then Free and Open Source Software will blossom overnight."

Comments (9 posted)

The NZ "Get the Facts" Style Report (Groklaw)

Groklaw covers a new anti-FOSS FUD campaign in New Zealand. "Slashdot has posted an article about a report to the New Zealand State Services Commission regarding FOSS: Gavo writes "Law firm Chapmann Tripp advises New Zealand State Services Commission that the New Zealand Government should be wary of using 'infectious' open source software. They claim 'While the use of open source software has many benefits, it brings with it a number of legal risks not posed by proprietary or commercial software.'" Here's the scoop, although I don't know if the New Zealand government is aware of it. Chapman Tripp works for Microsoft."

Comments (13 posted)

ODF Alliance Announced (Groklaw)

Groklaw covers the newly formed Open Document Format (ODF) Alliance, an international group of industry partners, associations, NGOs and academic/research institutions. "Members include corporations you would expect to be part of this push, such as IBM and Sun and Novell and Red Hat, and some you'll be happy to see on the list, like Corel and Oracle and Opera Software, and the Information and Communications Technology (ICT) for the City of Vienna, and quite a collection of educational and library associations, such as the American Library Association, the Indian Institute of Technology, the Technical University of Denmark and tarent GmbH."

Comments (7 posted)

Trade Shows and Conferences

Gadgets on parade at CeBit (ZDNet)

ZDNet looks forward to CeBit. "CeBit is huge, and thousands of technology companies will cram into almost 30 halls, bringing everything from fax machines and printers to smart phones and dual-core chip-based notebooks. We can't predict everything that will grab the headlines and get people talking at the show, but it's clear that there are some key themes and products to watch out for."

Comments (6 posted)

A Report from LinuxForum 2006 (Groklaw)

Groklaw has coverage of LinuxForum 2006, in Copenhagen, Denmark. "LinuxForum runs over two days: Friday (today) is more business-minded and Saturday is for the geeks... er... I mean... the more technically minded. Thus, today's program was definitely of more interest to the wider Groklaw audience. Tomorrow will be exciting too, but only for some Groklawians. Also, it will be harder to report, so you will have to make do with my report from today." Day 2 coverage is also available.

Comments (6 posted)

Companies

Chip startup adopts Linux, open cores for PMPs, DTV (LinuxDevices)

LinuxDevices looks at new microprocessor offerings from Vivace Semiconductor. "A fabless semiconductor startup focused on "multi-function video processing chips" has adopted Linux and an open-source RISC core. Vivace Semiconductor's roadmap, unveiled at a venture capital event today in San Francisco, includes a VSP200 chip targeting portable video players, and a VSP300 chip targeting high-definition integrated digital TVs (DTVs)."

Comments (none posted)

Israeli Software Company Faces U.S. Probe (Forbes)

Forbes is carrying an AP article saying that a US governmental panel (the same one which happily declined to worry about the sale of several US ports) is doing a full review process on the sale of Sourcefire to an Israeli company. "The objections by the FBI and Pentagon were partly over specialized intrusion detection software known as 'Snort,' which guards some classified U.S. military and intelligence computers." ...and which is free software.

Comments (12 posted)

Linux Adoption

'Academy' builds business case for Linux in gov't (Silicon.com)

Silicon.com covers the successful deployment of Linux in Birmingham, England. "Birmingham City Council is the lead authority on the project which began last year. It has embarked on one of the most ambitious projects, replacing the software on 300 PCs - at its central library and 39 local libraries - with open source. The spokesman told silicon.com: "Nine months ago our library infrastructure was in need of updating and what we've done is look at open source as an alternative to conventional desktop software. We've implemented a refresh of the desktop which uses open source software throughout." Now the desktops have OpenOffice 2, Firefox and Gimp image software. The spokesman said: "These are all powerful applications. What we have is a very stable, very secure desktop."

Comments (1 posted)

Linux at Work

Planetary lab's research orbits around Scyld cluster (NewsForge)

NewsForge looks at the University of Arizona Lunar and Planetary Lab (LPL) and its Scyld Beowulf cluster from Penguin Computing. "The lab is home to almost a dozen separate research groups, each with five to 12 researchers, each with his or her own computing needs. The groups conduct research on various topics such as space physics, planetary occultations, and spacecraft missions. Sometimes LPL researchers study material that has gone into space or been brought back from space by NASA, trying to be the first to publish findings in scientific journals."

Comments (1 posted)

'World's largest' Wi-Fi network keeps Linux under wraps (Computerworld)

Computerworld looks at the use of Linux for setting up a large wireless network in Victoria's Department of Education. ""We are aware that the modules used in EduPass are open source already, and so is Red Hat Linux, but we have erred on the side of caution," Meadows said, adding her team has "thought long and hard" about it. "There are big security companies that build on Linux and don't release the code [and] we give credit to Openssh, Freeraduis, Squid, and Linux which are all open to scrutiny. The bits that are proprietary concern how all servers are randomly set to check updates and a lot of advanced proxy features." Even without releasing EduPass's code, DET is being a good open source citizen by remaining in "close touch" with and contributing "issues" back to the Freeraduis and Openssh projects."

Comments (3 posted)

Legal

Rivals: Microsoft offer is a 'poisoned honeypot' (ZDNet)

ZDNet covers the latest twists as the European Commission looks into Microsoft's compliance with sanctions imposed in an antitrust decision. " The Commission said Microsoft failed to properly document the interconnections and rivals could not use them. Microsoft offered in January to open portions of the secret source-code for its servers, a solution neither sought nor welcomed by Commission experts. The Free Software Foundation Europe and Samba rejected the idea. Microsoft would require FSFE/Samba to change its license, which requires source code be openly distributed and freely available."

Comments (none posted)

Interviews

Mr. Dell opens up about Desktop Linux (DesktopLinux.com)

DesktopLinux.com talks with Michael Dell. "Dell emphasized that his company is not leading Linux, it's tracking Linux. So, it's not going to pick one desktop distribution and try to make it number one. Thus, while 'Ubuntu is now the most popular desktop distribution on Dell PCs, it may not be a year from now.'"

Comments (5 posted)

Resources

CLI Magic: Securely deleting files with shred (Linux.com)

Linux.com takes a look at destroying data with shred. "While shred might not work on bad sectors, it is one of the best tools available to securely erase data from your hard disk. It is always more secure to run shred on a complete partition rather than a file, because some filesystems keep backup files and shred makes no attempt to delete these. For the extremely paranoid, however, no command works better than concentrated sulphuric acid."

Comments (10 posted)

Linux and smart phones (Linux.com)

Luigi Paiella communicates between a Linux laptop and a smart phone in a Linux.com article. "So you want a cell phone that's also a PDA? Smart phones can make calls, synchronize your calendar with your PC, act as data storage devices, and connect your PC to the Internet. You can use your Linux PC to connect with and even program some mobile phones using some of the following tools. In testing these open source applications I used a Nokia phone running Symbian OS v8.0 and the Series 60 Platform second edition user interface, with USB, Bluetooth, and Internet connectivity."

Comments (none posted)

OOo Off the Wall: That's Your Version--Document Control in OOo Writer (Linux Journal)

Bruce Byfield looks at OpenOffice.org Writer tools that help with version control. "OpenOffice.org has multiple Undo levels. You can set the levels as high as you like from Tools -> Options -> OpenOffice.org -> Memory -> Undo. However, if your files receive extensive revision or if more than one person writes or edits them, you need more sophisticated tools to handle changes. OpenOffice.org Writer provides three such tools: Changes, Compare Documents and Versions. All share some common interface features and are quick to learn, although possibly confusing for users unfamiliar with version control."

Comments (none posted)

Reviews

First look: KOffice 1.5, part 1: The major applications (Linux.com)

Linux.com reviews KOffice 1.5. "As I examined KOffice's major applications, a pattern started to emerge. In KWord, KSpread, and KPresenter, basic functions are available, but only a few advanced features. At a rough estimate, each has about three-quarters of the features that you would find in an equivalent commercial product or in OOo. This status is a mixed blessing. On one hand, it suggests that KOffice is not rushing its development by trying to be all things to all users. Instead, KOffice seems to be gradually perfecting existing functions a little more with each release. This tactic is particularly evident in the steady improvement of the user interface."

Comments (none posted)

Review: MythTV 0.19 (Linux.com)

Linux.com has a review of MythTV. "MythTV describes itself on its home page as a "homebrew" personal video recorder (PVR), but thanks to its many available plugins, it's actually a complete open source home entertainment system that lets you to watch and record TV programs, watch movies, view photos, listen to music, play games, and more."

Comments (5 posted)

Virtualization in Xen 3.0 (Linux Journal)

Rami Rosen reviews Xen 3.0, a virtual machine monitor, on Linux Journal. "After much anticipation, Version 3.0 of Xen recently was released, and it is the focus of this article. The main goal of Xen is achieving better utilization of computer resources and server consolidation through paravairtualization and virtual devices. Here, we discuss how Xen 3.0 implements these ideas. We also investigate the new VT-x processors from Intel, which have built-in support for virtualization, and their integration into Xen."

Comments (1 posted)

Miscellaneous

Open Season On Open Source? (Business Week)

Business Week says that the open source community has been "thrown into a tumult" as a result of acquisitions; it looks like an article which could have been written in 1999. "The fear is that a round of buyouts could undermine the ethos of open source. Many coders volunteer their time, spending nights and weekends testing bugs and writing patches because they see themselves as part of an important, grassroots movement. Will that motivation remain if they're just helping to fill the coffers of Oracle or other tech giants?"

Comments (6 posted)

Page editor: Forrest Cook

Announcements

Non-Commercial announcements

An ACM policy statement on DRM

Ed Felten has posted a policy statement on DRM from the US public policy committee of the ACM. "DRM should not be used to interfere with the rights of consumers. Neither should DRM technologies interfere with any technology or use of consumer systems that are unrelated to the copyrighted items being managed." The statement is also available as a PDF file which, amusingly, causes evince to require a password on your editor's system (xpdf displays it fine).

Comments (11 posted)

FSF announces annual member meeting

The Free Software Foundation has announced its annual member meeting to be held at MIT, Cambridge MA, on Saturday April 1, 2006. This meeting has been subtitled "GPLv3 and the future of free software movement".

Full Story (comments: 3)

English Wikipedia reaches 1 million articles

The Wikipedia online encyclopedia has reached its one million article mark. "Although its method of editing is new and controversial, Wikipedia has already won acclaim and awards for its detailed coverage of current events, popular culture, and scientific topics; its usability; and its international community of contributors. BBC News has called Wikipedia "One of the most reliably useful sources of information around, on or off-line." Daniel Pink, author and WIRED Magazine columnist, has described Wikipedia as "the self-organizing, self-repairing, hyperaddictive library of the future," and Tim Berners-Lee, father of the Web, has called it "The Font of All Knowledge.""

Full Story (comments: none)

Commercial announcements

GWAVA Announces Release of Reload for GroupWise

GWAVA has announced the availability of a GroupWise backup solution for Linux. "Reload is a hot backup and restore solution for GroupWise administrators to rapidly and easily restore an entire GroupWise system or a single GroupWise email message. Organizations can now restore single messages, allow users to automatically recover deleted mail in minutes and dramatically improve the reliability and speed of backup and restore procedures."

Comments (none posted)

Novell Reports Financial Results for First Fiscal Quarter 2006

Novell, Inc. has announced its financial results for its first fiscal quarter ended January 31, 2006. "Novell reported revenue of $274 million, compared to revenue of $290 million for the first fiscal quarter 2005. Net income available to common stockholders in the first fiscal quarter 2006 was $2 million or $0.00 per diluted common share."

Comments (2 posted)

The PolyServe Distributed Performance Management System

PolyServe, Inc. has announced the enhanced PolyServe File Serving Utility for Linux. "The updated software package features a powerful performance dashboard tool, adding to the solution's advantages over isolated network attached storage (NAS) appliances. Enabled by PolyServe's shared data clustering software, the performance dashboard tracks performance on individual servers and aggregates this information across the cluster to provide critical real-time performance statistics."

Comments (none posted)

New version of Project Open

]project-open[, a provider of open-source based project management software, has announced the release of Version 3.1 of ]project-consulting[. The new version includes several new modules and more then 100 detail improvements from customer rollouts.

Full Story (comments: none)

Announcing the samba4WINS Replicating WINS Server

The samba4WINS Replicating WINS Server has been announced. "Initiated by SerNet and sponsored by Computacenter, Fujitsu Siemens Computers (FSC) and LiSoG e.V. it became possible to develop a free software needed by many users: the replicating WINS server - samba4WINS. Due to this solution WINS server running with Windows in a lot of environments can be migrated to Linux."

Comments (none posted)

Terra Soft Releases Y-HPC v1.1, Initiates Switch Campaign

Terra Soft Solutions has announced the release of version 1.1 of its Y-HPC Cluster Construction and Management Suite for G5 Xservers. "New to Y-HPC v1.1 is XCPU, a process management system for clusters divided into control nodes and compute nodes. XCPU incorporates a set of simple tools for starting cluster-wide processes wherein the control nodes migrate execution to the compute nodes via the '9p' process management service. The XCPU server is 'mounted' in much the same way NFS is mounted. In this regard, services provided by XCPU are available as files in a file system."

Full Story (comments: none)

TimeSys Introduces Global Authorized Support and Service Partner Program

TimeSys has announced its new Global Authorized Support and Service Partner Program. "LinuxLink is the first commercial offering to support the majority of embedded Linux developers who build and assemble their own commercial-grade custom Linux platform. The ASSP program delivers comprehensive, native-language sales, support and value added-services to LinuxLink subscribers. ASSP program members participate in the Developer Exchange, which provides LinuxLink subscribers with access to interactive support from TimeSys, semiconductor companies and industry experts."

Full Story (comments: none)

LinuxLink by TimeSys Gains Traction in Embedded Linux Market

TimeSys has sent out a status report on their LinuxLink Web-based resource for embedded Linux development. LinuxLink "..has achieved significant growth since its introduction in August, 2005. LinuxLink is an industry-changing delivery model, and the first commercial offering to support the majority of embedded developers who build and assemble their own commercial-grade custom Linux platform. The LinuxLink approach has been validated by embedded developers, semiconductor manufacturers and embedded solutions providers."

Full Story (comments: none)

New Books

No Starch Press Releases "Write Great Code, Volume 2"

No Starch Press has published the book Write Great Code, Volume 2 by Randall Hyde.

Full Story (comments: none)

Resources

Get to know Firebird in 2 minutes

Carlos H. Cantu has written a multilingual quick start document about the Firebird database, entitled "Get to know Firebird in 2 minutes". "If you are reading this paper, this is probably your first encounter with the Firebird RDBMS. This paper will present to you the main features of the Firebird database. At the end, I am sure you will be anxious to download its lightweight installer and try it out yourself."

Comments (none posted)

Grid Computing Pros Weigh in on Security Issues

The Globus Consortium Journal for March 2006 features Grid security perspectives from a range of experts from both the open source and vendor community. Click below for the press release.

Full Story (comments: none)

Linux Gazette #124

The March edition of Linux Gazette is out. This edition has articles on Interfacing with the ISA Bus, by Abhishek Dutta, PyCon 2006 Dallas, by Mike Orr, Migrating a Mail Server to Postfix/Cyrus/OpenLDAP, by René Pfeiffer, Build a Six-headed, Six-user Linux System, by Bob Smith, plus the usual features.

Comments (none posted)

Absolute Basics For Setting Up Your Printing Network

The CUPS project has a new tutorial on setting up the cupsd.conf file for remote printing.

Comments (none posted)

Moglen and company on Sarbanes-Oxley

Recently, there have been allegations that violating the GPL could put a U.S. company (and its management) in violation of the Sarbanes-Oxley Act - which was intended to address corporate governance issues. The Software Freedom Law Center has just put out a paper refuting these allegations. "The SFLC paper defines the realistic impact of a GPL violation as it could be applied under SOX. The SFLC paper points out that SOX generally applies only to public companies and that disclosure in a company's SEC reports is not necessary if a company’s use of the license is immaterial to its business. It also states that companies that must comply with SOX bear the full cost of SOX compliance regardless of the licenses of the software they choose." Click below for the press release, or head over to the SFLC site for the full paper.

Full Story (comments: 7)

Contests and Awards

Extend Firefox Contest Winners Announced (MozillaZine)

MozillaZine mentions the winners of the Extend Firefox Contest. "The finalists were announced last month. Grand Prize Winners include Reveal, Web Developer and Firefox Showcase."

Comments (none posted)

2005 LinuxQuestions.org Members Choice Award Winners

LinuxQuestions.org has announced the winners of its 2005 Members Choice Awards. Winners include Ubuntu, MySQL, OpenOffice.org, Firefox, and many more.

Full Story (comments: none)

Education and Certification

LPI announces new affiliate for greater China region

The Linux Professional Institute will be offering its certification program in China. "The Linux Professional Institute (LPI), the world's premier Linux certification organization announced that it was making an additional investment in the Chinese market and surrounding region through the development of a "Master" affiliate for the region. This new organization will work closely with Chinese Linux professionals, the Open Source community and local software/hardware vendors and developers to increase the professional use of Linux and Open Source software through LPI's internationally-recognized certification programs."

Full Story (comments: none)

Upcoming Events

BEA to Kick Off Fourth Annual Global Dev2Dev Days Seminar Series

BEA Systems, Inc. has announced the lineup for the fourth annual Dev2Dev Days seminar series. "This year's global seminars are slated to focus on the blending of commercial software and open source frameworks. The program, which is scheduled to kick off on March 21 in Washington D.C. and to conclude in Mexico City on May 4, is designed to provide an ideal forum for developers and some of the industry's best "liquid thinkers" to network and share the latest technology information and best practices to help them transform and optimize their business from the ground up."

Comments (none posted)

Google, Oracle, Open Source Academy join FOSS Means Business

Google, Oracle and the Open Source Academy will be present at the FOSS Means Business conference in Belfast, Northern Ireland on March 16, 2006.

Full Story (comments: none)

Call for Papers - hack.lu 2006

A call for papers has gone out for hack.lu 2006. The event will take place in Luxembourg on October 19-21, 2006, abstracts are due by May 1. "The purpose of the hack.lu convention is to give an open and free playground where people can discuss the implication of new technologies in society. hack.lu is a balanced mix convention where technical and non-technical people can meet each others and share freely all kind of information."

Full Story (comments: none)

PostgreSQL Anniversary Summit, Call for Contributions

A call for contributions has gone out for the PostgreSQL Anniversary Summit. The event will take place on July 8-9, 2006, in Toronto, Canada, submissions are due by March 31.

Full Story (comments: none)

Events: March 9 - May 4, 2006

Date Event Location
March 9, 2006O'Reilly Emerging Technology Conference(ETech)(Manchester Grand Hyatt)San Diego, CA
March 9 - 10, 2006New Orleans Plone Symposium(Astor Crowne Plaza)New Orleans, LA
March 16, 2006FOSS means Business(Spires Conference Centre)Belfast, Northern Ireland
March 17 - 19, 2006Libre Graphics Meeting 2006(Ecole d'Ingénieurs CPE)Lyon, France
March 18 - 19, 2006Rockbox International Developers Conference 2006Stockholm, Sweden
March 19 - 24, 2006Novell BrainShare 2006(Salt Palace Convention Center)Salt Lake City, UT
March 21 - 23, 2006UKUUG Spring Conference 2006Durham, UK
March 25, 2006Penguin DaySeattle, WA
March 25, 2006Bleepfest 06(Christchurch Spitalfields Crypt)London, England
March 29 - 31, 2006PHP Quebec 2006(Plaza Montreal Hotel)Montreal, Canada
April 3 - 6, 2006Embedded Systems Conference(ESC)(McEnery Convention Center)San Jose, CA
April 3 - 7, 2006CanSecWest/core06(Marriott Renaissance Harbourside hotel)Vancouver, Canada
April 3 - 4, 2006Freedom To Connect 2006(FTC)(AFI Silver Theater)Washington, DC
April 3 - 6, 2006LinuxWorld Conference and Expo(Boston Convention and Exposition Center)Boston, MA
April 7 - 9, 2006Notocaon 3(Holiday Inn Select Cleveland)Cleveland, OH
April 11 - 12, 2006CELF Embedded Linux ConferenceSan Jose, California
April 15 - 16, 2006LayerOne 2006(Pasadena Hilton)Pasadena, California
April 19 - 22, 2006Forum Internacional Software Livre 7.0(FISL)Porto Alegre, Brazil
April 19 - 20, 2006UK Python Conference(Randolph Hotel)Oxford, England
April 20 - 22, 2006International Conference on Availability, Reliability and Security(AReS 2006)Vienna, Austria
April 21 - 23, 2006Penguicon 4.0Livonia, Michigan
April 23 - 26, 2006ItaniumR Conference and Expo 2006(Gelato ICE)San Jose, CA
April 24 - 26, 2006LinuxWorld & NetworkWorld Canada 2006 Conference & Expo(Metro Toronto Convention Centre, North Bldg.)Toronto, Canada
April 24 - 27, 2006MySQL Users ConferenceSanta Clara, CA
April 24 - 25, 20062006 Desktop Linux Summit(Manchester Grand Hyatt)San Diego, CA
April 24 - 26, 2006SambaXP 2006(Clarion Parkhotel)Göttingen, Germany
April 26 - 28, 2006php|tek 2006(Orlando Airport Marriott Hotel)Orlando, FL
April 27 - 30, 2006Linux Audio Conference(LAC2006)(ZKM)Karlsruhe, Germany
April 29, 2006Linuxfest Northwest 2006Bellingham, WA
April 29 - 30, 2006European Common Lisp Meeting 2006Hamburg, Germany
May 1 - 6, 2006DallasCon 2006(Richardson Hotel)Dallas, TX
May 3 - 6, 2006LinuxTag 2006(Rhein-Main-Hallen)Wiesbaden, Germany

Comments (none posted)

Web sites

LinuxMAO.org, a french Linux Audio Wiki

LinuxMAO.org is a new French language Wiki for Linux audio users. "In a rather humble than chauvinistic initiative, let's say it's a common wisdom french people do not speak english that fluently... ,-) Contributers are welcome!"

Full Story (comments: none)

New Samba Wiki

A new Samba Wiki has been announced. "This new Samba wiki is available for both users and developers alike. The wiki provides a means for the Samba community to provide dynamic or temporary documentation or to provide other relevant information."

Comments (none posted)

Audio and Video programs

Your GNOME Podcast (GnomeDesktop)

GnomeDesktop.org has announced the availability of the first GNOME Podcast. "The first episode of Your GNOME Podcast has been released! In this and future episodes, we'll be featuring current GNOME news, blasts from the past, interviews, reviews and feedback, as well as much more."

Comments (3 posted)

Page editor: Forrest Cook

Copyright © 2006, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds