|
|
| |
|
| |
LWN.net Weekly Edition for August 30, 2007
Those who have been paying close attention may have noticed a number of
changes to the LWN site over the last few weeks. Most of those changes are
not visible; our quaint early-90's table-oriented HTML is slowly giving
away to a more contemporary design which makes use of the features of
cascading style sheets. This sort of work involves a lot of
change-and-reload cycles in an effort to figure out why something is not
rendering as your editor intended. CSS is a powerful but sometimes obscure
technology. One tool your editor wishes he had stumbled across earlier is
Firebug, a Firefox extension
designed to help with just this sort of work.
Firebug can be thought of as a sort of interactive debugger for HTML and
CSS. It is not an authoring tool; it is assumed that content is being
created by other means. It is, instead, a way of figuring out why things
look the way they do and how to make them come out better.
To that end, Firebug includes an interactive HTML inspector. It's a sort
of "view source" window, but done in a much more useful way. By using the
"inspect element" option in the Firefox content menu, a web developer can
find the HTML for a specific item in a hurry. The display of the document
tree is hierarchical, making it easy to see how elements relate to each
other. Editing of element attributes is a matter of clicking on them and
entering new values; numeric attributes can also be adjusted up and down
with the arrow keys. As a result, it is easy to make quick HTML changes
and immediately see what the results are.
It is also possible to edit the text contained within the elements, but the
interface is somewhat awkward. But this is not a functionality which
really matters anyway; Firebug is about markup and rendering, not the
content itself.
Positioning the mouse over an element in the HTML inspector highlights the
corresponding part of the displayed document. This feature can be useful
in correlating the two windows, but it also leads to extensive flashing and
blinking as the mouse moves through the window. Something a little less
distracting and gaudy would be more to your editor's taste.
The HTML inspector also features a pane which shows the stylesheet entries
relevant to the element of interest. The entire cascade is shown, with
overridden attributes marked. As a result, it is easy to see where all of
the rendering parameters for an element are coming from. Anybody who has
worked with CSS for a while knows that the combination of selection rules
and cascading can lead to mysterious effects at times. The CSS display
removes the mystery, making the source of strange behavior obvious. Once
again, CSS parameters can be tweaked on the fly, making it easy to adjust
attributes until things fit together just right. One shortcoming here is
that adding new attributes does not appear to work in any useful way; it
seems that attempts have been made to support this functionality, but your
editor was unable to make it work.
There is a separate "layout" display which shows how the various parts of
the CSS box model come together in the rendering of a specific element.
The values of the margin, border, and padding attributes can all be
adjusted on the fly, and a set of rules shows how each plays into the final
positioning of the element on the page. Your editor, who has often used
the old trick of turning on borders to see how an element has been placed,
likes this display better: it separates out the effect of the various
attributes and does not, in itself, change the rendering. So questions
like "where is that extra white space coming from?" are easily answered.
One complaint here is that changing the border parameters is pointless if
border style is none (which is the default); it would be nice to
be able to play with border styles in the same place.
Finally, there is a mode for playing with stylesheets as a whole. In this
mode, the entire stylesheet is available and attributes can be tweaked to
see what their effect is on the page as a whole. There is a toggle for
every attribute allowing it to be turned off. New attributes can be added
- that feature seems to work on this screen. What is missing is any way to
save the results of changes.
For those who are concerned with page load times, there is a mode which
shows, in bar-graph form, just how long each component of the page took to
load. It is possible, in each case, to look at the request and response
headers associated with that loading. This feature is probably not one
which will be heavily used by most web developers, but it can be useful if
a specific page is loading slowly for any reason.
LWN is not a site which makes much use of Javascript, so your editor has
not played with the Javascript-specific features of Firebug. Those
features look impressive, though. There is a complete interactive
debugger, a profiler, a DOM inspector, and more. The HTML inspector,
unlike the Firefox "view source" feature, shows what the document's HTML
looks like after it has been mangled by Javascript code. All told,
it looks like a nice package for those doing that kind of work.
"View source" has always been a fundamental part of how web pages are
designed. So it is not surprising that Firebug supports this mode of
operation very well. But trying to figure out how a CSS designer got a
specific effect from the standard "view source" screens is, with modern
pages, often a painful experience. Firebug takes a lot of the pain away by
making it easy to look at specific elements and the CSS declarations which
affect them. In general, Firebug is a tool which gives a highly useful
view into just how the browser is rendering a document. It has become an
important part of your editor's toolbox.
Comments (26 posted)
By Jake Edge August 29, 2007
The failure
of Microsoft's anti-piracy servers over the weekend would seem an easy
entree to some Redmond-bashing, but there are far more important issues to
consider. It is sometimes easy to forget about the "freedom" in free
software, but that is exactly what protects the users of Linux and
other free systems from this kind of misfeature. Using proprietary,
closed source software with a decidedly one-sided license agreement is not
wrong, per se, but should be considered carefully – not just entered
into blindly as is often the case.
With a name that seems like the straight line of a joke, Windows Genuine
Advantage (WGA) is the "service" that Microsoft uses to attempt to detect
and semi-disable copies of Windows that it concludes have been illegally
installed. Each copy
checks in with a remote server, sending over some hardware and software
profile information to determine if it is properly licensed. Any number of
things could happen to a "pirated" copy, but currently XP users get a popup
that alerts them to their piracy, while Vista users get some –
supposedly non-critical – features disabled. All of which might be
reasonable for a truly pirated copy, but for users who are properly licensed,
it is annoying, at best, to be treated as a criminal.
For approximately 19 hours starting on Friday 24 August, the WGA servers
were not working correctly; some 12,000 machines that checked in with
them during that
time were marked, incorrectly in the vast majority of cases, as pirated.
The first responses from Microsoft technical support indicated that it might
be several days before the service was back: "kindly try to validate again
on Tuesday 28 Aug 2007." In fact, the WGA team identified and fixed the
problem in less than a day, but it highlights that the default or failsafe
condition for WGA is "pirated." Vista users were particularly incensed as
they had to endure reduced functionality of their fully legal copies of
the software.
The reactions of some users to the
WGA
blog posting announcing the fix were rather telling. Thanking Microsoft
for fixing the problem – which they, of course, created – so
quickly and over a weekend, while writing off any angry users as cranks,
makes it seem that everyone should be thankful that they have any
software at all. Many users are willing to cede control of their software
to the vendor.
Microsoft is not alone in the practice of software and hardware validation,
many copy protection and license key schemes depend on some kind of
matching between the key and the hardware it is licensed for. Other
vendors snoop on their users, in the interests of cheating prevention in
games for example, and report back to central servers. Skype was recently
found
to root around in Firefox profiles for unknown (possibly benign) reasons.
It comes down to a question of who controls the system, both hardware and
software, that one has purchased.
The control issue comes in other forms as well. Proprietary data formats are
one of the current battlefields. It is rather amazing that folks will
pay lots of money to lock up their data in a format that they will
probably be unable to read in ten years time; unless they periodically
convert it to use the latest format. So-called Digital Rights Management
(DRM) is yet another control scheme that imposes restrictions, determined
by the vendor, on books, videos, music, and the like. These restrictions
are not
arbitrary, the sellers try to optimize their income by imposing constraints
that won't chase away the majority of their customers.
There are tradeoffs here, folks are generally willing to trade their freedom
for the latest whiz-bang software feature or a copy of the latest movie.
They rarely think of it in those terms, however. The copyright owners may
be within their rights to try to get buyers to agree to their terms; so far,
they have largely been successful. There are hopeful signs that people
are waking up, recognizing these schemes – DRM, proprietary formats,
anti-piracy authentication, etc. – for what they are, an unabashed
attempt to control as much as they can get away with.
It will be very interesting to watch how the "iPod generation" reacts when
the iPod is no longer the music player of choice. All of the music that
they "bought" from iTunes will not play elsewhere. Apple will, in all
likelihood, make it as hard as possible to migrate to another player, even
if their market dominance in digital music players has passed. Users will
be left with no choice but to "buy" the music again, which is great for the
record companies, but not so much for the users.
Google Video users
ran
into the same problem recently, their DRM-infected videos were to stop
playing after 15 August. After initially mishandling the revocation, along
with a poorly received refund plan, Google has since relented, offering a
full refund and extending the life of the videos until February 2008.
With luck, users who have been bitten by these schemes will demand DRM-free
versions when they make their second purchase.
Users of free software and open formats are largely immune to this kind of
silliness. There is no "Linux Genuine Advantage"
server running in Linus
Torvalds' basement, checking to make sure we are properly licensed. Even
the commercial Linux vendors, whose livelihood depends on support
subscriptions, cannot get away with enforcing WGA-like schemes; free
software can be rewritten, legally, to avoid them. Red Hat, Novell or
others cannot reduce your functionality or hold your data hostage, there is
no lock-in.
Free software and open formats provide freedom, which is easy to overlook
when using them on a day-to-day basis. One can feel very secure that a
file created using OpenOffice.org or Gimp today will be readable by
something – those applications may be long gone – in 50
or 100 years. Assuming that the data stored on our backup media today can
be retrieved in the distant future (and that may be a big assumption), the
documents, music, pictures, etc. that were stored there will undoubtedly be
retrievable. If
someone can find compatible hardware, distribution Live CDs will boot and
run, without authenticating anywhere. Proprietary and closed format
users have no such assurance.
Comments (21 posted)
By Jake Edge August 29, 2007
The hubbub over the iPhone is old news now, unlocking it from AT&T
is the big story these days. Another phone – one which may actually deliver what
many were hoping for with the iPhone – arrived in the LWN laboratories a few
weeks ago: an OpenMoko Neo 1973. The phone,
pictured at right (Apple's large
handed model was not available), is compact and reasonably light; it
looks very different from other cell phones. The hardware seems to be
working fairly well at this point, but the software is lagging, which is
likely to delay the consumer launch, currently slated for October.
This device is the first to run the OpenMoko software platform. Because it is the first, it is being called the "OpenMoko phone," but
the company, OpenMoko, Inc., is clearly hoping to have other manufacturers
use the software platform on their own hardware. Their business model is quite
different from most in the consumer electronics world as they are very open
about their hardware specs as well as their product roadmap. An unlocked
phone running free software is obviously their goal; no doubt they would
like theirs to be successful, but they are doing everything they can to see
that the overall goal is reached.
The Neo hardware is fairly powerful, a 266MHz ARM processor with 128M of
RAM and 64M of flash for running Linux and the applications. For
additional storage, it has a Micro SD slot, tucked underneath the
Subscriber Identity Module (SIM) slot; both live underneath the standard
Nokia battery. The back plate is rather easy to remove to get to the
battery compartment, though it seems unlikely to pop open unexpectedly; the
hardware design seems quite well thought out.
There are several connectivity options, starting with the quad-band GSM
radio, which allows it to use cellular networks throughout most of the
world. The radio also supports General Packet Radio Service (GPRS) for
(slow) data connections, as long as the carrier and contract support it.
Bluetooth 2.0 and USB 1.1 round out the communications choices. For the
development hardware, there is no charger, USB from a host provides the
battery recharging.
There is a GPS receiver in the phone, unfortunately one with a
closed-source driver that is not distributed with the phone. There are efforts
underway to reverse-engineer the binary driver and produce a free
alternative. Once that is done, GPS applications can be written to take
advantage of the device.
The touchscreen display is a sharp, 2.8-inch diagonal active matrix at
480x640 resolution which is reasonably easy to see in full sunlight (as
long as you tilt it out of the glare). The Neo comes with a combination
pen, mini-flashlight and laser pointer to be used as the stylus, which is a
useful combination, though
leaving ink behind on the screen seems a bit worrisome. There are only two
buttons on the phone, one for power and one auxiliary (AUX), both flush
with the case to prevent accidental button hits.
Software is going to make or break any phone project and OpenMoko seems a
bit behind in that area. They just announced a complete overhaul of
the user interface to be easier to use with fingers, rather than a stylus,
and to incorporate what has been learned while using the real Neo
hardware. Much of the software was written using emulators; what is easy
on a monitor with a mouse is not necessarily so easy on a touchscreen using
fingers, particularly when the screen is recessed, making the edges harder
to use. The older startup screen is shown on the left, the newer to
the right.
Some of the major applications (dialer, contacts, calendar, etc.) have been
ported to the new interface (called 2007.2), but there is still a lot of
work to do. Both old and new interfaces suffered from poor response and
some application and UI crashes. The applications themselves are very
rudimentary, probably too simple for what cell phone users expect, but they
are a good start.
Actually connecting and registering with a cellular network was a manual
process in the most recent build. Once some fiddling was out of the way,
though, the phone could make and receive calls. Audio quality was mediocre
and there seems to be some kind of echo cancellation problem for the audio
at the other end. Those kinds of problems need to be high on the
developers' priority list, without rock-solid basic phone functionality,
consumers will be uninterested.
For a Linux user, it is unarguably cool to be able to ssh into
your phone and poke around in the guts of the system. By using USB
networking, a simple ifconfig on the host allows connections to
the phone. Logging in as root puts you into a shell with BusyBox installed for many of the
standard Linux utilities. By configuring the host as a gateway, the phone
can access the internet (presumably via GPRS as well). This allows the use
of Ipkg to update the
phone software in the same way that apt-get and friends are used.
There is also a terminal application, shown at right, which provides a root
prompt on the screen, though making it
bring up an on-screen keyboard was not obvious.
This phone clearly has a lot of potential, but it also has a long way to go
to reach the polish that the iPhone is rumored to have. Its strongest
feature, though, that it is not tied to any particular carrier, might be
enough to carry it in the early going. In addition, carriers will not be
able to lock out "foreign" ringtones or only allow their games and
applications to be installed. OpenMoko, both the company and the software,
are truly trying to live up to their
Matrix-inspired slogan: "Free your phone".
Hopefully, the OpenMoko company has
the resources to carry it through for a while, until the software catches
up with the hardware. If not, though, the software is free, some other
company could pick up where they left off. That would be unfortunate, as we
look forward to following the development closely; we don't want to wait
another year or more for a free (as in freedom) phone. We will keep you
updated as things progress.
Comments (54 posted)
Page editor: Jonathan Corbet
Security
By Jake Edge August 29, 2007
Spam rates are rising, rapidly, with a lot of the blame being placed on the
"storm worm." The
worm is targeted at PCs, to build an enormous botnet for purposes
that can only be speculated upon. Estimates of the size of the
botnet vary, but it is probably fair to say that millions of machines are
infected. Interestingly, the techniques used to propagate the worm are
evolving and some defense mechanisms are emerging.
The storm worm has been with us since January, its name stems from the
subject of the earliest emails that propagated it, attacking in
multiple waves of spam since then. It uses the simplest of all infection
techniques: tricking recipients into running a program. Those programs,
which, from all reports, only run on Windows, then install various kinds of
malware, including programs to connect the machine to a massive botnet.
At its root, the storm worm uses various "social engineering" tactics to
convince people to either open an executable in the email or to visit a
website and download software from there. Several different messages have
been tried recently, electronic greeting cards, welcome messages from
various "groups" (Wine Lovers, Poker Players, etc.) and the most recent,
that claims to be a pointer to a YouTube video that shows you or your
family. These messages have been pumped out at enormous rates by the
botnet as it tries to grow bigger.
Some defensive
behavior has been noted as well. When infected machines are scanned
for vulnerabilities or malware, they sometimes react by calling in a
distributed denial-of-service (DDoS) attack on the scanning machine.
The main concern is for academic networks that sit directly on the
internet, machines behind firewalls are generally protected, unless a
significant part
of the botnet also lives there.
These evolving tactics and defensive measures are not being implemented
for fun, the botnet herders probably have a plan for using such a huge
botnet, the only question is: for what? The most likely explanation is for
DDoS attacks on targeted sites, quite possibly to get paid to
stop, which is also known as extortion. They presumably also get paid to send spam
– other than that used to increase their size – but extorting
money from sites that depend on traffic is probably much more lucrative.
Unlike other botnets, storm's does not rely on a single central server that
can be shut down, destroying the botnet. Instead it uses peer-to-peer
technology, distributing its command and control infrastructure throughout
the network, making it much more difficult to combat. That coupled with
the furious spamming and defensive responses makes this the most robust
botnet we have seen yet.
While this particular attack does not appear to affect Linux users
directly, we should not be resting on our laurels. Linux users likely have
a higher clue level, overall, than Windows users, but that level is
dropping. As Ubuntu and other desktop, newbie-oriented distributions gain
ground, the average computer literacy of the Linux community drops. There
is no defense, other than educating users, against folks who download
random things and run them on their computer. If the storm botnet herders
decide they need even more machines for their plan for total world
domination, they might just turn to Linux.
Comments (18 posted)
New vulnerabilities
bugzilla: several vulnerabilities
| Package(s): | bugzilla |
CVE #(s): | |
| Created: | August 28, 2007 |
Updated: | August 29, 2007 |
| Description: |
This Bugzilla security
advisory covers several vulnerabilities in Bugzilla 2.20.4, 2.22.2, and
3.0. |
| Alerts: |
|
Comments (1 posted)
id3lib: insecure tmpfile creation
| Package(s): | id3lib |
CVE #(s): | CVE-2007-4460
|
| Created: | August 27, 2007 |
Updated: | October 2, 2007 |
| Description: |
The RenderV2ToFile function in tag_file.cpp in id3lib (aka libid3) 3.8.3
allows local users to overwrite arbitrary files via a symlink attack on a
temporary file whose name is constructed from the name of a file being
tagged. |
| Alerts: |
|
Comments (none posted)
opera: multiple vulnerabilities
| Package(s): | opera |
CVE #(s): | CVE-2007-4367
CVE-2007-3929
CVE-2007-3142
CVE-2007-3819
|
| Created: | August 23, 2007 |
Updated: | February 27, 2008 |
| Description: |
The Opera browser has multiple vulnerabilities.
The JavaScript engine is vulnerable to a virtual function call on an invalid pointer that can be triggered by specially crafted JavaScript.
A freed pointer in the BitTorrent support may be
accessed, this can be used for malicious code execution.
The browser is vulnerable to several memory read protection
errors. There are URI display errors that can be used to trick
users into visiting arbitrary web sites. |
| Alerts: |
|
Comments (none posted)
pam_ssh: authentication restriction bypass
| Package(s): | pam_ssh |
CVE #(s): | CVE-2007-0844
|
| Created: | August 27, 2007 |
Updated: | August 29, 2007 |
| Description: |
The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when the allow_blank_passphrase option is disabled, allows remote attackers to bypass authentication restrictions and use private encryption keys requiring a blank passphrase by entering a non-blank passphrase. |
| Alerts: |
|
Comments (none posted)
po4a: information leak
| Package(s): | po4a |
CVE #(s): | CVE-2007-4462
|
| Created: | August 27, 2007 |
Updated: | September 14, 2007 |
| Description: |
This update fixes a potential security problem (information leak)
due to use of predictable name in /tmp.
|
| Alerts: |
|
Comments (none posted)
star: directory traversal vulnerability
| Package(s): | star |
CVE #(s): | CVE-2007-4134
|
| Created: | August 28, 2007 |
Updated: | October 23, 2007 |
| Description: |
Star saves many files together into a single tape or disk archive,
and can restore individual files from the archive. Star supports ACL.
Version 1.5a84 fixes a directory traversal vulnerability. |
| Alerts: |
|
Comments (none posted)
sylpheed: format string vulnerability
| Package(s): | sylpheed |
CVE #(s): | CVE-2007-2958
|
| Created: | August 28, 2007 |
Updated: | October 26, 2007 |
| Description: |
Ulf Harnhammar (Secunia Research) has discovered a format string
vulnerability in sylpheed and claws-mail in inc_put_error() function in
src/inc.c when displaying POP3 error reply. The problem can be exploited
by malicious POP3 server via specially crafted POP3 server replies
containing format specifiers. See this Secunia advisory for more
information. |
| Alerts: |
|
Comments (none posted)
tar: symlink path traversal vulnerability
| Package(s): | tar |
CVE #(s): | CVE-2007-4131
|
| Created: | August 23, 2007 |
Updated: | December 28, 2007 |
| Description: |
The tar utility has a symlink path traversal vulnerability involving
extracted archives. Maliciously created tar archives can be used to
write arbitrary data to files that the tar user has write access to. |
| Alerts: |
|
Comments (none posted)
wordpress: cross-site scripting
| Package(s): | wordpress |
CVE #(s): | CVE-2007-4139
|
| Created: | August 29, 2007 |
Updated: | August 29, 2007 |
| Description: |
Cross-site scripting (XSS) vulnerability in the Temporary Uploads editing functionality (wp-admin/includes/upload.php) in WordPress 2.2.1, allows remote attackers to inject arbitrary web script or HTML via the style parameter to wp-admin/upload.php. |
| Alerts: |
|
Comments (none posted)
xterm: local user unauthorized access
| Package(s): | xterm |
CVE #(s): | CVE-2007-2797
|
| Created: | August 27, 2007 |
Updated: | November 15, 2007 |
| Description: |
Previous versions of the xterm package assigned incorrect ownership and
write permissions to pseudo-terminal devices, permitting local users to
direct output to other users' xterm sessions. |
| Alerts: |
|
Comments (1 posted)
Updated vulnerabilities
acroread: multiple vulnerabilities
| Package(s): | acroread |
CVE #(s): | CVE-2006-5857
CVE-2007-0045
CVE-2007-0046
|
| Created: | January 11, 2007 |
Updated: | October 26, 2009 |
| Description: |
Adobes acrobat reader has the following vulnerabilities:
The Adobe Reader Plugin has a cross site scripting vulnerability that
can be triggered by processes malformed URLs. Arbitrary JavaScript can
be served by a malicious web server, leading to a cross-site scripting
attack.
Maliciously crafted PDF files can be used to trigger two vulnerabilities,
if an attacker can trick a user into viewing the files, arbitrary code
can be executed with the user's privileges. |
| Alerts: |
|
Comments (1 posted)
apache2: information disclosure
| Package(s): | apache |
CVE #(s): | CVE-2007-1862
|
| Created: | June 20, 2007 |
Updated: | February 18, 2008 |
| Description: |
From the Mandriva advisory: "The recall_headers function in mod_mem_cache in Apache 2.2.4 does not
properly copy all levels of header data, which can cause Apache to
return HTTP headers containing previously-used data, which could be
used to obtain potentially sensitive information by unauthorized users." |
| Alerts: |
|
Comments (2 posted)
apache: multiple vulnerabilities
| Package(s): | apache |
CVE #(s): | CVE-2007-3304
CVE-2006-5752
|
| Created: | June 27, 2007 |
Updated: | February 18, 2008 |
| Description: |
The Apache HTTP Server did not verify that a process was an Apache child
process before sending it signals. A local attacker who has the ability to
run scripts on the Apache HTTP Server could manipulate the scoreboard and
cause arbitrary processes to be terminated, which could lead to a denial of
service. (CVE-2007-3304)
A flaw was found in the Apache HTTP Server mod_status module. Sites with
the server-status page publicly accessible and ExtendedStatus enabled were
vulnerable to a cross-site scripting attack. On Red Hat Enterprise Linux
the server-status page is not enabled by default and it is best practice to
not make this publicly available. (CVE-2006-5752) |
| Alerts: |
|
Comments (1 posted)
apache: cross-site scripting
| Package(s): | apache |
CVE #(s): | CVE-2006-3918
|
| Created: | August 9, 2006 |
Updated: | April 4, 2008 |
| Description: |
From the Red Hat advisory: "A bug was found in Apache where an invalid Expect header sent to the server
was returned to the user in an unescaped error message. This could
allow an attacker to perform a cross-site scripting attack if a victim was
tricked into connecting to a site and sending a carefully crafted Expect
header." |
| Alerts: |
|
Comments (none posted)
Asterisk: two SIP denial of service vulnerabilities
| Package(s): | Asterisk |
CVE #(s): | CVE-2007-1561
CVE-2007-1594
|
| Created: | April 3, 2007 |
Updated: | August 27, 2007 |
| Description: |
The Madynes research team at INRIA has discovered that Asterisk contains a
null pointer dereferencing error in the SIP channel when handling INVITE
messages. Furthermore qwerty1979 discovered that Asterisk 1.2.x fails to
properly handle SIP responses with return code 0. A remote attacker could
cause an Asterisk server listening for SIP messages to crash by sending a
specially crafted SIP message or answering with a 0 return code. |
| Alerts: |
|
Comments (none posted)
avahi: denial of service
| Package(s): | avahi |
CVE #(s): | CVE-2007-3372
|
| Created: | June 28, 2007 |
Updated: | December 23, 2008 |
| Description: |
Avahi is vulnerable to a local denial of service that can be caused by
making an erroneous call to the assert() function. |
| Alerts: |
|
Comments (none posted)
bochs: buffer overflow
| Package(s): | bochs |
CVE #(s): | CVE-2007-2893
|
| Created: | July 20, 2007 |
Updated: | November 19, 2007 |
| Description: |
A heap-based buffer overflow in the bx_ne2k_c::rx_frame function in
iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users
of the guest operating system to write to arbitrary memory locations and
gain privileges on the host operating system via vectors that cause TXCNT
register values to exceed the device memory size, aka "RX Frame heap
overflow." |
| Alerts: |
|
Comments (none posted)
bugzilla: multiple vulnerabilities
| Package(s): | bugzilla |
CVE #(s): | CVE-2006-5453
CVE-2006-5454
CVE-2006-5455
|
| Created: | November 10, 2006 |
Updated: | August 28, 2007 |
| Description: |
Bugzilla has the following vulnerabilities:
Input data passed to various fields is not properly sanitized before
being passed back to users.
Users can gain unauthorized access to read attachment
descriptions while using diff mode.
HTTP GET and HTTP POST requests can be used to perform unauthorized
actions due to improper verification.
Input that is passed to showdependencygraph.cgi is not properly
sanitized before being returned to users. |
| Alerts: |
|
Comments (none posted)
centericq: buffer overflows
| Package(s): | centericq |
CVE #(s): | CVE-2007-3713
|
| Created: | July 20, 2007 |
Updated: | December 17, 2007 |
| Description: |
Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow
remote attackers to execute arbitrary code via unspecified vectors. NOTE:
the provenance of this information is unknown; the details are obtained
solely from third party information. NOTE: this might overlap
CVE-2007-0160. |
| Alerts: |
|
Comments (none posted)
clamav: denial of service
| Package(s): | clamav |
CVE #(s): | CVE-2007-3725
|
| Created: | July 24, 2007 |
Updated: | February 27, 2008 |
| Description: |
A NULL pointer dereference has been discovered in the RAR VM of Clam
Antivirus (ClamAV) which allows user-assisted remote attackers to
cause a denial of service via a specially crafted RAR archives. |
| Alerts: |
|
Comments (none posted)
cpio: arbitrary code execution
| Package(s): | cpio |
CVE #(s): | CVE-2005-4268
|
| Created: | January 2, 2006 |
Updated: | March 17, 2010 |
| Description: |
Richard Harms discovered that cpio did not sufficiently validate file
properties when creating archives. Files with e. g. a very large size
caused a buffer overflow. By tricking a user or an automatic backup
system into putting a specially crafted file into a cpio archive, a
local attacker could probably exploit this to execute arbitrary code
with the privileges of the target user (which is likely root in an
automatic backup system). |
| Alerts: |
|
Comments (none posted)
vixie-cron: privilege escalation
| Package(s): | cron |
CVE #(s): | CVE-2006-2607
|
| Created: | May 31, 2006 |
Updated: | June 1, 2009 |
| Description: |
The Vixie cron daemon does not check the return code from setuid(); if that call can be made to fail, a local attacker may be able to execute commands as root. |
| Alerts: |
|
Comments (1 posted)
cscope: buffer overflows
| Package(s): | cscope |
CVE #(s): | CVE-2006-4262
|
| Created: | October 2, 2006 |
Updated: | June 16, 2009 |
| Description: |
Will Drewry of the Google Security Team discovered several buffer overflows
in cscope, a source browsing tool, which might lead to the execution of
arbitrary code. |
| Alerts: |
|
Comments (none posted)
cscope: buffer overflows
| Package(s): | cscope |
CVE #(s): | CVE-2004-2541
|
| Created: | May 22, 2006 |
Updated: | June 19, 2009 |
| Description: |
A buffer overflow in Cscope 15.5, and possibly multiple overflows, allows
remote attackers to execute arbitrary code via a C file with a long
#include line that is later browsed by the target. |
| Alerts: |
|
Comments (1 posted)
cups: denial of service
| Package(s): | cups |
CVE #(s): | CVE-2007-0720
|
| Created: | March 26, 2007 |
Updated: | February 7, 2008 |
| Description: |
Previous versions of the cups package could be forced to hang via a client
"partially negotiating" an ssl connection. In this state, cups would not
allow other connections to be made, a denial of service. |
| Alerts: |
|
Comments (none posted)
gpdf: integer overflow
| Package(s): | cups poppler xpdf |
CVE #(s): | CVE-2007-3387
|
| Created: | July 31, 2007 |
Updated: | November 28, 2007 |
| Description: |
The gpdf library contains an integer overflow which can be exploited via a malicious PDF file. This code finds its way into multiple packages, including xpdf, kpdf, poppler, cups, and more. |
| Alerts: |
|
Comments (1 posted)
Cyrus-SASL: DIGEST-MD5 Pre-Authentication Denial of Service
| Package(s): | cyrus-sasl |
CVE #(s): | CVE-2006-1721
|
| Created: | April 21, 2006 |
Updated: | September 4, 2007 |
| Description: |
Cyrus-SASL contains an unspecified vulnerability in the DIGEST-MD5
process that could lead to a Denial of Service. An attacker could possibly
exploit this vulnerability by sending specially crafted data stream to the
Cyrus-SASL server, resulting in a Denial of Service even if the attacker is
not able to authenticate. |
| Alerts: |
|
Comments (none posted)
dovecot: privilege escalation
| Package(s): | dovecot |
CVE #(s): | CVE-2007-4211
|
| Created: | August 15, 2007 |
Updated: | May 21, 2008 |
| Description: |
From the rPath advisory: "Previous versions of the dovecot package are vulnerable to a
minor privilege escalation attack in which an authenticated
user may exploit an ACL plugin weakness to save message flags
without having proper permissions." |
| Alerts: |
|
Comments (none posted)
dovecot: directory traversal
| Package(s): | dovecot |
CVE #(s): | CVE-2007-2231
|
| Created: | May 8, 2007 |
Updated: | May 21, 2008 |
| Description: |
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot
before 1.0.rc29, when using the zlib plugin, allows remote attackers to
read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot)
sequence in the mailbox name. |
| Alerts: |
|
Comments (none posted)
elinks: code execution
| Package(s): | elinks |
CVE #(s): | CVE-2007-2027
|
| Created: | May 7, 2007 |
Updated: | October 30, 2009 |
| Description: |
Arnaud Giersch discovered that elinks incorrectly attempted to load
gettext catalogs from a relative path. If a user were tricked into
running elinks from a specific directory, a local attacker could execute
code with user privileges. |
| Alerts: |
|
Comments (none posted)
elinks: arbitrary file access
| Package(s): | elinks |
CVE #(s): | CVE-2006-5925
|
| Created: | November 16, 2006 |
Updated: | October 22, 2009 |
| Description: |
The elinks text-mode browser has an arbitrary file access vulnerability
in the Elinks SMB protocol handler. If a user can be tricked into
visiting a specially crafted web page, arbitrary files may be read or
written with the user's permissions. |
| Alerts: |
|
Comments (none posted)
emacs21: denial of service
| Package(s): | emacs21 |
CVE #(s): | CVE-2007-2833
|
| Created: | June 21, 2007 |
Updated: | August 29, 2007 |
| Description: |
The emacs21 editor has a denial of service vulnerability.
emacs21 can be made to crash by viewing "certain types of images". |
| Alerts: |
|
Comments (none posted)
evolution: format string error
| Package(s): | evolution |
CVE #(s): | CVE-2007-1002
|
| Created: | March 27, 2007 |
Updated: | February 27, 2008 |
| Description: |
A format string error in the "write_html()" function in calendar/gui/
e-cal-component-memo-preview.c when displaying a memo's categories can
potentially be exploited to execute arbitrary code via a specially crafted
shared memo containing format specifiers. |
| Alerts: |
|
Comments (1 posted)
evolution-data-server: malicious server arbitrary code execution
| Package(s): | evolution-data-server |
CVE #(s): | CVE-2007-3257
|
| Created: | June 18, 2007 |
Updated: | November 7, 2007 |
| Description: |
From the GNOME
bugzilla: "The "SEQUENCE" value in the GData of the IMAP code
(camel-imap-folder.c) is converted from a string using strtol. This allows
for negative values. The imap_rescan uses this value as an int. It checks
for !seq and seq>summary.length. It doesn't check for seq <
0. Although seq is used as the index of an array." |
| Alerts: |
|
Comments (1 posted)
pop mail man-in-the-middle attacks
| Package(s): | evolution thunderbird mutt fetchmail |
CVE #(s): | CVE-2007-1558
|
| Created: | May 8, 2007 |
Updated: | July 3, 2009 |
| Description: |
The APOP protocol allows remote attackers to guess the first 3 characters
of a password via man-in-the-middle (MITM) attacks that use crafted message
IDs and MD5 collisions. NOTE: this design-level issue potentially affects
all products that use APOP, including (1) Thunderbird, (2) Evolution, (3)
mutt, and (4) fetchmail. |
| Alerts: |
|
Comments (none posted)
file: integer overflow
| Package(s): | file |
CVE #(s): | CVE-2007-2799
|
| Created: | June 1, 2007 |
Updated: | October 19, 2007 |
| Description: |
Colin Percival from FreeBSD reported that the previous fix for the
file_printf() buffer overflow introduced a new integer overflow. A remote
attacker could entice a user to run the file program on an overly large
file (more than 1Gb) that would trigger an integer overflow on 32-bit
systems, possibly leading to the execution of arbitrary code with the
rights of the user running file. |
| Alerts: |
|
Comments (3 posted)
firebird: buffer overflow
| Package(s): | firebird |
CVE #(s): | CVE-2007-3181
|
| Created: | July 2, 2007 |
Updated: | March 27, 2008 |
| Description: |
The Firebird DBMS has a buffer overflow vulnerability involving
the processing of connect requests with an overly large p_cnct_count
value. Remote attackers can send a specially crafted
request to the server in order to potentially execute arbitrary code with
the permissions of the Firebird user. |
| Alerts: |
|
Comments (none posted)
firefox: multiple vulnerabilities
| Package(s): | firefox |
CVE #(s): | CVE-2007-3844
CVE-2007-3845
|
| Created: | August 1, 2007 |
Updated: | February 20, 2008 |
| Description: |
A flaw was discovered in handling of "about:blank" windows used by
addons. A malicious web site could exploit this to modify the contents,
or steal confidential data (such as passwords), of other web pages.
(CVE-2007-3844)
Jesper Johansson discovered that spaces and double-quotes were
not correctly handled when launching external programs. In rare
configurations, after tricking a user into opening a malicious web page,
an attacker could execute helpers with arbitrary arguments with the
user's privileges. (CVE-2007-3845) |
| Alerts: |
|
Comments (none posted)
firefox: multiple vulnerabilities
| Package(s): | firefox mozilla seamonkey thunderbird |
CVE #(s): | CVE-2007-1362
CVE-2007-2867
CVE-2007-2868
CVE-2007-2869
CVE-2007-2870
CVE-2007-2871
|
| Created: | June 4, 2007 |
Updated: | August 29, 2007 |
| Description: |
Various flaws were discovered in the layout and JavaScript engines. By
tricking a user into opening a malicious web page, an attacker could
execute arbitrary code with the user's privileges. (CVE-2007-2867,
CVE-2007-2868)
A flaw was discovered in the form autocomplete feature. By tricking a user
into opening a malicious web page, an attacker could cause a persistent
denial of service. (CVE-2007-2869)
Nicolas Derouet discovered flaws in cookie handling. By tricking a user
into opening a malicious web page, an attacker could force the browser to
consume large quantities of disk or memory while processing long cookie
paths. (CVE-2007-1362)
A flaw was discovered in the same-origin policy handling of the
addEventListener JavaScript method. A malicious web site could exploit
this to modify the contents, or steal confidential data (such as
passwords), of other web pages. (CVE-2007-2870)
Chris Thomas discovered a flaw in XUL popups. A malicious web site
could exploit this to spoof or obscure portions of the browser UI,
such as the location bar. (CVE-2007-2871) |
| Alerts: |
|
Comments (3 posted)
firefox, thunderbird, seamonkey: multiple vulnerabilities
| Package(s): | firefox, thunderbird, seamonkey |
CVE #(s): | CVE-2007-3738
CVE-2007-3656
CVE-2007-3670
CVE-2007-3285
CVE-2007-3737
CVE-2007-3089
CVE-2007-3736
CVE-2007-3734
CVE-2007-3735
|
| Created: | July 18, 2007 |
Updated: | May 12, 2008 |
| Description: |
shutdown and moz_bug_r_a4 reported two separate ways to modify an
XPCNativeWrapper such that subsequent access by the browser would result in
executing user-supplied code. (CVE-2007-3738)
Michal Zalewski reported that it was possible to bypass the same-origin
checks and read from cached (wyciwyg) documents It is possible to access
wyciwyg:// documents without proper same domain policy checks through the
use of HTTP 302 redirects. This enables the attacker to steal sensitive
data displayed on dynamically generated pages; perform cache poisoning; and
execute own code or display own content with URL bar and SSL certificate
data of the attacked page (URL spoofing++). (CVE-2007-3656)
Internet Explorer calls registered URL protocols without escaping quotes
and may be used to pass unexpected and potentially dangerous data to the
application that registers that URL Protocol. (CVE-2007-3670)
Ronald van den Heetkamp reported that a filename URL containing %00
(encoded null) can cause Firefox to interpret the file extension
differently than the underlying Windows operating system potentially
leading to unsafe actions such as running a program. This is only
accessible locally. (CVE-2007-3285)
An attacker can use an element outside of a document to call an event
handler allowing content to run arbitrary code with chrome
privileges. (CVE-2007-3737)
Ronen Zilberman and Michal Zalewski both reported that it was possible to
exploit a timing issue to inject content into about:blank frames in a
page. When opening a window from a script, it is possible to spoof the
content of the newly opened window's frames within a short time frame,
while the window is loading. (CVE-2007-3089)
Mozilla contributor moz_bug_r_a4 demonstrated that the methods
addEventListener and setTimeout could be used to inject script into another
site in violation of the browser's same-origin policy. This could be used
to access or modify private or valuable information from that other
site. (CVE-2007-3736)
As part of the Firefox 2.0.0.5 update releases Mozilla developers fixed
many bugs to improve the stability of the product. Some of these crashes
that showed evidence of memory corruption under certain circumstances and
we presume that with enough effort at least some of these could be
exploited to run arbitrary code. Note: Thunderbird shares the browser
engine with Firefox and could be vulnerable if JavaScript were to be
enabled in mail. This is not the default setting and we strongly discourage
users from running JavaScript in mail. Without further investigation we
cannot rule out the possibility that for some of these an attacker might be
able to prepare memory for exploitation through some means other than
JavaScript, such as large images. (CVE-2007-3734, CVE-2007-3735) |
| Alerts: |
|
Comments (none posted)
flac123: arbitrary code execution
| Package(s): | flac123 |
CVE #(s): | CVE-2007-3507
|
| Created: | July 13, 2007 |
Updated: | October 22, 2007 |
| Description: |
A stack-based buffer overflow in the local__vcentry_parse_value function in
vorbiscomment.c in flac123 (aka flac-tools or flac) before 0.0.10 allows
user-assisted remote attackers to execute arbitrary code via a large
comment value_length. |
| Alerts: |
|
Comments (none posted)
freetype: arbitrary code execution
| Package(s): | freetype |
CVE #(s): | CVE-2007-2754
|
| Created: | May 24, 2007 |
Updated: | June 1, 2010 |
| Description: |
The Freetype font rendering library versions 2.3.4 and below
has an integer sign error. Remote attackers may be able to
create a specially crafted TrueType Font file with a negative
n_points value that will cause an integer overflow and heap-based
buffer overflow, allowing the execution of arbitrary code. |
| Alerts: |
|
Comments (none posted)
freetype: integer overflows
| Package(s): | freetype |
CVE #(s): | CVE-2006-0747
CVE-2006-1861
CVE-2006-2493
CVE-2006-2661
CVE-2006-3467
|
| Created: | June 8, 2006 |
Updated: | June 1, 2010 |
| Description: |
The FreeType library has several integer overflow vulnerabilities.
If a user can be tricked into installing a specially
crafted font file, arbitrary code can be executed with the privilege
of the user. |
| Alerts: |
|
Comments (none posted)
gcc: file overwrite vulnerability
| Package(s): | gcc |
CVE #(s): | CVE-2006-3619
|
| Created: | September 6, 2006 |
Updated: | March 14, 2008 |
| Description: |
The fastjar utility found in the GNU compiler collection does not perform adequate file path checking, allowing the creation or overwriting of files outside of the current directory tree. |
| Alerts: |
|
Comments (none posted)
gd: buffer overflow
| Package(s): | gd |
CVE #(s): | CVE-2007-0455
|
| Created: | February 7, 2007 |
Updated: | November 18, 2009 |
| Description: |
The gd graphics library contains a buffer overflow which could enable a remote attacker to execute arbitrary code. Note that various other packages include code from gd and could also be vulnerable. |
| Alerts: |
|
Comments (2 posted)
gd: multiple vulnerabilities
| Package(s): | gd |
CVE #(s): | CVE-2007-3472
CVE-2007-3473
CVE-2007-3474
CVE-2007-3475
CVE-2007-3476
CVE-2007-3477
CVE-2007-3478
|
| Created: | August 6, 2007 |
Updated: | November 6, 2009 |
| Description: |
Integer overflow in gdImageCreateTrueColor function in the GD Graphics
Library (libgd) before 2.0.35 allows user-assisted remote attackers
to have unspecified remote attack vectors and impact. (CVE-2007-3472)
The gdImageCreateXbm function in the GD Graphics Library (libgd)
before 2.0.35 allows user-assisted remote attackers to cause a denial
of service (crash) via unspecified vectors involving a gdImageCreate
failure. (CVE-2007-3473)
Multiple unspecified vulnerabilities in the GIF reader in the
GD Graphics Library (libgd) before 2.0.35 allow user-assisted
remote attackers to have unspecified attack vectors and
impact. (CVE-2007-3474)
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted
remote attackers to cause a denial of service (crash) via a GIF image
that has no global color map. (CVE-2007-3475)
Array index error in gd_gif_in.c in the GD Graphics Library (libgd)
before 2.0.35 allows user-assisted remote attackers to cause
a denial of service (crash and heap corruption) via large color
index values in crafted image data, which results in a segmentation
fault. (CVE-2007-3476)
The (a) imagearc and (b) imagefilledarc functions in GD Graphics
Library (libgd) before 2.0.35 allows attackers to cause a denial
of service (CPU consumption) via a large (1) start or (2) end angle
degree value. (CVE-2007-3477)
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the
GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote
attackers to cause a denial of service (crash) via unspecified vectors,
possibly involving truetype font (TTF) support. (CVE-2007-3478) |
| Alerts: |
|
Comments (none posted)
gd: denial of service
| Package(s): | gd |
CVE #(s): | CVE-2007-2756
|
| Created: | June 14, 2007 |
Updated: | February 28, 2008 |
| Description: |
Libgd2 has a denial of service vulnerability involving the incorrect
validation of PNG callback results. If an application that is linked
against libgd2 is used to process a specially-crafted PNG file,
a denial of service involving CPU resource consumption can be
caused. |
| Alerts: |
|
Comments (none posted)
gdm: denial of service
| Package(s): | gdm |
CVE #(s): | CVE-2007-3381
|
| Created: | August 1, 2007 |
Updated: | September 20, 2007 |
| Description: |
JLANTHEA reported a denial of service flaw in the way that gdm listens on its Unix domain socket.
Any local user can crash the locally running X session. |
| Alerts: |
|
Comments (none posted)
gedit: format string vulnerability
| Package(s): | gedit |
CVE #(s): | CAN-2005-1686
|
| Created: | June 9, 2005 |
Updated: | February 5, 2009 |
| Description: |
A format string vulnerability has been discovered in gedit. Calling
the program with specially crafted file names caused a buffer
overflow, which could be exploited to execute arbitrary code with the
privileges of the gedit user. |
| Alerts: |
|
Comments (1 posted)
gimp: multiple vulnerabilities
| Package(s): | gimp |
CVE #(s): | CVE-2007-2949
|
| Created: | June 28, 2007 |
Updated: | February 27, 2008 |
| Description: |
The gimp image editor has several vulnerabilities, including
a problem where it can open PSD files with excessive dimensions
and a possible stack overflow in the Sunras loader. |
| Alerts: |
|
Comments (none posted)
grip: buffer overflow
| Package(s): | grip |
CVE #(s): | CAN-2005-0706
|
| Created: | March 10, 2005 |
Updated: | November 19, 2008 |
| Description: |
Grip, a CD ripper, has a buffer overflow vulnerability that can
occur when the CDDB server returns more than 16 matches. |
| Alerts: |
|
Comments (none posted)
gzip: multiple vulnerabilities
| Package(s): | gzip |
CVE #(s): | CVE-2006-4334
CVE-2006-4335
CVE-2006-4336
CVE-2006-4337
CVE-2006-4338
|
| Created: | September 19, 2006 |
Updated: | January 20, 2010 |
| Description: |
Tavis Ormandy of the Google Security Team discovered two denial of service
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to hang or
crash.
Tavis Ormandy of the Google Security Team discovered several code execution
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to crash or
execute arbitrary code. |
| Alerts: |
|
Comments (1 posted)
HelixPlayer: arbitrary code execution
| Package(s): | HelixPlayer |
CVE #(s): | CVE-2007-3410
|
| Created: | June 27, 2007 |
Updated: | September 17, 2007 |
| Description: |
A buffer overflow flaw was found in the way HelixPlayer processed
Synchronized Multimedia Integration Language (SMIL) files. It was possible
for a malformed SMIL file to execute arbitrary code with the permissions of
the user running HelixPlayer. (CVE-2007-3410) |
| Alerts: |
|
Comments (1 posted)
horde-kronolith: local file inclusion
| Package(s): | horde-kronolith |
CVE #(s): | CVE-2006-6175
|
| Created: | January 17, 2007 |
Updated: | March 7, 2008 |
| Description: |
Kronolith contains a mistake in lib/FBView.php where a raw, unfiltered
string is used instead of a sanitized string to view local files. An
authenticated attacker could craft an HTTP GET request that uses directory
traversal techniques to execute any file on the web server as PHP code,
which could allow information disclosure or arbitrary code execution with
the rights of the user running the PHP application (usually the webserver
user). |
| Alerts: |
|
Comments (none posted)
ImageMagick: integer overflows
| Package(s): | imagemagick |
CVE #(s): | CVE-2007-1797
|
| Created: | April 4, 2007 |
Updated: | August 11, 2009 |
| Description: |
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote
attackers to execute arbitrary code via (1) a crafted DCM image, which
results in a heap-based overflow in the ReadDCMImage function, or (2) the
(a) colors or (b) comments field in a crafted XWD image, which results in a
heap-based overflow in the ReadXWDImage function, different issues than
CVE-2007-1667. |
| Alerts: |
|
Comments (none posted)
ipsec-tools: denial of service
| Package(s): | ipsec-tools |
CVE #(s): | CVE-2007-1841
|
| Created: | April 10, 2007 |
Updated: | August 28, 2007 |
| Description: |
A flaw was discovered in the IPSec key exchange server "racoon". Remote
attackers could send a specially crafted packet and disrupt established
IPSec tunnels, leading to a denial of service. |
| Alerts: |
|
Comments (none posted)
jasper: denial of service
| Package(s): | jasper |
CVE #(s): | CVE-2007-2721
|
| Created: | June 1, 2007 |
Updated: | April 19, 2010 |
| Description: |
The jpc_qcx_getcompparms function in jpc/jpc_cs.c could allow remote
user-assisted attackers to cause a denial of service (crash) and possibly
corrupt the heap via malformed image files. |
| Alerts: |
|
Comments (none posted)
java: multiple vulnerabilities
| Package(s): | java |
CVE #(s): | CVE-2006-4339
CVE-2006-4790
CVE-2006-6731
CVE-2006-6736
CVE-2006-6737
CVE-2006-6745
|
| Created: | January 18, 2007 |
Updated: | June 4, 2010 |
| Description: |
java has multiple vulnerabilities, these include:
an RSA exponent padding attack vulnerability, two vulnerabilities
which allow untrusted applets to access data in other applets,
vulnerabilities that involve applets gaining privileges due to
serialization bugs in the JRE and buffer overflows in the java image
handling routines that can give attackers read/write/execute capabilities
for local files. |
| Alerts: |
|
Comments (1 posted)
java-1.5.0-sun: multiple vulnerabilities
| Package(s): | java-1.5.0-sun |
CVE #(s): | CVE-2007-3503
CVE-2007-3655
CVE-2007-3698
CVE-2007-3922
|
| Created: | August 6, 2007 |
Updated: | June 24, 2008 |
| Description: |
The Javadoc tool was able to generate HTML documentation pages that
contained cross-site scripting (XSS) vulnerabilities. A remote attacker
could use this to inject arbitrary web script or HTML. (CVE-2007-3503)
The Java Web Start URL parsing component contained a buffer overflow
vulnerability within the parsing code for JNLP files. A remote attacker
could create a malicious JNLP file that could trigger this flaw and execute
arbitrary code when opened. (CVE-2007-3655)
The JSSE component did not correctly process SSL/TLS handshake requests. A
remote attacker who is able to connect to a JSSE-based service could
trigger this flaw leading to a denial-of-service. (CVE-2007-3698)
A flaw was found in the applet class loader. An untrusted applet could use
this flaw to circumvent network access restrictions, possibly connecting to
services hosted on the machine that executed the applet. (CVE-2007-3922)
|
| Alerts: |
|
Comments (none posted)
kdebase: information leak
| Package(s): | kdebase |
CVE #(s): | CVE-2007-2022
|
| Created: | June 13, 2007 |
Updated: | September 19, 2007 |
| Description: |
A problem with the interaction between the Flash Player and the Konqueror
web browser was found. The problem could lead to key presses leaking to the
Flash Player applet instead of the browser.
NOTE: CVE number may be incorrect, see CVE entry |
| Alerts: |
|
Comments (1 posted)
kdebase: several vulnerabilities
| Package(s): | kdebase |
CVE #(s): | CVE-2007-3820
CVE-2007-4224
CVE-2007-4225
|
| Created: | August 20, 2007 |
Updated: | October 8, 2007 |
| Description: |
konqueror/konq_combo.cc in Konqueror 3.5.7 allows remote attackers to spoof
the data: URI scheme in the address bar via a long URI with trailing
whitespace, which prevents the beginning of the URI from being
displayed. (CVE-2007-3820)
KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by
calling setInterval with a small interval and changing the window.location
property. (CVE-2007-4224)
Visual truncation vulnerability in KDE Konqueror 3.5.7 allows remote
attackers to spoof the URL address bar via an http URI with a large amount
of whitespace in the user/password portion. (CVE-2007-4225) |
| Alerts: |
|
Comments (none posted)
kdelibs: kate backup file permission leak
| Package(s): | kdelibs kate kwrite |
CVE #(s): | CAN-2005-1920
|
| Created: | July 19, 2005 |
Updated: | September 21, 2010 |
| Description: |
Kate / Kwrite, as shipped with KDE 3.2.x up to including 3.4.0, creates a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. See this advisory for more information. |
| Alerts: |
|
Comments (1 posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2007-1357
|
| Created: | April 16, 2007 |
Updated: | November 14, 2007 |
| Description: |
The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before
2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of
service (crash) via an AppleTalk frame that is shorter than the specified
length, which triggers a BUG_ON call when an attempt is made to perform a
checksum. |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2006-4623
|
| Created: | October 18, 2006 |
Updated: | November 14, 2007 |
| Description: |
The kernel DVB layer can be caused to crash with maliciously-formatted unidirectional lightweight encapsulation (ULE) data. |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2007-3642
|
| Created: | July 23, 2007 |
Updated: | November 14, 2007 |
| Description: |
The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c in the
Linux kernel before 2.6.22 allows remote attackers to cause a denial of
service (crash) via an encoded, out-of-range index value for a choice
field, which triggers a NULL pointer dereference. |
| Alerts: |
|
Comments (none posted)
kernel: multiple vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2007-0005
CVE-2007-1000
|
| Created: | March 15, 2007 |
Updated: | November 14, 2007 |
| Description: |
The Linux kernel has a boundary error problem with the
Omnikey CardMan 4040 driver read and write functions. This can be used
to cause a buffer overflow and possible execution or arbitrary code with
kernel privileges.
The ipv6_getsockopt_sticky function in
net/ipv6/ipv6_sockglue.c is vulnerable to a NULL pointer dereference.
Local users can use this to crash the kernel or to disclose kernel
memory. |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2006-0007
CVE-2007-0006
|
| Created: | February 15, 2007 |
Updated: | November 14, 2007 |
| Description: |
Linux kernel versions from 2.6.9 to 2.6.20 have a denial of service
vulnerability. A remote attacker can cause the key_alloc_serial
function's key serial number collision avoidance code to have a
null dereference, resulting in a crash. |
| Alerts: |
|
Comments (1 posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2006-4535
CVE-2006-4538
|
| Created: | September 18, 2006 |
Updated: | January 5, 2009 |
| Description: |
Sridhar Samudrala discovered a local denial of service vulnerability
in the handling of SCTP sockets. By opening such a socket with a
special SO_LINGER value, a local attacker could exploit this to crash
the kernel. (CVE-2006-4535)
Kirill Korotaev discovered that the ELF loader on the ia64 and sparc
platforms did not sufficiently verify the memory layout. By attempting
to execute a specially crafted executable, a local user could exploit
this to crash the kernel. (CVE-2006-4538) |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2007-1861
CVE-2007-2242
|
| Created: | May 1, 2007 |
Updated: | February 8, 2008 |
| Description: |
The netlink protocol has an infinite recursion bug that allows users to
cause a kernel crash. Also the IPv6 protocol allows remote attackers to
cause a denial of service via crafted IPv6 type 0 route headers
(IPV6_RTHDR_TYPE_0) that create network amplification between two routers. |
| Alerts: |
|
Comments (none posted)
kernel: denial of service by memory consumption
| Package(s): | kernel |
CVE #(s): | CVE-2006-2936
|
| Created: | July 17, 2006 |
Updated: | November 14, 2007 |
| Description: |
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to
2.6.17, and possibly later versions, allows local users to cause a denial
of service (memory consumption) by writing more data to the serial port
than the driver can handle, which causes the data to be queued. |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2007-0772
|
| Created: | February 23, 2007 |
Updated: | November 14, 2007 |
| Description: |
The Linux kernel before 2.6.20.1 allows remote attackers to cause a denial
of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free
of an incorrect pointer. |
| Alerts: |
|
Comments (none posted)
kernel: several vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2007-1353
CVE-2007-2451
CVE-2007-2453
|
| Created: | June 11, 2007 |
Updated: | March 6, 2008 |
| Description: |
Ilja van Sprundel discovered that Bluetooth setsockopt calls could leak
kernel memory contents via an uninitialized stack buffer. A local attacker
could exploit this flaw to view sensitive kernel information.
(CVE-2007-1353)
The GEODE-AES driver did not correctly initialize its encryption key.
Any data encrypted using this type of device would be easily compromised.
(CVE-2007-2451)
The random number generator was hashing a subset of the available
entropy, leading to slightly less random numbers. Additionally, systems
without an entropy source would be seeded with the same inputs at boot
time, leading to a repeatable series of random numbers. (CVE-2007-2453) |
| Alerts: |
|
Comments (none posted)
kernel: signal handling flaw on PPC
| Package(s): | kernel |
CVE #(s): | CVE-2007-3107
|
| Created: | July 10, 2007 |
Updated: | February 4, 2008 |
| Description: |
A flaw in the signal handling on PowerPC-based systems that allowed a
local user to cause a denial of service (floating point corruption). |
| Alerts: |
|
Comments (none posted)
kernel: several vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2006-5823
CVE-2006-6054
CVE-2007-1592
|
| Created: | June 12, 2007 |
Updated: | March 21, 2011 |
| Description: |
A flaw in the cramfs file system allows invalid compressed data to cause
memory corruption (CVE-2006-5823)
A flaw in the ext2 file system allows an invalid inode size to cause a
denial of service (system hang) (CVE-2006-6054)
A flaw in IPV6 flow label handling allows a local user to cause a denial of
service (crash) (CVE-2007-1592) |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2006-5757
|
| Created: | November 13, 2006 |
Updated: | November 14, 2007 |
| Description: |
From the MOKB-05-11-2006
advisory: "The ISO9660 filesystem handling code of the Linux
2.6.x kernel fails to properly handle corrupted data structures, leading to
an exploitable denial of service condition. This particular vulnerability
seems to be caused by a race condition and a signedness issue. When
performing a read operation on a corrupted ISO9660 fs stream, the
isofs_get_blocks() function will enter an infinite loop when
__find_get_block_slow() callback from sb_getblk() fails ("due to various
races between file io on the block device and getblk")." |
| Alerts: |
|
Comments (none posted)
kernel: denial of service
| Package(s): | kernel |
CVE #(s): | CVE-2006-2935
CVE-2006-4145
CVE-2006-3745
|
| Created: | September 1, 2006 |
Updated: | July 30, 2008 |
| Description: |
Previous versions of the kernel package are subject to several
vulnerabilities. Certain malformed UDF filesystems can cause the system to
crash (denial of service). Malformed CDROM firmware or USB storage devices
(such as USB keys) could cause system crash (denial of service), and if
they were intentionally malformed, can cause arbitrary code to run with
elevated privileges. In addition, the SCTP protocol is subject to a remote
system crash (denial of service) attack. |
| Alerts: |
|
Comments (none posted)
kernel: multiple vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2006-5749
CVE-2006-4814
CVE-2006-6106
|
| Created: | January 5, 2007 |
Updated: | January 8, 2009 |
| Description: |
A security issue has been reported in Linux kernel due to an error in
drivers/isdn/i4l/isdn_ppp.c as the "isdn_ppp_ccp_reset_alloc_state()"
function never initializes an event timer before scheduling it with the
"add_timer()" function.
The mincore function in the kernel does not properly lock access to user
space, which has unspecified impact and attack vectors, possibly related to
a deadlock.
Another vulnerability has been reported in Linux kernel caused by a
boundary error within the handling of incoming CAPI messages in
net/bluetooth/cmtp/capi.c. This can be exploited to overwrite certain
Kernel data structures. |
| Alerts: |
|
Comments (none posted)
kernel: several vulnerabilities
| Package(s): | kernel |
CVE #(s): | CVE-2007-3851
CVE-2007-3848
CVE-2007-3105
|
| Created: | August 17, 2007 |
Updated: | January 8, 2009 |
| Description: |
The drm/i915 component in the Linux kernel before 2.6.22.2, when used with
i965G and later chipsets, allows local users with access to an X11 session
and Direct Rendering Manager (DRM) to write to arbitrary memory locations
and gain privileges via a crafted batchbuffer. (CVE-2007-3851)
Linux kernel 2.4.35 and other versions allows local users to send arbitrary
signals to a child process that is running at higher privileges by causing
a setuid-root parent process to die, which delivers an attacker-controlled
parent process death signal (PR_SET_PDEATHSIG). (CVE-2007-3848)
Stack-based buffer overflow in the random number generator (RNG)
implementation in the Linux kernel before 2.6.22 might allow local root
users to cause a denial of service or gain privileges by setting the
default wakeup threshold to a value greater than the output pool size,
which triggers writing random numbers to the stack by the pool transfer
function involving "bound check ordering". NOTE: this issue might only
cross privilege boundaries in environments that have granular assignment of
privileges for root. (CVE-2007-3105) |
| Alerts: |
|
Comments (1 posted)
krb5: multiple vulnerabilities
| Package(s): | krb5 |
CVE #(s): | CVE-2007-2442
CVE-2007-2443
CVE-2007-2798
|
| Created: | June 27, 2007 |
Updated: | March 24, 2008 |
| Description: |
David Coffey discovered an uninitialized pointer free flaw in the
RPC library used by kadmind. A remote unauthenticated attacker who
could access kadmind could trigger the flaw causing kadmind to crash
or possibly execute arbitrary code (CVE-2007-2442).
David Coffey also discovered an overflow flaw in the same RPC library.
A remote unauthenticated attacker who could access kadmind could
trigger the flaw causing kadmind to crash or possibly execute arbitrary
code (CVE-2007-2443).
Finally, a stack buffer overflow vulnerability was found in kadmind
that allowed an unauthenticated user able to access kadmind the
ability to trigger the vulnerability and possibly execute arbitrary
code (CVE-2007-2798). |
| Alerts: |
|
Comments (none posted)
krb5: uninitialized pointers
| Package(s): | krb5 |
CVE #(s): | CVE-2006-6143
CVE-2006-3084
|
| Created: | January 10, 2007 |
Updated: | July 7, 2010 |
| Description: |
The kdamind daemon can, in some situations, perform operations on uninitialized pointers. This bug could conceivably open up the system to a code execution attack by an unauthenticated remote attacker, but it appears to be difficult to exploit. See this advisory for details. |
| Alerts: |
|
Comments (1 posted)
krb5: local privilege escalation
| Package(s): | krb5 |
CVE #(s): | CVE-2006-3083
|
| Created: | August 9, 2006 |
Updated: | July 7, 2010 |
| Description: |
Some kerberos applications fail to check the results of setuid() calls, with the result that, if that call fails, they could continue to execute as root after thinking they had switched to a nonprivileged user. A local attacker who can cause these calls to fail (through resource exhaustion, presumably) could exploit this bug to gain root privileges. |
| Alerts: |
|
Comments (none posted)
krb5: multiple vulnerabilities
| Package(s): | krb5 |
CVE #(s): | CVE-2007-0956
CVE-2007-0957
CVE-2007-1216
|
| Created: | April 3, 2007 |
Updated: | March 24, 2008 |
| Description: |
A flaw was found in the username handling of the MIT krb5 telnet daemon
(telnetd). A remote attacker who can access the telnet port of a target
machine could log in as root without requiring a password. MIT krb5 Security Advisory 2007-001
Buffer overflows were found which affect the Kerberos KDC and the kadmin
server daemon. A remote attacker who can access the KDC could exploit this
bug to run arbitrary code with the privileges of the KDC or kadmin server
processes. MIT krb5 Security Advisory
2007-002
A double-free flaw was found in the GSSAPI library used by the kadmin
server daemon. MIT krb5 Security Advisory
2007-003 |
| Alerts: |
|
Comments (none posted)
ktorrent: incorrect validation
| Package(s): | ktorrent |
CVE #(s): | CVE-2007-1384
CVE-2007-1385
CVE-2007-1799
|
| Created: | March 13, 2007 |
Updated: | October 24, 2007 |
| Description: |
Bryan Burns of Juniper Networks discovered that KTorrent did not
correctly validate the destination file paths nor the HAVE statements
sent by torrent peers. A malicious remote peer could send specially
crafted messages to overwrite files or execute arbitrary code with user
privileges. |
| Alerts: |
|
Comments (1 posted)
lftp: shell command execution
| Package(s): | lftp |
CVE #(s): | CVE-2007-2348
|
| Created: | May 4, 2007 |
Updated: | September 16, 2009 |
| Description: |
mirror --script in lftp before 3.5.9 does not properly quote shell
metacharacters, which might allow remote user-assisted attackers to execute
shell commands via a malicious script. NOTE: it is not clear whether this
issue crosses security boundaries, since the script already supports
commands such as "get" which could overwrite executable files. |
| Alerts: |
|
Comments (none posted)
libarchive: pax extension header vulnerabilities
| Package(s): | libarchive |
CVE #(s): | CVE-2007-3641
CVE-2007-3644
CVE-2007-3645
|
| Created: | August 9, 2007 |
Updated: | February 27, 2008 |
| Description: |
libarchive, a library for manipulating different streaming archive
formats, has a number of pax extension header vulnerabilities.
These may be used to cause a denial of service or for the execution
of arbitrary code. |
| Alerts: |
|
Comments (none posted)
libexif: integer overflow
| Package(s): | libexif |
CVE #(s): | CVE-2007-2645
|
| Created: | June 1, 2007 |
Updated: | February 11, 2008 |
| Description: |
Integer overflow in the exif_data_load_data_entry function in exif-data.c
in libexif before 0.6.14 allows user-assisted remote attackers to cause a
denial of service (crash) or possibly execute arbitrary code via crafted
EXIF data, involving the (1) doff or (2) s variable. |
| Alerts: |
|
Comments (none posted)
libmodplug: boundary errors
| Package(s): | libmodplug |
CVE #(s): | CVE-2006-4192
|
| Created: | December 11, 2006 |
Updated: | May 4, 2011 |
| Description: |
Luigi Auriemma has reported various boundary errors in load_it.cpp and
a boundary error in the "CSoundFile::ReadSample()" function in
sndfile.cpp. A remote attacker can entice a user to read crafted modules
or ITP files, which may trigger a buffer overflow resulting in the
execution of arbitrary code with the privileges of the user running the
application. |
| Alerts: |
|
Comments (none posted)
libphp-phpmailer: command execution
| Package(s): | libphp-phpmailer |
CVE #(s): | CVE-2007-3215
|
| Created: | June 20, 2007 |
Updated: | June 25, 2009 |
| Description: |
libphp-phpmailer does not do sufficient input validation, enabling shell command injection attacks. |
| Alerts: |
|
Comments (none posted)
libpng: denial of service
| Package(s): | libpng |
CVE #(s): | CVE-2007-2445
|
| Created: | May 17, 2007 |
Updated: | March 23, 2009 |
| Description: |
Libpng can be crashed when processing malformed PNG files.
It may also be possible to exploit this vulnerability to execute arbitrary
code. |
| Alerts: |
|
Comments (none posted)
libpng: buffer overflow
| Package(s): | libpng |
CVE #(s): | CVE-2006-3334
|
| Created: | July 19, 2006 |
Updated: | December 15, 2008 |
| Description: |
In pngrutil.c, the function png_decompress_chunk() allocates
insufficient space for an error message, potentially overwriting stack
data, leading to a buffer overflow. |
| Alerts: |
|
Comments (none posted)
libpng: heap based buffer overflow
| Package(s): | libpng |
CVE #(s): | CVE-2006-0481
|
| Created: | February 13, 2006 |
Updated: | December 15, 2008 |
| Description: |
A heap based buffer overflow bug was found in the way libpng strips alpha
channels from a PNG image. An attacker could create a carefully crafted PNG
image file in such a way that it could cause an application linked with
libpng to crash or execute arbitrary code when the file is opened by a
victim. |
| Alerts: |
|
Comments (1 posted)
libtiff: buffer overflow
| Package(s): | libtiff |
CVE #(s): | CVE-2006-2193
|
| Created: | June 15, 2006 |
Updated: | September 1, 2008 |
| Description: |
The t2p_write_pdf_string function in libtiff 3.8.2 and earlier is vulnerable
to a buffer overflow. Attackers can use a TIFF file with UTF-8 characters
in the DocumentName tag to overflow a buffer, causing a denial of service,
and possibly the execution of arbitrary code. |
| Alerts: |
|
Comments (none posted)
libvorbis: multiple memory corruption flaws
| Package(s): | libvorbis |
CVE #(s): | CVE-2007-3106
CVE-2007-4029
|
| Created: | July 27, 2007 |
Updated: | January 22, 2008 |
| Description: |
This iSEC Partners security advisory has
details on multiple memory corruption flaws in libvorbis. |
| Alerts: |
|
Comments (none posted)
libxml2 - arbitrary code execution
| Package(s): | libxml2 |
CVE #(s): | CAN-2004-0110
|
| Created: | February 26, 2004 |
Updated: | August 19, 2009 |
| Description: |
Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.
When fetching a remote resource via FTP or HTTP, libxml2 uses special
parsing routines. These routines can overflow a buffer if passed a very
long URL. If an attacker is able to find an application using libxml2 that
parses remote resources and allows them to influence the URL, then this
flaw could be used to execute arbitrary code. |
| Alerts: |
|
Comments (none posted)
libxml2: multiple buffer overflows
| Package(s): | libxml2 |
CVE #(s): | CAN-2004-0989
|
| Created: | October 28, 2004 |
Updated: | August 19, 2009 |
| Description: |
libxml2 prior to version 2.6.14 has multiple buffer overflow
vulnerabilities, if a local user passes a specially crafted
FTP URL, arbitrary code may be executed. |
| Alerts: |
|
Comments (none posted)
lighttpd: denial of service
| Package(s): | lighttpd |
CVE #(s): | CVE-2007-3946
CVE-2007-3947
CVE-2007-3948
CVE-2007-3949
CVE-2007-3950
|
| Created: | July 19, 2007 |
Updated: | July 15, 2008 |
| Description: |
The lighttpd web server has multiple vulnerabilities involving
a remote access-control setting circumvention that is performed
by the sending of malformed requests. This can be used to crash
the server and cause a denial of service. |
| Alerts: |
|
Comments (none posted)
lookup-el: insecure temporary file
| Package(s): | lookup-el |
CVE #(s): | CVE-2007-0237
|
| Created: | March 19, 2007 |
Updated: | December 10, 2007 |
| Description: |
Tatsuya Kinoshita discovered that Lookup, a search interface to electronic
dictionaries on emacsen, creates a temporary file in an insecure fashion
when the ndeb-binary feature is used, which allows a local attacker to
craft a symlink attack to overwrite arbitrary files. |
| Alerts: |
|
Comments (none posted)
lynx: arbitrary command execution
| Package(s): | lynx |
CVE #(s): | CVE-2005-2929
|
| Created: | November 14, 2005 |
Updated: | September 14, 2009 |
| Description: |
An arbitrary command execute bug was found in the lynx "lynxcgi:" URI
handler. An attacker could create a web page redirecting to a malicious URL
which could execute arbitrary code as the user running lynx. |
| Alerts: |
|
Comments (none posted)
mod_jk: proxy bypass
| Package(s): | mod_jk |
CVE #(s): | CVE-2007-1860
|
| Created: | May 30, 2007 |
Updated: | March 7, 2008 |
| Description: |
From the Red Hat advisory: "Versions of mod_jk before 1.2.23 decoded request URLs by default inside
Apache httpd and forwarded the encoded URL to Tomcat, which itself did a
second decoding. If Tomcat was used behind mod_jk and configured to only
proxy some contexts, an attacker could construct a carefully crafted HTTP
request to work around the context restriction and potentially access
non-proxied content." |
| Alerts: |
|
Comments (none posted)
moin: arbitrary JavaScript execution
| Package(s): | moin |
CVE #(s): | CVE-2007-2423
|
| Created: | May 8, 2007 |
Updated: | March 10, 2008 |
| Description: |
A flaw was discovered in MoinMoin's error reporting when using the
AttachFile action. By tricking a user into viewing a crafted MoinMoin
URL, an attacker could execute arbitrary JavaScript as the current
MoinMoin user, possibly exposing the user's authentication information
for the domain where MoinMoin was hosted. |
| Alerts: |
|
Comments (none posted)
moodle: cross-site scripting
| Package(s): | moodle |
CVE #(s): | CVE-2007-3555
|
| Created: | August 7, 2007 |
Updated: | December 22, 2008 |
| Description: |
A cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1
allows remote attackers to inject arbitrary web script or HTML via a style
expression in the search parameter. |
| Alerts: |
|
Comments (none posted)
mplayer: buffer overflow
| Package(s): | mplayer |
CVE #(s): | CVE-2007-1246
|
| Created: | March 8, 2007 |
Updated: | April 1, 2008 |
| Description: |
MPlayer versions up to 1.0rc1 have a buffer overflow in the
loader/dmo/DMO_VideoDecoder.c DMO_VideoDecoder_Open function.
user-assisted remote attackers can use this to create a buffer overflow
and possibly execute arbitrary code. |
| Alerts: |
|
Comments (none posted)
mydns: buffer overflows
| Package(s): | mydns |
CVE #(s): | CVE-2007-2362
|
| Created: | May 23, 2007 |
Updated: | December 17, 2007 |
| Description: |
Multiple buffer overflows in MyDNS allow remote attackers to cause a denial of
service (daemon crash) and possibly execution of arbitrary code. |
| Alerts: |
|
Comments (none posted)
mysql: denial of service
| Package(s): | mysql |
CVE #(s): | CVE-2007-1420
|
| Created: | March 22, 2007 |
Updated: | May 21, 2008 |
| Description: |
MySQL subselect queries using "ORDER BY" can be used by an attacker with
access to a MySQL instance in order to create an intermittent denial
of service. |
| Alerts: |
|
Comments (none posted)
mysql: format string bug
| Package(s): | mysql |
CVE #(s): | CVE-2006-3469
|
| Created: | July 21, 2006 |
Updated: | July 30, 2008 |
| Description: |
Jean-David Maillefer discovered a format string bug in the
date_format() function's error reporting. By calling the function with
invalid arguments, an authenticated user could exploit this to crash
the server. |
| Alerts: |
|
Comments (none posted)
MySQL: privilege violations
| Package(s): | mysql |
CVE #(s): | CVE-2006-4031
CVE-2006-4226
|
| Created: | August 25, 2006 |
Updated: | July 30, 2008 |
| Description: |
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access
a table through a previously created MERGE table, even after the user's
privileges are revoked for the original table, which might violate intended
security policy (CVE-2006-4031).
MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run
on case-sensitive filesystems, allows remote authenticated users to create
or access a database when the database name differs only in case from a
database for which they have permissions (CVE-2006-4226). |
| Alerts: |
|
Comments (none posted)
mysql: multiple vulnerabilities
Comments (none posted)
MySQL: logging bypass
| Package(s): | mysql |
CVE #(s): | CVE-2006-0903
|
| Created: | April 4, 2006 |
Updated: | May 21, 2008 |
| Description: |
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms
via SQL queries that contain the NULL character, which are not properly
handled by the mysql_real_query function. NOTE: this issue was originally
reported for the mysql_query function, but the vendor states that since
mysql_query expects a null character, this is not an issue for mysql_query. |
| Alerts: |
|
Comments (2 posted)
nbd: arbitrary code execution
| Package(s): | nbd |
CVE #(s): | CVE-2005-3534
|
| Created: | January 6, 2006 |
Updated: | March 7, 2011 |
| Description: |
Kurt Fitzner discovered that the NBD (network block device) server did not
correctly verify the maximum size of request packets. By sending specially
crafted large request packets, a remote attacker who is allowed to access
the server could exploit this to execute arbitrary code with root
privileges. |
| Alerts: |
|
Comments (none posted)
ncompress: buffer underflow
| Package(s): | ncompress |
CVE #(s): | CVE-2006-1168
|
| Created: | August 10, 2006 |
Updated: | February 21, 2012 |
| Description: |
The ncompress compression utility has a missing boundary check.
A local user can use a maliciously created file to cause a
a .bss buffer underflow. |
| Alerts: |
|
Comments (none posted)
nginx: cross site scripting
| Package(s): | nginx |
CVE #(s): | |
| Created: | July 20, 2007 |
Updated: | September 14, 2009 |
| Description: |
Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3
proxy server written by Igor Sysoev. The "msie_refresh" directive could
allow cross site scripting. |
| Alerts: |
|
Comments (none posted)
nvidia-drivers: insecure file permissions
| Package(s): | nvidia-drivers |
CVE #(s): | CVE-2007-3532
|
| Created: | August 20, 2007 |
Updated: | August 22, 2007 |
| Description: |
Gregory Shikhman discovered that the default Gentoo setup of NVIDIA
drivers creates the /dev/nvidia* with insecure file permissions. |
| Alerts: |
|
Comments (none posted)
OpenOffice.org: arbitrary code execution
| Package(s): | openoffice.org |
CVE #(s): | CVE-2007-0245
|
| Created: | June 13, 2007 |
Updated: | June 12, 2008 |
| Description: |
A specially crafted RTF file could cause the
filter to overwrite data on the heap, which may lead to the execution
of arbitrary code. |
| Alerts: |
|
Comments (none posted)
OpenSSH: denial of service
| Package(s): | openssh |
CVE #(s): | CVE-2006-4925
CVE-2006-5052
|
| Created: | October 6, 2006 |
Updated: | November 15, 2007 |
| Description: |
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of
service (crash) by sending an invalid protocol sequence with
USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
An unspecified vulnerability in portable OpenSSH before 4.4, when running
on some platforms, allows remote attackers to determine the validity of
usernames via unknown vectors involving a GSSAPI "authentication abort." |
| Alerts: |
|
Comments (none posted)
openssh: remote denial of service
| Package(s): | openssh |
CVE #(s): | CVE-2006-4924
CVE-2006-5051
|
| Created: | September 27, 2006 |
Updated: | September 17, 2008 |
| Description: |
Openssh 4.4 fixes some
security issues, including a pre-authentication denial of service, an
unsafe signal hander and on portable OpenSSH a GSSAPI authentication abort
could be used to determine the validity of usernames on some platforms. |
| Alerts: |
|
Comments (none posted)
openssl: private key attack
| Package(s): | openssl |
CVE #(s): | CVE-2007-3108
|
| Created: | August 7, 2007 |
Updated: | May 13, 2008 |
| Description: |
OpenSSL could allow a local user in certain circumstances to divulge
information about private keys being used. |
| Alerts: |
|
Comments (none posted)
pam: privilege escalation
| Package(s): | pam |
CVE #(s): | CVE-2007-1716
|
| Created: | June 12, 2007 |
Updated: | November 15, 2007 |
| Description: |
A flaw was found in the way pam_console set console device permissions. It
was possible for various console devices to retain ownership of the console
user after logging out, possibly leaking information to an unauthorized
user. |
| Alerts: |
|
Comments (none posted)
perl-Net-DNS: predictable id sequence
| Package(s): | perl-Net-DNS |
CVE #(s): | CVE-2007-3377
|
| Created: | June 26, 2007 |
Updated: | March 12, 2008 |
| Description: |
Net::DNS before 0.60 uses an id sequence that is predictable and the same
in all child processes. |
| Alerts: |
|
Comments (none posted)
php: multiple vulnerabilities
| Package(s): | php |
CVE #(s): | CVE-2007-1001
CVE-2007-1285
CVE-2007-1718
CVE-2007-1583
|
| Created: | April 16, 2007 |
Updated: | December 4, 2007 |
| Description: |
A denial of service flaw was found in the way PHP processed a deeply nested
array. A remote attacker could cause the PHP interpreter to crash by
submitting an input variable with a deeply nested array. (CVE-2007-1285)
A flaw was found in the way the mbstring extension set global variables. A
script which used the mb_parse_str() function to set global variables could
be forced to enable the register_globals configuration option, possibly
resulting in global variable injection. (CVE-2007-1583)
A flaw was discovered in the way PHP's mail() function processed header
data. If a script sent mail using a Subject header containing a string from
an untrusted source, a remote attacker could send bulk e-mail to unintended
recipients. (CVE-2007-1718)
A heap based buffer overflow flaw was discovered in PHP's gd extension. A
script that could be forced to process WBMP images from an untrusted source
could result in arbitrary code execution. (CVE-2007-1001) |
| Alerts: |
|
Comments (none posted)
php: several vulnerabilities
| Package(s): | php |
CVE #(s): | CVE-2006-4481
CVE-2006-4484
CVE-2006-4485
|
| Created: | September 8, 2006 |
Updated: | June 13, 2008 |
| Description: |
The file_exists and imap_reopen functions in PHP before 5.1.5 do not check
for the safe_mode and open_basedir settings, which allows local users to
bypass the settings (CVE-2006-4481).
A buffer overflow in the LWZReadByte function in ext/gd/libgd/gd_gif_in.c
in the GD extension in PHP before 5.1.5 allows remote attackers to have an
unknown impact via a GIF file with input_code_size greater than
MAX_LWZ_BITS, which triggers an overflow when initializing the table array
(CVE-2006-4484).
The stripos function in PHP before 5.1.5 has unknown impact and attack
vectors related to an out-of-bounds read (CVE-2006-4485). |
| Alerts: |
|
Comments (1 posted)
php: multiple vulnerabilities
| Package(s): | php |
CVE #(s): | CVE-2007-2872
CVE-2007-2756
|
| Created: | June 1, 2007 |
Updated: | January 29, 2008 |
| Description: |
According to a vendor release announcement multiple
security enhancements and fixes were fixed in version 5.2.3 of the
programming language PHP. |
| Alerts: |
|
Comments (none posted)
php: buffer overflows
| Package(s): | php |
CVE #(s): | CVE-2006-5465
|
| Created: | November 3, 2006 |
Updated: | January 18, 2010 |
| Description: |
The Hardened-PHP Project discovered buffer overflows in
htmlentities/htmlspecialchars internal routines to the PHP Project. Of
course the whole purpose of these functions is to be filled with user
input. (The overflow can only be when UTF-8 is used) |
| Alerts: |
|
Comments (none posted)
phpbb2: missing input sanitizing
| Package(s): | phpbb2 |
CVE #(s): | CVE-2006-1896
|
| Created: | May 22, 2006 |
Updated: | February 11, 2008 |
| Description: |
It was discovered that phpbb2, a web based bulletin board, insufficiently
sanitizes values passed to the "Font Color 3" setting, which might lead to
the execution of injected code by admin users. |
| Alerts: |
|
Comments (none posted)
phpbb2: multiple vulnerabilities
| Package(s): | phpbb2 |
CVE #(s): | CVE-2005-3310
CVE-2005-3415
CVE-2005-3416
CVE-2005-3417
CVE-2005-3418
CVE-2005-3419
CVE-2005-3420
CVE-2005-3536
CVE-2005-3537
|
| Created: | December 22, 2005 |
Updated: | February 11, 2008 |
| Description: |
The phpbb2 web forum has a number of vulnerabilities including:
a web script injection problem, a protection mechanism bypass, a
security check bypass, a remote global variable bypass, cross site
scripting vulnerabilities, an SQL injection vulnerability,
a remote regular expression modification problem, missing input
sanitizing, and a missing request validation problem. |
| Alerts: |
|
Comments (none posted)
phpPgAdmin: cross-site scripting
| Package(s): | phppgadmin |
CVE #(s): | CVE-2007-2865
CVE-2007-5728
|
| Created: | June 18, 2007 |
Updated: | January 21, 2009 |
| Description: |
A cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin
4.1.1 allows remote attackers to inject arbitrary web script or HTML via
the server parameter. |
| Alerts: |
|
Comments (none posted)
phpwiki: remote code execution
| Package(s): | phpwiki |
CVE #(s): | CVE-2007-2024
CVE-2007-2025
|
| Created: | May 17, 2007 |
Updated: | September 12, 2007 |
| Description: |
The phpwiki Upload page does not properly check the extension of a file.
This can be used by a remote attacker to upload a specially crafted PHP file
and execute arbitrary PHP code with the privileges of the PhpWiki user. |
| Alerts: |
|
Comments (none posted)
pptpd: denial of service
| Package(s): | pptpd |
CVE #(s): | CVE-2007-0244
|
| Created: | May 9, 2007 |
Updated: | September 3, 2007 |
| Description: |
The PoPToP server daemon contains a bug which allows an attacker to tear down a connection through a malformed GRE packet. |
| Alerts: |
|
Comments (none posted)
proftpd: authentication bypass
| Package(s): | proftpd |
CVE #(s): | CVE-2007-2165
|
| Created: | June 21, 2007 |
Updated: | November 5, 2007 |
| Description: |
The ProFTPD Auth API has an authentication bypass vulnerability.
When multiple simultaneous authentication modules are configured,
the ProFTPD module that checks authentication is not necessarily
the same module that retrieves authentication data. This can be
used by remote attackers to bypass the authentication system.
|
| Alerts: |
|
Comments (none posted)
pulseaudio: denial of service
| Package(s): | pulseaudio |
CVE #(s): | CVE-2007-1804
|
| Created: | May 30, 2007 |
Updated: | March 10, 2008 |
| Description: |
The pulseaudio network code suffers from a denial of service vulnerability exploitable by an unauthenticated attacker. |
| Alerts: |
|
Comments (none posted)
python: information disclosure
| Package(s): | python |
CVE #(s): | CVE-2007-2052
|
| Created: | May 9, 2007 |
Updated: | July 30, 2009 |
| Description: |
Python 2.4 and 2.5 contain a bug in PyLocale_strxfrm() which could enable an attacker to read portions of unrelated memory. |
| Alerts: |
|
Comments (none posted)
qemu: multiple vulnerabilities
Comments (none posted)
qt: arbitrary code execution
| Package(s): | qt |
CVE #(s): | CVE-2007-3388
|
| Created: | August 1, 2007 |
Updated: | December 10, 2007 |
| Description: |
Format string bugs were found in several Qt warning messages.
Applications using Qt for processing certain data types could
trigger them if the data caused Qt to print warnings. The bugs
potentially allow to execute arbitrary code via specially crafted
files (CVE-2007-3388). |
| Alerts: |
|
Comments (none posted)
qt: "/../" injection
| Package(s): | qt |
CVE #(s): | CVE-2007-0242
|
| Created: | April 4, 2007 |
Updated: | September 13, 2007 |
| Description: |
Andreas Nolden discovered a bug in qt3, where the UTF8 decoder does not
reject overlong sequences, which can cause "/../" injection or (in the case
of konqueror) a "<script>" tag injection. |
| Alerts: |
|
Comments (2 posted)
quake: buffer overflow
| Package(s): | quake3-bin |
CVE #(s): | CVE-2006-2236
|
| Created: | May 10, 2006 |
Updated: | January 12, 2009 |
| Description: |
Games based on the Quake 3 engine are vulnerable to a buffer overflow exploitable by a hostile game server. |
| Alerts: |
|
Comments (none posted)
redhat-cluster-suite: denial of service
| Package(s): | redhat-cluster-suite |
CVE #(s): | CVE-2007-3380
|
| Created: | July 19, 2007 |
Updated: | November 14, 2007 |
| Description: |
The redhat cluster suite's
cluster manager is vulnerable to a remote attack. Attackers
can connect to the DLM port and block subsequent DLM operations,
resulting in a denial of service. |
| Alerts: |
|
Comments (1 posted)
rpm: arbitrary code execution
| Package(s): | rpm |
CVE #(s): | CVE-2006-5466
|
| Created: | November 6, 2006 |
Updated: | August 28, 2007 |
| Description: |
An error was found in the RPM library's handling of query reports. In
some locales, certain RPM packages would cause the library to crash. If
a user was tricked into querying a specially crafted RPM package, the
flaw could be exploited to execute arbitrary code with the user's
privileges. |
| Alerts: |
|
Comments (none posted)
rsync: off-by-one errors
| Package(s): | rsync |
CVE #(s): | CVE-2007-4091
|
| Created: | August 20, 2007 |
Updated: | December 3, 2007 |
| Description: |
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow
remote attackers to execute arbitrary code via directory names that are not
properly handled when calling the f_name function. |
| Alerts: |
|
Comments (1 posted)
slocate: information disclosure
| Package(s): | slocate |
CVE #(s): | CVE-2007-0227
|
| Created: | February 22, 2007 |
Updated: | September 4, 2012 |
| Description: |
The slocate permission checking code has a local information disclosure
vulnerability. During the reporting of matching files, slocate does not
respect the parent directory's read permissions, resulting in hidden
filenames being viewable by other local users. |
| Alerts: |
|
Comments (none posted)
snort: remote arbitrary code execution
| Package(s): | snort |
CVE #(s): | CVE-2006-5276
|
| Created: | March 2, 2007 |
Updated: | September 7, 2007 |
| Description: |
The Snort intrusion detection system is vulnerable to a buffer overflow
in the DCE/RPC preprocessor code. Remote attackers can send
specially crafted fragmented SMB or DCE/RPC packets which can be used
to allow the the remote execution of arbitrary code. |
| Alerts: |
|
Comments (1 posted)
Sun JDK/JRE: multiple vulnerabilities
| Package(s): | Sun JDK/JRE |
CVE #(s): | CVE-2007-2435
CVE-2007-2788
CVE-2007-2789
|
| Created: | June 1, 2007 |
Updated: | April 18, 2008 |
| Description: |
An unspecified vulnerability involving an "incorrect use of system
classes" was reported by the Fujitsu security team. Additionally, Chris
Evans from the Google Security Team reported an integer overflow
resulting in a buffer overflow in the ICC parser used with JPG or BMP
files, and an incorrect open() call to /dev/tty when processing certain
BMP files. |
| Alerts: |
|
Comments (none posted)
sysstat: insecure temporary files
| Package(s): | sysstat |
CVE #(s): | CVE-2007-3852
|
| Created: | August 20, 2007 |
Updated: | September 23, 2011 |
| Description: |
The init script (sysstat.in) in sysstat 5.1.2 up to 7.1.6 creates
/tmp/sysstat.run insecurely, which allows local users to execute arbitrary
code. |
| Alerts: |
|
Comments (1 posted)
tcpdump: integer overflow
| Package(s): | tcpdump |
CVE #(s): | CVE-2007-3798
|
| Created: | July 20, 2007 |
Updated: | November 15, 2007 |
| Description: |
An integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6
and earlier allows remote attackers to execute arbitrary code via crafted
TLVs in a BGP packet, related to an unchecked return value. |
| Alerts: |
|
Comments (none posted)
tcpdump: denial of service
| Package(s): | tcpdump |
CVE #(s): | CVE-2007-1218
|
| Created: | March 5, 2007 |
Updated: | November 15, 2007 |
| Description: |
Off-by-one buffer overflow in the parse_elements function in the 802.11
printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote
attackers to cause a denial of service (crash) via a crafted 802.11
frame. NOTE: this was originally referred to as heap-based, but it might be
stack-based. |
| Alerts: |
|
Comments (none posted)
terminal: arbitrary code execution
| Package(s): | terminal |
CVE #(s): | CVE-2007-3770
|
| Created: | August 13, 2007 |
Updated: | December 19, 2007 |
| Description: |
A vulnerability was found in the Xfce terminal program:
Lasse Karkkainen discovered that the function terminal_helper_execute()
in file terminal-helper.c does not properly escape the URIs before
processing.
|
| Alerts: |
|
Comments (none posted)
tetex: buffer overflow
| Package(s): | tetex |
CVE #(s): | CVE-2007-0650
|
| Created: | May 8, 2007 |
Updated: | May 13, 2008 |
| Description: |
A buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in
teTeX might allow user-assisted remote attackers to overwrite files and
possibly execute arbitrary code via a long filename. NOTE: other overflows
exist but might not be exploitable, such as a heap-based overflow in the
check_idx function. |
| Alerts: |
|
Comments (1 posted)
tomcat: directory traversal
| Package(s): | tomcat |
CVE #(s): | CVE-2007-0450
|
| Created: | May 2, 2007 |
Updated: | February 27, 2008 |
| Description: |
Versions of tomcat prior to 5.5.22 do not properly filter filename separator characters, enabling information disclosure attacks. |
| Alerts: |
|
Comments (none posted)
tomcat: cross-site scripting
| Package(s): | tomcat |
CVE #(s): | CVE-2007-2449
CVE-2007-2450
|
| Created: | July 17, 2007 |
Updated: | February 17, 2009 |
| Description: |
Some JSPs within the 'examples' web application did not escape user
provided data. If the JSP examples were accessible, this flaw could allow a
remote attacker to perform cross-site scripting attacks (CVE-2007-2449).
Note: it is recommended the 'examples' web application not be installed on
a production system.
The Manager and Host Manager web applications did not escape user provided
data. If a user is logged in to the Manager or Host Manager web
application, an attacker could perform a cross-site scripting attack
(CVE-2007-2450). |
| Alerts: |
|
Comments (1 posted)
tor: compromised anonymity
| Package(s): | tor |
CVE #(s): | CVE-2007-3165
CVE-2007-4174
|
| Created: | August 20, 2007 |
Updated: | August 22, 2007 |
| Description: |
Tor before 0.1.2.14 can construct circuits in which an entry guard is in
the same family as the exit node, which might compromise the anonymity of
traffic sources and destinations by exposing traffic to inappropriate
remote observers. (CVE-2007-3165)
An unspecified vulnerability in Tor before 0.1.2.16, when ControlPort is
enabled, might allow remote attackers to modify the torrc configuration
file, compromise anonymity, and have other unspecified impact, related to
improper handling of multiple ControlPort authentication
attempts. (CVE-2007-4174) |
| Alerts: |
|
Comments (1 posted)
vim: arbitrary code execution
| Package(s): | vim |
CVE #(s): | CVE-2007-2953
|
| Created: | July 30, 2007 |
Updated: | November 27, 2008 |
| Description: |
vim is vulnerable to a user-assisted attack in which vim may execute arbitrary code when helptags is run on data that has been maliciously crafted. |
| Alerts: |
|
Comments (none posted)
vixie-cron: weak permissions may cause errors
| Package(s): | vixie-cron |
CVE #(s): | CVE-2007-1856
|
| Created: | April 17, 2007 |
Updated: | December 4, 2007 |
| Description: |
During an internal audit, Raphael Marichez of the Gentoo Linux Security
Team found that Vixie Cron has weak permissions set on Gentoo, allowing
for a local user to create hard links to system and users cron files,
while a st_nlink check in database.c will generate a superfluous error. |
| Alerts: |
|
Comments (1 posted)
vlc: several vulnerabilities
| Package(s): | vlc |
CVE #(s): | CVE-2007-3316
CVE-2007-3467
CVE-2007-3468
|
| Created: | July 10, 2007 |
Updated: | March 10, 2008 |
| Description: |
Several remote vulnerabilities have been discovered in the VideoLan
multimedia player and streamer, which may lead to the execution of
arbitrary code. |
| Alerts: |
|
Comments (none posted)
wireshark: multiple vulnerabilities
| Package(s): | wireshark |
CVE #(s): | CVE-2007-3390
CVE-2007-3392
CVE-2007-3393
|
| Created: | June 28, 2007 |
Updated: | February 27, 2008 |
| Description: |
The wireshark network traffic analyzer has three vulnerabilities
that can be used to create a denial of service. These include
off-by-one overflows in the iSeries dissector, vulnerabilities in
the MMS and SSL dissectors that can cause an infinite loop and
an off-by-one overflow in the DHCP/BOOTP dissector. |
| Alerts: |
|
Comments (none posted)
XFree86 X.org: integer overflows
| Package(s): | xfree86 x.org |
CVE #(s): | CVE-2007-1003
CVE-2007-1667
CVE-2007-1351
CVE-2007-1352
|
| Created: | April 3, 2007 |
Updated: | August 11, 2009 |
| Description: |
iDefense reported an integer overflow flaw in the XFree86 XC-MISC
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or potentially execute arbitrary code with root
privileges on the XFree86 server. (CVE-2007-1003)
iDefense reported two integer overflows in the way X.org handled various
font files. A malicious local user could exploit these issues to
potentially execute arbitrary code with the privileges of the X.org server.
(CVE-2007-1351, CVE-2007-1352)
An integer overflow flaw was found in the XFree86 XGetPixel() function.
Improper use of this function could cause an application calling it to
function improperly, possibly leading to a crash or arbitrary code
execution. (CVE-2007-1667) |
| Alerts: |
|
Comments (none posted)
xfsdump: insecure temp dir
| Package(s): | xfsdump |
CVE #(s): | CVE-2007-2654
|
| Created: | June 22, 2007 |
Updated: | September 21, 2007 |
| Description: |
xfs_fsr in xfsdump creates a .fsr temporary directory with insecure
permissions, which allows local users to read or overwrite arbitrary files
on xfs filesystems. |
| Alerts: |
|
Comments (none posted)
xine-lib: arbitrary code execution
| Package(s): | xine-lib |
CVE #(s): | CVE-2007-1387
|
| Created: | March 13, 2007 |
Updated: | April 1, 2008 |
| Description: |
Moritz Jodeit discovered that the DirectShow loader of Xine did not
correctly validate the size of an allocated buffer. By tricking a user
into opening a specially crafted media file, an attacker could execute
arbitrary code with the user's privileges. |
| Alerts: |
|
Comments (none posted)
xine-lib: buffer overflow
| Package(s): | xine-lib |
CVE #(s): | CVE-2006-1664
|
| Created: | April 27, 2006 |
Updated: | February 27, 2008 |
| Description: |
xine-lib does an improper input data boundary check on
MPEG streams. A specially crafted MPEG file can be
created that can cause arbitrary code execution when the
file is accessed. |
| Alerts: |
|
Comments (none posted)
xmms: BMP handling vulnerability
| Package(s): | xmms |
CVE #(s): | CVE-2007-0653
CVE-2007-0654
|
| Created: | March 28, 2007 |
Updated: | July 26, 2011 |
| Description: |
xmms suffers from vulnerabilities in its handling of BMP images. Should a hostile image be included in an xmms skin, it could lead to code execution on the user's system. |
| Alerts: |
|
Comments (none posted)
X.org: temp file vulnerability
| Package(s): | X.org |
CVE #(s): | CVE-2007-3103
|
| Created: | July 12, 2007 |
Updated: | July 2, 2009 |
| Description: |
The X.Org X11 xfs font server has a temp file vulnerability in the
startup script. A local user can modify the permissions of the script
in order to elevate their local privileges. |
| Alerts: |
|
Comments (none posted)
zziplib: buffer overflow
| Package(s): | zziplib |
CVE #(s): | CVE-2007-1614
|
| Created: | April 4, 2007 |
Updated: | September 5, 2007 |
| Description: |
dmcox discovered a boundary error in the zzip_open_shared_io() function
from zzip/file.c . A remote attacker could entice a user to run a zziplib
function with an overly long string as an argument which would trigger the
buffer overflow and may lead to the execution of arbitrary code. |
| Alerts: |
|
Comments (none posted)
Page editor: Jake Edge
Kernel development
Brief items
The current 2.6 prepatch is 2.6.23-rc4, released by Linus (under the
code name "Pink Farting Weasel") on August 27. It has a rather large
pile of fixes; "most regressions" have been dealt with at this point. See
the short-form changelog for details, or the
long-form changelog for lots of details.
As of this writing, there have been no patches merged into the mainline
repository since the -rc4 release. There have been no -mm tree releases
over the last week.
The current stable 2.6 kernel is 2.6.22.5, released on August 22. It
contains about 20 patches for serious problems. The 2.6.22.6 review
process (involving a couple dozen more patches) is underway, with the
release being a bit overdue as of this writing.
For older kernels: 2.6.20.17 was released on
August 25 with a long list of fixes. 2.6.20.18, released on
August 28, reverts two of those fixes which turned out not to be such
a good idea after all.
Comments (2 posted)
Kernel development news
In other words, consuming half of your processor is (surprise!)
detrimental to multimedia playback performance. At this point, it
becomes clear that the process scheduler folks and the networking
folks are bitter enemies and do not converse.
-- Robert
Love (not talking about Linux)
Comments (21 posted)
By Jonathan Corbet August 24, 2007
For the past several years, the annual, invitation-only kernel developers'
summit has been held immediately prior to the Ottawa Linux Symposium. This
year is different, though: the summit is, instead, happening just after LinuxConf Europe in
Cambridge, UK. As usual, your editor will be there and will be able to
report from the event. The preliminary
agenda has been posted, though, as has the
list of attendees [PDF]. So it is possible to look forward and get a sense
for what is likely to be discussed.
A few months ago, a discussion of interesting topics was held on the 2007
summit list. Many of the usual topics came around; there is always
plenty of interesting development work going on in the kernel community.
Andrew Morton objected
to many of the topics under discussion, though, saying that the summit was
not the appropriate venue to talk about them:
My overall take on kernel summit: we spend far too much time
talking about technical stuff. There is little benefit in doing
this: we conduct technical discussions over email and we do it
well, and there are many very good reasons for doing it that
way.... We fly halfway around the world to yap on about dentry
cache scalability? Spare me, we'd get more done by staying home.
Andrew's conclusion, which was seconded by a number of other developers,
was that the process-oriented discussions are always more interesting and
useful than the deep technical sessions. Discussions of virtualization,
memory management, or device drivers will always be uninteresting to a
significant part of the group, and they do not necessarily add much over
what can be done with email. But the process-oriented talk affects
everybody and is much harder to do electronically.
So this year's agenda is more high-level than in previous years. That does
not mean that there will be no technical talk, though. Some of the more
technical sessions will cover:
- Reports from mini-summits. The kernel is a big program, and
developers often find that subsystem-specific questions are better
addressed in smaller groups. At the summit, attendees from some
recent mini-summits (covering power management, filesystems, storage,
and virtualization, at least) will report back to the larger group.
- Real time and scheduler issues are on the agenda because there are
some big decisions to make. While much of the real-time tree has
found its way into the mainline, some of the more disruptive chunks
(sleeping spinlocks, threaded interrupt handlers) remain outside.
Also outside of the mainline is the syslets/threadlets patch set.
Hopefully some decisions will be made on whether these features should
be merged, and, if so, what needs to be done to get them into shape.
- There are a number of memory management issues out there, including
the variable page and variable block size patches, approaches to
deadlock avoidance, scalability work, and more. Also on the agenda is
the more process-oriented question of why memory management patches
are so hard to get into the mainline.
- Virtualization has fallen off the agenda because most of the
kernel-level work in this area has already been merged. The
containers developers are just getting going, though, and there are a
lot of questions about what their final destination is thought to be.
A full containers implementation could impose significant overhead -
on developers and on run-time performance - and could prove hard to
sell.
That's about it for the serious technical talks; everything else will have
a higher-level focus. The summit will start with a panel of distributor
kernel maintainers. To a great extent, distributors are the immediate
customers for the kernels that the developers put out; those distributors
are then charged with getting mainline releases into a condition that
allows it to be shipped to users. Distributor kernel maintainers tend to
be on the front line when things go wrong; they always hear about all the
problems. This panel will be a chance for those maintainers to talk about
the quality of the kernels they are getting from the mainline and how
things could be made to work better.
Once upon a time, the kernel stood alone and presented services to the
system by way of the system call interface. In current systems, instead,
users see a view of the system which is created by a whole set of
utilities, including the C library, udev, HAL, and more. Interactions
between these low-level components and the kernel is not always as smooth
as it could be, and, despite the best efforts of the kernel development
community, kernel releases have been known to occasionally break utilities
like udev. The "greater kernel ecosystem" session will cover these issues
and the general question of making the system as a whole work better
together. Establishing better control over the user-space API is likely
to come up, though the problem remains difficult.
There is a half-hour session on developer relations. The kernel
development community is visibly growing, and that is generally a good
thing. Ensuring the continued health of kernel development requires
bringing in a steady stream of new developers - from all over the world.
This session will be the place to talk about how that can be done, and how
participation from under-represented parts of the world can be improved.
Andrew Morton gets an hour to pound the table on kernel quality and related
issues. There still appears to be a consensus among the developers that
the kernel is not getting buggier, but that view is not universally held.
Everybody agrees that fewer bugs would be a good thing, though. So topics
like bug tracking, fixing the reviewer shortage, possible stabilization
releases, and so on, are likely to come up in this session.
Documentation is, inevitably, on the agenda - everybody wants more of it,
but, somehow, it fails to just show up on its own. Last year there was
some talk of imposing documentation requirements on new patches, but few
people took the idea all that seriously. So maybe some different ideas for
improving the situation will come about this time around. Also on the list
may be the area of managing translations - an area of increasing interest -
and standardizing kernel
messaging.
Various other process-oriented questions have been swept into a session
late on the second day. Are big code cleanups worth it? How can we
improve our handling of large patches which affect a number of different
subsystems? How do we deal with problematic maintainers? And, in general,
is the kernel process going too fast? But perhaps the discussion will be
dominated by Andrew Morton's suggestion that the developers form a union
and demand a massive pay raise.
There are other sessions on the agenda as well; see the posted version for
the full list. Whenever a group of this nature comes together, interesting
things are bound to come out of it. Tune into LWN around September 6
for coverage from the event.
Comments (19 posted)
By Jonathan Corbet August 28, 2007
Once upon a time, block device drivers implemented the same
file_operations structure used by char drivers - despite the fact
that block drivers are quite different and many of the
file_operations methods had no relevance to them. By the 2.4
release, though, the block driver API had been significantly reworked, and
struct file_operations was no longer used. Instead, block drivers
have a block_device_operations structure containing many of the
driver's exported operations. "Many" because certain other operations,
including the ones which actually enqueue I/O requests, end up being stored
in the request queue structure instead.
When the move to block_device_operations was done, a number of
methods were carried over directly from the file_operations
vector with their prototypes unchanged. Doing things this way minimized the pain
for driver maintainers, but it led to some interesting interface
artifacts. For example, consider the open() method:
int (*open)(struct inode *ino, struct file *filp);
When a char device or an actual file is being opened, filp points
to the internal file structure used by the kernel to manage the
open file. If a user-space process opens a block device directly,
filp will be used in the same way. Most of the time, though,
block devices are opened by the kernel as a step toward mounting a
filesystem stored there. In that case, there is no associated file
structure. That's why a perusal of the source reveals code like this:
/*
* This crockload is due to bad choice of ->open() type.
* It will go away.
* For now, block device ->open() routine must _not_
* examine anything in 'inode' argument except ->i_rdev.
*/
struct file fake_file = {};
struct dentry fake_dentry = {};
fake_file.f_mode = mode;
fake_file.f_flags = flags;
fake_file.f_path.dentry = &fake_dentry;
fake_dentry.d_inode = bdev->bd_inode;
Al Viro (who is responsible for much of the current API) has taken a look at this problem and
others. In the case of open(),
there is very little of the information passed in the inode and
file structure pointers which is actually used by drivers. And
some of that is used in hazardous ways - any driver which depends on
anything in fake_file lasting beyond the open() call will
find itself in trouble. There are other issues with the API as well,
leading Al to propose some significant changes. The result, which is
almost certain to be merged when it is ready (possibly as soon as 2.6.24),
will be a cleaner block
driver API - at the cost of changes for every existing driver.
The first change will be to move some of the flags found in
f_flags over to f_mode, which is not subject to being
changed by fcntl() calls from user space. As part of the move,
drivers will be expected not to change those flags - or any other part of
the file structure. This change will enable a cleanup of some
code in the much-maligned floppy driver, which currently stores some
information in that structure at open() time.
The new open() prototype is projected to be:
int (*open)(struct block_device *bdev, mode_t mode);
Where mode has the usual read/write flags, but also some of the
other open()-time flags like O_NDELAY. This value will
not be changed by the drivers and will not necessarily exist in any sort of
file structure. It will be stored safely in an undisclosed
location by the kernel and will be available at release() time,
when some drivers will need access to those flags.
Speaking of release(), that function, too, currently has an old
prototype:
int (*release)(struct inode *ino, struct file *filp);
In this case, filp is often passed as NULL by the kernel,
forcing drivers to check the value and implement some sort of default
behavior in the lack of a file structure. But, sometimes, drivers
need to know about some of the flags which were provided at open()
time. So the new release() method will look something like:
int (*release)(struct gendisk *disk, mode_t mode);
The changes do not stop there. Al points out that there is a bit of
confusion in the ioctl() interface:
int (*ioctl)(struct inode *ino, struct file *filp, unsigned cmd,
unsigned long arg);
long (*unlocked_ioctl)(struct file *filp, unsigned cmd, unsigned long arg);
long (*compat_ioctl) (struct file *filp, unsigned cmd, unsigned long arg);
The different versions have different arguments - and even different return
types. Once again, drivers tend not to care about most of what can be
found in the inode and file structures - even when those
structures exist. So the new form of the ioctl() methods will be:
int (*ioctl)(struct block_device *bdev, mode_t mode, unsigned int cmd,
unsigned long arg);
int (*compat_ioctl)(struct block_device *bdev, mode_t mode, unsigned int cmd,
unsigned long arg);
Note that unlocked_ioctl() is gone: it is arguably past time to
get rid of the big kernel lock (BKL) in the block ioctl()
implementation. So any driver still using the locked version
(ioctl() in the old API) will be modified to take the BKL
internally. Any block driver which still requires the BKL is probably in
need of a more serious review, though.
As of this writing, there have been no arguments against the change. The word from Linus is:
From your description, I have no objections - everything sounds
good. My only concern is how painful the patch ends up being (and a
worry about whether this will affect a metric truck-load of
external modules? That said, I can't really see us worrying about
those)
Al claims to have a patch in progress and ready to be posted soon, and that
the amount of pain should be relatively small - for in-tree drivers,
anyway. For those maintaining out-of-tree block drivers, the writing is on
the wall: a significant API change is coming.
Comments (none posted)
By Jonathan Corbet August 29, 2007
The sysctl() system call allows a suitably-privileged application
to tweak various kernel parameters. It is a useful feature which, as it
happens, is almost never used. The reason for that is the existence of the
/proc/sys virtual directory hierarchy which exports the same
functionality in a form which is much easier to use. Callers of
sysctl() have been encouraged to use /proc/sys instead
for a long time and the addition of new parameters to sysctl() is
considered to be against the rules. One year ago, sysctl() was removed from the 2.6.19-rc
kernels, only to be restored before the final release.
sysctl() is part of the user-space ABI; it is supposed to continue
working forever. That is why the attempt to remove it was ultimately
rolled back. So it may be surprising to some to see a new removal attempt by Eric Biederman. His
latest patch adds a new deprecation warning and an entry in the feature
removal schedule putting the end of sysctl() in September, 2010.
Says Eric:
After adding checking to register_sysctl_table and finding a whole
new set of bugs. Missed by countless code reviews and testers I
have finally lost patience with the binary sysctl interface.
The binary sysctl interface has been sort of deprecated for years
and finding a user space program that uses the syscall is more
difficult then finding a needle in a haystack. Problems continue
to crop up, with the in kernel implementation. So since supporting
something that no one uses is silly, deprecate sys_sysctl with a
sufficient grace period and notice that the handful of user space
applications that care can be fixed or replaced.
Eric's claim is that this interface is so little-used that it is visibly
rotting. There is sufficiently little common code between the
sysctl() and /proc/sys implementations that it is easy
for the two to diverge. In the long term, he says, the kernel community
will do a better job of not breaking applications by getting rid of
sysctl() in favor of the interface which is actually used and
maintained.
The new patch has, predictably, drawn opposition from developers who do not
want to see the user-space ABI broken in this way. Alan Cox has also suggested that the deprecation warning
approach will not be successful in getting the few remaining users to
switch to /proc/sys:
The whole "whine a bit" process simply doesn't work when you are
trying to persuade people to move in a non-hobbyist context. They
don't want to move, the message is simply an annoyance, their
upstream huge package vendor won't change just to deal with it and
they'll class it as a regression from previous releases, an
incompatibility and file bugs until it goes away.
Andrew Morton, instead, is not opposed to
the patch:
I think it's worth a try. It might take two, three or five years,
who knows? If it turns out to be impractical then we we can just
change our minds later, no big loss.
While there is little disagreement with the policy that the user-space ABI
should never break, it does seem that there is room for discussion on how
that goal might best be met. Unused code has always had a tendency to
break accidentally, and sysctl() looks to be very close to being
entirely unused. One could, presumably, address this problem with some
sort of regression test suite - something the kernel could use more of in
general. But the maintenance of interfaces which of almost entirely
historical interest is not really helpful to Linux users. So, perhaps,
there needs to be a way to remove system calls which have fallen into
disuse for a long-enough period. Should this patch go through, we shall
see whether three years is sufficient warning for such a change or not.
Comments (17 posted)
Patches and updates
Kernel trees
Core kernel code
Development tools
Device drivers
Documentation
Filesystems and block I/O
Memory management
Architecture-specific
Security-related
Virtualization and containers
Miscellaneous
Page editor: Jonathan Corbet
Distributions
News and Editorials
By Rebecca Sobol August 29, 2007
The SmoothWall Open Source Project
recently released
SmoothWall Express 3.0. This is the first release of this free/open source
firewall/router distribution in some time. SmoothWall Express 2.0 dates
back to December 2003, although an update became available in December
2006. Version 3.0 is the first version to use the 2.6 kernel and adds
support for 64-bit processors.
In fact the release
notes contain a lengthy list of new features and improvements since
2.0. This release comes in four editions: user and developer editions
for 32-bit and 64-bit systems. The developer editions contain everything
in the user editions and add the needed tools for working on Express
itself, including complete builds, check outs and commits. Those who
choose the developer version should read the build notes.
Your editor recently installed the 32-bit user edition of SmoothWall
Express 3.0 on an old computer whose sole function is to provide a home
network. This box plugs into a cable modem with one ethernet card and into
a SnapGear Lite (four port) box through another ethernet card. SmoothWall
Express is small, so it doesn't take very long to download the ISO or to
burn a CD. Installation is very easy and prompts you to enter setup during
the install. The setup program can also be run at any time after the install.
During setup both ethernet cards were correctly identified and were soon
configured to use DHCP. My main desktop was back on the net only minutes
after beginning the SmoothWall Express installation.
SmoothWall Limited provides support and funding for the SmoothWall Open
Source Project. This support includes two SmoothWall employees to head the
open source development team. As the commercial arm of the SmoothWall
community, SmoothWall Limited offers a range of supported security
solutions to schools, enterprise networks and small/medium businesses. The
SmoothWall Open Source Project produces SmoothWall Express which is
released under the GPL and can be downloaded from this
page. You can also get VMWare images.
Installation and Administrator guides are also available in the download
area. There's also a web forum and an IRC channel available for those who
need more help.
Comments (none posted)
New Releases
The LFS team is proud to announce the release of LFS-6.3. The book can be
downloaded, or read online here. The book
contains a full changelog.
Full Story (comments: none)
openSUSE has released the second beta of openSUSE 10.3. Click below for a
look at some important changes, most annoying bugs, the call for testing
and download information.
Full Story (comments: none)
The Ubuntu release team has announced Tribe 5, the fifth alpha release in
the Gutsy cycle. Images are now available for Ubuntu Desktop, Ubuntu
Server, Kubuntu, Xubuntu and Edubuntu. Tribe releases are for developers
and testers only, do not use them if you need a stable system.
Full Story (comments: none)
Launchpad 1.1.8 has been released. Launchpad is the suite of tools used to
create Ubuntu and it's sister distributions. This release sees a great
deal of activity in the Bug Tracker, an important new feature in Code, an
exciting development in the Personal Package Archive beta and improvements
right across every other part of Launchpad.
Full Story (comments: none)
Distribution News
For those of you who have been wondering what the next Ubuntu release will
be named, the long wait is over: Ubuntu 8.04, due next April, will be
called "Hardy Heron." " Not only will the Ubuntu
community continue to do what it does best, produce an easy-to-use,
reliable, free software platform, but this release will proudly wear the
badge of Long Term Support (LTS) and be supported with security updates
for five years on the server and three years on the desktop." Goals
for the release will be hammered out at the developers' meeting in October.
Full Story (comments: 10)
Matthias Klose takes a look at IcedTea, a temporary fork of OpenJDK, as
packaged for Ubuntu's Gutsy release.
Full Story (comments: none)
The Ubuntu Mobile project uses a new architecture "lpia". " [T]he
architecture resembles "i386", but uses different optimizations options in
the compiler, different configuration and build options for some
packages. Because Ubuntu Mobile uses only a subset of main, and almost
nothing of universe, a large part of the archive is not yet built for this
architecture."
Full Story (comments: 2)
Click below to see a recap of the August 21, 2007 meeting of the Fedora
Board. Topics discussed include Job Descriptions, Leadership Impact,
Future of Fedora and Quality.
Full Story (comments: none)
Distribution Newsletters
Fedora Weekly News issue #102, for the week of August 20th is out. The publication will be taking a few weeks off, the next issue will be after September 21st. Highlights in this edition include disabling "dontaudit" rules for Fedora 8, cleaning old files and packages, Remind, Gallery2, and more. Click below to read it.
Full Story (comments: none)
The Gentoo
Weekly Newsletter for August 20, 2007 covers the upcoming Council
elections, including interviews with the candidates, and several other
topics.
Comments (none posted)
The Ubuntu Weekly Newsletter for August 25, 2007 covers Canonical's new
store opening, the announcement of UDS-Boston, Gutsy Gibbon's latest alpha
release, Launchpad's new features, and much much more.
Full Story (comments: none)
The DistroWatch
Weekly for August 27, 2007 is out. " There is little doubt about
it - Ubuntu is the most popular desktop Linux distribution on the
market. But the great variety of available statistics, usage surveys and
web long analyses means that it's often impossible to estimate the true
usage figures and switching habits of individual users. Does it all really
matter? Read our editorial on the subject and comment in the forums. In the
news section, we link to a handful of interesting articles covering the
openSUSE package management, Gentoo overlays, and Debian boot process with
initng. Finally, the KDE development team has revealed that its official
KDE 4 release party will only take place some four months after the release
of version 4.0. The reason? Read on to find out."
Comments (none posted)
Distribution meetings
A Ubuntu Developer Summit for 8.04 will be held in Cambridge, Massachusetts
to help shape the next release of Ubuntu.
Full Story (comments: none)
Newsletters and articles of interest
Bdale Garbee, former Debian project leader and current HP chief technologist for Linux and open source, reflects on Debian in a LinuxWorld article. " The Debian distribution is a fascinating social phenomenon. Imagine a voluntary group of more than 1,000 registered developers who build and distribute software that is equal or superior to any commercial operating system -- and theres no company backing them. Since Debian isnt a company, developers dont have to worry about being bought or sold, going through a hostile take-over, answering to shareholders or going bankrupt. Theres no significant money trail, because Debian is based on donated time and resources. This leaves the developers free to pursue their passion to write and use free software. Outsiders sometimes view this as an unruly group that argues a lot, but don't be fooled by the vocal minority. Debian is an amazingly tight-knit community of people who share a passion and enjoy working and playing together."
Comments (none posted)
openSUSE News takes a look at
the new package management stack included with openSUSE 10.3.
" openSUSE 10.3 is set to contain a new, significantly improved and
more mature package management stack by default. ZMD, the package
management component causing problems in SUSE Linux 10.1 and to a lesser
extent in openSUSE 10.2, has been completely removed and is now replaced by
the new libzypp and its tools. Today we'll be taking a look at the new
package management and talking to Duncan Mac-Vicar Prett, one of the
central libzypp developers."
Comments (none posted)
Distribution reviews
Here's a review of Debian
Lenny, which uses initng for the init system. " Debian Lenny might be
called the 'testing' version but I find it stable enough to be used every
day as your main OS. The rough edges make it an excellent distribution for
the real geek, the computer user that finds that other distributions are
either to polished (Ubuntu, SuSe) or too rough (Gentoo, Slackware)."
Comments (3 posted)
TuxMachines.org reviews
the beta versions of openSUSE 10.3. " I decided to test this release
on the HP Pavillion laptop I received for Christmas as I had overwritten
10.2 for a previous review and I missed having an openSUSE install on
it. Another reason this seemed like the time was that developers wanted LCD
brightness adjustment, suspend, and the Grub installation tested. Also,
long story short, I had lost access to the Windows XP partition at some
point and needed to restore it first. So, this was the perfect time to test
their Grub installation."
Comments (none posted)
Linux.com looks at three
distributions that are built around MythTV. " My Series 1 TiVo is
getting old, so I am planning an escape route based on MythTV, a free
software system that turns an old computer into a personal video
recorder. This week I tested three MythTV-specific Linux distributions:
KnoppMyth, MythDora, and MythBuntu. I found MythDora the best overall fit
for my needs -- but there are important distinctions between the three that
may lead you to a different decision."
Comments (none posted)
Page editor: Rebecca Sobol
Development
By Forrest Cook August 29, 2007
Jython
is a Python
language implementation in Java. Jython was originally called
JPython, that project
was started
in 1997 by Jim Hugunin at CNRI. The name was changed to adhere to the
original JPython license requirements. Jython has been released under
version 2 of the
Python Software Foundation license.
The Jython project description states:
Jython is an implementation of the high-level, dynamic, object-oriented language Python written in 100% Pure Java, and seamlessly integrated with the Java platform. It thus allows you to run Python on any Java platform.
the Jython FAQ explains
further:
Jython implements the Python programming language on the Java(tm) Platform. It consists of a compiler to compile Python source code down to Java bytecodes which can run directly on a JVM, a set of support libraries which are used by the compiled Java bytecodes, and extra support to make it trivial to use Java packages from within Jython.
On August 23, 2007, Frank Wierzbicki
announced Jython version 2.2 on his weblog.
"This is the first production release of Jython in nearly six years,
and it contains many new features". The Jython
News page
shows that Jython 2.2 has been in beta test since February, 2007.
Jython 2.2 fully implements the features of Python version 2.2.
New capabilities in Jython 2.2 include:
new-style classes, Java List integration, a PEP 302 implementation,
iterators, generators, __future__ division,
support for modern JVMs, a new installer and
ssl and non-blocking support for sockets.
The changelog file
has a more detailed release history.
The Jython
project roadmap
explains the plans for the future developments. Support for Python 3000
is planned. Jython is a few steps behind Python, which is currently at
version 2.5.1.
Jython 2.2 is available for download
here. The
installation instructions are straightforward. A test install
was performed on your author's Ubuntu 6.10 (Edgy Eft) system with the
Java 2 Runtime Environment, Standard Edition build 1.5.0_08-b03.
The installation went smoothly and some simple Python test programs
were executed with no problems. As
noted in the FAQ, JPython startup was noticeably slower
than regular CPython.
If you need to run Python on a variety of Java-supported platforms,
or need to access Java classes under Python, give Jython 2.2 a try.
Comments (8 posted)
System Applications
Database Software
Sub-release 2.0.2 of the Firebird DBMS has been
announced.
" Firebird 2.0 brings a large collection of long-awaited enhancements that significantly improve performance, security and support for international languages and realise some desirable new SQL language features. Under the surface, it also provides a much more robust code platform from which the re-architecting planned for Firebird 3.0 is proceeding."
Comments (none posted)
Version 5.1.21-beta of the MySQL DBMS has been released.
" Bear in mind that this is a beta release, and as with any other
pre-production release, caution should be taken when installing on
production level systems or systems with critical data."
Full Story (comments: none)
The August 26, 2007 edition of the PostgreSQL Weekly News
is online with the latest PostgreSQL DBMS articles and resources.
Full Story (comments: none)
Embedded Systems
Unstable version 1.7.0 of BusyBox,
a collection of command line utilities for embedded systems, is out
with bug fixes, some new applets and other improvements.
Comments (none posted)
Filesystem Utilities
Version 0.5.1 of Allmydata-Tahoe, a secure, decentralized storage grid,
has been announced. This version adds some new features and fixes some
bugs and security issues.
Full Story (comments: none)
Virtualization Software
MontanaLinux.org has an interview with Kir Kolyshkin, project manager for OpenVZ, a Linux virtualization project.
ML: Are there any areas in the OpenVZ project that you wish you had a bunch of volunteers to work on?
Kir: We have already seen some good contributions here and there, but there's always room for more! I would really like people to work more on tools, especially template tools and OpenVZ control libraries (a.k.a. vzctl-lib). A lot of people already contribute OpenVZ templates, and I'd like that to continue with not only OS templates, but also some kind of virtual appliances (i.e. a pre-installed set of applications for a specific purpose, like running a mail server).
I wish we could have some help with the mainstream integration -- if anyone would like to join the fun, start with subscribing to containers-at-linux-foundation-dot-org.
(thanks to Warren Sanders).
Comments (11 posted)
Web Site Development
Version 0.7.0 of Chandler Server, a server and Ajax web UI for managing and
sharing calendars, events, and tasks, is out.
" This release is a substantial improvement over Cosmo 0.6.1 and is
recommended for general usage."
Full Story (comments: none)
Version 1.0 of Kochizz has been
announced. Kochizz is:
" A free graphical user interface to edit Apache HTTP Server configuration files.
After several months of development, the SS2L OpenDev publishes a first version of the free project Kochizz. This graphic tool aims at facilitating the configuration of the Apache Web servers."
Comments (none posted)
The August 26, 2007 edition of the
Django Roundup covers the latest news from the Django web platform.
Comments (none posted)
Desktop Applications
Audio Applications
Version 6 of jack_mixer, an audio mixer application for the JACK Audio
Connection Kit, is out.
" Changes since version 5:
Fix building against jack 0.102.20,
Handle python prefix different from install prefix,
Fix LASH-less operation,
Update install instructions after lash-0.5.3 and phat-0.4.1 releases,
Apply Markus patch (thanks!) for sr #1698 (can't restore session using LASH)".
Full Story (comments: none)
Business Applications
Stable version 1.11.0 of openCRX has been
announced.
" openCRX is a professional CRM solution (customer relationship management) deployable to all major platforms. openCRX is multi-entity enabled, scalable, a real enterprise-class CRM-solution - new: Activity Management, Bug Tracking - try our Demo Server".
Comments (none posted)
Calendar Software
Version 2.1 of qOrganizer has been
announced.
" qOrganizer is a general organizer that includes a calendar with schedule,reminders,journal/notes for every day, to-do list.But provides features useful for students such as:timetable and a booklet for marks and absences.It's designed to be easy to use.
2.1 is a bugfix release."
Comments (none posted)
Data Visualization
Version 1.9.4 of Geomview
is out with bug fixes.
" Geomview is an interactive 3D viewing program for Unix. Geomview lets you view and manipulate three-dimensional objects, and can also be used as a display engine by other programs to animate objects. Geomview supports OpenGL and uses a Motif X interface."
Comments (none posted)
Desktop Environments
The following new GNOME software has been announced this week:
- Accerciser 0.1.91 (documentation and translation work)
- Beagle 0.2.18 (bug fixes)
- Clutter 0.4.1 (bug fixes)
- Conduit 0.3.3 (new features and bug fixes)
- Deskbar-Applet 2.19.91 (new features, bug fixes and translation work)
- Empathy 0.12 (new features, bug fixes and translation work)
- Evince 2.19.4 (bug fixes and translation work)
- Evolution 2.11.91 (bug fixes and translation work)
- Eye of GNOME 2.19.91 (bug fixes and translation work)
- gcalctool 5.19.91 (bug fix and translation work)
- GDM2 2.19.7 (new features, bug fixes and translation work)
- Glade 3.3.4 (new features, bug fixes and translation work)
- gnome-control-center 2.19.91 (new features, bug fixes and translation work)
- gnome-games 2.20.0 Beta 2 (bug fixes and translation work)
- gnome-games 2.20.0 Beta 2 Update 1 (bug fixes)
- gnome-keyring 2.19.91 (bug and build fixes, translation work)
- gnome-mag 0.14.7 (new features, bug fixes and translation work)
- gnome-mag 0.14.8 (translation work)
- GNOME Utilities 2.19.91 (bug fixes and translation work)
- GOK 1.3.2 (bug fixes and translation work)
- Gossip 0.27 (new features, bug fixes and translation work)
- gThumb 2.10.6 (performance improvements, bug fixes and translation work)
- gtk-engines 2.11.5 (bug fixes and translation work)
- gtkmm-utils 0.1.0 (initial release)
- libgnomekbd 2.19.91 (bug and build fixes)
- Orca 2.19.91 (bug fixes and translation work)
- PyGTK 2.11.0 (new features, bug fixes and documentation work)
- Seahorse 2.19.91 (new features, bug fixes and translation work)
- Swfdec 0.5.2 (new features and bug fixes)
- Tomboy 0.7.5 (new features and bug fixes)
You can find more new GNOME software releases at
gnomefiles.org.
Comments (none posted)
KDE.News covers the KOffice
Google Summer of Code. " With an avalanche of last-minute commits,
the KOffice Google Summer of Code students finished yet another great
Summer of Code. We had some very exciting projects this year, and most of
them were as great a success as last year. Read on for details of the
achievements."
Comments (none posted)
The following new KDE software has been announced this week:
You can find more new KDE software releases at
kde-apps.org.
Comments (none posted)
The following new Xorg software has been announced this week:
More information can be found on the
X.Org Foundation wiki.
Comments (none posted)
Electronics
Version 0.11 of
eispice,
a clone of the Berkley SPICE 3 electronic simulation engine, has been
announced.
" This release contains several new features and bugfixes, including a new non-linear capacitor model, a Gaussian Pulse waveform, a simple diode model, Python docstrings (built in help), and improved IBIS model support and performance. The module naming has changed significantly and as a result this new release is not backward compatible."
Comments (none posted)
Release 20070827 of
gds2pov is out with a build fix
for Linux x86_64 machines.
" GDS2POV is a program to take a GDS2 layout file and output a POV-Ray scene description file of the GDS2 data. This allows the creation of attractive 3D pictures of a layout."
Comments (none posted)
Development snapshot 1.1.2.20070818 of gEDA/gaf, a collection of electronic
CAD applications, has been
announced.
See the
release notes for more information.
" This development snapshot includes a non-modal multi-attribute dialog box, the return of support for guile 1.6.x, component selector improvements, preview widget improvements, removal of a few memory leaks, lots of code cleanup, and the usual slew bug fixes."
Comments (none posted)
Games
Version 1.0.9.2 of Risk has been
announced.
" This is java version of the classic RISK board game, with a simple map format, network play, 1 player, hotseat, 5 user interfaces and many more features, it works in all OSs that run java 1.4 or higher.
A new map called godstorm has been added. A full map editor is included, and a new 3D view has been added to SwingGUI. There are other minor features and bugfixes."
Comments (none posted)
Interoperability
Version 0.9.44 of Wine has been
announced.
Changes include:
Better heuristics for making windows managed,
Automatic detection of timezone parameters,
Improvements to the builtin WordPad,
Better signatures support in crypt32,
Still more gdiplus functions, and Lots of bug fixes.
Comments (none posted)
Music Applications
The first release of a2jmidid has been announced.
" a2jmidid is daemon for exposing legacy ALSA sequencer applications in
JACK MIDI system. It is based on jack-alsamidi-0.5 (jackd alsa seq midi
backend) by Dmitry Baikov. The main purpose is to ease usage of legacy,
not JACK-ified apps, in JACK MIDI enabled systems."
Full Story (comments: none)
Version 0.4.1 of
GTick, a metronome application,
has been announced. The changes include:
" Fixed segfault on using custom sound file".
Comments (none posted)
Science
Stable version 2 of p has been announced.
" In p, a bunch of particles interact with each other according to this simple rule: every particle moves towards, away, or watches another particle(s). When the program starts, each particle chooses a random color, position, and the particle(s) it will move towards, away, or watch. As the program runs, some particles join together to form a train and journey together thereafter. Some orbit each other. Some collapse into each other. Some form swarms that split and join. One cannot predict when or where or how many of these behaviours will emerge but they usually do."
Comments (none posted)
Speech Software
Version 1.29 of eSpeak,
a speech synthesizer, is out with bug fixes and minor improvements.
Comments (none posted)
Languages and Tools
BASIC
GnomeDesktop
looks at
new GTK support in GAMBAS, a BASIC language environment.
" More recently however I've been experimenting with GAMBAS (it's *not* aimed at writing games) and found that although it sports a Qt front-end and widget set, it's very robust and provides a fantastic IDE approaching the levels of Delphi / VB.
One of the new features available in the development version that has thus far been overlooked is full Gtk support!"
Comments (1 posted)
Caml
The August 28, 2007 edition of the Caml Weekly News
is out with new Caml language articles.
Full Story (comments: none)
Erlang
Version 0.3.32 of Erlide has been
announced. Erlide is:
" An Eclipse plugin providing IDE support for Erlang (http://www.erlang.org), a concurrency-oriented language developed by Ericsson.
This release includes the reworked RPC mechanism. It may still have some rough edges. There are no direct user-visible changes, but I would be glad to know if there are any crashes/bugs/errors."
Comments (none posted)
Lisp
Version 1.0.9 of Steel Bank Common Lisp has been announced.
" This version improves
object finalization, code coverage annotations, and more."
Full Story (comments: none)
Python
The August 27, 2007 edition of the Python-URL! is online with
a new collection of Python article links.
Full Story (comments: none)
Build Tools
Version 1.3 of IcedTea has been announced.
" This release represents the inclusion of a web browser plugin!
The IcedTea project provides a harness to build the source code from
OpenJDK using Free Software build tools and
provides replacements libraries for the binary plugs with code from the
GNU Classpath project."
Full Story (comments: none)
Libraries
Stable version 2.0.3 of
libavl has been released.
" libavl is a balanced tree library that comes with full documentation. It includes unthreaded, right threaded, and fully threaded variants of AVL tree, as well as unthreaded red-black trees. It features self-test routines as well as insertion, deletion, tree count, tree copy, tree walking and traversal, search, and threading and unthreading routines."
Comments (none posted)
Test Suites
Version 0.9.0 of the Linux Desktop Testing Project has been announced.
" This release
features number of important breakthroughs in LDTP as well as in the
field of Test Automation. This release note covers a brief introduction
on LDTP followed by the list of new features and major bug fixes which
makes this new version of LDTP the best of the breed."
Full Story (comments: none)
Page editor: Forrest Cook
Linux in the news
Recommended Reading
Linux.com looks at ten
years of GNOME. " It seems like just yesterday that the GNOME Project
got its start, but actually it was a decade ago that Miguel de Icaza got
the ball rolling. While de Icaza has largely focused his time on Mono
recently, the GNOME community has kept making progress. To get some
perspective on GNOME's history, I spoke to de Icaza and longtime GNOME
contributor and GNOME Foundation board member Jeff Waugh."
Comments (31 posted)
apc features an interview
with Linus Torvalds.
" APC: Out of curiosity, do you have anything to say to hardware manufacturers who refuse to release datasheets or specifications about the functioning of their hardware so it could operate with the Linux kernel?
LT: Is "I hope you all die a painful death" too strong?
The good news is that a lot of hw manufacturers are actually doing the right thing. Intel in particular has improved wrt open source a lot, and for that reason I tend to suggest that when buying a machine, just make sure that you buy one with Intel graphics and wireless. That takes care of the two biggest annoyances right there.
But Intel certainly isn't the only one, and we're doing fairly well in general - with just a few dark spots."
Comments (26 posted)
Companies
ars technica reports on the availability of the latest Flash beta for Linux. " During the development of Flash Player 9, Adobe sought to make the program's infrastructure truly cross-platform compatible so that future versions of the player wouldn't have to be ported to Linux after every release. Adobe hoped to ensure that future Flash player releases could be issued simultaneously for all major platforms. Adobe's success in this respect is illustrated by the availability of this latest Flash player beta for Linux at the same time that it's available for Windows and Mac OS X."
Comments (8 posted)
Linux Adoption
Linux.com reports that
the Free Software Foundation is connecting with environmentalists.
" Continuing its efforts to connect with social activists, the Free
Software Foundation (FSF) has released an open letter signed by major
environmental organizations. The letter urges activists to reject lockdown
technologies in general and Windows Vista in particular as hostile to their
ethics and the causes they support, and to support free software
instead. The letter is only the first in a series that the FSF plans to
release in the coming months, each of which will be crafted to make an
ethical or pragmatic appeal to a specific group's concerns."
Comments (none posted)
Legal
TorrentFreak covers a forcible change of operating system to enable monitoring. " 'I had a meeting with my probation officer today, and he told me that he has to install monitoring software onto my PC. No big deal to me, that is part of my sentence. However, their software doesn't support GNU/Linux (Which is what I use). So, he told me that if I want to use a computer, I would have to use an OS that the software can be installed on.'" (Thanks to Ludo Stellingwerff).
Comments (34 posted)
Here's an InformationWeek article about this week's software patent silliness. " The lawsuit charges the companies with implementing systems that 'comprise interpreting electronic messages with rule base and case base knowledge engines' as described in the patent held by the plaintiff, 'Automatic message interpretation and routing system.'" The patent claims are quite general and could easily describe packages like Mailman.
Comments (2 posted)
Linux.com muses on the ownership of (so-called) intellectual property, including a discussion with
Richard E. Fontana, of the Software Freedom Law Center. " 'Intellectual property is property; like any other form of property, ownership can be transferred to someone else. With respect to copyrights (and also patents and trademarks), an outright transfer of all rights to someone else is called an "assignment." Ownership generally means the ability to exercise all rights associated with a form of property, so to convey ownership of copyrights you would assign them. (If you transfer fewer than all rights to someone else, that's a "license.") You can assign copyrights to someone else in return for compensation, or you can assign them as a gift. In the US, at least, an assignment must be in writing and signed by the person conveying the copyrights.'"
Comments (25 posted)
Resources
Dru Lavigne
compares Ubuntu 7.04 to PC-BSD 1.4 on O'Reilly.
" Linux mavens are usually pretty sure they'll never go back to (or start
using) Windows. They may like Mac OS, but usually don't jump ship for that
either. But how about the other open source Unix descendant, BSD? Dru
Lavigne offers a basic primer on what's different in PC-BSD for a Linux user,
and what's better."
Comments (26 posted)
LinuxDevices has a guest
whitepaper authored by Bruno Zoppis, a Trango product manager.
" This guest whitepaper explains how a hypervisor can be used to
leverage GPL software while isolating it from proprietary code, in order to
ensure compliance with the requirements of the GPL. It was written by a
TRANGO Virtual Processors product manager, and uses that company's
hypervisor as an example." (Thanks to Phil Endecott)
Comments (24 posted)
Reviews
Pat Eyler takes a
look at a documentation coverage tool for Ruby, on Linux Journal.
" How often have you thrown up your hands in disgust at the poor
quality of documentation for an open source project? Wouldn't it be nice if
someone put together a documentation coverage tool that worked like test
coverage tools? Well, you're in luck--dcov is here (at least for Ruby
code)."
Comments (2 posted)
Linux.com takes a look at the Creative Commons' LiveContent mini-distribution and finds it lacking. " The CD is a modified version of the Fedora 7 live CD. Bypassing the login screen, it boots directly to a customized GNOME desktop, with a Firefox browser opened to a welcome page -- and that is where the trouble with the presentation begins. Instead of beginning with a concrete explanation of the CD or explaining what Creative Commons and free software are, the welcome page begins by repeating the vague rhetoric of the project wiki. It does not even encourage users to make free use of the material on the CD. If I were someone who had never heard of either Creative Commons or free software, I wouldn't know what to think."
Comments (none posted)
Mayank Sharma looks at
md5deep on Linux.com.
" Most of the ISO images and other software you grab off the Internet come with a message digest -- a cryptographic hash value that you can use to verify their integrity. While almost all Linux distributions come with utilities to read and generate digests using MD5 and SHA1 hash functions, the md5deep utilities can do that and more.
md5deep computes MD5, SHA-1, SHA-256, Tiger, and Whirlpool digests across Linux, Windows, Mac OS X, *BSD, Solaris, and other operating systems. It can recursively traverse directories, computing sums for files under subdirectories as well."
Comments (28 posted)
Linux.com reviews UFRaw 0.12. " There is more to UFRaw than just new tools and icons, though. As hinted at above, UFRaw is color-managed, and this release is the first to support display profiles and display profile rendering intents. That makes it possible to use a fully color-managed workflow for your editing session; something not to be taken lightly."
Comments (1 posted)
Page editor: Forrest Cook
Announcements
Non-Commercial announcements
The Electronic Frontier Foundation has sent out a press release concerning
bogus patents on Internet subdomains.
" The Electronic Frontier Foundation (EFF) is
challenging a bogus patent on Internet subdomains that has
been used to threaten small businesses and innovators.
Ideaflood, a self-proclaimed "intellectual property holding
company," used this illegitimate patent to demand payment
from website hosting companies that offer virtual,
personalized subdomains -- like "action.eff.org" for the
parent domain "eff.org." But in a reexamination request
filed with the United States Patent and Trademark Office
(PTO) today, EFF and Rick Mc Leod of Klarquist Sparkman,
LLP show that the method Ideaflood claims to have invented
was well known before the patent was issued. In fact,
website developers were having public discussions about how
to create these virtual subdomains on an Apache developer
mailing list for more than a year before Ideaflood made its
patent claim."
Full Story (comments: 6)
The Free Software Foundation has released the following statement in
response to claims by Microsoft regarding their obligations under the GNU
General Public License version 3 (GPLv3). " We do not, however, agree
with Microsoft's characterization of the situation involving GPLv3.
Microsoft cannot by any act of anticipatory repudiation divest itself of
its obligation to respect others' copyrights. If Microsoft distributes our
works licensed under GPLv3, or pays others to distribute them on its
behalf, it is bound to do so under the terms of that license. It may not
do so under any other terms; it cannot declare itself exempt from the
requirements of GPLv3."
Full Story (comments: none)
Here is the press release from the Free Software Foundation trying to turn
Windows into an environmental issue. " Today,
environmental and social justice groups united to call for the rejection
of Microsoft Windows Vista and for society's adoption of free software,
highlighting environmental concerns and technology restrictions
associated with proprietary software."
Full Story (comments: none)
The Linux Foundation has sent out a press release giving its position on
the upcoming vote on the adoption of Microsoft's OOXML format as an ISO/IEC
standard. " For all these reasons and more, the Linux Foundation calls upon those
National Bodies that have not yet cast their votes to vote 'No, with
comments.' Those comments should reflect their best, neutral, technical
judgment, based upon OOXML in its current form. Only by doing so, we believe,
can both the future availability of documents, but the integrity of the
standard setting process be assured."
Full Story (comments: 3)
The Law & Life weblog has a
summary of a decision in the JMRI case in California. " The
decision makes two important points: (1) the Artistic License is a contract
and (2) the failure to include the copyright notices was not a
'restriction' on the scope of the license... The second point is very
important because it deals with remedies. Generally, the remedy for
contract violations under US law is damages, not 'injunctive relief' (which
means that the court order a party to cease their violation). On the other
hand, copyright infringement generally includes a presumption that
injunctive relief is appropriate." LWN first covered the JMRI case in April,
2006; interested parties can read a summary of the case
(which has gotten more complicated since then) or can go straight to the court's ruling
[PDF].
Comments (6 posted)
Commercial announcements
Mandriva has announced the launch of Mandriva Benelux
" Our target areas are
corporate applications and solutions to individuals, educational
institutions, public and private organizations, ISVs and OEMs all over
the Belgium, the Netherlands and Luxembourg region.
The goal of Mandriva Benelux NV is to provide local distribution of
Mandriva Linux and other integrated open source applications in
multiple languages throughout Belgium, the Netherlands and Luxembourg."
Full Story (comments: none)
Almost one year ago, the One Laptop Per Child project took some grief for developing
device drivers for its laptop under non-disclosure agreements. It was
asserted that, by giving in to hardware vendors in this way, OLPC was
ensuring that specifications for the hardware would never become available.
So it is nice to see that Marvell has followed through on at least part of
its promise and released the 88ALP01 data
sheet. This specification covers the camera, SD, and NAND flash
controllers.
Comments (4 posted)
Mozilla has
announced the Firefox browser Campus Edition.
" The bundled version of Firefox
with three popular add-ons is geared towards students and provides easy
access to music, timesaving research tools and highly rated web sites."
Comments (none posted)
Novell, Inc. has
announced a Linux deployment at some German universities.
" Novell today announced that
state universities across the Federal State of North Rhine Westphalia in
Germany have selected Novell for their critical IT infrastructure systems.
The agreement will give 560,000 students and employees across 33
universities access to key enterprise management and Linux* services from
Novell, including SUSE(R) Linux Enterprise Desktop."
Comments (none posted)
New Books
O'Reilly has published the book Learning PHP & MySQL, 2nd Edition by Michele E. Davis and Jon A. Phillips.
Full Story (comments: none)
O'Reilly has published the book Security Power Tools by
Nicolas Beauchesne, Philippe Biondi, Bryan Burns, Chris Iezzoni, Jennifer
Statis Grannick, Paul Guersch, Dave Killion, Michael Lynn, Steve Manzuik,
Eric Markham, Eric Moret and Julien Sobrier.
Full Story (comments: none)
Surveys
DesktopLinux.com presents
the results
from the 2007 Desktop Linux Survey.
" The leading Linux distribution is the Ubuntu family -- 30 percent of our survey respondents are using Ubuntu or one of its sister distributions: Kubuntu, Xubuntu, and Edubuntu. While there are other distributions that owe a great deal to Ubuntu -- Linspire, Freespire, MEPIS, Linux Mint, and Pioneer all come quickly to mind -- we decided not to count them for Ubuntu this year, since some, like Freespire, have just made the switch, while others, such as MEPIS, are switching back to Debian, and Pioneer is going in its own direction. Next in popularity, after the ever-popular Ubuntu family, comes the SUSE Linux family with 21 percent."
Comments (6 posted)
Education and Certification
LinuxDevices.com
reports
that LinuxCertified will hold a three-day class on embedded and real-time
Linux development.
" Set for Sept. 12-14 in Sunnyvale, Calif., LinuxCertified's embedded Linux course promises to examine, "why Linux, how to embed Linux, and how to measure and obtain real-time performance," the vendor said."
Comments (none posted)
Calls for Presentations
A Call For Participation has gone out for the 2008 O'Reilly ETel Conference.
" Now in its third year, ETel, the O'Reilly Emerging Technology
Conference, brings together all of the voices in telephony that need to be heard--from
telecommunication company executives, garage hackers, mobile executives, programmers, researchers
to venture capitalists, community activists and CEOs. The call for participation is now open;
submissions will be accepted until September 17, 2007.
The conference, taking place March 3-4 in San Diego, California, is an ambitious mix of
inspirational speakers who lay out visionary road maps to the future, combined with practical,
unconventional hacks from small, innovative startups."
Full Story (comments: none)
A Fedora mini-conf has been scheduled for linux.conf.au 2008 in Melbourne, Australia. Presentations are being solicited for 50, 25, and 10 minute slots. Click below for more information.
Full Story (comments: none)
LinuxChix, the organization for women who like Linux and free software, announces a mini-conf as part of linux.conf.au 2008 in Melbourne, Australia. A call for 50, 25, and 10 minute presentations is being announced as well. Click below for more information.
Full Story (comments: none)
A call for papers has gone out for the MySQL Miniconf at LinuxConfAU 2008.
" There are about 6 or 7 slots of 50 minutes each. We could do 2x25
minutes for some, and possibly a slot with 5 minute lightning talks.
A proposal should contain a short title and abstract of what you
intend to talk about, what duration the talk would be (5, 25, 50),
and a brief bio of yourself."
Full Story (comments: none)
Upcoming Events
The Cell Hack-a-thon II will be held in Austin, TX on September
22-25, 2007.
" You are invited to attend Hack-a-thon II, Austin, Texas, September
22-25, two days prior to and then in conjunction with the Power
Architecture Developer Conference.
In this 4 day event, Terra Soft will host a 6 node PS3 cluster and
hands-on workshop for the installation of Yellow Dog Linux, compute
image deployment via Y-HPC, and use of Torque and Moab for job
management. Hack-a-thon attendees are given opportunity to test their
own parallel and distributed code."
Full Story (comments: none)
HITBSecConf2007 will be held on September 3-6, 2007 in Malaysia.
" Organized as a
community centric, non-profit effort, HITBSecConf is Asia's largest
network security event featuring 4 keynote speakers, 7 tracks of
technical training sessions and access to over 30 hours of deep
knowledge demos and presentations!"
Full Story (comments: none)
The Linux Foundation has announced a Legal Summit.
" The Linux Foundation is pleased to issue an invitation to in-house
counsel for all of our members to participate in the Linux Foundation
Legal Summit on October 25 and 26, 2007. This collaborative workshop
will provide an opportunity for in-house counsel involved in shaping
member policies around open source or open standards issues to lend
their experience and expertise to the development of Linux Foundation
legal strategy."
Full Story (comments: none)
The Office 2.0 Conference will take place in San Francisco, CA
on September 5-7, 2007.
" The event will feature over 100 speakers and panelists, and
include 6 keynote presentations and 21 panels.
The conference will be kicked off with a quick presentation of the exclusive applications developed
for the iPhone by Etelos, and an introduction to the enterprise-grade WiFi network deployed for the
event by Covad and Swisscom. This year, every attendee will receive an iPhone to support real-time
collaboration during the event."
Full Story (comments: none)
The Ubuntu Developer Summit to plan the next Ubuntu release has been announced. It is slated for 27 October through 2 November in Cambridge, Mass. Click below for more details.
Full Story (comments: none)
Events: September 6, 2007 to November 5, 2007
The following event listing is taken from the
LWN.net Calendar.
| Date(s) | Event | Location |
September 3 September 6 |
HITBSecConf2007 |
Kuala Lumpur, Malaysia |
September 5 September 7 |
RAID 2007 |
Gold Coast, QL, Australia |
September 5 September 6 |
2007 Linux Kernel Developers Summit |
Cambridge, UK |
September 5 September 7 |
Office 2.0 Conference |
San Francisco, CA, USA |
September 6 September 8 |
Intelligent Data Acquisition and Advanced Computing Systems |
Dortmund, Germany |
September 7 September 8 |
LinuxWorld China 2007 |
Beijing, China |
September 7 September 8 |
LinuxChix Brasil |
Asa Sul, Brazil |
September 8 September 12 |
GITEX Technology Week |
Dubai, United Arab Emirates |
September 8 September 9 |
PyCon UK 2007 |
Birmingham, UK |
September 10 September 14 |
Django Bootcamp with Juan Pablo Claude |
Atlanta, GA, USA |
September 10 September 12 |
X Developers' Summit |
Cambridge, UK |
September 10 September 12 |
Sun Grid Engine Workshop 2007 |
Regensburg, Germany |
September 11 September 12 |
3rd International Conference on
IT-Incident Management and IT-Forensics |
Stuttgart, Germany |
September 11 September 14 |
5th Netfilter Workshop |
Karlsruhe, Germany |
September 11 September 13 |
VMworld 2007 |
San Francisco, CA, USA |
September 14 September 15 |
EuroBSDCon 2007 |
Copenhagen, Denmark |
| September 14 |
Django Sprint |
online, |
September 15 September 16 |
Texas Python Unconference |
Houston, TX, USA |
| September 15 |
Software Freedom Day |
The Internet, Worldwide |
September 17 September 19 |
RailsConf Europe 2007 |
Berlin, Germany |
| September 17 |
Bruce Perens to speak in Berkeley, September 17 |
Berkeley, CA, USA |
September 18 September 21 |
Embedded Systems Conference |
Boston, MA, USA |
September 18 September 20 |
High Performance Embedded Computing Workshop |
Lexington, MA, USA |
September 19 September 21 |
OpenOffice.org Conference 2007 |
Barcelona, Spain |
September 19 September 21 |
Gartner Open Source Summit |
Las Vegas, NV, USA |
September 22 September 25 |
Cell Hack-a-thon II |
Austin, TX, USA |
September 24 September 27 |
14th Annual Tcl/Tk Conference |
New Orleans, USA |
September 24 September 25 |
Power Architecture Developer Conference |
Austin, TX, USA |
September 24 September 27 |
Free and Open Source Software for Geospatial 2007 |
Victoria, BC, Canada |
September 27 September 28 |
Audio Mostly 2007 |
Ilmenau, Germany |
September 28 September 30 |
Ohio LinuxFest 2007 |
Columbus, USA |
September 28 September 29 |
Freed.in |
Delhi, India |
| September 28 |
IRC discussion on AGPLv3 and GPLv3 |
online, world |
September 30 October 3 |
Gelato ICE: Itanium® Conference & Expo |
Biopolis, Singapore, Singapore |
October 2 October 3 |
Openmind 2007 |
Tampere, Finland |
October 3 October 5 |
Apache Cocoon Get Together |
Rome, Italy |
October 6 October 7 |
Wineconf 2007 |
Zurich, Switzerland |
October 6 October 8 |
GNOME Boston Summit |
Boston, MA, USA |
October 7 October 9 |
Graphing Social Patterns |
San Jose, CA, USA |
October 8 October 10 |
VISION 2007 Embedded Linux Developer Conference |
Santa Clara, USA |
| October 8 |
Embedded Linux Bootcamp for Beginners |
Santa Clara, CA, USA |
October 9 October 10 |
Profoss |
Brussels, Belgium |
October 10 October 12 |
Plone Conference 2007 |
Naples, Italy |
| October 12 |
Legal Summit for Software Freedom |
New York, NY, USA |
October 13 October 14 |
T-DOSE 2007 (Technical Dutch Open Source Event) |
Eindhoven, The Netherlands |
| October 13 |
The Ontario Linux Fest Conference |
Toronto, Canada |
| October 13 |
Aka Linux Kernel Developer Conference |
Beijing, China |
| October 16 |
Databases and the Web |
London, England |
October 17 October 19 |
2007 WebGUI Users Conference |
Madison, WI, USA |
October 17 October 19 |
Web 2.0 Summit |
San Francisco, CA, USA |
October 18 October 20 |
HackLu 2007 |
Kirchberg, Luxembourg |
October 19 October 21 |
ToorCon 9 |
San Diego, CA, USA |
October 20 October 21 |
Ubucon.de |
Krefeld (Köln), Germany |
| October 20 |
PostgreSQL Conference Fall 2007 |
Portland, OR, USA |
| October 20 |
./freedom & opensource day - PERU |
Lima, PERU |
October 21 October 25 |
OOPSLA 2007 |
Montreal, Canada |
October 21 October 26 |
Colorado Software Summit |
Keystone, CO, USA |
October 22 October 26 |
OpenGL Bootcamp with Rocco Bowling |
Atlanta, GA, USA |
October 22 October 23 |
She's Geeky - A Women's Tech (un)Conference |
Mountain View, CA, USA |
October 23 October 25 |
Open aLANtejo 07 - CNSL07 |
Évora, Portugal |
October 23 October 26 |
Black Hat Japan |
Tokyo, Japan |
October 25 October 26 |
FSOSS 2007 - Free Software and Open Source Symposium |
Toronto, Canada |
October 27 October 28 |
FOSSCamp 2007 |
Cambridge, MA, USA |
| October 27 |
Linux Day Italy |
many cities around country, Italy |
October 28 November 2 |
Ubuntu Developer Summit |
Cambridge, Massachusetts, USA |
| October 29 |
3rd International Workshop on Storage Security and Survivability |
Alexandria, VA, USA |
October 29 November 1 |
Fall VON Conference and Expo |
Boston, MA, USA |
October 30 October 31 |
BCS'07 |
Jakarta, Indonesia |
October 31 November 1 |
LinuxWorld Conference & Expo |
Utrecht, Netherlands |
November 1 November 2 |
The Linux Foundation Japan Symposium |
Tokyo, Japan |
| November 2 |
5th ACM Workshop on Recurring Malcode |
Alexandria, VA, USA |
November 2 November 3 |
Embedded Linux Conference, Europe |
Linz, Austria |
November 2 November 4 |
Real-Time Linux Workshop |
Linz, Austria |
| November 3 |
Linux-Info-Tag Dresden |
Dresden, Germany |
If your event does not appear here, please
tell us about it.
Audio and Video programs
Seb Ruiz has announced
the availability of video interviews from the KDE Multimedia Meeting.
" You might remember, that a little over a year ago kde.nl graciously hosted the KDE multimedia meeting (or k3m for short). Whilst we were there, hacking away, the folks from Source21 joined us to do some interviews for their open source software vidcast. If you take some time to watch the video, youll hear from Martijn Klingens (KDE marketing, KDE.nl), Matthias Kretz (Phonon) and myself (Amarok) speaking about our respective areas of expertise."
Comments (none posted)
Page editor: Forrest Cook
|
|
|