Late last month, Novell laid off the
development team for the AppArmor security tool. AppArmor is widely
deployed by SUSE Linux users to restrict programs from accessing things
that they shouldn't. Novell intends to keep shipping AppArmor, while two
other distributions are adding support for it, which makes this move a bit
puzzling. Reasons are hard to come by when a "reduction in force" (a
common euphemism for layoff) happens, but Novell did clearly indicate that
they had no plans to stop using AppArmor as the "core security technology
in SUSE Linux Enterprise."
When a project team is laid off, it is common for the team to lose
interest in the project – go off to find other things to do –
but that does not appear to be the case here. Some of the laid-off team members have
formed Mercenary Linux to do
AppArmor consulting. They intend to work with Novell and others to guide
AppArmor
through the kernel submission process, with the goal of getting merged into
the mainline. There are some hurdles to clear before that
can happen – if it does – but AppArmor does not have the look
of a project being abandoned, at least yet.
AppArmor was originally a proprietary program, which Novell acquired in
2005 when they bought Immunix, the company that developed it. In January
2006, Novell released it under the GPL and in April of that year, submitted
it as a patch for inclusion in the kernel. The reaction was rather unfavorable,
with the main issue being the reliance on paths, rather than information
stored in the filesystem inode, to determine security policy. The main
advantage cited by AppArmor proponents is that it is much easier to
understand and manage compared to SELinux, its main competitor in the Linux
security module arena.
AppArmor is included in SUSE Linux and has become popular, so much
so that both Mandriva and Ubuntu are shipping it in their next releases.
Because of that, Crispin Cowan, founder of Immunix and former AppArmor team lead at
Novell, guesses that "by early 2008 a majority of all Linux
users will have AppArmor running on their desktop."
After letting the developers go, Novell has no plans to stop shipping AppArmor according to
Kevan Barney, senior public relations
manager:
We remain committed to AppArmor as our application security solution inside
SUSE Linux Enterprise. We have no plans to change to SELinux or another
alternative technology, although we always reserve the right to evaluate
market conditions to provide the maximum value to our customers.
AppArmor is shifting to an open source development model,
where Novell will still be participating as part of the community. As Barney
puts it:
[...] we partner with the community to provide a part of the innovation and
testing efforts, which we complement with our own focused efforts and
investments. Novell will continue its maintenance of the core kernel code
and will continue in our efforts to move this upstream. We will also invest
in key new features as driven by market need.
Cowan agrees that the project is moving away from a one-company model: "AppArmor is becoming a truly
distributed open source
project, and Mercenary Linux hopes to be the hub of that community."
He and the other former team members who formed Mercenary Linux are
poised to assist with AppArmor development:
We have an ongoing commitment to the community that we will work to
fulfill - distribution vendors needing integration help, consulting
firms looking for even better management tools, and bug fixes for the
distributions that AppArmor is deployed in.
Both Novell and Mercenary will be pushing to get AppArmor into the kernel,
with another patch submission from Novell expected soon. The impediments
to getting those patches accepted are outlined by Cowan:
The barriers to acceptance are both technical and
political. Technical is "the way you want to do something conflicts with
the way I want to do something" and political is "... and mine is more
important than yours" :-) An unfortunate resolution to that is a
slugfest of whose really is more important, and an adroit solution is to
find a way to achieve both that doesn't conflict. Developers at Novell and
Mercenary are working on that latter path.
AppArmor provides some amount of protection against programs trying to
access files or perform actions that they shouldn't. Just how much
protection it provides is the subject of much debate. There are valid
concerns that it papers over the complexities of securing Linux, providing
a false sense of security, but it would appear that there is a clear path
for it to be included in the kernel. After Linus Torvalds's recent pronouncement that the Linux
Security Modules API would stay in the kernel, one potential barrier to
AppArmor acceptance has fallen.
It remains to be seen if Novell, Mercenary, and the AppArmor community
can work with the kernel hackers to resolve some outstanding issues. The
path-based architecture of AppArmor, while contentious, is not likely to
keep it out of the kernel. It has been a year and a half since the first
submission, though; it will require a concerted effort to work through the
process. With three distributions shipping it and minimal impact on those
who do not enable it, it seems pretty unlikely that it will stay out
forever.
We have been hearing the warnings for years: sooner or later, software
patents were destined to be used against free software. When dire warnings
are repeated over a long period of time, it can become easy to shrug them
off and assume that nothing will ever really come of them. But complacency
does not make the problem go away. And now we have, in the form of a
lawsuit filed against Red Hat and Novell by IP Innovation LLC, a reminder
that the software patent threat is real.
#5,072,412,
"User interface with multiple workspaces for sharing display system
objects". Filed in March, 1987.
#5,533,183,
which has the same title. Filed in February, 1995.
#5,394,521,
again with the same title. Filed in May, 1993.
As might be imagined, the three patents all read about the same. Those who
are not afraid of patentese can get a feel for what has been patented by
reading the first claim of #5,072,412 - one of the claims alleged to be
violated by the defendants:
A system comprising:
a display;
first and second workspace data structures relating respectively to
first and second workspaces that can be presented on the display; each of
the first and second workspaces including a respective set of display
objects; each of the display objects being perceptible as a distinct,
coherent set of display features; the display objects of each respective
set being perceptible as having spatial positions relative to each other
when the respective workspace is presented on the display;
display object means for generating first and second display objects;
the first workspace data structure being linked to the display object means
so that the first display object is in the respective set of display
objects of the first workspace; the second workspace data structure being
linked to the display object means so that the second display object is in
the respective set of display objects of the second workspace; and
control means for accessing the first workspace data structure to
cause the display to present the first workspace including the first
display object; the control means further being for accessing the second
workspace data structure to cause the display to present the second
workspace including the second display object; the display object means
generating the first and second display objects so that the second display
object is perceptible as the same tool as the first display object when the
second workspace is presented after the first workspace.
This claim seems like a fairly straightforward description of a window
manager which provides multiple virtual desktops. It does not take a whole
lot of imagination to extend this reading to describe the behavior of two windows on
the same desktop. Finding software within a Linux system which can be said
to infringe upon these patents is probably not all that hard to do.
Eliminating all code which could be said to infringe, instead, could be
difficult indeed. (Bear in mind, though, that your editor is fortunate
enough not to be a patent attorney; anybody needing a definitive
interpretation of this patent should consult people who know what they are
talking about).
The defense against this attack will require either (1) the location
of sufficient prior art to invalidate the patents, or (2) an argument
that, by the allegedly tightened definition of "obviousness" in the U.S.,
the technology patented is not sufficiently innovative. Red Hat and Novell
have not shared their defensive strategy with the world, and they are
unlikely to do so in the near future. We will almost certainly have to wait and see how
they answer the charges in court.
As an alternative, the two companies could pay the troll in exchange for an
agreement allowing the patented technology to be used in GPL-licensed
software. Assuming an agreement could be reached, this approach would
solve the immediate problem. But it would also encourage every other
patent troll out there to head to court in search of a turn at the trough.
It would be far better to defeat this attack if at all possible.
Regardless of how this case plays out, though, we can be sure that it will
not be the last. There is no shortage of software patents in the U.S. and
no shortage of lawyers willing to turn them into lawsuits. The system
encourages this sort of litigation.
For this reason, your editor feels that the current focus on finding links
between this suit and Microsoft is misplaced. It may well be that
Microsoft is lurking in the shadows somewhere, directing the entire
operation. Your editor has no way of knowing. But there's a couple of
things which should be kept in mind when trying to make that connection.
The first is that Microsoft's presence is in no way necessary to explain
this series of events. Patent trolls are not in short supply, and neither
are patent infringement lawsuits. It was a certainty that one of these
trolls was going to turn its attention to free software companies sooner or
later. IP Innovations, owned by well-known patent troll Acacia, is no
stranger to this sort of litigation; it could have easily decided on this
course of action on its own.
Second, it's not clear that this attack, at this time, is in Microsoft's
interest. For all the talk of the safety provided by Novell's purchase of
a patent non-license from Microsoft, Novell, too, has been sued. No users
have been sued, but, should the plaintiffs decide to target Linux users,
Novell's customers will be just as exposed as Red Hat's customers. Any
other company which might be considering the purchase of a "covenant not to
sue" from Microsoft need only look at this case to see that the covenant
has not solved the problem: the company which bought the covenant is in
the same position as the company which refused to do so. This attack can
also only serve to clarify the problems with software patents in parts of
the world which do not currently allow software to be patented.
In other words, this lawsuit has driven home the fact that, with regard to
software patents in the U.S., Microsoft is not the problem. Microsoft's
own experience on the receiving end of patent infringement lawsuits should
also make that clear. Whether or not Microsoft is behind this suit, the
real problem is the current software patent regime in the U.S. and the
litigation-friendly environment which supports it. If Microsoft were to
vanish tomorrow, the threat would not be reduced in any appreciable way.
So putting the focus on Microsoft is a mistake; we have a much bigger
problem than that.
[Editor's note: welcome to part 4 of Ulrich Drepper's "What every
programmer should know about memory"; this section discusses the particular
challenges associated with non-uniform memory access (NUMA) systems. Those
who have
not read part 1, part 2, and part 3
may wish to do so
now. As always, please send typo reports and the like to lwn@lwn.net
rather than posting them as comments here.]
5 NUMA Support
In Section 2 we saw that, on some machines,
the cost of access to specific regions of physical memory
differs depending on where the access originated. This
type of hardware requires special care from the OS and the
applications. We will start with a few details of NUMA hardware,
then we will cover some of the support the Linux kernel provides for
NUMA.
5.1 NUMA Hardware
Non-uniform memory architectures are becoming more and more common.
In the simplest form of NUMA, a processor can have local memory (see
Figure 2.3) which is cheaper to access than memory local to
other processors. The difference in cost for this type of NUMA system is
not high, i.e., the NUMA factor is low.
NUMA is also—and especially—used in big machines. We have described
the problems of having many processors access the same memory. For
commodity hardware all processors would share the same Northbridge
(ignoring the AMD Opteron NUMA nodes for now, they have their own
problems). This makes the Northbridge a severe bottleneck since
all memory traffic is routed through it. Big machines can, of
course, use custom hardware in place of the Northbridge but, unless the
memory chips used have multiple ports—i.e. they can be used from multiple
busses—there still is a bottleneck. Multiport RAM is complicated and
expensive to build and support and, therefore, it is hardly ever used.
The next step up in complexity is the model AMD uses where an
interconnect mechanism (Hypertransport in AMD's case, technology
they licensed from Digital) provides access for processors which are not
directly connected to the RAM. The size of the structures which can
be formed this way is limited unless one wants to increase the
diameter (i.e., the maximum distance between any two nodes)
arbitrarily.
Figure 5.1: Hypercubes
An efficient topology for the nodes is the hypercube, which limits the
number of nodes to 2C where C is the number of interconnect
interfaces each node has. Hypercubes have the smallest diameter for
all systems with 2n CPUs. Figure
5.1 shows the first
three hypercubes. Each hypercube has a diameter of C which is the
absolute minimum. AMD's first-generation Opteron processors have three
hypertransport links per processor. At least one of the processors
has to have a Southbridge attached to one link, meaning, currently, that a
hypercube with C=2 can be implemented directly and efficiently. The
next generation is announced to have four links, at which point C=3
hypercubes will be possible.
This does not mean, though, that larger accumulations of processors
cannot be supported. There are companies which have developed crossbars
allowing larger sets of processors to be used (e.g., Newisys's
Horus). But these crossbars increase the NUMA factor and they stop
being effective at a certain number of processors.
The next step up means connecting groups of CPUs and implementing a
shared memory for all of them. All such systems need specialized
hardware and are by no means commodity systems. Such designs exist at several
levels of complexity. A system which is still quite close to a
commodity machine is IBM x445 and similar machines. They can be
bought as ordinary 4U, 8-way machines with x86 and x86-64 processors.
Two (at some point up to four) of these machines can then be connected
to work as a single machine with shared memory. The interconnect used
introduces a significant NUMA factor which the OS, as well as
applications, must take into account.
At the other end of the spectrum, machines like SGI's Altix are
designed specifically to be interconnected. SGI's NUMAlink
interconnect fabric is very fast and has a low latency; both of these are
requirements for high-performance computing (HPC), especially when
Message Passing Interfaces (MPI) are used. The drawback is, of course, that such
sophistication and specialization is very expensive. They make a
reasonably low NUMA factor possible but with the number of CPUs these
machines can have (several thousands) and the limited capacity of the
interconnects, the NUMA factor is actually dynamic and can reach
unacceptable levels depending on the workload.
More commonly used are solutions where clusters of commodity machines
are connected using high-speed networking. But these are not NUMA
machines; they do not implement a shared address space and therefore
do not fall into any category which is discussed here.
5.2 OS Support for NUMA
To support NUMA machines, the OS has to take the distributed
nature of the memory into account. For instance, if a process is run
on a given processor, the physical RAM assigned to the process's address
space should come from local memory. Otherwise each instruction has
to access remote memory for code and data. There are special cases to
be taken into account which are only present in NUMA machines. The
text segment of DSOs is normally present exactly once in a machine's
physical RAM. But if the DSO is used by processes and threads on all
CPUs (for instance, the basic runtime libraries like libc) this
means that all but a few processors have to have remote accesses. The OS
ideally would “mirror” such DSOs into each processor's physical RAM
and use local copies. This is an optimization, not a requirement, and
generally hard to implement. It might not be supported or only in a
limited fashion.
To avoid making the situation worse, the OS
should not migrate a process or thread from one node to another. The
OS should already try to avoid migrating processes on normal
multi-processor machines because
migrating from one processor to another means the cache content is
lost. If load distribution requires migrating a process or thread off
of a processor, the OS can usually pick an arbitrary new processor
which has sufficient capacity left. In NUMA environments the
selection of the new processor is a bit more limited. The newly
selected processor should not have higher access costs to the memory
the process is using than the old processor; this restricts the list
of targets. If there is no free processor matching that criteria
available, the OS has no choice but to migrate to a processor
where memory access is more expensive.
In this situation there are two possible ways forward. First, one can
hope the situation is temporary and the process can be migrated back
to a better-suited processor. Alternatively, the OS can also migrate the
process's memory to physical pages which are closer to the newly-used processor.
This is quite an expensive operation. Possibly huge amounts of memory
have to be copied, albeit not necessarily in one step. While this is
happening the process, at least briefly, has to be stopped so that
modifications to the old pages are correctly migrated. There are a
whole list of other requirements for page migration to be efficient
and fast. In short, the OS should avoid it unless it is really
necessary.
Generally, it cannot be assumed that all processes on a NUMA machine
use the same amount of memory such that, with the distribution of processes across
the processors, memory usage is also equally
distributed. In fact, unless the applications running on the machines
are very specific (common in the HPC world, but not outside) the
memory use will be very unequal. Some applications will use vast amounts
of memory, others hardly any. This will, sooner or later, lead to
problems if memory is always allocated local to the processor where
the request is originated. The system will eventually run out of memory local to
nodes running large processes.
In response to these severe problems, memory is, by default, not allocated
exclusively on the local node. To utilize all the system's memory the
default strategy is to stripe the memory. This guarantees equal use
of all the memory of the system. As a side effect, it becomes
possible to freely migrate processes between processors since, on
average, the access cost to all the memory used does not change. For
small NUMA factors, striping is acceptable but still not optimal (see
data in Section 5.4).
This is a pessimization which helps the system avoid severe problems and
makes it more predictable under normal operation. But it does
decrease overall system performance, in some situations significantly.
This is why Linux allows the memory allocation rules to be selected by
each process. A process can select a different strategy for itself and
its children. We will introduce the interfaces which can be used for
this in Section 6.
5.3 Published Information
The kernel publishes, through the sys pseudo file system (sysfs),
information about the processor caches below
/sys/devices/system/cpu/cpu*/cache
In Section 6.2.1 we will see interfaces which can be used to query
the size of the various caches. What is important here is the topology of
the caches. The directories above contain subdirectories
(named index*) which list information about the various caches the CPU
possesses. The files type, level, and shared_cpu_map
are the important files in these directories as far as the topology is
concerned. For an Intel Core 2 QX6700 the information looks as in
Table 5.1.
type
level
shared_cpu_map
cpu0
index0
Data
1
00000001
index1
Instruction
1
00000001
index2
Unified
2
00000003
cpu1
index0
Data
1
00000002
index1
Instruction
1
00000002
index2
Unified
2
00000003
cpu2
index0
Data
1
00000004
index1
Instruction
1
00000004
index2
Unified
2
0000000c
cpu3
index0
Data
1
00000008
index1
Instruction
1
00000008
index2
Unified
2
0000000c
Table 5.1: sysfs Information for Core 2 CPU Caches
What this data means is as follows:
Each core {The knowledge that cpu0 to cpu3
are cores comes from another place that will be explained shortly.}
has three caches: L1i, L1d, L2.
The L1d and L1i caches are not shared with anybody—each core
has its own set of caches. This is indicated by the bitmap
in shared_cpu_map having only one set bit.
The L2 cache on cpu0 and cpu1 is shared, as is the
L2 on cpu2 and cpu3.
If the CPU had more cache levels, there would be more index*
directories.
For a four-socket, dual-core Opteron machine the cache information
looks like Table 5.2:
type
level
shared_cpu_map
cpu0
index0
Data
1
00000001
index1
Instruction
1
00000001
index2
Unified
2
00000001
cpu1
index0
Data
1
00000002
index1
Instruction
1
00000002
index2
Unified
2
00000002
cpu2
index0
Data
1
00000004
index1
Instruction
1
00000004
index2
Unified
2
00000004
cpu3
index0
Data
1
00000008
index1
Instruction
1
00000008
index2
Unified
2
00000008
cpu4
index0
Data
1
00000010
index1
Instruction
1
00000010
index2
Unified
2
00000010
cpu5
index0
Data
1
00000020
index1
Instruction
1
00000020
index2
Unified
2
00000020
cpu6
index0
Data
1
00000040
index1
Instruction
1
00000040
index2
Unified
2
00000040
cpu7
index0
Data
1
00000080
index1
Instruction
1
00000080
index2
Unified
2
00000080
Table 5.2: sysfs Information for Opteron CPU Caches
As can be seen these processors
also have three caches: L1i, L1d, L2. None of the cores
shares any level of cache. The interesting part for this system is the
processor topology. Without this additional information one cannot
make sense of the cache data. The sys file system exposes this
information in the files below
/sys/devices/system/cpu/cpu*/topology
Table 5.3 shows the interesting files in this hierarchy
for the SMP Opteron machine.
physical_ package_id
core_id
core_ siblings
thread_ siblings
cpu0
0
0
00000003
00000001
cpu1
1
00000003
00000002
cpu2
1
0
0000000c
00000004
cpu3
1
0000000c
00000008
cpu4
2
0
00000030
00000010
cpu5
1
00000030
00000020
cpu6
3
0
000000c0
00000040
cpu7
1
000000c0
00000080
Table 5.3: sysfs Information for Opteron CPU Topology
Taking Table 5.2 and Table 5.3 together we
can see that no CPU has hyper-threads (the thread_siblings
bitmaps have one bit set), that the system in fact has four processors
(physical_package_id 0 to 3), that each processor has two cores,
and that none of the cores share any cache. This is exactly what
corresponds to earlier Opterons.
What is completely missing in the data provided so far is information
about the nature of NUMA on this machine. Any SMP Opteron machine is
a NUMA machine. For this data we have to look at yet another part of
the sys file system which exists on NUMA machines, namely in the
hierarchy below
/sys/devices/system/node
This directory contains a subdirectory for every NUMA node on the
system. In the node-specific directories there are a number of files. The
important files and their content for the Opteron machine described in the
previous two tables are shown in Table 5.4.
cpumap
distance
node0
00000003
10 20 20 20
node1
0000000c
20 10 20 20
node2
00000030
20 20 10 20
node3
000000c0
20 20 20 10
Table 5.4: sysfs Information for Opteron Nodes
This information ties all the rest together; now we have a complete
picture of the architecture of the machine. We already know that the
machine has four processors. Each processor constitutes its own node
as can be seen by the bits set in the value in cpumap file in the
node* directories. The distance files in those
directories contains a set of values, one for each node, which
represent a cost of memory accesses at the respective nodes. In this
example all local memory accesses have the cost 10, all remote access
to any other node has the cost 20. {This is, by the way,
incorrect. The ACPI information is apparently wrong since, although
the processors used have three coherent HyperTransport links, at least
one processor must be connected to a Southbridge. At least one pair of nodes
must therefore have a larger distance.} This means that, even though the
processors are organized as a two-dimensional hypercube (see
Figure 5.1), accesses between processors which are not directly connected is
not more expensive. The relative values of the costs
should be usable as an estimate of the actual difference of the access
times. The accuracy of all this information is another question.
5.4 Remote Access Costs
The distance is relevant, though. In [amdccnuma] AMD documents
the NUMA cost of a four socket machine. For write operations the
numbers are shown in Figure 5.3.
Figure 5.3: Read/Write Performance with Multiple Nodes
Writes are slower than
reads, this is no surprise. The interesting parts are the costs of
the 1- and 2-hop cases. The two 1-hop cases actually have slightly
different costs. See [amdccnuma] for the details. The fact we
need to remember from this chart is that 2-hop reads and writes are
30% and 49% (respectively) slower than 0-hop reads. 2-hop writes
are 32% slower than 0-hop writes, and 17% slower than 1-hop writes.
The relative position of processor and memory nodes can make a big
difference. The next generation of processors from AMD will feature
four coherent HyperTransport links per processor. In that case a four
socket machine would have diameter of one. With eight sockets the
same problem returns, with a vengeance, since the diameter of a
hypercube with eight nodes is three.
All this information is available but it is cumbersome to use. In
Section 6.5 we will see an interface which helps accessing and
using this information easier.
The last piece of information the system provides is in the status of
a process itself. It is possible to determine how the memory-mapped
files, Copy-On-Write (COW) pages and anonymous memory are distributed over
the nodes in the
system.
{Copy-On-Write is a method
often used in OS implementations when a memory page has one user at
first and then has to be copied to allow independent users. In
many situations the copying is unnecessary, at all or at first, in
which case it makes sense to only copy when either user modifies the
memory. The operating system intercepts the write operation,
duplicates the memory page, and then allows the write instruction to
proceed.}
Each process has a file /proc/PID/numa_maps,
where PID is the ID of the process, as shown in
Figure 5.2.
The important information in the file is the
values for N0 to N3, which indicate the number of pages
allocated for the memory area on nodes 0 to 3. It is a good
guess that the program was executed on a core on node 3. The program
itself and the dirtied pages are allocated on that node. Read-only
mappings, such as the first mapping for ld-2.4.so and
libc-2.4.so as well as the shared file locale-archive are
allocated on other nodes.
As we have seen in Figure 5.3 the read performance across
nodes falls by 9% and 30% respectively for 1- and 2-hop reads.
For execution, such reads are needed and, if the L2 cache is missed,
each cache line incurs these additional costs. All the costs measured
for large workloads beyond the size of the cache would have to be
increased by 9%/30% if the memory is remote to the processor.
Figure 5.4: Operating on Remote Memory
To see the effects in the real world we can measure the bandwidth as
in Section 3.5.1 but this time with the memory being on a
remote node, one hop away. The result of this test when compared
with the data for using local memory can be seen in
Figure 5.4. The numbers have a few big spikes
in both directions which are the result of a problem of measuring
multi-threaded code and can be ignored. The important information in
this graph is that read operations are always 20% slower. This is
significantly slower than the 9% in Figure 5.3, which is,
most likely, not a number for uninterrupted read/write operations and might
refer to older processor revisions. Only AMD knows.
For working set sizes which fit into the caches, the performance of
write and copy operations is also 20% slower. For working sets
exceeding the size of the caches, the write performance is not
measurably slower than the operation on the local node. The speed of
the interconnect is fast enough to keep up with the memory. The
dominating factor is the time spent waiting on the main memory.
Cross-site request forgery (CSRF or XSRF) is yet another web
application flaw that can have serious impacts. By exploiting
the trust that the targeted site has in a logged-in user, usually
encapsulated in a cookie, CSRF can perform actions on behalf of that user,
without any indication that the action took place. It shares many traits with
its better-known sibling, cross-site scripting (XSS), but,
unlike a site targeted via XSS (for login spoofing or cookie stealing for
example), the target web site can make changes to avoid CSRF.
A CSRF attack targets a specific web site, one that requires credentials
to perform actions. Financial and shopping sites are common targets, but
as described in last week's article on this page, home
routers and similar equipment are also targets. Another popular target is
sites like Digg, where users vote on
particular stories to increase their popularity; an attacker can drive more
traffic to a site of their choosing by using a CSRF exploit to add votes.
The exploit itself is typically contained in an <img> tag or form
submission, with Javascript sometimes used to hide the form submission.
The URL used causes some kind of side effect on the target website as long
as a properly authenticated cookie is delivered with the request. For
example, if LWN had a voting system, a tag like the
following could perform a CSRF exploit:
When the browser goes to fetch that "image", it helpfully sends along any
cookies that correspond to the domain; if the vote application wasn't
written correctly, anyone viewing the web page - and who was also logged-in to
LWN - would add a vote for the story. There would be no indication that
anything had happened, other than possibly a fleeting notice in the browser
noting a connection to LWN.
Getting the user to visit the page with the CSRF is done in the usual way,
via a link in email, instant message, or on another web page. CSRF does not
require inserting code into the vulnerable website, which is the hallmark of
XSS; instead it exploits the target from afar. The link the victim follows will
not in any way indicate the target site.
There are a few things that web application programmers can do to eliminate
CSRF problems; the basic idea is not to perform actions solely based on a
proper cookie. Just as some non-internet authentications require two forms
of identification, web applications should do the same. The second
identification should come from something other than the cookie, something
that can be known only by a properly authenticated user.
Two basic techniques are used, random form tokens or re-authentication.
For sensitive operations, the best protection is to require the user to
provide their credentials (username and password for example) before
performing the action. This can be cumbersome, so, for less sensitive
actions, hidden fields with random names and values can be inserted into
each form, associated with a particular session, and checked on form
submission. This isn't completely secure, as the values might be guessed,
but with sufficient randomness, it is good enough for many operations.
It should be noted that preventing CSRF requires that all XSS problems are
removed first. An XSS flaw can be used to retrieve the form,
then grab the random tokens before submitting the CSRF request. XSS may
also be able to spoof the user into entering their credentials, which would
allow the CSRF to bypass re-authentication as well.
CSRF has been called the "sleeping giant" of web application security
flaws, because it has yet to be exploited widely. It is only a matter of
time, web programmers should be making the changes needed to ensure that
their sites are not vulnerable.
SQL injection vulnerability in albums.php in Ampache before 3.3.3.5 allows
remote attackers to execute arbitrary SQL commands via the match
parameter. Session fixation vulnerability in Ampache before 3.3.3.5 allows
remote attackers to hijack web sessions via unspecified vectors.
Evil Ninja Squirrel discovered a stack-based buffer overflow in the
ir_fetch_seq() function when receiving a long response to a FETCH
command (CVE-2007-5007).
DenyHosts 2.6 does not properly parse sshd log files, which allows remote
attackers to add arbitrary hosts to the /etc/hosts.deny file and cause a
denial of service by adding arbitrary IP addresses to the sshd log file, as
demonstrated by logging in via ssh with a client protocol version
identification containing an IP address string, a different vector than
CVE-2006-6301.
Kees Cook discovered a flaw in the way the hplip hpssd daemon handled user
input. A local attacker could send a specially crafted request to the hpssd
daemon, possibly allowing them to run arbitrary commands as the root user.
The initscripts package do not set sufficiently restrictive permissions on
the /var/log/btmp file, leading to an information exposure vulnerability in
which users' passwords may be revealed to unprivileged users in cases when
the passwords have been inadvertently entered as usernames at some login
prompts.
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier,
JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier,
and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled,
allows remote attackers to violate the security model for an applet's
outbound connections via a DNS rebinding attack. (CVE-2007-5232)
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0
Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not
properly enforce access restrictions for untrusted applications, which
allows user-assisted remote attackers to obtain sensitive information (the
Java Web Start cache location) via an untrusted application, aka "three
vulnerabilities." (CVE-2007-5238)
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0
Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE
1.3.1_20 and earlier does not properly enforce access restrictions for
untrusted (1) applications and (2) applets, which allows user-assisted
remote attackers to copy or rename arbitrary files when local users perform
drag-and-drop operations from the untrusted application or applet window
onto certain types of desktop applications. (CVE-2007-5239)
Visual truncation vulnerability in the Java Runtime Environment in Sun JDK
and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK
and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows
remote attackers to circumvent display of the untrusted-code warning banner
by creating a window larger than the workstation screen. (CVE-2007-5240)
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier,
JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier,
and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used,
allows remote attackers to violate the security model for an applet's
outbound connections via a multi-pin DNS rebinding attack in which the
applet download relies on DNS resolution on the proxy server, but the
applet's socket operations rely on DNS resolution on the local machine, a
different issue than CVE-2007-5274. NOTE: this is similar to
CVE-2007-5232. (CVE-2007-5273)
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier,
JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier,
and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows
remote attackers to violate the security model for JavaScript outbound
connections via a multi-pin DNS rebinding attack dependent on the
LiveConnect API, in which JavaScript download relies on DNS resolution by
the browser, but JavaScript socket operations rely on separate DNS
resolution by a Java Virtual Machine (JVM), a different issue than
CVE-2007-5273. NOTE: this is similar to CVE-2007-5232. (CVE-2007-5274)
libvorbis has a number of vulnerabilities that can be triggered by
opening a specially crafted Ogg file. Vulnerabilities include
crashing and the execution of arbitrary code.
skkdic-expr.c insecurely writes temporary files to a location in the form
$TMPDIR/skkdic$PID.{pag,dir,db}, where $PID is the process ID. A local
attacker could create symbolic links in the directory where the temporary
files are written, pointing to a valid file somewhere on the filesystem
that is writable by the user running the SKK software. When SKK writes the
temporary file, the target valid file would then be overwritten with the
contents of the SKK temporary file.
It was discovered that Tk could be made to overrun a buffer when loading
certain images. If a user were tricked into opening a specially crafted GIF
image, remote attackers could cause a denial of service or execute
arbitrary code with user privileges.
A malicious user could send a long chat message with multibyte characters,
the server would truncate the message on a fixed length, without paying
attention to the multibyte characters. This led to invalid utf-8 on the
client and an uncaught exception was thrown.
Adobes acrobat reader has the following vulnerabilities:
The Adobe Reader Plugin has a cross site scripting vulnerability that
can be triggered by processes malformed URLs. Arbitrary JavaScript can
be served by a malicious web server, leading to a cross-site scripting
attack.
Maliciously crafted PDF files can be used to trigger two vulnerabilities,
if an attacker can trick a user into viewing the files, arbitrary code
can be executed with the user's privileges.
From the Mandriva advisory: "The recall_headers function in mod_mem_cache in Apache 2.2.4 does not
properly copy all levels of header data, which can cause Apache to
return HTTP headers containing previously-used data, which could be
used to obtain potentially sensitive information by unauthorized users."
The Apache HTTP Server did not verify that a process was an Apache child
process before sending it signals. A local attacker who has the ability to
run scripts on the Apache HTTP Server could manipulate the scoreboard and
cause arbitrary processes to be terminated, which could lead to a denial of
service. (CVE-2007-3304)
A flaw was found in the Apache HTTP Server mod_status module. Sites with
the server-status page publicly accessible and ExtendedStatus enabled were
vulnerable to a cross-site scripting attack. On Red Hat Enterprise Linux
the server-status page is not enabled by default and it is best practice to
not make this publicly available. (CVE-2006-5752)
From the Red Hat advisory: "A bug was found in Apache where an invalid Expect header sent to the server
was returned to the user in an unescaped error message. This could
allow an attacker to perform a cross-site scripting attack if a victim was
tricked into connecting to a site and sending a carefully crafted Expect
header."
A flaw was found in the mod_proxy module. On sites where a reverse proxy is
configured, a remote attacker could send a carefully crafted request that
would cause the Apache child process handling that request to crash. On
sites where a forward proxy is configured, an attacker could cause a
similar crash if a user could be persuaded to visit a malicious site using
the proxy. This could lead to a denial of service if using a threaded
Multi-Processing Module. (CVE-2007-3847)
A flaw was found in the mod_autoindex module. On sites where directory
listings are used, and the AddDefaultCharset directive has been removed
from the configuration, a cross-site-scripting attack may be possible
against browsers which do not correctly derive the response character set
following the rules in RFC 2616. (CVE-2007-4465)
A heap-based buffer overflow in the bx_ne2k_c::rx_frame function in
iodev/ne2k.cc in the emulated NE2000 device in Bochs 2.3 allows local users
of the guest operating system to write to arbitrary memory locations and
gain privileges on the host operating system via vectors that cause TXCNT
register values to exceed the device memory size, aka "RX Frame heap
overflow."
A vulnerability in Cacti 0.8.6i and earlier versions allows remote
authenticated users to cause a denial of service (CPU consumption) via
large values of the graph_start, graph_end, graph_height, or graph_width
parameters.
Multiple buffer overflows in Konst CenterICQ 4.9.11 through 4.21 allow
remote attackers to execute arbitrary code via unspecified vectors. NOTE:
the provenance of this information is unknown; the details are obtained
solely from third party information. NOTE: this might overlap
CVE-2007-0160.
A NULL pointer dereference has been discovered in the RAR VM of Clam
Antivirus (ClamAV) which allows user-assisted remote attackers to
cause a denial of service via a specially crafted RAR archives.
Several remote vulnerabilities have been discovered in the Clam anti-virus
toolkit. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-4510:
It was discovered that the RTF and RFC2397 parsers can be tricked
into dereferencing a NULL pointer, resulting in denial of service.
CVE-2007-4560:
It was discovered clamav-milter performs insufficient input
sanitizing, resulting in the execution of arbitrary shell commands.
Richard Harms discovered that cpio did not sufficiently validate file
properties when creating archives. Files with e. g. a very large size
caused a buffer overflow. By tricking a user or an automatic backup
system into putting a specially crafted file into a cpio archive, a
local attacker could probably exploit this to execute arbitrary code
with the privileges of the target user (which is likely root in an
automatic backup system).
The Vixie cron daemon does not check the return code from setuid(); if that call can be made to fail, a local attacker may be able to execute commands as root.
Will Drewry of the Google Security Team discovered several buffer overflows
in cscope, a source browsing tool, which might lead to the execution of
arbitrary code.
A buffer overflow in Cscope 15.5, and possibly multiple overflows, allows
remote attackers to execute arbitrary code via a C file with a long
#include line that is later browsed by the target.
Previous versions of the cups package could be forced to hang via a client
"partially negotiating" an ssl connection. In this state, cups would not
allow other connections to be made, a denial of service.
The gpdf library contains an integer overflow which can be exploited via a malicious PDF file. This code finds its way into multiple packages, including xpdf, kpdf, poppler, cups, and more.
Thomas de Grenier de Latour discovered that the checkrestart program included
in debian-goodies did not correctly handle shell meta-characters. A local
attacker could exploit this to gain the privileges of the user running
checkrestart.
From the rPath advisory: "Previous versions of the dovecot package are vulnerable to a
minor privilege escalation attack in which an authenticated
user may exploit an ACL plugin weakness to save message flags
without having proper permissions."
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot
before 1.0.rc29, when using the zlib plugin, allows remote attackers to
read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot)
sequence in the mailbox name.
A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop
1.6.18, and possibly earlier, allows user-assisted, malicious remote IRC
servers to execute arbitrary code via a long private message.
Arnaud Giersch discovered that elinks incorrectly attempted to load
gettext catalogs from a relative path. If a user were tricked into
running elinks from a specific directory, a local attacker could execute
code with user privileges.
The elinks text-mode browser has an arbitrary file access vulnerability
in the Elinks SMB protocol handler. If a user can be tricked into
visiting a specially crafted web page, arbitrary files may be read or
written with the user's permissions.
A format string error in the "write_html()" function in calendar/gui/
e-cal-component-memo-preview.c when displaying a memo's categories can
potentially be exploited to execute arbitrary code via a specially crafted
shared memo containing format specifiers.
From the GNOME
bugzilla: "The "SEQUENCE" value in the GData of the IMAP code
(camel-imap-folder.c) is converted from a string using strtol. This allows
for negative values. The imap_rescan uses this value as an int. It checks
for !seq and seq>summary.length. It doesn't check for seq <
0. Although seq is used as the index of an array."
The APOP protocol allows remote attackers to guess the first 3 characters
of a password via man-in-the-middle (MITM) attacks that use crafted message
IDs and MD5 collisions. NOTE: this design-level issue potentially affects
all products that use APOP, including (1) Thunderbird, (2) Evolution, (3)
mutt, and (4) fetchmail.
fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.
Colin Percival from FreeBSD reported that the previous fix for the
file_printf() buffer overflow introduced a new integer overflow. A remote
attacker could entice a user to run the file program on an overly large
file (more than 1Gb) that would trigger an integer overflow on 32-bit
systems, possibly leading to the execution of arbitrary code with the
rights of the user running file.
The Firebird DBMS has a buffer overflow vulnerability involving
the processing of connect requests with an overly large p_cnct_count
value. Remote attackers can send a specially crafted
request to the server in order to potentially execute arbitrary code with
the permissions of the Firebird user.
A flaw was discovered in handling of "about:blank" windows used by
addons. A malicious web site could exploit this to modify the contents,
or steal confidential data (such as passwords), of other web pages.
(CVE-2007-3844)
Jesper Johansson discovered that spaces and double-quotes were
not correctly handled when launching external programs. In rare
configurations, after tricking a user into opening a malicious web page,
an attacker could execute helpers with arbitrary arguments with the
user's privileges. (CVE-2007-3845)
shutdown and moz_bug_r_a4 reported two separate ways to modify an
XPCNativeWrapper such that subsequent access by the browser would result in
executing user-supplied code. (CVE-2007-3738)
Michal Zalewski reported that it was possible to bypass the same-origin
checks and read from cached (wyciwyg) documents It is possible to access
wyciwyg:// documents without proper same domain policy checks through the
use of HTTP 302 redirects. This enables the attacker to steal sensitive
data displayed on dynamically generated pages; perform cache poisoning; and
execute own code or display own content with URL bar and SSL certificate
data of the attacked page (URL spoofing++). (CVE-2007-3656)
Internet Explorer calls registered URL protocols without escaping quotes
and may be used to pass unexpected and potentially dangerous data to the
application that registers that URL Protocol. (CVE-2007-3670)
Ronald van den Heetkamp reported that a filename URL containing %00
(encoded null) can cause Firefox to interpret the file extension
differently than the underlying Windows operating system potentially
leading to unsafe actions such as running a program. This is only
accessible locally. (CVE-2007-3285)
An attacker can use an element outside of a document to call an event
handler allowing content to run arbitrary code with chrome
privileges. (CVE-2007-3737)
Ronen Zilberman and Michal Zalewski both reported that it was possible to
exploit a timing issue to inject content into about:blank frames in a
page. When opening a window from a script, it is possible to spoof the
content of the newly opened window's frames within a short time frame,
while the window is loading. (CVE-2007-3089)
Mozilla contributor moz_bug_r_a4 demonstrated that the methods
addEventListener and setTimeout could be used to inject script into another
site in violation of the browser's same-origin policy. This could be used
to access or modify private or valuable information from that other
site. (CVE-2007-3736)
As part of the Firefox 2.0.0.5 update releases Mozilla developers fixed
many bugs to improve the stability of the product. Some of these crashes
that showed evidence of memory corruption under certain circumstances and
we presume that with enough effort at least some of these could be
exploited to run arbitrary code. Note: Thunderbird shares the browser
engine with Firefox and could be vulnerable if JavaScript were to be
enabled in mail. This is not the default setting and we strongly discourage
users from running JavaScript in mail. Without further investigation we
cannot rule out the possibility that for some of these an attacker might be
able to prepare memory for exploitation through some means other than
JavaScript, such as large images. (CVE-2007-3734, CVE-2007-3735)
A stack-based buffer overflow in the local__vcentry_parse_value function in
vorbiscomment.c in flac123 (aka flac-tools or flac) before 0.0.10 allows
user-assisted remote attackers to execute arbitrary code via a large
comment value_length.
The Freetype font rendering library versions 2.3.4 and below
has an integer sign error. Remote attackers may be able to
create a specially crafted TrueType Font file with a negative
n_points value that will cause an integer overflow and heap-based
buffer overflow, allowing the execution of arbitrary code.
The FreeType library has several integer overflow vulnerabilities.
If a user can be tricked into installing a specially
crafted font file, arbitrary code can be executed with the privilege
of the user.
Multiple unspecified vulnerabilities in Gallery before 2.2.3 allow
attackers to (1) rename items, (2) read and modify item properties, or (3) lock and replace items
via unknown vectors in (a) the WebDAV module; and (4) edit unspecified data files using "linked
items" in (a) WebDAV and (b) Reupload modules.
The fastjar utility found in the GNU compiler collection does not perform adequate file path checking, allowing the creation or overwriting of files outside of the current directory tree.
The gd graphics library contains a buffer overflow which could enable a remote attacker to execute arbitrary code. Note that various other packages include code from gd and could also be vulnerable.
Integer overflow in gdImageCreateTrueColor function in the GD Graphics
Library (libgd) before 2.0.35 allows user-assisted remote attackers
to have unspecified remote attack vectors and impact. (CVE-2007-3472)
The gdImageCreateXbm function in the GD Graphics Library (libgd)
before 2.0.35 allows user-assisted remote attackers to cause a denial
of service (crash) via unspecified vectors involving a gdImageCreate
failure. (CVE-2007-3473)
Multiple unspecified vulnerabilities in the GIF reader in the
GD Graphics Library (libgd) before 2.0.35 allow user-assisted
remote attackers to have unspecified attack vectors and
impact. (CVE-2007-3474)
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted
remote attackers to cause a denial of service (crash) via a GIF image
that has no global color map. (CVE-2007-3475)
Array index error in gd_gif_in.c in the GD Graphics Library (libgd)
before 2.0.35 allows user-assisted remote attackers to cause
a denial of service (crash and heap corruption) via large color
index values in crafted image data, which results in a segmentation
fault. (CVE-2007-3476)
The (a) imagearc and (b) imagefilledarc functions in GD Graphics
Library (libgd) before 2.0.35 allows attackers to cause a denial
of service (CPU consumption) via a large (1) start or (2) end angle
degree value. (CVE-2007-3477)
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the
GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote
attackers to cause a denial of service (crash) via unspecified vectors,
possibly involving truetype font (TTF) support. (CVE-2007-3478)
Libgd2 has a denial of service vulnerability involving the incorrect
validation of PNG callback results. If an application that is linked
against libgd2 is used to process a specially-crafted PNG file,
a denial of service involving CPU resource consumption can be
caused.
A format string vulnerability has been discovered in gedit. Calling
the program with specially crafted file names caused a buffer
overflow, which could be exploited to execute arbitrary code with the
privileges of the gedit user.
It was discovered that a cross site scripting vulnerability in GForge,
a collaborative development tool, allows remote attackers to inject
arbitrary web script or HTML in the context of a logged in user's session.
The gimp image editor has several vulnerabilities, including
a problem where it can open PSD files with excessive dimensions
and a possible stack overflow in the Sunras loader.
Tavis Ormandy of the Google Security Team discovered two denial of service
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to hang or
crash.
Tavis Ormandy of the Google Security Team discovered several code execution
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to crash or
execute arbitrary code.
Kronolith contains a mistake in lib/FBView.php where a raw, unfiltered
string is used instead of a sanitized string to view local files. An
authenticated attacker could craft an HTTP GET request that uses directory
traversal techniques to execute any file on the web server as PHP code,
which could allow information disclosure or arbitrary code execution with
the rights of the user running the PHP application (usually the webserver
user).
The ImageMagick image decoders have multiple vulnerabilities.
If a user can be tricked into processing a specially crafted
DCM, DIB, XBM, XCF, or XWD image, arbitrary code may be executed with
the user's privileges.
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote
attackers to execute arbitrary code via (1) a crafted DCM image, which
results in a heap-based overflow in the ReadDCMImage function, or (2) the
(a) colors or (b) comments field in a crafted XWD image, which results in a
heap-based overflow in the ReadXWDImage function, different issues than
CVE-2007-1667.
The jpc_qcx_getcompparms function in jpc/jpc_cs.c could allow remote
user-assisted attackers to cause a denial of service (crash) and possibly
corrupt the heap via malformed image files.
java has multiple vulnerabilities, these include:
an RSA exponent padding attack vulnerability, two vulnerabilities
which allow untrusted applets to access data in other applets,
vulnerabilities that involve applets gaining privileges due to
serialization bugs in the JRE and buffer overflows in the java image
handling routines that can give attackers read/write/execute capabilities
for local files.
The Javadoc tool was able to generate HTML documentation pages that
contained cross-site scripting (XSS) vulnerabilities. A remote attacker
could use this to inject arbitrary web script or HTML. (CVE-2007-3503)
The Java Web Start URL parsing component contained a buffer overflow
vulnerability within the parsing code for JNLP files. A remote attacker
could create a malicious JNLP file that could trigger this flaw and execute
arbitrary code when opened. (CVE-2007-3655)
The JSSE component did not correctly process SSL/TLS handshake requests. A
remote attacker who is able to connect to a JSSE-based service could
trigger this flaw leading to a denial-of-service. (CVE-2007-3698)
A flaw was found in the applet class loader. An untrusted applet could use
this flaw to circumvent network access restrictions, possibly connecting to
services hosted on the machine that executed the applet. (CVE-2007-3922)
An integer overflow vulnerability exists in the embedded ICC profile
image parser (CVE-2007-2788), an unspecified vulnerability exists in
the font parsing implementation (CVE-2007-4381), and an error exists
when processing XSLT stylesheets contained in XSLT Transforms in XML
signatures (CVE-2007-3716), among other vulnerabilities.
According to this KDE advisory KDM can be
tricked into performing a password-less login even for accounts with a
password set under certain circumstances, namely autologin to be configured
and "shutdown with password" enabled. KDE versions 3.3.0 up to including
3.5.7 are vulnerable.
Kate / Kwrite, as shipped with KDE 3.2.x up to including 3.4.0, creates a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. See this advisory for more information.
The atalk_sum_skb function in AppleTalk for Linux kernel 2.6.x before
2.6.21, and possibly 2.4.x, allows remote attackers to cause a denial of
service (crash) via an AppleTalk frame that is shorter than the specified
length, which triggers a BUG_ON call when an attempt is made to perform a
checksum.
The decode_choice function in net/netfilter/bf_conntrack_h323_asn1.c in the
Linux kernel before 2.6.22 allows remote attackers to cause a denial of
service (crash) via an encoded, out-of-range index value for a choice
field, which triggers a NULL pointer dereference.
The IA32 system call emulation functionality in Linux kernel 2.4.x and
2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not
zero extend the eax register after the 32bit entry path to ptrace is used,
which might allow local users to gain privileges by triggering an
out-of-bounds access to the system call table using the %RAX register.
The Linux kernel has a boundary error problem with the
Omnikey CardMan 4040 driver read and write functions. This can be used
to cause a buffer overflow and possible execution or arbitrary code with
kernel privileges.
The ipv6_getsockopt_sticky function in
net/ipv6/ipv6_sockglue.c is vulnerable to a NULL pointer dereference.
Local users can use this to crash the kernel or to disclose kernel
memory.
A flaw in the ISDN CAPI subsystem could allow a remote user to cause a
denial of service or potential remote access. Exploitation would require
the attacker to be able to send arbitrary frames over the ISDN network to
the victim's machine.
A flaw in the perfmon subsystem on ia64 platforms could allow a local user
to cause a denial of service.
Linux kernel versions from 2.6.9 to 2.6.20 have a denial of service
vulnerability. A remote attacker can cause the key_alloc_serial
function's key serial number collision avoidance code to have a
null dereference, resulting in a crash.
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced
Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does
not return the correct write size, which allows local users to obtain
sensitive information (kernel memory contents) via a small count argument,
as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Sridhar Samudrala discovered a local denial of service vulnerability
in the handling of SCTP sockets. By opening such a socket with a
special SO_LINGER value, a local attacker could exploit this to crash
the kernel. (CVE-2006-4535)
Kirill Korotaev discovered that the ELF loader on the ia64 and sparc
platforms did not sufficiently verify the memory layout. By attempting
to execute a specially crafted executable, a local user could exploit
this to crash the kernel. (CVE-2006-4538)
The netlink protocol has an infinite recursion bug that allows users to
cause a kernel crash. Also the IPv6 protocol allows remote attackers to
cause a denial of service via crafted IPv6 type 0 route headers
(IPV6_RTHDR_TYPE_0) that create network amplification between two routers.
The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to
2.6.17, and possibly later versions, allows local users to cause a denial
of service (memory consumption) by writing more data to the serial port
than the driver can handle, which causes the data to be queued.
The Linux kernel before 2.6.20.1 allows remote attackers to cause a denial
of service (oops) via a crafted NFSACL 2 ACCESS request that triggers a free
of an incorrect pointer.
Ilja van Sprundel discovered that Bluetooth setsockopt calls could leak
kernel memory contents via an uninitialized stack buffer. A local attacker
could exploit this flaw to view sensitive kernel information.
(CVE-2007-1353)
The GEODE-AES driver did not correctly initialize its encryption key.
Any data encrypted using this type of device would be easily compromised.
(CVE-2007-2451)
The random number generator was hashing a subset of the available
entropy, leading to slightly less random numbers. Additionally, systems
without an entropy source would be seeded with the same inputs at boot
time, leading to a repeatable series of random numbers. (CVE-2007-2453)
From the MOKB-05-11-2006
advisory: "The ISO9660 filesystem handling code of the Linux
2.6.x kernel fails to properly handle corrupted data structures, leading to
an exploitable denial of service condition. This particular vulnerability
seems to be caused by a race condition and a signedness issue. When
performing a read operation on a corrupted ISO9660 fs stream, the
isofs_get_blocks() function will enter an infinite loop when
__find_get_block_slow() callback from sb_getblk() fails ("due to various
races between file io on the block device and getblk")."
Previous versions of the kernel package are subject to several
vulnerabilities. Certain malformed UDF filesystems can cause the system to
crash (denial of service). Malformed CDROM firmware or USB storage devices
(such as USB keys) could cause system crash (denial of service), and if
they were intentionally malformed, can cause arbitrary code to run with
elevated privileges. In addition, the SCTP protocol is subject to a remote
system crash (denial of service) attack.
A security issue has been reported in Linux kernel due to an error in
drivers/isdn/i4l/isdn_ppp.c as the "isdn_ppp_ccp_reset_alloc_state()"
function never initializes an event timer before scheduling it with the
"add_timer()" function.
The mincore function in the kernel does not properly lock access to user
space, which has unspecified impact and attack vectors, possibly related to
a deadlock.
Another vulnerability has been reported in Linux kernel caused by a
boundary error within the handling of incoming CAPI messages in
net/bluetooth/cmtp/capi.c. This can be exploited to overwrite certain
Kernel data structures.
The drm/i915 component in the Linux kernel before 2.6.22.2, when used with
i965G and later chipsets, allows local users with access to an X11 session
and Direct Rendering Manager (DRM) to write to arbitrary memory locations
and gain privileges via a crafted batchbuffer. (CVE-2007-3851)
Linux kernel 2.4.35 and other versions allows local users to send arbitrary
signals to a child process that is running at higher privileges by causing
a setuid-root parent process to die, which delivers an attacker-controlled
parent process death signal (PR_SET_PDEATHSIG). (CVE-2007-3848)
Stack-based buffer overflow in the random number generator (RNG)
implementation in the Linux kernel before 2.6.22 might allow local root
users to cause a denial of service or gain privileges by setting the
default wakeup threshold to a value greater than the output pool size,
which triggers writing random numbers to the stack by the pool transfer
function involving "bound check ordering". NOTE: this issue might only
cross privilege boundaries in environments that have granular assignment of
privileges for root. (CVE-2007-3105)
David Coffey discovered an uninitialized pointer free flaw in the
RPC library used by kadmind. A remote unauthenticated attacker who
could access kadmind could trigger the flaw causing kadmind to crash
or possibly execute arbitrary code (CVE-2007-2442).
David Coffey also discovered an overflow flaw in the same RPC library.
A remote unauthenticated attacker who could access kadmind could
trigger the flaw causing kadmind to crash or possibly execute arbitrary
code (CVE-2007-2443).
Finally, a stack buffer overflow vulnerability was found in kadmind
that allowed an unauthenticated user able to access kadmind the
ability to trigger the vulnerability and possibly execute arbitrary
code (CVE-2007-2798).
The kdamind daemon can, in some situations, perform operations on uninitialized pointers. This bug could conceivably open up the system to a code execution attack by an unauthenticated remote attacker, but it appears to be difficult to exploit. See this advisory for details.
Some kerberos applications fail to check the results of setuid() calls, with the result that, if that call fails, they could continue to execute as root after thinking they had switched to a nonprivileged user. A local attacker who can cause these calls to fail (through resource exhaustion, presumably) could exploit this bug to gain root privileges.
Tenable Network Security discovered a stack buffer overflow flaw in the RPC
library used by kadmind. A remote unauthenticated attacker who can access
kadmind could trigger this flaw and cause kadmind to crash.
Garrett Wollman discovered an uninitialized pointer flaw in kadmind. A
remote unauthenticated attacker who can access kadmind could trigger this
flaw and cause kadmind to crash.
A flaw was found in the username handling of the MIT krb5 telnet daemon
(telnetd). A remote attacker who can access the telnet port of a target
machine could log in as root without requiring a password. MIT krb5 Security Advisory 2007-001
Buffer overflows were found which affect the Kerberos KDC and the kadmin
server daemon. A remote attacker who can access the KDC could exploit this
bug to run arbitrary code with the privileges of the KDC or kadmin server
processes. MIT krb5 Security Advisory
2007-002
Bryan Burns of Juniper Networks discovered that KTorrent did not
correctly validate the destination file paths nor the HAVE statements
sent by torrent peers. A malicious remote peer could send specially
crafted messages to overwrite files or execute arbitrary code with user
privileges.
Stefan Cornelius from Secunia Research discovered that the
"parseIrcUrl()" function in file src/kvirc/kernel/kvi_ircurl.cpp does
not properly sanitize parts of the URI when building the command for
KVIrc's internal script system.
mirror --script in lftp before 3.5.9 does not properly quote shell
metacharacters, which might allow remote user-assisted attackers to execute
shell commands via a malicious script. NOTE: it is not clear whether this
issue crosses security boundaries, since the script already supports
commands such as "get" which could overwrite executable files.
libarchive, a library for manipulating different streaming archive
formats, has a number of pax extension header vulnerabilities.
These may be used to cause a denial of service or for the execution
of arbitrary code.
Integer overflow in the exif_data_load_data_entry function in exif-data.c
in libexif before 0.6.14 allows user-assisted remote attackers to cause a
denial of service (crash) or possibly execute arbitrary code via crafted
EXIF data, involving the (1) doff or (2) s variable.
Luigi Auriemma has reported various boundary errors in load_it.cpp and
a boundary error in the "CSoundFile::ReadSample()" function in
sndfile.cpp. A remote attacker can entice a user to read crafted modules
or ITP files, which may trigger a buffer overflow resulting in the
execution of arbitrary code with the privileges of the user running the
application.
In pngrutil.c, the function png_decompress_chunk() allocates
insufficient space for an error message, potentially overwriting stack
data, leading to a buffer overflow.
A heap based buffer overflow bug was found in the way libpng strips alpha
channels from a PNG image. An attacker could create a carefully crafted PNG
image file in such a way that it could cause an application linked with
libpng to crash or execute arbitrary code when the file is opened by a
victim.
Heap-based buffer overflow in libsndfile 1.0.17 and earlier might allow
remote attackers to execute arbitrary code via a FLAC file with crafted PCM
data containing a block with a size that exceeds the previous block size.
The t2p_write_pdf_string function in libtiff 3.8.2 and earlier is vulnerable
to a buffer overflow. Attackers can use a TIFF file with UTF-8 characters
in the DocumentName tag to overflow a buffer, causing a denial of service,
and possibly the execution of arbitrary code.
Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.
When fetching a remote resource via FTP or HTTP, libxml2 uses special
parsing routines. These routines can overflow a buffer if passed a very
long URL. If an attacker is able to find an application using libxml2 that
parses remote resources and allows them to influence the URL, then this
flaw could be used to execute arbitrary code.
libxml2 prior to version 2.6.14 has multiple buffer overflow
vulnerabilities, if a local user passes a specially crafted
FTP URL, arbitrary code may be executed.
The lighttpd web server has multiple vulnerabilities involving
a remote access-control setting circumvention that is performed
by the sending of malformed requests. This can be used to crash
the server and cause a denial of service.
Tatsuya Kinoshita discovered that Lookup, a search interface to electronic
dictionaries on emacsen, creates a temporary file in an insecure fashion
when the ndeb-binary feature is used, which allows a local attacker to
craft a symlink attack to overwrite arbitrary files.
An arbitrary command execute bug was found in the lynx "lynxcgi:" URI
handler. An attacker could create a web page redirecting to a malicious URL
which could execute arbitrary code as the user running lynx.
CVE-2007-4542: Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.
CVE-2007-4629: Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
From the Red Hat advisory: "Versions of mod_jk before 1.2.23 decoded request URLs by default inside
Apache httpd and forwarded the encoded URL to Tomcat, which itself did a
second decoding. If Tomcat was used behind mod_jk and configured to only
proxy some contexts, an attacker could construct a carefully crafted HTTP
request to work around the context restriction and potentially access
non-proxied content."
A flaw was discovered in MoinMoin's error reporting when using the
AttachFile action. By tricking a user into viewing a crafted MoinMoin
URL, an attacker could execute arbitrary JavaScript as the current
MoinMoin user, possibly exposing the user's authentication information
for the domain where MoinMoin was hosted.
A cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1
allows remote attackers to inject arbitrary web script or HTML via a style
expression in the search parameter.
MPlayer versions up to 1.0rc1 have a buffer overflow in the
loader/dmo/DMO_VideoDecoder.c DMO_VideoDecoder_Open function.
user-assisted remote attackers can use this to create a buffer overflow
and possibly execute arbitrary code.
MySQL subselect queries using "ORDER BY" can be used by an attacker with
access to a MySQL instance in order to create an intermittent denial
of service.
Jean-David Maillefer discovered a format string bug in the
date_format() function's error reporting. By calling the function with
invalid arguments, an authenticated user could exploit this to crash
the server.
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access
a table through a previously created MERGE table, even after the user's
privileges are revoked for the original table, which might violate intended
security policy (CVE-2006-4031).
MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run
on case-sensitive filesystems, allows remote authenticated users to create
or access a database when the database name differs only in case from a
database for which they have permissions (CVE-2006-4226).
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms
via SQL queries that contain the NULL character, which are not properly
handled by the mysql_real_query function. NOTE: this issue was originally
reported for the mysql_query function, but the vendor states that since
mysql_query expects a null character, this is not an issue for mysql_query.
Kurt Fitzner discovered that the NBD (network block device) server did not
correctly verify the maximum size of request packets. By sending specially
crafted large request packets, a remote attacker who is allowed to access
the server could exploit this to execute arbitrary code with root
privileges.
Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3
proxy server written by Igor Sysoev. The "msie_refresh" directive could
allow cross site scripting.
From the Red Hat advisory: A flaw was discovered in the way opal handled certain Session Initiation
Protocol (SIP) packets. An attacker could use this flaw to crash an
application, such as Ekiga, which is linked with opal. (CVE-2007-4924)
A heap overflow vulnerability has been discovered in the TIFF parsing
code of the OpenOffice.org suite. The parser uses untrusted values
from the TIFF file to calculate the number of bytes of memory to
allocate. A specially crafted TIFF image could trigger an integer
overflow and subsequently a buffer overflow that could cause the
execution of arbitrary code.
packet.c in ssh in OpenSSH allows remote attackers to cause a denial of
service (crash) by sending an invalid protocol sequence with
USERAUTH_SUCCESS before NEWKEYS, which causes newkeys[mode] to be NULL.
An unspecified vulnerability in portable OpenSSH before 4.4, when running
on some platforms, allows remote attackers to determine the validity of
usernames via unknown vectors involving a GSSAPI "authentication abort."
Openssh 4.4 fixes some
security issues, including a pre-authentication denial of service, an
unsafe signal hander and on portable OpenSSH a GSSAPI authentication abort
could be used to determine the validity of usernames on some platforms.
From the Debian advisory: An off-by-one error has been identified in the SSL_get_shared_ciphers()
routine in the libssl library from OpenSSL, an implementation of Secure
Socket Layer cryptographic libraries and utilities. This error could
allow an attacker to crash an application making use of OpenSSL's libssl
library, or potentially execute arbitrary code in the security context
of the user running such an application.
The Opera browser has multiple vulnerabilities.
The JavaScript engine is vulnerable to a virtual function call on an invalid pointer that can be triggered by specially crafted JavaScript.
A freed pointer in the BitTorrent support may be
accessed, this can be used for malicious code execution.
The browser is vulnerable to several memory read protection
errors. There are URI display errors that can be used to trick
users into visiting arbitrary web sites.
A flaw was found in the way pam_console set console device permissions. It
was possible for various console devices to retain ownership of the console
user after logging out, possibly leaking information to an unauthorized
user.
A denial of service flaw was found in the way PHP processed a deeply nested
array. A remote attacker could cause the PHP interpreter to crash by
submitting an input variable with a deeply nested array. (CVE-2007-1285)
A flaw was found in the way the mbstring extension set global variables. A
script which used the mb_parse_str() function to set global variables could
be forced to enable the register_globals configuration option, possibly
resulting in global variable injection. (CVE-2007-1583)
A flaw was discovered in the way PHP's mail() function processed header
data. If a script sent mail using a Subject header containing a string from
an untrusted source, a remote attacker could send bulk e-mail to unintended
recipients. (CVE-2007-1718)
A heap based buffer overflow flaw was discovered in PHP's gd extension. A
script that could be forced to process WBMP images from an untrusted source
could result in arbitrary code execution. (CVE-2007-1001)
The file_exists and imap_reopen functions in PHP before 5.1.5 do not check
for the safe_mode and open_basedir settings, which allows local users to
bypass the settings (CVE-2006-4481).
A buffer overflow in the LWZReadByte function in ext/gd/libgd/gd_gif_in.c
in the GD extension in PHP before 5.1.5 allows remote attackers to have an
unknown impact via a GIF file with input_code_size greater than
MAX_LWZ_BITS, which triggers an overflow when initializing the table array
(CVE-2006-4484).
The stripos function in PHP before 5.1.5 has unknown impact and attack
vectors related to an out-of-bounds read (CVE-2006-4485).
The Hardened-PHP Project discovered buffer overflows in
htmlentities/htmlspecialchars internal routines to the PHP Project. Of
course the whole purpose of these functions is to be filled with user
input. (The overflow can only be when UTF-8 is used)
It was discovered that phpbb2, a web based bulletin board, insufficiently
sanitizes values passed to the "Font Color 3" setting, which might lead to
the execution of injected code by admin users.
The phpbb2 web forum has a number of vulnerabilities including:
a web script injection problem, a protection mechanism bypass, a
security check bypass, a remote global variable bypass, cross site
scripting vulnerabilities, an SQL injection vulnerability,
a remote regular expression modification problem, missing input
sanitizing, and a missing request validation problem.
Several remote vulnerabilities have been discovered in phpMyAdmin, a
program to administrate MySQL over the web. The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2007-1325:
The PMA_ArrayWalkRecursive function in libraries/common.lib.php
does not limit recursion on arrays provided by users, which allows
context-dependent attackers to cause a denial of service (web
server crash) via an array with many dimensions.
CVE-2007-1395:
Incomplete blacklist vulnerability in index.php allows remote
attackers to conduct cross-site scripting (XSS) attacks by
injecting arbitrary JavaScript or HTML in a (1) db or (2) table
parameter value followed by an uppercase </SCRIPT> end tag,
which bypasses the protection against lowercase </script>.
CVE-2007-2245:
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary web script or HTML via (1) the
fieldkey parameter to browse_foreigners.php or (2) certain input
to the PMA_sanitize function.
CVE-2006-6942:
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary HTML or web script via (1) a comment
for a table name, as exploited through (a) db_operations.php,
(2) the db parameter to (b) db_create.php, (3) the newname parameter
to db_operations.php, the (4) query_history_latest,
(5) query_history_latest_db, and (6) querydisplay_tab parameters to
(c) querywindow.php, and (7) the pos parameter to (d) sql.php.
CVE-2006-6944:
phpMyAdmin allows remote attackers to bypass Allow/Deny access rules
that use IP addresses via false headers.
A cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin
4.1.1 allows remote attackers to inject arbitrary web script or HTML via
the server parameter.
PostgreSQL 8.1 and probably later and earlier versions, when local trust
authentication is enabled and the Database Link library (dblink) is
installed, allows remote attackers to access arbitrary accounts and execute
arbitrary SQL queries via a dblink host parameter that proxies the
connection from 127.0.0.1. (CVE-2007-3278)
PostgreSQL 8.1 and probably later and earlier versions, when the PL/pgSQL
(plpgsql) language has been created, grants certain plpgsql privileges to
the PUBLIC domain, which allows remote attackers to create and execute
functions, as demonstrated by functions that perform local brute-force
password guessing attacks, which may evade intrusion
detection. (CVE-2007-3279)
The Database Link library (dblink) in PostgreSQL 8.1 implements functions
via CREATE statements that map to arbitrary libraries based on the C
programming language, which allows remote authenticated superusers to map
and execute a function from any library, as demonstrated by using the
system function in libc.so.6 to gain shell access. (CVE-2007-3280)
The ProFTPD Auth API has an authentication bypass vulnerability.
When multiple simultaneous authentication modules are configured,
the ProFTPD module that checks authentication is not necessarily
the same module that retrieves authentication data. This can be
used by remote attackers to bypass the authentication system.
From the Red Hat advisory: A memory management flaw was discovered in PWLib. An attacker could use this
flaw to crash an application, such as Ekiga, which is linked with pwlib
(CVE-2007-4897).
Format string bugs were found in several Qt warning messages.
Applications using Qt for processing certain data types could
trigger them if the data caused Qt to print warnings. The bugs
potentially allow to execute arbitrary code via specially crafted
files (CVE-2007-3388).
A buffer overflow was found in how Qt expanded malformed Unicode strings.
If an application linked against Qt parsed a malicious Unicode string, it
could lead to a denial of service or potentially allow for the execution of
arbitrary code.
The bgpd daemon in Quagga prior to 0.99.9 allowed remote BGP peers to cause
a denial of service crash via a malformed OPEN message or COMMUNITY
attribute.
The redhat cluster suite's
cluster manager is vulnerable to a remote attack. Attackers
can connect to the DLM port and block subsequent DLM operations,
resulting in a denial of service.
Multiple off-by-one errors in the sender.c in rsync 2.6.9 might allow
remote attackers to execute arbitrary code via directory names that are not
properly handled when calling the f_name function.
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site.
From the Samba advisory: When the rfc2307 or sfu nss_info plugin has been enabled, in
the absence of either the RFC2307 or SFU primary group attribute,
Winbind will assign a primary group ID of 0 to the domain user
queried using the getpwnam() C library call.
Star saves many files together into a single tape or disk archive,
and can restore individual files from the archive. Star supports ACL.
Version 1.5a84 fixes a directory traversal vulnerability.
An unspecified vulnerability involving an "incorrect use of system
classes" was reported by the Fujitsu security team. Additionally, Chris
Evans from the Google Security Team reported an integer overflow
resulting in a buffer overflow in the ICC parser used with JPG or BMP
files, and an incorrect open() call to /dev/tty when processing certain
BMP files.
Ulf Harnhammar (Secunia Research) has discovered a format string
vulnerability in sylpheed and claws-mail in inc_put_error() function in
src/inc.c when displaying POP3 error reply. The problem can be exploited
by malicious POP3 server via specially crafted POP3 server replies
containing format specifiers. See this Secunia advisory for more
information.
T1lib, an enhanced rasterizer for X11 Type 1 fonts, does
not properly perform bounds checking. An attacker can send
specially crafted input to applications linked against the library in
order to create a buffer overflow, resulting in a denial of service
or the execution of arbitrary code.
The tar utility has a symlink path traversal vulnerability involving
extracted archives. Maliciously created tar archives can be used to
write arbitrary data to files that the tar user has write access to.
An integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6
and earlier allows remote attackers to execute arbitrary code via crafted
TLVs in a BGP packet, related to an unchecked return value.
Off-by-one buffer overflow in the parse_elements function in the 802.11
printer code (print-802_11.c) for tcpdump 3.9.5 and earlier allows remote
attackers to cause a denial of service (crash) via a crafted 802.11
frame. NOTE: this was originally referred to as heap-based, but it might be
stack-based.
The TCP wrapper library can improperly allow connections to services
that do not have server-side connection details specified.
Remote attackers can connect to blocked services.
A buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in
teTeX might allow user-assisted remote attackers to overwrite files and
possibly execute arbitrary code via a long filename. NOTE: other overflows
exist but might not be exploitable, such as a heap-based overflow in the
check_idx function.
From the Gentoo advisory: Reinhard Max discovered a boundary error in Tk when processing an
interlaced GIF with two frames where the second is smaller than the
first one.
Some JSPs within the 'examples' web application did not escape user
provided data. If the JSP examples were accessible, this flaw could allow a
remote attacker to perform cross-site scripting attacks (CVE-2007-2449).
Note: it is recommended the 'examples' web application not be installed on
a production system.
The Manager and Host Manager web applications did not escape user provided
data. If a user is logged in to the Manager or Host Manager web
application, an attacker could perform a cross-site scripting attack
(CVE-2007-2450).
Tomcat was found treating single quote characters -- ' -- as delimiters in
cookies. This could allow remote attackers to obtain sensitive information,
such as session IDs, for session hijacking attacks (CVE-2007-3382).
It was reported Tomcat did not properly handle the following character
sequence in a cookie: \" (a backslash followed by a double-quote). It was
possible remote attackers could use this failure to obtain sensitive
information, such as session IDs, for session hijacking attacks
(CVE-2007-3385).
A cross-site scripting (XSS) vulnerability existed in the Host Manager
Servlet. This allowed remote attackers to inject arbitrary HTML and web
script via crafted requests (CVE-2007-3386).
mount and umount in util-linux call the setuid and setgid functions in the
wrong order and do not check the return values, which might allow attackers
to gain privileges via helpers such as mount.nfs.
During an internal audit, Raphael Marichez of the Gentoo Linux Security
Team found that Vixie Cron has weak permissions set on Gentoo, allowing
for a local user to create hard links to system and users cron files,
while a st_nlink check in database.c will generate a superfluous error.
The wireshark network traffic analyzer has three vulnerabilities
that can be used to create a denial of service. These include
off-by-one overflows in the iSeries dissector, vulnerabilities in
the MMS and SSL dissectors that can cause an infinite loop and
an off-by-one overflow in the DHCP/BOOTP dissector.
xorg-x11 has a number of integer and heap overflow vulnerabilities in
the xfs font server. A local attacker may be able to use these for
the execution of arbitrary code with elevated privileges.
pygrub (tools/pygrub/src/GrubConf.py) in Xen 3.0.3, when booting a guest
domain, allows local users with elevated privileges in the guest domain to
execute arbitrary commands in domain 0 via a crafted grub.conf file whose
contents are used in exec statements.
iDefense reported an integer overflow flaw in the XFree86 XC-MISC
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or potentially execute arbitrary code with root
privileges on the XFree86 server. (CVE-2007-1003)
iDefense reported two integer overflows in the way X.org handled various
font files. A malicious local user could exploit these issues to
potentially execute arbitrary code with the privileges of the X.org server.
(CVE-2007-1351, CVE-2007-1352)
An integer overflow flaw was found in the XFree86 XGetPixel() function.
Improper use of this function could cause an application calling it to
function improperly, possibly leading to a crash or arbitrary code
execution. (CVE-2007-1667)
Moritz Jodeit discovered that the DirectShow loader of Xine did not
correctly validate the size of an allocated buffer. By tricking a user
into opening a specially crafted media file, an attacker could execute
arbitrary code with the user's privileges.
xine-lib does an improper input data boundary check on
MPEG streams. A specially crafted MPEG file can be
created that can cause arbitrary code execution when the
file is accessed.
xmms suffers from vulnerabilities in its handling of BMP images. Should a hostile image be included in an xmms skin, it could lead to code execution on the user's system.
The X.Org X11 xfs font server has a temp file vulnerability in the
startup script. A local user can modify the permissions of the script
in order to elevate their local privileges.
Previous versions of the xterm package assigned incorrect ownership and
write permissions to pseudo-terminal devices, permitting local users to
direct output to other users' xterm sessions.
There is no mainline 2.6 prepatch as of this writing; the 2.6.24
merge window remains open. Patches are flowing into the mainline
repository at a high rate; see the article below for the highlights.
The current -mm tree is 2.6.23-mm1. Recent changes to
-mm include a new power management "quality of service" infrastructure, a
number of ext4 updates, and the kernel markers patch.
The current stable 2.6 kernel is 2.6.23.1, released on October 12.
This update contains a single fix for a corruption problem in the
sata_mv driver.
For older kernels: 2.6.16.55 was released on
October 14 with several security fixes.
-The limit on the length of lines is 80 columns and this is a hard limit.
+The limit on the length of lines is 80 columns and this is a strongly
+preferred limit.
The 2.6.24 merge window is open and, as of this writing, some 5,600 patches
have found their way into the mainline. As usual, the list of changes is
extensive. Some of the highlights among user-visible changes are:
New drivers have been added for
Toshiba TCM825x cameras (as found in the Nokia N800),
Conexant cx23415 MPEG encoders (in framebuffer mode),
Dual-DVB-T tuners,
DiBcom DiB0070 tuners,
Microtune MT2131 tuners,
Samsung S5H1409 demodulators,
Conexant CX23885/CX23887 PCIe bridge devices,
Samsung LTV350QV LCD panel backlights,
Kingsun KS-959 and "Dazzle" IrDA USB dongles,
ADMtek ADM8211-based wireless network adapters,
Marvell Libertas 8385 CF wireless adapters,
Intel 82598-based 10GbE network cards,
Intel PRO/Wireless 3945ABG/BG and Link AGN adapters (finally),
IP1000 Gigabit Ethernet cards,
ICH9 on-board Ethernet adapters,
Tehuti Networks 10G Ethernet adapters,
Sonics Silicon Backplane busses,
several Ralink wireless adapters,
"EMAC" built-in PowerPC ethernet controllers,
Sun Neptune Ethernet adapters,
Winchiphead CH341 USB-RS232 converters,
Atmel AT32AP7000 USB device controllers,
Blackfin bf548 ATAPI controllers,
Atmel AVR32 parallel ATA controllers,
National Semiconductor NS87415 parallel ATA controllers,
Olympus MAUSB-10 and Fujifilm DPC-R1 flash card readers (which have
the nice feature of allowing direct flash access without an
intervening translation layer),
TI DaVinci I2C controllers,
Analog Devices ADT7470 temperature monitoring chips,
IBM PowerExecutive power/temperature sensors,
TI AR7 CPMAC Ethernet controllers,
Siemens SX1 phones,
Dallas Semiconductor DS1374 realtime clock chips,
Atmel AT73C213 external sound devices,
Cirrus Logic CS4270 codec devices,
Gallant SC-6000 Audio Excel DSPs, and
Atmel AT32AP and AT91 on-chip synchronous serial controllers.
The Broadcom BCM43xx driver has been replaced by a new version which
uses the mac80211 layer. Actually, there's two drivers: "b43" for
newer adapters, and "b43legacy" for older 802.11b and 802.11g
devices.
The "dgrs" Digi RightSwitch driver has been removed from the kernel.
This product, evidently, was never actually sold, so there should not
be a whole lot of users inconvenienced by this change.
The kernel now has basic support for SDIO peripherals. There is also
now driver support for MMC/SD cards accessed via SPI controllers.
The CFS group scheduling
code has been merged. As of this writing, though, the feature cannot
actually be turned on because the control groups code has not yet been
merged. There is also a per-UID fair scheduling option which does work now.
There is now support for RPC-based RDMA and the ability to mount NFS
filesystems using RDMA.
The traffic shaper, which limits bandwidth usage on network links, has
been marked obsolete and scheduled for removal in 2.6.25. The much
more flexible qdisc subsystem should be used instead.
Allocation of UDP port numbers is now randomized.
The netconsole code can now support multiple logging targets.
Support for network namespaces has been added, enabling the
virtualization of network-related resources in containers. Also
merged is a virtual Ethernet driver which can be used to create
network tunnels into (and out of) containers.
The Authenticated chunks
protocol for the stream control transmission protocol (SCTP) is supported.
A new "stateless NAT" implementation performs IPv4 network address
translation in a much more resource-efficient manner.
A new hidraw device provides access to a stream of
unprocessed input device events for applications which have special
needs in this area.
The per-device write
throttling patches have been merged; these patches should help the
system keep heavy traffic on one block device from starving other
devices. The floating
proportions patch, needed to support per-device throttling, has
also gone in.
There is a new sysctl flag for the out-of-memory killer
(oom_kill_allocating_task). If this flag is set, the OOM
killer will simply kill the process whose allocation brings about the
out-of-memory situation instead of scanning through the system looking
for better targets.
Disk quota messages can now be delivered via a netlink socket. This
should make it easier for graphical environments to inform the user
when disk quota problems are encountered.
The new F_DUPFD_CLOEXEC command causes fcntl() to
duplicate a file descriptor and set the close-on-exec flag from the
beginning.
Block reservations have been added to the ext2 filesystem.
The Linux security module interface is now a non-module interface: the
ability to load security modules on the fly has been removed.
Important changes visible to kernel developers include:
As expected, the i386/x86_64
architecture merger has happened. The result is a single
architecture, called "x86," which can be built for 32-bit and 64-bit
processors.
The Video4Linux layer has some new internal support for composite
devices involving more than one driver (many V4L2 devices involve, at
a minimum, separate drivers for the controller and the sensor).
Also in Video4Linux: the video-buf layer has been replaced with a more
generic implementation which works with a wider range of devices
(including USB devices and those which do not support scatter/gather
DMA).
The NAPI interface used in network drivers has been reworked to better
support devices with multiple transmit queues.
The networking layer has a new function for printing MAC addresses:
char *print_mac(char *buf, const u8 *addr);
The buf buffer should be declared with
DECLARE_MAC_BUF(); the output is suitable for formatting in
printk() with "%s".
The NETIF_F_LLTX (lockless transmit) flag for network devices
has been deprecated and should not be used in new code.
The functions ktime_sub_us() and ktime_sub_ns() have
been added; they subtract the given number of microseconds or
nanoseconds from a ktime_t value.
The hard_header() method has been removed from struct
net_device; it has been replaced by a per-protocol
header_ops structure pointer.
The debugfs filesystem has some new functions
(debugfs_create_x8(), debugfs_create_x16(),
debugfs_create_x32()) which make it easy to export files
containing hexadecimal numbers.
Various small sysfs-related API changes have been made. The
name field has been removed from the kobject
structure. The prototypes of the user-event callbacks have been
changed. Many of the subsystem-related calls have been removed -
subsystems never really did much of anything anyway;
get_bus() and put_bus() are also gone.
A new value DMA_MASK_NONE can be stored in the
device structure dma_mask field to indicate that the
device is incapable of performing DMA.
The VFS has a couple of new address space operations
(write_begin() and write_end()) aimed at fixing some
deadlock scenarios; see this article
for more information.
The scatterlist chaining
patches have been merged and many parts of the kernel have been
updated to use this feature.
The CFLAGS= and CPPFLAGS= options now work with the
kernel build system in the expected way: they add flags to be passed
to the C compiler and preprocessor, respectively.
The prototype for slab constructor callbacks has changed to:
The unused flags argument has been removed and the order of
the other two arguments has been reversed to match other slab
functions.
The DECLARE_MUTEX_LOCKED() macro has been removed.
The long-deprecated SA_* interrupt flags have been removed in
favor of the IRQF_* equivalents.
A number of block layer utilities have seen prototype changes. The
most evident change, perhaps, is bio_endio() and the
associated bio_end_io_t callback:
void bio_endio(struct bio *bio, int error);
typedef void (bio_end_io_t) (struct bio *, int);
These functions now always completes the entire BIO, so the size
argument has been removed.
As of this writing, the 2.6.24 merge window can be expected to remain open
for up to another week. So expect more changes to go into the mainline
before this development cycle goes into the stabilization phase.
The Completely Fair Scheduler (CFS) was merged for the 2.6.23 kernel. One
CFS feature which did not get in, though, was the group scheduling facility.
Group scheduling makes the CFS fairness algorithm operate in a hierarchical
fashion: processes are divided into groups, and, within each group,
processes are scheduled fairly against one another. At the higher level,
each group as a whole is given a fair share of the processor. The grouping
of processes is done in user space in a highly flexible manner; the control
groups (formerly "process containers") mechanism allows a management daemon
to classify processes according to almost any policy.
One of the reasons why group scheduling did not get into 2.6.23 is that the
control groups patch was not ready for merging. Your editor had expected
control groups to go in for 2.6.24, but, as of this writing, it is looking
like that patch might still be under too much active development to get
into the mainline. The group scheduling feature is not waiting, though; it
has been merged for the 2.6.24 release. In the absence of control groups,
the general group scheduling mechanism will not be available. Over the
last few months, though, the group scheduler has evolved a new feature which will
allow it to be used without control groups, and which implements what is
likely to be the most common use case.
That feature is per-user scheduling: creating a separate group for each
user running on the system and using those groups to give each user a fair share of the
processor. Since the groups are created implicitly by the scheduler, there
is no separate need for the control groups interface. Instead, if the
"fair user" configuration option is selected, the per-user group scheduling
will go into effect with no further intervention by the administrator
required.
Of course, once the system provides fair per-user scheduling,
administrators will immediately want to make it unfair by arranging for
some users to get more CPU time than others. The age-old technique of
raising the priority of that crucial administrative wesnoth process still
works, but it is a crude and transparent tool. It would be much nicer to
be able to tweak the scheduler so that certain users get a higher share of
the CPU for the running of their crucial games video
diagnostic tools.
To achieve such ends with the 2.6.24 scheduler, it will only be necessary
to go to the new sysfs directory /sys/kernel/uids. There will be
a subdirectory there for every active user ID on the system, and each
subdirectory will contain a file called cpu_share. The integer
value found in that file defaults to 1024. For the purposes of adjusting
scheduling, all that really matters with the cpu_share value is
its ratio between two users. If one user's cpu_share is set to
2048, that user will get twice as much CPU time as any one user whose value
remains at the default 1024. The end result is that adjusting the
scheduling of the CPU between users is quite easy for the administrator to
do.
A rather large number of other patches was also merged for 2.6.24. Most of
those are cleanups and small improvements. Some of the math within the
scheduler has been made less intensive, and fairness has been improved in a
number of ways. There is also a new facility for performing guest CPU
accounting for virtualized systems running under KVM. It's a lot of
patches, but the rate of change in the core CPU scheduler should be
beginning to slow down again.
There are some other scheduler-related patches in the works, though. A
couple of them address the problem of getting realtime tasks into a CPU
promptly. Normally, the CPU scheduler will make a significant effort to
avoid moving processes between CPUs because the cost of that migration
(resulting from lost memory cache contents) is high. If a realtime process
wants to run, though, the system is obligated to give it a processor even
if there is a price to be paid in terms of overall throughput. The current
CPU scheduler, however, will cause a realtime process to languish if a
higher-priority process is running on the same CPU, even if other
processors are available in the system.
Fixing this problem involves a couple of different patches. This one from Steven Rostedt
addresses the situation where the scheduling of one realtime task causes a
lower-priority (but still realtime) task to be pushed out of the CPU.
Rather than leave that luckless task in the run queue, Steven's patch
searches through the other processors on the system to find the one running
the lowest-priority process. If a processor running a sufficiently
low-priority process is found, the displaced realtime process is moved over
to that processor.
Gregory Haskins has posted a
similar patch which addresses a slightly different situation: a
realtime task has just been awakened, but the CPU it is on is already
running a higher-priority process. Once again, a search of the system to
find the lowest-priority CPU is performed, with the realtime process being
moved if a suitable home is found. In either case, the moved process will
suffer a small performance hit as it finds a completely cold cache waiting
for it. But it will still be able to respond much more quickly to the real
world than it would if it were sitting on a run queue somewhere; that, of
course, is what realtime scheduling is all about.
Another issue which has come up in some situations is that the accuracy of
fair scheduling decisions is constrained by the scheduler tick frequency.
In the absence of external events (such as I/O completions), one process
can only preempt another when the periodic timer tick comes in. As a
result, processes might run longer than their time slices would otherwise
allow. The scheduler will compensate for the extra time used by that process
by causing it to wait longer than it otherwise would for its next time
slice. The result is fair scheduling, but higher latencies than one might
like.
Peter Zijlstra has posted a
solution to this problem: a patch which uses the high-resolution timer
mechanism to preempt processes exactly at the end of their time slices.
When the scheduler notes that a time slice will run out between timer
ticks, it arranges for a special one-time timer interrupt at the time slice
expiration time. When that interrupt arrives, the running process can be
turfed out right on schedule. As a result, the process will not overrun
its time slice and will not have to face a longer-than-usual wait before it
is able to run again.
Mike Galbraith has reported that this patch
results in reduced context switching on his system, and higher throughput
as well. So it looks like the right solution to the problem, at least in
the absence of a true dynamic tick mechanism. The current dynamic tick
code turns off the periodic clock interrupt when the processor is idle, but
that interrupt continues to run when the processor is busy. In a fully
dynamic environment, periodic ticks would never be used and special
interrupts at the end of time slices would be the normal way of doing
business. Implementing full dynamic tick is a big job, though; in the
meantime the addition of an occasional extra tick can help the scheduler to
do a quick and accurate job.
Deeply buried in the 2.6.24 patch stream is a set of significant changes to
the VFS layer internal API. The core motivation behind this work is to
prevent some deadlock problem which, with the old API, could not be avoided
without taking a significant performance hit. Anybody maintaining an
out-of-tree filesystem will want to have a look and be prepared to start
fixing up their code.
In the older VFS API, two address space operations are provided by
filesystems to support writes to files:
A call to prepare_write() notifies the filesystem that the VFS
intends to write bytes begin..end of file into the given
page. It is then the filesystem's responsibility to make sure
that the write will work (allocating blocks if need be) and, if a partial
block is to be written, the filesystem should populate page with
the full block's data. Later on, the call to commit_write() tells
the filesystem that the data has been copied into page and can be
committed to disk.
The problem with this API is that the VFS is expected to pass a locked page
into prepare_write(). There are a number of scenarios which can
lead to attempts to lock that page twice, bringing the system to a halt.
To avoid this problem, Nick Piggin has created replacements for
prepare_write() and commit_write():
There are a number of changes, but the key is the fact that a page is no
longer passed into write_begin(). Instead, that function should
allocate the page itself and return it (locked) to the VFS. The call to
write_end() indicates that the write is complete; it should unlock
the page and update the inode's i_size field.
The new copied parameter is also important: it is the number of
bytes which were actually copied into the page, which might be smaller than
len predicted.
Some of the possible deadlock scenarios involve the handling
of page faults while the destination page is locked; a trivial example is
when the data being written to the page is also being read from that page.
With the new API, a page fault terminates the copying of the data, allowing
the page to be unlocked. The fault can be handled while the destination
page is unlocked, avoiding the deadlock problems.
The possibility of short writes does impose an extra cost on filesystems:
any data which may be overwritten must be read in regardless, just in case
the write
operation ends prematurely. There are times, however, when the VFS knows
that writes will go the full length; in particular, writes from buffers
which are in kernel space must succeed. When such a write is executed, the
VFS will pass the AOP_FLAG_UNINTERRUPTIBLE flag to
write_begin() to let the filesystem know that short writes are not
a possibility.
For now, the prepare_write() and commit_write() VFS
methods are still supported in the kernel. If a filesystem does not
provide the newer functions, the older ones will be used. The long-term
plan almost certainly involves the removal of those methods, though; they
cannot be supported in a way which is simultaneously safe and fast.
On October 17, 2007 Slackware Patrick Volkerding released all the changes that have happened so far in
the next version of Slackware.
So far much of the work has gone into updating packages with security
issues. Mozilla Firefox and Thunderbird have been upgraded to 2.0.0.6 and
Seamonkey is at version 1.1.4. Other packages with security updates
include BIND, xpdf, qt, poppler, gimp, tcpdump, samba, PHP, OpenSSH,
OpenSSL and Java packages.
Lots of X packages have been updated and the current version of X.Org is
7.3. Many KDE packages have also been updated to 3.5.8. The kernel in use
is 2.6.23.1. It seems likely that all of these packages will be updated to
newer versions before the next version of Slackware becomes finalized.
rPath Linux has released updated images for rPath Linux 1. "The new
images incorporate updates to the installation process and all package
updates released as of September 26, 2007. In particular, the
installation images and installed system now include a 2.6.22.7 Linux
kernel, enabling installation on more recent hardware not supported by
previous installation media. (Linux kernels for Xen support are 2.6.16.33
in this release.)" Current rPath users should update using Conary.
The release candidate for the Ubuntu 7.10 "gutsy" release is now
available. "We consider this release candidate to be complete, stable, and suitable for
testing by any user.
The final release of version 7.10 is scheduled for 18 October 2007 and will
be supported for 18 months on both desktops and servers."
See the release
notes for details about Ubuntu 7.10.
DebianGis is a sub-project launched at the end of 2004. The main goal of
DebianGis has been making Debian the best GNU/Linux distribution oriented
to serious Geographical Information Systems (GIS) users and applications.
Click below to see a project status report.
Here's a status report from the Debian Testing Security team.
"Thanks to an increased size of our team, Debian Lenny is in good
shape with respect to security and has been so for some time. We expect to
be able to keep up this level of security support (at least) until the
release of Lenny."
Debian's Tcl/Tk team has previously announced to all interested maintainers
(those whose packages depend on Tcl/Tk) that there is an ongoing effort to draft a
policy for team maintenance of Tcl/Tk main packages and their
modules/extensions. This announcement is to the larger audience of all
maintainers in order to inform also people who could be interested in
packaging Tcl/Tk related packages in the next future. Click below for more
information.
The Fedora Fonts Special
Interest Group has been created. The group is dedicated to improving
fonts availability and text rendering/layouting in Fedora. If you are
interested in the Fonts SIG, please read the wiki, join the mailing list
and get involved.
If you are using PHP4 in Gentoo you'll want to read this. "We, the
Gentoo PHP team, are going to mask =dev-lang/php-4* and all packages
explicitly depending on this version of php around October 18th (i.e. the
whole dev-php4/ category (36 packages) and www-apps/knowledgetree, unless
there is a php5-compatible version by the time of masking; bug
194894). This step is necessary as there is hardly any upstream activity
anymore."
Slackware has new glibc-zoneinfo packages available for all versions of
Slackware from 8.1 to 12.0. These packages update the timezone tables to
the latest versions.
SUSE Security has announced that the regular maintenance, security and L3
support for the SUSE LINUX Enterprise 8 line of products will end after
November 2007. Extended Support for 2 years is available for the SUSE
Linux Enterprise Server 8 product only.
Ubuntu's Launchpad 1.1.10 is due for release October 24. Click below for
information on changes that are planned for the next Launchpad
release. These are changes that may affect the way you use Launchpad,
rather than a full list of new features that will appear in 1.1.10.
The first beta release of a new distribution called KlikIt-Linux is out. "Ease of installation, ease of use, an
attractive GUI, and solid technology are no longer unique features in Linux
distros, these are the expectations. So, yeah, we have those things, but
what separates one distro from another, is the quality of the community. We
go to great lengths to ensure that the community has an atmosphere conducive
to the free expression of their ideas, thoughts, wishes, and to the forging
of lasting friendships." KlikIt is based on Kubuntu.
The Fedora Weekly News for October 8, 2007 looks at the Fedora Fonts SIG
announcement, the Ontario Linux Fest, a Fedora Marketing Meeting, Killing
Kittens with Yum-updatesd, and much more.
The Gentoo Weekly Newsletter for October 1,
2007 looks at Gentoo PPC updates. The Gentoo Weekly Newsletter for October 8,
2007 covers Gentoo VDR updates and Gentoo PHP masks php-4.
The Ubuntu Weekly Newsletter for October 13, 2007 covers the release
candidate of Ubuntu 7.10, learning more about Ubuntu at Ubuntu Open
Week, Gutsy release parties, another Ubuntu Forums interview, new MOTU
team member Laurent Bigonville, and much more.
The DistroWatch
Weekly for October 15, 2007 is out. "Following the openSUSE 10.3
release two weeks ago and the new Mandriva Linux 2008 announced last
Tuesday, the rapid succession of major Linux distribution versions
continues this week with Ubuntu 7.10. Will the developers of these projects
succeed in enticing more computer users to switch to Linux? Chris Smart
tries to answer the question in the upcoming issues of DistroWatch Weekly
by reviewing these new products - today he installs openSUSE 10.3 on his
trusty MacBook to see how it fares. In the news section: Mandriva
simplifies its product range, Ubuntu prepares for another download rush,
and Fedora embraces artwork developed by the user community. Finally, don't
miss two interesting interviews with Lucas Villa Real from GoboLinux and
Gerard Beekmans from the Linux From Scratch project."
The schedule for the next Ubuntu Developer Summit has been announced. This
Summit will be held in Boston Massachusetts, USA starting October 29 and
ending November 2, 2007.
The DebConf team has decided on having the next DebConf during the first
two weeks of August 2008, in the city of Mar del Plata, Argentina. The
whole event will be starting on August 2nd and ending on August 17th with
DebCamp taking place from the 3rd till the 9th and DebConf from the 10th
till the 16th. Registration will open in late 2007.
Information Week
looks at Splashtop.
"Every so often I bump into yet another example of Linux being used in creative ways. Here's a new one: an ASUSTek motherboard, the P5E3, which ships with a built-in Linux variant called
Splashtop.
Splashtop's a small but fairly useful Linux desktop environment that boots and runs entirely in RAM. The current iteration of Splashtop features network connectivity (both wired and wireless), a rebadged version of Firefox 2.0, and the Skype VoIP client (version 1.3) -- a small but useful clutch of tools. I read through a sneak preview of the product at Phoronix.com, and the impression I got was that it's still pretty rudimentary but that it will over time be expanded into something far more functional."
DesktopLinux takes
a look at the Red Hat Global Desktop, due for a November release.
"The new desktop will be built on the foundation of RHEL 5.1
According to Jonathan Blandford, Red Hat's engineering manager for client
solutions, RHGD will use the GNOME 2.16 desktop as its standard
interface. It will also include "Firefox, Evolution, Thunderbird,
OpenOffice and other popular Linux desktop applications," Blandford
said."
Carla Schroder takes
a look at some of the smaller Linux distributions. "One of the
(very many) areas in which Linux has pulled ahead of the pack is with live,
complete Linux distributions on every form of removable media. Tiny Linuxes
to full-blow kitchen sink Linuxes boot and run from USB sticks and drives,
Compact Flash cards, CDs and DVDs; so they never need to touch the hard
drive, or even have a hard drive present. Some of them run entirely in
memory. Some are smart enough to use the swap partition on the hard drive,
if one is available. There are different ways of preserving data and
configurations, the main point being you can still save data and
configurations."
Linux Journal blogger James Gray attended a press
conference with Mark Shuttleworth. "The goal of today's meeting
was to prime the 'press pump' and get us talking heads to turn our
attention to the new Ubuntu 7.10 "Gutsy Gibbon", which will roll out on
Thursday, October 18th. (The other variants such as Kubuntu, Edubuntu,
etc. will also be available then.) Shuttleworth focused on three key areas
- the Ubuntu development process, desktop innovations and server
innovations."
DesktopLinux takes
a look at Ubuntu's Gusty Gibbon, due for an October 18 launch.
"The latest version of Ubuntu includes numerous new features. In
particular, its hardware support has been improved. Besides better
plug-and-play configuration for printers, the new Ubuntu includes automatic
firmware installation for Broadcom Wi-Fi cards."
Linux-Watch looks at
Ubuntu 7.10 Server Edition. "In a Linux-Watch interview, Mark
Shuttleworth, Canonical's CEO and Ubuntu's founder, said the server team
has been, and will continue, to grow. Canonical is also working directly
with server OEMs (original equipment manufacturers) to ensure
compatibility. Specifically, Ubuntu Server Edition is available and
optimized for x86, AMD64, EM64T (Intel Core & Xeon), and Sun SPARC
architectures."
Mage Power talks
with Source Mage developer Jaka "lynx" Kranjc. "What was it
about Source Mage that made you decide to stick with it? The package
manager is featureful, fast and mostly written in bash! As most
distributions, contains all the packages I need and I don't like gui
configuration tools too much (hard to get right), I judge them by their
package managers. That's the real added value for me."
ITtoolbox Blogs has an interview
with Gerard Beekmans. "Locutus: Who are you and what is your
involvement with LFS? Gerard: My name is Gerard Beekmans and I'm the
founder of the LFS project. I developed the initial process and strategies
of what became LFS about eight years ago. Nowadays I am not involved so
much with the day-to-day develop and maintenance anymore due to time
constraints in my professional career. Instead, I am more involved with the
management of the people who do still have the time for the daily work that
goes into LFS."
Packt Publishing interviews
GoboLinux developer Lucas Villa Real. "GoboLinux is popular for its
filesystem hierarchy which breaks away from the traditional Unix Filesystem
Hierarchy Standard (FHS). So basically you wouldn't find any /etc or /usr
directries under Gobo. In turn, files of a particular program are stored in
their own separate directories like /Programs/GCC/2.95.3/lib. This means
Gobo's package management system has its advantages since users can now
install multiple versions of the same program without conflicts. To find
out more about Gobo and why it does things the way it does, I talk to one
of its main developers Lucas Villa Real."
TuxMachines reviews
openSUSE 10.3. "There are a few different ways one can install
openSUSE 10.3. On my test box (a $150 Fry's special based on an AMD Sempron
2200+ CPU, which now has 640MB of RAM, a NVIDIA GeForce MX 440 video card,
and a larger hard drive), I used the "KDE-only" and the "non-OSS add-on"
CDs. (A "GNOME-only" installation CD is also available.) The advantages of
having KDE and GNOME installation CDs is that they take a lot less time to
download than the full installation DVD, and why bother if you're never
going to install the other desktop environment? (For fans of Xfce, you can
also install Xfce 4.4.1. Also, if you want to beta-test the next version of
KDE, you can install KDE 4 alongside KDE 3.)"
Zenoss provides a complete suite of software and services to help you succeed monitoring your IT infrastructure.
To support your unique needs, we offer several paths to success. Choose the offering(s) that make sense for your situation, budget and expertise.
Everything we do is based on Zenoss Core, our award-winning open source IT management platform. Our software provides a single, integrated solution for monitoring your entire IT infrastructure: network, servers, applications, across the full lifecycle: inventory, configuration, availability, performance, events, logs and alerts.
The About Zenoss document
clarifies the company's methodology:
"Through our integrated, model-driven product and by taking a new approach to management software that combines the benefits of open source with the best aspects of commercial development, we offer a new alternative." The Zenoss
Offerings Overview
explains the capabilities and services that are available for the
free software and the various levels of commercial subscriptions.
The free community edition includes Zenoss Core, the Configuration
Management Data Base (CMDB), an inventory and change tracking system,
availability monitoring, performance monitoring, event management
and core reports. Numerous additional capabilities are available
by paying for three increasing levels of support.
Zenoss runs on the RedHat Enterprise, Fedora, Ubuntu and SUSE Linux
distributions as well as FreeBSD and Mac OS X. Zenoss is
able to monitor Unix/Linux systems, various networking devices and
machines running Windows and VMWare. The Zenoss
FAQ
document covers other project details and has installation and
configuration details. A walk through the
screenshots
will show the wide variety of system control and monitoring capabilities.
Version 2.1 of
Zenoss Core was recently
announced:
"This release marks a significant update for many areas of Zenoss Core, including a Google Maps mashup, a network topology map, Java application management, powerful graphing capabilities and an Ajax-based drag and drop dashboard.
Zenoss Core 2.1 is now available with powerful new features, extending both its network management and application management capabilities with first-of-its-kind network visualization features and native management of Java-based applications. Zenoss Core 2.1 also adds advanced graphing capabilities and personalized dashboard enabling organizations of all sizes gain easy access to an affordable, powerful and integrated IT management solution."
If you have a large, possibly geographically distributed,
heterogeneous network of systems that you need to monitor,
Zenoss Core is worthy of consideration.
Version 0.6.1 of allmydata.org Tahoe has been announced.
"We are pleased to announce the release of version 0.6.1 of
allmydata.org "Tahoe", a secure, decentralized storage grid under a
free-software licence. This is the successor to v0.6, which was
released September 24, 2007. This release focusses on
packaging, documentation, and usability improvements."
Version 1.3.3.8 of the Anti-Spam SMTP Proxy Server project has been
announced.
"The Anti-Spam SMTP Proxy (ASSP) Server project aims to create an open source platform-independent SMTP Proxy server which implements whitelists, Bayesian, and basic anti-virus filtering to rid the planet of the blight of unsolicited email (UCE).
This release fixes a possible crash when using the Email interface and has some minor improvements to the admin GUI."
Version 1.4.0rc1 of iptables, a network security package, is out.
"This is the first release candidate of the new iptables branch 1.4. This
release candidate adds support for the generic xtables infrastructure
that strongly improves IPv6 support. Also several accumulated bugfixed
are included. Test it!"
Version 0.99.80-rc4 of AlsaPlayer, a multi-threaded PCM player,
has been announced.
"This is a bugfix and feature improvement release.
Madej added a song title in the title bar option.
Several bugs was fixed. Among them, libmad was fixed in configure and a
possible horrible crash when upgrading from a gtk1 AlsaPlayer version was
fixed. Every user is encouraged to upgrade."
Version 2.1 of Ardour, a multi-track audio workstation, has been
announced.
"Ready to make music on those long nights after the clocks change up north? Ready to make music in the bright summer evenings down south? Ardour 2.1 squeaks out in time for both hemispheres to enjoy it. A few brand new features, including native (X11-free) OS X support, and a heap of important bug fixes, are there to make the upgrade worth your time."
Version 2.0.5 of GanttProject has been
announced.
"GanttProject is a project scheduling application written in Java and
featuring gantt chart, resource management, calendaring, import/export (MS
Project, HTML, PDF, spreadsheets). Learn more on http://ganttproject.[biz].
GanttProject 2.0.5 is a maintenance release focused on adding custom fields of tasks and resources to the available export formats".
Version 3.5.8 of the K Desktop Environment (KDE) has been released.
"Today, KDE 3.5.8 has been released as the latest bugfix and
translation update for KDE's stable 3.5 series.
Improvements in KDE 3.5.8 cover:
Fixes in KHTML, KDE's HTML rendering component
Fixes and improvements in KDE's Mail and Organizer components
Improvements in various graphics applications, such as kolourpaint
(a simple painting program) and KPDF, the PDF viewer".
KDE.News presents further
coverage
of the recently released KDE version 3.5.8.
"The KDE community today released KDE 3.5.8. While the developers' main focus lies on finishing KDE 4.0, the stable 3.5 series remains the desktop of choice for the time being. It is proven, stable and well supported. The 3.5.8 release with its literally hundreds of bugfixes has again improved the users' experience."
The October 14, 2007 edition of the
KDE Commit-Digest has been
announced.
The content summary says:
"Replacement of the "toolbox", and a new KRunner in Plasma, with many applets moving from playground into extragear in KDE SVN. SuperKaramba is now fully integrated into Plasma. A move away from KDEPrint facilities, towards more basic functionality for KDE 4.0. More work on restoring the functionality of the Klipper applet. Basic sound support in Parley..."
Version 1.4.7 of
Robocode is out with bug fixes and other changes.
"Robocode is a Java programming game, where the goal is to develop a robot battle tank to battle against other tanks. The robot battles are running in real-time and on-screen. The motto of Robocode is: Build the best, destroy the rest!"
Version 0.9.47 of Wine
has been announced.
"What's new in this release:
New scheme for OpenGL support in child windows.
Lots of fixes for regression test failures.
A Tahoma replacement font.
Lots of bug fixes."
Version 0.1.0 of gigedit, an instrument editor for gig files, has been
announced.
"With gigedit it is possible to modify existing, as well as to
create new Gigasampler format instruments from scratch, which are not
only accepted by LinuxSampler, but now also by Gigastudio.
You can run gigedit as stand-alone application or "attached" to
LinuxSampler. The latter case allows you to play and edit instruments at
the same time, making all your modifications immediately audible, without
having to reload the instruments into a sampler."
The first release of the LV2 vocoder has been announced.
"LADSPA plugin created by Josh Green is basically an adaption of
Achim Settelmeier's Vocoder program to LADSPA."
Stable version 1.4.5b of Liferea has been
announced.
"Liferea (Linux Feed Reader) is a GTK desktop news aggregator for online news feeds and weblogs. The project focus is on simplicity and easy installation. This release fixes a crash when running Liferea with sqlite 3.5.x. Please upgrade!"
The beta 2 release of the theora
video CODEC is out with the following changes:
"Fix a crash bug on char-is-unsigned architectures (PowerPC),
Fix a buffer sizing issue that caused rare encoder crashes,
Fix a buffer alignment issue,
Build fixes for MingW32, MSVC and
Improved format documentation."
The October 11, 2007 edition of the Mozilla Links Newsletter
is online, take a look for the latest news about the Mozilla browser
and related projects.
GnomeDesktop announces
the 1.0.0 release of Genius.
"One of the oldest GNOME projects, the Genius calculator reaches 1.0.0 after 10 years in development. I have previously said that Genius is not going to be 1.0 until it can compute eigenvalues for general matrices. Now with RayleighQuotientIteration function, this is partially satisfied. Anyway, this was the original GNOME desktop calculator appearing first time as part of GNOME in the GNOME v0.11 tarball in January 1998."
Version 14/10/2007 of Linguistico has been announced.
"Linguistico is a linguistics tools project based on Italian language. Tools are: dictionaries, thesaurus, words definitions, scripts, programs, ... For: OpenOffice.org ThunderBird Mozilla FireFox - MySpell MyThes Aspell HunSpell."
Version 0.96 of the GNU Classpath essential libraries for Java has
been announced.
"This release is primarily a maintenance release. The recent release of the
majority of Sun's class library as Free Software on May the 8th, under the
auspices of the OpenJDK project (http://openjdk.java.net) has changed the
position of GNU Classpath within the community and recent efforts have
focused on bringing together Classpath and OpenJDK code under the umbrella of
IcedTea (http://icedtea.classpath.org) and on using the new OpenJDK code
within existing Free runtime environments such as cacao
(http://www.cacaojvm.org/) and IKVM (http://www.ikvm.net/). We hope to
extend support and work together with the OpenJDK community over time."
Version 1.4 of IcedTea has been announced, it features numerous bug fixes.
"The IcedTea project provides a harness to build the source code from
OpenJDK using Free Software build tools and
provides replacements libraries for the binary plugs with code from the
GNU Classpath project."
Version 2.42 of GNU CLISP, a Common Lisp implementation, has been announced.
"Among other things,
this version adds bindings to GTK+ v2 and the GNU DataBase Manager,
introduces a MOP protocol for structures, improves CLX, and fixes many
bugs."
Uche Ogbuji
works with jQuery on O'Reilly's XML.com.
"jQuery emerged a couple of years ago to great acclaim for its performance, elegant design, and handy features, and now it's one of the most popular JavaScript frameworks.
jQuery offers a lot of facilities, but it's best known for offering a cross-browser model for accessing and manipulating web page elements that means you don't have to deal with the endless pain of DOM. jQuery can be used for XML processing on the Web as well as HTML processing, and in this article I show some examples of this use."
Version 6.7 of GDB,
the Gnu Debugger, has been announced.
This version adds a long list of enhancements and bug fixes, see the release
announcement
for more information. (Thanks to Daniel Qarras).
Version 2.5 Beta of
FCKeditor is out. FCKeditor is an:
"Online text editor (DHTML editor), for ASP, ASP.NET, ColdFusion, PHP, Java and JavaScript brings to the web many of the powerful features of known desktop editors like Word. It's XHTML compliant and works with Firefox, Mozilla, Netscape and IE.
After an incredible development period, full of challenges and enriched by brilliant ideas, here we are with the Beta for the most important release of FCKeditor since version 2.0. It brings not only Safari and Opera support, but also introduces incredibly powerful features."
Version 1.2.0 of Texlipse has been
announced.
"Texlipse is a plugin that adds Latex editing support for the popular Eclipse Java IDE. Key features include: syntax highlight, command completion, bibliography completion, outline navigation and automatic building.
Some new features and a lot of fixed bugs included in this release. Included among others: some bibtex editor fixes, some spell checker fixes and Windows Vista compatibility (finally!). Also, unlike the previous this release requires Java 5."
Groklaw covers the patent infringement suit filed against Red Hat and Novell by IP Innovation. "You might recall the patent was used in litigation against Apple in April 2007, and Beta News reported at the time that it's a 1991 Xerox PARC patent. But ars technica provided the detail that it references earlier patents going back to 1984." The real focus of the article seems to be an attempt to find a Microsoft link, though; there is not much information on the patent itself.
Groklaw has published a conversation with a patent lawyer with more information than most of us want to know about expiration dates, when prior art becomes a valid defense, etc. "All three involved patents should expire December 10, 2008. This means that it's a bit of a puzzle why such a suit has been brought. Normal patentees would be on the whole unlikely to bring expensive patent infringement lawsuits on the basis of patents which are just about to expire.
That's mainly because the litigation can be expected to last until well after the expiry date. After patent expiry, the patentee can no longer get any injunction to stop further infringing trade, because that has by then become free to the public."
LinuxDevices.com reports from
Andrew Morton's talk at the Montavista "Vision" conference. "The
legacy of 'patch hoarding' -- maintaining embedded patches outside of the
mainline kernel -- should end. People should send their patches to the LKML
(Linux kernel mailing list), where etiquette has reportedly
improved. Morton also iterated and re-iterated the invitation to send
patches privately to him for a candid appraisal."
Groklaw
dissects the SCO creditors list.
"When SCO filed for bankruptcy on September 14, there was an attachment to both the SCO Operations, Inc. and the SCO Group's petitions, a Certification Concerning Creditor Matrix, with the list of SCO's creditors. The document included some home addresses, and I felt uncomfortable posting them, so I promised we would do a redacted text version. Here it is, at last. I apologize for the delay.
Some of the items on this sad list are obvious; some are mysterious. For example, why would O'Reilly & Associates be on the list? Win4Lin? Maureen O'Gara's G2? The detective that went with her on her stalking mission years ago? RIM? Does the maker of Hipcheck and other mobile solutions use Blackberries? And what's with all the restaurants?"
Michael Dell says
that software patent claims are not hurting his business. "Speaking
to ZDNet.co.uk at the Gartner Symposium/ITxpo in Orlando on Thursday,
Dell's chief executive officer said his company has seen Linux uptake for
servers increase faster than Windows server products, despite Microsoft's
claims."
News.com reports that
Novell has laid off its AppArmor developers. "Novell will
continue updating AppArmor and using and it in its Suse Linux Enterprise
Server software, but the development mechanism has changed since Novell
released AppArmor as open-source software in 2006. Some companies outsource
programming work to India, but with active open-source software projects,
there's even lower-cost options."
The Wall Street Journal joins
the crowd saying that desktop Linux isn't happening. "Even
though Linux is easier than ever to use, the dream of many Linux buffs of
it replacing Windows as the desktop mainstay is, at best, stalled, and at
worst, fading. While exact numbers are hard to come by, one survey has
desktop Linux users barely scraping a single percentage point of the market
share. Among Microsoft's customers, concedes Mr. Torvalds, are his father
and sister, though Mom has managed to resist the allure of the dark
side."
Canonical's CEO Mark Shuttleworth
responds
to recent comments by Microsoft CEO Steve Ballmer about intellectual
property and patent issues with Linux.
"What perhaps upsets Shuttleworth the most is that, at the end of the day, Microsoft doesn't seem to realize that open source and proprietary software developers have much in common when it comes to IP laws.
"Microsoft and open source both have the same interest to create a level IP platform. The patent system is not good for anyone. It's not good for Microsoft. It's not good for the little inventor next door. It's not good for FOSS [free and open-source software]. Companies that make money by doing nothing but holding on to patents until someone creates a useful program are the real problem. It's these patent trolls that are dangers to both.""
Silicon Forest, a blog site hosted by the Oregonian, has an
interview with Jim Zemlin, head of the Linux Foundation.
"When I talked to Jim on Friday, I suggested that open source
hasn't created the economic activity in Oregon that some backers
anticipated after Torvalds moved here in 2004. Jim disagreed. Here's how he
sees it: I do believe that open source presents an economic
opportunity for Oregon. In fact, Oregon has a pretty strong track record of
providing economic opportunity for individuals around the support and
development of open technology."
LinuxDevices profiles the
Nokia N810, due to hit the market in November. "The N810 is
smaller, heavier, and faster than the older N800, with new features that
include a slide-out hardware QWERTY thumb keyboard, GPS receiver, FM
transmitter (for in-car listening), and a light-sensing screen
dimmer."
Dave Phillips
takes a look at
the PHASEX software music synthesizer on Linux Journal.
"Development of native Linux audio plugins and softsynths may not be so
relentlessly rapid as it is in the Windows and Mac sound software worlds, but
new things do appear. This week I profile a cool new (well, relatively new)
Linux softsynth, William Weston's Phase Harmonic Advanced Synthesis
EXperiment, also known as
Phasex."
PC Magazine
reports
on plans to make a mobile version of the Firefox browser.
"The developer team behind Firefox has announced plans to bring a mobile version of the technology to the market in 2008.
"People ask us all the time about what Mozilla's going to do about the mobile web, and I'm very excited to announce that we plan to rock it," Mike Schroepfer, a Mozilla developer known as "schrep," wrote on the Mozillazine blog.
Specifically, Mozilla will add mobile devices to the first class/tier-1 platform set for Mozilla2, the next-generation browser technology due in 2008".
The OpenOffice.org reached the 7 year anniversary on October 13, 2007.
"Founded by Sun Microsystems on October 13th, 2000,
continues to experience tremendous growth. The project recently
counted 104 million downloads from its website, and downloads have
been increasing since the release of OpenOffice.org 2.3 last month.
It is widely considered the most important open source productivity
suite and one of the largest open source projects.
OpenOffice.org is available in more than 80 languages and runs
natively on every major platform; it uses the ISO standard, the
OpenDocument Format, for its files."
The Open Source Initiative (OSI) has approved two licenses submitted by
Microsoft as open source licenses. "The formal evaluation of
these licenses began in August and the discussion of these licenses was
vigourous and thorough. The community raised questions that Microsoft (and
others) answered; they raised issues that, when germane to the licenses in
question, Microsoft addressed. Microsoft came to the OSI and submitted
their licenses according to the published policies and procedures that
dozens of other parties have followed over the years. Microsoft didn't ask
for special treatment, and didn't receive any. In spite of recent negative
interactions between Microsoft and the open source community, the spirit of
the dialog was constructive and we hope that carries forward to a
constructive outcome as well." Additional commentary can be found at Microsoft's
Port 25 blog and at the 451
CAOS Theory blog.
Alfresco Software, Inc. has
announced plans to release Alfresco JLAN under the GNU Public License.
"Alfresco JLAN is a unique implementation of an embedded virtual file
system that offers the only Java client and server implementation of
Microsoft Window's CIFS (Common Internet File System) protocol, allowing
content, system administration information, and rows in a database to
appear as a shared drive."
The Asianux consortium has announced
its mobile Linux product. "The Asianux consortium, where Miracle
Linux Corp of Japan, Red Flag Software Co Ltd of China and Haansoft Inc of
South Korea are jointly developing Linux products, announced Oct. 15, 2007
that it will start shipping its "Asianux Mobile Midinux Edition" mobile
Linux product in January 2008. Expected applications are mobile devices
with Internet access capability. Based on the "Midinux 1.0" mobile Linux
product that Red Flag announced in June 2007, the new product has been
optimized for mobile devices featuring x86 architecture
microprocessors. Miracle Linux and Haansoft will market this product in
Japan and South Korea, respectively."
Novell, Inc. has announced
that the Novell Open Workgroup Suite Small Business Edition is now
available to customers worldwide. "The Novell Open Workgroup Suite
Small Business Edition is based on SUSE(R) Linux Enterprise and includes
Novell GroupWise(R) for e-mail, task management and calendaring; Novell
Open Enterprise Server for storage, print and management services; SUSE
Linux Enterprise Server for running applications; SUSE Linux Enterprise
Desktop from Novell for complete desktop productivity; and the Novell
edition of the popular office productivity suite OpenOffice.org for
Windows* and Linux*. To accommodate growing businesses, the suite features
support for up to five servers and 200 users."
Pentaho has announced the release of Pentaho Open BI Suite version 1.6.
"Pentaho Corp., creator of the world's most popular open source
business intelligence (BI) suite, today announced delivery of Pentaho Open BI Suite 1.6. The new
release provides general availability of major new enhancements including an enterprise BI metadata
layer that streamlines use of BI data as well as a thin-client reporting interface enabling
business users to create their own ad hoc queries and reports."
SAP AG has
announced the contribution of a memory analyzer tool to the
Eclipse platform.
"As part of its
commitment to support the open-source developer community, SAP AG today announced that for the first time it will contribute software
development capabilities to the Eclipse community. This new tool will
enable developers to build more efficient enterprise applications within
Eclipse, the leading open source integrated development environment (IDE).
All Java developers will be able to benefit from memory analyzer
capabilities within Eclipse that were previously available only for the SAP
NetWeaver(R) technology platform."
TimeSys Corporation has announced the availability of LinuxLink support
subscriptions for the MIPS 74K processor core family.
"This high performance processor core is a new addition to the
MIPS(R) 32-bit line of processor cores. Through the collaboration
between MIPS and TimeSys, customers can build their own custom Linux
software platforms using the MIPS32 74K core."
Version 3.00 of VariCAD 2007,
a 3D/2D CAD system for mechanical engineering, is available for Linux.
The VariCAD news
page says:
"The new VariCAD 2007 3.00 includes a completely rebuilt BOM (work with attributes, automatic title blocks filling etc.), improved user interface, new improvements in STEP and DWG file compatibility, a further extended tutorial and quick demonstration, and more. A free 30-day trial version is available for download."
The Linux Foundation has announced an online survey aimed at determining
what the highest-priority needs are for the Linux desktop. "The survey will take only few minutes of your time, and your feedback is
essential in helping us to focus our development efforts and accelerate
the global adoption of Linux desktops and clients. For example, past
surveys highlighted the need to address printing and wireless issues, so
we set up focused workgroups and conferences to help developers and
vendors work out common solutions to these requirements." The
survey is available in several languages.
The results
from the 2007 Zero Install survey have been announced.
"Random summary:
People mainly use Zero Install to run ROX applications.
Ubuntu is incredibly popular.
Not many people found the bug reporting feature.
Hardly anyone uses it with Xfce.
Software authors' most common reason for using it was to be able to
make a single package that runs everywhere."
Calls for papers have gone out for the Black Hat D.C. and Black Hat Amsterdam security conferences.
Black Hat D.C. will take place on February 18-21 in the Washington DC City Center and Black Hat Amsterdam will take place on March 25-28 in
Amsterdam, the Netherlands.
Also, Black Hat Japan 2007 starts on October 23, 2007 in Tokyo.
The extended call for papers for FOSS.IN/2007 closes on October 20, 2007.
"The extended deadline has had some good effects - many more
contributor-oriented talks have come in.
The Project Days have seen good submissions, and they are really shaping
up well. We have sent the list of talks submitted so far to the PD
proposers, and should be hearing from them on Monday with initial lists.
Debian-Ubuntu, Fedora, Gnome, KDE are all doing fine - great talks, lots
of community participation.
I'd be happier, though, to see some more talks in the Mozilla PD (to give
us a wider choice) and more practical, hands-on talks. How come no talk
on Mozilla/Firefox extensions?"
The 2007
CELF Embedded Linux Conference will be held in Linz, Austria on
November 2-3, 2007.
"This joint conference will consist of over 60 presentations on the subject of embedded and real-time Linux. Presentations on embedded Linux will cover a wide range of topics, including kernel enhancements for realtime, improved memory size, security, and power management. Also, there will be presentations on licensing issues, embedded distributions (covering OpenEmbedded, Embedded Debian, and PokyLinux), embedded graphics systems, flash file systems, and reports of experiences embedding Linux in actual products like TV sets and handheld devices.
There will be tutorials on toolchains, packaging tools, and distributions, as well as "Birds of a Feather" sessions on a variety of topics."
O'Reilly has announced the top sponsors for the Web 2.0 Summit.
"Participants include
Platinum sponsor Nokia, and Gold sponsors Adobe, AOL, eBay, Etelos, HP
Invent, Level 3 Communications, Microsoft, Sun Microsystems, and WebEx.
The fourth annual Web 2.0 Summit will be held at the Palace Hotel in San
Francisco, October 17-19."
O'Reilly has announced the 2008
Where 2.0 Conference.
"Now in its fourth year, the O'Reilly
Where 2.0 Conference will bring together the people, projects, and issues
building new technological foundations and creating value in the location
industry. The conference, taking place May 12-14, 2008 at the San
Francisco Airport Marriott in Burlingame, CA, will draw over 500
leading-edge developers and innovators from companies who are building
location aware technology."
The Fellowship of FSFE has posted
a transcript from Richard Stallman's acceptance speech for an
honorary University of Parva, Italy degree.
"Innovation can create riches and once in a while, those riches can lead to general economic prosperity, especially if you don't have neo-liberal economics to impede the result.
But innovation affects things much more important than riches or even economic prosperity. Democracy was an innovation, fascism was an innovation. Today, in Italy, we see the innovation of placing criminal charges against fishermen for saving people from drowning in the sea. Innovations can directly affect our freedom, which is more important than anything else. Innovation can affect social solidarity, for good or for ill."
(Thanks to Alessandro Rubini and Ciaran O'Riordan).
![[Zenoss]](/images/ns/zenoss.png)
