LWN is about to celebrate a birthday. Picking the true anniversary of an
enterprise like LWN can be a bit tricky - there are many points which could
be said to mark the true birth of the organization. After some thought, we
have decreed that LWN.net was born on January 30, 1998. So we have a
tenth anniversary coming up. That's a long time - far longer than any of
us thought we would be doing this. Life is funny that way, somehow.
One cannot let a date like this go by without at least partially taking
advantage of its hype-creation possibilities. So there will be a few
things happening to celebrate our decade of writing about Linux,
culminating with some sort of celebration on the 30th, when your editor
will be speaking at this year's (sold-out!) linux.conf.au in Melbourne,
Australia. One of those will be a short series of articles - starting with
this one - looking back at those ten years. What a long, strange trip it
has been.
Back in early 1997, your editor was the manager of a software development,
system administration, and data delivery group at the National Center for
Atmospheric Research. He had, at that point, been using Linux for a few
years. It was running on a number of servers, of course, but we had also
deployed it on desktops and used it for the acquisition and display of
meteorological data, including high-bandwidth (for the time) doppler radar
data. Don't let anybody tell you that real-time Linux is a new thing.
At this time, your editor was seeing two futures: (1) an increasingly
dilbertesque life spent mostly in meetings, and (2) the clearly
bright future of Linux. So he was actively looking for ways to move out of
conference rooms and toward Linux, and talking over schemes with a number
of friends. An early idea - to commercialize one
of the first weather stations ever put on the World Wide Web with LWN
editor Forrest Cook, never quite took off. But that thought process
continued.
During that same time, Elizabeth Coolbaugh had just left a very similar
position at the same institution; she was looking for a new project for the
next phase of her life. After some discussions, Liz and your editor
settled on a business idea which seemed to have some promise. It was not
to be the last silly decision they were to make.
You see, at that time there was a struggling Linux distributor named Red
Hat which was beginning to get the sense that there might be a market for
its boxed Linux product in the corporate world. But companies need
support, and Red Hat lacked the ability to provide that support. So the
company's management came up with the "support partner" concept. Upon
being accepted into this program, partner companies would be able to sell
Red Hat-backed support certificates, which Red Hat would help to market.
This widespread network of Linux experts would be able to provide local
support to clients and would, for the hardest problems, be able to get help
from Red Hat itself. It looked like a winner for everybody involved.
That program was not yet operational at this time, though - but Red Hat
promised it would be Real Soon Now. Your soon-to-be editors, not yet
having done much business with Red Hat beyond ordering an occasional CD,
believed this promise. But it still made sense to do something productive while
waiting. The idea that emerged after some talk was to put up a regular
newsletter about what was happening in the fast-evolving Linux community.
Even back then, keeping up with everything was hard, so we figured that the
service would be valuable. As an added bonus, it would attract attention
to this new support company (called Eklektix) and show just how blindingly
smart and up on Linux we were.
Discussion of details occurred slowly through much of 1997. On
January 22, 1998, the first
issue of LWN was posted; it talked about the 2.1.79 kernel, the brand-new
spinlock mechanism, the devfs debate, the creation of Red Hat Advanced
Development Labs, and attempts to bring Java to Linux. The January 29, 1998 issue changed
the format and led off
with Netscape's announcement that it would be releasing the source code for
its browser. We also found all of two news articles about Linux (we posted
every one we found in those days) and talked about NFS problems, the devfs
debate, the Debian 2.0 release roadmap, and gcc 2.8 problems.
At this point, we had posted two issues, but had not actually told anybody
about them. Unsurprisingly, traffic was low. That changed on
January 30, when our
announcement made it out to the comp.os.linux.announce newsgroup - the
best way to get the news out at that time. As promotional text the
announcement was rudimentary at best, but it had the desired result - we
got over 1000 page views on that first day, which seemed like a lot at the
time. LWN was off and running.
Some highlights from the early days of LWN:
February 12, 1998: Eric
Raymond starts pushing "open source" instead of free software.
Worries over whether Intel's proposed "Merced" architecture would
support Linux.
February 19, 1998: Richard
Stallman fights back against Open Source. SCO claims to be the
largest provider of Unix-based servers. Jesse Berst's famous "could
you get fired for choosing Linux?" article runs. Jaroslav Kysela
launches the "Ultra" (later ALSA) sound driver project.
March 12, 1998: Ralph Nader
suggests that Dell should sell Linux-installed systems.
March 19, 1998: Bruce Perens
resigns from the Debian project, saying: "I'm
sorry it had to be this way, but I feel that my mission to bring free
software to the masses really isn't compatible with Debian any longer,
and that I should be working with one of the more mainstream Linux
distributions." Sendmail, Inc. was launched.
April 2, 1998: the Mozilla
source release happens. Alan Cox joins Red Hat. The feature freeze
for the 2.2 kernel is announced. The Open Group announces that use of
the X Window System will requires fees - but Linux users had XFree86
and didn't care.
It's fair to say that we didn't entirely grasp the significance of the
events reported in the April 2 edition. The hiring of Alan Cox was
one of the first in a long series - before then, almost nobody actually had
a job which involved developing Linux. The Open Group's attempt to
relicense X was thoroughly defeated by the existence of a free version with
an active development community - a story which would be repeated a number
of times in the coming years.
April 30, 1998: Red Hat gets
around to launching its support program, with Eklektix as one of the
four they had managed to sign up. Kernel development halts as a
result of the birth of Linus's second child.
May 28, 1998: LWN moves to its
own domain at LWN.net. The Linux Standard Base is proposed. Your
editor first describes himself as "grumpy" after producing LWN by
himself (Liz was at Linux Expo). PC Week calls Linux "a communist
operating system in a capitalist society" and predicts its demise.
Red Hat 5.1 is released.
July 16, 1998: KDE 1.0 is
released; KDE v. GNOME flamewars spread across numerous mailing lists
and web sites.
July 23, 1998: Oracle ports
some of its products to Linux.
Linus decrees
that 8MB of memory will be needed for the 2.2 kernel.
The Oracle announcement seems mundane now, but the existence of Oracle
products for Linux was a specific indicator that many people were looking
for. It was an indication that Linux was a "serious" platform. Richard
Stallman, of course, thought that Oracle's announcement was terrible news.
July 30, 1998: Debian 2.0 is
released. Rumors circulate that IBM is considering Linux.
Linux-Mandrake is launched.
August 13, 1998: the Open
Source Initiative is launched, flame wars result. Richard Stallman
calls for free
documentation for free software. The kernel goes into a "hard code
freeze" - not the first or last time that a Linus-decreed freeze would
prove to be less hard than anticipated. The devfs discussion
continues. Red Hat states that it
cannot legally ship Qt or KDE.
August 20, 1998: Red Hat
launches Rawhide. Bruce Perens bails out of the Linux Standard Base
effort.
October 1, 1998:
Intel and Netscape (and two venture capital firms) invest in Red Hat.
Also notable this week was the first of the big "Linus burnout"
episodes, making it clear that something in the kernel development
process needed to change.
Let us now pause for a moment. From this distance, it may be hard to
appreciate just how big the news of the Red Hat investments was. For all
that had happened, Linux was still a somewhat obscure phenomenon, unknown
to much of the information technology world. When Intel put money into Red
Hat, it became clear to all that both Linux and Red Hat were headed toward
success. This was, in some real sense, the point where Linux entered the
dotcom bubble, though the real action was still a year away.
The 2.1.123 release failed to compile as a result of some merging errors;
developers got upset about the state of affairs and a long, inflammatory
discussion resulted. Linus stormed out of the virtual room and took a
vacation. It was a somewhat scary series of events which foreshadowed more
to come; getting the kernel development process to scale as the community
grew was a multi-year process.
During this time, LWN was also growing in both readership and size; it was taking
increasing amounts of time. We eventually had to move the server from its
initial location (behind an ISDN line in your editor's basement) to a
proper hosting facility. But, remember, LWN was not the main endeavor;
it was an attention attractor for the support services offered by Eklektix,
Inc. This business plan was not going particularly well. Those who dealt
with Red Hat in that era know that, as a company, it was a rather chaotic
place. The marketing for the support partners never happened, and the
backup services for the support plans the partners were able to sell
themselves were, shall we say, less than the customers thought they
deserved given what they had paid. The support partner program was not
a big success for anybody involved.
As a result, one of the first things Red Hat did with its new pile of cash
was to cancel this program and start building its own, internal support
operation. Eklektix continued to push its own support offerings for a
while, but the fact of the matter is that it was not a fun business: it
seemed to mostly consist of cleaning up after low-budget ISPs which could
not be bothered to install security updates. So the search for
alternatives began. Meanwhile:
October 16, 1998:
Larry McVoy contacts LWN and describes his upcoming "BitKeeper"
software as a way of making Linus "scale". Debian takes an official position
against KDE.
November 19, 1998: The Qt
library becomes available under the new QPL, eliminating roadblocks
for the distribution of KDE. VA Research (also known as VA
LinuxVA Software SourceForge) gets a big
venture capital infusion. Red Hat hires Matthew Szulik as CEO.
January 28, 1999: LWN's first
anniversary. The 2.2 kernel is released, complete with a
trivially-exploited security hole. Linus decrees that
32-bit Linux will never support more than 2GB of memory.
The TCP-wrappers
distribution is compromised. The Windows refund movement gathers
steam.
February 11, 1999: perhaps the
first big discussion of binary-only modules.
February 25, 1999: IBM
announces support for Red Hat Linux on its systems.
About this time, Eklektix announced that its new line of business would be
training - and Linux system administration training in particular. The
announcement was timed for the first ever LinuxWorld conference; both LWN
editors spoke there, with Jon delivering a system administration tutorial
to 450 attendees. It was the start of a new phase - though it was not much
more successful than the one which came before.
If the investments in Red Hat were the beginning of the Linux bubble,
LinuxWorld was where the inflation began in earnest. The amount of money
on display there was impressive to say the least. The Red Hat party will
live forevermore in the memory (or lack of memory, as the case may be) of
all who attended. LinuxCare, which was supposed to be the big
support success story for Linux, was unveiled at this conference. Never
had there been so much overt commercial interest around Linux.
March 25, 1999: It turns out
that BitKeeper is to come out under a not-really-open-source license.
April 8, 1999: Discouraged
Mozilla developers resign from the project - there was a time when it
seemed like a usable Mozilla browser would never come. Dell buys a
piece of Red Hat. Al Gore claims to have an open source presidential
campaign. RMS battles for "GNU/Linux" on linux-kernel.
April 15, 1999: the Mindcraft
study. It turned out that some of Mindcraft's criticisms were right,
but we fixed the problems in a hurry.
It is interesting to note that, during this time, LWN got its first
acquisition offer: from Red Hat. We turned it down: the terms of the offer
looked much like indentured servitude under firm Red Hat control. But we
did work a deal with the company to supply news items for its portal site.
Yes, during this time, Red Hat's business model was aiming toward becoming
the dominant network portal for Linux-related information. Remember, this
was 1999.
June 10, 1999: Red Hat files
for its IPO. VA Linux bulks up on free software developers.
July 1, 1999: Slashdot is
acquired by Andover.net. Eric Raymond and Richard Stallman feud over
"open source."
July 22, 1999: Red Hat gives
Linux hackers an opportunity to buy pre-IPO stock.
August 12, 1999: Red Hat goes
public, with great success. Andover acquires Freshmeat.net. The
second LinuxWorld conference is held.
The Red Hat IPO was the beginning of a new phase: clearly somebody was
making a lot of money from Linux, even if who wasn't exactly clear. What
was clear is that Eklektix was not on the list. When we planned out the
training offering, we had a set of spreadsheets with some truly wonderful
numbers on the income which was sure to result. Somehow reality failed to
match the spreadsheets. So we came to realize that we needed to look in
other directions.
At this time, advertising was beginning to bring in some actual money.
But, more to the point, as the market heated up, companies were showing
increasing amounts of interest in anybody who had any sort of Linux
credibility or mindshare. We had some of that credibility at that time.
So we decided to see what would happen if we let the word out that LWN was
for sale. Suffice to say that the result was a far wilder ride than we
could have ever anticipated. But that will be the topic of next week's
installment.
Free software projects, like all projects, live and die by their
communications; developers must be able to talk to each other easily so
that a consistent, coherent result emerges. But developers have differing
ideas about what methods to use. A discussion on the Emacs development
list provides a nice contrast between two of the main communications
methods used by projects today.
Traditionally, developer communications have been handled
by the venerable mailing list, but that is changing, at least for some
projects. Internet relay chat (IRC) has become the tool of choice
for newer projects, which may leave those who are not inclined towards
realtime communication out of the loop. Development methodologies are
evolving, and some are adopting the new ways more quickly than
others – some may never adopt them at all.
The difference between communicating in IRC or via a mailing list is in
some ways like the difference between text messaging and email. Email has
its advantages, in that the recipient chooses the time to read and respond
to the message, but it is often seen as slow. Text messaging or IRC have the
advantage of speed; people receive a message and generally respond
immediately. But that speed comes at a cost – interrupting the
recipient. It also requires a full-time internet connection.
While email archives are somewhat cumbersome to use, they are usable.
IRC logs are exceedingly painful as they are not subject-based; they just
cover a specific time span of all conversation on the channel. Email
conversations may play out over days or weeks, but they are generally
easier to follow compared to the multiple interleaved conversations that
occur on IRC channels. It is in the nature of the medium: IRC
conversations are meant to be used immediately, not reread weeks later.
It is, in some ways, a culture clash. Younger developers tend to be more
inclined towards realtime communications, while older hackers tend to be more
comfortable with mailing lists. In what would seem to be an uphill battle,
Eric S. Raymond has been advocating a more "modern"
development style for GNU Emacs. His messages, appearing on Emacs-devel,
champion a development style that includes IRC communication, a bug
tracking system, and a version control system (VCS) more advanced than CVS.
Raymond's experiences working with the Battle for Wesnoth development team exposed him to
some of the newer techniques used in project communication, particularly
IRC. He reached a somewhat surprising conclusion about IRC:
And far from finding I can't keep up, I've discovered that I like the
stimulation. I grok how the kids feel about this, because
mailing-list-only
projects have started to seem slow and boring to me, too.
The Wesnoth project uses IRC for all day-to-day design and development
decisions, leaving the mailing list for more complicated discussions and
white papers. This has the effect of excluding interested developers who
are not able or willing to monitor an IRC channel throughout their day, but
that is unlikely to be the intent. The reverse is also true: the perceived
slow pace of mailing-list only projects has the effect of excluding those
with a strong preference for a faster style of development. As Raymond
shows, though, there is hope that members of one school can retrain –
if they wish – for the other.
While decision making by IRC does not seem to be in the cards any time
soon for Emacs, an upgrade to something other than CVS seems to have gained
more traction. Richard Stallman has been asking a lot of questions about
git while other developers discuss other distributed version control
systems (DVCS), like darcs, monotone, arch, and Mercurial. Raymond is
working on a survey of the VCS landscape that, once completed,
he and others hope will guide the project into a better VCS choice.
One of the main DVCS features that seems of interest to Stallman is the
"offline" capabilities. Having the entire history of a project and being
able to do commits of work in progress while being disconnected from the
internet are features that CVS does not have. Stallman is
adamant that the tools used to develop Emacs be usable by those who are not
always connected to the net which makes a DVCS rather attractive.
The Emacs project is one of the oldest free software projects in existence;
it is, like its founder, fairly resistant to change. While Emacs itself is
used by hackers everywhere, it is increasingly falling behind its
competitors, at least partially because of the slow pace at which it is developed.
Raymond's belief is that by upgrading the tools used to take advantage of
advances made since CVS and mailman were new, the time between Emacs
releases could be reduced to something more sane. Doing that could go a
long way towards making Emacs more relevant to younger hackers:
When
those Eclipse fans pointed and laughed because we're still stuck on
CVS and don't have a bug tracker, what counter could I have had? They
know these are bad choices and they know that I know it -- so when
they write off Emacs as old, tired, and irrelevant to anything they're
interested in, I find it increasingly difficult to reply.
It is unlikely that just some tool changes will be enough to resurrect the
flagging popularity of Emacs, but there are hopeful signs. Some of
Raymond's suggestions met a warmer reception than one might have expected.
It is clear that a fair number of Emacs fans and developers are frustrated
with the current state of affairs. It may be that "just some tool changes"
are enough to reinvigorate the project to a point where it attracts more
developers and users. That can only be a good thing for Emacs.
Once upon a time, free software was a relatively rare commodity, and there
was a real novelty in being able to run a free package for a specific
purpose. The availability of a free C compiler, for example, was cause for
celebration. The fact that said compiler was not always the most reliable
program on the system did little to reduce enthusiasm; many of us persisted in
irrational endeavors (like trying to use gcc to build the X Window System)
despite the occasionally painful (and predictable) consequences. And, in
the process, we helped to make both programs more reliable.
There comes a time, though, when even the most die-hard free software
proponent wishes that things would just work. As our software finds its
way into more situations where failures are unwelcome (at best), the level
of tolerance for bugs is falling. The desire for fewer flaws, however,
runs counter to the desire for increasingly capable (and thus more complex)
software.
Somehow we have to find ways to simultaneously grow our systems and reduce
the total number of bugs. To this end, a few projects have been having
some interesting discussions on the tracking and fixing of bugs.
As has been discussed in this companion article,
Eric Raymond has been busily stirring up trouble on the Emacs development
list. His point, deemed reasonable by your editor, is that Emacs must
adopt a number of relatively modern development practices if it is to have
any hope of remaining relevant at all. One of
his key points is that Emacs needs to have a real bug tracking system.
Says Eric:
Now I consider Emacs: 1100K lines, a COCOMO estimate of over 328
years, and no issue database. I think I think I understand much
better now now why the team has only been able to ship one release
in five years. Trying to converge on a releasable state with as
poor a view of the Emacs bug load as we have must be damn near
impossible.
While some of Eric's suggestions appear to be non-starters - imagine trying
to get Richard Stallman to hang out on an IRC channel - the bug tracker
suggestion might just go somewhere. Certainly it could only be an
improvement for a project of that size to have some sort of idea of what
the current list of outstanding bugs looks like. It might even help bring
about another Emacs release before the end of the decade.
Bug trackers are not a magical solution to the bug problem, though; in
fact, they can create some problems of their own. The Fedora project,
which does have a bug tracker, is currently trying to figure out what to do
with the contents of that tracker. It seems that said tracker contains
over 13,000 bugs, almost 10,000 of which apply to Fedora 7 and later.
A bug database of this size is simply overwhelming to anybody who tries to
do something about it. As a result, Fedora users are filing bugs, only to
see nothing happen in response. Not even a "thanks for your report"
message. This situation is discouraging for everybody involved, causing
Fedora users to give up on reporting bugs and developers to fear looking at
the tracker.
In the Fedora case, there appears to be a near-consensus that the biggest
problem is in triaging bug entries. This is not a job which can be
automated; somebody has to go through bug submissions, weed out the
duplicates, identify those which are really "features," figure out which
developer should be notified, etc. Tying bug entries to those found in
upstream trackers would be a highly useful bonus. Without this sort of
effort, the bug tracker quickly fills with low-quality entries which help
nobody.
For the most part, nobody is doing this job for Fedora now. Red Hat is not
paying for a staff member to triage bugs, and the wider community has not
filled this gap. In the short term, any sort of solution looks like it
will have to come from the community, so the Fedora folks are wondering
what can be done to encourage more participation. Simply asking for help
is the obvious first step, as is making sure that the process is easy.
Then they may consider the tactics adopted by other large projects -
Mozilla's policy of expressing its appreciation by sending a T-shirt, for
example.
As an aside, one of the more useful bits of information to come from this
discussion was the existence of this family of URLs:
http://bugz.fedoraproject.org/<package-name>
Fill in the name, and the result is an immediate list of open bugs
for the given package. Thus, for example, a visit to bugz.fedoraproject.org/gcc
yields a list of compiler bugs. This result can be had directly from
bugzilla, of course, but this interface is faster and easier.
The Fedora developers have discussed a number of related issues, such as
whether the Fedora bug database should be separated from the RHEL system
and what can be done to make Red Hat better appreciate the value of doing
more of its quality assurance work in the Fedora repository. But the core
problem is just getting human attention applied to the bug reports.
Digging through bug databases is a relatively unglamorous job; it is not an
easy path toward rock-star hacker status. But it is an important and
relatively easy way to help make free software better.
Just in time to serve as an example of how well bug management can work,
the GNOME project has posted its annual
bugzilla statistics. It seems that over 110,000 GNOME bugs were filed
in 2007, almost 109,000 of them were closed. The top bug-closers for the
year were:
14254
Andre Klapper
9800
Tom Parker
7047
Susana Pereira
6882
Bruno Boaventura
6649
Pedro Villavicencio
It is worth pondering for a moment on the amount of energy required to
close over 14,000 bugs in a year - that's almost 40 per day, every day,
without a break. This kind of energy does exist within our
community, and some projects are putting it to very good use.
While it is easy to get a contrary impression, the kernel does, in fact,
have a bug tracker; there is
also, in the form of Natalie Protasevich, somebody who handles the care and
feeding of that tracker. But, as a recent episode shows, that still is not
always sufficient to actually get the bugs fixed.
On November 13, 2007, a bug
in the SCSI subsystem was reported to the linux-kernel mailing list.
It was put into the tracker as bug 9370 on the
same day. Some developers looked at it over the next few days, but, even
though a specific commit which appeared to cause the bug had been
identified, no solution was forthcoming. Discussion eventually died out.
At least until January 2, when Ingo Molnar decided to stir the pot by
posting a patch to revert the seemingly
guilty commit.
At that point the discussion picked up and a reliable way of reproducing
the bug was found. The commit which was said to have caused the problem
was, in fact, not guilty; it had just caused an older bug to come to
light. The discussion did not stop there, though.
A number of charges went back and forth which do not require discussion
here. But one core point is this: as long as the bug report sat in the
tracker, nothing much appeared to be happening with it - though, it seems,
the SCSI developers had not forgotten it and were trying to figure out what
was really going on. But once the problem came back to the linux-kernel
list in the form of a brute-force solution, the root cause was found in
short order. The key here was bringing the problem to the attention of a
wider group of people; the crucial recipe for
reproducing the problem came from a developer who had not been looking
at the problem previously.
In the kernel context, at least, giving wide exposure to a bug often helps
immensely in getting that bug fixed. That is especially true for the sort
of hard-to-reproduce bugs which tend to come up in kernel programming. So,
while bug trackers are a useful tool for ensuring that problems do not fall
through the cracks, it seems that one of the most potent anti-bug tools we
have - discussing the problem via a widely-distributed email list - is the
same tool we have been using for decades.
In our continuing efforts to keep our readers informed, we wanted to
update you on our recent advertising initiative. We are focusing our
efforts this year (and hopefully beyond) on banner (or image) advertising.
We won't neglect other opportunities, but we do want to more fully explore
banner ads. To that end, we are currently running ads in
a new location on the daily page, just to the right of the second entry.
We also have plans to add more locations for banner ads of various sizes
throughout the site.
Unfortunately, the need to "keep the lights on" here requires us to
generate more income than we currently do. To start with, as with any
business, our income must be greater than our expenses. Even with a great
deal of fiscal restraint, low salaries, and very low overhead, that is not,
yet, happening. We would like to see the business grow beyond just a
minimal, break-even operation – we think our readers agree
– which will take some time and experimentation.
We hope to strike the right balance between revenue generation and
annoying our readers; we feel sure that you will let us know if we cross
the line. We are always open to constructive suggestions (to
lwn@lwn.net) about advertising and its placement on the site, but the
most common suggestion, so far, is not particularly workable. A "no
animated ads" policy becomes, essentially, a "no ads" policy. For better
or worse, image ads are almost always animated.
Readers do have the ability to change things at their end.
Firefox
provides a means (by setting the image.animation_mode in about:config
to "none") to turn off animations – other
browsers do as well. Firefox plugins (or add-ons) give even more
control over the display of images and ads. In addition, subscribers at
the project leader level have the ability to turn off all ads on the
site.
We have always tried to treat our readers with respect – as we would
want to be treated – and will continue to do so. We do, however,
need to find a way to make this enterprise sustain itself financially. We
want to keep bringing you the excellent Linux and free software content that
you have come to expect from LWN for many years to come.
Open TCP or UDP ports on an internet-facing host can be worrisome to an
administrator, they almost feel like an invitation to an
attacker. If an unknown or unpatched vulnerability is running behind the
port, the host could be compromised. Admins have come up with some
reasonable ways to deflect the simplest of these attacks: changing the
well-known port or port knocking. The
new shimmer project provides
a twist, by using cryptographic techniques to choose the port to open.
The basic idea is that one port (within a chosen range) will be open to
real traffic of the service that the admin wants to hide – ssh or a private
web server for example. The number of that port will be able to be
calculated by both client and server using a secret that they share. A
client that connects to the proper port gets forwarded to the real
service. In addition to the proper port, 15 other ports are opened and
connected to a blacklist service. Any connection made to those ports will
result in the source IP address being banned for 15 minutes. The server
redoes the calculation each minute, coming up with a new set of 16 ports
– one good and 15 bad.
In order to calculate the port number, the shared secret (key) is combined
with the time (to the nearest minute), and the name of the service, then hashed using SHA-256. The hash is used as an AES
key to encrypt the numbers 0 through 15. Those values are mapped into the
port range and serve as the 16 port numbers for that minute. In order to
handle small clock variations between client and server, the server
actually keeps each set of 16 open for three minutes – adding the set
for the minutes before and after the current one.
While this seems like it provides a great deal of security to hide an open
port behind, in reality it is more showy than useful. As with simple port
knocking, or changing the well-known port number, it is vulnerable to an
attacker that can monitor traffic to the server and observe successful
connections. Shimmer leaves three ports wide open at any given time with
45 ports that will cause an IP to get blacklisted. Depending on the size
of the port range chosen, the odds aren't that bad of randomly
guessing the right port. Someone with few thousand IP addresses to use
probably won't have any difficulty.
Much like the other techniques, shimmer will likely deflect all but the most
determined of attackers, but is unlikely to provide much in the way of
a barrier against those. It sounds attractive and uses cryptographic terms
and techniques which may make it seem more secure than it really is. Using
it without understanding this could lead to a false sense of security.
The PostgreSQL team has released a set of patches for five critical security vulnerabilities. Two privilege escalation flaws and three denial of service vulnerabilities were fixed. "Today the PostgreSQL Global Development Group is releasing updated versions
which patch five security vulnerabilities. These releases update all
current PostgreSQL versions, including 8.2, 8.1, 8.0, 7.4 and 7.3. They
are considered CRITICAL and PostgreSQL DBAs and sysadmins should install
the update as soon as they reasonably can." Click below for more details.
Buffer overflow in CUPS in Apple Mac OS X 10.4.11 allows local admin users to execute arbitrary code via a crafted URI to the CUPS service.
From the rPath advisory:
Previous versions of the cups package contain a buffer-overflow
weakness. It is not believed that this weakness can be exploited
to execute malicious code.
Dovecot has multiple vulnerabilities including an issue involving the
confusion between LDAP-authenticated logins across users with the
same password and a denial of service involving a connecting user.
Cross-site scripting (XSS) vulnerability in view.php in Mantis before 1.1.0 allows remote attackers to inject arbitrary web script or HTML via a filename.
MaraDNS 1.0 before 1.0.41, 1.2 before 1.2.12.08, and 1.3 before 1.3.07.04
allows remote attackers to cause a denial of service via a crafted DNS
packet that prevents an authoritative name (CNAME) record from resolving,
aka "improper rotation of resource records."
CVE-2007-6520: Fixed an issue where plug-ins could be used to allow
cross domain scripting, as reported by David Bloom. Details will be
disclosed at a later date.
CVE-2007-6521: Fixed an issue with TLS certificates that could
be used to execute arbitrary code, as reported by Alexander Klink
(Cynops GmbH). Details will be disclosed at a later date.
CVE-2007-6522: Rich text editing can no longer be used to allow cross
domain scripting, as reported by David Bloom. See our advisory.
CVE-2007-6523: Fixed a problem where malformed BMP files could cause
Opera to temporarily freeze.
CVE-2007-6524: Prevented bitmaps from revealing random data from
memory, as reported by Gynvael Coldwind. Details will be disclosed
at a later date.
Several vulnerabilities have been found in the PostgreSQL database manager. The developers call the fixes "critical," but also note that, as of the time of the update, none of them were known to be exploited; see this advisory for more information.
Trolltech Qt has a privilege escalation vulnerability.
An error can be triggered in QSslSocket when verifying SSL certificates,
attackers can use this to bypass the SSL certificate verification
and acquire unauthorized access to a vulnerable application.
During a security audit, a stack buffer overflow flaw was found in the PAM
authentication code in the OpenPegasus CIM management server. An
unauthenticated remote user could trigger this flaw and potentially execute
arbitrary code with root privileges.
The Wordpress online publishing and weblog utility has multiple
SQL injection vulnerabilities in versions 2.3.1 and earlier.
Remote attackers can use this to execute arbitrary SQL commands
via the s parameter.
Off-by-one error in the do_login_loop function in libwzd-core/wzd_login.c in wzdftpd 0.8.0, 0.8.2, and possibly other versions and earlier allows remote attackers to cause a denial of service (daemon crash) via a long USER command that triggers a stack-based buffer overflow.
Adobes acrobat reader has the following vulnerabilities:
The Adobe Reader Plugin has a cross site scripting vulnerability that
can be triggered by processes malformed URLs. Arbitrary JavaScript can
be served by a malicious web server, leading to a cross-site scripting
attack.
Maliciously crafted PDF files can be used to trigger two vulnerabilities,
if an attacker can trick a user into viewing the files, arbitrary code
can be executed with the user's privileges.
From the Mandriva advisory: "The recall_headers function in mod_mem_cache in Apache 2.2.4 does not
properly copy all levels of header data, which can cause Apache to
return HTTP headers containing previously-used data, which could be
used to obtain potentially sensitive information by unauthorized users."
The Apache HTTP Server did not verify that a process was an Apache child
process before sending it signals. A local attacker who has the ability to
run scripts on the Apache HTTP Server could manipulate the scoreboard and
cause arbitrary processes to be terminated, which could lead to a denial of
service. (CVE-2007-3304)
A flaw was found in the Apache HTTP Server mod_status module. Sites with
the server-status page publicly accessible and ExtendedStatus enabled were
vulnerable to a cross-site scripting attack. On Red Hat Enterprise Linux
the server-status page is not enabled by default and it is best practice to
not make this publicly available. (CVE-2006-5752)
From the Red Hat advisory: "A bug was found in Apache where an invalid Expect header sent to the server
was returned to the user in an unescaped error message. This could
allow an attacker to perform a cross-site scripting attack if a victim was
tricked into connecting to a site and sending a carefully crafted Expect
header."
cache_util.c in the mod_cache module in Apache HTTP Server (httpd), when caching is enabled and a threaded Multi-Processing Module (MPM) is used, allows remote attackers to cause a denial of service (child processing handler crash) via a request with the (1) s-maxage, (2) max-age, (3) min-fresh, or (4) max-stale Cache-Control headers without a value.
A flaw was found in the mod_proxy module. On sites where a reverse proxy is
configured, a remote attacker could send a carefully crafted request that
would cause the Apache child process handling that request to crash. On
sites where a forward proxy is configured, an attacker could cause a
similar crash if a user could be persuaded to visit a malicious site using
the proxy. This could lead to a denial of service if using a threaded
Multi-Processing Module. (CVE-2007-3847)
A flaw was found in the mod_autoindex module. On sites where directory
listings are used, and the AddDefaultCharset directive has been removed
from the configuration, a cross-site-scripting attack may be possible
against browsers which do not correctly derive the response character set
following the rules in RFC 2616. (CVE-2007-4465)
Tilghman Lesher discovered that the logging engine of Asterisk, a free
software PBX and telephony toolkit, performs insufficient sanitizing of
call-related data, which may lead to SQL injection.
The default configuration for autofs 5 (autofs5) on Red Hat Enterprise
Linux (RHEL) 4 and 5 does not specify the nodev mount option for the -hosts
map, which allows local users to access "important devices" by operating a
remote NFS server and creating special device files on that server.
Versions of the autofs automounter daemon as shipped by Red Hat (and possibly other distributors) are installed with an insecure configuration; in particular, the "hosts" map lacks the "nosuid" option, allowing an attacker who has control over an NFS server to run setuid programs on vulnerable systems.
Red Hat Enterprise Linux 5 and Fedora install the Bind /etc/rndc.key file
with world-readable permissions, which allows local users to perform
unauthorized named commands, such as causing a denial of service by
stopping named.
A vulnerability in Cacti 0.8.6i and earlier versions allows remote
authenticated users to cause a denial of service (CPU consumption) via
large values of the graph_start, graph_end, graph_height, or graph_width
parameters.
Cairo has an integer overflow vulnerability in the PNG image processing
code. If a user processes a specially crafted PNG image with an
application that is linked against cairo, arbitrary code can be executed
with the user's privileges.
A NULL pointer dereference has been discovered in the RAR VM of Clam
Antivirus (ClamAV) which allows user-assisted remote attackers to
cause a denial of service via a specially crafted RAR archives.
Several remote vulnerabilities have been discovered in the Clam anti-virus
toolkit. The Common Vulnerabilities and Exposures project identifies the
following problems:
CVE-2007-4510:
It was discovered that the RTF and RFC2397 parsers can be tricked
into dereferencing a NULL pointer, resulting in denial of service.
CVE-2007-4560:
It was discovered clamav-milter performs insufficient input
sanitizing, resulting in the execution of arbitrary shell commands.
Richard Harms discovered that cpio did not sufficiently validate file
properties when creating archives. Files with e. g. a very large size
caused a buffer overflow. By tricking a user or an automatic backup
system into putting a specially crafted file into a cpio archive, a
local attacker could probably exploit this to execute arbitrary code
with the privileges of the target user (which is likely root in an
automatic backup system).
The Vixie cron daemon does not check the return code from setuid(); if that call can be made to fail, a local attacker may be able to execute commands as root.
Will Drewry of the Google Security Team discovered several buffer overflows
in cscope, a source browsing tool, which might lead to the execution of
arbitrary code.
A buffer overflow in Cscope 15.5, and possibly multiple overflows, allows
remote attackers to execute arbitrary code via a C file with a long
#include line that is later browsed by the target.
Previous versions of the cups package could be forced to hang via a client
"partially negotiating" an ssl connection. In this state, cups would not
allow other connections to be made, a denial of service.
The cups 1.3.5 release fixes a number of vulnerabilities in the PDF filters. Additionally, there is a buffer overflow in the SNMP code and a temporary file vulnerability.
Thomas de Grenier de Latour discovered that the checkrestart program included
in debian-goodies did not correctly handle shell meta-characters. A local
attacker could exploit this to gain the privileges of the user running
checkrestart.
The internationalization (i18n) framework in Django 0.91, 0.95, 0.95.1, and 0.96, and as used in other products such as PyLucid, when the USE_I18N option and the i18n component are enabled, allows remote attackers to cause a denial of service (memory consumption) via many HTTP requests with large Accept-Language headers.
From the rPath advisory: "Previous versions of the dovecot package are vulnerable to a
minor privilege escalation attack in which an authenticated
user may exploit an ACL plugin weakness to save message flags
without having proper permissions."
Directory traversal vulnerability in index/mbox/mbox-storage.c in Dovecot
before 1.0.rc29, when using the zlib plugin, allows remote attackers to
read arbitrary gzipped (.gz) mailboxes (mbox files) via a .. (dot dot)
sequence in the mailbox name.
Rafal Wojtczuk of McAfee AVERT Research discovered that e2fsprogs,
ext2 file system utilities and libraries, contained multiple
integer overflows in memory allocations, based on sizes taken directly
from filesystem information. These could result in heap-based
overflows potentially allowing the execution of arbitrary code.
A stack-based buffer overflow in mod/server.mod/servrmsg.c in Eggdrop
1.6.18, and possibly earlier, allows user-assisted, malicious remote IRC
servers to execute arbitrary code via a long private message.
Arnaud Giersch discovered that elinks incorrectly attempted to load
gettext catalogs from a relative path. If a user were tricked into
running elinks from a specific directory, a local attacker could execute
code with user privileges.
The elinks text-mode browser has an arbitrary file access vulnerability
in the Elinks SMB protocol handler. If a user can be tricked into
visiting a specially crafted web page, arbitrary files may be read or
written with the user's permissions.
From the original Debian problem report: "In Debian's version of GNU Emacs 22.1+1-2, the `hack-local-variables'
function does not behave correctly when `enable-local-variables' is
set to :safe. The documentation of `enable-local-variables' states
that the value :safe means to set only safe variables, as determined
by `safe-local-variable-p' and `risky-local-variable-p' (and the data
driving them), but Emacs ignores this and instead sets all the local
variables." When this setting (which is not the default) is in effect, opening a hostile file could lead to the execution of arbitrary commands.
A format string error in the "write_html()" function in calendar/gui/
e-cal-component-memo-preview.c when displaying a memo's categories can
potentially be exploited to execute arbitrary code via a specially crafted
shared memo containing format specifiers.
The APOP protocol allows remote attackers to guess the first 3 characters
of a password via man-in-the-middle (MITM) attacks that use crafted message
IDs and MD5 collisions. NOTE: this design-level issue potentially affects
all products that use APOP, including (1) Thunderbird, (2) Evolution, (3)
mutt, and (4) fetchmail.
From the Gentoo advisory: Meder Kydyraliev (Google Security) discovered that Exif metadata is not
properly sanitized before being processed, resulting in illegal memory
access in the postprop() and other functions (CVE-2007-6354). He also
discovered integer overflow vulnerabilities in the parsetag() and other
functions (CVE-2007-6355) and an infinite recursion in the readifds()
function caused by recursive IFD references (CVE-2007-6356).
Integer overflow in exif.cpp in exiv2 library allows context-dependent attackers to execute arbitrary code via a crafted EXIF file that triggers a heap-based buffer overflow.
fetchmail before 6.3.9 allows context-dependent attackers to cause a denial of service (NULL dereference and application crash) by refusing certain warning messages that are sent over SMTP.
The Firebird DBMS has a buffer overflow vulnerability involving
the processing of connect requests with an overly large p_cnct_count
value. Remote attackers can send a specially crafted
request to the server in order to potentially execute arbitrary code with
the permissions of the Firebird user.
A flaw was discovered in handling of "about:blank" windows used by
addons. A malicious web site could exploit this to modify the contents,
or steal confidential data (such as passwords), of other web pages.
(CVE-2007-3844)
Jesper Johansson discovered that spaces and double-quotes were
not correctly handled when launching external programs. In rare
configurations, after tricking a user into opening a malicious web page,
an attacker could execute helpers with arbitrary arguments with the
user's privileges. (CVE-2007-3845)
A cross-site scripting flaw was found in the way Firefox handled the
jar: URI scheme. It was possible for a malicious website to leverage this
flaw and conduct a cross-site scripting attack against a user running
Firefox. (CVE-2007-5947)
Several flaws were found in the way Firefox processed certain malformed web
content. A webpage containing malicious content could cause Firefox to
crash, or potentially execute arbitrary code as the user running Firefox.
(CVE-2007-5959)
A race condition existed when Firefox set the "window.location" property
for a webpage. This flaw could allow a webpage to set an arbitrary Referer
header, which may lead to a Cross-site Request Forgery (CSRF) attack
against websites that rely only on the Referer header for protection.
(CVE-2007-5960)
shutdown and moz_bug_r_a4 reported two separate ways to modify an
XPCNativeWrapper such that subsequent access by the browser would result in
executing user-supplied code. (CVE-2007-3738)
Michal Zalewski reported that it was possible to bypass the same-origin
checks and read from cached (wyciwyg) documents It is possible to access
wyciwyg:// documents without proper same domain policy checks through the
use of HTTP 302 redirects. This enables the attacker to steal sensitive
data displayed on dynamically generated pages; perform cache poisoning; and
execute own code or display own content with URL bar and SSL certificate
data of the attacked page (URL spoofing++). (CVE-2007-3656)
Internet Explorer calls registered URL protocols without escaping quotes
and may be used to pass unexpected and potentially dangerous data to the
application that registers that URL Protocol. (CVE-2007-3670)
Ronald van den Heetkamp reported that a filename URL containing %00
(encoded null) can cause Firefox to interpret the file extension
differently than the underlying Windows operating system potentially
leading to unsafe actions such as running a program. This is only
accessible locally. (CVE-2007-3285)
An attacker can use an element outside of a document to call an event
handler allowing content to run arbitrary code with chrome
privileges. (CVE-2007-3737)
Ronen Zilberman and Michal Zalewski both reported that it was possible to
exploit a timing issue to inject content into about:blank frames in a
page. When opening a window from a script, it is possible to spoof the
content of the newly opened window's frames within a short time frame,
while the window is loading. (CVE-2007-3089)
Mozilla contributor moz_bug_r_a4 demonstrated that the methods
addEventListener and setTimeout could be used to inject script into another
site in violation of the browser's same-origin policy. This could be used
to access or modify private or valuable information from that other
site. (CVE-2007-3736)
As part of the Firefox 2.0.0.5 update releases Mozilla developers fixed
many bugs to improve the stability of the product. Some of these crashes
that showed evidence of memory corruption under certain circumstances and
we presume that with enough effort at least some of these could be
exploited to run arbitrary code. Note: Thunderbird shares the browser
engine with Firefox and could be vulnerable if JavaScript were to be
enabled in mail. This is not the default setting and we strongly discourage
users from running JavaScript in mail. Without further investigation we
cannot rule out the possibility that for some of these an attacker might be
able to prepare memory for exploitation through some means other than
JavaScript, such as large images. (CVE-2007-3734, CVE-2007-3735)
A security flaw was found in the way flac processed audio data. An
attacker could create a carefully crafted FLAC audio file in such a way that
it could cause an application linked with flac libraries to crash or execute
arbitrary code when it was opened. (CVE-2007-4619)
The Freetype font rendering library versions 2.3.4 and below
has an integer sign error. Remote attackers may be able to
create a specially crafted TrueType Font file with a negative
n_points value that will cause an integer overflow and heap-based
buffer overflow, allowing the execution of arbitrary code.
The FreeType library has several integer overflow vulnerabilities.
If a user can be tricked into installing a specially
crafted font file, arbitrary code can be executed with the privilege
of the user.
Versions of the Gallery photo management application before 2.2.4
have the following vulnerabilities: (1) an unauthorized album creation and file upload, (2) a local file inclusion vulnerability, (3) several cross site scripting vulnerabilities, (4) a web-accessibility protection problem,
(5) problems with checks for disallowed file
extensions with file uploads, (6) missing permissions checks on GR commands,
(7) several information disclosures, (8) an arbitrary URL redirection
problem and (9) a proxied request weakness.
Ganglia is a scalable, real-time monitoring and execution environment
with all execution requests and statistics expressed in an open
well-defined XML format. The Ganglia web frontend is vulnerable to
cross-site scripting.
The fastjar utility found in the GNU compiler collection does not perform adequate file path checking, allowing the creation or overwriting of files outside of the current directory tree.
The gd graphics library contains a buffer overflow which could enable a remote attacker to execute arbitrary code. Note that various other packages include code from gd and could also be vulnerable.
Integer overflow in gdImageCreateTrueColor function in the GD Graphics
Library (libgd) before 2.0.35 allows user-assisted remote attackers
to have unspecified remote attack vectors and impact. (CVE-2007-3472)
The gdImageCreateXbm function in the GD Graphics Library (libgd)
before 2.0.35 allows user-assisted remote attackers to cause a denial
of service (crash) via unspecified vectors involving a gdImageCreate
failure. (CVE-2007-3473)
Multiple unspecified vulnerabilities in the GIF reader in the
GD Graphics Library (libgd) before 2.0.35 allow user-assisted
remote attackers to have unspecified attack vectors and
impact. (CVE-2007-3474)
The GD Graphics Library (libgd) before 2.0.35 allows user-assisted
remote attackers to cause a denial of service (crash) via a GIF image
that has no global color map. (CVE-2007-3475)
Array index error in gd_gif_in.c in the GD Graphics Library (libgd)
before 2.0.35 allows user-assisted remote attackers to cause
a denial of service (crash and heap corruption) via large color
index values in crafted image data, which results in a segmentation
fault. (CVE-2007-3476)
The (a) imagearc and (b) imagefilledarc functions in GD Graphics
Library (libgd) before 2.0.35 allows attackers to cause a denial
of service (CPU consumption) via a large (1) start or (2) end angle
degree value. (CVE-2007-3477)
Race condition in gdImageStringFTEx (gdft_draw_bitmap) in gdft.c in the
GD Graphics Library (libgd) before 2.0.35 allows user-assisted remote
attackers to cause a denial of service (crash) via unspecified vectors,
possibly involving truetype font (TTF) support. (CVE-2007-3478)
Libgd2 has a denial of service vulnerability involving the incorrect
validation of PNG callback results. If an application that is linked
against libgd2 is used to process a specially-crafted PNG file,
a denial of service involving CPU resource consumption can be
caused.
A format string vulnerability has been discovered in gedit. Calling
the program with specially crafted file names caused a buffer
overflow, which could be exploited to execute arbitrary code with the
privileges of the gedit user.
Kalle Olavi Niemitalo discovered two boundary errors in fsplib code
included in gFTP when processing overly long directory or file names. A
remote attacker could trigger these vulnerabilities by enticing a user to
download a file with a specially crafted directory or file name, possibly
resulting in the execution of arbitrary code (CVE-2007-3962) or a Denial of
Service (CVE-2007-3961).
The gimp image editor has several vulnerabilities, including
a problem where it can open PSD files with excessive dimensions
and a possible stack overflow in the Sunras loader.
Jens Askengren discovered that gnome-screensaver became confused when
running under Compiz, and could lose keyboard lock focus. A local
attacker could exploit this to bypass the user's locked screen saver.
Tavis Ormandy of the Google Security Team discovered two denial of service
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to hang or
crash.
Tavis Ormandy of the Google Security Team discovered several code execution
flaws in the way gzip expanded archive files. If a victim expanded a
specially crafted archive, it could cause the gzip executable to crash or
execute arbitrary code.
Kronolith contains a mistake in lib/FBView.php where a raw, unfiltered
string is used instead of a sanitized string to view local files. An
authenticated attacker could craft an HTTP GET request that uses directory
traversal techniques to execute any file on the web server as PHP code,
which could allow information disclosure or arbitrary code execution with
the rights of the user running the PHP application (usually the webserver
user).
Kees Cook discovered a flaw in the way the hplip hpssd daemon handled user
input. A local attacker could send a specially crafted request to the hpssd
daemon, possibly allowing them to run arbitrary commands as the root user.
The ImageMagick image decoders have multiple vulnerabilities.
If a user can be tricked into processing a specially crafted
DCM, DIB, XBM, XCF, or XWD image, arbitrary code may be executed with
the user's privileges.
Multiple integer overflows in ImageMagick before 6.3.3-5 allow remote
attackers to execute arbitrary code via (1) a crafted DCM image, which
results in a heap-based overflow in the ReadDCMImage function, or (2) the
(a) colors or (b) comments field in a crafted XWD image, which results in a
heap-based overflow in the ReadXWDImage function, different issues than
CVE-2007-1667.
The _LoadBMP function in imlib 1.9.15 and earlier allows context-dependent attackers to cause a denial of service (infinite loop) via a BMP image with a Bits Per Page (BPP) value of 0.
The jpc_qcx_getcompparms function in jpc/jpc_cs.c could allow remote
user-assisted attackers to cause a denial of service (crash) and possibly
corrupt the heap via malformed image files.
java has multiple vulnerabilities, these include:
an RSA exponent padding attack vulnerability, two vulnerabilities
which allow untrusted applets to access data in other applets,
vulnerabilities that involve applets gaining privileges due to
serialization bugs in the JRE and buffer overflows in the java image
handling routines that can give attackers read/write/execute capabilities
for local files.
The Javadoc tool was able to generate HTML documentation pages that
contained cross-site scripting (XSS) vulnerabilities. A remote attacker
could use this to inject arbitrary web script or HTML. (CVE-2007-3503)
The Java Web Start URL parsing component contained a buffer overflow
vulnerability within the parsing code for JNLP files. A remote attacker
could create a malicious JNLP file that could trigger this flaw and execute
arbitrary code when opened. (CVE-2007-3655)
The JSSE component did not correctly process SSL/TLS handshake requests. A
remote attacker who is able to connect to a JSSE-based service could
trigger this flaw leading to a denial-of-service. (CVE-2007-3698)
A flaw was found in the applet class loader. An untrusted applet could use
this flaw to circumvent network access restrictions, possibly connecting to
services hosted on the machine that executed the applet. (CVE-2007-3922)
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier,
JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier,
and SDK and JRE 1.3.1_20 and earlier, when applet caching is enabled,
allows remote attackers to violate the security model for an applet's
outbound connections via a DNS rebinding attack. (CVE-2007-5232)
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0
Update 12 and earlier, and SDK and JRE 1.4.2_15 and earlier does not
properly enforce access restrictions for untrusted applications, which
allows user-assisted remote attackers to obtain sensitive information (the
Java Web Start cache location) via an untrusted application, aka "three
vulnerabilities." (CVE-2007-5238)
Java Web Start in Sun JDK and JRE 6 Update 2 and earlier, JDK and JRE 5.0
Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier, and SDK and JRE
1.3.1_20 and earlier does not properly enforce access restrictions for
untrusted (1) applications and (2) applets, which allows user-assisted
remote attackers to copy or rename arbitrary files when local users perform
drag-and-drop operations from the untrusted application or applet window
onto certain types of desktop applications. (CVE-2007-5239)
Visual truncation vulnerability in the Java Runtime Environment in Sun JDK
and JRE 6 Update 2 and earlier, JDK and JRE 5.0 Update 12 and earlier, SDK
and JRE 1.4.2_15 and earlier, and SDK and JRE 1.3.1_20 and earlier allows
remote attackers to circumvent display of the untrusted-code warning banner
by creating a window larger than the workstation screen. (CVE-2007-5240)
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier,
JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier,
and SDK and JRE 1.3.1_20 and earlier, when an HTTP proxy server is used,
allows remote attackers to violate the security model for an applet's
outbound connections via a multi-pin DNS rebinding attack in which the
applet download relies on DNS resolution on the proxy server, but the
applet's socket operations rely on DNS resolution on the local machine, a
different issue than CVE-2007-5274. NOTE: this is similar to
CVE-2007-5232. (CVE-2007-5273)
Sun Java Runtime Environment (JRE) in JDK and JRE 6 Update 2 and earlier,
JDK and JRE 5.0 Update 12 and earlier, SDK and JRE 1.4.2_15 and earlier,
and SDK and JRE 1.3.1_20 and earlier, when Firefox or Opera is used, allows
remote attackers to violate the security model for JavaScript outbound
connections via a multi-pin DNS rebinding attack dependent on the
LiveConnect API, in which JavaScript download relies on DNS resolution by
the browser, but JavaScript socket operations rely on separate DNS
resolution by a Java Virtual Machine (JVM), a different issue than
CVE-2007-5273. NOTE: this is similar to CVE-2007-5232. (CVE-2007-5274)
An integer overflow vulnerability exists in the embedded ICC profile
image parser (CVE-2007-2788), an unspecified vulnerability exists in
the font parsing implementation (CVE-2007-4381), and an error exists
when processing XSLT stylesheets contained in XSLT Transforms in XML
signatures (CVE-2007-3716), among other vulnerabilities.
The kdebase package is vulnerable to a denial of service in which a local user can render KDM unusable for logins by any user or cause KDM to exceed system resource limits.
Kate / Kwrite, as shipped with KDE 3.2.x up to including 3.4.0, creates a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. See this advisory for more information.
The IA32 system call emulation functionality in Linux kernel 2.4.x and
2.6.x before 2.6.22.7, when running on the x86_64 architecture, does not
zero extend the eax register after the 32bit entry path to ptrace is used,
which might allow local users to gain privileges by triggering an
out-of-bounds access to the system call table using the %RAX register.
The snd_mem_proc_read function in sound/core/memalloc.c in the Advanced
Linux Sound Architecture (ALSA) in the Linux kernel before 2.6.22.8 does
not return the correct write size, which allows local users to obtain
sensitive information (kernel memory contents) via a small count argument,
as demonstrated by multiple reads of /proc/driver/snd-page-alloc.
Sridhar Samudrala discovered a local denial of service vulnerability
in the handling of SCTP sockets. By opening such a socket with a
special SO_LINGER value, a local attacker could exploit this to crash
the kernel. (CVE-2006-4535)
Kirill Korotaev discovered that the ELF loader on the ia64 and sparc
platforms did not sufficiently verify the memory layout. By attempting
to execute a specially crafted executable, a local user could exploit
this to crash the kernel. (CVE-2006-4538)
The netlink protocol has an infinite recursion bug that allows users to
cause a kernel crash. Also the IPv6 protocol allows remote attackers to
cause a denial of service via crafted IPv6 type 0 route headers
(IPV6_RTHDR_TYPE_0) that create network amplification between two routers.
The Minix filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly
other versions, allows local users to cause a denial of service (hang) via
a malformed minix file stream that triggers an infinite loop in the
minix_bmap function. NOTE: this issue might be due to an integer overflow
or signedness error.
Integer underflow in the ieee80211_rx function in
net/ieee80211/ieee80211_rx.c in the Linux kernel 2.6.x before 2.6.23 allows
remote attackers to cause a denial of service (crash) via a crafted SKB
length value in a runt IEEE 802.11 frame when the IEEE80211_STYPE_QOS_DATA
flag is set, aka an "off-by-two error."
Ilja van Sprundel discovered that Bluetooth setsockopt calls could leak
kernel memory contents via an uninitialized stack buffer. A local attacker
could exploit this flaw to view sensitive kernel information.
(CVE-2007-1353)
The GEODE-AES driver did not correctly initialize its encryption key.
Any data encrypted using this type of device would be easily compromised.
(CVE-2007-2451)
The random number generator was hashing a subset of the available
entropy, leading to slightly less random numbers. Additionally, systems
without an entropy source would be seeded with the same inputs at boot
time, leading to a repeatable series of random numbers. (CVE-2007-2453)
The wait_task_stopped function in the Linux kernel before 2.6.23.8 checks a TASK_TRACED bit instead of an exit_state value, which allows local users to cause a denial of service (machine crash) via unspecified vectors.
The tcp_sacktag_write_queue function in net/ipv4/tcp_input.c in Linux kernel 2.6.21 through 2.6.23.7, and 2.6.24-rc through 2.6.24-rc2, allows remote attackers to cause a denial of service (crash) via crafted ACK responses that trigger a NULL pointer dereference.
Previous versions of the kernel package are subject to several
vulnerabilities. Certain malformed UDF filesystems can cause the system to
crash (denial of service). Malformed CDROM firmware or USB storage devices
(such as USB keys) could cause system crash (denial of service), and if
they were intentionally malformed, can cause arbitrary code to run with
elevated privileges. In addition, the SCTP protocol is subject to a remote
system crash (denial of service) attack.
A typo in Linux kernel 2.6 before 2.6.21-rc6 and 2.4 before 2.4.35 causes
RTA_MAX to be used as an array size instead of RTN_MAX, which leads to an
"out of bound access" by the (1) dn_fib_props (dn_fib.c, DECNet) and (2)
fib_props (fib_semantics.c, IPv4) functions. (CVE-2007-2172)
mm/mmap.c in the hugetlb kernel, when run on PowerPC systems, does not
prevent stack expansion from entering into reserved kernel page memory,
which allows local users to cause a denial of service (OOPS) via
unspecified vectors. (CVE-2007-3739)
The (1) aac_cfg_open and (2) aac_compat_ioctl functions in the SCSI layer
ioctl path in aacraid in the Linux kernel before 2.6.23-rc2 do not check
permissions for ioctls, which might allow local users to cause a denial of
service or gain privileges. (CVE-2007-4308)
Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier
allows remote attackers to cause a denial of service (crash) and possibly
execute arbitrary code via long SMB responses that trigger the overflows in
the SendReceive function.
A security issue has been reported in Linux kernel due to an error in
drivers/isdn/i4l/isdn_ppp.c as the "isdn_ppp_ccp_reset_alloc_state()"
function never initializes an event timer before scheduling it with the
"add_timer()" function.
The mincore function in the kernel does not properly lock access to user
space, which has unspecified impact and attack vectors, possibly related to
a deadlock.
Another vulnerability has been reported in Linux kernel caused by a
boundary error within the handling of incoming CAPI messages in
net/bluetooth/cmtp/capi.c. This can be exploited to overwrite certain
Kernel data structures.
The drm/i915 component in the Linux kernel before 2.6.22.2, when used with
i965G and later chipsets, allows local users with access to an X11 session
and Direct Rendering Manager (DRM) to write to arbitrary memory locations
and gain privileges via a crafted batchbuffer. (CVE-2007-3851)
Linux kernel 2.4.35 and other versions allows local users to send arbitrary
signals to a child process that is running at higher privileges by causing
a setuid-root parent process to die, which delivers an attacker-controlled
parent process death signal (PR_SET_PDEATHSIG). (CVE-2007-3848)
Stack-based buffer overflow in the random number generator (RNG)
implementation in the Linux kernel before 2.6.22 might allow local root
users to cause a denial of service or gain privileges by setting the
default wakeup threshold to a value greater than the output pool size,
which triggers writing random numbers to the stack by the pool transfer
function involving "bound check ordering". NOTE: this issue might only
cross privilege boundaries in environments that have granular assignment of
privileges for root. (CVE-2007-3105)
The sysfs_readdir function in the Linux kernel 2.6 allows local users to
cause a denial of service (kernel OOPS) by dereferencing a null pointer to
an inode in a dentry. (CVE-2007-3104)
The CIFS filesystem, when Unix extension support is enabled, did not honor
the umask of a process, which allowed local users to gain
privileges.(CVE-2007-3740)
The Linux kernel checked the wrong global variable for the CIFS sec mount
option, which might allow remote attackers to spoof CIFS network traffic
that the client configured for security signatures, as demonstrated by lack
of signing despite sec=ntlmv2i in a SetupAndX request. (CVE-2007-3843)
Buffer overflow in the isdn_net_setcfg function in isdn_net.c in the Linux
kernel allowed local users to have an unknown impact via a crafted argument
to the isdn_ioctl function. (CVE-2007-6063)
David Coffey discovered an uninitialized pointer free flaw in the
RPC library used by kadmind. A remote unauthenticated attacker who
could access kadmind could trigger the flaw causing kadmind to crash
or possibly execute arbitrary code (CVE-2007-2442).
David Coffey also discovered an overflow flaw in the same RPC library.
A remote unauthenticated attacker who could access kadmind could
trigger the flaw causing kadmind to crash or possibly execute arbitrary
code (CVE-2007-2443).
Finally, a stack buffer overflow vulnerability was found in kadmind
that allowed an unauthenticated user able to access kadmind the
ability to trigger the vulnerability and possibly execute arbitrary
code (CVE-2007-2798).
The kdamind daemon can, in some situations, perform operations on uninitialized pointers. This bug could conceivably open up the system to a code execution attack by an unauthenticated remote attacker, but it appears to be difficult to exploit. See this advisory for details.
Some kerberos applications fail to check the results of setuid() calls, with the result that, if that call fails, they could continue to execute as root after thinking they had switched to a nonprivileged user. A local attacker who can cause these calls to fail (through resource exhaustion, presumably) could exploit this bug to gain root privileges.
Tenable Network Security discovered a stack buffer overflow flaw in the RPC
library used by kadmind. A remote unauthenticated attacker who can access
kadmind could trigger this flaw and cause kadmind to crash.
Garrett Wollman discovered an uninitialized pointer flaw in kadmind. A
remote unauthenticated attacker who can access kadmind could trigger this
flaw and cause kadmind to crash.
A flaw was found in the username handling of the MIT krb5 telnet daemon
(telnetd). A remote attacker who can access the telnet port of a target
machine could log in as root without requiring a password. MIT krb5 Security Advisory 2007-001
Buffer overflows were found which affect the Kerberos KDC and the kadmin
server daemon. A remote attacker who can access the KDC could exploit this
bug to run arbitrary code with the privileges of the KDC or kadmin server
processes. MIT krb5 Security Advisory
2007-002
Stefan Cornelius from Secunia Research discovered that the
"parseIrcUrl()" function in file src/kvirc/kernel/kvi_ircurl.cpp does
not properly sanitize parts of the URI when building the command for
KVIrc's internal script system.
Stack-based buffer overflow in Little CMS (lmcs) before 1.15 allows remote
attackers to execute arbitrary code or cause a denial of service
(application crash) via a crafted ICC profile in a JPG file.
mirror --script in lftp before 3.5.9 does not properly quote shell
metacharacters, which might allow remote user-assisted attackers to execute
shell commands via a malicious script. NOTE: it is not clear whether this
issue crosses security boundaries, since the script already supports
commands such as "get" which could overwrite executable files.
libarchive, a library for manipulating different streaming archive
formats, has a number of pax extension header vulnerabilities.
These may be used to cause a denial of service or for the execution
of arbitrary code.
Integer overflow in the exif_data_load_data_entry function in exif-data.c
in libexif before 0.6.14 allows user-assisted remote attackers to cause a
denial of service (crash) or possibly execute arbitrary code via crafted
EXIF data, involving the (1) doff or (2) s variable.
From the Red Hat advisory: An integer overflow flaw was found in the way libexif parses Exif image
tags. If a victim opens a carefully crafted Exif image file, it could cause
the application linked against libexif to execute arbitrary code, or crash.
From the Red Hat advisory: An infinite recursion flaw was found in the way libexif parses Exif image
tags. If a victim opens a carefully crafted Exif image file, it could cause
the application linked against libexif to crash.
The GD library does not perform proper bounds checking when creating images; as a result, an attacker could, via crafted input, potentially execute arbitrary code.
Luigi Auriemma has reported various boundary errors in load_it.cpp and
a boundary error in the "CSoundFile::ReadSample()" function in
sndfile.cpp. A remote attacker can entice a user to read crafted modules
or ITP files, which may trigger a buffer overflow resulting in the
execution of arbitrary code with the privileges of the user running the
application.
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21
allow remote attackers to cause a denial of service (crash) via crafted (1)
pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt
(png_push_read_tEXt), (4) iTXt (png_handle_iTXt), and (5) ztXT
(png_handle_ztXt) chunking in PNG images, which trigger out-of-bounds read
operations. (CVE-2007-5269)
pngrtran.c in libpng before 1.0.29 and 1.2.x before 1.2.21 use (1) logical
instead of bitwise operations and (2) incorrect comparisons, which might
allow remote attackers to cause a denial of service (crash) via a crafted
PNG image. (CVE-2007-5268)
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function
in pngset.c in libpng before 1.2.22 beta1 allows remote attackers to cause
a denial of service (crash) via a crafted PNG image, due to an incorrect
fix for CVE-2007-5266. (CVE-2007-5267)
Off-by-one error in ICC profile chunk handling in the png_set_iCCP function
in pngset.c in libpng before 1.0.29 beta1 and 1.2.x before 1.2.21 beta1
allows remote attackers to cause a denial of service (crash) via a crafted
PNG image that prevents a name field from being NULL terminated.
(CVE-2007-5266)
In pngrutil.c, the function png_decompress_chunk() allocates
insufficient space for an error message, potentially overwriting stack
data, leading to a buffer overflow.
A heap based buffer overflow bug was found in the way libpng strips alpha
channels from a PNG image. An attacker could create a carefully crafted PNG
image file in such a way that it could cause an application linked with
libpng to crash or execute arbitrary code when the file is opened by a
victim.
Heap-based buffer overflow in libsndfile 1.0.17 and earlier might allow
remote attackers to execute arbitrary code via a FLAC file with crafted PCM
data containing a block with a size that exceeds the previous block size.
The t2p_write_pdf_string function in libtiff 3.8.2 and earlier is vulnerable
to a buffer overflow. Attackers can use a TIFF file with UTF-8 characters
in the DocumentName tag to overflow a buffer, causing a denial of service,
and possibly the execution of arbitrary code.
libvorbis has a number of vulnerabilities that can be triggered by
opening a specially crafted Ogg file. Vulnerabilities include
crashing and the execution of arbitrary code.
Yuuichi Teranishi discovered a flaw in libxml2 versions prior to 2.6.6.
When fetching a remote resource via FTP or HTTP, libxml2 uses special
parsing routines. These routines can overflow a buffer if passed a very
long URL. If an attacker is able to find an application using libxml2 that
parses remote resources and allows them to influence the URL, then this
flaw could be used to execute arbitrary code.
libxml2 prior to version 2.6.14 has multiple buffer overflow
vulnerabilities, if a local user passes a specially crafted
FTP URL, arbitrary code may be executed.
The lighttpd web server has multiple vulnerabilities involving
a remote access-control setting circumvention that is performed
by the sending of malformed requests. This can be used to crash
the server and cause a denial of service.
Blake Frantz discovered that when a core file owned by a non-root user exists, and a root-owned process dumps core over it, the core file retains its original ownership. This could be used by a local user to gain access to sensitive information. (CVE-2007-6206)
Hugh Dickins discovered an issue in the tmpfs filesystem where, under a rare circumstance, a kernel page maybe improperly cleared, leaking sensitive kernel memory to userspace or resulting in a DoS (crash). (CVE-2007-6417)
Neel Mehta and Ryan Smith discovered that the VMWare Player DHCP server
did not correctly handle certain packet structures. Remote attackers
could send specially crafted packets and gain root privileges.
(CVE-2007-0061, CVE-2007-0062, CVE-2007-0063)
Rafal Wojtczvk discovered multiple memory corruption issues in VMWare
Player. Attackers with administrative privileges in a guest operating
system could cause a denial of service or possibly execute arbitrary
code on the host operating system. (CVE-2007-4496, CVE-2007-4497)
An arbitrary command execute bug was found in the lynx "lynxcgi:" URI
handler. An attacker could create a web page redirecting to a malicious URL
which could execute arbitrary code as the user running lynx.
The MadWifi driver for Atheros Wireless Lan cards
does not process beacon frames correctly. This can be
used by a remote attacker to cause a denial of service.
CVE-2007-4542: Multiple cross-site scripting (XSS) vulnerabilities in MapServer before 4.10.3 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors involving the (1) processLine function in maptemplate.c and the (2) writeError function in mapserv.c in the mapserv CGI program.
CVE-2007-4629: Buffer overflow in the processLine function in maptemplate.c in MapServer before 4.10.3 allows attackers to cause a denial of service and possibly execute arbitrary code via a mapfile with a long layer name, group name, or metadata entry name.
From the Red Hat advisory: "Versions of mod_jk before 1.2.23 decoded request URLs by default inside
Apache httpd and forwarded the encoded URL to Tomcat, which itself did a
second decoding. If Tomcat was used behind mod_jk and configured to only
proxy some contexts, an attacker could construct a carefully crafted HTTP
request to work around the context restriction and potentially access
non-proxied content."
A flaw was discovered in MoinMoin's error reporting when using the
AttachFile action. By tricking a user into viewing a crafted MoinMoin
URL, an attacker could execute arbitrary JavaScript as the current
MoinMoin user, possibly exposing the user's authentication information
for the domain where MoinMoin was hosted.
A cross-site scripting (XSS) vulnerability in index.php in Moodle 1.7.1
allows remote attackers to inject arbitrary web script or HTML via a style
expression in the search parameter.
MPlayer versions up to 1.0rc1 have a buffer overflow in the
loader/dmo/DMO_VideoDecoder.c DMO_VideoDecoder_Open function.
user-assisted remote attackers can use this to create a buffer overflow
and possibly execute arbitrary code.
From the Gentoo advisory: nnp discovered multiple vulnerabilities in the XML-RPC handler in the
file webserver.c. The ws_addarg() function contains a format string
vulnerability, as it does not properly sanitize username and password
data from the "Authorization: Basic" HTTP header line (CVE-2007-5825).
The ws_decodepassword() and ws_getheaders() functions do not correctly
handle empty Authorization header lines, or header lines without a ':'
character, leading to NULL pointer dereferences (CVE-2007-5824).
The convert_search_mode_to_innobase function in ha_innodb.cc in the InnoDB engine in MySQL 5.1.23-BK and earlier allows remote authenticated users to cause a denial of service (database crash) via a certain CONTAINS operation on an indexed column, which triggers an assertion error.
MySQL subselect queries using "ORDER BY" can be used by an attacker with
access to a MySQL instance in order to create an intermittent denial
of service.
Jean-David Maillefer discovered a format string bug in the
date_format() function's error reporting. By calling the function with
invalid arguments, an authenticated user could exploit this to crash
the server.
MySQL 4.1 before 4.1.21 and 5.0 before 5.0.24 allows a local user to access
a table through a previously created MERGE table, even after the user's
privileges are revoked for the original table, which might violate intended
security policy (CVE-2006-4031).
MySQL 4.1 before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run
on case-sensitive filesystems, allows remote authenticated users to create
or access a database when the database name differs only in case from a
database for which they have permissions (CVE-2006-4226).
From the CVE entry: MySQL 5.0.x before 5.0.52, 5.1.x before 5.1.23, and 6.0.x before 6.0.4 does not update the DEFINER value of a view when the view is altered, which allows remote authenticated users to gain privileges via a sequence of statements including a CREATE SQL SECURITY DEFINER VIEW statement and an ALTER VIEW statement.
MySQL 5.0.18 and earlier allows local users to bypass logging mechanisms
via SQL queries that contain the NULL character, which are not properly
handled by the mysql_real_query function. NOTE: this issue was originally
reported for the mysql_query function, but the vendor states that since
mysql_query expects a null character, this is not an issue for mysql_query.
MySQL Community Server before 5.0.51, when a table relies on symlinks created through explicit DATA DIRECTORY and INDEX DIRECTORY options, allows remote authenticated users to overwrite system table information and gain privileges via a RENAME TABLE statement that changes the symlink to point to an existing file. (CVE-2007-5969)
MySQL Community Server before 5.0.45 does not require privileges such as SELECT for the source table in a CREATE TABLE LIKE statement, which allows remote authenticated users to obtain sensitive information such as the table structure. (CVE-2007-3781)
The in_decimal::set function in item_cmpfunc.cc in MySQL before 5.0.40, and
5.1 before 5.1.18-beta, allows context-dependent attackers to cause a
denial of service (crash) via a crafted IF clause that results in a
divide-by-zero error and a NULL pointer dereference. (CVE-2007-2583)
MySQL before 4.1.23, 5.0.x before 5.0.42, and 5.1.x before 5.1.18 does not
require the DROP privilege for RENAME TABLE statements, which allows remote
authenticated users to rename arbitrary tables. (CVE-2007-2691)
The mysql_change_db function in MySQL 5.0.x before 5.0.40 and 5.1.x before
5.1.18 does not restore THD::db_access privileges when returning from SQL
SECURITY INVOKER stored routines, which allows remote authenticated users
to gain privileges. (CVE-2007-2692)
MySQL Community Server before 5.0.45 allows remote authenticated users to
gain update privileges for a table in another database via a view that
refers to this external table. (CVE-2007-3782)
Philip Stoev discovered that the the federated engine of MySQL
did not properly handle responses with a small number of columns.
An authenticated user could use a crafted response to a SHOW
TABLE STATUS query and cause a denial of service.
Cross-site scripting (XSS) vulnerability in Nagios 2.x before 2.10 allows remote attackers to inject arbitrary web script or HTML via unknown vectors to unspecified CGI scripts.
Buffer overflow in the redir function in check_http.c in Nagios Plugins
before 1.4.10 allows remote web servers to execute arbitrary code via long
Location header responses (redirects).
Buffer overflow in the check_snmp function in Nagios Plugins (nagios-plugins) 1.4.10 allows remote attackers to cause a denial of service (crash) via crafted snmpget replies.
Kurt Fitzner discovered that the NBD (network block device) server did not
correctly verify the maximum size of request packets. By sending specially
crafted large request packets, a remote attacker who is allowed to access
the server could exploit this to execute arbitrary code with root
privileges.
A flaw was discovered in the way net-snmp handled certain requests. A
remote attacker who can connect to the snmpd UDP port (161 by default)
could send a malicious packet causing snmpd to crash, resulting in a
denial of service.
Nginx [engine x] is an HTTP(S) server, HTTP(S) reverse proxy and IMAP/POP3
proxy server written by Igor Sysoev. The "msie_refresh" directive could
allow cross site scripting.
Josh Burley reported that nss_ldap does not properly handle the LDAP
connections due to a race condition that can be triggered by
multi-threaded applications using nss_ldap, which might lead to
requested data being returned to a wrong process.
From the Red Hat advisory: A flaw was discovered in the way opal handled certain Session Initiation
Protocol (SIP) packets. An attacker could use this flaw to crash an
application, such as Ekiga, which is linked with opal. (CVE-2007-4924)
The OpenLDAP Lightweight Directory Access Protocol suite has a problem
with handling of malformed objectClasses LDAP attributes by the slapd
daemon. Both local and remote attackers can use this to crash slapd,
causing a denial of service.
slapo-pcache (overlays/pcache.c) in slapd in OpenLDAP before 2.3.39, when
running as a proxy-caching server, allocates memory using a malloc variant
instead of calloc, which prevents an array from being initialized properly
and might allow attackers to cause a denial of service (segmentation fault)
via unknown vectors that prevent the array from being null terminated.
A heap overflow vulnerability has been discovered in the TIFF parsing
code of the OpenOffice.org suite. The parser uses untrusted values
from the TIFF file to calculate the number of bytes of memory to
allocate. A specially crafted TIFF image could trigger an integer
overflow and subsequently a buffer overflow that could cause the
execution of arbitrary code.
A security vulnerability in HSQLDB, the default database engine shipped with OpenOffice.org 2 (all versions), may allow attackers to execute arbitrary static Java code, by manipulating database documents to be opened by a user.
Openssh 4.4 fixes some
security issues, including a pre-authentication denial of service, an
unsafe signal hander and on portable OpenSSH a GSSAPI authentication abort
could be used to determine the validity of usernames on some platforms.
Off-by-one error in the DTLS implementation in OpenSSL 0.9.8 before 0.9.8f
and 0.9.7 allows remote attackers to execute arbitrary code via unspecified
vectors.
From the Debian advisory: An off-by-one error has been identified in the SSL_get_shared_ciphers()
routine in the libssl library from OpenSSL, an implementation of Secure
Socket Layer cryptographic libraries and utilities. This error could
allow an attacker to crash an application making use of OpenSSL's libssl
library, or potentially execute arbitrary code in the security context
of the user running such an application.
The Opera browser has multiple vulnerabilities.
The JavaScript engine is vulnerable to a virtual function call on an invalid pointer that can be triggered by specially crafted JavaScript.
A freed pointer in the BitTorrent support may be
accessed, this can be used for malicious code execution.
The browser is vulnerable to several memory read protection
errors. There are URI display errors that can be used to trick
users into visiting arbitrary web sites.
PCRE has flaws in the way it handles malformed regular
expressions.
If an application linked against PCRE, such as Konqueror,
encounters a maliciously created regular expression, it may be possible
to run arbitrary code. Vulnerabilities CVE-2005-4872 and CVE-2006-7227
have been combined into CVE-2006-7224.
Multiple flaws were found in the way pcre handles certain malformed regular
expressions. If an application linked against pcre, such as Konqueror,
parses a malicious regular expression, it may be possible to run arbitrary
code as the user running the application. (CVE-2007-1659, CVE-2007-1660)
Specially crafted regular expressions could lead to buffer overflows in the pcre library. Applications using pcre to process regular expressions from untrusted sources could therefore potentially be exploited by attackers to execute arbitrary code as the user running the application.
Perl-Compatible Regular Expression (PCRE) library before 7.3 reads past the
end of the string when searching for unmatched brackets and parentheses,
which allows context-dependent attackers to cause a denial of service
(crash), possibly involving forward references. (CVE-2007-1662)
Heap-based buffer overflow in Perl-Compatible Regular Expression (PCRE)
library before 7.3 allows context-dependent attackers to execute arbitrary
code via a singleton Unicode sequence in a character class in a regex
pattern, which is incorrectly optimized. (CVE-2007-4768)
A heap-based buffer overflow in the handshakeHTTP function in servhs.cpp in PeerCast 0.1217 and earlier, and SVN 344 and earlier, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long SOURCE request.
The file_exists and imap_reopen functions in PHP before 5.1.5 do not check
for the safe_mode and open_basedir settings, which allows local users to
bypass the settings (CVE-2006-4481).
A buffer overflow in the LWZReadByte function in ext/gd/libgd/gd_gif_in.c
in the GD extension in PHP before 5.1.5 allows remote attackers to have an
unknown impact via a GIF file with input_code_size greater than
MAX_LWZ_BITS, which triggers an overflow when initializing the table array
(CVE-2006-4484).
The stripos function in PHP before 5.1.5 has unknown impact and attack
vectors related to an out-of-bounds read (CVE-2006-4485).
Various integer overflow flaws were found in the PHP gd extension. A
script that could be forced to resize images from an untrusted source could
possibly allow a remote attacker to execute arbitrary code as the apache
user. (CVE-2007-3996)
A previous security update introduced a bug into PHP session cookie
handling. This could allow an attacker to stop a victim from viewing a
vulnerable web site if the victim has first visited a malicious web page
under the control of the attacker, and that page can set a cookie for the
vulnerable web site. (CVE-2007-4670)
A flaw was found in the PHP money_format function. If a remote attacker
was able to pass arbitrary data to the money_format function this could
possibly result in an information leak or denial of service. Note that is
is unusual for a PHP script to pass user-supplied data to the money_format
function. (CVE-2007-4658)
A flaw was found in the PHP wordwrap function. If a remote attacker was
able to pass arbitrary data to the wordwrap function this could possibly
result in a denial of service. (CVE-2007-3998)
A bug was found in PHP session cookie handling. This could allow an
attacker to create a cross-site cookie insertion attack if a victim follows
an untrusted carefully-crafted URL. (CVE-2007-3799)
A flaw was found in handling of dynamic changes to global variables. A
script which used certain functions which change global variables could
be forced to enable the register_globals configuration option, possibly
resulting in global variable injection. (CVE-2007-4659)
An integer overflow flaw was found in the PHP chunk_split function. If a
remote attacker was able to pass arbitrary data to the third argument of
chunk_split they could possibly execute arbitrary code as the apache user.
Note that it is unusual for a PHP script to use the chunk_split function
with a user-supplied third argument. (CVE-2007-4661)
The Hardened-PHP Project discovered buffer overflows in
htmlentities/htmlspecialchars internal routines to the PHP Project. Of
course the whole purpose of these functions is to be filled with user
input. (The overflow can only be when UTF-8 is used)
Multiple integer overflows in PHP 4 before 4.4.8, and PHP 5 before 5.2.4,
allow remote attackers to obtain sensitive information (memory contents) or
cause a denial of service (thread crash) via a large len value to the (1)
strspn or (2) strcspn function, which triggers an out-of-bounds read. NOTE:
this affects different product versions than CVE-2007-3996.
(CVE-2007-4657)
Unspecified vulnerability in the chunk_split function in PHP before 5.2.4
has unknown impact and attack vectors, related to an incorrect size
calculation. (CVE-2007-4660)
Buffer overflow in the php_openssl_make_REQ function in PHP before 5.2.4
has unknown impact and attack vectors. (CVE-2007-4662)
The php5 package contains multiple vulnerabilities, the most serious of which involve several Denial of Service attacks (application crashes and temporary application hangs). It is not currently known that these vulnerabilities can be exploited to execute malicious code.
It was discovered that phpbb2, a web based bulletin board, insufficiently
sanitizes values passed to the "Font Color 3" setting, which might lead to
the execution of injected code by admin users.
The phpbb2 web forum has a number of vulnerabilities including:
a web script injection problem, a protection mechanism bypass, a
security check bypass, a remote global variable bypass, cross site
scripting vulnerabilities, an SQL injection vulnerability,
a remote regular expression modification problem, missing input
sanitizing, and a missing request validation problem.
Several remote vulnerabilities have been discovered in phpMyAdmin, a
program to administrate MySQL over the web. The Common Vulnerabilities
and Exposures project identifies the following problems:
CVE-2007-1325:
The PMA_ArrayWalkRecursive function in libraries/common.lib.php
does not limit recursion on arrays provided by users, which allows
context-dependent attackers to cause a denial of service (web
server crash) via an array with many dimensions.
CVE-2007-1395:
Incomplete blacklist vulnerability in index.php allows remote
attackers to conduct cross-site scripting (XSS) attacks by
injecting arbitrary JavaScript or HTML in a (1) db or (2) table
parameter value followed by an uppercase </SCRIPT> end tag,
which bypasses the protection against lowercase </script>.
CVE-2007-2245:
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary web script or HTML via (1) the
fieldkey parameter to browse_foreigners.php or (2) certain input
to the PMA_sanitize function.
CVE-2006-6942:
Multiple cross-site scripting (XSS) vulnerabilities allow remote
attackers to inject arbitrary HTML or web script via (1) a comment
for a table name, as exploited through (a) db_operations.php,
(2) the db parameter to (b) db_create.php, (3) the newname parameter
to db_operations.php, the (4) query_history_latest,
(5) query_history_latest_db, and (6) querydisplay_tab parameters to
(c) querywindow.php, and (7) the pos parameter to (d) sql.php.
CVE-2006-6944:
phpMyAdmin allows remote attackers to bypass Allow/Deny access rules
that use IP addresses via false headers.
Cross-site scripting (XSS) vulnerability in scripts/setup.php in phpMyAdmin
2.11.1, when accessed by a browser that does not URL-encode requests,
allows remote attackers to inject arbitrary web script or HTML via the
query string.
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin before
2.11.1.2 allow remote attackers to inject arbitrary web script or HTML via
certain input available in (1) PHP_SELF in (a) server_status.php, and (b)
grab_globals.lib.php, (c) display_change_password.lib.php, and (d)
common.lib.php in libraries/; and certain input available in PHP_SELF and
(2) PATH_INFO in libraries/common.inc.php. NOTE: there might also be other
vectors related to (3) REQUEST_URI.
phpMyAdmin 2.9.1.1 allows remote attackers to obtain sensitive information
via a direct request for themes/darkblue_orange/layout.inc.php, which
reveals the path in an error message.
phpMyAdmin prior to version 2.11.2.1 has an SQL injection vulnerability
in db_create.php. Remote authenticated users with CREATE DATABASE privileges can use this to execute arbitrary SQL commands via the db parameter.
db_create.php also has a related cross-site scripting vulnerability.
Remote authenticated users can inject arbitrary web scripts or HTML
using a hex-encoded IMG element in the db parameter in a POST request.
A cross-site scripting (XSS) vulnerability in sqledit.php in phpPgAdmin
4.1.1 allows remote attackers to inject arbitrary web script or HTML via
the server parameter.
The xpdf and poppler PDF libraries contain several vulnerabilities which can lead to arbitrary command execution via hostile PDF files. Numerous other applications which use these libraries (PDF viewers, CUPS, etc.) will be affected by the vulnerabilities as well.
PostgreSQL 8.1 and probably later and earlier versions, when local trust
authentication is enabled and the Database Link library (dblink) is
installed, allows remote attackers to access arbitrary accounts and execute
arbitrary SQL queries via a dblink host parameter that proxies the
connection from 127.0.0.1. (CVE-2007-3278)
PostgreSQL 8.1 and probably later and earlier versions, when the PL/pgSQL
(plpgsql) language has been created, grants certain plpgsql privileges to
the PUBLIC domain, which allows remote attackers to create and execute
functions, as demonstrated by functions that perform local brute-force
password guessing attacks, which may evade intrusion
detection. (CVE-2007-3279)
The Database Link library (dblink) in PostgreSQL 8.1 implements functions
via CREATE statements that map to arbitrary libraries based on the C
programming language, which allows remote authenticated superusers to map
and execute a function from any library, as demonstrated by using the
system function in libc.so.6 to gain shell access. (CVE-2007-3280)
From the Red Hat advisory: A memory management flaw was discovered in PWLib. An attacker could use this
flaw to crash an application, such as Ekiga, which is linked with pwlib
(CVE-2007-4897).
Multiple integer overflows in the imageop module in Python 2.5.1 and
earlier allow context-dependent attackers to cause a denial of service
(application crash) and possibly obtain sensitive information (memory
contents) via crafted arguments to (1) the tovideo method, and unspecified
other vectors related to (2) imageop.c, (3) rbgimgmodule.c, and other
files, which trigger heap-based buffer overflows.
The bgpd daemon in Quagga prior to 0.99.9 allowed remote BGP peers to cause
a denial of service crash via a malformed OPEN message or COMMUNITY
attribute.
rsync before 3.0.0pre6, when running a writable rsync daemon that is not using chroot, allows remote attackers to access restricted files via unknown vectors that cause rsync to create a symlink that points outside of the module's hierarchy.
The connect method in lib/net/http.rb in the (1) Net::HTTP and (2) Net::HTTPS libraries in Ruby 1.8.5 and 1.8.6 does not verify that the commonName (CN) field in a server certificate matches the domain name in an HTTPS request, which makes it easier for remote attackers to intercept SSL transmissions via a man-in-the-middle attack or spoofed web site.
A format string vulnerability in the mdiag_initialize function in gtk/src/rbgtkmessagedialog.c in Ruby-GNOME 2 (aka Ruby/Gnome2) 0.16.0, and SVN versions before 20071127, allows context-dependent attackers to execute arbitrary code via format string specifiers in the message parameter.
The Samba user authentication is vulnerable to a heap-based buffer overflow.
Remote unauthenticated users can use this to crash the Samba server
and cause a denial of service.
A stack buffer overflow flaw was found in the way Samba authenticates
remote users. A remote unauthenticated user could trigger this flaw to
cause the Samba server to crash, or execute arbitrary code with the
permissions of the Samba server.
Samba's mechanism for creating NetBIOS replies is vulnerable to a
buffer overflow. Samba servers that are configured to run as a
WINS server can be crashed by a remote unauthenticated user,
execution of arbitrary code may also be possible.
A flaw was found in the way squid stored HTTP headers for cached objects
in system memory. An attacker could cause squid to use additional memory,
and trigger high CPU usage when processing requests for certain cached
objects, possibly leading to a denial of service.
Subversion 1.4.3 and earlier does not properly implement the "partial
access" privilege for users who have access to changed paths but not copied
paths, which allows remote authenticated users to obtain sensitive
information (revision properties) via svn (1) propget, (2) proplist, or (3)
propedit.
An unspecified vulnerability involving an "incorrect use of system
classes" was reported by the Fujitsu security team. Additionally, Chris
Evans from the Google Security Team reported an integer overflow
resulting in a buffer overflow in the ICC parser used with JPG or BMP
files, and an incorrect open() call to /dev/tty when processing certain
BMP files.
The syslog-ng daemon does not properly handle messages containing an unterminated time stamp, resulting in the dereferencing of a NULL pointer and subsequent crash.
T1lib, an enhanced rasterizer for X11 Type 1 fonts, does
not properly perform bounds checking. An attacker can send
specially crafted input to applications linked against the library in
order to create a buffer overflow, resulting in a denial of service
or the execution of arbitrary code.
A buffer overflow in the open_sty function in mkind.c for makeindex 2.14 in
teTeX might allow user-assisted remote attackers to overwrite files and
possibly execute arbitrary code via a long filename. NOTE: other overflows
exist but might not be exploitable, such as a heap-based overflow in the
check_idx function.
Joachim Schrod discovered several buffer overflow vulnerabilities and
an insecure temporary file creation in the "dvilj" application that is
used by dvips to convert DVI files to printer formats (CVE-2007-5937,
CVE-2007-5936). Bastien Roucaries reported that the "dvips" application
is vulnerable to two stack-based buffer overflows when processing DVI
documents with long \href{} URIs (CVE-2007-5935). teTeX also includes
code from Xpdf that is vulnerable to a memory corruption and two
heap-based buffer overflows (GLSA 200711-22); and it contains code from
T1Lib that is vulnerable to a buffer overflow when processing an overly
long font filename (GLSA 200710-12).
The Tk toolkit's GIF-reading code contains a buffer overflow which could be exploited via a malicious image file. Fixes may be found in versions 8.4.12 and 8.3.5.
It was discovered that Tk could be made to overrun a buffer when loading
certain images. If a user were tricked into opening a specially crafted GIF
image, remote attackers could cause a denial of service or execute
arbitrary code with user privileges.
Jan Oravec reported that the "/usr/bin/tomboy" script sets the
"LD_LIBRARY_PATH" environment variable incorrectly, which might result
in the current working directory (.) to be included when searching for
dynamically linked libraries of the Mono Runtime application.
Note that the tomboy vulnerability was added in 2007.
Some JSPs within the 'examples' web application did not escape user
provided data. If the JSP examples were accessible, this flaw could allow a
remote attacker to perform cross-site scripting attacks (CVE-2007-2449).
Note: it is recommended the 'examples' web application not be installed on
a production system.
The Manager and Host Manager web applications did not escape user provided
data. If a user is logged in to the Manager or Host Manager web
application, an attacker could perform a cross-site scripting attack
(CVE-2007-2450).
Tomcat was found treating single quote characters -- ' -- as delimiters in
cookies. This could allow remote attackers to obtain sensitive information,
such as session IDs, for session hijacking attacks (CVE-2007-3382).
It was reported Tomcat did not properly handle the following character
sequence in a cookie: \" (a backslash followed by a double-quote). It was
possible remote attackers could use this failure to obtain sensitive
information, such as session IDs, for session hijacking attacks
(CVE-2007-3385).
A cross-site scripting (XSS) vulnerability existed in the Host Manager
Servlet. This allowed remote attackers to inject arbitrary HTML and web
script via crafted requests (CVE-2007-3386).
Absolute path traversal vulnerability in Apache Tomcat 4.0.0 through 4.0.6, 4.1.0, 5.0.0, 5.5.0 through 5.5.25, and 6.0.0 through 6.0.14, under certain configurations, allows remote authenticated users to read arbitrary files via a WebDAV write request that specifies an entity with a SYSTEM tag.
SQL injection vulnerability in the indexed_search system extension in TYPO3 3.x, 4.0 through 4.0.7, and 4.1 through 4.1.3 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.
mount and umount in util-linux call the setuid and setgid functions in the
wrong order and do not check the return values, which might allow attackers
to gain privileges via helpers such as mount.nfs.
Multiple unspecified vulnerabilities in Wireshark (formerly Ethereal) allow
remote attackers to cause a denial of service (crash) via (1) a crafted MP3
file or (2) unspecified vectors to the NCP dissector. (CVE-2007-6111)
Buffer overflow in the PPP dissector Wireshark 0.99.6 allows remote
attackers to cause a denial of service (crash) and possibly execute
arbitrary code via unknown vectors. (CVE-2007-6112)
Wireshark 0.10.12 to 0.99.6 allows remote attackers to cause a denial of
service (long loop) via a malformed DNP packet. (CVE-2007-6113)
Buffer overflow in the ANSI MAP dissector for Wireshark 0.99.5 to 0.99.6,
when running on unspecified platforms, allows remote attackers to cause a
denial of service and possibly execute arbitrary code via unknown vectors.
(CVE-2007-6115)
The Firebird/Interbase dissector in Wireshark 0.99.6 allows remote
attackers to cause a denial of service (infinite loop or crash) via unknown
vectors. (CVE-2007-6116)
The DCP ETSI dissector in Wireshark 0.99.6 allows remote attackers to cause
a denial of service (long loop and resource consumption) via unknown
vectors. (CVE-2007-6119)
The wireshark network traffic analyzer has three vulnerabilities
that can be used to create a denial of service. These include
off-by-one overflows in the iSeries dissector, vulnerabilities in
the MMS and SSL dissectors that can cause an infinite loop and
an off-by-one overflow in the DHCP/BOOTP dissector.
xorg-x11 has a number of integer and heap overflow vulnerabilities in
the xfs font server. A local attacker may be able to use these for
the execution of arbitrary code with elevated privileges.
iDefense reported an integer overflow flaw in the XFree86 XC-MISC
extension. A malicious authorized client could exploit this issue to cause
a denial of service (crash) or potentially execute arbitrary code with root
privileges on the XFree86 server. (CVE-2007-1003)
iDefense reported two integer overflows in the way X.org handled various
font files. A malicious local user could exploit these issues to
potentially execute arbitrary code with the privileges of the X.org server.
(CVE-2007-1351, CVE-2007-1352)
An integer overflow flaw was found in the XFree86 XGetPixel() function.
Improper use of this function could cause an application calling it to
function improperly, possibly leading to a crash or arbitrary code
execution. (CVE-2007-1667)
Moritz Jodeit discovered that the DirectShow loader of Xine did not
correctly validate the size of an allocated buffer. By tricking a user
into opening a specially crafted media file, an attacker could execute
arbitrary code with the user's privileges.
xine-lib does an improper input data boundary check on
MPEG streams. A specially crafted MPEG file can be
created that can cause arbitrary code execution when the
file is accessed.
xmms suffers from vulnerabilities in its handling of BMP images. Should a hostile image be included in an xmms skin, it could lead to code execution on the user's system.
The X.Org X11 xfs font server has a temp file vulnerability in the
startup script. A local user can modify the permissions of the script
in order to elevate their local privileges.
CVE-2007-1095:
Michal Zalewski discovered that the unload event handler had access to
the address of the next page to be loaded, which could allow information
disclosure or spoofing.
CVE-2007-2292:
Stefano Di Paola discovered that insufficient validation of user names
used in Digest authentication on a web site allows HTTP response splitting
attacks.
CVE-2007-3511:
It was discovered that insecure focus handling of the file upload
control can lead to information disclosure. This is a variant of
CVE-2006-2894.
CVE-2007-5334:
Eli Friedman discovered that web pages written in Xul markup can hide the
titlebar of windows, which can lead to spoofing attacks.
CVE-2007-5337:
Georgi Guninski discovered the insecure handling of smb:// and sftp:// URI
schemes may lead to information disclosure. This vulnerability is only
exploitable if Gnome-VFS support is present on the system.
CVE-2007-5338:
"moz_bug_r_a4" discovered that the protection scheme offered by XPCNativeWrappers
could be bypassed, which might allow privilege escalation.
CVE-2007-5339:
L. David Baron, Boris Zbarsky, Georgi Guninski, Paul Nickerson, Olli Pettay,
Jesse Ruderman, Vladimir Sukhoy, Daniel Veditz, and Martijn Wargers discovered
crashes in the layout engine, which might allow the execution of arbitrary code.
CVE-2007-5340:
Igor Bukanov, Eli Friedman, and Jesse Ruderman discovered crashes in the
Javascript engine, which might allow the execution of arbitrary code.
The current 2.6 prepatch is 2.6.24-rc7, released by Linus on
January 6. It contains a fair number of fixes and an implementation
of /proc/slabinfo for the SLUB allocator (which was discussed in last week's Kernel
Page). About the long release cycle, he says "I'll be charitable and
claim it's because it's all stabilizing, and not because we've all been in
a drunken stupor over the holidays." The short-form changelog can be
found in the release announcement; see the
long-format changelog for all the details.
The mainline git repository contains, as of this writing, a few dozen
post-rc7 patches.
The current stable 2.6 kernel is 2.6.23.13, released on January 9. This update is only of interest to people using the w83627ehf
hardware monitoring driver, but they should be very interested: "I
have had a private report that this bug might have caused permanent
hardware damage. There is no definitive proof at this point, but
unfortunately due to the lack of documentation I really can't rule it
out."
For older kernels: 2.6.16.58-rc1 was released on
January 6 with about a dozen fixes, a few of which are
security-related.
What guarantees that it doesn't happen before we get to callback? AFAICS,
nothing whatsoever...
And if it does happen, we'll get rdev happily freed (by rdev_free(), as
->release() of &rdev->kobj) by the time we get to delayed_delete(). Which
explains what's going on just fine.
I consider the fact that I
can spend full-time working on Linux to be a blessing. But if you
don't feel that way, my condolences, and please do what you need to do
so you can stay in your happy place.
-- Ted Ts'o shows how to respond with class
to trolls
As of this writing, the 2.6.24 kernel is getting close to a release -
though there is likely to be one more -rc version to look at first. The
rate of change has slowed significantly, though, and the final regressions
are being chased down. So it seems like a suitable time to look at the
patches which went into this kernel and where they came from.
This is, in many ways, a record-breaking development cycle. Over 10,000
individual changesets have been merged this time around, with a net growth
of almost 300,000 lines of code. 950 developers contributed this code; of
those, 358 contributed just one patch. By comparison, the previous cycle
(2.6.23) merged some 6200 patches from about 860 developers. Given that,
it's not surprising that the 2.6.24 cycle has been a little longer than
some of its predecessors.
Without further ado, here is the list of top contributors to this kernel:
Most active 2.6.24 developers
By changesets
Thomas Gleixner
362
3.6%
Bartlomiej Zolnierkiewicz
205
2.0%
Adrian Bunk
190
1.9%
Ralf Baechle
176
1.8%
Pavel Emelyanov
146
1.5%
Ingo Molnar
141
1.4%
Tejun Heo
138
1.4%
Paul Mundt
131
1.3%
Johannes Berg
119
1.2%
Al Viro
116
1.2%
Takashi Iwai
115
1.1%
Jeff Garzik
107
1.1%
David S. Miller
102
1.0%
Matthew Wilcox
97
1.0%
Jens Axboe
89
0.9%
Krzysztof Helt
89
0.9%
Stephen Hemminger
86
0.9%
Rusty Russell
86
0.9%
Alan Cox
85
0.8%
Herbert Xu
84
0.8%
By changed lines
Thomas Gleixner
46358
5.9%
Zhu Yi
35133
4.5%
Auke Kok
25861
3.3%
Michael Buesch
24480
3.1%
Ivo van Doorn
22178
2.8%
Matthew Wilcox
20416
2.6%
Adrian Bunk
19050
2.4%
Larry Finger
15003
1.9%
David S. Miller
14315
1.8%
Andy Gospodarek
13814
1.8%
Nathanael Nerode
12821
1.6%
Jeff Dike
11103
1.4%
Johannes Berg
10118
1.3%
Ralf Baechle
9555
1.2%
Scott Wood
9328
1.2%
Krzysztof Helt
8162
1.0%
Kumar Gala
8002
1.0%
Jeff Garzik
7689
1.0%
David Gibson
7284
0.9%
Michael Hennerich
7181
0.9%
By either method of counting, Thomas Gleixner comes out at the top of the
list by virtue of his work on the i386/x86_64 architecture merger.
Bringing those architectures together and making the result work well was a
huge job; this effort will continue into future development cycles. (For
the curious, simply renamed files were not counted as "changed lines" in
the generation of these numbers). Note that many of these patches also
carry a signoff by Ingo Molnar, but git only stores the name of a single
"author" for a changeset.
Other contributors of large numbers of changesets in 2.6.24 include
Bartlomiej Zolnierkiewicz (lots of IDE driver patches), Adrian Bunk
(cleanups all over the kernel tree), Ralf Baechle (MIPS architecture work),
Pavel Emelyanov (mostly network and PID namespaces), Tejun Heo (serial ATA
and a number of sysfs cleanups), Johannes Berg (wireless networking), and
Al Viro (mostly annotation patches and related fixes). If one looks at the
number of changed lines, the list of developers changes almost completely:
Zhu Yi (iwlwifi driver), Auke Kok (e1000 driver), Michael Buesch (wireless
networking and the b43 driver), Ivo van Doorn (rt2x00 wireless driver),
Matthew Wilcox (SCSI, especially advansys and sym53c8xx drivers), Adrian
Bunk (cleanups and code deletions), Larry Finger (mainly addition of the
b43 legacy driver), and David Miller (networking and SPARC64).
If one assigns developers' contributions to employers and totals the
results, the following numbers emerge (note that these tables have been
updated since initial publication to fix an error):
Most active 2.6.24 employers
By changesets
(None)
1417
14.1%
(Unknown)
1108
11.1%
Red Hat
1045
10.4%
IBM
819
8.2%
Novell
680
6.8%
Intel
446
4.5%
linutronix
369
3.7%
Oracle
240
2.4%
SWsoft
212
2.1%
CERN
205
2.0%
Movial
190
1.9%
Linux Foundation
190
1.9%
MIPS Technologies
176
1.8%
Renesas Technology
140
1.4%
(Academia)
132
1.3%
Freescale
126
1.3%
MontaVista
122
1.2%
Analog Devices
115
1.1%
(Consultant)
112
1.1%
NetApp
101
1.0%
By lines changed
(None)
140730
18.0%
(Unknown)
121511
15.5%
Intel
114990
14.7%
Red Hat
58858
7.5%
IBM
51777
6.6%
linutronix
47968
6.1%
Novell
29856
3.8%
Movial
19093
2.4%
Freescale
15262
1.9%
Analog Devices
14971
1.9%
MIPS Technologies
11726
1.5%
SWsoft
8331
1.1%
Linux Foundation
7917
1.0%
Oracle
7777
1.0%
Atmel
7125
0.9%
CERN
6618
0.8%
Renesas Technology
6414
0.8%
Google
6373
0.8%
MontaVista
6026
0.8%
NetApp
5620
0.7%
In many ways, these lists look similar to those posted for past kernels.
But there are a few things which jump out this time around:
Intel has made it to the top of the "by lines changed" list - and
not just by a little bit. This happened by virtue of the work done by
four of the top-20 developers, but also by dozens of others who
contributed to the 2.6.24 kernel. Intel has a lot of people
working on the kernel, many of whom spend little time in the
limelight.
Movial found its way onto the list
for the first time as a result of having hired a very active
developer.
The amount of work done by people known to be hacking on their own
time has grown a bit. This change is mostly a result of more complete
information on our side - many developers have moved out of the
"unknown" category. Quite a bit of the no-employer work this time
around was done on the wireless networking tree; since much of the
interesting work in this area currently involves reverse engineering,
perhaps it is not surprising that relatively few companies are willing
to sponsor it.
All told, some 130 distinct employers were identified for the contributors
to 2.6.24. That is a lot of companies to be working on one body of code.
Looking at the Signed-off-by headers of patches is always interesting; if
one removes the signoffs added by the authors themselves, what is left is a
list of the gatekeepers - those who channel the code into the mainline.
The people who signed off on the most patches which they did not write are:
Sign-offs in the 2.6.24 kernel
By developer
Andrew Morton
1679
17.6%
David S. Miller
894
9.4%
Jeff Garzik
631
6.6%
Ingo Molnar
626
6.6%
John W. Linville
413
4.3%
Mauro Carvalho Chehab
367
3.9%
Greg Kroah-Hartman
337
3.5%
Paul Mackerras
305
3.2%
Jaroslav Kysela
284
3.0%
James Bottomley
260
2.7%
Linus Torvalds
250
2.6%
Thomas Gleixner
216
2.3%
Bryan Wu
166
1.7%
Takashi Iwai
115
1.2%
Jens Axboe
113
1.2%
Len Brown
113
1.2%
Avi Kivity
107
1.1%
Roland Dreier
107
1.1%
Ralf Baechle
96
1.0%
Adrian Bunk
88
0.9%
By employer
Red Hat
2935
30.2%
Linux Foundation
1929
19.9%
(None)
823
8.5%
(Unknown)
736
7.6%
Novell
636
6.6%
IBM
584
6.0%
Intel
318
3.3%
linutronix
216
2.2%
Analog Devices
175
1.8%
SGI
141
1.5%
Oracle
133
1.4%
Cisco
107
1.1%
Qumranet
107
1.1%
NetApp
106
1.1%
MIPS Technologies
96
1.0%
Movial
88
0.9%
(Consultant)
85
0.9%
Renesas Technology
84
0.9%
Cendio
43
0.4%
CERN
40
0.4%
There are not a lot of changes here from previous development cycles.
While quite a few developers add signoffs to code and pass it on, they work
for a relatively small number of companies - 7 employers account for
70% of the non-author signoffs.
Finally, given that we are starting a new year, it is worth taking a quick
look back at the entirety of 2007. In 2007, Linus merged just over 30,000
changesets (more than 80 per day, every day) from 1900 developers working
for (at least) 200 companies. All
told, they changed over 2 million lines of code, growing the kernel by
more than 750,000 lines. The kernel developers are, in other words,
touching over 5,000 lines of code every day - that is a high rate of
change.
The top contributors over the course of the year
(by changesets) were:
Top contributors in 2007
By developer
Ralf Baechle
507
1.7%
Thomas Gleixner
485
1.6%
David S. Miller
468
1.6%
Adrian Bunk
439
1.5%
Tejun Heo
394
1.3%
Ingo Molnar
351
1.2%
Paul Mundt
351
1.2%
Al Viro
337
1.1%
Bartlomiej Zolnierkiewicz
330
1.1%
Andrew Morton
319
1.1%
Stephen Hemminger
302
1.0%
Patrick McHardy
277
0.9%
Alan Cox
270
0.9%
Takashi Iwai
269
0.9%
Trond Myklebust
256
0.9%
David Brownell
254
0.8%
Avi Kivity
229
0.8%
Jeff Dike
227
0.8%
Jeff Garzik
216
0.7%
Jean Delvare
215
0.7%
By employer
(None)
4881
16.2%
Red Hat
3441
11.4%
(Unknown)
2933
9.7%
IBM
2379
7.9%
Novell
2054
6.8%
Intel
1060
3.5%
Linux Foundation
784
2.6%
Oracle
677
2.2%
(Consultant)
631
2.1%
MIPS Technologies
507
1.7%
linutronix
507
1.7%
Renesas Technology
394
1.3%
(Academia)
392
1.3%
SWsoft
384
1.3%
SGI
368
1.2%
MontaVista
342
1.1%
CERN
330
1.1%
Freescale
291
1.0%
NetApp
279
0.9%
Astaro
277
0.9%
It should be noted that the employer numbers are more approximate than
usual. Some developers changed employers in 2007, but LWN, as a matter of
policy, does not maintain a database of developers and their employers over
time. Still, the picture is relatively constant - the same companies
continue to contribute approximately the same percentage of the patches
going into the kernel over relatively long periods of time.
Overall, the picture that results from all these numbers is one of a
widespread and healthy development community. There appears to be no
shortage of jobs for kernel developers, but also room for those who work
outside of the office. The kernel truly is a common resource, with
literally thousands of people working to improve it. And it shows no signs
of slowing down anytime soon.
Your editor would like to profusely thank Greg Kroah-Hartman for his help
in improving these statistics.
Instrumenting a running kernel for debugging or profiling is on the
wish list of many administrators and developers. Advocates of OpenSolaris
like to point to DTrace as a
feature that Linux lacks, though SystemTap has started to close
that gap. The Linux Trace Toolkit next
generation (LTTng) takes a different approach and was recently
submitted for inclusion in the kernel (in two patches: arch independent and arch dependent).
LTTng relies upon kernel
markers to provide static probe points for its kernel tracing
activities. It also provides the ability to trace userspace programs and
combine that data with kernel tracing data to give a detailed view of
the internals of the system. Unlike other tools, LTTng takes a
post-processing approach, storing the data away as efficiently as possible
for later analysis. This is in contrast to SystemTap and DTrace which have their own
mini-languages that specify what to do as each trace point is reached.
One of the major design goals of LTTng is to have as little impact on the
system as possible, not only when it is actually tracing events, but also
when it is disabled. Kernel hackers are quite resistant to debugging
solutions that add any significant performance penalty when not in use. In addition, any
significant delays while enabled may change the system timing such that the bug or
condition being studied does not occur. For this reason, LTTng does not
take the path that various dynamic tracing solutions have used and avoids
the expense of a breakpoint interrupt by using the static markers.
Another major design goal is to provide monotonically increasing timestamp
values for events. The original LTT uses timestamps derived from the
kernel Network Time Protocol (NTP) time, which can fluctuate somewhat as
adjustments are made – sometimes going backward. LTTng uses a
timestamp derived from the hardware clocks that will work on various
processor architectures and clock speeds. In addition, the timestamps can
be correlated between different processors in a multi-processor system.
As LTTng gathers its data, it uses relayfs to get the data to a
userspace daemon (lttd) that writes the data to disk. The daemon
is started from the lttctl command-line tool, which controls the
tracing settings in the kernel via a netlink socket. A user wishing to
investigate tracing could use lttctl to start and stop a trace;
once the trace is complete, the data could be viewed and analyzed.
The LTT viewer (LTTV) is the program that is used to analyze the data
gathered. It provides both GUI and text-based viewers to interpret the
binary data generated by LTTng and present it to the user. Multi-gigabyte
files of tracing data are not uncommon when using LTTng, so a tool like
LTTV is indispensable for visualization and filtering to allow the user to
focus on the events of interest. LTTV has a plugin mechanism that allows
users to develop their own display and analysis tools, while using the LTTV
framework and filtering capabilities.
An advantage of using static probe points – though some may see it as
a disadvantage – is that they can be maintained with the kernel code
they are targeting. If the kernel markers patch is merged, subsystems can
add probe points at places they find interesting or useful and those
markers will be carried along in the kernel source; updated as the
kernel changes. Other solutions rely on matching an external list of
probes with the version of the running kernel, which can result in
mismatches and incorrect traces. Also, SystemTap will be able to use any
markers that get added to the kernel as is, so users who want the abilities
that it provides will also benefit.
LTTng is being developed at the École Polytechnique de
Montréal with support from quite a few Linux companies. It
has the looks of a very well thought out framework that builds upon the
tracing work that has been done before. It certainly won't make it into
2.6.24, but it would seem to have a good chance of making it into a future
mainline kernel.
[Editor's note: this is the third and final installment in Paul
McKenney's "What is RCU?" series. The first and second parts remain available
for those who might have missed them. Many thanks to Paul for letting LWN
run these articles.]
Introduction
Read-copy update (RCU) is a synchronization mechanism that was added to
the Linux kernel in October of 2002.
RCU is most frequently described as a replacement for reader-writer locking,
but has also been used in a number of other ways.
RCU is notable in that RCU readers do not directly synchronize with
RCU updaters,
which makes RCU read paths extremely fast, and also
permits RCU readers to accomplish useful work even
when running concurrently with RCU updaters.
This leads to the question "what exactly is RCU?", a question that this
document addresses from the viewpoint of the Linux kernel's RCU API.
The most straightforward answer to "what is RCU" is that RCU is
an API used in the Linux kernel, as summarized by the pair of tables
in this section
(the first table shows the wait-for-RCU-readers portions of the API,
while the second table shows the publish/subscribe portions of the API).
Or, more precisely, RCU is a family of APIs as shown in the first table,
with each column corresponding to a member of the RCU API family.
If you are new to RCU, you might consider focusing on just one
of the columns in the following table.
For example, if you are primarily interested in understanding how RCU
is used in the Linux kernel, "RCU Classic" would be the place to start,
as it is used most frequently.
On the other hand, if you want to understand RCU for its own sake,
"SRCU" has the simplest API.
You can always come back for the other columns later.
If you are already familiar with RCU, the following pair of tables can
serve as a useful reference.
Attribute
RCU Classic
RCU BH
RCU Sched
Realtime RCU
SRCU
QRCU
Purpose
Original
Prevent DDoS attacks
Wait for hardirqs and NMIs
Realtime response
Sleeping readers
Sleeping readers and fast grace periods
Availability
2.5.43
2.6.9
2.6.12
Aug 2005 -rt
2.6.19
Read-side primitives
rcu_read_lock() rcu_read_unlock()
rcu_read_lock_bh() rcu_read_unlock_bh()
preempt_disable() preempt_enable()
(and friends)
rcu_read_lock() rcu_read_unlock()
srcu_read_lock() srcu_read_unlock()
qrcu_read_lock() qrcu_read_unlock()
Update-side primitives (synchronous)
synchronize_rcu() synchronize_net()
synchronize_sched()
synchronize_rcu() synchronize_net()
synchronize_srcu()
synchronize_qrcu()
Update-side primitives (asynchronous/callback)
call_rcu()
call_rcu_bh()
call_rcu()
N/A
N/A
Update-side primitives (wait for callbacks)
rcu_barrier()
rcu_barrier()
N/A
N/A
Read side constraints
No blocking
No irq enabling
No blocking
No blocking except preemption and lock acquisition
No synchronize_srcu()
No synchronize_qrcu()
Read side overhead
Preempt disable/enable (free on non-PREEMPT)
BH disable/enable
Preempt disable/enable (free on non-PREEMPT)
Simple instructions, irq disable/enable
Simple instructions, preempt disable/enable
Atomic increment and
decrement of shared variable
Asynchronous update-side overhead
(for example, call_rcu())
sub-microsecond
sub-microsecond
sub-microsecond
N/A
N/A
Grace-period latency
10s of milliseconds
10s of milliseconds
10s of milliseconds
10s of milliseconds
10s of milliseconds
10s of nanoseconds in absence of readers
Non-PREEMPT_RT implementation
RCU Classic
RCU BH
RCU Classic
N/A
SRCU
N/A
PREEMPT_RT implementation
N/A
Realtime RCU
Forced Schedule on all CPUs
Realtime RCU
SRCU
N/A
Quick Quiz 1:
Why are some of the cells in the above table colored green?
The "RCU Classic" column corresponds to the original RCU implementation,
in which RCU read-side critical sections are delimited by
rcu_read_lock() and rcu_read_unlock(), which
may be nested.
The corresponding synchronous update-side primitives,
synchronize_rcu(), along with its synonym
synchronize_net(), wait for any currently executing
RCU read-side critical sections to complete.
The length of this wait is known as a "grace period".
The asynchronous update-side primitive, call_rcu(),
invokes a specified function with a specified argument after a
subsequent grace period.
For example, call_rcu(p,f); will result in
the "RCU callback" f(p)
being invoked after a subsequent grace period.
There are situations,
such as when unloading a module that uses call_rcu(),
when it is necessary to wait for all
outstanding RCU callbacks to complete.
The rcu_barrier() primitive does this job.
In the "RCU BH" column, rcu_read_lock_bh() and
rcu_read_unlock_bh() delimit RCU read-side critical
sections, and call_rcu_bh() invokes the specified
function and argument after a subsequent grace period.
Note that RCU BH does not have a synchronous synchronize_rcu_bh()
interface,
though one could easily be added if required.
Quick Quiz 2:
What happens if you mix and match?
For example, suppose you use rcu_read_lock() and
rcu_read_unlock() to delimit RCU read-side critical
sections, but then use call_rcu_bh() to post an
RCU callback?
In the "RCU Sched" column, anything that disables preemption
acts as an RCU read-side critical section, and synchronize_sched()
waits for the corresponding RCU grace period.
This RCU API family was added in the 2.6.12 kernel, which split the
old synchronize_kernel() API into the current
synchronize_rcu() (for RCU Classic) and
synchronize_sched() (for RCU Sched).
Note that RCU Sched does not have an asynchronous
call_rcu_sched() interface,
though one could be added if required.
Quick Quiz 3:
What happens if you mix and match RCU Classic and RCU Sched?
The "Realtime RCU" column has the same API as does
RCU Classic, the only difference being that RCU read-side critical
sections may be preempted and may block while acquiring spinlocks.
The design of Realtime RCU is described in the LWN article
The design of preemptible read-copy-update.
Quick Quiz 4:
What happens if you mix and match Realtime RCU and RCU Classic?
The "SRCU" column displays a specialized RCU API that permits
general sleeping in RCU read-side critical sections, as was
described in the LWN article
Sleepable RCU.
Of course,
use of synchronize_srcu() in an SRCU read-side
critical section can result in
self-deadlock, so should be avoided.
SRCU differs from earlier RCU implementations in that the caller
allocates an srcu_struct for each distinct SRCU
usage.
This approach prevents SRCU read-side critical sections from blocking
unrelated synchronize_srcu() invocations.
In addition, in this variant of RCU, srcu_read_lock()
returns a value that must be passed into the corresponding
srcu_read_unlock().
The "QRCU" column presents an RCU implementation with the same
API structure as SRCU, but optimized for extremely low-latency
grace periods in absence of readers, as described in the LWN article
Using Promela and Spin to verify parallel algorithms.
As with SRCU, use of synchronize_qrcu() can result in
self-deadlock, so should be avoided.
Although QRCU has not yet been accepted into the Linux kernel, it
is worth mentioning given that it is the only RCU implementation
that can boast deep sub-microsecond grace-period latencies.
Quick Quiz 5:
Why do both SRCU and QRCU lack asynchronous call_srcu()
or call_qrcu() interfaces?
Quick Quiz 6:
Under what conditions can synchronize_srcu() be safely
used within an SRCU read-side critical section?
The Linux kernel currently has a surprising number of RCU APIs and
implementations.
There is some hope of reducing this number, evidenced by the fact
that a given build of the Linux kernel currently has at most
three implementations behind four APIs (given that RCU Classic
and Realtime RCU share the same API).
However, careful inspection and analysis will be required, just as
would be required for one of the many locking APIs.
Fortunately, the RCU publish-subscribe and version-maintenance
primitives shown in the following
table apply to all of the variants of RCU discussed above.
This commonality can in some cases allow more code to be shared,
which certainly reduces the API proliferation that would otherwise
occur.
Category
Primitives
Availability
Overhead
List traversal
list_for_each_entry_rcu()
2.5.59
Simple instructions (memory barrier on Alpha)
List update
list_add_rcu()
2.5.44
Memory barrier
list_add_tail_rcu()
2.5.44
Memory barrier
list_del_rcu()
2.5.44
Simple instructions
list_replace_rcu()
2.6.9
Memory barrier
list_splice_init_rcu()
2.6.21
Grace-period latency
Hlist traversal
hlist_for_each_entry_rcu()
2.6.8
Simple instructions (memory barrier on Alpha)
Hlist update
hlist_add_after_rcu()
2.6.14
Memory barrier
hlist_add_before_rcu()
2.6.14
Memory barrier
hlist_add_head_rcu()
2.5.64
Memory barrier
hlist_del_rcu()
2.5.64
Simple instructions
hlist_replace_rcu()
2.6.15
Memory barrier
Pointer traversal
rcu_dereference()
2.6.9
Simple instructions (memory barrier on Alpha)
Pointer update
rcu_assign_pointer()
2.6.10
Memory barrier
The first pair of categories operate on Linux
struct list_head lists, which are circular, doubly-linked
lists.
The list_for_each_entry_rcu() primitive traverses an
RCU-protected list in a type-safe manner, while also enforcing
memory ordering for situations where a new list element is inserted
into the list concurrently with traversal.
On non-Alpha platforms, this primitive incurs little or no performance
penalty compared to list_for_each_entry().
The list_add_rcu(), list_add_tail_rcu(),
and list_replace_rcu() primitives are analogous to
their non-RCU counterparts, but incur the overhead of an additional
memory barrier on weakly-ordered machines.
The list_del_rcu() primitive is also analogous to its
non-RCU counterpart, but oddly enough is very slightly faster due to the
fact that it poisons only the prev pointer rather than
both the prev and next pointers as
list_del() must do.
Finally, the list_splice_init_rcu() primitive is similar
to its non-RCU counterpart, but incurs a full grace-period latency.
The purpose of this grace period is to allow RCU readers to finish
their traversal of the source list before completely disconnecting
it from the list header -- failure to do this could prevent such
readers from ever terminating their traversal.
Quick Quiz 7:
Why doesn't list_del_rcu() poison both the next
and prev pointers?
The second pair of categories operate on Linux's
struct hlist_head, which is a linear linked list.
One advantage of struct hlist_head over
struct list_head is that the former requires only
a single-pointer list header, which can save significant memory in
large hash tables.
The struct hlist_head primitives in the table
relate to their non-RCU counterparts in much the same way as do the
struct list_head primitives.
The final pair of categories operate directly on pointers, and
are useful for creating RCU-protected non-list data structures,
such as RCU-protected arrays and trees.
The rcu_assign_pointer() primitive ensures that any
prior initialization remains ordered before the assignment to the
pointer on weakly ordered machines.
Similarly, the rcu_dereference() primitive ensures that subsequent
code dereferencing the pointer will see the effects of initialization code
prior to the corresponding rcu_assign_pointer() on
Alpha CPUs.
On non-Alpha CPUs, rcu_dereference() documents which pointer
dereferences are protected by RCU.
Quick Quiz 8:
Normally, any pointer subject to rcu_dereference() should
always be updated using rcu_assign_pointer().
What is an exception to this rule?
Quick Quiz 9:
Are there any downsides to the fact that these traversal and update
primitives can be used with any of the RCU API family members?
At its core, RCU is nothing more nor less than an API that supports
publication and subscription for insertions, waiting for all RCU readers
to complete, and maintenance of multiple versions.
That said, it is possible to build higher-level constructs
on top of RCU, including the reader-writer-locking, reference-counting,
and existence-guarantee constructs listed in the companion article.
Furthermore, I have no doubt that the Linux community will continue to
find interesting new uses for RCU,
just as they do for any of a number of synchronization
primitives throughout the kernel.
Finally, a complete view of RCU would also include
all of the things you can do with these APIs.
Acknowledgements
We are all indebted to Andy Whitcroft, Jon Walpole, and Gautham Shenoy,
whose review of an early draft of this document greatly improved it.
I owe thanks to the members of the Relativistic Programming project
and to members of PNW TEC for many valuable discussions.
I am grateful to Dan Frye for his support of this effort.
This work represents the view of the author and does not necessarily
represent the view of IBM.
Linux is a registered trademark of Linus Torvalds.
Other company, product, and service names may be trademarks or
service marks of others.
This section gives a short annotated bibliography describing using RCU,
Linux-kernel RCU implementations, background, and historical perspectives.
For more information, see
Paul E. McKenney's RCU Page.
Section 2.2.20 (pages 62-64) gives a history of RCU-like
mechanisms, a very brief summary of which can be found
below.
Chapter 4 (pages 71-98) and Appendix C (pages 326-345) review
a number of different types of RCU implementations, summarizing
a number of earlier papers.
Chapter 5 (pages 137-178) gives an overview of a number of
"design patterns" guiding use of RCU.
Chapter 6 (pages 179-234) describes some early uses of RCU.
Anyone who is laboring under the misapprehension that
the Linux community would never have
independently invented RCU should read this
netdev posting and
this one as well.
Both postings pre-date the earliest known introduction of RCU to the
Linux community.
Background
Real-Time Linux Wiki.
Provides much valuable information on the -rt patchset for both
kernel and application developers.
Quick Quiz 1:
Why are some of the cells in the above table colored green?
Answer: The green API members (rcu_read_lock(),
rcu_read_unlock(), and call_rcu()) were the
only members of the Linux RCU API that Paul E. McKenney was aware of back
in the mid-90s.
During this timeframe, he was under the mistaken impression that
he knew all that there is to know about RCU.
Quick Quiz 2:
What happens if you mix and match?
For example, suppose you use rcu_read_lock() and
rcu_read_unlock() to delimit RCU read-side critical
sections, but then use call_rcu_bh() to post an
RCU callback?
Answer: If there happened to be no RCU read-side critical
sections delimited by rcu_read_lock_bh() and
rcu_read_unlock_bh() at the time call_rcu_bh()
was invoked, RCU would be within its rights to invoke the callback
immediately, possibly freeing a data structure still being used by
the RCU read-side critical section!
This is not merely a theoretical possibility: a long-running RCU
read-side critical section delimited by rcu_read_lock()
and rcu_read_unlock() is vulnerable to this failure mode.
This vulnerability disappears in -rt kernels, where
RCU Classic and RCU BH both map onto a common implementation.
Quick Quiz 3:
What happens if you mix and match RCU Classic and RCU Sched?
Answer: In a non-PREEMPT or a PREEMPT kernel, mixing these
two works "by accident" because in those kernel builds, RCU Classic and RCU
Sched map to the same implementation.
However, this mixture is fatal in PREEMPT_RT builds using the -rt
patchset, due to the fact that Realtime RCU's read-side critical
sections can be preempted, which would permit
synchronize_sched() to return before the
RCU read-side critical section reached its rcu_read_unlock()
call.
This could in turn result in a data structure being freed before the
read-side critical section was finished with it,
which could in turn greatly increase the actuarial risk experienced
by your kernel.
In fact, the split between RCU Classic and RCU Sched was inspired
by the need for preemptible RCU read-side critical sections.
Quick Quiz 4:
What happens if you mix and match Realtime RCU and RCU Classic?
Answer: That would be up to you, because you would have
to code up changes to the kernel to make such mixing possible.
Currently, any kernel running with RCU Classic cannot access
Realtime RCU and vice versa.
Quick Quiz 5:
Why do both SRCU and QRCU lack asynchronous call_srcu()
or call_qrcu() interfaces?
Answer: Given an asynchronous interface, a single task
could register an arbitrarily large number of SRCU or QRCU callbacks,
thereby consuming an arbitrarily large quantity of memory.
In contrast, given the current synchronous
synchronize_srcu() and synchronize_qrcu()
interfaces, a given task must finish waiting for a given grace period
before it can start waiting for the next one.
Quick Quiz 6:
Under what conditions can synchronize_srcu() be safely
used within an SRCU read-side critical section?
Answer: In principle, you can use
synchronize_srcu() with a given srcu_struct
within an SRCU read-side critical section that uses some other
srcu_struct.
In practice, however, doing this is almost certainly a bad idea.
In particular, the following could still result in deadlock:
Quick Quiz 7:
Why doesn't list_del_rcu() poison both the next
and prev pointers?
Answer: Poisoning the next pointer would interfere
with concurrent RCU readers, who must use this pointer.
However, RCU readers are forbidden from using the prev
pointer, so it may safely be poisoned.
Quick Quiz 8:
Normally, any pointer subject to rcu_dereference()must
always be updated using rcu_assign_pointer().
What is an exception to this rule?
Answer: One such exception is when a multi-element linked
data structure is initialized as a unit while inaccessible to other
CPUs, and then a single rcu_assign_pointer() is used
to plant a global pointer to this data structure.
The initialization-time pointer assignments need not use
rcu_assign_pointer(), though any such assignments that
happen after the structure is globally visible must use
rcu_assign_pointer().
However, unless this initialization code is on an impressively hot
code-path, it is probably wise to use rcu_assign_pointer()
anyway, even though it is in theory unnecessary.
It is all too easy for a "minor" change to invalidate your cherished
assumptions about the initialization happening privately.
Quick Quiz 9:
Are there any downsides to the fact that these traversal and update
primitives can be used with any of the RCU API family members?
Answer: It can sometimes be difficult for automated
code checkers such as "sparse" (or indeed for human beings) to
work out which type of RCU read-side critical section a given
RCU traversal primitive corresponds to.
For example, consider the following:
GoboLinux is an alternative
distribution that redefines the entire filesystem hierarchy. The
distribution joined the LWN Distributions List in late October 2003 at
version 007. Now at version 014, the project has made quite a bit of
headway. The website has been translated into several major languages,
along with much of the documentation.
An early article
written by GoboLinux creator Hisham Muhammad explains how the distribution
evolved from a custom Linux From
Scratch installation, and the motivation for changing the directory
structure.
The whole thing started when I had to install programs at the
University. As I had no write access to the standard Unix directories, I
created my own directories under $HOME the way I saw fit. I upgraded the
programs from source constantly, and couldn't use a package manager. My
solution was the most obvious one: to place each program in its own
directory, such as ~/Programs/AfterStep. Soon the environment variables
(PATH, LD_LIBRARY_PATH...) got bigger and bigger, so I created centralized
directories for each class of files, containing symbolic links:
~/Libraries, ~/Headers and so on. A natural evolution was to write shell
scripts to handle the links, configures and Makefiles.
I downloaded the 014 release and stuck the CD into my ancient Sony Vaio
laptop. After booting I was first prompted for my preferred language and
keyboard settings and then taken to a console screen with text advising me
to "run startx to run the live CD or you can install from here." I ran
startx and soon was looking at a familiar KDE desktop. This release
features KDE 3.5.8, Glibc 2.5 and Xorg 7.2. From here you'll find a
desktop icon for GParted and another to install GoboLinux, so you can
easily create a separate partition for GoboLinux before an installation.
I ran it as live CD and brought up a Konsole so I poke about the filesystem
hierarchy. The home directory looks much like any other Linux system, but
a cd /, followed by ls -al reveals something else
entirely. There are only six subdirectories here: Depot, Files, Mount,
Programs, System, and Users. Depot proved to be empty, but the other
directories have their own subdirectories, which branch further as
necessary. For example, I found everything need to compile the linux
kernel for a variety of architectures under
/Files/Compile/Sources/linux-2.6.23.8/ (the version used by this release).
To see all the installed programs just look at /Programs where each package
has it's own subdirectory. Different versions of the packages can also be
easily installed without conflict, since the directory structure includes
the version number, e.g. /Programs/Xorg/7.2/.
The home directory for users is under /Users instead of /home, but it works
just the same. As a long time Unix/Linux user I'm used to the old
hierarchy, with cryptic names like /etc and /bin. I thought I might have a
hard time getting used to GoboLinux. Instead, I found it intuitive and easy
to work with. Next time you are looking for something different in a
desktop, give GoboLinux a try.
Good OS has announced the release of gOS 2.0 "Rocket". "gOS Rocket
introduces gBooth, the first of many web apps to come specially customized
for gOS. gBooth is powered by gOS spin-off, meebooth, a browser-based web
cam application that makes it fun and easy to capture photos, add special
effects, and share across Facebook, YouTube and other web services. To
introduce a gOS compatible web cam, gOS and meebooth partnered with leading
web cam manufacturer Ezonics to create the "gCam," a web cam compatible
with gOS and gBooth."
Mandriva CEO François Bancilhon takes a look at what
Mandriva accomplished in the 2007, with a look forward to 2008. "We
drastically changed our traditional Linux distribution business: the
product line was simplified, a strong focus was put on our free products
(Mandriva Linux One and Mandriva Linux Free) and on their easy download,
prices were drastically reduced, Mandriva Club membership became free, we
invested a lot in improving our relationship with the community and our
contributors and a complete new web site was put in place. We got a
globally warm response to all these changes."
Elive, a Debian based distribution
featuring the Enlightenment window manager, has some plans for 2008.
"Elive is 5 years old. We have decided to count the age of Elive from
the real development instead of the releases with the name "Elive". The
first system made was a livecd called Tezcatlipotix based on Knoppix 3.1
lite. A desktop livecd for personal use with Enlightenment in the same
spirit as Elive. After that, the decision to make this system for the
public was made. The name was changed to Elive and a project was then
hosted on debianitas.net, which soon switched to it's own server and
project."
The Fedora Weekly News for December 31, 2007 looks at "FUDCon Raleigh
2008", "Fedora Unity announces Fedora 8 Re-Spin", Planet Fedora articles
"Red Hat's New CEO", "bugz.fedoraproject.org" and "Fedora Xfce Spin", and
much more.
The fourth
issue of the openSUSE Weekly News covers all things during the
Christmas holidays, including A look at openSUSE's accomplishments in 2007,
openSUSE 11.0 now Scheduled, openSUSE Education goes Gold, and Jeff Jaffe,
Novell CTO, on the openSUSE Project.
The Ubuntu Weekly Newsletter for December 30 through January 5th covers
Alpha 3 Freeze, Kubuntu Tutorials Day, Ubuntu Live Conference videos, a new
Kubuntu member, the success of Inkscape with Launchpad, Ubuntu Forum News,
Ubuntu Tutorial of the Week, and much more.
The DistroWatch
Weekly for January 7, 2008 is out. "Yes, this is the first full
week of 2008, which means that in just a few days the long-awaited KDE 4.0
should be out and ready. Although the initial release might not be as
stable and functional as the current KDE 3.5 series, it will lay down
foundations for a truly modern desktop environment that could power many
computers into the next decade. But how many of us will be using it by the
end of 2008? Only time will tell. In the news section, Red Hat appoints a
new Chief Executive Officer, Canonical drops long-term support goal in
Kubuntu 8.04, PCLinuxOS announces new low-cost desktop computer and start
of a 2008 release cycle, and Linux Mint and Elive promise new editions of
their respective products. Finally, don't miss the feature story of this
week's issue - a report about your DistroWatch maintainer's visit to the
Mandriva headquarters and a brief meeting with Gaël Duval, the founder
of Mandrake Linux."
OpEdNews looks
at Gentoo. "Gentoo Linux is more than a computer operating
system, it's an experience. From the time you first boot that CD, until the
time you finally declare your system in the state which you desire, you
will learn more about Linux than you ever thought you could."
Dennis O'Reilly reviews Ubuntu
7.10. "It didn't take long after installing Canonical Ltd.'s Ubuntu
7.10 version of Linux for me to decide I liked what I saw. A quick tour of
the Applications, Places, and System menus indicated that converting from
Windows to Linux would be relatively seemless. The only fly in the ointment
was my inability to get any of three wireless adapters to work with the
OS."
Stable version 5.0.0 of RPM,
the rpm package manager, formerly known as the Red Hat package manager,
has been announced. RPM5
is a fork of RPM; it should not be confused with the version used by Red
Hat, Fedora, SUSE, and others, which can still be found at rpm.org.
The project description states:
RPM is a powerful and mature command-line driven package management system
capable of installing, uninstalling, verifying, querying, and updating Unix
software packages. Each software package consists of an archive of files
along with information about the package like its version, a description,
and the like. There is also a library API, permitting advanced developers
to manage such transactions from programming languages such as C, Perl or
Python.
Traditionally, RPM is a core component of many Linux distributions, including Red Hat Enterprise Linux, Fedora, Novell SUSE Linux Enterprise, openSUSE, CentOS, Mandriva Linux, and many others. But RPM is also used for software packaging on many other Unix operating systems like FreeBSD, Sun OpenSolaris, IBM AIX and Apple Mac OS X through the cross-platform Unix software distribution OpenPKG. Additionally, the RPM archive format is an official part of the Linux Standard Base (LSB).
The RPM5 developers certainly have a high opinion of what this release
brings:
The relaunch of the
RPM project in spring 2007 and today's following availability of RPM 5
marks a major milestone for the previously rather Linux-centric RPM. RPM
now finally evolved into a fully cross-platform and reusable software
packaging tool.
RPM Version 5.0.0 differs in numerous ways from other versions.
As noted above, the project aims to be cross-platform.
Much of the code is said to have been cleaned up and numerous bugs have been fixed.
The RPM build process has been completely rewritten to improve portability.
The code base has been ported to all of the major UNIX-based platforms
and Windows. All of the most widely used open-source and proprietary
compilers are now supported. Supported compression formats now include
bzip, bzip2 and LZMA. Initial support has been added for XAR, the XML
Archive file format, while support for the old RPMv3 format has been
removed. New package specification features have been added
and RPM 5 can now automatically track vendor distribution files.
In the last several years, the RPM project has been plagued by a bit of
controversy. The issues mainly centered around maintenance of the
code and which version was used by Red Hat.
In August, 2006, LWN asked
Who maintains RPM?
More recently, Ralf S. Engelschall from the OpenPKG distribution has posted a
blog entry that discusses the project's history and considers which
version is "official". Lastly, the initial RPM 5.0.0 announcement
on LWN produced some lively
discussion of RPM issues.
The much-trumpeted release of RPM5 seems unlikely to put an end to this
controversy, to say the least. RPM5 would appear to have a certain amount
of development energy and momentum, but it is not used by any major
distributions and it is not at all clear that this will change; in
particular, Red Hat and Fedora seem highly unlikely to drop their version
of RPM for RPM5. So this fork - and the bad feelings that go along with it
- will probably persist indefinitely. That's not what anybody would wish
for a crucial (and normally relatively boring) system tool like rpm.
Version 2.0 beta2 of NCReport has been
announced.
"NCReport is lightweight, fast, easy to use SQL report engine written in C++ based on Qt toolkit. Report definition using XML format - stored as file or in sql database. Generated document ready to print or (fast) preview The new NCReport 2.0 has been released. The project is fully re-written from the bases. It has many new features and improvements. The new Designer application also included."
Version 8.3 RC1 of the PostgreSQL DBMS has been announced.
"Currently there are no major outstanding issues (and only a couple of minor
ones) for 8.3, so we may not build a Release Candidate 2. This means that
it's critical that you download and test 8.3RC1 this week in order to
catch any further issues, since any bugs you miss could end up in 8.3.0."
Unstable version 1.9.0 of BusyBox
has been announced.
"lash is deleted from this release. hush can be configured down to almost the same size, but it is significantly less buggy. It even works on NOMMU machines (interactive mode and backticks are not working on NOMMU, though). "lash" applet is still available, but it runs hush."
Version 0.7.0 of Allmydata-Tahoe, a secure, decentralized, fault-tolerant filesystem, has been announced.
"This is an exciting release of Tahoe. With this release, it is fully
decentralized (at least as far as the actual storage part), and it
has a FUSE plugin."
Version 0.5.2 of BINViz has been
announced.
"BINViz(Bidirectional Interactive Network Visualization) is a JavaScript library for network and graph visualization. The goal of this tool is to provide a better way to visualize complex graphical models and the underlying data in a web-based environment
A new version (0.5.2) of BINViz is released on Jan 4th, 2008. New features like multi-colored edges are now available! A package with some examples is also added to the download web page."
Version 1.3 of Vigilog has been
announced.
"Vigilog, an easy-to-use and attractive log file viewer just released version 1.3. It now includes a webstart version, ability to use log4j or logback plain text files and much more."
New versions of
Audacious, an audio player, and Audacious-Plugins have been announced.
"Audacious-Plugins 1.4.3.2 was released to fix a regression caused by an incomplete backport. AGAIN."
Version 0.9.84 of the Rivendell radio station automation software
has been announced.
"A major new subsystem has been added that permits
automated generation and posting of audio podcasts from RDCatch, as well as
a new RDCastManager module for manual content posting and management of
existing podcast episodes." Many other changes have been added.
Version 5.0 GA of the
Zimbra Collaboration Suite has been announced.
Scott Dowdle's
blog
has a review of the new release, here is the change summary:
"Briefcase - A file storage area with a nice file manager.
Tasks - Create to-do lists and manage tasks through to completion.
Instant Messaging - Beta - User to user chat.
More sharing - Mail folders can be shared, new HTTP calendar sharing, share Briefcase files.
Documents - Now out of beta... online text and spreadsheet documents.
Faster login - They split up the javascript into functional pieces so you don't have to load everything at login time.
Little touches - folder summaries, public or private calendar entries, updated help system, email priorities, enhanced tagging, and automatic http to https redirection."
Version 0.11 of Chandler Server has been announced.
"Chandler Server is a server and Ajax web UI for managing and sharing
calendars, events, and tasks. It implements open data standards
including CalDAV, WebDAV, Atom, and Atompub.
This is a bugfix release for Chandler Server 0.10.1 and is
recommended for general usage.
The improvements include better support for account signup and odd
usernames, better error messages, and a variety of other fixes."
Version 0.91.2 of
matplotlib,
a python 2D plotting library, has been announced.
Changes include
enhanced mathtext, better configuration, support for writing to file-like objects, record array support, new pylab plotting functions,
maskedarray support, plotfile support, and bug fixes.
See the
What's new
document for more information.
KDE developer Aaron Seigo has posted a lengthy "talking bluntly" message on KDE 4.0. "KDE 4.0 isn't yet 'better than good enough'; so why don't we just release more betas? When one perpetually releases alphas/betas a few things happen: people don't test it aggressively enough, third party developers don't get involved, core developers continue doing blue sky development rather than focusing on release qualities."
KDE.News covers
the upcoming KDE 4.0.0.
"Markus Mauder on his blog posts a look at the soon to be released KDE 4.0.0 complete with screenshots and a review of some of the significant changes. "I hope you enjoy this preview and come to share my opinion that KDE 4 is going to rock!" He also has an album of screenshots on Picasa that expand on the ones in the article. The big release happens on Friday, join us in #kde4-release-party on Freenode to celebrate."
The December 30, 2007 edition of the
KDE Commit-Digest has been
announced.
The content summary says:
"Furious last-minute application of polish across the board in preparation for the tagging of KDE 4.0 Final next week. Work towards threading GDB operations support in KDevelop. Support for media players employing the MPRIS standard in the Plasma "Now Playing" data engine, with the import of a Flickr Plasmoid. A style manager, support for Karbon gradients and lots of colourspace work in Krita. Various improvements in the Eigen2 math vector library. Continued progress in the KBugBuster rewrite..."
Version 1.3.3.10 of the Scribus page layout application has been announced.
"This stable release adds the following:
Several fixes and improvements to text frames and the Story Editor.
New Arabic Translation.
More translation and documentation updates.
Many improvements to PDF Forms exporting and non-Latin script handling in
PDFs.
Several fixes to protect against possible crashes.
Improved Color Managed Display in some cases.
Some fixes to the Scripting plugin. One of the major additions to this release is the final complete German
translation of the Scribus documentation by Christoph Schäfer and Volker
Ribbert."
Development version 20080103 of
Covered,
a Verilog code coverage analyzer, has been announced.
"This is primarily a bug fix and performance enhancement release over the last development release of Covered with a few new feature additions."
Version 1.3.0-20071229 of gEDA/gaf has been
announced.
"The v1.3.0 development snapshot of gEDA/gaf has been released. This release
rolls up the last three months of development. Many thanks to everybody
involved. Note, this is a development snapshot so it should not go into
any distributions."
Version 2.2.3 of GnuCash has been announced.
"The GnuCash development team proudly announces GnuCash 2.2.3, the
third bug fix release in a series of stable releases of the
GnuCash Free Accounting Software."
Version 0.4.6 of iTrade has been
announced. iTrade is a:
"Trading & Charting system written in Python including Quotes Management, Historic Data, Live Data, Import/Export, Charting, candlestick and Technical analysis, automated alerts, portfolio management, risk management, and much much more".
Version 1.2.11 of LedgerSMB, a web based accounting system,
has been announced. This release fixes a denial of service security
issue and addresses a number of bugs.
Version 2.8.11 of SQL-Ledger,
a web-based accounting system, has been announced. Changes include:
"added login and password check to disallow non-alphanumeric characters.
fixed update bug for AR/AP Transaction when scheduling transaction.
fixed missing statement handle for restocking assembly function."
The WorldForge virtual world game project presents an article on
Tileable Models.
"Here is a proposal for a powerful mechanism which I think will allow is to do neat dynamic things without having to add lots of special case code, scripts or data to the client.
Everyone who works with graphics should be familiar with the concept of tiles images or textures where the same image is repeated in order to cover an area large than the original image.
The concept of tiled models aims to do something similar, but by rendering multiple instances of a 3D model adjacent to each other to represent a larger entity."
Version 0.9.52 of Wine
has been announced.
Changes include: Improved graphics tablet support,
Support for RPC context handles,
Fixes for some longstanding screen depth issues,
Implementation of "My Network Places" shell folder and
Lots of bug fixes.
Version 0.2.8.1 of GNUmed has been announced.
"GNUmed is a comprehensive scalable software solution for electronic medical
practices with an emphasis on privacy protection, secure patient centric
record sharing, decision support, and ease of use. It is intended to become a
sophisticated decision support system that will elevate the quality of
medical care that can be delivered.
Release focus: Major bugfix release".
Version 0.6 of dssi-vst has been announced.
"dssi-vst is a DSSI plugin wrapper for Win32 VST effects and instruments
with GUI support, allowing them to be loaded into any DSSI host.
The 0.6 release contains a single fix to a crash on startup in the
vsthost program."
Version 2.2 of jack-keyboard has been announced.
"jack-keyboard is a virtual MIDI keyboard - a program that allows you to
send JACK MIDI events (play ;-) using your PC keyboard. It's somewhat
similar to vkeybd, except it uses JACK MIDI instead of ALSA, and the
keyboard mapping is much better".
Version 0.1.0 of Qtractor, an Audio/MIDI multi-track sequencer,
has been announced.
"Since its primordial presentation on the LAC2007@TU-Berlin, almost one
year ago, I guess it's finally ready for an official public release. So
here it goes."
Version 1.26-pre of wcnt has been announced, many new features and
improvements have been added.
"wcnt is a not-real-time commandline text-file-based modular
synth/sequencer/sampler for GNU/Linux to generate WAV audio files."
the ODF-XSLT Project has been launched.
"The ODF-XSLT
Document Generator is a library written in PHP 5 that brings the full power
of XSLT to your OpenDocument files. It enables you to use ODF files as if
they were plain XSLT templates. It also includes a few extra parsing options
that allow you to edit the XSLT parts of these ODF from within your
favourite office suite. ODF-XSLT is developed by Tribal Internet Marketing
and is released by Lone Wolves as Free Software under the GNU General
Public License, version 3."
Version 1.30 of eSpeek,
a text to speech converter, has been announced.
Changes include new language support, intonation changes for exclamations,
new intonation style options, improved sound quality, faster
speed, an option for changing gaps between words, better English support
and more.
Version 0.7.5.7 of MediaInfo has been
announced.
"MediaInfo supplies technical and tag information about video or audio files (MKV/AVI/MOV/MPEG1, 2, 4/M4A/M4V/MP3/AAC/RM/...)
There are several versions: Graphical interface, Command line, or DLL for third-party software developers (like emule). GUI is multi-language.
In this release: SWFv9, DVR-MS and DCII support and some speed improvements."
The January 2, 2008 GCC 4.3.0 Status Report has been published.
"We are in Stage 3. When we reach 100 open regressions, we will go to
regression-only mode. When we approach the 4.3.0 release, we will
create a branch, and open Stage 1 for 4.4.0."
The Gfortran annual report has been published.
"Gfortran maintainers have kept up the momentum of 2006 and the number
of known F95 bugs has gone down sharply, the diagnostic capability
has increased and new F2003/8 features added.
Hopefully, the contributors can continue to move forward with bug
fixes, conformance to Fortran 95 standard, and the implementation of
Fortran 2003/8 features. However, this needs new blood in the ranks".
The December, 2007 edition of the Haskell Communities and Activities
Report has been
published. Take a look for a long list of new articles on the
Haskell language.
Andrew John Hughes has announced the Brandweg project.
"Over the past few days, a few of us (myself, dalibor, rkennke and mjw) have
been discussing the possibility
of creating a project (BrandWeg) in a similar vein to IcedTea but working in
the opposite direction i.e. instead of patching
the binary plugs in OpenJDK with GNU Classpath code, we use OpenJDK code to
fill some of the remaining
gaps in Classpath."
Version 1.4.1 of OpenSwing has been
announced.
"OpenSwing is a component library that provides a rich set of advanced
graphics components and a framework for developing java applications based on
Swing front-end. It can be applied both to rich client applications and Rich
Internet Applications."
Version 4.4.8 of PHP has been announced.
"The PHP development team would like to announce the immediate availability of PHP 4.4.8. It continues to improve the security and the stability of the 4.4 branch and all users are strongly encouraged to upgrade to it as soon as possible. This release wraps up all the outstanding patches for the PHP 4.4 series, and is therefore the last normal PHP 4.4 release."
Bill Walton
discusses
Ruby integration testing on O'Reilly.
"Paul: Hi, CB. Been fighting fires. I been trying to get over here, but I wanted Boss to come along so we could introduce him to Rails's Integration tests like you suggested. Unfortunately, he's been caught up in the same mess as me. It looks like we've got it under control now, so here we are!
The upside of the last few weeks is that Boss' interest in automated tests probably couldn't be any higher than it is right now. I'm convinced we could have avoided most of this latest mess if we'd been doing the kind of testing you and I've been working on."
Version 1.5 of IcedTea has been announced, it adds support for PPC and PPC64.
"The IcedTea project provides a harness to build the source code from
OpenJDK using Free Software build tools and
provides replacements libraries for the binary plugs with code from the
GNU Classpath project."
Version 0.73 of Cell ToolKit has been
announced.
"CTK (Cell ToolKit) is a C/C++ toolkit library for multi-core programming on the Cell/B.E.
We're pleased to announce the release of CTK Version 0.73, a minor bug-fix release of the CTK v0.7X."
Version 0.17.2 of OpenVRML has been
announced.
"OpenVRML is a cross-platform VRML and X3D browser and C++ runtime library.
OpenVRML 0.17.2 has been released. This release fixes a crash in relative URL resolution and enables support for gzip-encoded VRML/X3D in openvrml-player."
Version 1.5.3.8 of the GIT distributed version control system
has been announced.
"Hopefully this will be the last maintenance of 1.5.3 series, as
we are nearing -rc3 on the 1.5.4 front."
Scott Dowdle examines the
continued relevance of Red Hat. "I recently attended a Linux
Installfest and the primary distribution recommended by those heading up
the event was Ubuntu. That's all well and good but during their Linux
dog-and-pony-show a statement was made regarding Red Hat that struck me. I
don't recall the exact wording that was used but it was something along the
lines of... Red Hat used to be very popular but not anymore. I wasn't
really offended by the statement nor do I completely disagree with
it... but a lot remains to be said about the importance of Red Hat within
the Linux community. Red Hat is certainly king in the "Enterprise" space
with Novell a respectable second."
Datamation's Roy Schestowitz completes his survey of areas of Linux growth in 2007. "Another important mistake is to assume that all GNU/Linux servers are sold, as opposed to deployed. As stated earlier, Google is estimated to have approximately one millions servers, but the number remains unknown due to corporate secrecy. Google is able to build and even distribute its own servers, so such server usage can easily go below the radar of industry analysts, whose definitions are strictly controlled by those who commission studies for vanity and marketing purposes."
The folks at Wired found a fun Linux-based gadget at the Consumer Electronics Show which starts today in Las Vegas. It is a games console in a Playstation Portable form factor that looks rather interesting. "Unfortunately, no actual games were installed on it to see how it performed, but just getting to fondle it fills me with determination: I shall acquire one and exhaustively test it. Wikipedia says it runs other emulators up the Wazoo: everything from the Amstrad to original arcade games."
The New York Times reports on Intel's decision to part ways with the OLPC project. "On Thursday an Intel spokesman said the company shared with O.L.P.C. the vision of putting computers into the hands of children, but the two were not able to work out what he described as 'philosophical' differences."
Linux-Watch looks at the
new management at Open-Xchange. "Rafael Laguna, who played a major
role in merging SUSE with Novell, is now Open-Xchange's president and
CEO. And former SUSE CEO Richard Seibt is now OX's chairman of the
board. While at SUSE, Laguna and Seibt worked closely together and are
widely credited for helping SUSE's transformation into one of the world's
major Linux distributors."
LinuxWorld talks with the directors of a couple of organizations dedicated to promoting open source in governments. "The Munich migration is the largest public sector complete migration in Europe. Approximate size is 16,000 users, 14,000 desktops, 300 pieces of software including 170 business applications.
It is a complete migration, both server-side and desktop side. The server-side is built around Open LDAP and Samba. The desktop, around Debian and KDE.
The migration has now reached the halfway stage, and is due to complete in 2009. 5000 workstations are running Open Source on top of Microsoft Windows, 660 have taken the next step to Linux, and almost a third of all users are now trained to use Open Source."
The VietNamNet Bridge reports that
Linux use is growing locally. "Not so much popular as Microsoft, but
Linux will surely win the top place on the local market, following
instructions from the Government and other central agencies promoting the
use of open source software this year. So leading computer manufacturers
have begun to install the Linux operating system on PCs supplied to all
State agencies and schools."
Groklaw follows
the OLPC vs. LANCOR case. "I'll show you the filings in the Nigerian
case, but you can sum them up like this: OLPC doesn't use LANCOR's
keyboard, its keyboards are based on public domain techniques, and the
plaintiffs misled the court in a number of particulars to get an injunction
it doesn't deserve. OLPC asks that the case be tossed, describing it as
"wholly incompetent, vexatious and a gross abuse of the process of
court"."
Groklaw has an interview
with Mary Lou Jepsen. "Mary Lou Jepsen will go down in history
as the founding Chief Technology Officer of One Laptop Per Child. She has
recently announced that she is starting her own for-profit company, Pixel
Qi, to commercialize some of the technologies she invented at OLPC while
extending them. She calls it "a spin-out from One Laptop per Child." And so
naturally we had questions. Does this mean we will all soon be able to get
an XO-like laptop for adults, no matter where we live? Sean Daly had the
opportunity to conduct an email interview with Jepsen, and so we were able
to get some answers to that and many other questions."
The Australian ComputerWorld interviews
Bruce Schneier, who will be doing a keynote talk at linux.conf.au.
"The most important thing Linux has done to improve security is to be
competition for Windows. Monopolies are complacent, and by being an
alternative, Linux forces Microsoft to improve its own operating
system."
Over at CNET, Matt Asay interviews new Red Hat CEO Jim Whitehurst. Many will be as surprised as Asay at the free/open source software ideals coming from someone with seemingly no connection to that world. Whitehurst comes from Delta Airlines. "Red Hat appealed to me. Red Hat is different. By doing well as a company at Red Hat, we are doing good. Open source is a way to focus on the customer, letting us grow, succeed, and change the technology landscape...all while doing something that is fundamentally good. Fighting for open standards and open formats. These things will change society. I'm thrilled to be here."
IBM developerWorks presents
a tutorial
on programming the OLPC.
"In this tutorial, you learn about the XO laptop and how to write a Python activity using the Sugar UI. Along the way, you learn more about the XO laptop, its architecture, internals, and use."
PC Magazine plays with a phone that may become the first Android phone. The GW4 from Wistron will be running the Android software by March – which could make it the first – though the version described runs MontaVista Linux.
"The GW4 we saw had surprisingly low specs, but that's a testament to the efficiency of Linux, Wistron execs said. The GW4 is based on a TI OMAP 1710 chipset with a 216-MHz processor and only 64 MB of program memory, yet the model we saw ran the Opera Web browser, played video and flipped between a range of Web widget applications like weather and stocks. The user interface was very responsive."
LinuxDevices.com takes a look
at ultra-mini PCs from LimePC. "A Chinese firm will introduce a line of Linux-based
ultra-mini PCs (UMPC), one of which is said to be the size of a pack of
playing cards. LimePC says its self-named product suite will be based on
Freescale Semiconductor's MPC5121e system-on-chip (SoC). Although details
are sketchy, the LimePC products will include "UMPCs, pad-style PCs with
large touchpad LCD screens, notebook and desktop PCs, and mini-ITX
developer kits," says Beijing-based Tsinghua Tongfang (THTF). THTF's
Korean subsidiary, LimePC, is designing the products. The products will all
be equipped with one or more MPC5121e processors, and will offer USB 2.0,
802.11g WiFi and Bluetooth 2.1, as well as 10/100 Ethernet for the desktop
models."
This
Wired blog features a video that describes an effort to
open up access to the Nintendo Wii game platform.
"Wii fans hang on to your hats, as the video above explains, hackers have found a way around the Wii's encryption keys which opens the widely popular console up to home brewed games, open source ports and potentially even a full version of Linux running on your Wii.
The video comes from the 24th Chaos Communication Congress and demonstrates a Wii console running arbitrary code. As Tysoe_J explains in the WiiLi forums, Nintendo wouldnt be able to patch this with a firmware update, since doing so would also break the backwards compatibility with with Game Cube games."
Sam Varghese
attempts to define what the year of the Linux desktop
really means, in an iTWire article.
"What exactly do people mean when they say that a particular year will be the year of the Linux desktop? Do they mean that the number of people using Linux on the desktop will outnumber those using Windows? Even the most ardent Linux advocate and fanboy would say no.
Then is the year of the Linux desktop, the year when Linux becomes a mainstream operating system, the year when it is offered for sale by big computer sellers and resellers? If so, 2007 fits the bill very well with even Dell starting to sell both desktops and laptops with Linux installed."
It may not be the Year of the Linux Desktop, but this
article has some predictions for growth in 2008. "Vast legions
of open-source software enthusiasts and industry analysts eagerly proclaim
every twelve months that the elusive Year of the Linux Desktop is finally
upon us. These prognosticators imagine scenarios in which the disgruntled
techno-proletariat casts off the grim shackles of Microsoft oppression and
embraces the sweet liberation of peerless, penguin-powered performance and
productivity. Although these prophecies have obviously yet to be fulfilled
and Linux adoption on the desktop remains limited, the open-source OS is
rapidly gaining immense traction in the mobile and embedded space."
The Open Source Applications
Foundation, which still plans to produce the
"Chandler" personal information manager someday, has announced a set of changes.
Founder Mitch Kapor is moving away from the foundation, and will not be funding it
at the same level. "OSAF will maintain a smaller staff during the next phase of the project.
While figuring out the new funding model, it is prudent for the
organization to reduce expenses. OSAF's paid staff will go from 27
people to 10 people. While I expect that most former staff members will
move on to other endeavors, we certainly welcome them to remain involved
with OSAF and Chandler in some capacity. Developers will retain commit
privileges, for example."
Everex has
announced a new Ultra-Mobile PC.
"Measuring 9" in length and 2 pounds in weight, the Everex CloudBook caters to users seeking the latest in mobile computing. With its 1.2GHz VIA
C7-M ULV mobile processor, the laptop averages 5 hours of battery life on a
4-cell, lithium-ion battery. Unlike many of its competitors, the CloudBook
also features 30GB of internal storage, digital video output (DVI-I),
4-in-1 card reader and 1.3MP webcam."
Guardian Digital is promoting the Least Privilege security method.
"Guardian Digital, the developer's behind EnGarde Secure Linux, the
worlds first open source security platform, are announcing today that
2008 will showcase a huge resurgence in the exposure and awareness of
'least privilege' engineering as a metric for vendor security. The
company states this future re-emphasis on application access is likely,
especially considering the increased effectiveness of targeted
phishing attacks made possible from social networking sites."
From current Mozilla Corp. CEO Mitchell Baker's blog, comes the announcement that she will no longer be the CEO. She is moving into a different role within the organization and current COO John Lilly will be the new CEO. "As a result I've asked John to take on the role of CEO of the Mozilla Corporation, and John has agreed. In reality John and I have been unconsciously moving towards this change for some time, as John has been providing more and more organizational leadership. It is very Mozilla-like to acknowledge the scope of someone's role after he or she has been doing it for a while, and this is a good part of what is happening here."
OpenMoko has announced its incorporation.
"OpenMoko, creator of the first completely integrated open
source
mobile platform, today announced it is now a separate company of world leading
motherboard, graphics and mobile manufacturer, FIC."
Open-Xchange has announced a new CEO and a new board of directors member.
"Open-Xchange Inc., the leading independent provider of open
source collaboration software, today named co-founder and chairman of the board, Rafael Laguna as
the company's new president and CEO. Former SUSE CEO and Open-Xchange board member Richard Seibt
becomes chairman of the board. The company also announced that former Nixdorf CEO Bernhard Woebker
joined the board of directors as a new member."
Purple Labs has announced its joining with the LiMo Foundation.
"Purple Labs, a leading supplier of embedded Linux solutions
for mobile phones, announced today that it has joined the LiMo Foundation and will support the
organisation's mission to develop a world-class Linux-based software platform for mobile devices.
In joining the LiMo Foundation as an Associate member, Purple Labs becomes the first commercial
Linux platform for feature phones in the consortium, thereby extending the LiMo initiative to
mass-market mobile handsets."
DeviceVM has
announced the availability of its Splashtop platform on four new
ASUS motherboards.
"Built into a computer's motherboard, Splashtop uses Linux to run users'
favorite programs seconds after they turn on their computer. Programs
included in Splashtop are customized for each manufacturer. In the case of
ASUS Express Gate, they include a web browser, Skype, a VoIP and Instant
Messaging client and the ability for ASUS to update Splashtop remotely.
"We've seen a great response to our initial Splashtop products and
we're excited to be partners with an innovative leader like DeviceVM," says
Jackie Hsu, President of ASUS Computer International."
Xen Virtualization is a new book from Packt Publising that helps Linux
administrators to use Xen virtualization for development, testing, virtual
hosting or operating systems training. Written by Prabhakar Chaganti this
book is a practical guide for supporting multiple operating systems with
the Xen hypervisor.
The 451 Group has put up an article on the fall in funding for open source companies in 2007. "Disclosed funding deals were down 40.7% to $323.87m for the full year, compared to $546.3m in 2007. While a reduction in funding had been expected after the huge levels seen in 2006, a dramatic reduction in funding during the fourth quarter meant that total funding for 2007 was also lower than the $334.82m raised in 2006."
Lawrence Rosen has posted a lengthy explanation
(and advocacy piece) on version 3.0 of the Open Software License.
"Compare the patent provisions of OSL 3.0 to the patent provisions of
the GPL variants; OSL 3.0 uses simpler and more precise language and
reflects no political, anti-patent agenda. Further, it recognizes and
respects patents and licenses them appropriately for open source
purposes."
The LinuxQuestions.org Members Choice Awards is accepting votes
until February 21.
"The Members
Choice Awards allow the Linux community to select their favorite products
in a variety of categories. Awards will be given out in 27 categories this
year, including Server Distribution of the Year, Desktop Distribution of
the Year, Browser of the Year, Office Suite of the Year, Desktop
Environment of the Year and Database of the Year."
A call for talks has gone out for the GNOME devroom at FOSDEM 2008.
"As for the last few years, we'll have a GNOME devroom at FOSDEM (23/24
feb in Brussels), and as always, we're looking for people who want to
give talks in that devroom.
This year, the half day dedicated to cross desktop talks has been
extended to cover the whole Sunday, though talks that are appropriate
for that day go from talks about actual cross desktop topics to talks
which are gnome/kde specific but can be of interested to the other
communities."
Submissions are due by January 27.
The LinuxWorld conference and expo has put out a call for papers. The conference will be held in San Francisco in August 2008. "LinuxWorld Conference & Expo is the worlds most comprehensive marketplace for open source products and services. Combining in-depth educational sessions with displays of innovative products and solutions on the exhibit floor, LinuxWorld provides business decision-makers with information and resources to implement Linux and open source solutions into business infrastructure and enterprise networks."
A call for papers has gone out for the PostgreSQL Conference East.
"PostgreSQL Conference East is being held on the weekend of March 29th
and 30th, 2008 in College Park, Maryland. The conference will have a
series of talks, mini-tutorials and tutorials and we are now accepting
submissions!"
The Open Group has
announced new speakers for the EAP Conference.
"The Open Group, a vendor- and
technology-neutral consortium focused on open standards and global
interoperability within and between enterprises, today announced an
expanded lineup of keynote presenters, panel discussions and expert case
studies for its highly anticipated 17th Enterprise Architecture
Practitioners Conference. David Linthicum, managing partner for ZapThink,
will return to deliver the opening keynote address at the conference, to be
held January 28-30, 2008 at the Fairmont Hotel in San Francisco. In
addition, the plenary sessions will include end user panels and case
studies featuring American Express, HSBC and Marriott International."
PostgreSQL Community leader Bruce Momjian will be holding a
group breakfast on January 24 in London, UK.
"If you're interested in chatting about 'What's New in PostgreSQL 8.3',
or just enjoying breakfast with peers, join PostgreSQL Community leader
Bruce Momjian to learn more at this upcoming event.
With the imminent general release of PostgreSQL 8.3, this is an ideal
opportunity for PostgreSQL users and community members to learn more
about the improvements being made to further strengthen the PostgreSQL
solution."
The Linux Foundation has announced
the launch of a series of podcasts with "open source visionaries"; the
first such visionary is Linus Torvalds. The first half of the interview is
available
now (in MP3 or Ogg format); a
transcript has also been posted. "I try to avoid using the word
community because it's misleading in so many ways. It's misleading in the
sense there is no one community; it's everybody tends to have their own
issues that they care about and they may - may or may not have anything to
do with another person who's ostensibly in the same community."
![[RPM logo]](/images/ns/rpmlogo.png)