Feed aggregator

Oracle Java SE CVE-2013-1482 JavaFX Remote Security Vulnerability

Oracle Java SE CVE-2013-1477 JavaFX Remote Security Vulnerability

Oracle Java SE CVE-2013-1472 JavaFX Remote Security Vulnerability

Distributed Replicated Storage Across Four Storage Nodes With GlusterFS 3.2.x On Ubuntu 12.10

This tutorial shows how to combine four single storage servers (running Ubuntu 12.10) to a distributed replicated storage with GlusterFS. Nodes 1 and 2 (replication1) as well as 3 and 4 (replication2) will mirror each other, and replication1 and replication2 will be combined to one larger storage server (distribution). Basically, this is RAID10 over network. If you lose one server from replication1 and one from replication2, the distributed volume continues to work. The client system (Ubuntu 12.10 as well) will be able to access the storage as if it was a local filesystem. GlusterFS is a clustered file-system capable of scaling to several peta-bytes. It aggregates various storage bricks over Infiniband RDMA or TCP/IP interconnect into one large parallel network file system. Storage bricks can be made of any commodity hardware such as x86_64 servers with SATA-II RAID and Infiniband HBA.

LinuxSecurity.com: A buffer overflow problem has been found in nagios3, a host/service/network monitoring and management system. A mailicious client could craft a request to history.cgi and cause application crashes. [More...]

LinuxSecurity.com: Jann Horn had reported two vulnerabilities in Samba, a popular cross-platform network file and printer sharing suite. In particular, these vulnerabilities affect to SWAT, the Samba Web Administration Tool. [More...]

LinuxSecurity.com: Multiple stack-based buffer overflows were discovered in libupnp4, a library used for handling the Universal Plug and Play protocol. HD Moore from Rapid7 discovered that SSDP queries where not correctly handled by the unique_service_name() function. [More...]

LinuxSecurity.com: Multiple stack-based buffer overflows were discovered in libupnp, a library used for handling the Universal Plug and Play protocol. HD Moore from Rapid7 discovered that SSDP queries where not correctly handled by the unique_service_name() function. [More...]

Jerry Bezencon has announced the release of Linux Lite 1.0.4, an Ubuntu-based distribution with a customised Xfce desktop: "Linux Lite 1.0.4 final for 32-bit processors with PAE support has been released. If you already have the CVF version installed, there is no immediate need to install this final....

Virtual Hosting With PureFTPd And MySQL (Incl. Quota And Bandwidth Management) On Fedora 18

This document describes how to install a PureFTPd server that uses virtual users from a MySQL database instead of real system users. This is much more performant and allows to have thousands of ftp users on a single machine. In addition to that I will show the use of quota and upload/download bandwidth limits with this setup. Passwords will be stored encrypted as MD5 strings in the database.

LinuxSecurity.com: USN-1704-1 introduced a regression in the Linux kernel.

LinuxSecurity.com: USN-1698-1 introduced a regression in the Linux kernel.

LinuxSecurity.com: USN-1696-1 introduced a regression in the Linux kernel.

LinuxSecurity.com: USN-1700-1 introduced a regression in the Linux kernel.

LinuxSecurity.com: Multiple vulnerabilities has been found and corrected in freetype2: A Null pointer de-reference flaw was found in the way Freetype font rendering engine handled Glyph bitmap distribution format (BDF) fonts. A remote attacker could provide a specially-crafted BDF font [More...]

LinuxSecurity.com: USN-1699-1 introduced a regression in the Linux kernel.

Newly updated builds of PCLinuxOS "KDE" and "KDE MiniME" editions, version 2013.02, have been released: "PCLinuxOS KDE and KDE-MiniME 2013.02 are now available for download. These are 32-bit quarterly update ISO images which can also be installed on 64-bit computers. With respect to the previous KDE editions these....

This is an interesting piece on mandatory access-control by the well-known computer researcher and FreeBSD Foundation member Robert Watson: To discuss operating system security is to marvel at the diversity of deployed access-control models: Unix and Windows NT multiuser security; Type … Continue reading →

LinuxSecurity.com: Updated mingw32-libxml2 packages that fix several security issues are now available for Red Hat Enterprise Linux 6. This advisory also contains information about future updates for the mingw32 packages, as well as the deprecation of the packages with the release of Red Hat [More...]

LinuxSecurity.com: An updated xorg-x11-drv-qxl package that fixes one security issue is now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate [More...]