Random Linux

Ubuntu Security Notice USN-3239-2

21st March, 2017

eglibc, glibc regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

USN-3239-1 introduced a regression in the GNU C Library.

Software description

• eglibc – GNU C Library
• glibc – GNU C Library

Details

USN-3239-1 fixed vulnerabilities in the GNU C Library. Unfortunately,
the fix for CVE-2015-5180 introduced an internal ABI change within
the resolver library. This update reverts the change. We apologize
for the inconvenience.

Please note that long-running services that were restarted to compensate
for the USN-3239-1 update may need to be restarted again.

Original advisory details:

It was discovered that the GNU...

The Linux desktop can be a confounding thing—always just on the cusp of perfection, but seemingly lacking one small detail or another. Granted, nearly every Linux desktop can be brought to that level of greatness with a configuration or two, but every so often you just wish you could install and be done with it.

• You won’t have to bother with codecs

• You won’t have to hunt down third-party software

• You won’t have to tweak the UI to fit your needs

• You could easily play games

• Media “just worked”

Most of us can take a standard distribution and get the above working with little to no effort. But other users may want a computer operating system that doesn’t require extra work.

That is where Chapeau comes in. Chapeau is a cutting-edge Linux distribution, built from Fedor...

Ubuntu Security Notice USN-3112-1

27th October, 2016

thunderbird vulnerabilities

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 16.10
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS
• Ubuntu 12.04 LTS

Summary

Several security issues were fixed in Thunderbird.

Software description

• thunderbird – Mozilla Open Source mail and newsgroup client

Details

Catalin Dumitru discovered that URLs of resources loaded after a
navigation start could be leaked to the following page via the Resource
Timing API. If a user were tricked in to opening a specially crafted
website in a browsing context, an attacker could potentially exploit this
to obtain sensitive information. (CVE-2016-5250)

Christoph Diehl, Andrew McCreight, Dan Minor, Byron Campen, Jon Coppeard,
Steve Fink, Tyson Smith, and Carst...

Ubuntu Security Notice USN-3114-2

27th October, 2016

nginx regression

A security issue affects these releases of Ubuntu and its derivatives:

• Ubuntu 16.10
• Ubuntu 16.04 LTS
• Ubuntu 14.04 LTS

Summary

USN-3114-1 introduced a regression in nginx packaging.

Software description

• nginx – small, powerful, scalable web/proxy server

Details

USN-3114-1 fixed a vulnerability in nginx. A packaging issue prevented
nginx from being reinstalled or upgraded to a subsequent release. This
update fixes the problem.

We apologize for the inconvenience.

Original advisory details:

Dawid Golunski discovered that the nginx package incorrectly handled log
file permissions. A remote attacker could possibly use this issue to obtain
root privileges.

Update instructions

The problem can be corrected by updating your system...

We learned the basics of running the Apache HTTP server on the Debian/Ubuntu/etc. family of Linux distributions in Apache on Ubuntu Linux For Beginners and Apache on Ubuntu Linux For Beginners: Part 2. Now we’re going to tackle CentOS/Fedora/andtherest. It’s the same Apache; the differences are package names, configuration files, and that never-ending source of fun times, SELinux.

Install Apache in the usual way with Yum, set it to automatically start at boot, and then start it:

  $   sudo yum -y install httpd $   sudo systemctl enable httpd.service $   sudo systemctl start httpd.service 

Point a web browser to http://localhost, and you should see a test page (Figure 1).

It works! We are wonderful.

SELinux

CentOS installs with an active SELinux configuration set to SELINUX=enforcing in /e...

Problem

I have recently upgraded my desktop machind from ubuntu 16.04 to ubuntu 16.10 and after reboot some of the websites are not working.

Solution 1

Disable dnsmasq

Edit /etc/NetworkManager/NetworkManager.conf with the following command

gksu gedit /etc/NetworkManager/NetworkManager.conf

Enter in your password when prompted.

Comment out the line dns=dnsmasq

#dns=dnsmasq

and then restart Network Manager using the following command

sudo restart network-manager

If you get /com/ubuntu/upstart: Connection refused error try the following command

sudo service network-manager restart

Solution 2

Restart dnsmasq service using the following command

sudo service dnsmasq restart

Solution 3

Edit /etc/nsswitch.conf file

gksu gedit /etc/nsswitch.conf

and change the following line

From

hosts...

I’ve looked at general astronomy programs in the past that are helpful for many tasks you might need to do in your stargazing career. But, several specific jobs are more complicated and require specialized software to make relevant calculations, so here, let’s take a look at Nightfall.

Nightfall is a program that can handle calculations involving binary star systems. It can animate binary star systems, taking into account not only orbital speeds but also rotational motion and the changing shape of stars due to their close positions. You can model what it would look like and what kind of light curves you would register when observing a binary system. You even can take a set of actual observational data and find a best-fit model for the system you are studying.

Most distributions don’t inclu...

Linux is powerful, because it believes in the philosophy of simplicity. Each tool is there for one simple purpose. Then we combine different tools into bigger ones, for bigger missions. That’s so called integration. Yeah, the integration!

If we only integrate stable and well-known tools, we’re in luck. Probably things will go smoothly; otherwise, the situation would be much different.

Even worse, the error messages could be confusing. See the example below of an error in Chef development. How we can easily see it’s a local issue, not a bug, at the first glance?

  Installing yum-epel (0.6.0) from https://supermarket.getchef.com ([opscode] https://supermarket.chef.io/api/v1) Installing yum (3.5.3) from https://supermarket.getchef.com ([opscode] https://supermarket.chef...

In less than a week, openSUSE Tumbleweed had two snapshots that included new Linux Kernels.

Snapshot 20160120 brought users Linux Kernel 4.8.3 and and four days later snapshot 20160124 brought the 4.8.4 Linux Kernel. A kernel patch for the Dirty Cow security vulnerability (CVE-2016-5195) came quickly to the rolling release and was available by Saturday.

The snapshots in between the two kernel snapshots brought timezone updates in  snapshot 20160123 and KDE updates with snapshot 20160122.

Snapshot 20160122 fixed a three-year-old bung in ghostscript fixing CVE-2013-5653.

The snapshot also updated Plasma to version 5.8.2, the cross-distro collaboration package AppStream to 0.10.0 and python3-setuptools to 28.6.1. Php 5 updated to version 5.6...