Feed aggregator

Red Hat: ARM servers will come when people crank out chips like AMD's 64-bit Seattle #Linuxcon

News.Debuntu.Org - Sat, 08/23/2014 - 13:00

The Register: Standards to lift data center boxes out of device doldrums

Bookmark/Search this post with:
Categories: Network

Automating the Debian installer with PXE and preseeding

News.Debuntu.Org - Sat, 08/23/2014 - 12:34

This article is designed to introduce the process of PXE-booting a host directly into the Debian installer, and then automating the installation via the Debian PreSeed configuration. Both of these topics have been covered in the past, but not together - and we'll also include notes on testing this setup with KVM.

Bookmark/Search this post with:
Categories: Network

35 Open Source Tools for the Internet of Things

News.Debuntu.Org - Sat, 08/23/2014 - 06:00

 Datamation: Open source Internet of Things is growing fast.

Bookmark/Search this post with:
Categories: Network

Virtual Machine Brings X86 Linux Apps To ARMv7 Devices

News.Debuntu.Org - Sat, 08/23/2014 - 04:07

DeviceGuru writes Eltechs announced a virtual machine that runs 32-bit x86 Linux applications on ARMv7 hardware. The ExaGear VM implements a virtual x86 Linux container on ARMv7 computers and is claimed to be 4.5 times faster than QEMU, according to Eltechs. The VM is based on binary translation technology and requires ARMv7, which means it should run on mini-PCs and SBCs based on Cortex-A8, A7, A9, and A15 processors — but sadly, it won't run on the ARM11 (ARMv6) SoC found on the Raspberry Pi. It also does not support applications that require kernel modules.

Bookmark/Search this post with:

read more

Categories: Network

VMware Certifies Ubuntu Linux LTS for vCloud Air Cloud Computing

News.Debuntu.Org - Sat, 08/23/2014 - 02:00

 The VAR Guy: Canonical's Ubuntu Linux operating system is now available as a certified operating system for VMware's vCloud Air enterprise cloud-computing platform.

Bookmark/Search this post with:
Categories: Network

CVE-2014-5120

News.Debuntu.Org - Sat, 08/23/2014 - 01:55

gd_ctx.c in the GD component in PHP 5.4.x before 5.4.32 and 5.5.x before 5.5.16 does not ensure that pathnames lack %00 sequences, which might allow remote attackers to overwrite arbitrary files via crafted input to an application that calls the (1) imagegd, (2) imagegd2, (3) imagegif, (4) imagejpeg, (5) imagepng, (6) imagewbmp, or (7) imagewebp function.

Bookmark/Search this post with:
Categories: Network

CVE-2014-3597

News.Debuntu.Org - Sat, 08/23/2014 - 01:55

Multiple buffer overflows in the php_parserr function in ext/standard/dns.c in PHP before 5.4.32 and 5.5.x before 5.5.16 allow remote DNS servers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted DNS record, related to the dns_get_record function and the dn_expand function. NOTE: this issue exists because of an incomplete fix for CVE-2014-4049.

Bookmark/Search this post with:
Categories: Network

CVE-2014-3587

News.Debuntu.Org - Sat, 08/23/2014 - 01:55

Integer overflow in the cdf_read_property_info function in cdf.c in file through 5.19, as used in the Fileinfo component in PHP before 5.4.32 and 5.5.x before 5.5.16, allows remote attackers to cause a denial of service (application crash) via a crafted CDF file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2012-1571.

Bookmark/Search this post with:
Categories: Network

DSA-3011 mediawiki - security update

News.Debuntu.Org - Sat, 08/23/2014 - 00:00

It was discovered that MediaWiki, a website engine for collaborative
work, is vulnerable to JSONP injection in Flash (CVE-2014-5241) and
clickjacking between OutputPage and ParserOutput (CVE-2014-5243). The
vulnerabilities are addressed by upgrading MediaWiki to the new upstream
version 1.19.18, which includes additional changes.

Bookmark/Search this post with:
Categories: Network

How to sniff HTTP traffic from the command line on Linux

News.Debuntu.Org - Fri, 08/22/2014 - 22:00

 xmodulo: Suppose you want to sniff live HTTP web traffic (i.e., HTTP requests and responses) on the wire for some reason.

Bookmark/Search this post with:
Categories: Network

Day: New Human Interface Guidelines for GNOME and GTK+

News.Debuntu.Org - Fri, 08/22/2014 - 21:25

At his blog, Allan Day announces the preliminary availability of a brand-new edition of the GNOME Human Interface Guidelines (HIG). Prepared for the upcoming GNOME 3.14 release, this is the first major overhaul of the GNOME HIG in some time. Day notes: "There is a downside to all the experimentation that has been happening in software design in recent years, of course – it can often be a bewildering space to navigate. This is where the HIG comes in.

Bookmark/Search this post with:

read more

Categories: Network

Linux: Hide Processes From Other Users

News.Debuntu.Org - Fri, 08/22/2014 - 21:00

 nixcraft: How to stop leaking process information to all users on Linux operating systems?

Bookmark/Search this post with:
Categories: Network

Calibre 2.0 released

News.Debuntu.Org - Fri, 08/22/2014 - 20:14

Version 2.0 of the Calibre electronic book management tool has been released. There is a
long list of new features since the 1.0 release. "The biggest new
feature is an e-book editor, capable of editing ebooks in both the EPUB and
AZW3 (Kindle) formats."

Bookmark/Search this post with:
Categories: Network

Linus Torvalds still wants the Linux desktop

News.Debuntu.Org - Fri, 08/22/2014 - 20:00

 ZDnet: Linux runs everything, everywhere, but Linus Torvalds still wants it to rule on one place it doesn't: The desktop.

Bookmark/Search this post with:
Categories: Network

The New Stack and Linux Foundation Survey: OpenStack and Docker are The Most Popular Open Source Projects

News.Debuntu.Org - Fri, 08/22/2014 - 19:00

The New Stack: OpenStack is the most popular open source cloud project, followed by Docker and KVM, according to a survey of more than 550 respondents

Bookmark/Search this post with:
Categories: Network

Linux distro KaOS 2014.08 is here with KDE 4.14.0

News.Debuntu.Org - Fri, 08/22/2014 - 18:00

Betanews: The Linux desktop community has reached a sad state.

Bookmark/Search this post with:
Categories: Network

CVE-2014-5243

News.Debuntu.Org - Fri, 08/22/2014 - 17:55

MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 does not enforce an IFRAME protection mechanism for transcluded pages, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site.

Bookmark/Search this post with:
Categories: Network

CVE-2014-5242

News.Debuntu.Org - Fri, 08/22/2014 - 17:55

Cross-site scripting (XSS) vulnerability in mediawiki.page.image.pagination.js in MediaWiki 1.22.x before 1.22.9 and 1.23.x before 1.23.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving the multipageimagenavbox class in conjunction with an action=raw value.

Bookmark/Search this post with:
Categories: Network

CVE-2014-5241

News.Debuntu.Org - Fri, 08/22/2014 - 17:55

The JSONP endpoint in includes/api/ApiFormatJson.php in MediaWiki before 1.19.18, 1.20.x through 1.22.x before 1.22.9, and 1.23.x before 1.23.2 accepts certain long callback values and does not restrict the initial bytes of a JSONP response, which allows remote attackers to conduct cross-site request forgery (CSRF) attacks, and obtain sensitive information, via a crafted OBJECT element with SWF content consistent with a restricted character set.

Bookmark/Search this post with:
Categories: Network

CVE-2014-3563

News.Debuntu.Org - Fri, 08/22/2014 - 17:55

Multiple unspecified vulnerabilities in Salt (aka SaltStack) before 2014.1.10 allow local users to have an unspecified impact via vectors related to temporary file creation in (1) seed.py, (2) salt-ssh, or (3) salt-cloud.

Bookmark/Search this post with:
Categories: Network
Syndicate content