Max Stotsky reported bug #490000 on Wednesday July 9th. Yet another i18n-related bug for a round number mark: “apt-cache search and ddtp”. As bug #480000 was reported as of May 7th 2008, we’re still keeping nearly exactly the pace of 2 months for 10,000 bugs, so 60,000bugs a year. Bug #500000 should then be reported around Sept 9th 2008.
Whether you’re running Linux, Windows, Cisco, Sun, or other DNS servers, you are at risk from a newly discovered vulnerability. So says Dan Kaminsky, head of penetration testing research at IO Active, who accidently discovered the DNS “design flaw” earlier this year.
You can check whether the DNS servers you use are vulnerable by clicking the Check My DNS button in the upper right corner of Kaminsky’s Web site.
On Sunday 6th July, the Bugsquad will be holding a Kopete bug triage day. The aim: to dramatically reduce the number of Kopete bug reports from the current level of approximately 530. As usual, this bug day will be coordinated in the channel #kde-bugs on irc.freenode.net. There will also be a followup bug day two weeks later, on Sunday 20th July, to triage any remaining bugs.
Release Notes for Trac 0.10.5
=============================
June 22, 2008
(Note: Trac 0.11 will also be released later today)
We’re happy to announce the Trac 0.10.5 release, available from:
http://trac.edgewall.org/wiki/TracDownload
For questions, comments and user discussions, please use the Trac
mailing list. List information, subscription and archive available at:
http://trac.edgewall.org/wiki/MailingList
Trac 0.10.5 contains two security fixes and a couple of bug fixes.
The following list contains only a few highlights:
A number of people who monitor our Zero Day Initiative’s Upcoming Advisories page noticed yesterday that we reported a vulnerability to Mozilla (ZDI-CAN-349). Taking into account the coincidental timing of the Firefox 3.0 release, many are asking us if this is the first reported critical vulnerability in the latest version of the popular open source browser.
What we can confirm is that about five hours after the official release of Firefox 3.0 on June 17th, our Zero Day Initiative program received a critical vulnerability affecting Firefox 3.0 as well as prior versions of Firefox 2.0.x. We verified the vulnerability in our lab, acquired it from the researcher, then promptly reported the vulnerability to the Mozilla security team shortly after.
Read more at DVLabs
This coming Sunday, June 15, BugSquad is hosting a BugDay to go triaging through old Amarok bugs. Come join #kde-bugs anytime to get training and help out! No prior experience is necessary, and you don’t need any programming knowledge.
If you are a Kubuntu user, there is a nightly build called Project Neon that you can use.
This Sunday (8th June), the KDE Bugsquad will host a KDE PIM Krush day. The aim of the day will be to find and document as many of the bugs in the PIM applications (including KMail, Kontact, Akregator and many more) of the upcoming KDE 4.1 release as possible. The day will begin at 0:00 UTC on Sunday and continue until the day is over throughout the world. Krush Days are an excellent opportunity for KDE users keen to make their first contribution to the KDE project.
Researchers at Secunia have flagged a “highly critical” vulnerability in Samba, the widely deployed open-source software for networked file sharing and printing.
According to an advisory from Secunia, the vulnerability affects Samba versions 3.0.28a and 3.0.29 and can be exploited by malicious people to compromise a vulnerable system.
Despite having an aversion to configuring and maintaining security and crypto software, I accepted that I had to update my system in response to the recent big Debian security problem. If I can do it, you can do it. Below are my notes, but keep in mind that my security rank is somewhere between ignorant and uninterested.
Bug Day 4 will take place on Sunday 18th May from 0:00 UTC - 23:59 UTC. (That’s a start time of 02:00 CEST, or 17:00 PDT). For this Bug Day, we will be sorting and testing bugs reported against Konqueror.
Bug Days are hosted by the KDE Bugsquad approximately once every two weeks. Their purpose is to check back through the large numbers of bugs stored in the KDE Bug Tracking System and investigate how to reproduce them. This means that when developers come to the bug reports to fix them, all the information they need is available on the report and they don’t have to spend huge amounts of their time investigating the bugs - they can just focus on fixing them. During each Bug Day, we will focus on one area of KDE in particular. For this Bug Day, we will be focusing on general bugs in Konqueror. More information can be found on the Bug Day 4 Techbase Page.
Read more at KDE.news
1983. The year of the IBM PC XT, the Apple Lisa, Pioneer 10 leaving the solar system, and Hooters opening up shop in Florida. It’s also the birthyear of a 25 year old BSD bug, squashed only a few days ago.
A few days ago, Marc Balmer, OpenBSD developer, received an email from an OpenBSD user. The email claimed that SAMBA would crash when serving files off an MS-DOS filesystem. Balmer got into contact with a few SAMBA developers who claimed that SAMBA uses a special workaround in order to function properly on BSD systems: the code for reading directories in all BSDs was flawed.
Please note that OpenOffice.org version 2.4, released on 27th March, fixed a number of security vulnerabilities. To our knowledge, none of
these has been exploited; however, in accordance with industry best
practice, we recommend all users upgrade to 2.4.
This information has been withheld until now to ensure that all the
products derived from the OpenOffice.org codebase have been able to
include these security fixes before the public announcement of the
vulnerabilities.
For full details of the vulnerabilities fixed, please see our security
bulletin http://www.openoffice.org/security/bulletin.html
The OpenOffice.org Security Team
A thread on the Linux Kernel mailing list discussed the process in place for reporting, bisecting and fixing bugs. In response to a suggestion that some of the issues could be solved by introducing new procedures, Al Viro retorted, “we’ve got ourselves a developing beaurocracy. As in ‘more and more ways of generating activity without doing anything even remotely useful’. Complete with tendency to operate in the ways that make sense only to bureaucracy in question and an ever-growing set of bylaws…” Later in the thread, David Miller agreed and noted that ,”the resulting ‘bureaucracy’ or whatever you want to call it is perceived to undercut the very thing that makes the Linux kernel fun to work on. It’s still largely free form, loose, and flexible. And that’s a notable accomplishment considering how much things have changed. That feeling is why I got involved in the first place, and I know it’s what gets other new people in and addicted too.”
Memory bugs, essentially a mistake in the management of heap memory, are caused by a number of factors and can occur in any program that is being written, enhanced or maintained. The fact that memory bugs can be introduced at any time is part of what makes memory debugging a challenging task. This is especially true with codes that are written collaboratively or that are being maintained over a long period of time, where assumptions about memory management can either change or not be communicated clearly.
Three “critical” vulnerabilities have been discovered in the Linux kernel found in many of the widely used distribution versions of the popular open source operating system.
The three flaws could allow an unauthorized user to read or write to kernel memory locations or to access various resources in vulnerable systems, according to an advisory from SecurityFocus, the vendor neutral website that provides a wide range of security-related information, including a database of known software vulnerabilities.
The vulnerabilities could be exploited by malicious local users to cause denial-of-service (DoS) attacks, disclose potentially sensitive information, or gain “root” privileges to the operating system, according to the advisory.
WordPress 2.3.3 is an urgent security release. If you have registration enabled a flaw was found in the XML-RPC implementation such that a specially crafted request would allow a user to edit posts of other users on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.
Also, there is a vulnerability in the WP-Forum plugin that is being actively exploited right now. If you are using this plugin, please remove it until an update is available from its author.
Since we are talking security, remember to use strong passwords and change them regularly. While you’re updating WP and your plugins, consider refreshing your passwords.
PS: FreeSoftNews is updated to the latest WordPress!
SecurityFocus has on Monday reported vulnerabilities in the open source content management system Mambo, which could be exploited by attackers to view confidential information or compromise a system. Four flaws have been found, and as yet no fix has been issued.
The mambots/editors/mostlyce/jscripts/tiny_mce/filemanager/connectors/php/connector.php script fails to correctly filter the content of the file[NewFile][tmp_name] parameter, so that crafted arguments can be used to delete files such as configuration.php on the server. If the administrator has not deleted or renamed the Mambo installation directory, it is even possible to load a remote database by uploading a manipulated configuration file. Attackers could then load arbitrary content into the CMS. For the attack to succeed, the image manager must, however, be located in the web server’s root directory.
Mozilla is working to fix a browser flaw that could give attackers unauthorized access to data on a victim’s machine.
The problem is similar to other data leakage flaws found in the open-source browser, according to researcher Gerry Eisenhaur, who first reported the problem on Saturday.
A mass attack ongoing for the past month against Linux Apache Web servers has become increasingly successful because its break-in method makes use of an automated password and installation process, according to a security researcher monitoring its progress.
Don Jackson, senior security sesearcher at SecureWorks, says the attack, which was first thought to have compromised several hundred Web sites, has hit at least 10,000. He says the attack relies on making use of stolen passwords to Linux Apache servers by automating the installation process to force it to serve up attacks against vulnerabilities on Windows clients.
Many companies are running software on their Web servers that contains open source code with known vulnerabilities, a security firm has found. Software risk management solutions firm Palamida has expanded its Vulnerability Reporting Solution detection capabilities to include 431 open source security alerts. The alerts include 148 that are considered to have high-severity common vulnerability and exposures ranging from cross-site scripting and buffer overflows, to SQL injections.