Heads up: possible BASH security vulnerability
by Patrick O'Callaghan
http://arstechnica.com/security/2014/09/bug-in-bash-shell-creates-big-sec...
>From the article:
The vulnerability affects versions 1.14 through 4.3 of GNU Bash. [...]
To check your system, from a command line, type:
env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
If the system is vulnerable, the output will be:
vulnerable
this is a test
An unaffected (or patched) system will output:
$ env x='() { :;}; echo vulnerable' bash -c "echo this is a test"
bash: warning: x: ignoring function definition attempt
bash: error importing function definition for `x'
this is a test
I tried it and got the positive (vulnerable) result.
Can we assume a patched version of Bash will be released shortly?
poc
9 years, 6 months
Wrong Screen Resolution after uninstalling nvidia packages from rpmfusion
by JD
My physical screenis 1280x800. It is the screen of a Dell Latitude E6500
laptop.
Now, all gui app windows are being displayed as if my physical screen is
1280x760,
and the app's window is 1280x800, thus I can pan the window up and down by
moving the mouse to top of screen or bottom of screen.
This resizing happened AFTER I uninstalled the rpmfusion nvidia packages:
xorg-x11-drv-nvidia.x86_64
xorg-x11-drv-nvidia-304xx.x86_64
xorg-x11-drv-nvidia-304xx-devel.x86_64
xorg-x11-drv-nvidia-304xx-libs.x86_64
xorg-x11-drv-nvidia-libs.x86_64
xrandr reports:
# xrandr --verbose
xrandr: Failed to get size of gamma for output default
Screen 0: minimum 640 x 480, current 1280 x 768, maximum 1280 x 768
default connected 1280x768+0+0 (0x186) normal (normal) 0mm x 0mm
Identifier: 0x181
Timestamp: 55232
Subpixel: unknown
Clones:
CRTC: 0
CRTCs: 0
Transform: 1.000000 0.000000 0.000000
0.000000 1.000000 0.000000
0.000000 0.000000 1.000000
filter:
1280x720 (0x182) 0.000MHz
h: width 1280 start 0 end 0 total 1280 skew 0 clock
0.00KHz
v: height 720 start 0 end 0 total 720 clock
0.00Hz
1024x768 (0x183) 47.972MHz
h: width 1024 start 0 end 0 total 1024 skew 0 clock
46.85KHz
v: height 768 start 0 end 0 total 768 clock
61.00Hz
800x600 (0x184) 29.280MHz
h: width 800 start 0 end 0 total 800 skew 0 clock
36.60KHz
v: height 600 start 0 end 0 total 600 clock
61.00Hz
640x480 (0x185) 18.432MHz
h: width 640 start 0 end 0 total 640 skew 0 clock
28.80KHz
v: height 480 start 0 end 0 total 480 clock
60.00Hz
1280x768 (0x186) 0.000MHz *current
h: width 1280 start 0 end 0 total 1280 skew 0 clock
0.00KHz
v: height 768 start 0 end 0 total 768 clock
0.00Hz
Is there a way to restore it back to physical resolution of 1280x800?
9 years, 6 months
ps -ef stack overflow fedora 20 fully updated
by Ger van Dijck
Hi Folks,
When doing a ps -ef on a fully updated Fedora 20 OS I get the following
message:
/usr/bin/abrt-watch-log -F BUG : WARNING : at WARNING : CPU :INFO:
possoble recurcive locking detected kernel BUG at list_del corruption
list_add corruption do_IRQ :stack overflow : ear stack overflow (cur:
general protection fault enable to handle kernel double fault : RTNL :
assertion failed eek! page_mapcount(page) went nagative! madness at NETDEV
WATCHDOG ysctl table check failed : nobody cared IRQ handler type mismatch
Machine Chek Exeption : Machine check events logged devide error : bounds
: coprosessor overrun : invalid TSS : segment not present : invalid upcode
: aligment check : stack segment : fpu exeption : simd exeption : iret
exeption : /var/log/messages -- /usr/bin/abrt-dump-oops -xtD
You want more ??
Suddenly I cannot scan (HP4620) anymore and the Dell Inspiron Laptop is
behaving unpredictabel
I have not been encountered with a slach overflow for years
I cannot imagine that nobody has not seen this error doing ps -ef
Any help or commend would be usefull
Greetings
Ger van Dijck.
--
Gemaakt met Opera's e-mailprogramma: http://www.opera.com/mail/
9 years, 6 months
UCB keybord curiosity
by Geoffrey Leach
I have a system that functions as a PVR, and is re-booted daily. There have been no recent updates. On yesterday's reboot (and subsequently) the kernel does not recognize A/N keystrokes from the KBD. Mousepad motions and clicks work fine. Looking at the dmesg output, there appears to be nothing amiss. When I move the USB transceiver to another system, everything works as it should.
Suggestions? Thanks.
9 years, 6 months
strange issue with ssh on F20 on DSL/VPN
by Ranjan Maitra
So, I have a strange issue.
I have a local machine (laptop) connecting remotely to several desktops
including one that is a fully updated F20 (this is the one I have total
control over and therefore my choice of distributions). The others are
RHEL5's or Centos6. Connections are only permitted to all
machines through VPN (university policy). So, I on my new DSL
connection (which is wired and will replace my cable modem connection)
but currently both are active.
Anyway, I can connect to all machines when I am on the cable modem
(using wireless) and VPN unlimited number of times.
I can connect to all the non-F20 machines using ssh unlimited times
when I am on DSL and VPN.
However, I can only connect once t the F20 machine when I am on DSL and
the VPN. There is no way I can connect directly. (I can connect to one
of the non-F20 machines by ssh and from there connect to the F20 machine
however.) I can only connect directly again to the F20 machine by
ssh from my local machine by rebooting the remote F20 machine. And that
too for only one time. After I log out, I can not connect again.
What should I looking for? /var/log/secure does not have any entry when
I can not connect (however it does have an entry when I cancel the
connection by Ctrl-C -- "Connection closed").
Any suggestions as to how to diagnose and solve this problem?
Sorry for bringing forth the strangest of questions. I am hoping that
someone more familiar with networking issues will have some idea and
suggestions on what is going on.
Many thanks and best wishes,
Ranjan
____________________________________________________________
FREE 3D EARTH SCREENSAVER - Watch the Earth right on your desktop!
Check it out at http://www.inbox.com/earth
9 years, 6 months
fed/centos question
by bruce
Hi.
Really a reinstall question.
You can have an install server for http/ftp/etc install
You can also have pxe startup, as well as the base install from the dvd/network.
However, I'm trying to figure out how to go about (if it's possible)
to do a reinstall of a system remotely.
I'd like to be able to ssh into a box, and then do a reinstall of a
given system based on the different kickstarter file that I created.
I'd like to ssh into the box, run a given cmd, use a given kickstart
process and have the entire process just work!
But I've been looking all over to try to figure out exactly how this
would work or what all the issues are.
Any thoughts/pointers would be helpful
The target boxes would be centos6.5 (and above) as well as fed 18 and above..
Thanks guys..
9 years, 6 months
Dell iDRAC access on F20
by CLOSE Dave
My iDRAC access worked fine on earlier versions of Fedora but hasn't
been working for F20. I've enabled and started serial-getty@ttyS1 and
insured ttyS1 is listed in /etc/securetty, but serial access usually
doesn't see anything. A few times I've seen the string of garbage that
is characteristic of a mismatched data rate, but sending BREAKs doesn't
cause anything to appear. What am I missing?
--
Dave Close
9 years, 6 months
Problem with duplicate packages on system
by JD
# yum check
Loaded plugins: langpacks, refresh-packagekit
cogl-1.16.0-3.fc20.x86_64 is a duplicate with cogl-1.16.0-2.fc20.x86_64
flickcurl-1.26-1.fc20.x86_64 is a duplicate with
flickcurl-1.25-1.fc20.x86_64
gvfs-1.18.3-3.fc20.x86_64 is a duplicate with gvfs-1.18.3-2.fc20.x86_64
libplist-1.11-2.fc20.x86_64 is a duplicate with libplist-1.10-2.fc20.x86_64
libspnav-0.2.3-1.fc20.x86_64 is a duplicate with
libspnav-0.2.2-6.fc20.x86_64
openvpn-2.3.2-6.fc20.x86_64 is a duplicate with openvpn-2.3.2-4.fc20.x86_64
How can this be?
I thought yum update takes care not to allow duplicates?
9 years, 6 months
ps -ef stack overflow fedora 20 fully updated
by Ger van Dijck
Hi Folks,
When doing a ps -ef on a fully updated Fedora 20 OS I get the following
message:
/usr/bin/abrt-watch-log -F BUG : WARNING : at WARNING : CPU :INFO:
possoble recurcive locking detected kernel BUG at list_del corruption
list_add corruption do_IRQ :stack overflow : ear stack overflow (cur:
general protection fault enable to handle kernel double fault : RTNL :
assertion failed eek! page_mapcount(page) went nagative! madness at NETDEV
WATCHDOG ysctl table check failed : nobody cared IRQ handler type mismatch
Machine Chek Exeption : Machine check events logged devide error : bounds
: coprosessor overrun : invalid TSS : segment not present : invalid upcode
: aligment check : stack segment : fpu exeption : simd exeption : iret
exeption : /var/log/messages -- /usr/bin/abrt-dump-oops -xtD
You want more ??
Suddenly I cannot scan (HP4620) anymore and the Dell Inspiron Laptop is
behaving unpredictabel
I have not been encountered with a slach overflow for years
I cannot imagine that nobody has not seen this error doing ps -ef
Any help or commend would be usefull
Greetings
Ger van Dijck.
--
Gemaakt met Opera's e-mailprogramma: http://www.opera.com/mail/
9 years, 6 months