Security

Web-Based Firewall Logging Tool 1.01

Leave a comment

Webfwlog is a Web-based firewall log reporting and analysis tool. It allows users to design reports to use on logged firewall data in whatever configuration they desire. Included are sample reports as a starting point. Reports can be sorted with a single click, or “drilled-down” all the way to the packet level, and saved for later use. Supported log formats are netfilter, ipfilter, ipfw, ipchains, and Windows XP. Netfilter support includes ulogd MySQL or PostgreSQL database logs using the iptables ULOG target.

Security

Lynis Auditing Tool 1.6.4

Leave a comment

Lynis is an auditing tool for Unix (specialists). It scans the system and available software to detect security issues. Beside security related information it will also scan for general system information, installed packages and configuration mistakes. This software aims in assisting automated auditing, software patch management, vulnerability and malware scanning of Unix based systems.

Fedora

Fedora 20 Security Update: python3-3.3.2-18.fc20

Leave a comment

Resolved Bugs
1113529 – CVE-2014-4650 python3: python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs [fedora-all]
1112285 – CVE-2014-4616 python: missing boundary check in JSON module
1112294 – python3: python: JSON module – reading arbitrary process memory [fedora-all]<br
Fix for CVE-2014-4650: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs.
Fix for CVE-2014-4650

Fedora

Fedora 19 Security Update: fedup-0.9.0-2.fc19

Leave a comment

Resolved Bugs
1159292 – Machine automatically shutdown during upgrade in less than 15 minutes
1038413 – fedup stage2 keymap will always be US again for F20-F21 due to anaconda not writing vconsole.keymap kernel parameter any more (#1035316)
1153816 – Fedup needs to support upgrading into a Productized Fedora 21
1066679 – CVE-2013-6494 fedup: /var/tmp/fedora-upgrade temporary directory creation vulnerability
1044987 – fedup-0.8.0-3.fc20.noarch exits if doulble ckicking on the window to max/min it
1045090 – [abrt] fedup: download.py:133:setup_repos:ValueError: need more than 1 value to unpack
1044083 – [abrt] fedup: commandline.py:197:device_setup:NameError: global name ‘message’ is not defined
1043981 – [abrt] fedup: fedup-cli:216:main:AttributeError: ‘ProblemSummary’ object has no attribute ‘format_details’
1047005 – [abrt] fedup: download.py:276:find_replacement:AttributeError: ‘NoneType’ object has no attribute ‘pkgtup'<br
This update works around a serious problem in Fedora 21 Beta which makes systems automatically shut down 15 minutes into the upgrade.
Other improvements:
* Adds `–product=PRODUCT` flag, required for upgrades to F21
* Uses host’s config files in `upgrade.img`, which should fix various upgrade problems (e.g. incorrect keyboard layout when unlocking disks due to missing `vconsole.conf`)
* Logging improvements: complete upgrade log should appear in system journal
* Adds a warning for upgrades without a new kernel
* Fixes a bunch of crashes

Fedora

Fedora 19 Security Update: python3-3.3.2-10.fc19

Leave a comment

Resolved Bugs
1113529 – CVE-2014-4650 python3: python: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs [fedora-all]
1112285 – CVE-2014-4616 python: missing boundary check in JSON module
1112294 – python3: python: JSON module – reading arbitrary process memory [fedora-all]<br
Fix for CVE-2014-4650: CGIHTTPServer module does not properly handle URL-encoded path separators in URLs.
Fix for CVE-2014-4650

Software and Security Information