January 2015 – ASMCA

pidgin-lwqq new fix!

基本上lwqq的用户都是中文用户，所以这是一篇中文日志。

Linux上的pidgin-lwqq 有一个礼拜没办法登录了。

新的fix在这里：
https://github.com/xiehuc/lwqq/pull/26

很好用。

顺便看了一下pidgin的源代码，吐槽一下某公司员工肯定很打扰社区了。。。

update for patch CVE-2015-0235

for details about CVE-2015-0235
Vulnerability Summary for CVE-2015-0235
How To Patch and Protect Linux Server Against the Glibc GHOST Vulnerability # CVE-2015-0235
Qualys Security Advisory CVE-2015-0235
Currently Redhat, CentOS, OracleLinux already have fix on this patch.

Please run.:

#yum update glibc
Dependencies Resolved

================================================================================
 Package              Arch          Version                Repository      Size
================================================================================
Updating:
 glibc                i686          2.17-55.el7_0.5        updates        4.2 M
 glibc                x86_64        2.17-55.el7_0.5        updates        3.6 M
Updating for dependencies:
 glibc-common         x86_64        2.17-55.el7_0.5        updates         11 M
 glibc-devel          x86_64        2.17-55.el7_0.5        updates        1.0 M
 glibc-headers        x86_64        2.17-55.el7_0.5        updates        651 k

Transaction Summary
================================================================================
Upgrade  2 Packages (+3 Dependent packages)

Total download size: 21 M
Is this ok [y/d/N]:

#yum update glibc

Dependencies Resolved

================================================================================

Package Arch Version Repository Size

================================================================================

Updating:

glibc i686 2.17-55.el7_0.5 updates 4.2 M

glibc x86_64 2.17-55.el7_0.5 updates 3.6 M

Updating for dependencies:

glibc-common x86_64 2.17-55.el7_0.5 updates 11 M

glibc-devel x86_64 2.17-55.el7_0.5 updates 1.0 M

glibc-headers x86_64 2.17-55.el7_0.5 updates 651 k

Transaction Summary

================================================================================

Upgrade 2 Packages (+3 Dependent packages)

Total download size: 21 M

Is this ok [y/d/N]:

To Fix.

After the fix:

[suse@t430z tmp]$ bash GHOST-test.sh.txt
Vulnerable glibc version &lt;= 2.17-54
Vulnerable glibc version &lt;= 2.5-122
Vulnerable glibc version &lt;= 2.12-1.148
Detected glibc version 2.17 revision 55
Not Vulnerable.

[suse@t430z tmp]$ bash GHOST-test.sh.txt

Vulnerable glibc version <= 2.17-54

Vulnerable glibc version <= 2.5-122

Vulnerable glibc version <= 2.12-1.148

Detected glibc version 2.17 revision 55

Not Vulnerable.

References:
Redhat: Bug 1183461 – (CVE-2015-0235) CVE-2015-0235 glibc: __nss_hostname_digits_dots() heap-based buffer overflow
Security Advisory Critical: glibc security update

CentOS: CentOS 7 – CVE-2015-0235

OracleLinux: [El-errata] ELSA-2015-0092 Critical: Oracle Linux 6 glibc security update

PHP Fatal error: Call to undefined function add_filter()

I found this error mesg on wordpress log.

After check files. it should be fixed like this:
https://wordpress.org/support/topic/fatal-error-call-to-undefined-function-add_filter

Warning: The VM will try to fix the stack guard now.

Running Solaris Studio on EL7/ JDK8.

$ solstudio 
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option PermSize=64m; support was removed in 8.0
Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=400m; support was removed in 8.0
Java HotSpot(TM) 64-Bit Server VM warning: You have loaded library /opt/oracle/solarisstudio12.4/lib/solstudio/solstudio/modules/ext/lib/Linux-amd64/libbase.so which might have disabled stack guard. The VM will try to fix the stack guard now.
It's highly recommended that you fix the library with 'execstack -c &lt;libfile&gt;', or link it with '-z noexecstack'.

$ solstudio

Java HotSpot(TM) 64-Bit Server VM warning: ignoring option PermSize=64m; support was removed in 8.0

Java HotSpot(TM) 64-Bit Server VM warning: ignoring option MaxPermSize=400m; support was removed in 8.0

Java HotSpot(TM) 64-Bit Server VM warning: You have loaded library /opt/oracle/solarisstudio12.4/lib/solstudio/solstudio/modules/ext/lib/Linux-amd64/libbase.so which might have disabled stack guard. The VM will try to fix the stack guard now.

It's highly recommended that you fix the library with 'execstack -c <libfile>', or link it with '-z noexecstack'.

to fix the warning:

# yum install /usr/bin/execstack
# execstack -c /opt/oracle/solarisstudio12.4/lib/solstudio/solstudio/modules/ext/lib/Linux-amd64/libbase.so

1 2	# yum install /usr/bin/execstack # execstack -c /opt/oracle/solarisstudio12.4/lib/solstudio/solstudio/modules/ext/lib/Linux-amd64/libbase.so

/usr/libexec/urlgrabber-ext-down report KeyboardInterrupt

It’s a weird issue:

EL7, yum update abort.

[root@t430z suse]# yum install screen
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: mirror.vastspace.net
 * epel: mirror01.idc.hinet.net
 * extras: mirror.vastspace.net
 * updates: mirror.vastspace.net
Traceback (most recent call last):                               55% [=============================-                        ]  49 kB/s | 2.1 MB  00:00:35 ETA 
  File "/usr/libexec/urlgrabber-ext-down", line 75, in &lt;module&gt;
    main()
  File "/usr/libexec/urlgrabber-ext-down", line 61, in main
    fo = PyCurlFileObject(opts.url, opts.filename, opts)         55% [=============================-                        ]  42 kB/s | 2.1 MB  00:00:42 ETA 
  File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1258, in __init__
    self._do_open()
  File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1589, in _do_open
    self._do_grab()
  File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1723, in _do_grab
    self._do_perform()
  File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1517, in _do_perform
    raise KeyboardInterrupt
KeyboardInterrupt

[root@t430z suse]# yum install screen

Loaded plugins: fastestmirror

Loading mirror speeds from cached hostfile

* base: mirror.vastspace.net

* epel: mirror01.idc.hinet.net

* extras: mirror.vastspace.net

* updates: mirror.vastspace.net

Traceback (most recent call last): 55% [=============================- ] 49 kB/s | 2.1 MB 00:00:35 ETA

File "/usr/libexec/urlgrabber-ext-down", line 75, in <module>

main()

File "/usr/libexec/urlgrabber-ext-down", line 61, in main

fo = PyCurlFileObject(opts.url, opts.filename, opts) 55% [=============================- ] 42 kB/s | 2.1 MB 00:00:42 ETA

File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1258, in __init__

self._do_open()

File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1589, in _do_open

self._do_grab()

File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1723, in _do_grab

self._do_perform()

File "/usr/lib/python2.7/site-packages/urlgrabber/grabber.py", line 1517, in _do_perform

raise KeyboardInterrupt

KeyboardInterrupt

checked, it should be :
Bug 1099101 – 7.0 RC Regression: urlgrabber terminates yum upon connection interruption thinking it’s been aborted
Bug 1091740 – yum stack-traces and interrups

Waiting for a fix on: python-urlgrabber-3.10-5.el7