Now that the April patches have been patched…. it’s time to look forward to what updates we’ll be seeing from Microsoft this coming Tuesday May 9th… There are 3 expected updates for May, 2 for Windows and one for Exchange Server. The Exchange update is listed as critical as is AT LEAST one of the two Windows patches.
By default the apache install for most sites now restricts directory browsing. It’s a good idea, you don’t want just ANYTHING to be browsable on a web server, but there comes a time that it makes life easier for a directory (or tree of directories) to be browsable without having to write (copy and paste) links to a bunch of files. Fortunately, .htaccess files can be used for many things and this, of course, is one of them…
Since I have a few old Mandrake 10.0 servers out there churning along, I’ve rebuilt the Clamav package to reflect the recent security fix version 0.88.2 is up on the site at http://www.averyjparker.com/wp-content/downloads/clamav882/ As always, the rpms are here more for my convenience than anything else, rebuilt straight from the cooker package and built on 10.0 …. in other words, they work for me and that’s why they’re here.
I can’t tell you how many times I’ve seen this complaint from the bash shell when trying to remove a bunch of files. In this case, I was trying to clear a directory where log rotating had run amuck and there was a 10 second lag in typing ls ∗.gz and seeing any output…. So, I did rm ∗.gz and got bash/rm: argument list too long in response…. So, then I though I could “surgically remove” some files and shrink the list a bit… rm ∗5∗3∗2∗.gz -f; rm ∗5∗3∗1∗.gz -f, etc, etc, etc after about 4 of these it became obvious I’d need to find another way because even some of THOSE gave the “argument list too long” error. (What’s more, it looked like I was going to have to deal with files matching ∗[1-5]∗[0-9]∗[0-9]∗gz – yuck…)
In the last couple days there have been new security releases of both clamantivirus (0.88.2 is now the current) and Mozilla-Firefox (1.0.3 is the current release over there). If you use either of these programs you should be looking to update. I’ve been busy looking at getting src.rpm’s recompiled here for various Mandr-ake/iva’s and if time allows I’ll even upload the latest. It sure feels like firefox has been getting rebuilt about every week or two lately though.
There have been rumors for (years?) a long time at least, that google was preparing something known as cl2 which would be a calendar with full gmail integration. There were screenshots, many of which were photoshopped from another web calendar, but there were others that were more convincing… well, as of late yesterday Google Calendar has escaped in to public view. http://www.google.com/calendar. I first tried logging in through my gmail account thinking I might see info there, but I didn’t, so I went to the above link and answered a question about what time zone I’m in, then got to see the main interface.
There’s a utility called Thumbs that looks like a good quick way to make a cd launch a web documented on autoplay in Windows 95/98/ME/NT/2000/XP/ …Of course, autoplay under windows is fairly easy to setup. If you have a program on the disk you can just have autorun.inf in the root directory of the cd and in that you can specify WHAT program to autorun. The problem with html documents on a disk is telling the computer how to run it. (Yes you can adjust the icon as well.)
I found an interesting link through The Sunbeltblog on the “do not do business with” list… I don’t think this is a NEW thing really, for years there have been government policies against doing business with certain individuals, etc… but…. anyway Bruce Schneier has done an article on it which gives some interesting points that you probably aren’t aware of.
Looks like an interesting patch day. Looks like there are several bugs covered by the cumulative IE patch… Sans has a good writeup (7 CVE issues addressed by this 1 patch….) Also the Eolas ActiveX settlement (“Eolas Patent Patch”) solution seems to be included in this bundle. Also a MDAC and a Windows Explorer (not to be confused with the Internet Explorer) patch. (The Windows Explorer AND MDAC bugs are Remote code execution vulnerabilities…)
Since, I’ve still got a few older Mandrake 10 installs that I’m maintaining as mailservers, there aren’t supported security fixes for various things anymore… Friday there was news of a new clamantivirus to fix some security flaws with 0.88, new version is 0.88.1 I’ve taken the cooker srpm and recompiled for 10.0, so… for my convenience (and that of anyone with an older Mandrake box…) the links will be below.
Bookmark this site now by pressing Ctrl+D
