Saturday, 16 January 2016

Hardware support for developers this could mean more support for Laptops, ATi cards, and Open source drivers.

Look forward to next Hipster release with updated graphics hardware support.For developers this could mean more support for Laptops, ATi cards, and Open source drivers.Current support for Nividia and a limited range of hardware could be expanded in 2016.

Friday, 23 October 2015

OiOS Systems Openindiana Security Advisory

OiOS Pro Systems (openindiana)

Security awareness: It is advised that you should update to security  Update to Firefox 38.2.1 ESR or greater which can be found at
URL: http://ftp.mozilla.org/pub/firefox/releases/38.2.1esr/contrib/
Mozilla Firefox is an open source web browser. XULRunner provides the XUL
Runtime environment for Mozilla Firefox.

A flaw was found in the processing of malformed web content. A web page
containing malicious content could cause Firefox to crash or, potentially,
execute arbitrary code with the privileges of the user running Firefox.
(CVE-2015-4497)

Saturday, 10 October 2015

Oios Pro Systems Hipster project update for developers

For illustrative purposes only

We are glad to announce that oios Openindiana Hipster 2015.10 snapshot is available.Please note that is in Beta aimed at developers.


Release notes: http://wiki.openindiana.org/oi/2015.10+Release+notes

-- System Administrator of Southern Federal University Computer Center


_______________________________________________
openindiana-discuss mailing list
openindiana-discuss@openindiana.org
http://openindiana.org/mailman/listinfo/openindiana-discuss

Sunday, 12 July 2015

OpenSSL Security Advisory [9 Jul 2015]

OpenSSL Security Advisory [9 Jul 2015]
=======================================

Alternative chains certificate forgery (CVE-2015-1793)
======================================================

Severity: High

During certificate verification, OpenSSL (starting from version 1.0.1n and
1.0.2b) will attempt to find an alternative certificate chain if the first
attempt to build such a chain fails. An error in the implementation of this
logic can mean that an attacker could cause certain checks on untrusted
certificates to be bypassed, such as the CA flag, enabling them to use a valid
leaf certificate to act as a CA and "issue" an invalid certificate.

This issue will impact any application that verifies certificates including
SSL/TLS/DTLS clients and SSL/TLS/DTLS servers using client authentication.

This issue affects OpenSSL versions 1.0.2c, 1.0.2b, 1.0.1n and 1.0.1o.

OpenSSL 1.0.2b/1.0.2c users should upgrade to 1.0.2d
OpenSSL 1.0.1n/1.0.1o users should upgrade to 1.0.1p

This issue was reported to OpenSSL on 24th June 2015 by Adam Langley/David
Benjamin (Google/BoringSSL). The fix was developed by the BoringSSL project.

Note
====

As per our previous announcements and our Release Strategy
(https://www.openssl.org/about/releasestrat.html), support for OpenSSL versions
1.0.0 and 0.9.8 will cease on 31st December 2015. No security updates for these
releases will be provided after that date. Users of these releases are advised
to upgrade.

References
==========

URL for this Security Advisory:
https://www.openssl.org/news/secadv_20150709.txt

Note: the online version of the advisory may be updated with additional
details over time.

For details of OpenSSL severity classifications please see:
https://www.openssl.org/about/secpolicy.html

Friday, 29 May 2015

Desktop Data feeds and Networking


https://www.flickr.com/photos/openindiana/

UKOUG events


Communities:
Filter events hosted by: View all
4th Jun 2015
Location: Oracle City Office, London
This event will appeal to all of our Apps Communities with a focus on Applications Innovation. Join other Oracle users with an interest in cloud and together discover how cloud applications can benefit your business.
UKOUG
7th May 2015
Location: Oracle City Office, London
UKOUG
14th May 2015
Location: Oracle, Blythe Valley Park, Solihull
UKOUG
20th May 2015
Location: London
Online registration for this event is now closed. If you would like to attend please email faye@ukoug.org
UKOUG
21st May 2015
Location: Oracle, Blythe Valley Park, Solihull
UKOUG
4th Jun 2015
Location: Oracle, Thames Valley Park, Reading
UKOUG
10th Jun 2015
Location: Oracle Linlithgow
Agenda now live! Join us for the leading Oracle User event in Scotland to hear the latest news on Oracle products whilst engaging in valuable networking time with like-minded individuals.
UKOUG
12th Jun 2015
Location: Coin Street Conference Centre
UKOUG
17th Jun 2015
Location: Bonhill House
Registration is now open! If you have not attended a UKOUG event before, please fill out the registration form here to attend this event.
UKOUG
18th Jun 2015
Location: Millennium Gloucester Hotel, London Kensington
Join us for a day packed with Hyperion content to hear the latest news from Oracle at this fantastic summer event. Take your time networking with your peers and enjoy hearing from great speakers from within the Hyperion space.

Tuesday, 26 May 2015

Dual or Multimonitor setup

Dual Monitor or Multi Monitor setup using Nividia Graphics cards LG ultra wide monitor example.Ideal for Data Presentation,Analytic, and Content development.Ideal in areas such as Sport and Banking.

Tuesday, 21 April 2015

Privicy on oios



Privcy mail projects

Wednesday, 8 April 2015

OiOS Hipster project new release 2015.03.30


Hipster 2015.03.30 is here

 
We released our last snapshot ISO almost half a year ago. I believe, you want something new. You'll get it. New ISOs were just uploaded to dlc server. Let's see what has changed.
First of all, most evident changes were made in desktop area. We've updated Xorg server and libraries, which allowed us to incorporate some important security fixes from Oracle x-s12-clone and Debian Xorg. Also we've moved much more closely to Gnome 2.32. Most packages were updated to this level, excluding packages which either have a lot of specific patches (like gdm) or just dropped some significant functionality (like cheese, which dropped HAL support in version 2.32). Not everything has gone smoothly. We had to drop trusted desktop support during update. I believe nobody seriously used it under OI. The most annoying thing is that updated Xorg and Intel driver require some DRM updates, which are still not ready. So, if you have Intel video card, either pkg freeze X-incorporation and xorg, or use vesa driver.
Links:
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-gui-20150330.usb
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.iso
http://dlc.openindiana.org/isos/hipster/OI-hipster-text-20150330.usb

http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-gui-20150330.usb.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.iso.torrent
http://dlc.openindiana.org/torrents/OI-hipster-text-20150330.usb.torrent

General system changes
All Sun Studio-compiled C++ libraries were removed from the system. The libraries were published in their current form to http://dlc.openindiana.org/c++-libs/, so you can grub necessary libraries and LD_PRELOAD them or use in alternative path if necessary. All X/g++/Y packages are renamed to X/Y and moved from /usr/g++ to /usr. We continue delivering system/library/c++/sunpro for the foreseeable future.
Text installer was changed to install OI on EFI-labeled disk by default. Note, in this case the entire disk is erased. If you want to install OI on MBR-labeled disk, choose partitioned install.

Desktop software and libraries

  • A lot of desktop libraries were updated
    • Glib2 is updated to 2.43.4
    • GTK2 is updated to 2.24.27
    • pango is updated to 1.36.8
    • cairo is updated to 1.14.2
    • libdrm is updated to 2.4.59
    • libX11 is updated to 1.6.2, xcb support is enabled in libX11
    • xf86-video-ati driver updated to 6.4.16
    • nvidia proprietary driver was updated to 340.76
    • Mesa is updated to 10.5.1
    • Xserver is updated to 1.12.4 with the latest available video/input Xorg drivers. This requires updating xorg drivers and modules. OI-shipped modules will be updated automatically, but if you use VirtualBox, you'll have to update your guest additions to at least 4.3.22 version.
  • Enlightenment 0.19.3 is added as alternative desktop environment
  • fontconfig was updated to 2.11.1
  • libid3tag and libmtp were imported from SFE, gmtp is added
  • rdesktop is updated to 1.8.3
  • transmission is updated to 2.52
  • XScreensaver is updated to 5.32
  • gnome-commander is updated to 1.4.5
  • QT 4.8.6 is added
  • emacs is updated to 24.3
  • Input Method Selector was added from upstream input-method gate. Bug in svc:/application/desktop-cache/input-method-cache:default service preventing correct input methods functioning in recent OI was fixed. In fact, gtk input modules cache was moved from /etc/(amd64/)gtk-2.0/gtk.immodules to /usr/lib/(amd64/)gtk-2.0/2.10.0/immodules.cache and service has to regenerate these cache files in new locations . So, after update you can safely remove /etc/(amd64/)gtk-2.0/gtk.immodules.

Development tools

  • Subversion is updated to 1.7.19
  • SQLite is updated to 3.8.8.3
  • Python 3.4 is updated to 3.4.3
  • Binutils are updated to 2.25
  • OpenBLAS 0.2.13 is added
  • Mercurial is updated to 3.3
  • Ruby 1.9.3 is added
  • Ruby 1.8 is marked obsolete, all OI software is switched to Ruby 1.9.3
  • Ruby 2.2.1 is added
  • Curl is updated to 7.39
  • libncurses.so links are moved to /usr/lib(/amd64)
  • gawk is updated to 4.0.2, this fixes issues with pkgsrc bootstrap
  • MPICH is updated to 3.1.3
  • Sun Studio indent in /usr/bin was replaced by GNU indent. Old one is preserved in /opt/sunstudio12.1/prod/bin/indent

Server software

  • A lot of packages were updated, including apache 2.4, php 5.4, php 5.5, postgresql 9.3, samba 3.6, mariadb 5.5
  • PostgreSQL 9.4 is added
  • PostgreSQL 8.4 is marked obsolete
  • ISC dhcp server is updated to 4.2.7
  • BIND DNS server is updated to 9.9.6-P2
  • rsyslog is updated to 7.4.10
  • NTP is updated to 4.2.8p1

As always, we are proud to deliver to you latest illumos-gate bits.

There's also a lot of security fixes and small bug fixes.

Sunday, 11 January 2015

Hipster Project graphics concepts 2015



OiOS Hipster Server Project 2015 login wallpaper concepts

Bscuk wallpapers to install user>share>GDM

wiki.openindiana.org/oi/Contributing+to+hipstero

Tuesday, 6 January 2015

OiOS Hipster Project


OiOS Openindiana Hipster Concepts 2015

Are you a talented enterprise professional developer looking to make a difference in enterprise 2015 ?



Why not join the Hipster project and contribute to this really interesting project ? Is your company developing software which maybe be useful to this project ? Is your company interested in sponsoring wallpapers or theme combinations ?



Visit the project page to get started on a new direction ?



Live and installable development iso available



wiki.openindiana.org/oi/Contributing+to+hipstero

Wednesday, 22 October 2014

Startpage search engine The POODLE SSLv3 Threat

Startpage have announced an advisory claiming that Because StartPage does not support SSL v3, you are safe from POODLE when visiting StartPage.com.Readers may conclude that resetting all search engine home pages to Startpage will be an added measure to protect against Poodle.

https://support.startpage.com/index.php?/Knowledgebase/Article/View/980/0/the-poodle-sslv3-threat


 see also https://unixpackages.com/

Thursday, 16 October 2014

SSL heartbeat and poodle flaws in Firer Fox browsers security commentry

Firer Fox has released an add on for users of sslv3 to help secure their machines.Its easy and comes by way of add on this is the statement.Newer releases will incorporate security upgrades.

SSLv3 is now insecure, and is soon going to be disabled by default.
https://blog.mozilla.org/security/2014/10/14/the-poodle-attack-and-the-end-of-ssl-3-0/

In the meantime, you can use this extension to turn off SSLv3 in your copy of Firefox. When you install the add-on, it will set the minimum TLS version to TLS 1.0 (disabling SSLv3). If you want to change that setting later, like if you really need to access an SSLv3 site, just go to Tools / Add-ons and click the "Preferences" button next to the add-on. That will give you a drop-down menu to select the minimum TLS version you want to allow.

As of version 0.2, this add-on should work with all Mozilla products, including Firefox, Firefox for Android, Thunderbird, and Seamonkey.

Friday, 10 October 2014

OiOS Openindiana SSL Heartbleed bug security comment

OiOS Openindiana Open SSL has released a beta release of patched SSL

25-Sep-2014:     Beta 3 of OpenSSL 1.0.2 is now available, please   test it now https://www.openssl.org/

OiOS Openindiana Bash Security Comment

'The Register'  recently announced A bug discovered in the widely used Bash command interpreter poses a critical security risk to OS X MACs,Unix and Linux systems – and, thanks to their ubiquity, the internet at large.
It lands countless websites, servers, PCs, OS X Macs, various home routers, and more, in danger of hijacking by hackers.It puts Apache web servers, in particular, at risk of compromise: CGI scripts that use or invoke Bash in any way – including any child processes spawned by the scripts – are vulnerable to remote-code injection. OpenSSH and some DHCP clients are also affected on machines that use Bash.

The National Vulnerability Database detailed the following issues
CVE-2014-6278
Summary: GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of environment variables, which allows remote attackers to execute arbitrary commands via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271, CVE-2014-7169, and CVE-2014-6277.
Published: 9/30/2014 6:55:04 AM
CVSS Severity: 10.0 HIGH

References
http://www.opencsw.org/packages/CSWbash/
http://tiswww.case.edu/php/chet/bash/bashtop.html
http://www.theregister.co.uk/2014/09/24/bash_shell_vuln/
http://web.nvd.nist.gov/view/vuln/search-results?query=bash&search_type=all&cves=on
http://www.openssh.com/
http://www.isc.org/downloads/software-support-policy/security-advisory/

Consensus opinion on new media at this time: where the system is exposed to such risk (you are using bash shell) update bash to the latest version,download the patched updates when they become available.Mitigate risk with internal,external operational audit and risk assessment.
http://ftp.gnu.org/gnu/bash/bash-4.3-patches/

Using Apache servers

 http://security.stackexchange.com/questions/68146/how-do-i-secure-apache-against-the-bash-shellshock-vulnerability

Blogs and websites

http://www.symantec.com/connect/blogs/shellshock-all-you-need-know-about-bash-bug-vulnerability
http://tools.cisco.com/security/center/viewAlert.x?alertId=35845