userland binary vulnerabilities on IRIX

Grok Headline matches for userland binary vulnerabilities on IRIX

CDE libDtHelp and dtlogin
vulnerabilities on IRIX

CDE libDtHelp and dtlogin
vulnerabilities on IRIX 08/03/2004 08:13 PM
SGI Security Coordinator (Aug 03 2004)

rpc.mountd Vulnerabilities update on
IRIX

rpc.mountd Vulnerabilities update on
IRIX 12/08/2003 12:56 PM
SGI Security Coordinator (Dec 05 2003)

Multiple OpenSSH/OpenSSL Vulnerabilities
Update on IRIX

Multiple OpenSSH/OpenSSL Vulnerabilities
Update on IRIX 12/03/2003 04:59 PM
SGI Security Coordinator (Dec 03 2003)

Snare for Irix 1.2

Snare for Irix 1.2 12/22/2004 01:54 AM
SNARE (System iNtrusion Analysis and Reporting Environment) is a series of log collection agents that facilitate centralised analysis of audit log data. Agents are available for Linux, Windows, Solaris, IIS, Lotus Notes, Irix, AIX, ISA/IIS + more. The next version of the Snare agent for Irix systems, is now available from the Snare project page. Key features include an update to the core rendering engine of the micro-web server, general match exclusion for events like "file opens", and syslog destination targets for centralised collection. This release can be found here: https://sourceforge.net/project/showfiles.php?group_id=39535&package_i d=124092

Congrats to Userland

Congrats to Userland 05/07/2004 05:00 AM

The transition of Userland continues.

I go back with Peter Winer almost as far back as Dave.

Clearly this is a company like no other.

Radio Userland

Radio Userland 12/21/2003 09:38 AM
By Karlin Lillington (The Guardian via MyAppleMenu)

"subhonker7.userland.com"

"subhonker7.userland.com" 03/19/2003 10:44 PM

IRIX libcpr vulnerability

IRIX libcpr vulnerability 05/26/2004 03:00 PM
SGI Security Coordinator (May 26 2004)

Re: IRIX libcpr vulnerability

Re: IRIX libcpr vulnerability 05/26/2004 06:15 PM
Jan Schaumann (May 26 2004)

TrackBack in the Userland environment

TrackBack in the Userland environment 10/29/2003 12:10 AM
Dave Winer has put up a new document-in-progress called Trackback in the UserLand environment, which covers his work in implementing...

MarsEdit and Radio UserLand

MarsEdit and Radio UserLand 09/23/2004 05:36 PM
Donovan Watts wrote a tuto rial on using MarsEdit to edit a Radio UserLand weblog. (We love Donovan’s domain name, by the way: becomethemedia.org.)

Announcing Userland Exec

Announcing Userland Exec 01/01/2004 03:52 PM
the grugq (Jan 01 2004)

SGI Looks to Link Linux and IRIX Users

SGI Looks to Link Linux and IRIX Users 01/22/2003 02:35 PM
The company launches new Worldwide User Group to exchange ideas and techniques. CEO Bishop calls developers of both camps 'like-minded.'

IRIX Networking Security Updates

IRIX Networking Security Updates 05/05/2004 05:09 PM
SGI Security Coordinator (May 05 2004)

Wildcard exportfs issue in NFS on IRIX

Wildcard exportfs issue in NFS on IRIX 10/28/2003 11:06 PM
SGI Security Coordinator (Oct 28 2003)

IRIX 6.5.24 rpc.mountd infinte loop

IRIX 6.5.24 rpc.mountd infinte loop 05/18/2004 01:21 PM
SGI Security Coordinator (May 17 2004)

Java Security Fixes on IRIX

Java Security Fixes on IRIX 03/19/2003 10:25 PM
SGI Security Coordinator (Mar 19 2003)

Blogging to Radio UserLand from
FeedDemon

Blogging to Radio UserLand from
FeedDemon 01/27/2004 05:32 AM

Chris Brody shared the following tip in our newsgroups about posting to Radio UserLand from FeedDemon:

RadioExpress allows you to post content from any web page to your blog:
http://www. newsisfree.com/blog/archives/000430.html

Once installed and configured as you want, add the following command line to
FeedDemon's blog publishing tools:

http://127.0.0.1:5335/system/pages/radioExpress?t=$ITEM_DESCR IPTION$&u=$ITE
M_LINK$&n=$ITEM_TITLE$

Note that I don't use Radio UserLand, so I haven't tried this myself.

Userland and Freshly Squeezed Software

Userland and Freshly Squeezed Software 05/24/2004 06:56 PM
I was totally pleased today to have two different newsreader authors contact me about the external weblog editor interface.

Scott Young of UserLand Software writes: “Interop between applications is always a good thing. UserLand would be interested in supporting this effort in Radio.”

Erik Barzeski of Freshly Squeezed Software writes: “As a blog aggregator without a blog editor, we believe strongly in working with other applications to achieve tremendous functionality... Working together is a good thing that benefits everyone, and we’re there.”

I’m not sure yet if I’ll just send them email with details, or publish a page first—either way, I will get around to publicly documenting the interface at some point. (It just takes time is all.)

At the same time, I’ve been emailing more with Phil Ulrich, Michael McCracken, and Daniel Berlinger today about supporting this interface in their weblog editors. And, while no promises can be made yet, things are moving along. (My offer still stands for other weblog editor developers that I may have missed. Send me email.)

SMB/CIFS Security Vulnerability in Samba
on IRIX

SMB/CIFS Security Vulnerability in Samba
on IRIX 03/19/2003 10:25 PM
SGI Security Coordinator (Mar 19 2003)

EarthMate Userland Library 1.0.3
(Default branch)

EarthMate Userland Library 1.0.3
(Default branch) 04/02/2005 06:16 PM
The EarthMate Userland Library provides access to the USB device via libusb and libpthread.

---

Changes:
A new program called emul_replug has been added. The program uses the newly added em_replug call to initiate reenumeration. An em_replug function was added to the public API. The function uses usb_reset() to cause reenumeration and then obtains a new device handle and starts the thread. The debug level has been tweaked along with some of the debug messages and the format of messages. New documentation was generated to accommodate the changes. A patch for gpsd 2.20 has been added.

Some Userland Software Heading for Open
Source

Some Userland Software Heading for Open
Source 05/17/2004 04:34 PM

Script ing News: 5/17/2004: Dave Winer announced today that the kernel of Manila and Radio — the object databae code — will be open-sourced sometime in the next few months.

To fans of UserLand Software it must seem inevitable that the kernel will go this way, it sure did to me. But I am on the board of directors of the company, and I persuaded my fellow board members that it would be in the company's interest to let the kernel develop separately from the products that build on it.

Don't get too excited, however — these are the ugly guts of the system, written in C. It will take a fair amount of work for someone to do anything constructive with it.

Click here to comment on this entry

EarthMate Userland Library 1.0.1
(Default branch)

EarthMate Userland Library 1.0.1
(Default branch) 03/23/2005 08:21 AM
The EarthMate Userland Library provides access to the USB device via libusb and libpthread.

EarthMate Userland Library 1.0.2
(Default branch)

EarthMate Userland Library 1.0.2
(Default branch) 03/29/2005 07:05 AM
The EarthMate Userland Library provides access to the USB device via libusb and libpthread.

---

Changes:
This release fixes the detachment of the HID driver from the earthmate device, so it should now work properly with kernels less than 2.6.10 and the 2.4 kernels as well. A new argument was added to the emul_test application so it can be used for debugging the library.

UserLand to Open-Source Frontier Kernel

UserLand to Open-Source Frontier Kernel 05/17/2004 10:27 AM
Dave Winer has interesting news about Frontier, the core product of the company he founded, UserLand: "At some point in...

IRIX syssgi system call vulnerability
and other security fixes

IRIX syssgi system call vulnerability
and other security fixes 06/14/2004 09:13 PM
SGI Security Coordinator (Jun 14 2004)

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview Information Disclosure
Vulnerability

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview Information Disclosure
Vulnerability 04/07/2005 10:50 PM
Posted by iDEFENSE Labs, Apr 07 2005

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview File Overwrite
Vulnerability

iDEFENSE Security Advisory 04.07.05: SGI
IRIX gr_osview File Overwrite
Vulnerability 04/07/2005 10:50 PM
Posted by iDEFENSE Labs, Apr 07 2005

[Full-Disclosure] [SECURITY] [DSA-403-1]
userland can access Linux kernel memory

[Full-Disclosure] [SECURITY] [DSA-403-1]
userland can access Linux kernel memory 12/02/2003 12:32 AM
debian-security-announce_at_lists.debian.org (Dec 01 2003)

<a
href="http://scriptingnews.userland.com/
2003/06/29#When:6:21:27AM">Dave
Winer</a>: "I make

<a
href="http://scriptingnews.userland.com/
2003/06/29#When:6:21:27AM">Dave
Winer</a>: "I make 10/30/2003 08:17 PM
<a href="http://scriptingnews.userland.com/2003/06/29#When:6:21:27AM"> Dave Winer</a>: "I make shitty software and I write shitty specs, but for all that shittyness, they're amazingly popular and somewhat useful."...

RADIO
USERLAND ENTERS THE 21ST CENTURY

RADIO
USERLAND ENTERS THE 21ST CENTURY 08/08/2004 12:20 PM

Radio Userland has appointed Steve Kirks as its Product Manager to jump-start enhancements to the Radio Userland blogging tool. First up are some new themes, layout cleanup, improving upstreaming, comments moderation, improvements to usage stats, and upgraded documentation. Improvements that Sloggers think are most needed per my survey last year include: Streamlining blogroll ('navigation links') maintenance, flagging of links recently updated, and auto-verification of links Archives that display more than one day at a time Easier ability to put HTML in comments, and to preview comments Ability to display comments below the main post (for those that want to print out both) Ability to change the appearance and content of individual Categories without having to fiddle with code in the 'www' folder Simplification and improved documentation of Outlining Google search bar addition (to search the blog's archives) Ability to post just the headline and/or selected extract from a long post on the main blog page, with a link to the rest of the article A Table of Contents for your archive A Directory of all Radio Userland blogs (in which users could update their own profile), and other community-building tools Making the product more 'foolproof' and easier recovery after a hard disk crash Group blogging Ability to maintain a blog on more than one computer, with synchronization Improved features for remote posting over the Web To their credit, Radio has introduced some of the additions and improvements requested in my survey already, including Trackback and a WYSIWYG editor for Mozilla users. This is a great development. What else is needed? (Yeah, I know, better service, though I confess I've found the service good). I'll bundle up all the comments and send them to Steve, or you can e-mail him directly from his blog's Radio category.

Binary XML

Binary XML 10/28/2003 11:07 PM

Mig uel comments on the "Binary XML" postings from Omri and Dare, pointing out that only two standards would probably be needed (one for size, one for speed) to cover the majority of scenarios.  I think this is correct, but in my opinion it's not the number of encodings that is a problem, but simply the existence of any "standard" encoding beyond XML 1.0.

If you can remember just five short years ago, it was once a major decision for IT developers to choose what encoding to persist and send their data:

• Should it be fixed-width or delimited?
• Should it be delimited with tabs or commas?  What about quotes?
• Should it be binary or text?  ASN.1? DXF? IGES?

Every system used a different encoding technique, and every time you wanted to interop you had to write a parser.  Most of us have written at least a few parsers for formats like IGES, W3C Log File, and so on.  How much money was wasted by people writing parsers?

Now fast-forward to 2003.  When a system developer thinks about persisting and sharing data, she automatically thinks "XML".  In 90% of cases, XML is the obvious choice and no debate occurs.  Do you think that this happens because XML is a superior format based on size, speed, or any othe technical criteria compared to the options available in 1998?  Of course not!  XML is the obvious choice because programmers are lazy, many parsers are freely available, and it's "good enough" for most uses.  The fact that XML is ubiquitous leads to plenty of parsing options being available, and more parsing options and tools leads to greater ubiquity.  Developers can use XML in most cases and be confident that everyone else in the world will be able to parse out their data with trivial effort.  Developers can argue about data schemas now instead of wasting time bickering about parser code and syntaxes.  This is a huge contribution!

The thing that many people fail to understand, though, is that none of this virtuous cycle could exist if XML parsers were not trustworthy.  XML depends on the fact that well-formed XML can be processed by any parser, and non-wellformed XML can be processed by none.  People deploy XML because they know it will "just work" no matter which parser is being used.  People deploy XML because they know it will work no matter whether it is IBM or Microsoft in favor that week.  Nothing about XML matters more than this promise matters.

So, consider what happens when we introduce some new encodings which are not wellformed XML 1.0, but we call them "XML" anyway.  When Jane in the IT department configures her EDI software to send an "XML" file to a partner, and the partner's machine rejects it, who is to blame?  Jane will claim that "my vendor says that XML 1.0bin is a W3C spec, so your vendor is non-standard", while the partner will claim "my vendor accepts XML 1.0 so your vendor is non-standard".  In fact, it is quite likely that vendors with multiple XML-enabled products would end up in situations where their own products failed to communicate with one another.  Note that this danger exists with any variations from XML 1.0, and not just "binary XML".

Reasonable people might argue that this is OK, and that IT pros will simply have to learn to distinguish between the four different incompatible types of XML (XML 1.0, XML 1.1, XMLfast, XMLsmall) and will have to manage the compatibility mismatches between all of their systems.  But that starts to look a lot like 1998 to me.  Developers will bicker about which XML to use, and will have to switch parsers based on the choice of data format.  Systems will have to offer and consume multiple formats and negotiate formats between one another.  I have a good memory, and I remember how badly things used to suck.  Having a solid, reliable "obvious choice" like XML 1.0 means freedom from pain for millions of developers.  Let's please don't mess with that too hastily.

Binary Boy v1.94

Binary Boy v1.94 05/17/2004 03:15 PM
Download files from multiple news servers or from other users. Subject cache speeds up searches and preserves bandwidth. NZB support. Browse manually or schedule a search to collect files while you sleep. Hyper-Threading compatible. Search using single words, wildcards or AND, OR and NOT logic. Apply custom search rules to each newsgroup. Decode damaged or incomplete mpg movies for previewing. yEnc, MIME, QP-Lite, etc. [Shareware $29.95 30 Days 768 KB]

Parse-Binary-0.04

Parse-Binary-0.04 02/15/2004 11:45 PM

Parse-Binary-0.03

Parse-Binary-0.03 02/14/2004 06:32 PM

Convert-Binary-C-0.48

Convert-Binary-C-0.48 11/02/2003 10:51 PM

SendDiff 1.0 (Binary)

SendDiff 1.0 (Binary) 08/18/2004 01:12 AM
A script that provides notification about any change in a CVS repository.

Binary Vortex v2.8

Binary Vortex v2.8 04/25/2004 07:17 PM
BinaryVortex pulls down pictures from Usenet Newsgroups. It is fast, efficient, reliable and easy to use. You can be up and running with BinaryVortex after typing in only a few simple setup options. [Shareware $19.95 30 days 779 KB]

Convert-Binary-C-0.53

Convert-Binary-C-0.53 05/25/2004 05:55 PM

Grok Description matches for userland binary vulnerabilities on IRIX
GrokA matches for userland binary vulnerabilities on IRIX

userland binary vulnerabilities on IRIX

The following phrases have been identified by the grok system as matching this entry: