PENGUNGUMAN :

Sebelumnya saya minta maaf jika saya lancang dalam mengambil keputusan tanpa merundingkan terlebih dahulu dengan ubuntuers yang lain. Karena kalo saya lihat di millis id-ubuntu@googlegroups.com tidak ada yang berani mengambil keputusan dalam penentuan hari, tanggal dan jam. Maka saya dan Millisdad berinisiatif mengambil keputusan sebagai berikut :

Melihat antusias para ubuntuers yang berkeinginan berkumpul bersama dalam rangka bersilahturahmi dan lain-lain. Maka saya cetuskan tempat dan waktunya :

Acara: Gathering dll
Tempat: Kantin di Belakang Gedung Cyber Mampang Jakarta Selatan
Tanggal dan hari : 14 May 2006 (minggu), Jam 10:00 Pagi

Saya dan Millisdad akan tetap Hadir walaupun Ubuntuers yang lain tidak ada.

Sekian dan Terima Kasih

Muh Furqon T & Millisdad

As part of the AsiaBusinessTour, [WWW] Canonical representatives plan to visit Indonesia on 1 February 2006. If you have information or contacts to help us plan this trip, please fill in the relevant sections below, or contact us at [MAILTO] asia2006@canonical.com

Open Meeting

* Venue: BPPT Gedung II Lantai 3 Ruang Komisi A dan B
o Jl. MH. Thamrin No 8 Jakarta
* Date: 1 February 2006 14:00-16:00
* Contact: kemal at ristek.go.id or frans at intercitra.com

Technology Companies (e.g., contacts at OEMs, system builders, etc.)

* PT. Linuxindo Total Solusi
* PT. Berca Cakra Teknologi
* PT. Intercitra Prima Integrasi
* iGrasys Linux Service & Support
* …

Government (e.g., contacts in ministries of education, culture, information technology)

* Department of Communication and Information Technology (*)
* State The Ministry of Research and Technology (*)
* The Ministry of National Education (*)
* The Ministry of Industry (*)
* …

Linux User Groups (LUG) (e.g., we would love to meet with members of the community, so let us know if there are any meetings while we are there)

* Ubuntu-ID
* KPLI Jakarta (*)
* BULUX (*)
* KLuB (*)
* …

Universities (e.g., contacts in computer science/information technology departments)

* Computer Science Department of Indonesia University
* …

Volunteers

If you would like to help us navigate during our stay in Indonesia please let us know by signing up below or sending us an email to the address at the top of this page.

* Ananda Putra
* Andi Darmawan
* Muhammad Ridho
* …

Where to Stay

Last but not least, any suggestions of decent hotels/accomodation would be extremely helpful! We are particularly looking for someplace

* convenient to airports
* convenient for local businesses
* appropriate to host a business breakfast
* well-wired (i.e, broadband!)
* not in a High Occupancy Vehicle (3-in-1) area during the rush hours from 7:00-10:00am and 4:30-7:30pm

The options are:

* Le Meridien Jakarta(*)
* The Park Lane jakarta (*)
* Millenium Hotel Sirih jakarta (*)
* Aston Hotel Jakarta (*)
* Minister of R&D Building (still under confirmation directly from the Minister), contact person Frans/Judith/Kemal (IGOS Manager)
* …

Note:

(*) waiting for confirmation

+ kok UbuntuLinux.or.id tidak di sebutkan / dilibatkan ?

post by Muh Furqon T

The third alpha (also known as “Flight”) release of Ubuntu Linux 6.04 “Dapper Drake” is ready for testing: “The Dapper Drake continues to improve bringing us great new software and many very beneficial improvements. This week brings us Flight 3, the third alpha release of Ubuntu 6.04 - The Dapper Drake. Improvements in this release include an updated installer CD boot splash, X11R7, GNOME 2.13.4, improved and simplified menus, new default desktop panel configuration….” Find more information in the release announcement and the features page As usual, the Ubuntu download server contains live and installation ISO images, as well as torrent files for all three supported architectures. A couple of quick download links to the i386 CD images (MD5): dapper-install-i386.iso (626MB) and dapper-live-i386.iso (603MB). Kubuntu and Edubuntu Flight CD 3 images are also available.

post by Muh Furqon T

=======================================
Ubuntu Security Notice USN-229-1 December 13, 2005
zope2.8 vulnerability
CVE-2005-3323
=======================================

A security issue affects the following Ubuntu releases:

Ubuntu 5.10 (Breezy Badger)

The following packages are affected:

zope2.8
zope2.8-sandbox

The problem can be corrected by upgrading the affected package to
version 2.8.1-5ubuntu0.1. In general, a standard system upgrade is
sufficient to effect the necessary changes.

Details follow:

Zope did not deactivate the file inclusion feature when exposing
RestructuredText functionalities to untrusted users. A remote user
with the privilege of editing Zope webpages with RestructuredText
could exploit this to expose arbitrary files that can be read with the
privileges of the Zope server, or execute arbitrary Zope code.

Read more

post by Muh Furqon T

==============================================
Ubuntu Security Notice USN-224-1 December 06, 2005
krb4, krb5 vulnerabilities
CVE-2005-0468, CVE-2005-0469, CVE-2005-1174, CVE-2005-1175,
CVE-2005-1689
==============================================

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)

The following packages are affected:

kerberos4kth-clients
krb5-clients
krb5-kdc
krb5-rsh-server
krb5-telnetd

On Ubuntu 4.10, the problem can be corrected by upgrading the affected package to version 1.2.2-10ubuntu0.1 (kerberos4kth-clients), and 1.3.4-3ubuntu0.2 (krb5-clients, krb5-kdc, krb5-rsh-server, krb5-telnetd).

On Ubuntu 5.04, the problem can be corrected by upgrading the affected package to version 1.2.2-10ubuntu0.1 kerberos4kth-client ), and 1.3.6-1ubuntu0.1 (krb5-clients, krb5-kdc, krb5-rsh-server, krb5-telnetd).

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

Gaël Delalleau discovered a buffer overflow in the env_opt_add() function of the Kerberos 4 and 5 telnet clients. By sending specially crafted replies, a malicious telnet server could exploit this to execute arbitrary code with the privileges of the user running the telnet client.

(CVE-2005-0468)
Gaël Delalleau discovered a buffer overflow in the handling of the LINEMODE suboptions in the telnet clients of Kerberos 4 and 5. By sending a specially constructed reply containing a large number of SLC (Set Local Character) commands, a remote attacker (i. e. a malicious telnet server) could execute arbitrary commands with the privileges of the user running the telnet client.

(CVE-2005-0469)
Daniel Wachdorf discovered two remote vulnerabilities in the Key Distribution Center of Kerberos 5 (krb5-kdc). By sending certain TCP connection requests, a remote attacker could trigger a double-freeing of memory, which led to memory corruption and a crash of the KDC server. (CVE-2005-1174). Under rare circumstances the same type of TCP connection requests could also trigger a buffer overflow that could be exploited to run arbitrary code with the privileges of the KDC server.

(CVE-2005-1175)
Magnus Hagander discovered that the krb5_recvauth() function attempted to free previously freed memory in some situations. A remote attacker could possibly exploit this to run arbitrary code with the privileges of the program that called this function. Most imporantly, this affects the following daemons: kpropd (from the krb5-kdc package), klogind, and kshd (both from the krb5-rsh-server package).

Read More

post by : Muh Furqon T

USN 219-1: Linux kernel vulnerabilities

11/23/2005

Ubuntu Security Notice USN-219-1 November 22, 2005
linux-source-2.6.8.1/-2.6.10/-2.6.12 vulnerabilities
CVE-2005-2709, CVE-2005-2973, CVE-2005-3055, CVE-2005-3180,
CVE-2005-3271, CVE-2005-3272, CVE-2005-3273, CVE-2005-3274,
CVE-2005-3275, CVE-2005-3276

A security issue affects the following Ubuntu releases:

Ubuntu 4.10 (Warty Warthog)
Ubuntu 5.04 (Hoary Hedgehog)
Ubuntu 5.10 (Breezy Badger)

The following Ubuntu 4.10 packages are affected:

linux-image-2.6.8.1-6-386
linux-image-2.6.8.1-6-686
linux-image-2.6.8.1-6-686-smp
linux-image-2.6.8.1-6-k7
linux-image-2.6.8.1-6-k7-smp
linux-image-2.6.8.1-6-amd64-generic
linux-image-2.6.8.1-6-amd64-k8
linux-image-2.6.8.1-6-amd64-k8-smp
linux-image-2.6.8.1-6-amd64-xeon
linux-image-2.6.8.1-6-power3
linux-image-2.6.8.1-6-power3-smp
linux-image-2.6.8.1-6-power4
linux-image-2.6.8.1-6-power4-smp
linux-image-2.6.8.1-6-powerpc
linux-image-2.6.8.1-6-powerpc-smp
linux-patch-debian-2.6.8.1

The following Ubuntu 5.04 packages are affected:

linux-image-2.6.10-6-386
linux-image-2.6.10-6-686
linux-image-2.6.10-6-686-smp
linux-image-2.6.10-6-k7
linux-image-2.6.10-6-k7-smp
linux-image-2.6.10-6-amd64-generic
linux-image-2.6.10-6-amd64-k8
linux-image-2.6.10-6-amd64-k8-smp
linux-image-2.6.10-6-amd64-xeon
linux-image-2.6.10-6-power3
linux-image-2.6.10-6-power3-smp
linux-image-2.6.10-6-power4
linux-image-2.6.10-6-power4-smp
linux-image-2.6.10-6-powerpc
linux-image-2.6.10-6-powerpc-smp
linux-patch-ubuntu-2.6.10

The following Ubuntu 5.10 packages are affected:

linux-image-2.6.12-10-386
linux-image-2.6.12-10-686
linux-image-2.6.12-10-686-smp
linux-image-2.6.12-10-k7
linux-image-2.6.12-10-k7-smp
linux-image-2.6.12-10-amd64-generic
linux-image-2.6.12-10-amd64-k8
linux-image-2.6.12-10-amd64-k8-smp
linux-image-2.6.12-10-amd64-xeon
linux-image-2.6.12-10-powerpc
linux-image-2.6.12-10-powerpc-smp
linux-image-2.6.12-10-powerpc64-smp
linux-patch-ubuntu-2.6.12

The problem can be corrected by installing the affected package, which
provides a new kernel. Unless you manually uninstalled the standard
kernel metapackages (linux-image-386, linux-image-powerpc, or
linux-image-amd64-generic), this will happen automatically with a
standard system upgrade.

ATTENTION: Due to an unavoidable ABI change this kernel has been given
a new version number, which requires you to recompile and reinstall
all third party kernel modules you might have installed. If you use
linux-restricted-modules, you have to update that package as well to
get modules which work with the new kernel version. Unless you
manually uninstalled the standard kernel metapackages (linux-386,
linux-powerpc, linux-amd64-generic), a standard system upgrade will
automatically perform this as well.

Details follow:

Al Viro discovered a race condition in the /proc file handler of
network devices. A local attacker could exploit this by opening any
file in /proc/sys/net/ipv4/conf// and waiting until that
interface was shut down. Under certain circumstances this could lead
to a kernel crash or even arbitrary code execution with full kernel
privileges. (CVE-2005-2709)

Tetsuo Handa discovered a local Denial of Service vulnerability in the
udp_v6_get_port() function. On computers which use IPv6, a local
attacker could exploit this to trigger an infinite loop in the kernel.
(CVE-2005-2973)

Harald Welte discovered a Denial of Service vulnerability in the USB
devio driver. A local attacker could exploit this by sending an “USB
Request Block” (URB) and terminating the sending process before the
arrival of the answer, which left an invalid pointer and caused a
kernel crash. (CVE-2005-3055)

Pavel Roskin discovered an information leak in the Orinoco wireless
card driver. When increasing the buffer length for storing data, the
buffer was not padded with zeros, which exposed a random part of the
system memory to the user. (CVE-2005-3180)

A resource leak has been discovered in the handling of POSIX timers in
the exec() function. This could be exploited to a Denial of Service
attack by a group of local users. This vulnerability only affects
Ubuntu 4.10. (CVE-2005-3271)

Stephen Hemming discovered a weakness in the network bridge driver.
Packets which had already been dropped by the packet filter could
poison the forwarding table, which could be exploited to make the
bridge forward spoofed packages. This vulnerability only affects
Ubuntu 4.10 and 5.04. (CVE-2005-3272)

David S. Miller discovered a buffer overflow in the rose_rt_ioctl()
function. By calling the function with a large “ngidis” argument, a
local attacker could cause a kernel crash. This vulnerability only
affects Ubuntu 4.10 and 5.04. (CVE-2005-3273)

Neil Horman discovered a race condition in the connection timer
handling. This allowed a local attacker to set up an expiration
handler which modified the connection list while the list still being
traversed, which could result in a kernel crash. This vulnerability
only affects multiprocessor (SMP) systems. (CVE-2005-3274)

Patrick McHardy noticed a logic error in the network address
translation (NAT) connection tracker. A remote attacker could exploit
this by causing two packets for the same protocol to be NATed at the
same time, which resulted in a kernel crash. (CVE-2005-3275)

Paolo Giarrusso discovered an information leak in the
sys_get_thread_area(). The returned structure was not properly
cleared, which exposed a small amount of kernel memory to userspace
programs. This could possibly expose confidential data.
(CVE-2005-3276)

untuk lebih jelasnya baca di sini

Pengirim M Furqon T

Script rc.local adalah sebuah script yang mana kita bisa menambahkan sebuah perintah yang akan di eksekusi pada saat proses init dimulai. Pada keluarga Redhat atau Fedora script tersebut sudah tersedia di /etc/rc.local dan tinggal di edit. Jika anda berpindah distro ke keluarga Debian anda tidak akan mendapatkan file tersebut. Dan jika anda tetap ingin menggunakan file tersebut di Ubuntu, anda bisa membuatnya sendiri. Silahkan ikuti tutorial di bawah ini.

1. Login sebagai user root

ferry@ubuntulinux:~$ sudo su -
password *******

2. Masuk ke direktory /etc

root@ubuntulinux:~ # cd /etc

3. Buat file rc.local

root@ubuntulinux:/etc # cat >> rc.local < < EOF
>#!/bin/bash
># file rc.local
>
>touch tes.txt
>EOF

anda bisa juga membuatnya dengan menggunakan VIM editor

root@ubuntulinux:/etc # vi rc.local
#!/bin/bash
# file rc.local

touch /home/useranda/tes.txt

4. Jika file tersebut sudah di buat kita harus mengganti hak akses dari file tersebut agar bisa di eksekusi / execute.

root@ubuntulinux:/etc # chmod 755 rc.local

5. Langkah selanjutnya adalah membuat soft link ke direktori rc2.d Kenapa harus di buat soft link ke direktori tersebut ? karena pada saat proses init berjalan seluruh script yang berada di direktori tersebut akan di jalankan / execute. Untuk membuat soft link tersebut anda terlebih dahulu masuk kedalam direktori rc2.d

root@ubuntulinux:/etc # cd rc2.d/
root@ubuntulinux:/etc/rc2.d # ln -s /etc/rc.local ./S99local

6. Nah hampir selesai pekerjaan kita sekarang tinggal reboot komputer anda dan lihat pada direktori /home/user_anda jika ada file dengan nama tes.txt maka script rc.local anda berhasil

root@ubuntulinux:/etc/rc2.d # init 6

Ok sekarang anda telah mempunyai sebuah script rc.local di UbuntuLinux. Having fun with your ubuntu box