星球

RSS | RDF | ATOM

在Ubuntu Linux上使用外接硬碟

2016/11/4 16:58:00 | 魔法設計的藝術
日前我買了這顆 2TB的WD外接硬碟 My Passport Ultra作備份。

我在台北光華原價屋買的,體驗到了傳說中店員的傲慢,類似傲驕系的女僕店的體驗。

買來以後第一次接上電腦,發現他已經格式化成ntfs,當然在Linux下效能很不好,所以重新格式化成ext4。然後這一定會導致這硬碟automount以後的owner是root,所以我在上面做了一個目錄home,把home的owner改成我自己的帳號。


新買了硬碟於是馬上用磁碟公用程式來檢查,來看看磁碟是不是健康的。



不過SMART的檢測的功能是無法按的

查了資料

找到這一篇https://www.smartmontools.org/wiki/Supported_USB-Devices

找到我的硬碟WD My Passport Ultra (USB 3.0) 2TB

所以我要下
sudo

心善音樂祭表演心得還有那些曲子...

2016/10/4 6:03:00 | 魔法設計的藝術
昨天做了好玩的事情,第一屆心善音樂祭我跟兩位朋友結了一個臨時團去表演。

心善音樂祭非常的妙,簡單說,就是在佛寺辦的音樂祭,想像起來就很有趣。其實佛教用音樂弘法已經有相當長的歷史,但是近百年來,老實說,以華人世界的正信佛教來說,在這方面都非常地保守而落後,今年心善寺首開風氣之先,要辦這個佛寺音樂祭,我從佐安薇的團長許日本那邊聽到這個消息以及他的邀請(中間那位),我就很開心地參加,來結成這臨時的電音hybrid團—《女少佛具專賣店》。

註:就真的團員女生很少咩

曲子是我作的,有創作曲也有改作曲,主要都是電音,好幾首算勸世風格。XD 下面的清單你要聽的話,由於是電音,哥給你個建議...

找個低音沉的音響,把你的電腦或者iPad、手機接上去,或者帶上好一點的耳機,播放按鈕按下去,enjoys那些音浪吧~把聲音放出來給大家,你已經在弘揚佛法囉。 :)





佛曲也可以很潮的XD

USN-3088-1: Bind vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3088-1


27th September, 2016


bind9 vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


Bind could be made to crash if it received specially crafted network
traffic.





Software description





  • bind9
    - Internet Domain Name Server











Details


It was discovered that Bind incorrectly handled building responses to
certain specially crafted requests. A remote attacker could possibly use
this issue to cause Bind to crash, resulting in a denial of service.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




bind9

1:9.10.3.dfsg.P4-8ubuntu1.1





Ubuntu 14.04 LTS:




bind9

1:9.9.5.dfsg-3ubuntu0.9





Ubuntu 12.04 LTS:




bind9

1:9.8.1.dfsg.P1-4ubuntu0.17






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2016-2776


USN-3089-1: Django vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3089-1


27th September, 2016


python-django vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


Django could be made to set arbitrary cookies.





Software description





  • python-django
    - High-level Python web development framework











Details


Sergey Bobrov discovered that Django incorrectly parsed cookies when being
used with Google Analytics. A remote attacker could possibly use this issue
to set arbitrary cookies leading to a CSRF protection bypass.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




python3-django

1.8.7-1ubuntu5.2






python-django

1.8.7-1ubuntu5.2





Ubuntu 14.04 LTS:




python-django

1.6.1-2ubuntu0.15





Ubuntu 12.04 LTS:




python-django

1.3.1-4ubuntu1.21






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2016-7401


USN-3090-1: Pillow vulnerabilities

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3090-1


27th September, 2016


Pillow vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 14.04 LTS





Summary


Pillow could be made to crash if it received specially crafted input or opened
a specially crafted file.





Software description





  • pillow
    - Python Imaging Library compatibility layer







Details



It was discovered that a flaw in processing a compressed text chunk in
a PNG image could cause the image to have a large size when decompressed,
potentially leading to a denial of service. (CVE-2014-9601)



Andrew Drake discovered that Pillow incorrectly validated input. A remote
attacker could use this to cause Pillow to crash, resulting in a denial
of service. (CVE-2014-3589)



Eric Soroos discovered that Pillow incorrectly handled certain malformed
FLI, Tiff, and PhotoCD files. A remote attacker could use this issue to
cause Pillow to crash, resulting in a denial of service.
(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533)





Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 14.04 LTS:




python-imaging

2.3.0-1ubuntu3.2






python3-pil

2.3.0-1ubuntu3.2






python-pil

2.3.0-1ubuntu3.2






python3-imaging

2.3.0-1ubuntu3.2






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




CVE-2014-3589,

CVE-2014-9601,

CVE-2016-0740,

CVE-2016-0775,

CVE-2016-2533


USN-3090-2: Pillow regresssion

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3090-2


30th September, 2016


Pillow regression


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 14.04 LTS







Software description





  • pillow
    - Python Imaging Library compatibility layer







Details


USN-3090-1 fixed vulnerabilities in Pillow. The patch to fix CVE-2014-9601
caused a regression which resulted in failures when processing certain
png images. This update temporarily reverts the security fix for CVE-2014-9601
pending further investigation.



We apologize for the inconvenience.



Original advisory details:



It was discovered that a flaw in processing a compressed text chunk in
a PNG image could cause the image to have a large size when decompressed,
potentially leading to a denial of service. (CVE-2014-9601)



Andrew Drake discovered that Pillow incorrectly validated input. A remote
attacker could use this to cause Pillow to crash, resulting in a denial
of service. (CVE-2014-3589)



Eric Soroos discovered that Pillow incorrectly handled certain malformed
FLI, Tiff, and PhotoCD files. A remote attacker could use this issue to
cause Pillow to crash, resulting in a denial of service.
(CVE-2016-0740, CVE-2016-0775, CVE-2016-2533)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 14.04 LTS:




python-imaging

2.3.0-1ubuntu3.3






python3-pil

2.3.0-1ubuntu3.3






python-pil

2.3.0-1ubuntu3.3






python3-imaging

2.3.0-1ubuntu3.3






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


None





References




CVE-2014-9601,

LP: 1628351


USN-3092-1: Samba vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3092-1


28th September, 2016


samba vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS





Summary


Samba could be tricked into connecting to impersonated servers.





Software description





  • samba
    - SMB/CIFS file, print, and login server for Unix









Details


Stefan Metzmacher discovered that Samba incorrectly handled certain flags
in SMB2/3 client connections. A remote attacker could use this issue to
disable client signing and impersonate servers by performing a man in the
middle attack.



Samba has been updated to 4.3.11 in Ubuntu 14.04 LTS and Ubuntu 16.04 LTS.
In addition to the security fix, the updated packages contain bug fixes,
new features, and possibly incompatible changes.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




samba

2:4.3.11+dfsg-0ubuntu0.16.04.1





Ubuntu 14.04 LTS:




samba

2:4.3.11+dfsg-0ubuntu0.14.04.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.





References




CVE-2016-2119


USN-3093-1: ClamAV vulnerabilities

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3093-1


28th September, 2016


clamav vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


ClamAV could be made to crash or run programs if it processed a specially
crafted file.





Software description





  • clamav
    - Anti-virus utility for Unix











Details


It was discovered that ClamAV incorrectly handled certain malformed files.
A remote attacker could use this issue to cause ClamAV to crash, resulting
in a denial of service, or possibly execute arbitrary code.



In the default installation, attackers would be isolated by the ClamAV
AppArmor profile.



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




clamav

0.99.2+dfsg-0ubuntu0.16.04.1





Ubuntu 14.04 LTS:




clamav

0.99.2+addedllvm-0ubuntu0.14.04.1





Ubuntu 12.04 LTS:




clamav

0.99.2+addedllvm-0ubuntu0.12.04.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


This update uses a new upstream release, which includes additional bug
fixes. In general, a standard system update will make all the necessary
changes.





References




CVE-2016-1371,

CVE-2016-1372,

CVE-2016-1405


USN-3094-1: Systemd vulnerability

2016/10/4 5:28:40 | Ubuntu security notices

Ubuntu Security Notice USN-3094-1


29th September, 2016


systemd vulnerability


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS





Summary


The system could be made unavailable under certain conditions.





Software description





  • systemd
    - system and service manager







Details


Andrew Ayer discovered that Systemd improperly handled zero-length
notification messages. A local unprivileged attacker could use
this to cause a denial of service (init crash leading to system
unavailability).



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




systemd

229-4ubuntu10






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


In general, a standard system update will make all the necessary changes.





References




LP: 1628687


USN-3073-1: Thunderbird vulnerabilities

2016/9/24 4:42:54 | Ubuntu security notices

Ubuntu Security Notice USN-3073-1


22nd September, 2016


thunderbird vulnerabilities


A security issue affects these releases of Ubuntu and its
derivatives:




  • Ubuntu 16.04 LTS


  • Ubuntu 14.04 LTS


  • Ubuntu 12.04 LTS





Summary


Thunderbird could be made to crash or run programs as your login if it
opened a malicious message.





Software description





  • thunderbird
    - Mozilla Open Source mail and newsgroup client











Details


Christian Holler, Carsten Book, Gary Kwong, Jesse Ruderman, Andrew
McCreight, and Phil Ringnalda discovered multiple memory safety issues in
Thunderbird. If a user were tricked in to opening a specially crafted
message, an attacker could potentially exploit these to cause a denial of
service via application crash, or execute arbitrary code. (CVE-2016-2836)



Update instructions


The problem can be corrected by updating your system to the following
package version:




Ubuntu 16.04 LTS:




thunderbird

1:45.3.0+build1-0ubuntu0.16.04.2





Ubuntu 14.04 LTS:




thunderbird

1:45.3.0+build1-0ubuntu0.14.04.4





Ubuntu 12.04 LTS:




thunderbird

1:45.3.0+build1-0ubuntu0.12.04.1






To update your system, please follow these instructions:
https://wiki.ubuntu.com/Security/Upgrades.


After a standard system update you need to restart Thunderbird to make
all the necessary changes.





References




CVE-2016-2836