Author: JT Smith
Category:
Author: JT Smith
Category:
Author: JT Smith
“Release of the Level 2 program is yet another great milestone in LPI’s efforts to address the needs of the Linux community,” said LPI President Chuck Mead. “The community has trusted us to provide a valid and challenging certification program, and we have again succeeded.”
The LPI Level 2 program consists of two exams, 201 and 202, which test intermediate-level Linux system administration and troubleshooting skills. They are now available worldwide through the VUE network of more than 2,800 testing centers for $100 each. Anyone who has already achieved LPI Level 1 certification and passes 201 and 202 qualifies for Level 2 certification. The release of 201 and 202 follows a three-month-long beta process during which the exam questions were further refined, and marks the end of an intensive nine-month development process.
“We’re extremely happy with the quality of the Level Two program,” said LPI Director of Exam Development Kara Pritchard. “Our open development model proves the best possible results are achieved when we work together with both our community supporters and professional experts.”
The objectives for the Level Two program are published on the LPI web site, and can be used by courseware designers and book authors as well as those planning to take the exams. “Our Level One program is the target of many courses, books and other forms of Linux education,” said Mead. “LPI’s vendor-neutral, trainer-neutral approach is clearly the one preferred by the community, which is why we received the 2001 Editor’s Choice Award from Linux Journal Magazine as the best Linux certification program.”
Both Level 2 exams are presently available in the English language; exam 201 is also available immediately in Japanese. The Japanese-language version of exam 202 is expected to be delivered during December 2001. The LPI Level 1 exams, 101 and 102, are available in both English and Japanese.
ABOUT LPI
The Linux Professional Institute (LPI) develops professional certification for the Linux operating system independent of software vendors or training providers. Established as an international non-profit organization in 1999 by the Linux community, LPI develops accessible, internationally-recognized certification programs which have earned the respect of vendors, employers and administrators. LPI’s activities involve hundreds of volunteers and professionals throughout the world in many different capacities, and the group encourages active public involvement through mailing lists and its website at www.lpi.org. LPI’s multi-level program of exams is administered globally through 2,800 test centers operated by Virtual University Enterprises (VUE), a division of NCS. LPI’s major financial sponsors are Platinum Sponsors Caldera International (Nasdaq: CALD), IBM (NYSE: IBM), Linuxcare, Maxspeed, SGI (NYSE: SGI), SuSE Linux AG and TurboLinux as well as Gold Sponsors Hewlett-Packard (NYSE: HWP) and Wave
Technologies.
Objectives for the LPI Level 2 program can be found at:
http://www.lpi.org/
Further information on LPI may be obtained at http://www.lpi.org.
Information on the VUE testing network is at http://www.vue.com.
NOTE: “Linux” is a trademark of Linus Torvalds in the United States and other countries. “Linux Professional Institute” is a trademark of Linux Professional Institute, Inc.
Author: JT Smith
Category:
Author: JT Smith
The new source distribution includes multi-kernel build options, broad
processor family support, libraries, network tools, user applications, and
pre-canned configurations for numerous boards. Combined with the companion
tool-chain download of compiler tools the “all in one” approach to the
distribution represents a break-through in providing experienced Linux
developers with everything required to quickly build complex royalty-free
embedded uClinux solutions. The less Linux-literate developer would still
benefit from the user-friendly SDKs available from packaged tools suppliers.
In addition to supporting the Motorola ColdFire family the distribution
provides support for Motorola 68K and ARM cores. It is also possible to
compile for SPARC and Intel i960 targets. Two kernel builds are possible,
either Linux 2.4.10 or Linux 2.0.39 with uClibc and the older uC-libc
libraries. Over 20 pre-canned configurations for board support are available
to bring up many standard development boards from companies such as
Motorola, Atmel, NetSilicon, Lineo, and even SnapGear’s SecureEdge family of
reference designs. Developers will find it easy to add new board support and
in the spirit of the GPL (GNU Public License) SnapGear is encouraging the
contribution of these 3rd party configurations to be rolled into future
distributions. Send via e-mail to uclinux@snapgear.com
Shells and command line utilities (using BusyBox) are present along with
application support such as a web server and Microwindows GUI. Virtual
Private Networking (VPN) is present with an integrated IPSec implementation
(FreeS/WAN 1.9) and PPTP (PoPToP). PoPToP was originally written and placed
under the GPL agreement by members of SnapGear’s development team.
Downloads
The distribution is available from
http://www.uclinux.org/pub/uClinux/dist/uClinux-di st-20011112.tar.gz (68Mb). A compiler tools package is available from
http://www.uclinux.org/pub/uClinux/m68k-elf-tools.
About uClinux
uClinux, or “Micro-Controller Linux”, is the popular variant of mainstream
Linux specifically for MMU-less processors for deeply embedded systems.
Many commercial applications of uClinux have become possible due to the
small footprint (as little as half a megabyte of RAM for a complete
multi-tasking kernel and networking stack.) It is now possible to build
Linux appliances as small as an inch by an inch with 1Mb each of Flash and
RAM yielding Internet-ready products. Recent application of uClinux has been
seen in Internet cameras and home automation systems. For more information
on uClinux please visit http://www.uclinux.org
About SnapGear, Inc.
Originally known as Moreton Bay Ventures, SnapGear Inc is a company renowned
for uClinux expertise, shaping the direction of uClinux, and advanced Linux
platform products. Moreton Bay was acquired by Lineo Inc in May 2000 to
become Lineo’s Integrated Products Division. A subsequent spin-off a year
later saw the team reborn as SnapGear Inc which provides the popular
SnapGear VPN Routers along with SecureEdge custom design solutions. SnapGear
Inc has produced turnkey development, design, and even manufacturing and
fulfillment services for large blue-chip companies. SnapGear solutions are
characterised by affordability, tight integration, and design ingenuity.
Recent examples include a sport/racing control terminal, an advanced gateway
router, and a network access point connecting petrol bowsers to the
Internet. For more information on SnapGear please visit
http://www.snapgear.com. For more information on SecureEdge reference
designs and services please visit http://www.secureedge.net
###
Press only, contact:
SnapGear
Bob Waldie / Miles Gillham
E-mail: press@snapgear.com
Author: JT Smith
Category:
Author: JT Smith
Category:
Author: JT Smith
From: secure@conectiva.com.br To: conectiva-updates@papaleguas.conectiva.com.br, linuxlist@securityportal.com, lwn@lwn.net, bugtraq@securityfocus.com, security-alerts@linuxsecurity.com Subject: [CLA-2001:442] Conectiva Linux Security Announcement - wu-ftpd Date: Thu, 29 Nov 2001 12:20:47 -0200 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- CONECTIVA LINUX SECURITY ANNOUNCEMENT - -------------------------------------------------------------------------- PACKAGE : wu-ftpd SUMMARY : Remote vulnerability in the wu-ftpd server DATE : 2001-11-29 12:20:00 ID : CLA-2001:442 RELEVANT RELEASES : 5.0, prg graficos, ecommerce, 5.1, 6.0, 7.0 - ------------------------------------------------------------------------- DESCRIPTION "wu-ftpd" is one of the ftp servers available in Conectiva Linux and several other linux distributions. CORE Security Technologies[1] reported[2] a vulnerability[3] in the wu-ftpd ftp server that can be exploited remotely. The problem is in the internal glob function used by wu-ftpd which allows an attacker to corrupt memory space and execute arbitrary code remotely. There is no need for an user account on the ftp server, this problem can be abused by anonymous users as well. This vulnerability was first reported[4] by Matt Power but was deemed not exploitable at that time. SOLUTION All administrators who deploy wu-ftpd should upgrade immediately. If an upgrade is not possible, then the service should be shut down, or another ftp server should be used. There is no need to restart the service after the upgrade because wu-ftpd is started from inetd. The administrator might want to, however, shut down all current connections which would still be using the vulnerable copy to avoid a possible abuse by currently connected users. REFERENCES 1. http://www.core-sdi.com 2. http://www.securityfocus.com/archive/1/242964 3. http://www.securityfocus.com/bid/3581 4. http://www.securityfocus.com/archive/82/180823 DIRECT DOWNLOAD LINKS TO THE UPDATED PACKAGES ftp://atualizacoes.conectiva.com.br/5.0/SRPMS/wu-ftpd-2.6.1-6U50_1cl.src.rpmftp://atualizacoes.conectiva.com.br/5.0/i386/wu-ftpd-2.6.1-6U50_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/5.1/SRPMS/wu-ftpd-2.6.1-6U51_1cl.src.rpmftp://atualizacoes.conectiva.com.br/5.1/i386/wu-ftpd-2.6.1-6U51_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/6.0/SRPMS/wu-ftpd-2.6.1-6U60_1cl.src.rpmftp://atualizacoes.conectiva.com.br/6.0/RPMS/wu-ftpd-2.6.1-6U60_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/7.0/SRPMS/wu-ftpd-2.6.1-6U70_1cl.src.rpmftp://atualizacoes.conectiva.com.br/7.0/RPMS/wu-ftpd-2.6.1-6U70_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/SRPMS/wu-ftpd-2.6.1-6U50_1cl.src.rpmftp://atualizacoes.conectiva.com.br/ferramentas/ecommerce/i386/wu-ftpd-2.6.1-6U50_1cl.i386.rpmftp://atualizacoes.conectiva.com.br/ferramentas/graficas/SRPMS/wu-ftpd-2.6.1-6U50_1cl.src.rpmftp://atualizacoes.conectiva.com.br/ferramentas/graficas/i386/wu-ftpd-2.6.1-6U50_1cl.i386.rpm ADDITIONAL INSTRUCTIONS Users of Conectiva Linux version 6.0 or higher may use apt to perform upgrades of RPM packages: - add the following line to /etc/apt/sources.list if it is not there yet (you may also use linuxconf to do this): rpm [cncbr] ftp://atualizacoes.conectiva.com.br 6.0/conectiva updates (replace 6.0 with the correct version number if you are not running CL6.0) - run: apt-get update - after that, execute: apt-get upgrade Detailed instructions reagarding the use of apt and upgrade examples can be found at http://distro.conectiva.com.br/atualizacoes/#apt?idioma=en - ------------------------------------------------------------------------- All packages are signed with Conectiva's GPG key. The key and instructions on how to import it can be found at http://distro.conectiva.com.br/seguranca/chave/?idioma=en Instructions on how to check the signatures of the RPM packages can be found at http://distro.conectiva.com.br/seguranca/politica/?idioma=en - ------------------------------------------------------------------------- All our advisories and generic update instructions can be viewed at http://distro.conectiva.com.br/atualizacoes/?idioma=en - ------------------------------------------------------------------------- subscribe: conectiva-updates-subscribe@papaleguas.conectiva.com.br unsubscribe: conectiva-updates-unsubscribe@papaleguas.conectiva.com.br -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE8BkQ+42jd0JmAcZARApFvAKCl+ekMYKl4mUlnjYOPzmdpdRQ2WQCfZ37k B9JhTSxN7u70wdESzG+mjhQ= =+0Mk -----END PGP SIGNATURE-----
Category:
Author: JT Smith
