ლ(ಠ益ಠლ)

CVE-2015-0235 - GHOST: Glibc Gethostbyname Buffer Overflow

"During a code audit performed internally at Qualys, we discovered a buffer overflow in the __nss_hostname_digits_dots() function of the GNU C Library (glibc). This bug is reachable both locally and remotely via the gethostbyname*() functions, so we decided to analyze it -- and its impact -- thoroughly, and named this vulnerability 'GHOST'."

Qualys Security Advisory

The following is a proof of concept of “GHOST”, written in C, provided by Qualys–access to GNU compiler (‘gcc’) is necessary.

Gentoo: Sys-fs/udev-216 Update Failure

Updating a Gentoo server that hasn’t seen updates in a long while–during an update operation, it pulled in udev, which eventually errored out:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
cc1: warning: unrecognized command line option "-Wno-typedef-redefinition"
Makefile:15334: recipe for target 'src/libudev/libudev_la-libudev.lo' failed
make: *** [src/libudev/libudev_la-libudev.lo] Error 1
At top level:
cc1: warning: unrecognized command line option "-Wno-typedef-redefinition"
Makefile:15355: recipe for target 'src/libudev/libudev_la-libudev-device.lo' failed
make: *** [src/libudev/libudev_la-libudev-device.lo] Error 1
cc1: warning: unrecognized command line option "-Wno-typedef-redefinition"
Makefile:13640: recipe for target 'src/libsystemd/sd-bus/libsystemd_internal_la-sd-bus.lo' failed
make: *** [src/libsystemd/sd-bus/libsystemd_internal_la-sd-bus.lo] Error 1
 [31;01m*[0m ERROR: sys-fs/udev-216::gentoo failed (compile phase):
 [31;01m*[0m   emake failed
 [31;01m*[0m 
 [31;01m*[0m If you need support, post the output of `emerge --info '=sys-fs/udev-216::gentoo'`,
 [31;01m*[0m the complete build log and the output of `emerge -pqv '=sys-fs/udev-216::gentoo'`.
 [31;01m*[0m The complete build log is located at '/var/tmp/portage/sys-fs/udev-216/temp/build.log'.
 [31;01m*[0m The ebuild environment file is located at '/var/tmp/portage/sys-fs/udev-216/temp/environment'.
 [31;01m*[0m Working directory: '/var/tmp/portage/sys-fs/udev-216/work/systemd-216-abi_x86_64.amd64'
 [31;01m*[0m S: '/var/tmp/portage/sys-fs/udev-216/work/systemd-216'

Octopress Install: Could Not Find a JavaScript Runtime

It’s been at least a year since I bothered updating Octopress–I cloned the Octopress source code from git and when attempting the ‘rake install’:

1
"runtimes.rb:51:in `autodetect': Could not find a JavaScript runtime. See https://github.com/sstephenson/execjs for a list of available runtimes. (ExecJS::RuntimeUnavailable)"