Routine upgrades completed

A series of routine upgrades to all the main CMS (content management systems) hosted on the DEOSS Community Server have been completed successfully. This includes all sites running Coppermine, eGroupware, Joomla, Moodle, phpBB, TikiWiki and WordPress.

All went to plan and there was no server downtime. The entire server is scheduled for another complete off-site backup via RSync later this evening.

Posted in Server News | Comments Off on Routine upgrades completed

Server upgrades

All the main content management systems hosted on the DEOSS community server have been upgraded today, including all those using  Coppermine, Joomla, Moodle, phpBB, Tikiwiki or WordPress. In addition, several of our WordPress sites also required upgrades to their “contact form” plugins.

All this work has now been successfully completed with no server downtime. However some of the contact forms may have been off-line for a couple of minutes. The entire server is currently being RSync’d to a remote server.

Posted in Good News, Server News | Comments Off on Server upgrades

Routine upgrades completed

All Coppermine, eGroupware, Joomla, Moodle. phpBB, Tikiwiki and WordPress sites hosted on the DEOSS community Server have been routinely upgraded. The main server has also been upgraded and backed up to remote storage via RSync.

Everything went smoothly and there was no server downtime.

Posted in Good News, Server News | Comments Off on Routine upgrades completed

Moodle upgrade

Following a security announcement from Moodle developer Martin Dougiamas, all three of the Moodle sites hosted here at DEOSS have been upgraded to the latest version, released yesterday.

The entire site has been backed up to a remote server. There was no server downtime.

Posted in Good News, Server News | Comments Off on Moodle upgrade

Site update.

Following some rather alarming news regarding a privilege escalation flaw in the Linux kernel, the DEOSS community server has just received a series of security patches. The main issue was a bug known as CVE-2010-3904. Seems that an attacker would have actualy needed local (rather than remote shell) access in order to exploit this vulnerability because it relates to the way data is moved between kernel and user space:-

“On Linux, recvmsg() style socket calls are performed using iovec structs, which allow a user to specify a base address and size for a buffer used to receive socket data. Each packet family is responsible for defining functions that copy socket data, which is received by the kernel, back to user space to allow user programs to process and handle received network data.

When performing this copying of data to user space, the RDS protocol failed to verify that the base address of a user-provided iovec struct pointed to a valid userspace address before using the __copy_to_user_inatomic() function to copy the data. As a result, by providing a kernel address as an iovec base and issuing a recvmsg() style socket call, a local user could write arbitrary data into kernel memory. This can be leveraged to escalate privileges to root.

The Linux Kernel flaw was fixed within six days of its being reported. We feel this is actually a very good response time – far faster that is customary fixing security issues with certain proprietary operating systems!

This is the Timeline:-

2010-10-13 Vulnerability reported to Linux security team
2010-10-13 Response, agreement on disclosure date
2010-10-19 Fix publicly committed
2010-10-19 Coordinated disclosure

Source:-
http://www.vsecurity.com/resources/advisory/20101019-1/

There was also a second less serious privilege escalation flaw (CVE-2010-3847). This is related to a bug in the library loader of the GNU C library. It seems that Red Hat Enterprise Linux (RHEL) 5 and CentOS are affected, whilst 64 bit Ubuntu 10.04 is unaffected. Ubuntu is a Debian-based OS. However it is unclear whether whether Debian itself was affected or not.

Source:-
http://www.h-online.com/security/news/item/Root-privileges-through-vulnerability-in-GNU-C-loader-1110182.html

Nevertheless, this potential security issue has been patched anyway and we applied the patch to the DEOSS community server today.

We have also routinely upgraded all the Moodle, Joomla, Coppermine, eGroupware TikiWiki and WordPress CMS’s hosted on this server and a full off-site remote backup has been undertaken both before and after the various patching and upgrading.

Posted in Bad News, Good News, Server News | Comments Off on Site update.

Server Upgrades

Sorry the blog has been a bit quiet. In a nutshell, we have been undertaking a number of small but necessary upgrades and improvements to the DEOSS Community Server, including:-

  1. Improvements to our backup strategy
  2. Operating system and kernel upgrade
  3. Upgrades to all customer sites
  4. Improved procedures for implementing site upgrades.

We did one more full “test” remote backup this evening. All went well and there was no server downtime.

Posted in Good News, Server News | Comments Off on Server Upgrades

Minor upgrades & Rsync

A number of successful minor upgrades have been made to various DEOSS-hosted sites. The server was then RSync’d to a remote server. All went smoothly and there was no server downtime.

Posted in Server News | Comments Off on Minor upgrades & Rsync

Joomla sites affected by routine upgrade

Following a routine upgrade last night, several of our Joomla sites stopped working. Seems the upgrade re-created a previously deleted Joomla subdirectory called “installation”. Joomla is designed to stop functioning if this subdirectory is present. What is unclear at the moment is why this perfectly routine upgrade via a perfectly reliable program called “Subversion” created this unwanted directory, when it never has during previous upgrades?

Anyway, owner’s and users of Joomla sites here on DEOSS will be pleased to know that the problem has been fixed and all our Joomla sites should be working as normal.

The rest of the upgrade went fine, without issue and the entire site has been Rsync’d to a remote server.

Posted in Server News | Comments Off on Joomla sites affected by routine upgrade

Server upgrade & RSync

A successful minor server upgrade followed by an incremental RSync to a remote server was completed in the early hours of this morning. There was no server downtime.

Posted in Server News | Comments Off on Server upgrade & RSync

Upgrades & RSync

All instances of WordPress, Joomla & Coppermine on the DEOSS server have been updated via svn. The server was then RSync’d to a remote server. All went smoothly and there was no server downtime.

Posted in Server News | Comments Off on Upgrades & RSync