DOCSLIB.ORG

Vulnerability Summary for the Week of March 27, 2017

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Vulnerability Summary for the Week of March 27, 2017 Vulnerability Summary for the Week of March 27, 2017 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The CVSS (Common Vulnerability Scoring 'ystem) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity allwinnertech ** linu+*,.4* The sun+i*debug driver in .llwinner ,.4 legacy 2017-03-27 7.2 CVE-2016- 10225 sun+i $ernel for H,, ./,T and H/ devices allows local MLIST (link is users to gain root #rivileges by sending external) 0rootmydevice0 to MLIST (link is external) 1#roc1sun+i2debug1sun+i2debug. BID (link is external) CONFIRM (link is external) MISC MISC (link is external) a#ache ** camel .#ache amel's 4ac$son and 4ac$son5ML 2017-03-28 7.5 CVE-2016-8749 CONFIRM unmarshalling operation are vulnerable to BID (link is 6emote ode "+ecution attac$s. external) a#ache ** #oi .#ache P7% in versions #rior to release ,.89 2017-03-24 7.1 CVE-2017-5644 CONFIRM allows remote attac$ers to cause a denial of BID (link is service ( P: consum#tion) via a s#ecially crafted external) 775ML file, a$a an 5ML Entity "+#ansion (5"") attac$. artife+ ** mu;s Hea#*based buffer overflow in the 2017-03-24 7.5 CVE-2016- 10133 ;s2stac$overflow function in ;srun.c in .rtife+ CONFIRM (link is external) 'oftware, %nc. Mu4' allows attac$ers to have MLIST (link is uns#ecified im#act by leveraging an error when external) drop#ing e+tra arguments to lightweight MLIST (link is external) functions. CONFIRM (link is external) FEDORA eviewg#s ** ev- &ue to a lac$ of authentication, an 2017-03-27 7.8 CVE-2017-5237 BID (link is <=s2g#s2trac$er2firmwar unauthenticated user who $nows the Eview "!* external) e <=' >P' Trac$er3s #hone number can revert the MISC (link is device to a factory default configuration with an external) 'M' command, 06"'"T?0 gnu ** gnutls Double free vulnerability in the 2017-03-24 7.5 CVE-2017-5334 SUSE gnutls2+9<@2e+t2im#ort2#roxy function in MLIST (link is >nuTL' before ,.3.2B and ,.5.x before ,.5./ external) allows remote attac$ers to have uns#ecified MLIST (link is external) im#act via crafted #olicy language information BID (link is in an 5.5<@ certificate with a Proxy ertificate external) %nformation e+tension. SECTRACK (link is external) CONFIRM (link is external) CONFIRM GENTOO gnu ** gnutls 'tac$*based buffer overflow in the 2017-03-24 7.5 CVE-2017-5336 SUSE cdk2#$2get2$eyid function in MLIST (link is lib1opencdk1#ub$ey.c in >nuTL' before ,.3.2B external) and ,.5.x before ,.5.8 allows remote attac$ers to MLIST (link is external) have uns#ecified im#act via a crafted 7#enP>P BID (link is certificate. external) SECTRACK (link is external) MISC CONFIRM (link is external) CONFIRM GENTOO gnu ** gnutls Multi#le hea#*based buffer overflows in the 2017-03-24 7.5 CVE-2017-5337 SUSE read_attribute function in >nuTL' before ,.3.2B MLIST (link is and ,.5.x before ,.5.8 allow remote attac$ers to external) have uns#ecified im#act via a crafted 7#enP>P MLIST (link is external) certificate. BID (link is external) SECTRACK (link is external) MISC MISC CONFIRM (link is external) CONFIRM GENTOO hesiod_#ro;ect ** hesiod The read_config2file function in lib1hesiod.c in 2017-03-28 10.0 CVE-2016- 10152 Hesiod ,.2.1 falls bac$ to the 0.athena.mit.edu0 MLIST (link is default domain when opening the configuration external) file fails, which allows remote attac$ers to gain BID (link is external) root #rivileges by #oisoning the DNS cache. CONFIRM (link is external) CONFIRM (link is external) huawei ** Huawei .6,A<< routers with software before 2017-03-24 10.0 CVE-2016-6206 CONFIRM (link ar,A<<2firmware !A<<6<<= <<'P B<< allow remote attac$ers to is external) cause a denial of service or e+ecute arbitrary BID (link is code via a crafted #ac$et. external) huawei ** The %ON driver in Huawei P/ smart#hones with 2017-03-24 7.1 CVE-2015-8678 CONFIRM (link mate2s2firmware software >6.*TL<< before >6.*TL<< <8CA,<, is external) >6.* L<< before >6.* L<< @ACA,<, >6.* L8< before >6.* L8< @ACA,<, >6.*:L<< before >6.*:L<< <<CA,<, and >6.*:L8< before >6.* :L8< <<CA,< and Mate ' smart#hones with software 66*TL<< before 66* TL<< <8C8B<'P<8, 66*:L<< before 66* :L<< <<C8B<, and 66* L<< before 66* L<< @AC8B8 allows remote attac$ers to cause a denial of service (crash) via a crafted a##lication. imagemagic$ ** coders1i#l.c in %mageMagic$ allows remote 2017-03-24 7.5 CVE-2016- 10144 imagemagic$ attac$ers to have uns#ecific im#act by MLIST (link is leveraging a missing malloc chec$. external) MLIST (link is external) BID (link is external) CONFIRM CONFIRM (link is external) imagemagic$ ** 7ff*by-one error in coders1wpg.c in 2017-03-24 7.5 CVE-2016- 10145 imagemagic$ %mageMagic$ allows remote attac$ers to have MLIST (link is uns#ecified im#act via vectors related to a string external) copy. MLIST (link is external) BID (link is external) CONFIRM CONFIRM (link is external) imagemagic$ ** Multi#le memory lea$s in the ca#tion and label 2017-03-24 7.8 CVE-2016- 10146 imagemagic$ handling code in %mageMagic$ allow remote MLIST (link is attac$ers to cause a denial of service (memory external) consum#tion) via uns#ecified vectors. MLIST (link is external) BID (link is external) CONFIRM CONFIRM (link is external) imagemagic$ ** Memory lea$ in coders1m#c.c in %mageMagic$ 2017-03-24 7.8 CVE-2017-5507 MLIST (link is imagemagic$ before B.9.=*- and =.x before =.0.4*- allows external) remote attac$ers to cause a denial of service MLIST (link is (memory consum#tion) via vectors involving a external) BID (link is #i+el cache. external) CONFIRM CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) imagemagic$ ** coders1#sd.c in %mageMagic$ allows remote 2017-03-24 7.5 CVE-2017-5511 MLIST (link is imagemagic$ attac$ers to have uns#ecified im#act by external) leveraging an im#ro#er cast, which triggers a MLIST (link is hea#*based buffer overflow. external) BID (link is external) CONFIRM CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) intelliants ** subrion2cms 'ubrion M' -.0.9.1< has 'DL in;ection in 2017-03-26 7.5 CVE-2017-6013 BID (link is admin1database1 via the Euery #arameter. external) MISC (link is external) irssi ** irssi The net;oin #rocessing in %rssi 8.x before 8.0.A 2017-03-27 7.5 CVE-2017-7191 BID (link is allows attac$ers to cause a denial of service (use* external) after*free) and #ossibly e+ecute arbitrary code CONFIRM (link via uns#ecified vectors. is external) CONFIRM libgitA2#ro;ect ** libgitA Cuffer overflow in the git2#$t2#arse2line 2017-03-24 7.5 CVE-2016- 10128 function in trans#orts1smart2#$t.c in the >it SUSE 'mart Protocol su##ort in libgitA before <.A-.6 SUSE and <.29.x before <.29.1 allows remote attac$ers SUSE MLIST (link is to have uns#ecified im#act via a crafted non* external) flush #ac$et. MLIST (link is external) BID (link is external) CONFIRM (link is external) CONFIRM (link is external) CONFIRM (link is external) linu+ ** linu+2$ernel The vmw_surface2define2ioctl function in 2017-03-28 7.2 CVE-2017-7294 BID (link is drivers1g#u1drm1vmwgf+1vmwgf+2surface.c in external) the Linu+ $ernel through -.1<.6 does not MISC (link is validate addition of certain levels data, which external) MISC allows local users to trigger an integer overflow and out*of*bounds write, and cause a denial of service (system hang or crash) or #ossibly gain #rivileges, via a crafted ioctl call for a 1dev/dri1render&F device. linu+ ** linu+2$ernel The #ac$et2set2ring function in 2017-03-29 7.2 CVE-2017-7308 BID (link is net1#ac$et1af2#ac$et.c in the Linu+ $ernel external) through -.1<.6 does not #roperly validate CONFIRM certain bloc$*size data, which allows local users to cause a denial of service (overflow) or #ossibly have uns#ecified other im#act via crafted system calls. microsoft ** iis Cuffer overflow in the 'c'toragePathGrom:rl 2017-03-26 10.0 CVE-2017-7269 function in the Heb&.! service in %nternet BID (link is external) %nformation 'ervices (%%') B.0 in Microsoft MISC (link is Hindows 'erver A<<, 6A allows remote attac$ers external) to e+ecute arbitrary code via a long header MISC (link is external) beginning with 0%f: Ihtt#:/10 in a P6OPG%ND MISC (link is reEuest, as e+#loited in the wild in 4uly or .ugust external) A<8B. MISC (link is external) modx ** modx2revolution setu#1controllers1welcome.ph# in M7&5 2017-03-30 7.5 CVE-2017-7321 BID (link is 6evolution A.5.4*#l and earlier allows remote external) attac$ers to e+ecute arbitrary PHP code via the MISC (link is config2$ey #arameter to the setu#1inde+.ph#J external) actionKwelcome :6%. modx ** modx2revolution setu#1tem#lates1findcore.ph# in M7&5 2017-03-30 7.5 CVE-2017-7324 BID (link is 6evolution A.5.4*#l and earlier allows remote external) attac$ers to e+ecute arbitrary PHP code via the MISC (link is core2#ath #arameter.
Load more

Recommended publications
  • Toolchains Instructor: Prabal Dutta Date: October 2, 2012
    EECS 373: Design of Microprocessor-Based Systems Fall 2012 Lecture 3: Toolchains Instructor: Prabal Dutta Date: October 2, 2012 Note: Unless otherwise specified, these notes assume: (i) an ARM Cortex-M3 processor operating in little endian mode; (ii) the ARM EABI application binary interface; and (iii) the GNU GCC toolchain. Toolchains A complete software toolchain includes programs to convert source code into binary machine code, link together separately assembled/compiled code modules, disassemble the binaries, and convert their formats. Binary program file (.bin) Assembly Object Executable files (.s) files (.o) image file objcopy ld (linker) as objdump (assembler) Memory layout Disassembled Linker code (.lst) script (.ld) Figure 0.1: Assembler Toolchain. A typical GNU (GNU's Not Unix) assembler toolchain includes several programs that interact as shown in Figure 0.1 and perform the following functions: • as is the assembler and it converts human-readable assembly language programs into binary machine language code. It typically takes as input .s assembly files and outputs .o object files. • ld is the linker and it is used to combine multiple object files by resolving their external symbol references and relocating their data sections, and outputting a single executable file. It typically takes as input .o object files and .ld linker scripts and outputs .out executable files. • objcopy is a translation utility that copies and converts the contents of an object file from one format (e.g. .out) another (e.g. .bin). • objdump is a disassembler but it can also display various other information about object files. It is often used to disassemble binary files (e.g.
    [Show full text]
  • Université De Montréal Context-Aware
    UNIVERSITE´ DE MONTREAL´ CONTEXT-AWARE SOURCE CODE IDENTIFIER SPLITTING AND EXPANSION FOR SOFTWARE MAINTENANCE LATIFA GUERROUJ DEPARTEMENT´ DE GENIE´ INFORMATIQUE ET GENIE´ LOGICIEL ECOLE´ POLYTECHNIQUE DE MONTREAL´ THESE` PRESENT´ EE´ EN VUE DE L'OBTENTION DU DIPLOME^ DE PHILOSOPHIÆ DOCTOR (GENIE´ INFORMATIQUE) JUILLET 2013 ⃝c Latifa Guerrouj, 2013. UNIVERSITE´ DE MONTREAL´ ECOLE´ POLYTECHNIQUE DE MONTREAL´ Cette th`ese intitul´ee: CONTEXT-AWARE SOURCE CODE IDENTIFIER SPLITTING AND EXPANSION FOR SOFTWARE MAINTENANCE pr´esent´eepar: GUERROUJ Latifa en vue de l'obtention du dipl^ome de: Philosophiæ Doctor a ´et´ed^ument accept´eepar le jury d'examen constitu´ede: Mme BOUCHENEB Hanifa, Doctorat, pr´esidente M. ANTONIOL Giuliano, Ph.D., membre et directeur de recherche M. GUEH´ ENEUC´ Yann-Ga¨el, Ph.D., membre et codirecteur de recherche M. DESMARAIS Michel, Ph.D., membre Mme LAWRIE Dawn, Ph.D., membre iii This dissertation is dedicated to my parents. For their endless love, support and encouragement. iv ACKNOWLEDGMENTS I am very grateful to both Giulio and Yann for their support, encouragement, and intel- lectual input. I worked with you for four years or even less, but what I learned from you will last forever. Giulio, your passion about research was a source of inspiration and motivation for me. Also, your mentoring and support have been instrumental in achieving my goals. Yann, your enthusiasm and guidance have always been a strength for me to keep moving forward. Research would not be as much fun without students and researchers to collaborate with. It has been a real pleasure and great privilege working with Massimiliano Di Penta (University of Sannio), Denys Poshyvanyk (College of William and Mary), and their teams.
    [Show full text]
  • Latexsample-Thesis
    INTEGRAL ESTIMATION IN QUANTUM PHYSICS by Jane Doe A dissertation submitted to the faculty of The University of Utah in partial fulfillment of the requirements for the degree of Doctor of Philosophy Department of Mathematics The University of Utah May 2016 Copyright c Jane Doe 2016 All Rights Reserved The University of Utah Graduate School STATEMENT OF DISSERTATION APPROVAL The dissertation of Jane Doe has been approved by the following supervisory committee members: Cornelius L´anczos , Chair(s) 17 Feb 2016 Date Approved Hans Bethe , Member 17 Feb 2016 Date Approved Niels Bohr , Member 17 Feb 2016 Date Approved Max Born , Member 17 Feb 2016 Date Approved Paul A. M. Dirac , Member 17 Feb 2016 Date Approved by Petrus Marcus Aurelius Featherstone-Hough , Chair/Dean of the Department/College/School of Mathematics and by Alice B. Toklas , Dean of The Graduate School. ABSTRACT Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah.
    [Show full text]
  • Getting Started with RTEMS Edition 4.7.2, for 4.7.2
    Getting Started with RTEMS Edition 4.7.2, for 4.7.2 14 February 2008 On-Line Applications Research Corporation On-Line Applications Research Corporation TEXinfo 2006-10-04.17 COPYRIGHT c 1988 - 2006. On-Line Applications Research Corporation (OAR). The authors have used their best efforts in preparing this material. These efforts include the development, research, and testing of the theories and programs to determine their effectiveness. No warranty of any kind, expressed or implied, with regard to the software or the material contained in this document is provided. No liability arising out of the application or use of any product described in this document is assumed. The authors reserve the right to revise this material and to make changes from time to time in the content hereof without obligation to notify anyone of such revision or changes. The RTEMS Project is hosted at http://www.rtems.com. Any inquiries concerning RTEMS, its related support components, its documentation, or any custom services for RTEMS should be directed to the contacts listed on that site. A current list of RTEMS Support Providers is at http://www.rtems.com/support.html. i Table of Contents 1 Introduction..................................... 1 1.1 Real-Time Embedded Systems.................................. 1 1.2 Cross Development ............................................. 2 1.3 Resources on the Internet ...................................... 3 1.3.1 Online Tool Documentation ............................... 3 1.3.2 RTEMS Mailing List ...................................... 3 1.3.3 CrossGCC Mailing List.................................... 3 1.3.4 GCC Mailing Lists ........................................ 3 2 Requirements ................................... 5 2.1 Disk Space ..................................................... 5 2.2 General Host Software Requirements ........................... 5 2.2.1 GCC .....................................................
    [Show full text]
  • Integral Estimation in Quantum Physics
    INTEGRAL ESTIMATION IN QUANTUM PHYSICS by Jane Doe A dissertation submitted to the faculty of The University of Utah in partial fulfillment of the requirements for the degree of Doctor of Philosophy in Mathematical Physics Department of Mathematics The University of Utah May 2016 Copyright c Jane Doe 2016 All Rights Reserved The University of Utah Graduate School STATEMENT OF DISSERTATION APPROVAL The dissertation of Jane Doe has been approved by the following supervisory committee members: Cornelius L´anczos , Chair(s) 17 Feb 2016 Date Approved Hans Bethe , Member 17 Feb 2016 Date Approved Niels Bohr , Member 17 Feb 2016 Date Approved Max Born , Member 17 Feb 2016 Date Approved Paul A. M. Dirac , Member 17 Feb 2016 Date Approved by Petrus Marcus Aurelius Featherstone-Hough , Chair/Dean of the Department/College/School of Mathematics and by Alice B. Toklas , Dean of The Graduate School. ABSTRACT Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah. Blah blah blah blah blah blah blah blah blah blah blah blah blah blah blah.
    [Show full text]
  • AVR 32-Bit GNU Toolchain: Release 3.4.2.435
    AVR 32-bit GNU Toolchain: Release 3.4.2.435 The AVR 32-bit GNU Toolchain supports all AVR 32-bit devices. The AVR 32- bit Toolchain is based on the free and open-source GCC compiler. The toolchain 8/32-bits Atmel includes compiler, assembler, linker and binutils (GCC and Binutils), Standard C library (Newlib). Microcontrollers About this release Release 3.4.2.435 This is an update release that fixes some defects and upgrades GCC and Binutils to higher versions. Installation Instructions System Requirements AVR 32-bit GNU Toolchain is supported under the following configurations Hardware requirements • Minimum processor Pentium 4, 1GHz • Minimum 512 MB RAM • Minimum 500 MB free disk space AVR 32-bit GNU Toolchain has not been tested on computers with less resources, but may run satisfactorily depending on the number and size of projects and the user's patience. Software requirements • Windows 2000, Windows XP, Windows Vista or Windows 7 (x86 or x86-64). • Fedora 13 or 12 (x86 or x86-64), RedHat Enterprise Linux 4/5/6, Ubuntu Linux 10.04 or 8.04 (x86 or x86-64), or SUSE Linux 11.2 or 11.1 (x86 or x86-64). AVR 32-bit GNU Toolchain may very well work on other distributions. However those would be untested and unsupported. AVR 32-bit GNU Toolchain is not supported on Windows 98, NT or ME. Downloading and Installing The package comes in two forms. • As part of a standalone installer • As Atmel Studio 6.x Toolchain Extension It may be downloaded from Atmel's website at http://www.atmel.com or from the Atmel Studio Extension Gallery.
    [Show full text]
  • GCC Configuration and Building
    GCC Configuration and Building Uday Khedker (www.cse.iitb.ac.in/˜uday) GCC Resource Center, Department of Computer Science and Engineering, Indian Institute of Technology, Bombay January 2012 CS 715 Config and Build: Outline 1/52 Outline • Code Organization of GCC • Configuration and Building • Registering New Machine Descriptions • Building a Cross Compiler • Testing GCC Uday Khedker GRC, IIT Bombay Part 1 GCC Code Organization CS 715 Config and Build: GCC Code Organization 2/52 GCC Code Organization Logical parts are: • Build configuration files • Front end + generic + generator sources • Back end specifications • Emulation libraries (eg. libgcc to emulate operations not supported on the target) • Language Libraries (except C) • Support software (e.g. garbage collector) Uday Khedker GRC, IIT Bombay CS 715 Config and Build: GCC Code Organization 3/52 GCC Code Organization Front End Code • Source language dir: $(SOURCE D)/gcc/<lang dir> • Source language dir contains ◮ Parsing code (Hand written) ◮ Additional AST/Generic nodes, if any ◮ Interface to Generic creation Except for C – which is the “native” language of the compiler C front end code in: $(SOURCE D)/gcc Optimizer Code and Back End Generator Code • Source language dir: $(SOURCE D)/gcc Uday Khedker GRC, IIT Bombay CS 715 Config and Build: GCC Code Organization 4/52 Back End Specification • $(SOURCE D)/gcc/config/<target dir>/ Directory containing back end code • Two main files: <target>.h and <target>.md, e.g. for an i386 target, we have $(SOURCE D)/gcc/config/i386/i386.md and $(SOURCE D)/gcc/config/i386/i386.h • Usually, also <target>.c for additional processing code (e.g.
    [Show full text]
  • In Using the GNU Compiler Collection (GCC)
    Using the GNU Compiler Collection For gcc version 6.1.0 (GCC) Richard M. Stallman and the GCC Developer Community Published by: GNU Press Website: http://www.gnupress.org a division of the General: [email protected] Free Software Foundation Orders: [email protected] 51 Franklin Street, Fifth Floor Tel 617-542-5942 Boston, MA 02110-1301 USA Fax 617-542-2652 Last printed October 2003 for GCC 3.3.1. Printed copies are available for $45 each. Copyright c 1988-2016 Free Software Foundation, Inc. Permission is granted to copy, distribute and/or modify this document under the terms of the GNU Free Documentation License, Version 1.3 or any later version published by the Free Software Foundation; with the Invariant Sections being \Funding Free Software", the Front-Cover Texts being (a) (see below), and with the Back-Cover Texts being (b) (see below). A copy of the license is included in the section entitled \GNU Free Documentation License". (a) The FSF's Front-Cover Text is: A GNU Manual (b) The FSF's Back-Cover Text is: You have freedom to copy and modify this GNU Manual, like GNU software. Copies published by the Free Software Foundation raise funds for GNU development. i Short Contents Introduction ::::::::::::::::::::::::::::::::::::::::::::: 1 1 Programming Languages Supported by GCC ::::::::::::::: 3 2 Language Standards Supported by GCC :::::::::::::::::: 5 3 GCC Command Options ::::::::::::::::::::::::::::::: 9 4 C Implementation-Defined Behavior :::::::::::::::::::: 373 5 C++ Implementation-Defined Behavior ::::::::::::::::: 381 6 Extensions to
    [Show full text]
  • RCC User's Manual
    RCC 1.1.1 RCC User’s Manual Version 1.1.1 March 2008 GAISLER RESEARCH - 2 - RCC User’s Manual Copyright 2008 Gaisler Research. Permission is granted to make and distribute verbatim copies of this manual provided the copyright notice and this permission notice are preserved on all copies. Permission is granted to copy and distribute modified versions of this manual under the conditions for verbatim copying, provided also that the entire resulting derived work is distributed under the terms of a permission notice identical to this one. Permission is granted to copy and distribute translations of this manual into another language, under the above conditions for modified versions. GAISLER RESEARCH RCC 1.1.1 1 Introduction..................................................................................................... 4 1.1 General............................................................................................................ 4 1.2 Installation on host platform........................................................................... 4 1.2.1 Host requirements........................................................................................... 4 1.2.2 Installing RCC on Windows platforms........................................................... 4 1.2.3 Installing on Linux platforms ......................................................................... 6 1.3 Contents of /opt/rtems-4.8 .............................................................................. 7 1.4 RCC tools.......................................................................................................
    [Show full text]
  • SLES Security Guide-EAL3
    SLES Security Guide Klaus Weidner <[email protected]> December 4, 2003; v2.33 atsec is a trademark of atsec GmbH IBM, IBM logo, BladeCenter, eServer, iSeries, OS/400, PowerPC, POWER3, POWER4, POWER4+, pSeries, S390, xSeries, zSeries, zArchitecture, and z/VM are trademarks or registered trademarks of International Business Machines Corporation in the United States, other countries, or both. Intel and Pentium are trademarks of Intel Corporation in the United States, other countries, or both. Java and all Java-based products are trademarks of Sun Microsystems, Inc., in the United States, other countries, or both. Linux is a registered trademark of Linus Torvalds. UNIX is a registered trademark of The Open Group in the United States and other countries. This document is provided AS IS with no express or implied warranties. Use the information in this document at your own risk. This document may be reproduced or distributed in any form without prior permission provided the copyright notice is retained on all copies. Modified versions of this document may be freely distributed provided that they are clearly identified as such, and this copyright is included intact. Copyright (c) 2003 by atsec GmbH, and IBM Corporation or its wholly owned subsidiaries. 2 Contents 1 Introduction 6 1.1 Purpose of this document . 6 1.2 How to use this document . 6 1.3 What is a CC compliant System? . 6 1.3.1 Hardware requirements . 7 1.3.2 Software requirements . 7 1.3.3 Environmental requirements . 7 1.3.4 Operational requirements . 7 1.4 Requirements for the system’s environment .
    [Show full text]
  • 1. Why POCS.Key
    Symptoms of Complexity Prof. George Candea School of Computer & Communication Sciences Building Bridges A RTlClES A COMPUTER SCIENCE PERSPECTIVE OF BRIDGE DESIGN What kinds of lessonsdoes a classical engineering discipline like bridge design have for an emerging engineering discipline like computer systems Observation design?Case-study editors Alfred Spector and David Gifford consider the • insight and experienceof bridge designer Gerard Fox to find out how strong the parallels are. • bridges are normally on-time, on-budget, and don’t fall ALFRED SPECTORand DAVID GIFFORD • software projects rarely ship on-time, are often over- AS Gerry, let’s begin with an overview of THE DESIGN PROCESS bridges. AS What is the procedure for designing and con- GF In the United States, most highway bridges are budget, and rarely work exactly as specified structing a bridge? mandated by a government agency. The great major- GF It breaks down into three phases: the prelimi- ity are small bridges (with spans of less than 150 nay design phase, the main design phase, and the feet) and are part of the public highway system. construction phase. For larger bridges, several alter- There are fewer large bridges, having spans of 600 native designs are usually considered during the Blueprints for bridges must be approved... feet or more, that carry roads over bodies of water, preliminary design phase, whereas simple calcula- • gorges, or other large obstacles. There are also a tions or experience usually suffices in determining small number of superlarge bridges with spans ap- the appropriate design for small bridges. There are a proaching a mile, like the Verrazzano Narrows lot more factors to take into account with a large Bridge in New Yor:k.
    [Show full text]
  • AN 353 FT32 GNU Toolchain Quick Start Guide Version 1.0
    Application Note AN_353 FT32 GNU Toolchain Quick Start Guide Version 1.0 Issue Date: 2015-10-13 This document provide an overview of FT32 GNU toolchain and its quick usage, it also provide solutions for FT90x security feature and chip configuration function. At the end of this document, resource for further study is provided. Use of FTDI devices in life support and/or safety applications is entirely at the user’s risk, and the user agrees to defend, indemnify and hold FTDI harmless from any and all damages, claims, suits or expense resulting from such use. Future Technology Devices International Limited (FTDI) Unit 1, 2 Seaward Place, Glasgow G41 1HH, United Kingdom Tel.: +44 (0) 141 429 2777 Fax: + 44 (0) 141 429 2758 Web Site: http://ftdichip.com Copyright © 2015 Future Technology Devices International Limited Application Note AN_353 FT32 GNU Toolchain Quick Start Guide Version 1.0 Document Reference No.: FT_001136 Clearance No.: FTDI# 473 Table of Contents 1 Introduction .............................................................. 2 1.1 GCC ..................................................................................... 2 1.2 GNU Binutils ........................................................................ 2 2 Basic Tool Chain Usage .............................................. 4 3 FT90x Security Feature Implementation .................... 5 4 FT90x Chip Configuration Function Implementation .. 6 5 Further Study ............................................................ 7 6 Contact Information .................................................
    [Show full text]