DOCSLIB.ORG

Vulnerability Summary for the Week of May 5, 2014

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Vulnerability Summary for the Week of May 5, 2014 Vulnerability Summary for the Week of May 5, 2014 Please Note: • The vulnerabilities are cattegorized by their level of severity which is either High, Medium or Low. • The !" indentity number is the #ublicly $nown %& given to that #articular vulnerability. Therefore you can search the status of that #articular vulnerability using that %&. • The !'S (Common !ulnerability 'coring System) score is a standard scoring system used to determine the severity of the vulnerability. High Severity Vulnerabilities The Primary Vendor --- Description Date CVSS The CVE Product Published Score Identity acuneti* ++ 'tac$+based buffer overflow in -cuneti* .eb 2014-04-27 10.0 CVE-2014-2994 web,vulnerability_scanne !ulnerability 'canner (.!') / build 01201314 r allows remote attac$ers to e*ecute arbitrary code via an HTML file containing an %M5 element with a long 67L (src attribute). adobe ++ flash,#layer 8uffer overflow in -dobe 9lash Player before 2014-04-29 10.0 CVE-2014-0515 22.7.711.03: and 22.8.x through 2;.0.x before 2;.0.0.21< on .indows and =' >, and before 22.2.210.;?< on Linu*, allows remote attac$ers to e*ecute arbitrary code via uns#ecified vectors, as e*#loited in the wild in -#ril 0124. a#ache ++ struts Parameters%nterce#tor in -#ache 'truts before 2014-04-29 7.5 CVE-2014-0112 0.;.1<.2 does not #roperly restrict access to the get lass method, which allows remote attac$ers to @mani#ulate@ the lassLoader and e*ecute arbitrary code via a crafted reAuest. NOTE: this vulnerability e*ists because of an incom#lete fi* for !"+0124+11:4. a#ache ++ struts oo$ie%nterce#tor in -#ache 'truts before 2014-04-29 7.5 CVE-2014-0113 0.;.1<.2, when a wildcard cookiesName value is used, does not #roperly restrict access to the get lass method, which allows remote attac$ers to @mani#ulate@ the lassLoader and e*ecute arbitrary code via a crafted reAuest. NOTE: this vulnerability e*ists because of an incom#lete fi* for !"+0124+11:4. a#ache ++ struts The -ction9orm obBect in -#ache 'truts 2.x 2014-04-30 7.5 CVE-2014-0114 through 2.3.11 allows remote attac$ers to @mani#ulate@ the lassLoader and e*ecute arbitrary code via the class #arameter, which is #assed to the get lass method. cisco ++ isco TelePresence 'ystem M>P 'eries 'oftware 2014-05-02 7.1 CVE-2014-2156 tele#resence,system,soft before 9:.3.2 allows remote attac$ers to cause a ware denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' ty4?3;:. cisco ++ isco TelePresence 'ystem M>P 'eries 'oftware 2014-05-02 7.1 CVE-2014-2157 tele#resence,system,soft before 9:.3.2 allows remote attac$ers to cause a ware denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' ty4?3;;. cisco ++ isco TelePresence 'ystem M>P 'eries 'oftware 2014-05-02 7.8 CVE-2014-2158 tele#resence,system,soft before 9:.3.2 allows remote attac$ers to cause a ware denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' ty4?301. cisco ++ The H.20? subsystem in isco TelePresence 2014-05-02 7.8 CVE-2014-2159 tele#resence,system,soft 'ystem M>P 'eries 'oftware before 9:.3.1 allows ware remote attac$ers to cause a denial of service (device reload) via crafted #ac$ets, a$a 8ug %D ' tA3/300. cisco ++ The H.20? subsystem in isco TelePresence 2014-05-02 7.8 CVE-2014-2160 tele#resence,system,soft 'ystem M>P 'eries 'oftware before 9:.3.1 allows ware remote attac$ers to cause a denial of service (device reload) via crafted #ac$ets, a$a 8ug %D ' ty4?34?. cisco ++ The H.20? subsystem in isco TelePresence 2014-05-02 7.8 CVE-2014-2161 tele#resence,system,soft 'ystem M>P 'eries 'oftware before 9:.3.1 allows ware remote attac$ers to cause a denial of service (device reload) via crafted #ac$ets, a$a 8ug %D ' ty4?3;2. cisco ++ The '%P im#lementation in isco TelePresence T 2014-05-02 7.8 CVE-2014-2162 tele#resence,tc,software 'oftware 4.x and ?.x and TE 'oftware 4.x and <.0 allows remote attac$ers to cause a denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' ud2:?<<. cisco ++ The '%P im#lementation in isco TelePresence T 2014-05-02 7.8 CVE-2014-2163 tele#resence,tc,software 'oftware 4.x and ?.x and TE 'oftware 4.x allows remote attac$ers to cause a denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' ua<4:<2. cisco ++ The '%P im#lementation in isco TelePresence T 2014-05-02 7.8 CVE-2014-2164 tele#resence,tc,software 'oftware 4.x and ?.x and TE 'oftware 4.x and <.0 allows remote attac$ers to cause a denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' uB:4<?2. cisco ++ The '%P im#lementation in isco TelePresence T 2014-05-02 7.8 CVE-2014-2165 tele#resence,tc,software 'oftware 4.x and ?.x and TE 'oftware 4.x and <.0 allows remote attac$ers to cause a denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' tA30<::. cisco ++ The '%P im#lementation in isco TelePresence T 2014-05-02 7.8 CVE-2014-2166 tele#resence,tc,software 'oftware 4.x and T" 'oftware 4.x allows remote attac$ers to cause a denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %& ' to71?<0. cisco ++ The '%P im#lementation in isco TelePresence T 2014-05-02 7.8 CVE-2014-2167 tele#resence,tc,software 'oftware 4.x and ?.x and TE 'oftware 4.x and <.0 allows remote attac$ers to cause a denial of service (device reload) via crafted '%P #ac$ets, a$a 8ug %D ' ua/<?/:. cisco ++ 8uffer overflow in isco TelePresence T 2014-05-02 7.6 CVE-2014-2168 tele#resence,tc,software 'oftware 4.x and ?.x and TE 'oftware 4.x and <.0 allows remote attac$ers to e*ecute arbitrary code via crafted DNS res#onse #ac$ets, a$a 8ug %D ' ty44/14. cisco ++ isco TelePresence T 'oftware 4.x through <.x 2014-05-02 9.0 CVE-2014-2169 tele#resence,tc,software before <.2.1 and TE 'oftware 4.x and <.0 allow remote authenticated users to e*ecute arbitrary commands by using the commands as arguments to internal system scri#ts, a$a 8ug %D ' ue<1022. cisco ++ isco TelePresence T 'oftware 4.x and ?.x 2014-05-02 9.0 CVE-2014-2170 tele#resence,tc,software before ?.1.3 and <.x before <.0.2 and TE 'oftware 4.x and <.0 allow remote authenticated users to e*ecute arbitrary commands by using the commands as arguments to tshell (a$a tcsh) scri#ts, a$a 8ug %D ' ue<1010. cisco ++ Hea#+based buffer overflow in isco 2014-05-02 10.0 CVE-2014-2171 tele#resence,tc,software TelePresence T 'oftware 4.x through <.x before <.1.1 and TE 'oftware 4.x and <.0.x before <.0.2 allows remote attac$ers to e*ecute arbitrary code via crafted '%P #ac$ets, a$a 8ug %& ' ud823:<. cisco ++ isco TelePresence T 'oftware 4.x and ?.x and 2014-05-02 7.2 CVE-2014-2173 tele#resence,tc,software TE 'oftware 4.x and <.0 do not #ro#erly restrict access to the serial #ort, which allows local users to gain #rivileges via uns#ecified commands, a$a 8ug %D ' ub<3<:0. cisco ++ isco TelePresence T 'oftware 4.x and ?.x and 2014-05-02 7.8 CVE-2014-2175 tele#resence,tc,software TE 'oftware 4.x and <.0 allow remote attac$ers to cause a denial of service (memory consum#tion) via crafted H.20? #ac$ets, a$a 8ug %D ' tA3//4:. citri* ++ 6ns#ecified vulnerability in the Diffie+Hellman 2014-05-01 7.5 CVE-2014-2881 netscaler,access,gateway $ey agreement im#lementation in the ,firmware management 56% Cava a##let in itri* Net'caler -##lication &elivery ontroller (-& ) and Net'caler 5ateway before :.;+<<.5 and 21.x before 21.2+200.23 has un$nown im#act and vectors. citri* ++ 6ns#ecified vulnerability in the management 2014-05-01 7.5 CVE-2014-2882 netscaler,access,gateway 56% in itri* Net'caler -##lication Delivery ,firmware ontroller (-& ) and Net'caler 5ateway before :.;+<<.5 and 21.x before 21.1+200.13 has uns#ecified im#act and vectors, related to certificate validation. debian ++ dp$g Directory traversal vulnerability in the un#ac$ing 2014-04-30 9.3 CVE-2014-0471 functionality in dp$g before 2.1?.9, 2.1<.x before 2.2<.1;, and 2.23.x before 2.13./ allows remote attac$ers to write arbitrary files via a crafted source #ac$age, related to @ +style filename Auoting." fortinet ++ 9orti5uard 9orti-uthenticator before ;.0 allows 2014-04-30 9.0 CVE-2013-6990 fortiauthenticator remote administrators to gain #rivileges via the command line interface. fortinet ++ fortiweb 7L9 inBection vulnerability in 9orti5uard 2014-04-30 7.5 CVE-2014-1956 9orti.eb before ?.0.3 allows remote attac$ers to inBect arbitrary HTTP headers and conduct HTTP res#onse s#litting attac$s via uns#ecified vectors. google ++ android -ndroid before 4.4 does not #ro#erly arrange for 2014-04-29 7.5 CVE-2013-7373 seeding of the =#en''L P7NG, which ma$es it easier for attac$ers to defeat cry#togra#hic #rotection mechanisms by leveraging use of the P7NG within multi#le a##lications.
Load more

Recommended publications
  • Technique: HTTP the Java Way
    Technique: HTTP the Java way An article from Android in Practice EARLY ACCESS EDITION Charlie Collins, Michael D. Galpin, and Matthias Kaeppler MEAP Release: July 2010 Softbound print: Spring 2011 | 500 pages ISBN: 9781935182924 This article is taken from the book Android in Practice. The authors demonstrate how to send simple HTTP requests to a Web server using Java’s standard HTTP networking facilities. Tweet this button! (instructions here) Get 35% off any version of Android in Practice with the checkout code fcc35. Offer is only valid through www.manning.com. The standard Java class library already has a solution for HTTP messaging. An open-source implementation of these classes is bundled with Android’s class library, which is based on Apache Harmony. It’s simple and bare- bones in its structure and, while it supports features like proxy servers, cookies (to some degree), and SSL, the one thing that it lacks more than anything else is a class interface and component structure that doesn’t leave you bathed in tears. Still, more elaborate HTTP solutions are often wrappers around the standard Java interfaces and, if you don’t need all the abstraction provided, for example, by Apache HttpClient interfaces, the stock Java classes may not only be sufficient, they also perform much better thanks to a much slimmer, more low-level implementation. Problem You must perform simple networking tasks via HTTP (such as downloading a file) and you want to avoid the performance penalty imposed by the higher-level, much larger, and more complex Apache HttpClient implementation. Solution If you ever find yourself in this situation, you probably want to do HTTP conversations through a java.net.HttpURLConnection.
    [Show full text]
  • SUSE® LINUX Enterprise Jeos 11 Novell® Software License Agreement
    NOTICE: This document includes the SUSE Linux Enterprise JeOS 11 Novell Software License Agreement followed by other license agreements. By indicating your acceptance of these terms, including by use, you are agreeing to the terms and conditions of each these agreements. SUSE® LINUX Enterprise JeOS 11 Novell® Software License Agreement PLEASE READ THIS AGREEMENT CAREFULLY. BY INSTALLING OR OTHERWISE USING THE SOFTWARE (INCLUDING ITS COMPONENTS), YOU AGREE TO THE TERMS OF THIS AGREEMENT. IF YOU DO NOT AGREE WITH THESE TERMS, DO NOT DOWNLOAD, INSTALL OR USE THE SOFTWARE. RIGHTS AND LICENSES This Novell Software License Agreement ("Agreement") is a legal agreement between You (an entity or a person) and Novell, Inc. ("Novell"). The software product identified in the title of this Agreement, together with any media and accompanying documentation, is referred to in this Agreement as the "Software." The Software is protected by the copyright laws and treaties of the United States ("U.S.") and other countries and is subject to the terms of this Agreement. Any update or support release to the Software that You may download or receive that is not accompanied by a license agreement expressly superseding this Agreement is Software and governed by this Agreement; You must have a valid license for the version and quantity of the Software being updated or supported in order to install or use any such update or support release. The Software is a modular operating system comprised of numerous components that may be accompanied by separate license terms. The Software is a collective work of Novell; although Novell does not own the copyright to every component of the Software, Novell owns the collective work copyright for the Software.
    [Show full text]
  • Open Source Used in Cisco Unity Connection 11.5 SU 1
    Open Source Used In Cisco Unity Connection 11.5 SU 1 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: 78EE117C99-132949842 Open Source Used In Cisco Unity Connection 11.5 SU 1 1 This document contains licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of any source code to which you may be entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License), please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-132949842 Contents 1.1 ace 5.3.5 1.1.1 Available under license 1.2 Apache Commons Beanutils 1.6 1.2.1 Notifications 1.2.2 Available under license 1.3 Apache Derby 10.8.1.2 1.3.1 Available under license 1.4 Apache Mina 2.0.0-RC1 1.4.1 Available under license 1.5 Apache Standards Taglibs 1.1.2 1.5.1 Available under license 1.6 Apache STRUTS 1.2.4. 1.6.1 Available under license 1.7 Apache Struts 1.2.9 1.7.1 Available under license 1.8 Apache Xerces 2.6.2. 1.8.1 Notifications 1.8.2 Available under license 1.9 axis2 1.3 1.9.1 Available under license 1.10 axis2/cddl 1.3 1.10.1 Available under license 1.11 axis2/cpl 1.3 1.11.1 Available under license 1.12 BeanUtils(duplicate) 1.6.1 1.12.1 Notifications Open Source Used In Cisco Unity Connection
    [Show full text]
  • Apache Harmony Project Tim Ellison Geir Magnusson Jr
    The Apache Harmony Project Tim Ellison Geir Magnusson Jr. Apache Harmony Project http://harmony.apache.org TS-7820 2007 JavaOneSM Conference | Session TS-7820 | Goal of This Talk In the next 45 minutes you will... Learn about the motivations, current status, and future plans of the Apache Harmony project 2007 JavaOneSM Conference | Session TS-7820 | 2 Agenda Project History Development Model Modularity VM Interface How Are We Doing? Relevance in the Age of OpenJDK Summary 2007 JavaOneSM Conference | Session TS-7820 | 3 Agenda Project History Development Model Modularity VM Interface How Are We Doing? Relevance in the Age of OpenJDK Summary 2007 JavaOneSM Conference | Session TS-7820 | 4 Apache Harmony In the Beginning May 2005—founded in the Apache Incubator Primary Goals 1. Compatible, independent implementation of Java™ Platform, Standard Edition (Java SE platform) under the Apache License 2. Community-developed, modular architecture allowing sharing and independent innovation 3. Protect IP rights of ecosystem 2007 JavaOneSM Conference | Session TS-7820 | 5 Apache Harmony Early history: 2005 Broad community discussion • Technical issues • Legal and IP issues • Project governance issues Goal: Consolidation and Consensus 2007 JavaOneSM Conference | Session TS-7820 | 6 Early History Early history: 2005/2006 Initial Code Contributions • Three Virtual machines ● JCHEVM, BootVM, DRLVM • Class Libraries ● Core classes, VM interface, test cases ● Security, beans, regex, Swing, AWT ● RMI and math 2007 JavaOneSM Conference | Session TS-7820 |
    [Show full text]
  • Android Geeknight Presentation 2011-03
    Android Geek Night 3.0 Per Nymann Jørgensen [email protected] Niels Sthen Hansen [email protected] Android Geek Night 3.0 Android at a glance New features in Gingerbread & Honeycomb Demos & Code Android 101 Operating system targeting mobile devices/Tables devices Linux based - with additions Open source under the Apache License Allows development in Java Share of worldwide 2010 Q4 smartphone sales to end users by Or Scala, JRuby, Groovy .. operating system, according toCanalys.[35] Two new versions just came out.. Android 101 - Dalvik VM Virtual machine developed by Google for mobile devices Uses the Dalvik Executable (.dex) format Designed for limited processing power and memory Register-based architecture as opposed to stack machine Java VMs Class library based on Apache Harmony No AWT, Swing No Java ME Android 101 - SDK Android libraries The SDK and AVD manager, for maintaining the SDK components and creating virtual devices LogCat to capture logs from running device DDMS – Dalvik Debug Monitor Tools to convert Java .class files to Dalvik bytecode and create installable .apk files Plugin for Eclipse - Android Development Tools (ADT) Android 101 - Components Activity GUI Service non-GUI Broadcast Receiver Events Content Provider Exposing data/content across applications An Android application can be seen as a collection of components. Android API 10 New stuff New Sensors / New Sensor APIs Gyroscope Rotation vector Acceleration Linear acceleration (acceleration without gravity) Gravity (gravity without acceleration) Barometer (air pressure) Android API 10 New stuff NFC Short range wireless communication. Do not require discovery or pairing Supported mode as of 2.3.3 (reader/writer/P2P limited) Enable application like Mobile ticketing (dare we say rejsekort), Smart poster, etc.
    [Show full text]
  • Reading the Runes for Java Runtimes the Latest IBM Java Sdks
    Java Technology Centre Reading the runes for Java runtimes The latest IBM Java SDKs ... and beyond Tim Ellison [email protected] © 2009 IBM Corporation Java Technology Centre Goals . IBM and Java . Explore the changing landscape of hardware and software influences . Discuss the impact to Java runtime technology due to these changes . Show how IBM is leading the way with these changes 2 Mar 9, 2009 © 2009 IBM Corporation Java Technology Centre IBM and Java . Java is critically important to IBM – Provides fundamental infrastructure to IBM software portfolio – Delivers standard development environment – Enables cost effective multi platform support – Delivered to Independent Software Vendors supporting IBM server platforms . IBM is investing strategically in virtual machine technology – Since Java 5.0, a single Java platform technology supports ME, SE and EE – Technology base on which to delivery improved performance, reliability and serviceability • Some IBM owned code (Virtual machine, JIT compiler, ...) • Some open source code (Apache XML parser, Apache Core libraries, Zlib, ...) • Some Sun licensed code (class libraries, tools, ...) . Looking to engender accelerated and open innovation in runtime technologies – Support for Eclipse, Apache (Harmony, XML, Derby, Geronimo, Tuscany) – Broad participation of relevant standards bodies such as JCP and OSGi 3 Mar 9, 2009 © 2009 IBM Corporation Java Technology Centre IBM Java – 2009 key initiatives . Consumability – Deliver value without complexity. – Ensure that problems with our products can be addressed quickly, allowing customers to keep focus on their own business issues. – Deliver a consistent model for solving customer problems. “Scaling Up” - Emerging hardware and applications – Provide a Java implementation that can scale to the most demanding application needs.
    [Show full text]
  • Tutorial I: STM in Managed Runtimes
    Schedule of IISWC Tutorials and Workshops Morning Session, September 29 (Saturday) Tutorial I: STM in Managed Runtimes The influential article "The Landscape of Parallel Computing Research: A View From Berkeley” suggests the only path toward significantly faster CPUs is chip multiprocessing. Programmers will simply have to adapt by writing concurrent code, regardless of any consequential problems with threads. An important trend in application development is that new applications are being developed based on a Managed Runtime Environment (MRTE) such as Java or .NET. These languages provide features such as garbage collection and dynamic class loading that require a managed runtime system (i.e. the Java Virtual Machine (JVM) for Java and .NET for C#). Software transactional memory (STM) promises to alleviate the difficulty of programming using conventional mechanisms such as locks in a threaded environment. In this tutorial we will describe the various mechanisms that are available for software developers to implement transactional applications in Managed Runtimes. We will then use a case study to delve into the workload characteristics when run under a Software Transactional memory system. The case study will be based on workloads and a runtime developed using the Apache Harmony Environment and the High Performance McRT (Multicore Runtime) STM. Apache Harmony (http://harmony.apache.org) is the open source Java SE implementation done under Apache License v2. McRT STM is a high performance runtime environment. The workloads we will characterize and demonstrate include simple micros as well as large multithreaded Java applications. Speakers: Suresh Srinivas is a Principal Engineer in the Software Solutions Group within Intel Corporation where he is currently focused on new technology development using open source technologies.
    [Show full text]
  • Software Wars, Business Strategies and IP Litigation
    VIRTUAL REALITIES Software wars, business strategies and IP litigation Jim Farmer of immagic enters the battle field of software litigation and looks at defence tactics mmediately after Oracle America filed a Oracle would be providing OpenOffice in the existing Java investments and the patent infringement suit against Google Cloud software. Oracle can still do that using OpenJDK reference implementation. Inc in August 2010 the trade press labelled either OpenOffice or LibreOffice, but now Specifically, the companies will this a “software war”. Their interest was does not have any control over the LibreOffice collaborate in the OpenJDK a trial featuring Oracle’s “star” counsel product or any of the developers that left the community to develop the leading IDavid Boies. In mid-January Florian Mueller of OpenOffice project. Moreover, LibreOffice is open source Java environment.” NoSoftwarePatents, wrote “Google is patently now covered by European and German, rather too weak to protect Android – Google’s cell than US, law. There was no announcement from IBM. phone software.”1 By the end of March he had Oracle America also maintains and supports IBM has had a long and productive counted 39 patent infringement suits against the MySQL database management system; relationship with open-source communities. In Google2. Whether Oracle wins Oracle v Google a potential competitor with Oracle’s product. establishing the Apache Foundation 1999, IBM or not, Oracle and IBM may become losers. MySQL had always had two versions – one legal staff spent more than a year obtaining It is important that Oracle does not alienate unsupported open-source version available at agreements with every contributor to Apache’s the software development community or its no cost, and another that included technical software to ensure no contributor could claim customers as it attempts to monetise the assets support and some additional features.
    [Show full text]
  • Customizable and Extensible Deployment for Mobile/Cloud Applications Irene Zhang Adriana Szekeres Dana Van Aken Isaac Ackerman Steven D
    Customizable and Extensible Deployment for Mobile/Cloud Applications Irene Zhang Adriana Szekeres Dana Van Aken Isaac Ackerman Steven D. Gribble∗ Arvind Krishnamurthy Henry M. Levy University of Washington Abstract between application requirements and deployment de- cisions leads programmers to mix deployment decisions Modern applications face new challenges in manag- with complex application logic in the code, which makes ing today’s highly distributed and heterogeneous envi- mobile/cloud applications difficult to implement, debug, ronment. For example, they must stitch together code maintain, and evolve. Even worse, the rapid evolution of that crosses smartphones, tablets, personal devices, and devices, networks, systems, and applications means that cloud services, connected by variable wide-area net- the trade-offs that impact these deployment decisions are works, such as WiFi and 4G. This paper describes Sap- constantly in flux. For all of these reasons, programmers , a distributed programming platform that simplifies phire need a flexible system that allows them to easily create the programming of today’s mobile/cloud applications. and modify distributed application deployments without Sapphire’s key design feature is its distributed runtime needing to rewrite major parts of their application. system, which supports a flexible and extensible deploy- ment layer for solving complex distributed systems tasks, This paper presents Sapphire, a general-purpose such as fault-tolerance, code-offloading, and caching. distributed programming platform that greatly simplifies Rather than writing distributed systems code, program- the design and implementation of applications spanning mers choose deployment managers that extend Sapphire’s mobile devices and clouds. Sapphire removes much of kernel to meet their applications’ deployment require- the complexity of managing a wide-area, multi-platform ments.
    [Show full text]
  • (F/K/A LCCP) Open Source Disclosure
    Below are the licenses for open source software used in the LCCP product and platform. You may download certain source code (as required by applicable licenses below) from verizon.com/opensource. 1. Xerces 3.1.1 2. Libtins 3. G3log v1.1 4. Winpcap v4.1.0.902 5. jersey-container-servlet-core 2.23.1 6. jersey-media-moxy 2.23.1 7. jersey-container-servlet 2.7 8. jersey-media-multipart 2.23.2 9. jersey-media-json-jackson 2.23.2 10. derby 10.12.1.1 11. Log4j 1.2.17 12. quartz 2.2.1 13. jetty-server/jetty-servlet/jetty-webapp 9.2.3.v20140905 14. commons-dbcp 1.4 15. json 20160810 16. gson 2.7 17. mimepull 1.9.3 18. poi 3.15 19. poi-ooxml 3.15 20. ibatis-sqlmap 2.3.0 21. commons-net 3.4 22. commons-lang 3 23. Angular JS/Angular Cookies/Angular Routes/Angular Sanitize 1.5.7 24. Angular ToolTips 1.1.7 25. Google Material Design 26. jQuery v3.0 27. ngDraggable 28. Simple Pagination 29. Animation 3.5.1 30. Freemarker library 2.3.25 31. jetty-runner 9 32. jersey-client 1.8 33. jersey-core 1.8 34. jackson-core-asl-1.7.1 35. jackson-mapper-asl-1.7.1 36. device-api 0.3.2 37. ddmlib 24.5.0 38. ADB 39. AdbWinAPI.dll 40. NVD 3 1.8.1 41. JSCH – 0.1.55 42. Libssh2 – 0.74 43. COMMON DEVELOPMENT AND DISTRIBUTION LICENSE (CDDL) Version 1.1 44.
    [Show full text]
  • Fairplay License Server
    Open Source Used In Fairplay DRM License 1.0.4 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices. Text Part Number: 78EE117C99-142022930 Open Source Used In Fairplay DRM License 1.0.4 1 This document contains licenses and notices for open source software used in this product. With respect to the free/open source software listed in this document, if you have any questions or wish to receive a copy of any source code to which you may be entitled under the applicable free/open source license(s) (such as the GNU Lesser/General Public License), please contact us at [email protected]. In your requests please include the following reference number 78EE117C99-142022930 Contents 1.1 Apache Commons Codec 1.3. 1.1.1 Available under license 1.2 Apache Commons Lib Apache 2.0 1.2.1 Available under license 1.3 Apache Commons Lib Apache 2.0 1.3.1 Available under license 1.4 Apache Derby 10.10.1.1 1.4.1 Available under license 1.5 Apache HTTP Server 2.2.9 1.5.1 Available under license 1.6 Apache Jakarta Commons Configuration 1.9 1.6.1 Available under license 1.7 Apache Jakarta Commons HttpClient 3.1 1.7.1 Available under license 1.8 Apache Jakarta Commons Lang 3.1 1.8.1 Available under license 1.9 Apache Log4j 1.2.16 1.9.1 Available under license 1.10 apache-log4j 1.2.15 1.10.1 Available under license 1.11 apache-log4j 1.2.15 :DUPLICATE 1.11.1 Available under license 1.12 args4j 2.0.12 1.12.1 Available under
    [Show full text]
  • Space-And-Time Efficient Garbage Collectors for Parallel Systems
    Space-and-Time Efficient Garbage Collectors for Parallel Systems Shaoshan Liu Ligang Wang Xiao-Feng Li University of California, Irvine Intel China Research Center Intel China Research Center [email protected] [email protected] [email protected] Jean-Luc Gaudiot University of California, Irvine [email protected] ABSTRACT large heaps running on modern servers present new challenges as As multithreaded server applications and runtime systems prevail, far as designing suitable garbage collectors is concerned. garbage collection is becoming an essential feature to support Particularly, server applications are required to operate high performance systems. The fundamental issue of garbage continuously and remain highly responsive to frequent client collector (GC) design is to maximize the recycled space with requests. Thus the garbage collector should impose minimum minimal time overhead. This paper proposes two innovative pause time while providing maximum throughput. On the other solutions: one to improve space efficiency, and the other to hand, increasingly parallel multicore systems will be used even in improve time efficiency. To achieve space efficiency, we propose low-end devices that impose real-time constraints. When garbage the Space Tuner that utilizes the novel concept of allocation speed collection is used in these systems, its impact on the overall to reduce wasted space. Conventional static space partitioning performance needs to be minimized so as to meet the real-time techniques often lead to inefficient space utilization. The Space constraints. Meanwhile, garbage collection needs to be effective Tuner adjusts the heap partitioning dynamically such that when a in recycling space, especially when the available memory space is collection is triggered, all space partitions are fully filled.
    [Show full text]