USN-4744-1: OpenLDAP vulnerability

Pasi Saarinen discovered that OpenLDAP incorrectly handled certain short
timestamps. A remote attacker could possibly use this issue to cause
OpenLDAP to crash, resulting in a denial of service.



USN-4743-1: GDK-PixBuf vulnerability

It was discovered that the GDK-PixBuf library did not properly handle
certain GIF images. If an user or automated system were tricked into
opening a specially crafted GIF file, a remote attacker could use this flaw
to cause GDK-PixBuf to crash, resulting in a denial of service.



USN-4742-1: Django vulnerability

It was discovered that Django incorrectly accepted semicolons as query
parameters. A remote attacker could possibly use this issue to perform a
Web Cache Poisoning attack.



How To: Install ‘gedit’ With All The Bells and Whistles

There are many text editors out there, but gedit is a perennial favorite. There are also many plugins to extend gedit, and this is an easy way to install a bunch at once.

gedit, the default editor for the Gnome desktop environment, is a part of the GNOME Core Applications and is available in pretty much every distro. It also doesn’t actually need a lot of additional dependencies, which helps make it useful for most any popular desktop environment.

You can use gedit for anything, from programming to writing markup for your website. You can use it as a plain text editor and there are many ways to extend it, to add functionality not included by default. There are plugins to highlight syntax, to auto-complete words, to auto-close brackets, etc. You can make it do all sorts of things you’d not expect from a plain text editor.

Given that disk space is absurdly cheap these days, I don’t see any reason to not just go ahead and install as many plugins at once as I can. I may not use them all, but I’ll use most of them and I can just not enable those that I don’t want to use. So, how to install it all at once?

Crack open your terminal with CTRL + ALT + T and enter the following:

[code]sudo apt install gedit gedit-plugins-common gedit-plugin-*[/code]

So, what’s going on there? You can string together applications with aptitude and this is installing gedit first, a pack of common plugins, and then every other plugin that uses the ‘gedit-plugin-*’ format and is in the repositories.

If you don’t already know, the asterisk is known as a wildcard. A wildcard basically means, “any character.” So, foo* is anything from fool to foolish and foob* is anything from foobar to foob-gibberish183742 or whatever. It’s unlike the question mark, which only matches one character, in that it means any and all characters.

It should be noted that this only installs the plugins. You still can’t use them until you enable them. To select them, you need to first open ‘gedit’ (which will almost certainly be called “Text Editor” in your application menu) and click on preferences where you can navigate to the right-most tab and enable them. It looks like this:

gedit preferences
Select plugins ’til you’re satisfied!

If you did this properly,  you should now have a bunch of plugins enabled and not have to hunt them down, one by one, trying to find and install them manually. Is this a bit of overkill? Perhaps, but disk space is cheap and the entire thing takes up less than 19 additional MB on my system.

Like always, thanks for reading. Scroll up and look right. Toss your name and email address in there and you’ll get notified of new articles. I promise, I won’t spam you. You ain’t even gotta use your real name!




How To: Enable Password-less SUDO.

This isn’t the smartest thing you can do. In fact, you probably shouldn’t do this. But, if you are comfortable with your physical security, you can use sudo without a password.

In my case, there’s not a whole lot folks are going to do with sudo on my computer. Anyone with physical access to my device is someone that I trust. I also run a ton of commands when hanging out in the support sites and I am frankly just tired of typing my password when I use sudo.

So, let’s get rid of it. Start by pressing CTRL + ALT + T, and then enter:

[code]sudo nano /etc/sudoers[/code]

Scroll down to the bottom and add this line:

[code]<your_username>  ALL=(ALL) NOPASSWD:ALL[/code]

Where “<your_username>” substitute it with your actual username on your computer. Now save it with:

CTRL + X

Y

ENTER

See that? You also may have just learned how use ‘nano’ to edit and save a text file while in the terminal. Pretty neat, huh? Anyhow, scroll up a little and look to the right. There’s a spot where you can enter a name and email address. If you do that (and confirm the email address) then you’ll get handy notices in the email when there’s a new article. I promise, I won’t send you a single non-site related email – ever.