Was bringt den die Ausgabe von ldd /home/karsten/ffmpeg/ffmpeg
Beiträge von Micha
-
-
Schon lange her bei mir, aber ich würde sagen beim erstellen der ersten Domain wird abgefragt ob diese alleine oder shared genutzt werden soll. Zumindest beim erstellen der zweiten Domain kommt die Abfrage welche IP genutzt werden soll.
-
Hallo,
habe die 200MB mal eingestellt.
Bitte drauf achten, dass der Server beim convertieren von solch großen Videos ordentlich zu tun hat !
PS: ACP habe ich noch vergessen, mache ich aber gleich ....
-
Wenn nur eine IP vorhanden, dann wird diese doppelt genutzt. Bei Plesk mußt da "gemeinsam verwendet" eingestellt werden.
Alternativ eine zweite IP bestellen, die ist aber kostenpflichtig.
Bei mir laufen 5 Domains unter einer IP ist eigentlich kein Problem.
-
Hallo,
wie gehabt, Daten zusenden und dann mach ich das.
-
Hallo,
wenn Du mir noch mal die Zugangsdaten zusendest kann ich das machen.
-
Hallo,
wenn Du die flvideo_converter.php manuell aufrufst, wird da wenigstens schon ein Video konvertiert?
Wenn nein, dann läuft flvideo bzw. ffmpeg noch nicht und der cron läuft logischerweise ins Leere.
-
Package : mahara
Vulnerability : insufficient input sanitization
Problem type : remote
Debian-specific: no
CVE ID : no CVE ids yetIt was discovered that mahara, an electronic portfolio, weblog, and resume
builder is prone to several cross-site scripting attacks, which allow an
attacker to inject arbitrary HTML or script code and steal potential sensitive
data from other users.The oldstable distribution (etch) does not contain mahara.
For the stable distribution (lenny), this problem has been fixed in
version 1.0.4-4+lenny3.For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1.1.5-1.We recommend that you upgrade your mahara packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 5.0 alias lenny
-
Package : amule
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id : CVE-2009-1440
Debian Bug : 525078Sam Hocevar discovered that amule, a client for the eD2k and Kad
networks, does not properly sanitise the filename, when using the
preview function. This could lead to the injection of arbitrary commands
passed to the video player.For the stable distribution (lenny), this problem has been fixed in
version 2.2.1-1+lenny2.The oldstable distribution (etch) is not affected by this issue.
For the testing distribution (squeeze) this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 2.2.5-1.1.We recommend that you upgrade your amule packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 5.0 alias lenny
-
Package : xulrunner
Vulnerability : several vulnerabilities
Problem type : remote
Debian-specific: no
CVE IDs : CVE-2009-1392 CVE-2009-1832 CVE-2009-1833 CVE-2009-1834 CVE-2009-1835
CVE-2009-1836 CVE-2009-1837 CVE-2009-1838 CVE-2009-1839 CVE-2009-1840
CVE-2009-1841Several remote vulnerabilities have been discovered in Xulrunner, a
runtime environment for XUL applications, such as the Iceweasel web
browser. The Common Vulnerabilities and Exposures project identifies the
following problems:CVE-2009-1392
Several issues in the browser engine have been discovered, which can
result in the execution of arbitrary code. (MFSA 2009-24)CVE-2009-1832
It is possible to execute arbitrary code via vectors involving "double
frame construction." (MFSA 2009-24)CVE-2009-1833
Jesse Ruderman and Adam Hauner discovered a problem in the JavaScript
engine, which could lead to the execution of arbitrary code.
(MFSA 2009-24)CVE-2009-1834
Pavel Cvrcek discovered a potential issue leading to a spoofing attack
on the location bar related to certain invalid unicode characters.
(MFSA 2009-25)CVE-2009-1835
Gregory Fleischer discovered that it is possible to read arbitrary
cookies via a crafted HTML document. (MFSA 2009-26)CVE-2009-1836
Shuo Chen, Ziqing Mao, Yi-Min Wang and Ming Zhang reported a potential
man-in-the-middle attack, when using a proxy due to insufficient checks
on a certain proxy response. (MFSA 2009-27)CVE-2009-1837
Jakob Balle and Carsten Eiram reported a race condition in the
NPObjWrapper_NewResolve function that can be used to execute arbitrary
code. (MFSA 2009-28)CVE-2009-1838
moz_bug_r_a4 discovered that it is possible to execute arbitrary
JavaScript with chrome privileges due to an error in the
garbage-collection implementation. (MFSA 2009-29)CVE-2009-1839
Adam Barth and Collin Jackson reported a potential privilege escalation
when loading a file::resource via the location bar. (MFSA 2009-30)CVE-2009-1840
Wladimir Palant discovered that it is possible to bypass access
restrictions due to a lack of content policy check, when loading a
script file into a XUL document. (MFSA 2009-31)CVE-2009-1841
moz_bug_r_a4 reported that it is possible for scripts from page content
to run with elevated privileges and thus potentially executing arbitrary
code with the object's chrome privileges. (MFSA 2009-32)For the stable distribution (lenny), these problems have been fixed in
version 1.9.0.11-0lenny1.As indicated in the Etch release notes, security support for the
Mozilla products in the oldstable distribution needed to be stopped
before the end of the regular Etch security maintenance life cycle.
You are strongly encouraged to upgrade to stable or switch to a still
supported browser.For the testing distribution (squeeze), these problems will be fixed
soon.For the unstable distribution (sid), these problems have been fixed in
version 1.9.0.11-1.We recommend that you upgrade your xulrunner packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 5.0 alias lenny
-
Package : vlc
Vulnerability : several vulnerabilities
Problem type : local (remote)
Debian-specific: no
CVE Ids : CVE-2008-1768 CVE-2008-1769 CVE-2008-1881 CVE-2008-2147
CVE-2008-2430 CVE-2008-3794 CVE-2008-4686 CVE-2008-5032
Debian Bugs : 478140 477805 489004 496265 503118 504639 480724Several vulnerabilities have been discovered in vlc, a multimedia player
and streamer. The Common Vulnerabilities and Exposures project
identifies the following problems:CVE-2008-1768
Drew Yao discovered that multiple integer overflows in the MP4 demuxer,
Real demuxer and Cinepak codec can lead to the execution of arbitrary
code.CVE-2008-1769
Drew Yao discovered that the Cinepak codec is prone to a memory
corruption, which can be triggered by a crafted Cinepak file.CVE-2008-1881
Luigi Auriemma discovered that it is possible to execute arbitrary code
via a long subtitle in an SSA file.CVE-2008-2147
It was discovered that vlc is prone to a search path vulnerability,
which allows local users to perform privilege escalations.CVE-2008-2430
Alin Rad Pop discovered that it is possible to execute arbitrary code
when opening a WAV file containing a large fmt chunk.CVE-2008-3794
Pınar Yanardağ discovered that it is possible to execute arbitrary code
when opening a crafted mmst link.CVE-2008-4686
Tobias Klein discovered that it is possible to execute arbitrary code
when opening a crafted .ty file.CVE-2008-5032
Tobias Klein discovered that it is possible to execute arbitrary code
when opening an invalid CUE image file with a crafted header.For the oldstable distribution (etch), these problems have been fixed
in version 0.8.6-svn20061012.debian-5.1+etch3.For the stable distribution (lenny), these problems have been fixed in
version 0.8.6.h-4+lenny2, which was already included in the lenny
release.For the testing distribution (squeeze) and the unstable distribution
(sid), these problems have been fixed in version 0.8.6.h-5.We recommend that you upgrade your vlc packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 4.0 alias etch
-
Package : gforge
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE IDs : CVE ids pendingLaurent Almeras and Guillaume Smet have discovered a possible SQL
injection vulnerability and cross-site scripting vulnerabilities in
gforge, a collaborative development tool. Due to insufficient input
sanitising, it was possible to inject arbitrary SQL statements and use
several parameters to conduct cross-site scripting attacks.For the stable distribution (lenny), these problem have been fixed in
version 4.7~rc2-7lenny1.The oldstable distribution (etch), these problems have been fixed in
version 4.5.14-22etch11.For the testing distribution (squeeze), these problems will be fixed
soon.For the unstable distribution (sid), these problems have been fixed in
version 4.7.3-2.We recommend that you upgrade your gforge packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 4.0 alias etch
-
Package : ctorrent
Vulnerability : stack-based buffer overflow
Problem type : local (remote)
Debian-specific: no
Debian bug : 530255
CVE ID : CVE-2009-1759Michael Brooks discovered that ctorrent, a text-mode bittorrent client,
does not verify the length of file paths in torrent files. An attacker
can exploit this via a crafted torrent that contains a long file path to
execute arbitrary code with the rights of the user opening the file.The oldstable distribution (etch) does not contain ctorrent.
For the stable distribution (lenny), this problem has been fixed in
version 1.3.4-dnh3.2-1+lenny1.For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1.3.4-dnh3.2-1.1.We recommend that you upgrade your ctorrent packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 5.0 alias lenny
-
Package : apache2
Vulnerability : insufficient security check
Problem type : local
Debian-specific: no
CVE Id(s) : CVE-2009-1195It was discovered that the Apache web server did not properly handle
the "Options=" parameter to the AllowOverride directive:In the stable distribution (lenny), local users could (via .htaccess)
enable script execution in Server Side Includes even in configurations
where the AllowOverride directive contained only
Options=IncludesNoEXEC.In the oldstable distribution (etch), local users could (via
.htaccess) enable script execution in Server Side Includes and CGI
script execution in configurations where the AllowOverride directive
contained any "Options=" value.For the stable distribution (lenny), this problem has been fixed in
version 2.2.9-10+lenny3.The oldstable distribution (etch), this problem has been fixed in
version 2.2.3-4+etch8.For the testing distribution (squeeze) and the unstable distribution
(sid), this problem will be fixed in version 2.2.11-6.This advisory also provides updated apache2-mpm-itk packages which
have been recompiled against the new apache2 packages (except for the
s390 architecture where updated packages will follow shortly).We recommend that you upgrade your apache2 packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 4.0 alias etch
-
Package : libtorrent-rasterbar
Vulnerability : programming error
Problem type : local(remote)
Debian-specific: no
CVE Id(s) : CVE-2009-1760It was discovered that the Rasterbar Bittorrent library performed
insufficient validation of path names specified in torrent files, which
could lead to denial of service by overwriting files.The old stable distribution (etch) doesn't include libtorrent-rasterbar.
For the stable distribution (lenny), this problem has been fixed in
version 0.13.1-2+lenny1.For the unstable distribution (sid), this problem has been fixed in
version 0.14.4-1.We recommend that you upgrade your libtorrent-rasterbar package.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 5.0 alias lenny
-
Package : libsndfile
Vulnerability : heap-based buffer overflow
Problem type : local (remote)
Debian-specific: no
Debian bug : 528650
CVE ID : CVE-2009-1788 CVE-2009-1791Two vulnerabilities have been found in libsndfile, a library to read
and write sampled audio data. The Common Vulnerabilities and Exposures
project identified the following problems:Tobias Klein discovered that the VOC parsing routines suffer of a heap-based
buffer overflow which can be triggered by an attacker via a crafted VOC
header (CVE-2009-1788 ).The vendor discovered that the AIFF parsing routines suffer of a heap-based
buffer overflow similar to CVE-2009-1788 which can be triggered by an attacker
via a crafted AIFF header (CVE-2009-1791).In both cases the overflowing data is not completely attacker controlled but
still leads to application crashes or under some circumstances might still
lead to arbitrary code execution.For the oldstable distribution (etch), this problem has been fixed in
version 1.0.16-2+etch2.For the stable distribution (lenny), this problem has been fixed in
version 1.0.17-4+lenny2.For the testing distribution (squeeze), this problem will be fixed soon.
For the unstable distribution (sid), this problem has been fixed in
version 1.0.20-1.We recommend that you upgrade your libsndfile packages.
Upgrade instructions
- --------------------wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.If you are using the apt-get package manager, use the line for
sources.list as given below:apt-get update
will update the internal database
apt-get upgrade
will install corrected packagesYou may use an automated update by adding the resources from the
footer to the proper configuration.Debian GNU/Linux 4.0 alias etch
-
Hier die Anleitung für Strato Kunden um auf Plesk 9.x zu kommen.
Einfach probieren und das mit dem /usr/local/psa/admin/bin/autoinstaller mußte ich bei mir auch ausführen, da Plesk offensichtlich nicht alle Pakete über das Update aktualisiert.
-
Hallo,
vorher den alten Server auf Plesk 9.2.1 bringen und dort eine Sicherung des kompleten Servers über die Plesk Backup Funktion machen.
Neuen Server aufsetzen, diesen auch auf Plesk 9.2.1 bringen und dann Backup über Plesk einspielen. Habe ich gerade selber durchgeführt. Schneller geht es nicht und vor allem werden alle Kunden und Webs ohne jegliche manuelle Konfiguration wieder hergestellt.
-
1. Wir legen ein Verzeichniss login für den neuen User im Ordner /home/ an.
cd /home/
mkdir login2. Neuen User anlegen in der Gruppe users, bei mir login und diesen als Standardshell Bash geben.
useradd -g users -d /home/login -s /bin/bash login
3. Den User login das Passwort vergeben.passwd login
Im Dialog ein Passwort vergeben, Groß- und Kleinbuchstaben und Sonderzeichen mitbenutzen. Ein sicheres Passwort hat mindestens 8 Stellen.
4. Mit dem neuen Benutzer auf einer zweiten eröffneten Konsole einloggen.
5. Wenn das klappt, mit der root Konsole die Datei /etc/ssh/sshd_config editieren und in der Zeile
PermitRootLogin yes auf
PermitRootLogin no ändern.Gegebenfalls noch die Raute # vor dieser Zeile entfernen.
6. Die ssh_config neu laden
/etc/init.d/sshd reload (für SUSE)
/etc/init.d/ssh reload (für Debian)7. Mit dem neuen User login einlogen und mit su - zu root wechseln. Rootpasswort eingeben und fertig.
-
Hat nun länger gedauert wie ich dachte , aber nun ist der Systemwechsel vollzogen.
Es gab verschiedene Probleme die im Rechenzentrum (Softwarereset) bzw. beim Hersteller der Plesksoftware ihre Ursachen hatten. Nun ist aber alles bereinigt und ich wünsche allen viel Spaß weiter an Board.