Page MenuHomeDevCentral
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Jul 14 2015

dereckson added a comment to T494: Dwellers should allow escalation from ops@ to root@.

System log

Jul 14 2015, 18:21 · security, Nasqueron Docker deployment squad
dereckson created T494: Dwellers should allow escalation from ops@ to root@.
Jul 14 2015, 17:59 · security, Nasqueron Docker deployment squad
dereckson added a comment to T488: Upgrade PHP related images to 5.6.11.

Build ok for nasqueron/nginx-php-fpm

Jul 14 2015, 00:12 · security, Nasqueron Docker deployment squad

Jul 13 2015

dereckson added a revision to T492: When using a front-end server with SSL termination, back-end serves http:// links.: D25: Allow to serve https:// links behind a front-end server with SSL termination.
Jul 13 2015, 20:53 · security, Auth Grove
dereckson removed a revision from T492: When using a front-end server with SSL termination, back-end serves http:// links.: D24: Enum.
Jul 13 2015, 20:35 · security, Auth Grove
dereckson added a revision to T492: When using a front-end server with SSL termination, back-end serves http:// links.: D24: Enum.
Jul 13 2015, 20:23 · security, Auth Grove
dereckson moved T492: When using a front-end server with SSL termination, back-end serves http:// links. from Backlog to Working on on the Auth Grove board.
Jul 13 2015, 20:16 · security, Auth Grove
dereckson triaged T492: When using a front-end server with SSL termination, back-end serves http:// links. as High priority.
Jul 13 2015, 20:16 · security, Auth Grove
dereckson added projects to T492: When using a front-end server with SSL termination, back-end serves http:// links.: Auth Grove, security.
Jul 13 2015, 20:16 · security, Auth Grove
dereckson added a project to T490: Updated Fauve SSH key on Ysul: security.
Jul 13 2015, 02:55 · security, Servers
dereckson closed T489: Upgrade PHP to 5.6.11 on Ysul as Resolved.

System log

Jul 13 2015, 02:00 · security, Servers
dereckson claimed T489: Upgrade PHP to 5.6.11 on Ysul.
Jul 13 2015, 01:57 · security, Servers
dereckson created T489: Upgrade PHP to 5.6.11 on Ysul.
Jul 13 2015, 01:56 · security, Servers
dereckson created T488: Upgrade PHP related images to 5.6.11.
Jul 13 2015, 01:56 · security, Nasqueron Docker deployment squad

Jul 9 2015

dereckson closed T458: Security issue with Node on Ysul as Resolved.

Ysul system log
Jul 9 19:44:16 ysul pkg: python27 upgraded: 2.7.9_1 -> 2.7.10
Jul 9 19:44:21 ysul pkg: node upgraded: 0.12.4 -> 0.12.6

Jul 9 2015, 19:53 · security, Servers
dereckson triaged T458: Security issue with Node on Ysul as Low priority.

Priority set to low, as we don't have prod Node instance on Ysul.

Jul 9 2015, 17:37 · security, Servers
dereckson updated the task description for T458: Security issue with Node on Ysul.
Jul 9 2015, 15:24 · security, Servers
dereckson added a project to T458: Security issue with Node on Ysul: security.
Jul 9 2015, 15:24 · security, Servers

Jul 6 2015

dereckson added a project to T453: Installed AEScrypt on Ysul and Dwellers: security.
Jul 6 2015, 13:11 · security, Servers

Jul 5 2015

dereckson closed T450: Upgrade PHP extensions package on Ysul to 5.6.10 as Resolved.

Operation log

Jul 5 2015, 12:21 · Servers, security
dereckson updated the task description for T450: Upgrade PHP extensions package on Ysul to 5.6.10.
Jul 5 2015, 12:11 · Servers, security
dereckson created T450: Upgrade PHP extensions package on Ysul to 5.6.10.
Jul 5 2015, 12:11 · Servers, security
dereckson closed T163: Install sshguard on Ysul as Resolved.
$ ps auxw | grep guard
root         39343  0.0  0.1  47712  4360  -  Is   28Apr15      1:39.88 /usr/local/sbin/sshguard -b 40:/var/db/sshguard/blacklist.db -l [...]
Jul 5 2015, 12:10 · security, Servers
dereckson closed T260: Generate a SSL certificate for Docker services on Dwellers as Resolved.

Done for every service.

Jul 5 2015, 12:09 · TLS certificates, security, Nasqueron Docker deployment squad
dereckson closed T261: Generate SSL certificate for devcentral.nasqueron.org as Resolved.

Done, but a SSL certificate is needed too for the serving-files domain.

Jul 5 2015, 12:08 · TLS certificates, DevCentral, Nasqueron Docker deployment squad, security
dereckson closed T261: Generate SSL certificate for devcentral.nasqueron.org, a subtask of T260: Generate a SSL certificate for Docker services on Dwellers, as Resolved.
Jul 5 2015, 12:08 · TLS certificates, security, Nasqueron Docker deployment squad
dereckson closed T442: Install PHP 5.6.10 on Ysul as Resolved.

Jul 5 11:57:18 ysul pkg: libxml2 upgraded: 2.9.2_2 -> 2.9.2_3
Jul 5 11:57:44 ysul pkg: php56 upgraded: 5.6.8 -> 5.6.10

Jul 5 2015, 12:07 · security, Servers

Jun 23 2015

dereckson closed T422: Upgrade PHP and PCRE on Ysul as Wontfix.
  • PECL upgrade done (see T429)
  • PHP upgrade superseded by T442
Jun 23 2015, 11:57 · Servers, security
dereckson added projects to T442: Install PHP 5.6.10 on Ysul: Servers, security.
Jun 23 2015, 11:55 · security, Servers

Jun 22 2015

dereckson closed T439: Upgraded curl on Ysul as Resolved.

Jun 22 12:20:31 ysul pkg: ca_root_nss upgraded: 3.19 -> 3.19.1_1
Jun 22 12:20:32 ysul pkg: curl upgraded: 7.42.1 -> 7.43.0

Jun 22 2015, 12:33 · security, Servers
dereckson triaged T439: Upgraded curl on Ysul as High priority.
Jun 22 2015, 12:33 · security, Servers
dereckson renamed T439: Upgraded curl on Ysul from test to Upgraded curl on Ysul.
Jun 22 2015, 12:33 · security, Servers

Jun 16 2015

dereckson closed T429: Security software issues on Ysul as Resolved.

Done, but T422 still pending.

Jun 16 2015, 12:42 · security, Servers
dereckson updated the task description for T429: Security software issues on Ysul.
Jun 16 2015, 12:41 · security, Servers
dereckson added a comment to T429: Security software issues on Ysul.

Round 2 - binary update

Jun 16 2015, 12:40 · security, Servers

Jun 13 2015

dereckson moved T422: Upgrade PHP and PCRE on Ysul from Backlog to Working on on the Servers board.
Jun 13 2015, 11:48 · Servers, security
dereckson moved T429: Security software issues on Ysul from Backlog to Working on on the Servers board.
Jun 13 2015, 11:47 · security, Servers
dereckson added a comment to T429: Security software issues on Ysul.

Round 1 - binary update

Jun 13 2015, 11:43 · security, Servers
dereckson triaged T429: Security software issues on Ysul as High priority.
Jun 13 2015, 11:39 · security, Servers

Jun 11 2015

dereckson triaged T423: Upgrade PHP on nginx-php-fpm Docker image as High priority.
Jun 11 2015, 14:54 · security, Nasqueron Docker deployment squad

Jun 7 2015

dereckson triaged T422: Upgrade PHP and PCRE on Ysul as Normal priority.

As far as I know, current codebase doesn't use the features touched by the vuln.

Jun 7 2015, 18:37 · Servers, security
dereckson updated the task description for T422: Upgrade PHP and PCRE on Ysul.
Jun 7 2015, 18:36 · Servers, security

Jun 6 2015

dereckson closed T414: SSL certificate for vma.nasqueron.org as Resolved.
Jun 6 2015, 15:51 · TLS certificates, Servers, Nasqueron Docker deployment squad, security

Jun 5 2015

dereckson closed T418: SSL certificate for https://forum.nasqueron.org as Resolved.
Jun 5 2015, 22:36 · TLS certificates, Servers, Nasqueron Docker deployment squad, security, Forum
dereckson created T418: SSL certificate for https://forum.nasqueron.org.
Jun 5 2015, 22:36 · TLS certificates, Servers, Nasqueron Docker deployment squad, security, Forum

Jun 1 2015

dereckson updated the task description for T415: Allowed ops@ and dereckson@ to sudo docker or lxc-* commands on Dwellers.
Jun 1 2015, 18:03 · Accounts, security, Servers
dereckson added a comment to T415: Allowed ops@ and dereckson@ to sudo docker or lxc-* commands on Dwellers.

Container related commands alias for sudo

Jun 1 2015, 18:00 · Accounts, security, Servers
dereckson added a project to T415: Allowed ops@ and dereckson@ to sudo docker or lxc-* commands on Dwellers: security.
Jun 1 2015, 17:58 · Accounts, security, Servers
dereckson created T414: SSL certificate for vma.nasqueron.org.
Jun 1 2015, 17:36 · TLS certificates, Servers, Nasqueron Docker deployment squad, security

May 20 2015

dereckson closed T390: Ice should listen to 0.0.0.0 as Resolved.
$ sockstat | grep 6502
murmur   murmurd    18308 16 tcp4 6 *:6502                *:*
May 20 2015, 11:00 · security, Servers, Mumble
dereckson updated the task description for T390: Ice should listen to 0.0.0.0.
May 20 2015, 10:48 · security, Servers, Mumble

May 19 2015

dereckson added a comment to T379: Upgraded ruby22-gems from 2.4.6 to 2.4.7.
$ cd /usr/ports/devel/ruby-gems
$ make build deinstall reinstall
[...]
===>   Registering installation for ruby22-gems-2.4.7
[...]
$ pkg audit
0 problem(s) in the installed packages found.
May 19 2015, 12:12 · security, Servers
dereckson updated the task description for T379: Upgraded ruby22-gems from 2.4.6 to 2.4.7.
May 19 2015, 12:11 · security, Servers

May 3 2015

dereckson closed T364: Encrypt SWAP partition on Ysul as Invalid.

Already done in a Crypt task:

May 3 2015, 18:56 · Servers, good-first-issue, security
dereckson claimed T364: Encrypt SWAP partition on Ysul.
May 3 2015, 18:48 · Servers, good-first-issue, security
dereckson moved T364: Encrypt SWAP partition on Ysul from Backlog to Working on on the Servers board.
May 3 2015, 18:48 · Servers, good-first-issue, security
dereckson created T364: Encrypt SWAP partition on Ysul.
May 3 2015, 18:47 · Servers, good-first-issue, security

Apr 29 2015

dereckson closed T354: Upgrade PHP to 5.6.8 on Ysul as Resolved.

Apr 29 14:00:09 ysul pkg-static: libmemcached-1.0.18 installed
Apr 29 14:00:45 ysul pkg-static: pecl-memcache-3.0.8 installed

Apr 29 2015, 14:02 · Servers, security
dereckson closed T354: Upgrade PHP to 5.6.8 on Ysul, a subtask of T352: Software security issues on Ysul, as Resolved.
Apr 29 2015, 14:02 · security, Servers
dereckson moved T354: Upgrade PHP to 5.6.8 on Ysul from Working on to Done on the Servers board.
Apr 29 2015, 14:01 · Servers, security
dereckson added a comment to T354: Upgrade PHP to 5.6.8 on Ysul.

libevent and cyrus-sasl recompile

Apr 29 2015, 13:22 · Servers, security
dereckson added a comment to T354: Upgrade PHP to 5.6.8 on Ysul.

Memcached issue

Apr 29 2015, 13:18 · Servers, security
dereckson added a comment to T354: Upgrade PHP to 5.6.8 on Ysul.

Extension and deps libraries

Apr 29 2015, 11:30 · Servers, security
dereckson moved T354: Upgrade PHP to 5.6.8 on Ysul from Backlog to Working on on the Servers board.
Apr 29 2015, 11:24 · Servers, security
dereckson closed T352: Software security issues on Ysul as Resolved.
$ pkg audit
0 problem(s) in the installed packages found.
Apr 29 2015, 11:23 · security, Servers
dereckson added a comment to T354: Upgrade PHP to 5.6.8 on Ysul.

PHP itself

Apr 29 2015, 11:22 · Servers, security
dereckson closed T353: Upgrade Ruby to Ruby 2.2 on Ysul as Resolved.
Apr 29 2015, 11:15 · Servers, security
dereckson closed T353: Upgrade Ruby to Ruby 2.2 on Ysul, a subtask of T352: Software security issues on Ysul, as Resolved.
Apr 29 2015, 11:15 · security, Servers
dereckson added a comment to T353: Upgrade Ruby to Ruby 2.2 on Ysul.

Extra ports

Apr 29 2015, 11:15 · Servers, security
dereckson added a comment to T353: Upgrade Ruby to Ruby 2.2 on Ysul.

To reinstall rhc deps (see T186 for context about rhc), there is an issue with documentation.

Apr 29 2015, 11:06 · Servers, security
dereckson added a comment to T353: Upgrade Ruby to Ruby 2.2 on Ysul.

Apr 29 01:50:09 ysul pkg-static: ruby22-gems-2.4.6 installed

Apr 29 2015, 01:55 · Servers, security
dereckson added a comment to T353: Upgrade Ruby to Ruby 2.2 on Ysul.

vim, weechat

  • Weechat reinstalled with Python 2.7 support
  • Apr 29 01:46:45 ysul pkg-static: vim-7.4.712 installed
Apr 29 2015, 01:48 · Servers, security

Apr 28 2015

dereckson added a comment to T353: Upgrade Ruby to Ruby 2.2 on Ysul.

We first reinstall the applications which need Ruby.

Apr 28 2015, 14:18 · Servers, security
dereckson added a comment to T353: Upgrade Ruby to Ruby 2.2 on Ysul.
$ cd /usr/ports/lang/ruby22
$ make install
[...]
$ ln -s /usr/local/bin/ruby22 /usr/local/bin/ruby
$ rehash
$ ruby -v
ruby 2.2.2p95 (2015-04-13 revision 50295) [amd64-freebsd10]
Apr 28 2015, 12:09 · Servers, security
dereckson updated the task description for T353: Upgrade Ruby to Ruby 2.2 on Ysul.
Apr 28 2015, 12:06 · Servers, security
dereckson added a comment to T353: Upgrade Ruby to Ruby 2.2 on Ysul.

We've successfully compiled Ruby 2.2

Apr 28 2015, 12:04 · Servers, security
dereckson added a comment to T352: Software security issues on Ysul.

Through ports

Apr 28 2015, 11:58 · security, Servers
dereckson moved T353: Upgrade Ruby to Ruby 2.2 on Ysul from Backlog to Working on on the Servers board.
Apr 28 2015, 11:54 · Servers, security
dereckson moved T354: Upgrade PHP to 5.6.8 on Ysul from Working on to Backlog on the Servers board.
Apr 28 2015, 11:54 · Servers, security
dereckson moved T354: Upgrade PHP to 5.6.8 on Ysul from Backlog to Working on on the Servers board.
Apr 28 2015, 11:54 · Servers, security
dereckson created T354: Upgrade PHP to 5.6.8 on Ysul.
Apr 28 2015, 11:52 · Servers, security
dereckson created T353: Upgrade Ruby to Ruby 2.2 on Ysul.
Apr 28 2015, 11:51 · Servers, security
dereckson added a comment to T352: Software security issues on Ysul.

Straightforward to upgrade

Apr 28 2015, 11:48 · security, Servers
dereckson moved T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul from Backlog to Done on the Servers board.
Apr 28 2015, 11:45 · security, Nasqueron Docker deployment squad, Servers
dereckson moved T352: Software security issues on Ysul from Backlog to Working on on the Servers board.
Apr 28 2015, 11:22 · security, Servers
dereckson triaged T352: Software security issues on Ysul as High priority.
Apr 28 2015, 11:22 · security, Servers

Apr 27 2015

dereckson added projects to T352: Software security issues on Ysul: Servers, security.

See P65 for the details of the packages concerned.

Apr 27 2015, 22:42 · security, Servers

Apr 4 2015

dereckson updated the title for P34 pkg audit on Ysul from Masterwork From Distant Lands to pkg audit on Ysul.
Apr 4 2015, 14:49 · security, Servers

Apr 3 2015

dereckson added a subtask for T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul: T291: Fixed libaprutil-1.la issue on Ysul.
Apr 3 2015, 22:40 · security, Nasqueron Docker deployment squad, Servers
dereckson closed T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul as Resolved.

Subversion updated to 1.8.13.

Apr 3 2015, 22:33 · security, Nasqueron Docker deployment squad, Servers
dereckson added a comment to T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul.

PHP upgraded, php-fpm restarted.

Apr 3 2015, 17:43 · security, Nasqueron Docker deployment squad, Servers
dereckson added a comment to P43 pkg audit on Ysul.

PHP upgraded to 5.6.7 (CLI, php-fpm, CGI)

Apr 3 2015, 17:41 · Servers, security, Nasqueron security operations squad
dereckson added a comment to T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul.

Round one:

  • py27-django: 1.7.3 -> 1.7.7
  • libzip: 0.11.2_1 -> 0.11.2_2
  • py27-sqlite3: 2.7.9_5 -> 2.7.9_6
Apr 3 2015, 17:16 · security, Nasqueron Docker deployment squad, Servers
dereckson added a comment to P43 pkg audit on Ysul.

Round one:

  • py27-django: 1.7.3 -> 1.7.7
  • libzip: 0.11.2_1 -> 0.11.2_2
  • py27-sqlite3: 2.7.9_5 -> 2.7.9_6
Apr 3 2015, 17:05 · Servers, security, Nasqueron security operations squad
dereckson updated the task description for T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul.
Apr 3 2015, 17:03 · security, Nasqueron Docker deployment squad, Servers
dereckson created T289: Upgrade libzip, PHP 5.6, Django and Subversion on Ysul.
Apr 3 2015, 17:02 · security, Nasqueron Docker deployment squad, Servers
dereckson updated the title for P43 pkg audit on Ysul from Masterwork From Distant Lands to pkg audit on Ysul.
Apr 3 2015, 17:01 · Servers, security, Nasqueron security operations squad

Apr 1 2015

dereckson moved T107: Reenable SELinux for Docker on Dwellers from Backlog to Deployed on the Forum board.
Apr 1 2015, 19:26 · security, Servers, Forum

Mar 30 2015

dereckson claimed T261: Generate SSL certificate for devcentral.nasqueron.org.

Taking this bug.

Mar 30 2015, 09:54 · TLS certificates, DevCentral, Nasqueron Docker deployment squad, security
dereckson created T261: Generate SSL certificate for devcentral.nasqueron.org.
Mar 30 2015, 09:48 · TLS certificates, DevCentral, Nasqueron Docker deployment squad, security
First
Prev
Next
Nasqueron DevCentral · If it had been much bigger the moon would have had a core of ice. · Powered by Phabricator