Re: [kaffe] [OffTopic] Savannah has been compromised
Hi,
On Thu, 2003-12-04 at 00:54, Dalibor Topic wrote:
since I haven't received any news on this yet, and many people here
probably contribute to one project on Savannah or another, I just wanted
to spread the news that savannah.gnu,org has been compromised. cracked.
broken in. just like debian last week.
Thanks. I tried to send the attached message to the classpath
mailinglist about it. But it didn't arrive so probably the mailinglist
at gnu.org are also down :{
I CCed the gcj mailinglist to make sure most of our contributors know
about this issue. I'll try to keep you up to date when I know more.
Be careful out there.
And please check your machines for any irregularities.
Cheers,
Mark
---BeginMessage---
Hi all,
If you were wondering why CVS doesn't work anymore or why the last
classpath 0.07 release hasn't gone up on the gnu.org servers this is the
reason. From http://savannah.gnu.org/statement.html:
On December 1st, 2003, we discovered that the Savannah system,
which is maintained by the Free Software Foundation and provides
CVS and development services to the GNU project and other Free
Software projects, was compromised at circa November 2nd, 2003.
The compromise seems to be of the same nature as the recent
attacks on Debian project servers; the attacker seemed to
operate identically. However, this incident was distinctly
different from the modus operandi we found in the attacks on our
FTP server in August 2003. We have also confirmed that an
unauthorized party gained root access and installed a root-kit
(SucKIT) on November 2nd, 2003.
In the interest of continuing cooperation and in helping to
improve security for all essential Free Software infrastructure,
and despite important philosophical differences, we are working
closely with Debian project members to find the perpetrators and
to secure essential Free Software infrastructure for the future.
We hope to have future joint announcements that discuss a
unified strategy for addressing these problems.
For the moment, we are installing replacement hardware for the
Savannah system, and we will begin restoring the Savannah
software this week. Initially, there will be some security
related changes which may be inconvenient for our developers. We
will try to ease these as we find secure ways to do so. We are
in particular researching ways to ensure secured authentication
of the source code trees stored on the system.
We will send more detailed announcements about efforts to verify
the authenticity of the source code hosted on Savannah, and how
the community can help in that effort once we've brought the
system back online.
We hope to have at least minimal services back up by Friday 5
December 2003.
[...insert some strong negative statement here, not appropriate for
little children...]
As soon as I have more information I will let you know.
Meanwhile please all check your own machines carefully.
Some help for people running Debian GNU/Linux to do this can be found
at: http://www.wiggy.net/debian/developer-securing/
(It specifically describes what debian developers should do, but is
useful information for everybody.)
Mark
signature.asc
Description: This is a digitally signed message part
---End Message---
[kaffe] CVS kaffe (dalibor): Small fix for FOP
PatchSet 4197 Date: 2003/12/04 15:07:14 Author: dalibor Branch: HEAD Tag: (none) Log: Small fix for FOP 2003-12-04 Dalibor Topic [EMAIL PROTECTED] Fixed a problem in FOP 0.25.4. * libraries/javalib/java/text/AttributedString.java (addAttribute(AttributedCharacterIterator.Attribute,Object,int,int)): Use HashMap instead of Hashtable since value can be null, and you can not store a null value in a Hashtable. Members: ChangeLog:1.1788-1.1789 libraries/javalib/java/text/AttributedString.java:1.1-1.2 Index: kaffe/ChangeLog diff -u kaffe/ChangeLog:1.1788 kaffe/ChangeLog:1.1789 --- kaffe/ChangeLog:1.1788 Thu Dec 4 03:27:47 2003 +++ kaffe/ChangeLog Thu Dec 4 15:07:14 2003 @@ -1,5 +1,14 @@ 2003-12-04 Dalibor Topic [EMAIL PROTECTED] + Fixed a problem in FOP 0.25.4. + + * libraries/javalib/java/text/AttributedString.java + (addAttribute(AttributedCharacterIterator.Attribute,Object,int,int)): + Use HashMap instead of Hashtable since value can be null, and you + can not store a null value in a Hashtable. + +2003-12-04 Dalibor Topic [EMAIL PROTECTED] + * libraries/javalib/java/text/FormatCharacterIterator.java: Resynced with GNU Classpath. Index: kaffe/libraries/javalib/java/text/AttributedString.java diff -u kaffe/libraries/javalib/java/text/AttributedString.java:1.1 kaffe/libraries/javalib/java/text/AttributedString.java:1.2 --- kaffe/libraries/javalib/java/text/AttributedString.java:1.1 Mon Nov 11 12:01:53 2002 +++ kaffe/libraries/javalib/java/text/AttributedString.java Thu Dec 4 15:07:16 2003 @@ -39,6 +39,7 @@ package java.text; import java.util.Iterator; +import java.util.HashMap; import java.util.Hashtable; import java.util.HashSet; import java.util.Map; @@ -329,7 +330,7 @@ * of the string. * * @param attrib The attribute to add. - * @param value The value of the attribute. + * @param value The value of the attribute, which may be null. * @param begin_index The beginning index of the subrange. * @param end_index The ending index of the subrange. * @@ -342,10 +343,10 @@ if (attrib == null) throw new IllegalArgumentException(null attribute); - Hashtable ht = new Hashtable(); - ht.put(attrib, value); + HashMap hm = new HashMap(); + hm.put(attrib, value); - addAttributes(ht, begin_index, end_index); + addAttributes(hm, begin_index, end_index); } /*/ ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
[kaffe] Status of FOP 0.20.5 on kaffe from CVS
Hi all, I played a bit around with FOP today. I'm amazed how much works fine, actually. I set JAVA_HOME to where I installed kaffe, and ran fop on all the examples in examples/fo to produce pdf files. It didn't work on all of them, but it worked and produced correct results on many examples. As long as the FO file doesn't involve graphics, especially SVG, or massive fonts trickery, or hyphenation tables, it seems to work alright. The SVG problem is partially related to a bug in kaffe's DirectColorModel implementation. I tryed to replace it with the implementation from GNU Classpath, but that broke MPEG_Play again, which was fixed by Nicolas last year. Nicolas, do you have the time to look at the DirectColorImplementation from GNU Classpath and merge it in, fixing its bugs? Replacing DirectColorModel lets fop get a little further, until it breaks because kaffe doesn't have a Java2D implementation yet. I hope to be able to merge in Agile2D for that task eventually, but that's post 1.1.3 material. cheers, dalibor topic ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] make test returns quite a few errors for ia64
Hi Adam, Adam Parrish wrote: Kaffe'rs I am about to allow my users access to the Kaffe Java environment soon, but after running make test a good many of the tests fail. I can do very simple java tasks like string manipulation, but many of the math classes do not pass. Is this purely because it is running on 64 bit architecture or because something is unimplemented to do the correct calculations? Basically, there is a lot of regression tests that fail on ia64, and I'd appreciate if someone with access to an ia64 box could try figuring out what's going wrong. Gwenole Beauchesne might also have patches for ia64 in his mandrake packages of kaffe that haven't been merged in. For the brave souls, there is also a JIT for ia64 that waits for someone to merge it in. It all comes down to have more developers on that platform. Feel free to send patches, if you're not tainted i.e. haven't looked at Sun's sources, decompiled their stuff, etc. ;) cheers, dalibor topic ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] help with running tomcat on kaffe
Hi Ram, kalyan ram wrote: Hai I want to run tomcat on kaffe.In the previous mail,i got a fix for that but it is not working for me.i am working on the version of tomcat-4.1.29. I implemented the fix by adding the following code in conf/web.xml: init-param param-namecompiler/param-name param-valuekjc/param-value /init-param I restarted tomcat but it is still showing in the application manager of tomcat,the vendor is sun jvm. What am i missing?I am working on only binary version of tomcat. Did you set JAVA_HOME to point to the directory you installed kaffe to? Many apache apps use JAVA_HOME to figure out what VM to run. cheers, dalibor topic ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] Where is the gnu/crypto/ stuff?
sorry for taking so long to reply, so much merges to do, so little time ;) No problem. I'm attempting to keep up. The problem was I didn't do a make clean. It works. ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
[kaffe] ANN: testing page and results
Hello for Jim, Dalibor and others... failures on NetBSD, OpenBSD, Solaris... a big maze. I decided to make a summary page with the current status and results on my test computers. You can access it here: http://homepage.mac.com/riccardo_mottola/kaffe-devel/ or, when my own sparcstation is online, at multix.dyndnds.org (a link is provided from the above page) so you can check the latest and greatest. There is my current attempt to track down the sparc build problem on * BSD/sparc (besides, notice the current statups of OpenBSD: some stupid header is acting up). Since Solaris did work in August I tried to update it gradually to see if it breaks and if it breaks if it acts like BSD/sparc. -Riccardo ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] [OffTopic] Savannah has been compromised
Mark Wielaard wrote: Mainly about whether or not to promote and advertise non-free software. As you probably know the FSF and the GNU project have a very strong opinion about that. Debian takes the approach that offering and supporting a non-free package archive isn't a real problem. Some people disagree. (Just compare the very poor support for most of the free software packages written in the java-language to work out of the box with free VMs compared to other distributions who strongly supports only using Free Software. e.g. Red Hat with rhug, naoko and native-eclipse.) There's that issue (on which I agree with the FSF) but there's also a major disagreement (on which I agree with Debian) about the GNU Free Documentation License, which doesn't meet Debian's guidelines for free licenses. I'm not sure of the FSF's exact position on this, but it's either Debian are wrong and the GFDL *does* meet their guidelines or Debian's guidelines are too strict and should be modified so that the GFDL can meet them. Debian's position is that the GFDL really does have major problems and the guidelines are doing their job by refusing it. Stuart. -- Stuart Ballard, Senior Web Developer FASTNET - Web Solutions (215) 283-2300, ext. 126 www.fast.net ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] CVS kaffe (dalibor): Small fix for FOP
Kaffe CVS [EMAIL PROTECTED] writes: PatchSet 4197 Date: 2003/12/04 15:07:14 Author: dalibor Branch: HEAD Tag: (none) Log: Small fix for FOP Dalibor, Can you put images in pdf files without using 'jimi.jar'? Regards, -- Arnaud Vandyck STE-Formations Informatiques, ULg, Belgium ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] [OffTopic] Savannah has been compromised
On Thu, 04 Dec 2003 00:54:24 +0100 Dalibor Topic [EMAIL PROTECTED] wrote: Hi all, since I haven't received any news on this yet, and many people here probably contribute to one project on Savannah or another, I just wanted to spread the news that savannah.gnu,org has been compromised. cracked. broken in. just like debian last week. Scary stuff. It's got me spooked. I ran chkrootkit on our server, and it looks like it's OK. Actually, it did show this: Checking `lkm'... You have 1 process hidden for readdir command You have 1 process hidden for ps command Warning: Possible LKM Trojan installed But that's a common false positive due to the way it does the test (due to a mismatch between Debian's 'ps' command output and /proc). Just to be sure, I removed kernel module support from the kernel, and it still does it. My web server at home had some false positives as well - yay. I also upgraded to kernel 2.4.23 (because of the latest ptrace bug that was used to compromise Debian), and updated rsync (which was used to compromise Gentoo). We don't have a lot of user accounts on the server, and I usually upgrade packages within hours of reading the Debian security advisories, so I think we've been lucky so far. I think with all of these high-profile comprosises lately, I'm going to take some measures to tighten up security on the server even more. There's a few things I've been wanting to experiment with, like moving some services out of the main server environment to individual user-mode Linux virtual machines, and even running some of the services on Kaffe itself. And I'll probably look at ways of tightening up password security, etc. This should only affect the few developers that have accounts on the server - it probably affects me the most. For the rest of the users, I strongly encourage you to use the GPG signature files that I make for every release to verify that the released files have indeed been signed by my private GPG key. There are instructions in the signature file on how to do this. This way, you can be sure that you are not building from Trojan'ed sources, in the possible event where Kaffe.org has been compromised. Cheers, - Jim ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] ANN: testing page and results
On Thu, 4 Dec 2003 19:49:50 + (UTC) Riccardo [EMAIL PROTECTED] wrote: http://homepage.mac.com/riccardo_mottola/kaffe-devel/ Excellent stuff! Cheers, - Jim ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] Classpath AWT progress.
On Thu, 2003-12-04 at 13:42, James Simmons wrote: Just wanted to give up a update at where I am on the port. I have all the skeleton classes avalable for a xlib peer. No functionality. I attempted to make a XFramePeer class but the under lying structue was missing. The under lying structures are GraphicsEnvironment, GraphicsDevice and friends. The current classpath implementation is not done so I have started to work on a full working implementation of these classes. I modified GraphicsEnvironment.java in java.awt to actually work somewhat. Then I created a ClasspathGraphicsEnvironment.java to handle all the different types of GraphicsDevices. I created a XGraphicsDevice class. In the java specs there is one GraphicsDevice for each screen. At present the code is incomplete. If you want I can attach the code I currently have and if any one wants to play with it be my guest. Wow, great to hear that someone is tackling this section of the API! Can you post a patch to the Classpath list? A lot of AWT/Swing discussions take place there, so you'll probably get some feedback on the approach you're taking. Thanks! Tom ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
[kaffe] NetBSD/68k asm error!!
I never got an error like this in my life : gcc -DHAVE_CONFIG_H -I. -I../../../kaffe/kaffe/kaffevm -I../../config - I../../include/kaffe -I../../../kaffe/kaffe/kaffevm/systems/unix- jthreads -I../../kaffe/kaffevm/jit3 -I../../../kaffe/kaffe/kaffevm/jit3 - I../../../kaffe/libltdl -DTRANSLATOR -DJIT3 -I../../../kaffe/kaffe/jvmpi - I../../../kaffe/kaffe/xprof -I../../include -DKVER=\1.1.x-cvs\ -I/home/ multix/kaffe-cvs/netbsd-68k/../kaffe/kaffe/kaffevm -I/home/multix/kaffe- cvs/netbsd-68k/../kaffe/kaffe/kaffevm/jit3 -I/home/multix/kaffe-cvs/ netbsd-68k/../kaffe/kaffe/kaffevm/systems/unix-jthreads -I../../../kaffe/ config -I../../../kaffe/include -DKAFFE_VMDEBUG -g -O2 -Wall -Wstrict- prototypes -fno-omit-frame-pointer -c ../../../kaffe/kaffe/kaffevm/locks. c -Wp,-MD,.deps/locks.TPlo -fPIC -DPIC -o .libs/locks.o /var/tmp/ccTh5fPf.s: Assembler messages: /var/tmp/ccTh5fPf.s:2248: Error: operands mismatch -- statement `casl % a0,%d3,(%a2)' ignored gmake[3]: *** [locks.lo] Error 1 NetBSD/68k 1.6.1 on 68040 -R ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
Re: [kaffe] Classpath AWT progress.
On Thu, 4 Dec 2003, Thomas Fitzsimmons wrote: On Thu, 2003-12-04 at 13:42, James Simmons wrote: Just wanted to give up a update at where I am on the port. I have all the skeleton classes avalable for a xlib peer. No functionality. I attempted to make a XFramePeer class but the under lying structue was missing. The under lying structures are GraphicsEnvironment, GraphicsDevice and friends. The current classpath implementation is not done so I have started to work on a full working implementation of these classes. I modified GraphicsEnvironment.java in java.awt to actually work somewhat. Then I created a ClasspathGraphicsEnvironment.java to handle all the different types of GraphicsDevices. I created a XGraphicsDevice class. In the java specs there is one GraphicsDevice for each screen. At present the code is incomplete. If you want I can attach the code I currently have and if any one wants to play with it be my guest. Wow, great to hear that someone is tackling this section of the API! Can you post a patch to the Classpath list? A lot of AWT/Swing discussions take place there, so you'll probably get some feedback on the approach you're taking. Give me a few days to get a patch going. At present I'm working on code that hits two targets, X windows and the linux framebuffer console. I want to get a system going that runs on X windows and the framebuffer console at the same time!!! ___ kaffe mailing list [EMAIL PROTECTED] http://kaffe.org/cgi-bin/mailman/listinfo/kaffe
