0xStubs

Computer science, IT, Photography

Fixing Roundcube’s Command Execution Vulnerability in Debian Wheezy

Recently a quite serious vulnerability (CVE-2016-9920) in Roundcube was reported. Until now (7th Dec) this vulnerability is unfixed in Debian’s roundcube packages (see the corresponding entry in the Debian Security Tracker).

The upstream patch is not directly applicable to version 0.7 which is used in Debian Wheezy but with a little modification it is. Following you find a corresponding patch.
Read More

Broken calendar migration from Google to ownCloud

For some time now I run a small ownCloud instance to synchronize my contacts and calendars across different devices. When another person tried to migrate his Google calendars to this instance there was an issue though. The .ics files exported from Google contained invalid entries that were copied into ownCloud’s database and broke synchronization with 3rd party applications like Thunderbird’s Lightning extension.

Read More

How systemd-timesyncd handles leap seconds

This night we get another leap second, meaning that the last second of today is not 23:59:59 but 23:59:60 instead. The last time this happened was on June 30, 2012 and lead to issues on several servers due to bugs in the Linux kernel. Since then these bugs were fixed and also methods of hiding the leap second altogether were implemented. Here you can find a good overview over different configurations of kernel, ntpd and tzdata and how a leap second will be handled using these configurations. What is missing here is how a setup using systemd-timesyncd instead of ntpd will handle this situation.
Read More

XPS on RHEL 7 / CentOS 7

Officially the ISE suite is not supported to run on RHEL / CentOS 7. But since time moves on and Vivado nowadays is supported on those systems you may be tempted to run the ISE tools on this system as well.

If you face the issue that XPS just shows a blank window and even XPS project files are opened as text files, the following will probably solve this issue:

yum install mesa-libGLU

By now this was also mentioned on a Xilinx forum thread but I thought I’d post it anyway.

Zynq ACP AxCACHE & AxUSER signals

If you want to use the AXI_ACP interface on a Xilinx Zynq SoC for coherent memory access from the PL, you have to set the AxUSER and AxCACHE signals accordingly. Unfortunately the Zynq TRM in section 3.5.1 only tells you how to set ARUSER[0]ARCACHE[1] and AWUSER[0]AWCACHE[1], respectively. So, what to do with the other bits?

Posts in the Xilinx forums suggest that most people just set all bits of AxUSER and AxCACHE to 1 and this typically works. For a description of all possible values have a look at ARM’s documentation for the Cortex-A9 and PL 310 IP cores that are used in the Zynq SoC: