LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware
User Name
Password
Slackware This Forum is for the discussion of Slackware Linux.

Notices


Reply
  Search this Thread
Old 04-30-2020, 12:03 PM   #1
baumei
Member
 
Registered: Feb 2019
Location: USA; North Carolina
Distribution: Slackware!
Posts: 155

Rep: Reputation: 55
vulnerabilities of KDE 4.14.3


I have been attempting to find the vulnerability/bug/patch history of KDE 4.14.3 (because it is used in Slackware 14.2), in order to see whether patches for KDE 4.14.3 are still being created and released.

I have attempted several different searches on LinuxQuestions, but found no mentions of vulnerabilities of KDE 4.14.

I did some searching on the Internet, and found no mention of vulnerabilities of KDE 4.14. What I did find is that someone wrote KDE 4.14.3 was released on 2014/Nov/11, and that it is the most recent version in the KDE 4 series, and that development has been discontinued (date not specified).

Does anyone know whether patches are still being created and released for KDE 4.14.3?
 
Old 04-30-2020, 12:38 PM   #2
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 6,961

Rep: Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641
There's been a few updates in the 14.2 changelog, with the latest security fix being:

Code:
Thu Aug  8 05:25:56 UTC 2019
patches/packages/kdelibs-4.14.38-x86_64-1_slack14.2.txz:  Upgraded.
  kconfig: malicious .desktop files (and others) would execute code.
  For more information, see:
    https://mail.kde.org/pipermail/kde-announce/2019-August/000047.html
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-14744
  (* Security fix *)
But you should pretty much expect that KDE4 is EOL and won't be receiving any patches or updates as all their development is with Plasma5. I did have a search through the CVE database for KDE and that came up with some results. It might be a good place to start.

https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=kde
 
2 members found this post helpful.
Old 04-30-2020, 01:28 PM   #3
ehartman
Senior Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 1,631

Rep: Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845
Quote:
Originally Posted by baumei View Post
in order to see whether patches for KDE 4.14.3 are still being created and released.
No, they aren't. KDE has long gone to KDE/Plasma 5 and very sporadic some bug fixes get backported, like kdelibs-4.14.38, kdepim-4.14.10 and kdepimlibs-4.14.10 (all in november last year), but these are the only ones since 2016
 
1 members found this post helpful.
Old 04-30-2020, 02:50 PM   #4
drumz
Member
 
Registered: Apr 2005
Location: Scottsdale, AZ, USA
Distribution: Slackware
Posts: 242

Rep: Reputation: 91
There additional patches on top of KDE 4.14.38 floating out there. I discovered this when I hit a bug in KMyMoney (https://bugs.kde.org/show_bug.cgi?id=412366). Additional patches are here (I'm not using any of them):

https://build.opensuse.org/package/s...ngw32-kdelibs4
 
Old 04-30-2020, 11:06 PM   #5
baumei
Member
 
Registered: Feb 2019
Location: USA; North Carolina
Distribution: Slackware!
Posts: 155

Original Poster
Rep: Reputation: 55
Quote:
Originally Posted by bassmadrigal View Post
I did have a search through the CVE database for KDE and that came up with some results. It might be a good place to start.
https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=kde
Thank you for this URL! I see they list quite a few flaws. As you wrote, I also do not expect these to be fixed. So, I will remove from my computers the Slackware packages which contain those programs. :-(
 
Old 05-01-2020, 07:18 AM   #6
baumei
Member
 
Registered: Feb 2019
Location: USA; North Carolina
Distribution: Slackware!
Posts: 155

Original Poster
Rep: Reputation: 55
Since there is no expectation of the pieces of KDE 4.14.3 being repaired/patched, then for any computer which is ever used with the Internet the only reasonable course of action is to remove the offending programs. I think these should be removed:
Code:
CVE-2020-9359   KDE Okular before 1.10.0

CVE-2020-11880  KDE KMail before 19.12.3

CVE-2019-7443   KDE KAuth before 5.55

CVE-2019-14744  KDE Frameworks KConfig
                before 5.61.0

CVE-2019-10734  In KDE Trojita 0.7

CVE-2019-10732  In KDE KMail 5.2.3

CVE-2018-6791   KDE Plasma Workspace
                before 5.12.0

CVE-2018-6790   KDE Plasma Workspace
                before 5.12.0

CVE-2018-19120  The HTML thumbnailer in 
                KDE Applications
                before 18.12.

CVE-2018-10380  kwallet-pam in KDE
                KWallet before 5.12.6

CVE-2017-9604   KDE kmail before 5.5.2
                and messagelib before
                5.5.2, as distributed in
                KDE Applications before
                17.04.2

CVE-2016-6232   KArchive before 5.24

CVE-2016-3100   kinit in KDE Frameworks
                before 5.23.0

CVE-2015-1308   kde-workspace 4.2.0 and
                plasma-workspace before
                5.1.95

CVE-2015-1307   plasma-workspace before
                5.1.95

CVE-2014-8878   KDE KMail

CVE-2014-8600   KDE-Runtime 4.14.3 and
                earlier
After I remove the above pieces of KDE 4.14.3, I wonder how much of the remainder of KDE will continue to function?

Last edited by baumei; 05-04-2020 at 11:47 AM.
 
Old 05-01-2020, 12:07 PM   #7
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 6,961

Rep: Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641
Quote:
Originally Posted by baumei View Post
Since there is no expectation of the pieces of KDE 4.14.3 being repaired/patched, then for any computer which is ever used with the Internet the only reasonable course of action is to remove the offending programs.
I don't think this is a reasonable course of action considering many of these have nothing to do with being connected to the internet and many are not automatic entry points into the system. Ideally, the best option would be to get -current on Plasma5 and possibly find fixes for KDE4 on 14.2 (possibly pull them from other projects), but none of these are bad enough to warrant complete removal of the programs. The worst offender is probably kmail/trojita, but it has to be the perfect storm of events and all it does is leak the contents of the encrypted email if you happen to reply to the attackers email. The karchive bug can be

red = Valid concern if connected to internet and using program
orange = If certain conditions are met when using program, could be valid. Easily bypass bug if aware of issue
yellow = Internet is not required for this vulnerability
green = 14.2 and -current aren't affected if fully up-to-date

Quote:
CVE-2020-9359 KDE Okular before 1.10.0 -- Don't click on links in PDFs.

CVE-2020-11880 KDE KMail before 19.12.3 -- If you click a mailto link, make sure that only files you want to include are attached.

CVE-2019-7443 KDE KAuth before 5.55 -- Has nothing to do with connecting to the Internet. Your machine could be affected regardless.

CVE-2019-14744 KDE Frameworks KConfig before 5.61.0 -- Already patched on 14.2 and -current.

CVE-2019-10734 In KDE Trojita 0.7 -- Valid flaw if connected to the Internet and using program and encrypted emails make their way to unintended recipients.

CVE-2019-10732 In KDE KMail 5.2.3 -- Valid flaw if connected to the Internet and using program and encrypted emails make their way to unintended recipients..

CVE-2018-6791 KDE Plasma Workspace before 5.12.0 -- Don't use random thumbdrives.

CVE-2018-6790 KDE Plasma Workspace before 5.12.0 -- Valid concern if using the internet as it can disclose your IP. Ensure you have a good firewall.

CVE-2018-19120 The HTML thumbnailer in KDE Applications before 18.12. -- Disable html previews.

CVE-2018-10380 kwallet-pam in KDE KWallet before 5.12.6 -- Slackware doesn't include PAM in 14.2, and it doesn't seem like kwallet was recompiled to support PAM in -current (but I'm no KDE expert and it could be a part of kde-workspace)

CVE-2017-9604 KDE kmail before 5.5.2 and messagelib before 5.5.2, as distributed in KDE Applications before 17.04.2 -- Only applies when trying to encrypt files when using the "Send Later" feature and it just doesn't encrypt the email, which can allow sniffers to get it.

CVE-2016-6232 KArchive before 5.24 -- Valid issue if connected to the internet and using KArchive to open downloaded archives. Could overwrite user files or system files if ran as root.

CVE-2016-3100 kinit in KDE Frameworks before 5.23.0 -- Allows *local users* to potentially gain access, nothing to do with the Internet.

CVE-2015-1308 kde-workspace 4.2.0 and plasma-workspace before 5.1.95 -- 14.2 and -current are NOT affected.

CVE-2015-1307 plasma-workspace before 5.1.95 -- No Slackware version is affected since none contain Plasma5. ktown has long been fixed.

CVE-2014-8878 KDE KMail -- 14.2 and -current are NOT affected.

CVE-2014-8600 KDE-Runtime 4.14.3 and earlier -- 14.2 and -current are NOT affected.
 
4 members found this post helpful.
Old 05-01-2020, 01:25 PM   #8
Poprocks
Member
 
Registered: Sep 2003
Location: Toronto, Canada
Distribution: Slackware
Posts: 500

Rep: Reputation: 267Reputation: 267Reputation: 267
I think what's often confusing is that for older software, sometimes we'll look at CVE databases and see that there are no new vulnerabilities reported, and assume that our software is therefore safe. The problem with that is that, with software that is explicitly EOL such as KDE4, vulnerabilities aren't being actively *looked for*, so IMO it should be assumed that the software is completely unsupported and *could* be completely insecure.

There's little reason on a server setup to have KDE installed at all, so I would delete the entire kde4 packageset in 14.2 from any server systems that have a full Slackware install deployed.

On desktop workstations? I've moved pretty much all of mine to -current so I can't really say what I would personally do under those circumstances. I can't see any security vulnerabilities that exist doing something so severe as to cause panic, but to each their own I guess.
 
2 members found this post helpful.
Old 05-02-2020, 04:47 PM   #9
baumei
Member
 
Registered: Feb 2019
Location: USA; North Carolina
Distribution: Slackware!
Posts: 155

Original Poster
Rep: Reputation: 55
Hi "bassmadrigal", thank you posting the color-highlighted list of vulnerability assessments. :-)

I have been thinking about the information, and I have a question. How was this determined to be not affected:
Quote:
Originally Posted by bassmadrigal View Post
CVE-2014-8600 KDE-Runtime 4.14.3 and earlier -- 14.2 and -current are NOT affected.
My operating is system is up-to-date on the patches, and I get:
Code:
darkstar$ cat /etc/slackware-version 
Slackware 14.2
darkstar$ ls /var/log/packages/ | grep kde-runtime
kde-runtime-4.14.3-i586-3
darkstar$

Last edited by baumei; 05-02-2020 at 06:18 PM.
 
Old 05-02-2020, 05:59 PM   #10
ehartman
Senior Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 1,631

Rep: Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845
Quote:
Originally Posted by baumei View Post
ls /var/log/packages/ | grep kde-runtime
kde-runtime-4.14.3-i586-3
That is the latest, as distributed with 14.2 (compiled in 2016)
It even is the latest in -current, although a few times RE-compiled
Code:
kde-runtime-4.14.3-i586-8.txz	8998 KB 	11/01/2018 	12:00:00 AM
 
1 members found this post helpful.
Old 05-02-2020, 11:09 PM   #11
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 6,961

Rep: Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641
Quote:
Originally Posted by baumei View Post
Hi "bassmadrigal", thank you posting the color-highlighted list of vulnerability assessments. :-)

I have been thinking about the information, and I have a question. How was this determined to be not affected:

My operating is system is up-to-date on the patches, and I get:
Code:
darkstar$ cat /etc/slackware-version 
Slackware 14.2
darkstar$ ls /var/log/packages/ | grep kde-runtime
kde-runtime-4.14.3-i586-3
darkstar$
Whoops. I misread that. I thought it said earlier than 4.14.3.

But Suse considered it a low priority and minor severity.

The bug can be patched with this commit for kde-runtime, this commit for kwebkitpart, and this commit for kio-extras.
 
1 members found this post helpful.
Old 05-03-2020, 09:30 AM   #12
baumei
Member
 
Registered: Feb 2019
Location: USA; North Carolina
Distribution: Slackware!
Posts: 155

Original Poster
Rep: Reputation: 55
Hi "bassmadrigal",

I realize I wrote "any computer which is ever used with the Internet", however to me this includes more than some people might expect --- and I was not thinking only of me and my computers (intending to have a thread which is useful to many people). For example, it is for most people a common occurrence to load a webpage with JavaScript code in it. According to my understanding JavaScript is able to cause local software to run on the computer, and if the local software has a vulnerability, then it may be exploited by the JavaScript. (As I understand it, JavaScript is these days the primary vector by which malicious software is installed on a computer.)

Another consideration is sneakernet. I do not want any ransomware nor other malicious software getting from the Internet to any of my computers, so I consider to be important vulnerabilities such as:
Quote:
CVE-2018-6791 An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5.12.0. When a vfat thumbdrive that contains `` or $() in its volume label is plugged in and mounted through the device notifier, it's interpreted as a shell command, leading to a possibility of arbitrary command execution. An example of an offending volume label is "$(touch b)" -- this will create a file called b in the home folder.
In my opinion, the method used for deploying Stuxnet could easily be used for deploying other malicious software. In a rather different situation, the malicious software was in the firmware of a printer, and it attacked the computer through the printer cable; these days the vector could also be: an external hard-drive, a USB WiFi device, an SD card, &c.

On a different topic, it appears that "plasma" was around before the "Plasma5" version. I am not familiar with either of them, however I see in the kde/tagfile for Slackware 14.2 "kdeplasma-addons" and "plasma-nm", and from this I deduce that some variety of "plasma" existed in at least some part of the KDE 4.14.3 software. So, I look with askance at the CVE vulnerabilities which mention plasma.

Also, I agree with "poprocks" when he points out, "I think what's often confusing is that for older software, sometimes we'll look at CVE databases and see that there are no new vulnerabilities reported, and assume that our software is therefore safe. The problem with that is that, with software that is explicitly EOL such as KDE4, vulnerabilities aren't being actively *looked for*, so IMO it should be assumed that the software is completely unsupported and *could* be completely insecure."

For me in my situation, I have neither the knowledge nor the time to fix KDE4. Also, I do not want to run Slackware-current, because its software churn is not reasonably compatible with my life (so, I am eagerly awaiting Slackware 14.3 or 15.0).
 
Old 05-03-2020, 11:11 AM   #13
ehartman
Senior Member
 
Registered: Jul 2007
Location: Delft, The Netherlands
Distribution: Slackware
Posts: 1,631

Rep: Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845Reputation: 845
Quote:
Originally Posted by baumei View Post
On a different topic, it appears that "plasma" was around before the "Plasma5" version. I am not familiar with either of them, however I see in the kde/tagfile for Slackware 14.2 "kdeplasma-addons" and "plasma-nm", and from this I deduce that some variety of "plasma" existed in at least some part of the KDE 4.14.3 software.
Yes, plasma was used as a tag for some of the later additions (and versions) to the KDE 4 desktop.
In 5 it got completely separated out from the rest of the KDE toolkit and applications, so it became the desktop name
Plasma 5 (the desktop, not called KDE anymore)
KDE 5 Frameworks
KDE 5 Applications
KDE Neon
etc, all different products with their own versioning
 
Old 05-03-2020, 03:22 PM   #14
bassmadrigal
LQ Guru
 
Registered: Nov 2003
Location: West Jordan, UT, USA
Distribution: Slackware
Posts: 6,961

Rep: Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641Reputation: 4641
Quote:
Originally Posted by baumei View Post
I realize I wrote "any computer which is ever used with the Internet", however to me this includes more than some people might expect --- and I was not thinking only of me and my computers (intending to have a thread which is useful to many people). For example, it is for most people a common occurrence to load a webpage with JavaScript code in it. According to my understanding JavaScript is able to cause local software to run on the computer, and if the local software has a vulnerability, then it may be exploited by the JavaScript. (As I understand it, JavaScript is these days the primary vector by which malicious software is installed on a computer.)
One of my goals was to point out that many of these bugs have nothing to do with connecting to the internet. If you use the software some of these vulnerabilities don't require any internet access. The javascript vulnerability above doesn't have any ability to get into the system, it can just do some minor things like add bookmarks for a website. This is why they rated the severity as minor.

Quote:
Originally Posted by baumei View Post
Another consideration is sneakernet. I do not want any ransomware nor other malicious software getting from the Internet to any of my computers, so I consider to be important vulnerabilities such as:
In my opinion, the method used for deploying Stuxnet could easily be used for deploying other malicious software. In a rather different situation, the malicious software was in the firmware of a printer, and it attacked the computer through the printer cable; these days the vector could also be: an external hard-drive, a USB WiFi device, an SD card, &c.
This is definitely a valid concern, but there are a lot more serious concerns with untrusted thumbdrives that has nothing to do with the software you run on your computer. You just flatout, should not plug in an untrusted device. The last time I plugged in a device that wasn't straight from the manufacturer was when my wife and I got our wedding photos back in 2014, but it came from our wedding photographer, so hardly untrusted.

Quote:
Originally Posted by baumei View Post
On a different topic, it appears that "plasma" was around before the "Plasma5" version. I am not familiar with either of them, however I see in the kde/tagfile for Slackware 14.2 "kdeplasma-addons" and "plasma-nm", and from this I deduce that some variety of "plasma" existed in at least some part of the KDE 4.14.3 software. So, I look with askance at the CVE vulnerabilities which mention plasma.
plasma-workspace did not exist in software form before Plasma5. I imagine some of it came from parts of KDE4, but that CVE is tied to plasma-workspace, so I imagine the same vulnerability doesn't exist in KDE4 or they would've mentioned the package it's tied to.

Quote:
Originally Posted by baumei View Post
Also, I agree with "poprocks" when he points out, "I think what's often confusing is that for older software, sometimes we'll look at CVE databases and see that there are no new vulnerabilities reported, and assume that our software is therefore safe. The problem with that is that, with software that is explicitly EOL such as KDE4, vulnerabilities aren't being actively *looked for*, so IMO it should be assumed that the software is completely unsupported and *could* be completely insecure."
This is also true. Less tested code is unlikely to see new bugs disclosed. But at the same time, KDE4 was used for quite some time before moving onto Plasma5, so it is reasonable to think that many bugs were found and fixed. It is also likely that the various nefarious people are there aren't going to be targeting KDE4 since many have already moved onto Plasma5, so it's less likely that unfound exploits would be found unless they also applied to Plasam5.

Quote:
Originally Posted by baumei View Post
For me in my situation, I have neither the knowledge nor the time to fix KDE4. Also, I do not want to run Slackware-current, because its software churn is not reasonably compatible with my life (so, I am eagerly awaiting Slackware 14.3 or 15.0).
This is the reason I don't like to run -current. I don't have the time to administer my computer as much as is needed to properly use -current. But I don't think you'd need to take the drastic measure of removing KDE4 just because some vulnerabilities exist for it. If they were serious enough to leave you wide open and not something you can work around, then maybe you should stop using it or uninstall it, but that isn't the case with the known vulnerabilities for KDE4. They either are minor issues or easy to workaround.
 
1 members found this post helpful.
Old 05-03-2020, 03:36 PM   #15
baumei
Member
 
Registered: Feb 2019
Location: USA; North Carolina
Distribution: Slackware!
Posts: 155

Original Poster
Rep: Reputation: 55
I was looking through the Slackware 14.2 package descriptions for KDE, and I found:
Code:
kde-baseapps: kde-baseapps (KDE core
kde-baseapps: applications and files)
kde-baseapps:
kde-baseapps: This package provides the
kde-baseapps: core applications and
kde-baseapps: infrastructure files for
kde-baseapps: the KDE Plasma Desktop.
and
Code:
kde-workspace: kde-workspace (KDE Plasma
kde-workspace: Desktop)
kde-workspace:
kde-workspace: This package provides the
kde-workspace: essential parts of the
kde-workspace: KDE Plasma Desktop that
kde-workspace: are presented to the user.
and
Code:
kdeplasma-addons: kdeplasma-addons (Plasma
kdeplasma-addons: addons for KDE)
kdeplasma-addons:
kdeplasma-addons: Plasmoids (or widgets)
kdeplasma-addons: for the KDE Plasma
kdeplasma-addons: Desktop shell.
and
Code:
kscreen: kscreen (KDE screen management)
kscreen:
kscreen: KScreen is the new screen
kscreen: management software for KDE
kscreen: Plasma Workspaces which tries
kscreen: to be as magic and automatic as
kscreen: possible for users with basic
kscreen: needs and easy to configure for
kscreen: those who want special setups.
and
Code:
oxygen-icons: oxygen-icons (Oxygen theme
oxygen-icons: for the KDE Plasma Desktop)
oxygen-icons:
oxygen-icons: Oxygen provides a complete
oxygen-icons: and modern icon theme for
oxygen-icons: KDE.
and
Code:
plasma-nm: plasma-nm (KDE
plasma-nm: networkmanagement applet)
plasma-nm:
plasma-nm: This package contains the KDE
plasma-nm: networkmanagement applet.
plasma-nm: This applet is written in QML
plasma-nm: and replaces the old widget
plasma-nm: based networkmanagement applet.
So, it appears to me that the CVE vulnerabilities mentioning "plasma" might include KDE4, depending on the version number of the particular piece of software.

Code:
darkstar$ cat /etc/slackware-version 
Slackware 14.2
darkstar$ ls /var/log/packages/ | grep workspace
kde-workspace-4.11.22-x86_64-4
darkstar$
Fooey. It appears that CVE-2018-6791, CVE-2018-6790, CVE-2015-1308, and CVE-2015-1307 all apply to "kde-workspace-4.11.22-x86_64-4".

Last edited by baumei; 05-04-2020 at 11:59 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: Latest KDE Security Vulnerabilities Are Patched in Ubuntu and Debian, Update Now LXer Syndicated Linux News 0 08-20-2019 03:29 AM
LXer: GNOME and KDE team up on the Linux desktop, docs for Nvidia GPUs open up, a powerful new way to scan for firmware vulnerabilities, and LXer Syndicated Linux News 0 08-17-2019 02:00 PM
NetBSD vulnerabilities Sep 17, lotsa... unSpawn *BSD 5 10-15-2002 03:59 PM
SANS/FBI Releases the Twenty Most Critical Internet Security Vulnerabilities jeremy Linux - Security 4 10-07-2002 06:37 PM
More BIND vulnerabilities jeremy Linux - Security 0 01-31-2001 08:29 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Distributions > Slackware

All times are GMT -5. The time now is 02:06 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration