Javier Muñoz

Betanzos (Spain)

Working at Igalia since 2006

Latest Updates

Javier Muñoz 08/08/2017

Building and running RISC-V Linux rev 1.9 on QEMU

My configuration and scripts to build and run the RISC-V Linux kernel (rev 1.9) on RISC-V QEMU. Running an unattended build ~$ wget javiermunhoz.com/.../risc-v-linux-on-qemu-scripts-rev-1.9.tar.gz ~$ tar zxvf...

Javier Muñoz 28/06/2017

AWS4 browser-based upload goes upstream in Ceph

Some days ago Matt committed the great Radek's effort to have a more coherent and structured scaffolding in the Ceph RGW auth subsystem supporting the differences among the available auth algorithms. As part of this effort and patchset related to the...

Javier Muñoz 16/06/2017

CVE-2017-7269 - Binary patch diffing

This Tuesday, Microsoft released additional updates for older platforms to protect against potential nation-state activity. Among the updates, the official patch fixing the CVE-2017-7269 vulnerability is available. This official patch is a good way to...

Javier Muñoz 17/04/2017

CVE-2017-7269 - IIS 6.0 WebDAV remote code execution

This blog post contains my technical notes on the Microsoft Internet Information Services (IIS) 6.0 WebDAV 'ScStoragePathFromUrl' buffer overflow vulnerability (CVE-2017-7269). While the root cause of this bug is a simple stack overflow, the public proof...

Javier Muñoz 16/12/2016

Ceph RGW AWS4 presigned URLs working with the Minio Cloud client

Some fellows are using the Minio Client (mc) as their primary client-side tool to work with S3 cloud storage and filesystems. As you may know, mc works with the AWS v4 signature API and it provides a modern alternative under the Apache 2.0 License to UNIX...