Bug#1010314: ca-certificates: Executable search ordering for OpenSSL?

Package: ca-certificates Version: 20210119 Severity: normal X-Debbugs-Cc: s.egb...@sbcglobal.net Dear Maintainer, A group of auditors were reviewing the CA inclusion process and have examined the `update-ca-certificates` and its code. This issue is not about the PKI nor its certificate

Bug#995793: Info received (Bug#995793: exim4-base: /tmp partition has noexec mount option; exim4-base fails)

Actual workaround is to remove ‘noexec” from both /tmp and /var. Tested it working without “noexec” mount options on ‘apt upgrade exim4-base’ to versio ‘4.94.2-7’ This makes it like a major work-stoppage of dealing with 1,000s of those hardened Debian systems. > On Oct 5, 2021, at 4:00 PM,

Bug#995793: exim4-base: /tmp partition has noexec mount option; exim4-base fails

workaround of removing ‘noexec’ from /tmp partition in /etc/fstab still doesn’t work. 00 [TERM="linux" TTY="/dev/tty1" COLUMNS="80" LINES="25"] [?2004hroot@circa:~# apt upgrade exim4-base [?2004l Reading package lists... 0% Reading package lists... 100% Reading package lists... Done

Bug#995793: exim4-base: /tmp partition has noexec mount option; exim4-base fails

WORKAROUND Remove the “no exec” from /tmp mount point options in /etcfstab, reboot, then attempt ‘apt upgrade exim4-base’ so that Perl script for ‘exam-config’ can continue. OUTPUT of failed upgrade: ~# apt upgrade exim4-base [?2004l Reading package lists... 0% Reading package lists...

Bug#995260: chrony: Mismatched filename for UNIX socket between client and daemon

There is still a Mismatched SOCK filespec implemented by chronyd and chronyc. The saving grace was that loopback network interface hid this bug very well and saved the day for nearly everyone (who is not an expert Chronyd configurer)... That is, until the directive 'cmddeny 127.0.0.1' is

Bug#995207: chrony: Using 'bindacqdevice' directive causes a SIGSYS error

. > > After having stopped chronyd, please run the command below when using the > 'bindacqdevice' directive and attach the chronyd_debug.txt file. > > # strace -o chronyd_debug.txt chronyd -d -F -1 OK, I did some more testing on my so-called fix: SO_BINDTOADDRESS define statement made no

Bug#995207: chrony: Using 'bindacqdevice' directive causes a SIGSYS error

t 9:10 AM, Vincent Blut wrote: > > Le 2021-09-28 12:54, S Egbert a écrit : >> Trying attachment again. > > Thanks. To see what happens when blocking only a small number of specific > syscalls, could you please run the following command and attach the > chronyd-debug.

Bug#995207: chrony: Using 'bindacqdevice' directive causes a SIGSYS error

Summary: The syscall filter daemon option flag -F is the cure. Using '-F 0' to disable the syscall filter works. No other settings are workable. A summary table: Chrony -- daemon flags used -- Version -F0 -F1 -F-1 --- -- -- -- 4.0-9ok SIGSYS SIGSYS

Bug#995207: chrony: Using 'bindacqdevice' directive causes a SIGSYS error

>> Trying attachment again. > > Thanks. To see what happens when blocking only a small number of specific > syscalls, could you please run the following command and attach the > chronyd-debug.txt file? > > # timeout 10 strace -o chronyd-debug.txt -e trace=setsockopt chronyd -d -F 2

Bug#995260: closed by Vincent Blut (Re: Bug#995260: chrony: Mismatched filename for UNIX socket between client and daemon)

so why did it not use the Unix socket but fell back to 127.0.0.1 approach? i wonder what happens if i do ‘cmddeny all’?

Bug#995207: Acknowledgement (chrony: Using 'bindacqdevice' directive causes a SIGSYS error)

Trying attachment again. It failed under iPhone 14.5. Should succeed with Thunderbird/macOS # ps auxwww | grep chronyd _chrony 3597 0.0 0.0 18972 3696 ?S11:00 0:00 /usr/sbin/chronyd -F 1 -L 0 _chrony 3598 0.0 0.0 10780 2984 ?S11:00 0:00

Bug#836902: libpam0g-dev: Missing develop-variant of libpam0g 1.1.8-3.2 package

On Tue, 06 Sep 2016 20:32:46 -0400 Steve Egbert wrote: Workaround to this is to downgrade the main libpam0g package to meet the dev-package's version: sudo apt-get install libpam0g=1.1.8-3.1+deb8u1+b1 > > The following packages have unmet dependencies: >

Bug#777683: e1000e driver, empty TX queue after IP drop causes dev_watchdog

I too have the same problem on Debian as 3 others do. As a former Ethernet driver developer, I noticed that the queue is empty when the interrupt was fired. And that it appeared hung in the Linux qdisc portion at Interrupt context, to a point of having watchdog timer expiring. My relevant