Cook [EMAIL PROTECTED] -
From: Kees Cook [EMAIL PROTECTED]
To: debian-perl@lists.debian.org
Cc: Mike Mattice [EMAIL PROTECTED], Zak B. Elep [EMAIL PROTECTED]
Subject: Re: RFS: libdevice-serialport-perl
Hello! This is a continuation of a thread started on d-mentors[1]. I'm
still waiting
Package: wnpp
Severity: wishlist
Owner: Kees Cook [EMAIL PROTECTED]
* Package name: mythtvfs-fuse
Version : 0.5.0
Upstream Author : Kees Cook [EMAIL PROTECTED]
* URL : http://outflux.net/software/pkgs/mythtvfs-fuse/
* License : GPL
Programming Lang: C
if there are incorrect (or missing) things in the list.
Thoughts?
Thanks,
-Kees
[1] https://bugs.launchpad.net/ubuntu/+source/glibc/+bug/305901
[2] http://sourceware.org/bugzilla/show_bug.cgi?id=7075
[3] http://article.gmane.org/gmane.linux.man/639
[4] http://people.ubuntu.com/~kees/sprintf-glibc/logs/
--
Kees
On Sun, Dec 28, 2008 at 01:51:45PM -0600, Steve Langasek wrote:
On Sun, Dec 28, 2008 at 12:42:46AM -0800, Kees Cook wrote:
samba
Another false positive, AFAICS:
$ pcregrep -rM 'sprintf\s*\(\s*([^,]*)\s*,\s*%s[^]*\s*,\s*\1\s*,' source
source/libads/kerberos.c: fname
? That would seem to have potential for reducing the number of
false positives.
I'd really love that too -- I just don't know how to modify the compiler to
do it. :)
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ
On Sun, Dec 28, 2008 at 10:27:16AM +, Neil Williams wrote:
On Sun, 28 Dec 2008 00:42:46 -0800 Kees Cook k...@outflux.net wrote:
In Debian, some tools already compile natively with -D_FORTIFY_SOURCE=2,
and some have Build-Depends on hardening-wrapper, which enables this
compiler flag
);
printf(%s\n,buf);
strcpy(buf,BAR);
snprintf(buf,sizeof(buf),%s%s,FOO,buf);
printf(%s\n,buf);
which returned
BAR
FOOFOO
Changing your code to sprintf (since snprintf unfortunately tends to be
in the minority still), the output for the first changes to FOOBAR.
--
Kees Cook
.
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On Thu, Jan 01, 2009 at 10:50:49AM -0800, Kees Cook wrote:
On Wed, Dec 31, 2008 at 07:01:44PM -0800, Nicholas Breen wrote:
While fixing one of the affected packages, I discovered that it was
using similarly problematic syntax to act as a strcat replacement of the
form 'sprintf(buf, %s\n
Package: wnpp
Severity: wishlist
Owner: Kees Cook [EMAIL PROTECTED]
* Package name: libpoe-component-sslify-perl
Version : 0.08
Upstream Author : Apocalypse [EMAIL PROTECTED]
* URL : http://search.cpan.org/~apocal/POE-Component-SSLify-0.08/
* License : Artistic
anyone have any good test harnesses we can try this on? I'd be
more than happy to run them on some modern hardware.
-Kees
--
Kees Cook
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
in the other thread: patches welcome.) I'd probably want it to be
nohardening, making compiles hardened by default. :)
-Kees
--
Kees Cook
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
and SuSE kernel patches also carry these
changes only for x86 and x86_64.
-Kees
[1]
http://git.kernel.org/?p=linux/kernel/git/x86/linux-2.6-x86.git;a=history;f=arch/x86/kernel/sys_x86_64.c;hb=mm
--
Kees Cook
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
] http://wiki.debian.org/Hardening
--
Kees Cook@outflux.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Wed, Mar 05, 2008 at 10:16:52AM +0100, Pierre Habouzit wrote:
On Wed, Mar 05, 2008 at 06:16:33AM +, Kees Cook wrote:
I finally got some time to run some benchmarks. I checked the results[1]
into the hardening svn tree, in case other people want to contribute
more stuff.
Thank
benchmarks
without SEM or sd reported.
Heh, well I know of the ideas, but haven't had any practice actually
calculating them.
Thanks!
-Kees
--
Kees Cook@outflux.net
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
, and the
bulk boot-time packaging bits is limited to the Ubuntu-only selinux
package they created.
Anyway, I just wanted to give some background history for all of this.
I don't want to suggest anyone should take anyone else's packaging. :)
-Kees
--
Kees Cook
object file. What tool can disassemble
this string?
I'm biased towards libdisasm's x86dis tool:
$ echo -e '\xb8\x12\x00\xcd\x10' | x86dis -r 0 5 -s att
B8 12 00 mov $0x0012, %ax
0003 CD 10 int $0x10
--
Kees Cook
-cve-tracker/trunk
[2] http://people.ubuntu.com/~ubuntu-security/cve/open.html
--
Kees Cook
Ubuntu Security Team
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Package: wnpp
Severity: wishlist
Owner: Kees Cook k...@debian.org
* Package name: duo-unix
Version : 1.5
Upstream Author : Duo Security
* URL : https://github.com/duosecurity/duo_unix
* License : GPL-2+
Programming Lang: C
Description : Duo Security two
Package: wnpp
Severity: wishlist
Owner: Kees Cook k...@debian.org
* Package name: apparmor
Version : 2.6.1
Upstream Author : AppArmor project members
* URL : http://apparmor.net/
* License : GPL-2, LGPL-2
Programming Lang: C, C++, Perl, Python
Description
Package: wnpp
Severity: wishlist
Owner: Kees Cook k...@debian.org
* Package name: scantool
Version : 1.21
Upstream Author : ScanTool.net LLC
* URL :
http://www.scantool.net/scantool/downloads/diagnostic-software/
* License : GPL-2+
Programming Lang: C
R_X86_64_JUMP_SLOT __memcpy_chk
006121c0 R_X86_64_JUMP_SLOT __stack_chk_fail
00612220 R_X86_64_JUMP_SLOT __sprintf_chk
00612230 R_X86_64_JUMP_SLOT __snprintf_chk
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email
Hi,
On Mon, Oct 26, 2009 at 01:36:28PM +0100, Florian Weimer wrote:
* Kees Cook:
I would like to propose enabling[1] the GCC hardening patches that Ubuntu
uses[2].
Seems a good idea to me. But I think we should defer the required
full archive rebuild until we've got the hardening patch
On Mon, Oct 26, 2009 at 11:14:25AM +0100, Bastian Blank wrote:
On Sun, Oct 25, 2009 at 11:55:25AM -0700, Kees Cook wrote:
I would like to propose enabling[1] the GCC hardening patches that Ubuntu
uses[2].
How do they work? Do they also change the free-standing compiler or only
the hosted
Hi,
On Tue, Oct 27, 2009 at 01:30:12PM -0200, Henrique de Moraes Holschuh wrote:
On Mon, 26 Oct 2009, Gabor Gombas wrote:
On Mon, Oct 26, 2009 at 11:14:25AM +0100, Bastian Blank wrote:
On Sun, Oct 25, 2009 at 11:55:25AM -0700, Kees Cook wrote:
I would like to propose enabling[1] the GCC
Hi,
On Tue, Oct 27, 2009 at 10:19:22PM -0200, Henrique de Moraes Holschuh wrote:
On Tue, 27 Oct 2009, Kees Cook wrote:
It seems the kernel will not be happy if the stack protector is switched
on unconditionally:
http://osdir.com/ml/linux-kernel/2009-10/msg07064.html
On Thu, Oct 29, 2009 at 10:01:08PM -0200, Henrique de Moraes Holschuh wrote:
On Tue, 27 Oct 2009, Kees Cook wrote:
On Mon, Oct 26, 2009 at 11:14:25AM +0100, Bastian Blank wrote:
On Sun, Oct 25, 2009 at 11:55:25AM -0700, Kees Cook wrote:
I would like to propose enabling[1] the GCC
Hi,
On Tue, Nov 24, 2009 at 09:38:41PM +0100, Moritz Muehlenhoff wrote:
On 2009-11-05, Kees Cook k...@debian.org wrote:
This would certainly be better than nothing, and better than the
hardening-wrapper package, but it would require that every package in
Debian be modified to respect
[dropped debian-gcc from the CCs as this is probably rather off topic now]
Hi Petter,
On Mon, Dec 21, 2009 at 08:16:08AM +0100, Petter Reinholdtsen wrote:
[Kees Cook]
As an example, I have a debdiff against openssh to use it:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561887
Hi Henrique,
On Thu, Dec 24, 2009 at 03:25:32PM -0200, Henrique de Moraes Holschuh wrote:
On Thu, 24 Dec 2009, Kees Cook wrote:
That's certainly a viable plan. This is kind of the approach we took in
Ubuntu for the PIE feature. We also considered packages with a less than
stellar
On Thu, Dec 24, 2009 at 12:23:01PM +0100, Stefan Fritsch wrote:
On Thu, 24 Dec 2009, Kees Cook wrote:
With the new package, the arch-specific logic for hardening defaults
is in one place, and a maintainer can selectively disable anything they
don't want on by default.
This might be a good
Hi,
On Wed, Jan 06, 2010 at 11:01:01AM +0800, Paul Wise wrote:
On Wed, Jan 6, 2010 at 9:20 AM, Kees Cook k...@debian.org wrote:
There is a maintained (by RedHat) patch for dealing with PIE. I already
maintain a delta for this in Ubuntu, but as you can see in the gdb bug,
the gdb
Package: wnpp
Severity: wishlist
Owner: Kees Cook [EMAIL PROTECTED]
* Package name: mp3cd
Version : 1.25
Upstream Author : Kees Cook [EMAIL PROTECTED]
* URL : http://outflux.net/software/pkgs/mp3cd/
* License : GPL
Programming Lang: Perl
Description
Package: wnpp
Severity: wishlist
Owner: Kees Cook [EMAIL PROTECTED]
* Package name: orbital-eunuchs-sniper
Version : 1.30+svn20060923
Upstream Author : Zachary J. Slater [EMAIL PROTECTED]
* URL : http://www.icculus.org/oes/
* License : zlib
Programming Lang
-emulation
http://git.kernel.org/?p=linux/kernel/git/frob/linux-2.6-roland.git;a=shortlog;h=refs/heads/fedora/32bit-mmap-exec-randomization
(this one is still missing one additional patch from me...)
[2]
https://wiki.ubuntu.com/SecurityTeam/Roadmap/KernelHardening#Upstream%20Hardening
--
Kees
Hi,
On Thu, Nov 18, 2010 at 08:37:44PM +0100, Julien Cristau wrote:
On Thu, Nov 18, 2010 at 11:23:39 -0800, Kees Cook wrote:
On Thu, Nov 11, 2010 at 13:52:12 +, maximilian attems wrote:
LSM: Enable AppArmor? as well as/instead of Tomoyo
script, which
would be nice to merge into lintian somehow.
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http
with the command line arguments needs to enable each feature too.
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http
On Mon, Sep 05, 2011 at 07:42:30PM +0200, Moritz Mühlenhoff wrote:
I'm thinking of something along the lines of
all pkgs with priority = standard and all pkgs which had a DSA in the last
five years as specific, important sub goals.
Sounds good, I'm happy to help as well.
-Kees
--
Kees Cook
On Tue, Sep 06, 2011 at 04:01:04PM +, The Fungi wrote:
On Mon, Sep 05, 2011 at 02:22:39PM -0700, Kees Cook wrote:
[...]
It might be better to extend it further, like all network daemons
using dpkg-buildflags properly and enabling PIE
[...]
And since many network daemons
/debian-devel/2011/09/msg00071.html
[5]
http://anonscm.debian.org/viewvc/secure-testing/hardening/subgoal-important.txt?view=log
http://anonscm.debian.org/viewvc/secure-testing/hardening/subgoal-dsa.txt?view=log
--
Kees Cook@debian.org
Hi,
On Tue, Sep 13, 2011 at 07:24:10PM -0400, Michael Gilbert wrote:
On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote:
[1] http://wiki.debian.org/Hardening
You mean http://wiki.debian.org/ReleaseGoals/Hardening ?
It looks like we're duplicating wiki work. The page I created
yesterday
On Tue, Sep 13, 2011 at 07:01:13PM -0400, Michael Gilbert wrote:
On Tue, 13 Sep 2011 15:38:29 -0700 Kees Cook wrote:
I would like to propose a release goal of enabling hardening build flags[1]
for all C/C++ packages in the archive[2].
I think all C/C++ packages is an impossibility
/control, compat for
the build system or hardening-wrapper use, and maybe build log analysis and
it'd be good to go.
-Kees
[1] http://wiki.debian.org/ReleaseGoals/SecurityHardeningBuildFlags
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian
, so when converting, please continue to
build with PIE and bindnow. :)
Thanks!
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On Wed, Sep 28, 2011 at 10:52:15PM +0300, Riku Voipio wrote:
On Tue, Sep 27, 2011 at 06:01:54PM -0700, Kees Cook wrote:
Just to be explicit, PIE tends to have small (1%) performance hits on
register-starved architectures (i386) in most cases, for for certain work
loads (e.g. python) the hit
On Wed, Sep 28, 2011 at 11:38:06PM +0200, Mike Hommey wrote:
On Wed, Sep 28, 2011 at 10:52:15PM +0300, Riku Voipio wrote:
On Tue, Sep 27, 2011 at 06:01:54PM -0700, Kees Cook wrote:
Just to be explicit, PIE tends to have small (1%) performance hits on
register-starved architectures (i386
On Thu, Sep 29, 2011 at 06:41:29AM +0900, Charles Plessy wrote:
Le Tue, Sep 27, 2011 at 06:01:54PM -0700, Kees Cook a écrit :
On Fri, Sep 23, 2011 at 08:17:54AM +0200, Raphael Hertzog wrote:
Two hardening features are not enabled by default: PIE and bindnow.
If your package supports
in some way. (Yet another
config to list the config scripts?) Or, I guess, just ignore this
problem since it's only a problem in source-format-1.
- Export DEB_* environment variables to the script. This really feels
like the missing piece to me.
-Kees
--
Kees Cook
DEB_HOST_MULTIARCH in the config-scripts,
unfortunately.
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http
://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651966
Which means there's no way sort of calling dpkg-buildflags directly to get
a fully hardening build using only CDBS. :(
What's the right way forward to have CDBS and dpkg-buildflags play nice
together? :)
Thanks,
-Kees
--
Kees Cook
On Wed, Dec 14, 2011 at 10:48:00AM +0700, Jonas Smedegaard wrote:
On 11-12-13 at 03:10pm, Kees Cook wrote:
Notably, I'm curious about this:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=651964
I think this is broken behavior on CDBS's part, and that the some
packages mentioned
did for the Lucid LTS release that was getting backported kernels (with
link restrictions) built for it.
-Kees
[1]
http://anonscm.debian.org/gitweb/?p=collab-maint/at.git;a=commitdiff;h=f4114656c3a6c6f6070e315ffdf940a49eda3279
--
Kees Cook@debian.org
. That way it's becomes trivial to
answer how was this built? and all these crapy heuristic checks that
get thrown away. In the mean time, I'll continue to work on the crappy
heuristic checks. ;)
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email
arch without mmap ASLR
also has no text (PIE) ASLR.)
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: http
NX for sure, full ASLR in a large memory
space, stack protector, and the libc fortifications in place. It'll
always be an arms race, but why knowingly be behind? :)
-Kees
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ
On Fri, Mar 02, 2012 at 09:12:16AM +0100, Mike Hommey wrote:
On Thu, Mar 01, 2012 at 09:58:23PM -0800, Russ Allbery wrote:
Kees Cook k...@debian.org writes:
Speaking to the false positives problem, I've discussed with some people
the idea of having build flags be included in some sort
On Fri, Mar 02, 2012 at 07:41:25PM +0100, Julian Taylor wrote:
On 03/02/2012 05:53 PM, Kees Cook wrote:
On Fri, Mar 02, 2012 at 09:12:16AM +0100, Mike Hommey wrote:
On Thu, Mar 01, 2012 at 09:58:23PM -0800, Russ Allbery wrote:
Kees Cook k...@debian.org writes:
Speaking to the false
On Fri, Mar 02, 2012 at 07:25:25PM +0100, Moritz Mühlenhoff wrote:
Kees Cook k...@debian.org schrieb:
In the mean time, I'll continue to work on the crappy
heuristic checks. ;)
Shall we move hardening-check to devscripts, now that
dpkg-buildflags slowly trickles into standard Debian
/Hardening#Validation
[3]
http://www.chiark.greenend.org.uk/ucgi/~cjwatson/blosxom/debian/2010-07-10-debhelper-statistics-redux.html
--
Kees Cook@debian.org
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject
On Sun, Apr 01, 2012 at 05:24:00PM +0800, Paul Wise wrote:
On Sun, Apr 1, 2012 at 3:49 PM, Kees Cook wrote:
I'm going to work on getting this graphed daily, like the debhelper
statistics[3].
If you do, please add that to the statistics wiki page:
http://wiki.debian.org/Statistics
Ah-ha
On Sun, Apr 01, 2012 at 12:49:37AM -0700, Kees Cook wrote:
I'm going to work on getting this graphed daily
I've now added[1] the graphs[2]. In a few weeks, it'll be easier to see
the slopes. :)
-Kees
[1] http://wiki.debian.org/Statistics
[2] http://outflux.net/debian/hardening/
--
Kees Cook
Package: wnpp
Severity: wishlist
Owner: Kees Cook k...@debian.org
* Package name: libseccomp
Version : 0.1.0
Upstream Author : Paul Moore pmo...@redhat.com
* URL : https://sourceforge.net/projects/libseccomp/
* License : LGPLv2
Programming Lang: C
work at run time to verify the arguments, and you're clear to put
in a lintian override.
-Kees
--
Kees Cook@outflux.net
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
On Wed, Jun 20, 2012 at 12:56:21PM -0700, Kees Cook wrote:
If you're building with -O1 (or higher) and -D_FORTIFY_SOURCE=2, the
compiler is always always going to be doing the right thing. :)
Heh, this was supposed to read almost always. :P
--
Kees Cook
inclusion of /usr/share/hardening-includes/hardening.make
Instead, if eglibc continues to remain unfixed, you can replace the
buggy sprintf calls with the suggestions listed in my original mass
bug-filing email above.
-Kees
--
Kees Cook@debian.org
On Sat, Sep 21, 2013 at 02:46:34PM +0200, Bas Wijnen wrote:
On Fri, Sep 20, 2013 at 10:12:16PM -0700, Kees Cook wrote:
This is absolutely a bug in glibc. While the spec can say undefined, it
is, in fact, not undefined. It worked in a very specific way for over a
decade, so that's pretty
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 592846 592847
Changes:
hardening-wrapper (1.30) unstable
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Changes:
hardening-wrapper (1.31) unstable; urgency=low
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 18 Jan 2011 08:17:41 -0800
Source: mp3cd
Binary: mp3cd
Architecture: source all
Version: 1.27.0-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 579409
Changes:
hardening-wrapper (1.29) unstable; urgency
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Fri, 29 Jan 2010 10:00:09 -0800
Source: dosemu
Binary: dosemu
Architecture: source amd64
Version: 1.4.0+svn.1999-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - experimental compiler wrapper to enable security hardening
flags
Closes: 567707
Changes:
hardening-wrapper (1.23
PGP SIGNATURE-
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Kees Cook k...@outflux.net
iEYEARECAAYFAktky00ACgkQH/9LqRcGPm0U2gCfYhQmP34LKnbqWMhfYFAHFxvx
rQwAoIURXUxWD0UnajGCQeeCS+IgrG5Q
=C5Al
-END PGP SIGNATURE-
Accepted:
debfoster_2.7-1.1.diff.gz
to main/d/debfoster/debfoster_2.7-1.1
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - experimental compiler wrapper to enable security hardening
flags
Closes: 568622
Changes:
hardening-wrapper (1.24
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - experimental compiler wrapper to enable security hardening
flags
Closes: 564840
Changes:
hardening-wrapper (1.22
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 20 Jun 2010 14:17:14 -0700
Source: flex
Binary: flex flex-doc
Architecture: source amd64 all
Version: 2.5.35-9.1
Distribution: unstable
Urgency: low
Maintainer: Manoj Srivastava sriva...@debian.org
Changed-By: Kees Cook k
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 586215
Changes:
hardening-wrapper (1.28) unstable; urgency
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 20 Jun 2010 19:16:42 -0700
Source: libdisasm
Binary: libdisasm-dev libdisasm0 x86dis
Architecture: source amd64
Version: 0.23-3
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 20 Jun 2010 19:52:00 -0700
Source: mp3cd
Binary: mp3cd
Architecture: source all
Version: 1.26.1-4
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 20 Jun 2010 18:33:07 -0700
Source: mythtvfs-fuse
Binary: mythtvfs
Architecture: source amd64
Version: 0.6.1-2
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Sun, 20 Jun 2010 20:49:16 -0700
Source: dosemu
Binary: dosemu
Architecture: source amd64
Version: 1.4.0+svn.1999-2
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Format: 1.8
Date: Mon, 21 Jun 2010 15:41:28 -0700
Source: libdisasm
Binary: libdisasm-dev libdisasm0 x86dis
Architecture: source amd64
Version: 0.23-4
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k
Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
orbital-eunuchs-sniper - An anti-terrorist, pro-Eunuchs, satellite sniping game
orbital-eunuchs-sniper-data - game data files for the game Orbital Eunuchs
Sniper
Changes:
orbital-eunuchs-sniper (1.30+svn20070601-2
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Changes:
hardening-wrapper (1.25) unstable; urgency=low
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 578488
Changes:
hardening-wrapper (1.27) unstable; urgency
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 574716
Changes:
hardening-wrapper (1.26) unstable; urgency
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 587358 596150
Changes:
hardening-wrapper (1.32) unstable
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 28 May 2011 06:57:37 -0700
Source: scantool
Binary: scantool
Architecture: source amd64
Version: 1.21+dfsg-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Wed, 22 Jun 2011 22:27:26 -0700
Source: scantool
Binary: scantool
Architecture: source amd64
Version: 1.21+dfsg-2
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
-libapparmor
Architecture: source amd64 all
Version: 2.6.1-2
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-notify
-libapparmor
Architecture: source amd64 all
Version: 2.6.1-3
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-notify
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Sat, 07 May 2011 05:06:42 -0700
Source: dosemu
Binary: dosemu
Architecture: source amd64
Version: 1.4.0+svn.2008-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Tue, 12 Apr 2011 16:13:44 -0700
Source: duo-unix
Binary: libpam-duo login-duo libduo1 libduo-dev
Architecture: source amd64
Version: 1.5-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Fri, 15 Apr 2011 13:16:33 -0700
Source: duo-unix
Binary: libpam-duo login-duo libduo1 libduo-dev
Architecture: source amd64
Version: 1.5-2
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
Format: 1.8
Date: Thu, 12 May 2011 02:28:22 -0700
Source: dosemu
Binary: dosemu
Architecture: source amd64
Version: 1.4.0+svn.2010-1
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
-libapparmor
Architecture: source amd64 all
Version: 2.6.1-4
Distribution: unstable
Urgency: low
Maintainer: Kees Cook k...@debian.org
Changed-By: Kees Cook k...@debian.org
Description:
apparmor - User-space parser utility for AppArmor
apparmor-docs - Documentation for AppArmor
apparmor-notify
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Changes:
hardening-wrapper (1.33) unstable; urgency=low
...@lists.alioth.debian.org
Changed-By: Kees Cook k...@debian.org
Description:
hardening-includes - Makefile for enabling compiler flags for security
hardening
hardening-wrapper - Compiler wrapper to enable security hardening flags
Closes: 635642
Changes:
hardening-wrapper (1.34) unstable
1 - 100 of 245 matches
Mail list logo