Re: Upcoming changes to Debian Linux kernel packages

herve writes: > concerning the linux-headers. may i explain what happend to me. > > I reinstalled a debian 11.6 some months ago. and last week i had to > make virtualbox functioning again. it had to "compile" some kernel > modules and need some "headers". my kernel (from the install is  >

Re: CVE-2021-31879 | CVE-2021-38371 | CVE-2016-2781| fixed packages

Sujeet Roy writes: > Could you please provide us the deadline when we can can get the fixed > packages for below packages : > > CVE-2021-31879 > CVE-2021-38371 > CVE-2016-2781 I believe this is answered on https://www.debian.org/security/faq#cvedsa which is pointed to from both

Re: Bullseye security.debian.org codename misconfigured?

Stefan Fritsch writes: > # cat /etc/apt/apt.conf.d/11-default-release > APT::Default-Release "bullseye"; Just don't do that. It breaks all normal preferences and will end up preferring "bullseye" over anything else. Including "bullseye-security". Use preferences instead if you need to tweak

Re: /home/loser is with permissions 755, default umask 0022

Your question(?) is answered by the FAQ in https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html Bjørn

Re: debcheckroot v2.0 released

Paul Wise writes: > On Wed, Apr 1, 2020 at 6:01 PM vi...@vheuser.com wrote: > >> Did the discussion of continuing support for DANE end?? > > In case I mislead anyone, a clarification: > > Debian itself isn't going to actively work on removing support for > DANE from anything nor removing our

Re: [DSA 3970-1] emacs24 security update

Moritz Muehlenhoff writes: > Package: emacs24 > CVE ID : not yet available > > Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code > execution when rendering text/enriched MIME data (e.g. when using > Emacs-based mail clients). > > For the

Re: Spoofed my Bind 9.7.3 on Debian?

OLCESE, Marcelo Oscar. molc...@ancal.com.ar writes: Since 08 May to date I have many daily log of my BIND 9.7.3 This one run on Debian 6. Any ideas? It's a DDoS attack against the addresses you see as clients in the log. The source addresses are spoofed, and the idea is to make your name

Re: [DSA 2058-1] New glibc packages fix several vulnerabilities

Aurelien Jarno aure...@debian.org writes: For the unstable distribution (sid), these problems has been fixed in version 2.1.11-1 of the eglibc package. The version should probably be 2.11.1-3 ? Bjørn -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of

Re: Broken signature for DSA-2040-1

Francesco Poli f...@firenze.linux.it writes: The fact is that I didn't perform any pasting: even running gpg --verify directly on the message file fails (Sylpheed stores e-mail messages in MH format, hence each message is on a separate file). I received the message encoded as

Re: Cleanup portsentry's iptables rules

Henrique de Moraes Holschuh h...@debian.org writes: I really wish IPSET was merged upstream, but it must be lacking something fundamental to earn that right (IPv6 support, perhaps?), since it has been around for a long time now, and it is fully maintained. I believe the upstream plan is to

Re: [DSA 1663-1] New net-snmp packages fix several vulnerabilities

[EMAIL PROTECTED] (Thijs Kinkhorst) writes: For the testing distribution (lenny) and unstable distribution (sid) these problems have been fixed in version 5.4.1~dfsg-11. We recommend that you upgrade your net-snmp package. Maybe someone could massage the dependencies into testing as well?

Re: apt-get may accept inconsistent data

Stefan Tichy [EMAIL PROTECTED] writes: On Mon, May 05, 2008 at 01:03:33AM +0200, Goswin von Brederlow wrote: I ment what Release file. Because the etch security one does have the md5sums of Packages in it. This has been modified too and the md5sum listed for the packages file has changed.

Re: Is oldstable security support duration something to be proud of?

Lee Glidewell [EMAIL PROTECTED] writes: On Monday 10 March 2008 07:54:32 pm Rich Healey wrote: For what it's worth, I'm proud of you guys. I do volunteer work for a much smaller project, and it's hard but satisfying. +1. Given that Debian is maintained by volunteers, and that it has one

Re: How about carrying this list on gmane?

Johannes Graumann [EMAIL PROTECTED] writes: How am I supposed to guess that 'devel' refers to the general? http://gmane.org/find.php?list=debian-security%40lists.debian.org Bjørn -- Save the cruise missiles -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe.

Re: sendmail-bin: uninstallable due to unavailable libsasl2 (= 2.1.19.dfsg1)

And if you just install libsasl2 2.1.19.dfsg1 from DSA 1155-2, you end up with a number of other failing dependecies: canardo:/tmp# apt-get dist-upgrade Reading Package Lists... Done Building Dependency Tree... Done You might want to run `apt-get -f install' to correct these. The following

Bogus DNS data from several debian.org authoritative servers

First, not so serious, but still an error: All debian.org servers have a mismatch between the delegation and the served data, adding samosa.debian.org as autoritative (I know samosa is listed as primary in the SOA record, but it need not, and should not, be listed as autoritative as long as it's

Re: WTF: Debian security, ex. Linux kernel vulnerabilities

Andreas Barth [EMAIL PROTECTED] writes: * Bob Tanner ([EMAIL PROTECTED]) [050920 16:39]: Same here. Reach out to the community and let us help. Well, the basic problem with mirrors is: * How can we be sure that all mirrors are synced _very_ fast? We will probably get more negative

Re: iptables connlimit

Adrian Minta [EMAIL PROTECTED] writes: and a module ipt_limit.ko exist in the kernel directory ( 2.6.8-2-k7) ipt_limit != ipt_connlimit You are probably lacking kernel support for ipt_connlimit. It's not part of the Linux kernel yet, and I guess the connlimit patch isn't in Debian kernels