;
/* Then go looking for hardware */
#if defined(__i386__) !defined(PC98)
if (via_feature_rng VIA_HAS_RNG) {
*systat = random_nehemiah;
}
#endif
}
--
Robert Millan
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject
Forwarding to the other lists from original thread...
Original Message
Subject: Re: Fwd: possible /dev/random compromise (misplaced trust in RDRAND /
Padlock entropy sources)
Date: Sun, 15 Dec 2013 20:53:19 +0100
From: Yves-Alexis Perez cor...@debian.org
To: Robert Millan r
to zero
to disable them.
Remove, switch to kfreebsd 10. Either that, or backport the fix from
kfreebsd 10.
I tend to favour removal. Releasing with two kernels is a PITA.
What does everyone else think? Is someone interested in having 9.2 in
jessie?
--
Robert Millan
--
To UNSUBSCRIBE
versions in Debian already have the fixed code, which replaces
random_adaptor_register() with live_entropy_source_register(), thereby
registering Via and Intel chips as entropy sources to be post
processed by Yarrow, rather than directly as random adaptors.
--
Robert Millan
. Hopefully soon,
because the exploit is due to be be demonstrated publicly tomorrow.
CCing debian-security. Hopefully someone will pick this up...
--
Robert Millan
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
suppose i could be missing something.
Fix uploaded to unstable and experimental.
debian-security: Patch is available in r3480 in glibc-bsd SVN (attached
for your convenience).
--
Robert Millan
Index: debian/changelog
===
--- debian
if security support is not available, I think it'd be a good idea to
have those generated. CCing debian-security (I think it's the appropiate
list for this request).
--
Robert Millan
The DRM opt-in fallacy: Your data belongs to us. We will decide when (and
how) you may access your data
be resolved in a better way in the future when
DAK has better support for handling this kind of situation.
--
Robert Millan
The DRM opt-in fallacy: Your data belongs to us. We will decide when (and
how) you may access your data; but nobody's threatening your freedom: we
still allow you to remove
On Fri, Mar 10, 2006 at 09:37:25PM +0100, Martin Schulze wrote:
For the unstable distribution (sid) this problem has been fixed in
version 1.4.2.2-1.
ITYM 1.4.2-1
--
Robert Millan
a href=http://linuxstolescocode.com/;SCO/a a
href=http://sco.com/;losers/ap
a href=http://www.whitehouse.gov
On Tue, Dec 14, 2004 at 05:03:01PM +0100, Martin Schulze wrote:
Adam Zabrocki discovered multiple buffer overflows in atari800, an
Atari emulator. In order to directly access graphics hardware, one of
the affected programs is installed setuid root. A local attacker
could exploit this
Hi!
Are we affected by this? I haven't seen any DSA.
On Mon, Sep 20, 2004 at 01:50:33PM +, FreeBSD Security Advisories wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
=
FreeBSD-SA-04:14.cvs.asc
direct your comments at the patch for dynamic
allocation I just sent instead.
--
Robert Millan
(Debra and Ian) (Gnu's Not (UNiplexed Information and Computing System))/\
(kernel of *(Berkeley Software Distribution))
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe
);
+free (rcname);
}
#if defined(IP_OPTIONS) defined(HAS_IPPROTO_IP)
Let me know if I screwed on something, we need to be extra careful with
standard packages during the freeze..
--
Robert Millan
(Debra and Ian) (Gnu's Not (UNiplexed Information and Computing System))/\
(kernel of *(Berkeley
of their packages in the Debian archive.
- Debian members who accessed a Debian machine from gnuftp are
encouraged to change their password.
--
Robert Millan
[..] but the delight and pride of Aule is in the deed of making, and
in the thing made, and neither in possession nor in his own mastery;
wherefore he
of their packages in the Debian archive.
- Debian members who accessed a Debian machine from gnuftp are
encouraged to change their password.
--
Robert Millan
[..] but the delight and pride of Aule is in the deed of making, and
in the thing made, and neither in possession nor in his own mastery
from debian-private:
On Mon, Aug 18, 2003 at 02:51:55AM +, Robert Millan wrote:
Hi there,
As you might have already heard, a root compromise, which presumably has been
there for two months, was recently detected in {ftp,alpha}.gnu.org
(read http://ftp.gnu.org/MISSING-FILES.README
[ Moving to debian-security ]
On Mon, Aug 18, 2003 at 12:35:44PM +1000, Russell Coker wrote:
On Mon, 18 Aug 2003 12:51, Robert Millan wrote:
2) Any unsigned sources in ftp.gnu.org could have been trojaned during
the March-July period, and most of GNU packages have their corresponding
[ Moving to debian-security ]
On Mon, Aug 18, 2003 at 12:35:44PM +1000, Russell Coker wrote:
On Mon, 18 Aug 2003 12:51, Robert Millan wrote:
2) Any unsigned sources in ftp.gnu.org could have been trojaned during
the March-July period, and most of GNU packages have their corresponding
Hi,
Just noticed this advisory, stating a remote vulnerability
in mozilla:
http://sec.greymagic.com/adv/gm001-ns/
It claims to affect 0.9.7+ but on 1.0 all it does
is crashing my browser.
Please CC to contact me, not subscribed.
--
Robert Millan
5 years from now everyone will be running
19 matches
Mail list logo