On 12/17/2010 12:00 PM, Thorsten Göllner wrote:
Hi,
I have installed Debian 5.0.7. Since 2 days my exim4 does not deliver
mails. I always get the message, that the mail is not routeable. I only
used dpkg-reconfigure exim4-config without touching one config file by
hand. I detected a log
On 12/17/2010 12:35 PM, Vladislav Kurz wrote:
On Friday 17 of December 2010, Thorsten Göllner wrote:
Hi,
I have installed Debian 5.0.7. Since 2 days my exim4 does not deliver
mails. I always get the message, that the mail is not routeable. I only
used dpkg-reconfigure exim4-config without
On 12/29/2010 03:34 AM, Account for Debian group mail wrote:
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following packages will be REMOVED
bind9 bind9-host bind9utils dnsutils libbind9-50 libisccfg50
The following packages will be upgraded:
On 12/30/2010 01:40 PM, Account for Debian group mail wrote:
Are you saying that dselect is no longer usefull on doing security
upgrades? I've been using dselect for over 15 years doing just that. The
only time I've used aptitude is for doing major version upgrades. If there
is a problem
On 24/08/11 08:53, Dirk Hartmann wrote:
Hi,
it is possible to dos a actual squeeze-apache2 with easy to forge
rage-requests:
http://lists.grok.org.uk/pipermail/full-disclosure/2011-August/082299.html
Apache-devs are working on a solution:
On 24/08/11 12:45, Andrea Zwirner wrote:
2011/8/24 Carlos Alberto Lopez Perez clo...@igalia.com
On 24/08/11 08:53, Dirk Hartmann wrote:
Hi,
it is possible to dos a actual squeeze-apache2 with easy to forge
rage-requests:
http://lists.grok.org.uk/pipermail/full-disclosure/2011-August
On 24/08/11 12:13, Carlos Alberto Lopez Perez wrote:
You can use the following redirect as a temporally workaround:
# a2enmod rewrite
RewriteEngine On
RewriteCond %{HTTP:Range} bytes=0-.* [NC]
RewriteRule .? http://%{SERVER_NAME}/ [R=302,L]
Sorry, the above redirect is wrong. It won't
On 24/08/11 14:12, Andrew McGlashan wrote:
Would that work for all websites of a Debian server if placed into a
file located in /etc/apache2/conf.d ?
Will other rewrites will be fine in the normal conf files for each website?
Thanks
It should not mess with another redirects that you
On 26/08/11 11:17, Christian Hammers wrote:
Hallo
Word is spreading that Request-Range: seems to be a synonym to Range: and
is similar vulnerable but not covered by the config snippets that were
proposed yesterday. So Gentlemen, patch again! :-(
Confirmed!.
Just modified the suggest
On 26/08/11 13:22, linbloke wrote:
Hello,
I'm curious as to why you suggest option 2 over option 1 from the Apache
advisory? My guess is that it is compatible with version 1.3 and 2.x and
that is has stronger enforcement of the syntax (by requiring ^bytes=)
rather than just 5 comma
https://lwn.net/Articles/467615/
[...]
Ideally, a table like the above should have no none entries at all.
There was no distributor without unpatched vulnerabilities, but some
clearly have more than others. It is, in particular, sad to see so many
missing updates in the Debian column. One could
--
~~~
Carlos Alberto Lopez Perez http://neutrino.es
Igalia - Free Software Engineeringhttp://www.igalia.com
~~~
signature.asc
Description: OpenPGP digital signature
On 05/02/12 22:52, Luk Claes wrote:
On 02/05/2012 05:23 PM, Carlos Alberto Lopez Perez wrote:
On 04/02/12 01:12, Luk Claes wrote:
On 02/03/2012 10:35 PM, Mario Antonio wrote:
Do you think that there will be a fix for Lenny even though
Lenny will be ending his life this weekend ?
It's
!
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=661502
--
~~~
Carlos Alberto Lopez Perez http://neutrino.es
Igalia - Free Software Engineeringhttp://www.igalia.com
extract the key easily from there.
Regards!
[1]
http://blog.neutrino.es/2011/unlocking-a-luks-encrypted-root-partition-remotely-via-ssh/
--
~~~
Carlos Alberto Lopez Perez http://neutrino.es
On 02/12/12 22:50, daniel curtis wrote:
Hi,
I would like to inform about a new stack-based buffer overflow
vulnerability for MySQL. The following CVEs have been assigned
to track this MySQL vulnerability:
CVE-2012-5611 MySQL (Linux) Stack based buffer overrun PoC Zeroday
CVE-2012-5612
On 13/01/13 21:36, Thijs Kinkhorst wrote:
-
Debian Security Advisory DSA-2605-1 secur...@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
January 13, 2013
On 01/10/14 13:28, Nikolay Hristov wrote:
Hello there,
I know that this is outdated debian release and it is in the archives
but I still have 6 servers running Lenny and I don't want to upgrade
them to newer versions for several reasons.
Any chance that we will get official debian package
On 04/10/14 06:44, Marko Randjelovic wrote:
On Wed, 01 Oct 2014 17:30:11 +0200
Carlos Alberto Lopez Perez clo...@igalia.com wrote:
On 01/10/14 13:28, Nikolay Hristov wrote:
Hello there,
I know that this is outdated debian release and it is in the archives
but I still have 6 servers
On 06/10/14 17:59, Marko Randjelovic wrote:
On Mon, 06 Oct 2014 03:25:27 +0200
Carlos Alberto Lopez Perez clo...@igalia.com wrote:
I have built patched packages for lenny. You can download them from here:
http://people.igalia.com/clopez/bash-shellshock-lenny/
If you are not willing
On 06/10/14 20:40, Simon Valiquette wrote:
Carlos Alberto Lopez Perez un jour écrivit:
Maybe your http client is unable to understand Content-Encoding: gzip ?
I downloaded the files from the provided location with Links2 web
browser. The file bash_3.2-4+deb5u1.dsc was a gzipped file. After
21 matches
Mail list logo
