I was reading this [1] article and it brought a question do my mind: How
hard would it be for the FBI or the NSA or the CIA to have a couple of
agents infiltrated as package mantainers and seeding compromised packages
to the official repositories?
Could they submit an uncompromised source and
I am really sorry if you think it's rude to start a topic here without
subscribing. I thought that it was acceptable, since a lot of people do it
in debian-users (I know it has a lot more volume than this one) and it's
the default action when you click on Reply to All in most clients (well,
On Sun, Aug 4, 2013 at 2:55 PM, Michael Stone mst...@debian.org wrote:
On Sun, Aug 04, 2013 at 10:12:40AM +0200, Heimo Stranner wrote:
I think the real issue is about if the malicious patch is not part of
the source package
Why? It certainly makes your argument simpler if you arbitrarily
On Mon, Aug 5, 2013 at 9:17 AM, intrigeri intrig...@debian.org wrote:
I need a reality check, as it's unclear to me what are the goals of
this discussion.
I don't think there are any goals. I asked it just to understand if it
would be possible to do what I was thinking (apparently, it is) and
Hello everyone,
Before Wheezy release we could find a web site, which
contained notices about update as many packages as
possible to use security hardening build flags via
'dpkg-buildflags'. Also, there could be found a note about
packages that should have build flags enabled before
the Wheezy
Hi Moritz,
90 percent of the hardening via '*dpkg-buildflags*'? That's
a good information. I'd hoped, that the majority of all base
packages and that's security-sensitive will be protected
well. It's really a huge satisfaction.
One more thing - does Debian include something like e.g.
Ubuntu or
Hello everyone,
Michael web site with a statistic I've watching for time to
time. Also *Debian* Hardening wiki page I studied a couple of
time.
**
*There is a lintian check for setuid binaries (...) ***
* There isn't really any group effort tackling or monitoring ***
* the assortment of useful
Hello everyone
Thanks for yours opinions. Yes, I know that AppArmor is
available in Debian. That's good. It's just fine, that there
is a possibilities to choose between SELinux and AppArmor.
Unfortunately, I can help only with creating profiles for a
various applications. For now, I'm trying to
Unsubscribe
Daniel
On Feb 8, 2014 1:00 AM, Florian Weimer f...@deneb.enyo.de wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
- -
Debian Security Advisory DSA-2856-1 secur...@debian.org
http
On 2 March 2014 10:53:51 WET, Jack j...@jackpot.uk.net wrote:
Systemd scares me. As far as I can see it does a lot of things right
(in
some cases these are things that no other contender does right); I'm
not
going to try to enumerate those things, that's been one elsewhere. But
the way systemd has
Die CVE-2014-0196 is wel interessant
Local kernel DoS || privilege escalation
Original message
From: Moritz Muehlenhoff j...@debian.org
Date: 12/05/2014 17:59 (GMT+01:00)
To: debian-security-annou...@lists.debian.org
Subject: [SECURITY] [DSA 2926-1] linux security update
Just filed a bug: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770105
cheers
daniel
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/546bc6d3.9040
it would help avoid situations where the package
needs to be recompiled to deal with security patching and therefore
reduce the burden on the security updates process.
If it will help the release team, is there anybody from the security
team who could review the changes in my debdiff?
Regards,
Daniel
On 08/12/14 10:20, Adam D. Barratt wrote:
On Mon, 2014-12-08 at 09:16 +0100, Daniel Pocock wrote:
[...]
If it will help the release team, is there anybody from the security
team who could review the changes in my debdiff?
Note that debian-security@lists.debian.org is not a contact address
On 08/12/14 10:48, Thijs Kinkhorst wrote:
Hi Daniel,
On Mon, December 8, 2014 09:16, Daniel Pocock wrote:
I've made some changes to TLS code in reSIProcate
- setting OpenSSL's SSL_OP_NO_SSLv3 by default when using SSLv23_method()
- adding configuration options to override the options
On 08/12/14 11:12, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 09:16:45AM +0100, Daniel Pocock wrote:
Hi all,
I've made some changes to TLS code in reSIProcate
- setting OpenSSL's SSL_OP_NO_SSLv3 by default when using SSLv23_method()
This has no effect in jessie. SSLv2 and SSLv3
On 08/12/14 12:04, Thijs Kinkhorst wrote:
On Mon, December 8, 2014 11:17, Daniel Pocock wrote:
In the library package (libresiprocate-1.9.deb) there is no default
SSL/TLS mode. It uses whatever the project using the library selects.
If some developer wants to enable dynamic selection of TLS
On 08/12/14 12:36, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 11:42:28AM +0100, Daniel Pocock wrote:
On 08/12/14 11:12, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 09:16:45AM +0100, Daniel Pocock wrote:
Hi all,
I've made some changes to TLS code in reSIProcate
- setting OpenSSL's
On 08/12/14 13:53, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 01:20:39PM +0100, Daniel Pocock wrote:
Just one other point: if somebody is trying sending the client hello
using SSL v2 record layer but indicating support for TLS v1.0, should
TLSv1_method or SSLv23_method accept that?
I would
On 08/12/14 18:58, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 02:35:00PM +0100, Daniel Pocock wrote:
I have no idea what technology is in use in the remote/client system.
If my server socket is using TLSv1_method it is rejecting the connection
and logging those errors on my server:
error
On 08/12/14 19:25, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 07:22:33PM +0100, Daniel Pocock wrote:
Will the TLSv1 method be removed in jessie or while jessie is still
supported?
This is something post jessie.
Is it something that is going to happen with Ubuntu releases next year
(e.g
On 08/12/14 20:06, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 07:42:54PM +0100, Daniel Pocock wrote:
Is it something that is going to happen with Ubuntu releases next year
(e.g. April 2015)?
If so, it means that the repro package in jessie won't talk to a repro
package in Ubuntu.
I
On 08/12/14 21:16, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 08:17:53PM +0100, Daniel Pocock wrote:
If I understand your reply correctly, the version in Ubuntu and Fedora
will still talk TLS 1.0 with the version now waiting in jessie?
Yes.
Do you believe it would be reasonable for me
On 08/12/14 21:28, Daniel Pocock wrote:
On 08/12/14 21:16, Kurt Roeckx wrote:
On Mon, Dec 08, 2014 at 08:17:53PM +0100, Daniel Pocock wrote:
If I understand your reply correctly, the version in Ubuntu and Fedora
will still talk TLS 1.0 with the version now waiting in jessie?
Yes.
Do
e. Thanks for the quick fix!
Daniel
Hi *
the amd64 build for 0.8-3+deb8u2 seems to be missing from [1].
Is this an error or am I missing something?
Thanks
Daniel
[1] http://security.debian.org/pool/updates/main/libv/libvdpau/
On 11/02/2015 08:27 PM, Alessandro Ghedini wrote
On 09/06/2015 07:14 PM, Paul Wise wrote:
> On Sun, Sep 6, 2015 at 10:20 AM, Daniel Reichelt wrote:
>
>> [1]
>> http://ftp.nl.debian.org/debian/dists/stretch/main/installer-amd64/current/images/
>
> ftp://ftp.debian.org/debian/dists/stretch/Release
> ftp://ftp.debi
missing s.th.? Looking forward to suggestions!
If I'm really the first one to bring this up: IMHO the simplest solution would
be to gpg-sign the hash lists under [1]/[2] and provide signed hash lists for
[3] as well.
Thanks
Daniel
[1]
http://ftp.nl.debian.org/debian/dists/stretch/main
mv tiffanyryan2...@gmail.com /dev/null
2016-03-31 9:42 GMT-05:00 Tiffany Ryan <tiffanyryan2...@gmail.com>:
> Please remove my email from you system
>
> tiffanyryan2...@gmail.com
>
--
"La imaginación es más importante que el conocimiento. Einstein"
*Daniel
=Licensing#License_of_Fedora_SPEC_Files
The upstream repository (which includes the .spec file too) is licensed
under GPLv2+. That's probably an inconsistency that I should fix...
Regards,
--
Daniel Kopeček
Software Engineer, Special Projects
Red Hat, Inc.
On 19/05/16 03:17, Paul Wise wrote:
> On Wed, May 18, 2016 at 9:20 PM, Daniel Pocock wrote:
>
>> Can anybody comment on how Debian users will be impacted by SHA-1
>> deprecation?
>
> There is some info related to that in these two wiki pages:
>
> https://w
Can anybody comment on how Debian users will be impacted by SHA-1
deprecation?
In particular:
- will libraries like OpenSSL and GnuTLS continue to support it in
stretch and beyond?
- will web servers like Apache support it in server certificates or
certificate chains?
- will web servers and
Uhpppopppiujiki
MN
I have
.. buy bio
Yg.viuuu
On 18 Jul 2016 17:32, "Salvatore Bonaccorso" wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> - -
> Debian Security Advisory DSA-3621-1
moving it into place
(thus retaining the inode number).
Cheers
Daniel
signature.asc
Description: OpenPGP digital signature
On 01/28/2017 03:51 PM, Holger Levsen wrote:
> On Sat, Jan 28, 2017 at 03:04:56PM +0100, Daniel Reichelt wrote:
>> I highly suspect this stems from packages' rules files supporting
>> reproducible builds.
>
> I rather think this is due to binNMUs not modifying debian/change
unsubscrbe
On Thu, Aug 25, 2016 at 11:03 PM, Sebastien Delafond wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA512
>
> -
> -
> Debian Security Advisory DSA-3654-1
re. Thanks for jumping in and reporting this, I wasn't sure if I
hadn't just messed up my apt-pinning...
> The 32bit i386 packages on the hand are fine, probably because they
> were built by a buildd.
On an i386 VM the upgrade ran fine here as well.
Cheers
Daniel
signature.asc
Description: OpenPGP digital signature
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
You need to use the web form:
https://www.debian.org/MailingLists/unsubscribe
On 01/11/17 13:55, Donald Haley wrote:
> Please unsuscribe me. > > Thanks
-BEGIN PGP SIGNATURE-
Hi Team!
I am working a new version of wifite[1], Could someone check it out?
Thank you very much!
Regards
[1]: https://salsa.debian.org/pkg-security-team/wifite/
--
Daniel Echeverry
http://wiki.debian.org/DanielEcheverry
http://rinconinformatico.net
Linux user: #477840
Debian user
alt+tab
--
*Daniel Romo*
d4nnr.blogspot.com.co #Blog_Personal
El 11 de enero de 2018, 10:45, DANIEL ROMO<danielromogar...@gmail.com>
escribió:
> Hola
>
> puedes enviar un print screen ? (con tu celular)
>
>
> amt+tab para cambiar de ventana es una solución
>
>
Hola
puedes enviar un print screen ? (con tu celular)
amt+tab para cambiar de ventana es una solución
;)
--
*Daniel Romo*
d4nnr.blogspot.com.co #Blog_Personal
El 11 de enero de 2018, 02:42, R Calleja<rcalle...@gmail.com> escribió:
> Hola buenos dias, alquien puede ayudarme.
&g
> The Python job finished successfully here after 10 hours.
6h40 mins here as I ported your improved logic to the python2 version :).
# git filter-branch --tree-filter '/usr/bin/python2 /split-by-year.pyc' HEAD
Rewrite 1169d256b27eb7244273671582cc08ba88002819 (68356/68357) (24226 seconds
passed,
Am 13.11.18 um 23:09 schrieb Moritz Muehlenhoff:
> The current data structure works very well for us and splitting the files
> has many downsides.
Could you detail what those many downsides are besides the scripts that
need to be amended?
The main issue is that we need to get clone and diff+render operations
back into normal time frames. The salsa workers (e.g. to render a
diff) time out after 60s. Similar time constraints are put onto other
rendering frond-ends. Actually you can easily get Apache to segfault
if you do not
Zobel brought up the security-tracker git discussion in the
#debian-security irc channel again and I'd like to record a few of the
items touched there for others that were not present:
DLange has a running mirror of the git repo with split files since three
months. This is based on anarcat's
Am 06.06.19 um 07:31 schrieb Salvatore Bonaccorso:
Could you again point me to your splitted up variant mirror?
https://git.faster-it.de/debian_security_security-tracker_split_files/
as requested in https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908678#139
we have created a data/CVE/.list repo ("v2") during MiniDebConf HH
It is mirrored at Salsa:
https://salsa.debian.org/dlange/debian_security_security-tracker_split_files_v2
Hi Sophie!
El mar., 10 de dic. de 2019 a la(s) 05:24, Sophie Brun (sop...@freexian.com)
escribió:
> Hi Daniel,
>
>
> Le 26/11/2019 à 16:14, Daniel Echeverry a écrit :
> > Hi!
> > [..]
> > I wrote to the upstream, and he will make a new release this weekend,
supported behind an authenticated HTTP zone for trusted
users
@Florian That linked message is yours; any objections from you?
Thanks,
Daniel
P.S. Priority "important" since binutils' rdeps include dpkg-dev, gcc,
and clang, so I assume this is quite visible.
> Some of its checks look inherently dangerous, e.g. the bash -n check for
> shell syntax.
Why would bash -n be dangerous?
signature.asc
Description: OpenPGP digital signature
on
> paste.debian.net.
Clearly someone tries to run a command put as an address. Out of curiosity:
Which kind of vulnerability are they trying to use here?
Regards, Daniel
--
Regards,
Daniel Leidert | https://www.wgdd.de/
GPG-Key RSA4096 / BEED4DED5544A4C03E283DC74BCD0567C296D05D
GPG-Key E
.html
* https://lists.debian.org/debian-devel/2021/08/msg00167.html
* https://lists.debian.org/debian-devel/2021/08/msg00172.html
but no consensus.
Thank you!
Daniel Lewart
Urbana, Illinois
Georgi Naplatanov wrote:
> I have no opinion but found this
> https://wiki.debian.org/SourcesList
SZÉPE Viktor wrote:
> And there is this
> https://wiki.debian.org/NewInBullseye#Changes
Both of these were referenced in my original message:
l a kernel update from d-security that should get installed but
doesn't.
As soon as I remove the Default-Release line from apt.conf the update gets
offered for installation. Has anyone else observed this or is something
broken in my apt config somewhere?
--Daniel
Hi Paul,
On Fri, Jul 21, 2023 at 10:17:28AM +0800, Paul Wise wrote:
> On Thu, 2023-07-20 at 22:12 +0200, Daniel Gröber wrote:
>
> > It seems packages from the debian-security repository are not affected by
> > this increased priority and will not get in
enting security updates.
Who do I contact about the archive aspects? FTP-master or the
security-team? The security-team is in CC on the doc bugs so I'm hoping
they will see it anyway.
Thanks,
--Daniel
Um, can't this a**hole just use a filter or something? Oh wait, sorry,
there isn't any intelligent life at your end either. Oops.
---
Dan Chen [EMAIL PROTECTED]
GPG key: www.cs.unc.edu/~chenda/pubkey.gpg.asc
On Sat, 1 Sep 2001, Layne wrote:
nothing worth a horse's a**
--
To
stop this from
happening?
Thanks in advance,
Daniel J. Rychlik
, it's working as one-disc firewall
for our 384/64 kbit speed ADSL account, with routing between two 10 mbit
ethernet card too.
kernel 2.4.18, pppd, pppoe, limited iptables support.
Working from a compressed filesystem loaded from floppy's 512. record.
asd
--
Daniel asd Vasarhelyi
PGP key avaible
. Tripwire or software like that will cry.
Daniel Vasarhelyi
--
Daniel asd Vasarhelyi
PGP key avaible at http://asd.musichello.com/gpg-pub.key and public keyservers
Key fingerprint = EA00 AF4D A83C 1122 0967 DDF5 27BC 390F 181F 9954
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
be unnecessary too: spammers use
non-existing mailbox names and if you generate an automaticed reply,
your mailbox get's filled with Mail Deliverity Errors. In the other
side, in this case sender gets a report message, lowering the risk
you miss something important.
Daniel
--
Daniel asd
Please accept this new banner that I created with Gimp and a Woody system. Its a small
token of my appreciation to all my mentors at Debian Security.
Sincerely Yours,
Daniel J. Rychlik
Debian GNU/Linux Advocate
attachment: debian-banner2.jpg
How about the stable version?
On Tue, 2004-01-27 at 19:55, Adam D. Barratt wrote:
On Tue, 2004-01-27 at 18:40, Daniel van Eeden wrote:
Debian versions of gaim patched?
http://security.e-matters.de/advisories/012004.html
gaim 0.75-2 was uploaded a couple of hours ago.
Changes:
gaim
-Forwarded Message-
From: Martin Schulze [EMAIL PROTECTED]
To: Daniel van Eeden [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Gaim remote overflows (12x)
Date: Tue, 27 Jan 2004 19:58:22 +0100
Daniel van Eeden wrote:
Are the debian versions already patched?
http
Someone used this bug to attack my system...
My advice to all phpix users...chmod 700 /var/www/phpix
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=229794
Daniel van Eeden [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
goal.
It does provide some amusement to the rest of the world, however. :)
Regards,
Daniel
--
There is no satisfaction in hanging a man who does not object to it.
-- G. B. Shaw
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
Maybe include 10 keys in the distribution?
key1: valid from 2003 untill 2004
key2: valid from 2004 untill 2005
key3: valid from 2005 untill 2006
etc.
The keys should be kept apart from eachother in a safe.
Daniel
On Thu, 2004-12-30 at 13:38 +0100, martin f krafft wrote:
Assume it's the end
information.
It won't work if not connected to /dev/tty1
Could anybody confirm this?
--
Daniel van Eeden [EMAIL PROTECTED]
signature.asc
Description: This is a digitally signed message part
smime.p7s
Description: S/MIME cryptographic signature
I did reproduce it on my alpha running Debian 3.0
And it seems like I'm still logged on and all programs are just running
fine and I can still use the bash prompt which executed screen. The last
command says I'm still logged in, but w and who won't show my session.
Daniel van Eeden [EMAIL
+IAeqTIRAk5gAKCiF4/BxJKCS9sO/unLnxk20Q/IkwCgp1pG
HTFfGLLM5sBKoRYUI5VqR3Y=
=LOOJ
-END PGP SIGNATURE-
--
| /+\ \| | |
David Croft
Infotrek
--
Daniel van Eeden [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
: `apt-cache show pkg' and http://packages.debian.org/pkg
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFB98T+W5ql+IAeqTIRAo08AJ4j+/SVb0nAKIkwLxGOVfracoqP3QCeMk/0
CAgqM2quLUj7c9qrl95OeNY=
=PU6m
-END PGP SIGNATURE-
--
Daniel van Eeden [EMAIL PROTECTED
?
--
Daniel van Eeden [EMAIL PROTECTED]
smime.p7s
Description: S/MIME cryptographic signature
Um, can't this a**hole just use a filter or something? Oh wait, sorry,
there isn't any intelligent life at your end either. Oops.
---
Dan Chen [EMAIL PROTECTED]
GPG key: www.cs.unc.edu/~chenda/pubkey.gpg.asc
On Sat, 1 Sep 2001, Layne wrote:
nothing worth a horse's a**
-BEGIN PGP SIGNED MESSAGE-
On Friday 16 November 2001 11:21, Oyvind A. Holm wrote:
On 2001-11-15 19:11 Florian Bantner wrote:
Another thing is... You're a bit concerned that root can read your
mail. A good advice is to never - NEVER place your private (secret) key
on another machine
-BEGIN PGP SIGNED MESSAGE-
On Friday 16 November 2001 11:39, Mathias Gygax wrote:
There is no way, nor any reason why, to setup a system in such a way
that the maintainer of the system cannot maintain it.
maintainer is someone else. root is there for serving the daemons.
stop this from
happening?
Thanks in advance,
Daniel J. Rychlik
Should debian users be worried if they only install the pre built .deb
package or should we evaluate the source and install the ssh from
source?
I guess the next question is Do I Have it?
Sincerely,
Daniel J. Rychlik
Money does not make the world go round , Gravity does .
-Original
/tmpkuver.0.26244: No such
file or directory.
Any Ideas?
Sincerely,
Daniel J. Rychlik
Money does not make the world go round , Gravity does .
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Quick Question about the 2.2 Kernel and Iptables, does the 2.2 kernel
have support for Iptables? Im rebuilding my server tonight I need to
know if the latest stable 2.2 will handle iptables.
Sincerely,
Daniel J. Rychlik
Money does not make
=mail.sopovico.pt (eircom.net)
[194.38.132.105]
2002-08-26 19:36:25 refused relay (host) to [EMAIL PROTECTED] from
[EMAIL PROTECTED] H=mail.sopovico.pt (eircom.net)
[194.38.132.105]
Sincerely,
Daniel J. Rychlik
Money does not make the world go round , Gravity does .
-BEGIN PGP SIGNATURE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
If you use Iptables and you block spoofed addresses with Iptables,
will that stop the spoofing in their tracks, therefore decreasing the
chance of a DOS?
Sincerely,
Daniel J. Rychlik
Money does not make the world go round , Gravity does
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
'nod', agreed Geoff.
Sincerely,
Daniel J. Rychlik
Money does not make the world go round , Gravity does .
- -Original Message-
From: Geoff Crompton [mailto:[EMAIL PROTECTED] On Behalf Of Geoff
Crompton
Sent: Tuesday, September 10
, it's working as one-disc firewall
for our 384/64 kbit speed ADSL account, with routing between two 10 mbit
ethernet card too.
kernel 2.4.18, pppd, pppoe, limited iptables support.
Working from a compressed filesystem loaded from floppy's 512. record.
asd
--
Daniel asd Vasarhelyi
PGP key avaible
. Tripwire or software like that will cry.
Daniel Vasarhelyi
--
Daniel asd Vasarhelyi
PGP key avaible at http://asd.musichello.com/gpg-pub.key and public keyservers
Key fingerprint = EA00 AF4D A83C 1122 0967 DDF5 27BC 390F 181F 9954
be unnecessary too: spammers use
non-existing mailbox names and if you generate an automaticed reply,
your mailbox get's filled with Mail Deliverity Errors. In the other
side, in this case sender gets a report message, lowering the risk
you miss something important.
Daniel
--
Daniel asd
Putting it into /etc/rc.boot will not harm the system. I think it's the
best place to put the script, it's ran before entering runlevel-2 which
sets up network interfaces.
asd
--
Daniel asd Vasarhelyi
PGP key avaible at http://asd.musichello.com/gpg-pub.key and public keyservers
Key fingerprint
Please accept this new banner that I created with Gimp and a Woody system. Its
a small
token of my appreciation to all my mentors at Debian Security.
Sincerely Yours,
Daniel J. Rychlik
Debian GNU/Linux Advocate
attachment: debian-banner2.jpg
Debian versions of gaim patched?
http://security.e-matters.de/advisories/012004.html
--
Daniel van Eeden [EMAIL PROTECTED] http://compukid.no-ip.org/
jabber: [EMAIL PROTECTED] aim: Compukid128 icq: 36952189
How about the stable version?
On Tue, 2004-01-27 at 19:55, Adam D. Barratt wrote:
On Tue, 2004-01-27 at 18:40, Daniel van Eeden wrote:
Debian versions of gaim patched?
http://security.e-matters.de/advisories/012004.html
gaim 0.75-2 was uploaded a couple of hours ago.
Changes:
gaim
-Forwarded Message-
From: Martin Schulze [EMAIL PROTECTED]
To: Daniel van Eeden [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: Re: Gaim remote overflows (12x)
Date: Tue, 27 Jan 2004 19:58:22 +0100
Daniel van Eeden wrote:
Are the debian versions already patched?
http
Someone used this bug to attack my system...
My advice to all phpix users...chmod 700 /var/www/phpix
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=229794
Daniel van Eeden [EMAIL PROTECTED]
You're right...not a root exploit. (but this exploit will make all local
root exploits act like remote root exploits)
Today I had a MyDoom breakfast, for lunch 12 gaim overflows and for
dinner a delicous phpix unsafe inclusion.
Anybody suggestions for the dessert?
Daniel van Eeden [EMAIL
It's not the most beatiful patch. (die is evil) but it seems to work.
Is it secure enough?
Daniel van Eeden [EMAIL PROTECTED]
Common subdirectories: phpix-2.0.2.orig/albums and phpix-2.0.2/albums
Only in phpix-2.0.2: build-stamp
Common subdirectories: phpix-2.0.2.orig/CVS and phpix-2.0.2/CVS
: security_error.php) kind of thing?
--
Daniel van Eeden [EMAIL PROTECTED] http://compukid.no-ip.org/
jabber: [EMAIL PROTECTED] aim: Compukid128 icq: 36952189
Package: webcalendar
Version: 0.9.45-7
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Every local user can view the password with this command:
debconf-get-selections | grep webcalendar/conf/db_password
The passwords for cacti and slapd are properly hidden, so this is
probaly
Why is /var/run/radvd setuid radvd?
The exact permissions of /var/run/radvd on my debian sid system:
drwsr-xr-x 2 radvd root 27 Nov 21 22:31 radvd
Cheers,
Daniel van Eeden [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
This bug really should have critical or release-critical as severity
level. It almost caused an production box with debian sarge to break.
(/var filesystem full)
I verified this bug on stable and sid.
As this is an DOS attack.
Regards,
Daniel van Eeden
--
To UNSUBSCRIBE, email to [EMAIL
George,
You could try booting from an debian install cd/dvd and choosing the
rescue option. Then you'll have to chroot into you installation and fix
the mountpoints. But this is a work-around, it shouldn't be so hard to
do.
Cheers,
Daniel
On Fri, 2007-04-20 at 20:30 -0500, George P Boutwell
-only security.
[1] http://packages.debian.org/stable/admin/debsums
Cheers,
Daniel van Eeden
On Sun, 2007-06-24 at 15:23 +0100, andy baxter wrote:
hello,
I am writing to ask what you think of the following idea? Something that
I would like to see is a bootable CDROM which can check all
Hi Debian Security folks--
On 03/10/2010 01:18 PM, dann frazier wrote:
Debian Security Advisory DSA-2010 secur...@debian.org
http://www.debian.org/security/ Dann Frazier
March 10,
301 - 400 of 415 matches
Mail list logo