Updating Snort Signatures In Stable ?

the debian-security archive but didn't hit any items discussing this, so maybe it's a dumb question - sorry, I'm a newb here. Thanks for _any_ comments at all. Nick Boyce Bristol, UK -- Stenderup's Law: The sooner you fall behind, the more time you will have to catch up. -- To UNSUBSCRIBE, email

Re: Updating Snort Signatures In Stable ?

and push out stable signature updates - but I can see why that would be difficult to set policy for. Cheers, Nick Boyce Bristol, UK -- ... the fundamental design flaws are completely hidden by the superficial design flaws. Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish

Re: Updating Snort Signatures In Stable ?

On Sat, 7 Dec 2002 13:51:11 +0100, Javier Fernández-Sanguino Peña wrote: On Sat, Dec 07, 2002 at 02:46:01AM +, Nick Boyce wrote: I'd suggest maybe a note about V1.8.4 being useless should be added to http://packages.debian.org/stable/net/snort.html, along with some advice about getting

Re: Updating Snort Signatures In Stable ?

. I too don't want the unstable glibc - surely it means you have to replace just about every other binary on the system ? Nick Boyce Bristol, UK -- Petreley's First Law of Computer Journalism: No technology exists until Microsoft invents it. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED

Re: [SECURITY] [DSA 265-1] -- BAD SIGNATURE !?

key, which validated OK. Anyone else ? Nick Boyce Bristol, UK -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: is this an attack ?

anything more helpful. Nick Boyce Bristol, UK -- Remember - friends don't send friends HTML e-mail -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Probable SSH Vulnerability

. My 2p, etc. You probably already know all this. Do you *have* to have SSH1 enabled ? (Sorry if this is all off-target) Good luck Nick Boyce Bristol, UK -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Probable SSH Vulnerability

not Tim ? Or are you saying the computational effort involved is as huge as, say, a DES crack would be ? (i.e. only national security services and mobsters would have the resources ?) Cheers Nick Boyce Bristol, UK -- Yousa steala precious from meesa! - Jar-Jaromir -- To UNSUBSCRIBE, email

Re: Probable SSH Vulnerability

On Tue, 17 Jun 2003 21:34:32 +0200, Florian Weimer wrote: Nick Boyce [EMAIL PROTECTED] writes: These attacks require wiretapping and traffic manipulation capabilities. I'd be interested if you could expand on this - do you mean a connection to the victim's LAN is necessary ? LAN or WAN

Re: recommendations for FTP server

keystore. Seems nice and stable to me. Nick Boyce Bristol, UK -- Microsoft may provide updates that will be automatically downloaded onto your computer. These updates may disable your ability to copy and/or play content and use other software on your computer. -- http://bsdvault.net

Re: secure FTP clients [was: recommendations for FTP server]

On 21 Jun 2003 10:44:47 +0200, Florent Rougon wrote: Nick Boyce [EMAIL PROTECTED] wrote: http://filezilla.sourceforge.net/ GUI Win32 client that does FTP, FTP over SSL, and SFTP. Apparently has some integration with PuTTY,though I can't currently figure out how to get FileZilla to use

Re: certificate server (ejbca)

with ? Thanks, Nick Boyce Bristol, UK -- ... the fundamental design flaws are completely hidden by the superficial design flaws. Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL

Re: strange reboot on woody

command, that is logged as a reason: field of the syslog entry). Nick Boyce Bristol, UK -- A. Because it breaks the logical sequence of discussion Q. Why is top posting bad? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Attempts to poison bayesian systems

bayesian systems by loading them up with all sorts of normal words so that good mail gets false positives, thus breaking the systems. That sounds plausible :-( Merry Happy Season Of Jollyness everyone Nick Boyce Bristol, UK -- The 2003 Perl Advent Calendar: http://perladvent.org/2003

Re: Current Stable Kernel 2.4.18 Source deb ?

On Sat, 3 Jan 2004 11:16:26 +0100, Maurizio Lemmo wrote: On sabato 03 gennaio 2004, alle 05:26, Nick Boyce wrote: I'd be grateful if someone could please try to deconfuse me about what the current stable kernel 2.4.18 source package is .. DSA 403-1 (http://www.debian.org/security/2003/dsa

Re: Infrastructer back online?

/20031121) for more details Which is the announcement about the November compromise. That makes it sound like it _is_ a security issue .. Nick Boyce Bristol, UK -- Ok spammer, I'll 'just hit delete'. You can be 'Delete'. -- Ron SuperTroll Ritzman, NANAE -- To UNSUBSCRIBE

How To Set Up Mail-out-only System ?

. If this was NetBSD, I'd set something like exim=no in somewhere like rc.conf ... is there a Debian equivalent to that ? TIA for any advice. Nick Boyce Bristol, UK -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: How To Set Up Mail-out-only System ?

On Wed, 11 Feb 2004 11:53:38 +1000, Clayton Russell wrote: On Wed, 2004-02-11 at 11:41, Nick Boyce wrote: Sorry if this is a dumb question ... I've just set up a secure (you know .. more than usual) Debian system, and want to arrange things so that it can send mail out when necessary

Re: How To Set Up Mail-out-only System ?

attack surface of the dedicated mailers is a Good Thing I suppose. I may need timely notifications from this box (ok, it's an IDS), so I don't want to rely on periodic cron-initiated mailer runs. Again, many thanks for all the help. Nick Boyce Bristol, Uk -- We did a risk management review. We

OpenSSL version command

... when you ask it things :) Nick Boyce Bristol, UK -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: OpenSSL version command

On Saturday 20 Mar 2004 1:56 am, Nick Boyce wrote: Couldn't it say something like OpenSSL version OpenSSL 0.9.6c - Debian 19 jan 2004 I meant 19 mar 2004 ... It's been a long day :-/ Cheers, Nick Boyce Bristol, UK -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

Updating Kernel Using make-kpkg - Not Intuitive ?

for my observation I'd be grateful. debian-user ? debian-dpkg ? Maybe a usability bug filed against make-kpkg ? Or maybe I'm missing some point, and the above comments belong in the trash. Comments/flames welcome. Cheers Nick Boyce Bristol, UK -- To UNSUBSCRIBE, email to [EMAIL PROTECTED

Re: Updating Kernel Using make-kpkg - Not Intuitive ?

On Mon, 22 Mar 2004 12:27:52 -0700, Stephen Keeling wrote: Incoming from Nick Boyce: Otherwise, I suggest you move /lib/modules/2.4.18 out of the way, perhaps to /lib/modules/2.4.18.old or something, and then try re-installing this image. [snip] What on earth is this trying to say to me

Re: possible samba security problem

it should be okay to simply change the permissions on /var/run/samba/locking.tdb so only root can access it. There's no real need for ordinary users to use smbstatus anyway. IMHO. Nick Boyce Bristol, UK -- Expert, n.: Someone who comes from out of town and shows slides -- To UNSUBSCRIBE, email

Permissions Required On hosts.allow ?

so much longer to start up a session ... ] TIA, Nick Boyce Bristol, UK -- The universe is entering maintenance mode in 2 minutes. Please logout. -- Your administrator

Re: Permissions Required On hosts.allow ?

(say) _depends_ on having its group telnetd membership for some purpose though .. Cheers, Nick Boyce Bristol, UK -- Microsoft may provide updates that will be automatically downloaded onto your computer. These updates may disable your ability to copy and/or play content and use other software

Re: Permissions Required On hosts.allow ?

a thorough knowledge of the source code (which I don't have) can elicit - that's why I sought comments :) I'm still not sure about it. Cheers, Nick Boyce Bristol, UK -- Ok spammer, I'll 'just hit delete'. You can be 'Delete'. -- Ron SuperTroll Ritzman, NANAE

Re: Permissions Required On hosts.allow ?

to achieve it I'd be very interested to hear about any such options in the Linux world. AFAIK, Linux ACL facilities are still experimental (http://packages.debian.org/testing/admin/kernel-patch-acl.html) Thanks for your commentary, which was welcome. Nick Boyce Bristol, UK -- The last ~700

Re: Permissions Required On hosts.allow ?

On Fri, 30 Aug 2002 07:38:45 -0400, Edward Guldemond wrote: On Thu, Aug 29, 2002 at 02:51:14AM +0100, Nick Boyce wrote: I decided to start locking down permissions on sensitive files on a recently installed Woody box, and discovered that when I changed the permissions on hosts.allow

Updating Snort Signatures In Stable ?

the debian-security archive but didn't hit any items discussing this, so maybe it's a dumb question - sorry, I'm a newb here. Thanks for _any_ comments at all. Nick Boyce Bristol, UK -- Stenderup's Law: The sooner you fall behind, the more time you will have to catch up.

Re: Updating Snort Signatures In Stable ?

and push out stable signature updates - but I can see why that would be difficult to set policy for. Cheers, Nick Boyce Bristol, UK -- ... the fundamental design flaws are completely hidden by the superficial design flaws. Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.

Re: Updating Snort Signatures In Stable ?

On Sat, 7 Dec 2002 13:51:11 +0100, Javier Fernández-Sanguino Peña wrote: On Sat, Dec 07, 2002 at 02:46:01AM +, Nick Boyce wrote: I'd suggest maybe a note about V1.8.4 being useless should be added to http://packages.debian.org/stable/net/snort.html, along with some advice about getting

Bug #173254 Submitted: Snort In Stable Unusable

the Snort package altogether in these circumstances. What would be quicker : remove the package, or add the warning to the web-page ? I guess we ought to do *something*. Comments ? Nick Boyce Bristol, UK -- Special Relativity: The person in the other queue thinks yours is moving faster.

Re: FTP-SSL

to if it cannot.) cut === Hope some of that helps :) Nick Boyce Bristol, UK -- Special Relativity: The person in the other queue thinks yours is moving faster.

Re: Need an advise about isolating a host in the DMZ

codebase that it seems worth switching to one that's completely new and unrelated.) Nick Boyce Bristol, UK -- ... the fundamental design flaws are completely hidden by the superficial design flaws. Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.

Re: [SECURITY] [DSA 265-1] -- BAD SIGNATURE !?

key, which validated OK. Anyone else ? Nick Boyce Bristol, UK

Re: [SECURITY] [DSA 265-1] -- BAD SIGNATURE !?

On Saturday 22 Mar 2003 6:36 am, Martin Schulze wrote: Nick Boyce wrote : I get a bad signature reported by Kmail on this announcement. Saving the message out to a text file and verifying manually also fails : Ditch KMail, it is a permanent source of problems when it comes to digital

Re: is this an attack ?

anything more helpful. Nick Boyce Bristol, UK -- Remember - friends don't send friends HTML e-mail

Kernel ptrace Hole - Fix For i386 ?

been over a couple of weeks now, and still no i386 fix. The fix is in vanilla kernel 2.4.20 as I understand it, and it sounds like some people here are downloading that source for their Woody i386 systems. Anyone know what the official plan is ? Thanks Nick Boyce Bristol, UK -- Spence's Admonition

Re: Snort exploit in wild.

there's no easy way to incorporate up-to-date signatures (rules) into Debian. Cheers, Nick Boyce Bristol, UK -- Boycott Amazon till they relent on the 1-click software patent - http://www.gnu.org/philosophy/amazon.html

Re: Apt-get only security patches

it is created insecurely allows local users to overwrite arbitrary files via a symlink attack on temporary files So if you're the only user on the machine then I suppose you needn't worry. Cheers Nick Boyce Bristol, UK -- There is no spoon.

Re: Probable SSH Vulnerability

. My 2p, etc. You probably already know all this. Do you *have* to have SSH1 enabled ? (Sorry if this is all off-target) Good luck Nick Boyce Bristol, UK

Re: Probable SSH Vulnerability

not Tim ? Or are you saying the computational effort involved is as huge as, say, a DES crack would be ? (i.e. only national security services and mobsters would have the resources ?) Cheers Nick Boyce Bristol, UK -- Yousa steala precious from meesa! - Jar-Jaromir

Re: Probable SSH Vulnerability

On Tue, 17 Jun 2003 21:34:32 +0200, Florian Weimer wrote: Nick Boyce [EMAIL PROTECTED] writes: These attacks require wiretapping and traffic manipulation capabilities. I'd be interested if you could expand on this - do you mean a connection to the victim's LAN is necessary ? LAN or WAN

Re: recommendations for FTP server

keystore. Seems nice and stable to me. Nick Boyce Bristol, UK -- Microsoft may provide updates that will be automatically downloaded onto your computer. These updates may disable your ability to copy and/or play content and use other software on your computer. -- http://bsdvault.net

Re: secure FTP clients [was: recommendations for FTP server]

On 21 Jun 2003 10:44:47 +0200, Florent Rougon wrote: Nick Boyce [EMAIL PROTECTED] wrote: http://filezilla.sourceforge.net/ GUI Win32 client that does FTP, FTP over SSL, and SFTP. Apparently has some integration with PuTTY,though I can't currently figure out how to get FileZilla to use

Re: certificate server (ejbca)

with ? Thanks, Nick Boyce Bristol, UK -- ... the fundamental design flaws are completely hidden by the superficial design flaws. Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.

Re: strange reboot on woody

to the shutdown command, that is logged as a reason: field of the syslog entry). Nick Boyce Bristol, UK -- A. Because it breaks the logical sequence of discussion Q. Why is top posting bad?

Re: Attempts to poison bayesian systems

bayesian systems by loading them up with all sorts of normal words so that good mail gets false positives, thus breaking the systems. That sounds plausible :-( Merry Happy Season Of Jollyness everyone Nick Boyce Bristol, UK -- The 2003 Perl Advent Calendar: http://perladvent.org/2003/

Current Stable Kernel 2.4.18 Source deb ?

since the DSA ? TIA for any light anyone can shed. Nick Boyce Bristol, UK -- We did a risk management review. We concluded that there was no risk of any management. -- Hugo Mills [EMAIL PROTECTED]

Re: Current Stable Kernel 2.4.18 Source deb ?

On Sat, 3 Jan 2004 11:16:26 +0100, Maurizio Lemmo wrote: On sabato 03 gennaio 2004, alle 05:26, Nick Boyce wrote: I'd be grateful if someone could please try to deconfuse me about what the current stable kernel 2.4.18 source package is .. DSA 403-1 (http://www.debian.org/security/2003/dsa

Re: Current Stable Kernel 2.4.18 Source deb ?

On Sun, 4 Jan 2004 12:16:57 -0800, Matt Zimmerman wrote: On Sat, Jan 03, 2004 at 05:26:41AM +, Nick Boyce wrote: DSA 403-1 (http://www.debian.org/security/2003/dsa-403) states that the do_brk security hole was fixed in vanilla kernel 2.4.23, and that For Debian it has been fixed

Re: Infrastructer back online?

/20031121) for more details Which is the announcement about the November compromise. That makes it sound like it _is_ a security issue .. Nick Boyce Bristol, UK -- Ok spammer, I'll 'just hit delete'. You can be 'Delete'. -- Ron SuperTroll Ritzman, NANAE

Re: Hacked - is it my turn?

dumb blind if someone sends you spoofed packets. I _think_ the current wisdom is that Port Sentry is an all round Bad Idea, but maybe it's just a religious thing ..] Somebody please tell me if I'm wrong here. Nick Boyce Bristol, UK -- I tried to patent patent barratry as a business model

How To Set Up Mail-out-only System ?

. If this was NetBSD, I'd set something like exim=no in somewhere like rc.conf ... is there a Debian equivalent to that ? TIA for any advice. Nick Boyce Bristol, UK

Re: How To Set Up Mail-out-only System ?

On Wed, 11 Feb 2004 11:53:38 +1000, Clayton Russell wrote: On Wed, 2004-02-11 at 11:41, Nick Boyce wrote: Sorry if this is a dumb question ... I've just set up a secure (you know .. more than usual) Debian system, and want to arrange things so that it can send mail out when necessary

Re: How To Set Up Mail-out-only System ?

attack surface of the dedicated mailers is a Good Thing I suppose. I may need timely notifications from this box (ok, it's an IDS), so I don't want to rely on periodic cron-initiated mailer runs. Again, many thanks for all the help. Nick Boyce Bristol, Uk -- We did a risk management review. We

OpenSSL version command

... when you ask it things :) Nick Boyce Bristol, UK

Re: OpenSSL version command

On Saturday 20 Mar 2004 1:56 am, Nick Boyce wrote: Couldn't it say something like OpenSSL version OpenSSL 0.9.6c - Debian 19 jan 2004 I meant 19 mar 2004 ... It's been a long day :-/ Cheers, Nick Boyce Bristol, UK

Updating Kernel Using make-kpkg - Not Intuitive ?

for my observation I'd be grateful. debian-user ? debian-dpkg ? Maybe a usability bug filed against make-kpkg ? Or maybe I'm missing some point, and the above comments belong in the trash. Comments/flames welcome. Cheers Nick Boyce Bristol, UK

Re: Updating Kernel Using make-kpkg - Not Intuitive ?

On Mon, 22 Mar 2004 12:27:52 -0700, Stephen Keeling wrote: Incoming from Nick Boyce: Otherwise, I suggest you move /lib/modules/2.4.18 out of the way, perhaps to /lib/modules/2.4.18.old or something, and then try re-installing this image. [snip] What on earth is this trying to say to me

Re: [SECURITY] [DSA 952-1] New libapache-auth-ldap packages fix arbitrary code execution

On Sat, 28 Jan 2006 13:56:50 +0100, Florian Weimer wrote: * Nick Boyce: From this I infer that mod_auth_ldap for Debian-packaged Apache 2 must be included with the main Debian Apache packages, and that no libapache(2)-auth-ldap package is required - and that I therefore need fixed

Re: [SECURITY] [DSA 1156-1] New kdebase packages fix information disclosure

2b43b65830f35ea3619ff8596340031d http://security.debian.org/pool/updates/main/k/kdebase/libkonq4-dev_3.3.2-1sarge3_i386.deb Size/MD5 checksum:44922 d07fda73f6365a4470db2ac21030c906 Cheers, Nick Boyce Bristol, UK -- 'If you don't pray in my school, I won't think in your church

Re: [SECURITY] [DSA 1156-1] New kdebase packages fix information disclosure

Florian Weimer wrote: * Nick Boyce: For interest, can anyone explain why a problem with kdm leads to the need to reissue so many KDE packages ? Security updates a performed on per source package (after all, we need to ship an updated source package to comply with the DFSG and various

Re: [SECURITY] [DSA 1156-1] New kdebase packages fix information disclosure

Nick Boyce wrote: I don't mean to complain - not being a developer I may well not be aware of some very good reason for it - but the pain that ensues for people like me, on dial-up links (don't ask ...), when we must download so many binaries just because something small like kdm has changed

Remote Root In Nvidia xserver Driver

are saying this is a local root exploit only, the bulletin points out it can be exploited by visiting a malicious webpage. Cheers Nick Boyce -- Will no one rid me of this troublesome chair ? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL

UPDATE: Remote Root In Nvidia xserver Driver

thanks lucky stars this bit of Debian stable is so far behind the bleeding edge :-) Nick Boyce Bristol, UK -- Will no one rid me of this troublesome chair ?

Re: [DSA 1466-1] New xorg-server packages fix several vulnerabilities

Slight typo : For the oldstable distribution (etch), this problem has been fixed in version 4.3.0.dfsg.1-14sarge6 of xfree86. s/etch/sarge/ Nick Boyce -- If you don't pray in my school, I won't think in your church -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

ClamAV And unrar - Bug #465207

own ClamAV, but I'd rather stick with Debian ...] [1] http://bugs.debian.org/465207 Cheers Nick Boyce -- Microsoft suggests that users do not open or save Word files -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: ClamAV And unrar - Bug #465207

Stephen Gran wrote: This one time, at band camp, Nick Boyce said: .. it seems to me that simply enabling the --unrar parameter of clamscan would not entail incorporating or distributing any unrar code at all - the code to parse the --unrar parameter and call the non-free unrar binary

Re: ClamAV And unrar - Bug #465207

Stefan Fritsch wrote: On Wednesday 27 February 2008, Nick Boyce wrote: But it seems to me that simply enabling the --unrar parameter of clamscan would not entail incorporating or distributing any unrar code at all - the code to parse the --unrar parameter and call the non-free unrar binary

Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

the idea : http://marc.info/?t=11465108893r=1w=2 As the /. post says, Hats off to the reviewer who picked up on the problem. Cheers, Nick Boyce -- Leave the Olympics in Greece, where they belong. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact

Re: [SECURITY] [DSA 1605-1] DNS vulnerability impact on the libc stub resolver

resolver ? All systems which *don't* have BIND installed ? Cluebats welcome. Cheers Nick Boyce -- Leave the Olympics in Greece, where they belong. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]

Re: Debian and recent TCP vulnerability

HTTP 1.1 pipelining for some reason (proxy issues ?). Cheers Nick Boyce -- But if we find we have left our bones to bleach in these desert sands for nothing, beware the fury of the legions... -- Centurion in a letter home from North Africa 3rd Century -- To UNSUBSCRIBE, email

Heads-up: EXIM remote root exploit published

Just FYI: http://seclists.org/fulldisclosure/2010/Dec/222 contains a Perl script claimed to be based on the Metasploit module. Contains this comment: #Exim 4.63 (RedHat/Centos/Debian) Remote Root Exploit by Kingcope Untested by me. Cheers Nick Boyce -- I like paying taxes. With them I buy

Re: Lenny version info

[sigh] ... okay On 15/12/2010 12:00, John Keimel wrote: http://tinyurl.com/2b3g2l4 Also, since you need it: http://tinyurl.com/ybpctcz Please particularly note items on jeopardy reply or Top posting and trimming. +1 Nick -- Posting at the top because that's where the cursor

Re: [SECURITY] [DSA 2162-1] openssl security update

On 14/02/2011 16:28, Nico Golde wrote: We recommend that you upgrade your invalid memory access packages. This has been a mistake during the auto-generation of the DSA template. Of course thsi should say your openssl packages. [ahem] Erm ... missing .. [cough] .. exit-status check in the

Re: [SECURITY] [DSA 2695-1] chromium-browser security update

On Wednesday 29 May 2013 15:23:54 Michael Gilbert wrote: or possibly have unspecified other impact via unknown vectors. I'm just wondering ... is that Google language for or possibly allow remote code execution ? The phrase occurs for many of the vulnerabilities listed in the advisory, and

Re: [SECURITY] [DSA 2695-1] chromium-browser security update

On Sunday 02 Jun 2013 16:13:43 Michael Gilbert wrote: On Sun, Jun 2, 2013 at 9:32 AM, Nick Boyce wrote: On Wednesday 29 May 2013 15:23:54 Michael Gilbert wrote: or possibly have unspecified other impact via unknown vectors. I'm just wondering ... is that Google language

Re: Compromising Debian Repositories

On Saturday 03 Aug 2013 20:33:03 Robert Tomsick wrote: On 08/03/13 13:36, Rick Moen wrote: [...] Indeed, this whole line of query (from someone who cannot even bother to read debian-legal and wants to be CCed; no thanks) is basically pretty dumb [...] I'm not sure that hostility is

Re: Please remove me from this list

On Wed, 25 Jun 2014 23:43:36 -0500 Scott Blaydes sblay...@netteksolutions.com wrote: Doesn’t it make you wonder about a company who’s Privacy, Security and Compliance Officer can’t figure out how to get off of a mailing list that he had to subscribe to and verify his address for? Yep - it's

RE: flashplugin-nonfree and latest Flash security updates

On Mon, 1 Aug 2016 08:25:01 -0700 Darren S. wrote: > There are aspects of the flashplugin-nonfree package I am hoping to > understand better in respect to installing the latest security updates > for the Adobe Flash plugin on a Debian host. [snip] > It appears that the

RE: flashplugin-nonfree and latest Flash security updates

On Wed, 3 Aug 2016 20:47:45 +0200 Moritz Mühlenhoff <j...@inutil.org> wrote: > Nick Boyce <n...@glimmer.demon.co.uk> schrieb: > > assuming Bart is MIA for some reason, is it possible > > for the Security Team to either fix the update, or to make an > > announce

RE: flashplugin-nonfree and latest Flash security updates

On Wed, 3 Aug 2016 17:55:43 +0800 Paul Wise <p...@debian.org> wrote: > On Wed, Aug 3, 2016 at 8:29 AM, Nick Boyce wrote: [snip] > > I realise the nonfree plugin is not really supported, but ... > > assuming Bart is MIA for some reason, is it possible for the > >

RE: flashplugin-nonfree and latest Flash security updates

On Wed, 3 Aug 2016 22:53:28 + Bart Martens wrote: > On Mon, Aug 01, 2016 at 08:25:01AM -0700, Darren S. wrote: [...] > > 'update-flashplugin-nonfree --status` shows a newer release > > of the plugin upstream. > > > > > > options : --verbose --status -- > > temporary