the debian-security archive but didn't hit any items
discussing this, so maybe it's a dumb question - sorry, I'm a newb
here.
Thanks for _any_ comments at all.
Nick Boyce
Bristol, UK
--
Stenderup's Law: The sooner you fall behind, the more time you will have to catch up.
--
To UNSUBSCRIBE, email
and push out stable signature updates - but I can see why that would
be difficult to set policy for.
Cheers,
Nick Boyce
Bristol, UK
--
... the fundamental design flaws are completely hidden by the
superficial design flaws.
Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish
On Sat, 7 Dec 2002 13:51:11 +0100, Javier Fernández-Sanguino Peña
wrote:
On Sat, Dec 07, 2002 at 02:46:01AM +, Nick Boyce wrote:
I'd suggest maybe a note about V1.8.4 being useless should be added
to http://packages.debian.org/stable/net/snort.html, along with some
advice about getting
.
I too don't want the unstable glibc - surely it means you have to
replace just about every other binary on the system ?
Nick Boyce
Bristol, UK
--
Petreley's First Law of Computer Journalism:
No technology exists until Microsoft invents it.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
key, which validated OK.
Anyone else ?
Nick Boyce
Bristol, UK
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
anything more helpful.
Nick Boyce
Bristol, UK
--
Remember - friends don't send friends HTML e-mail
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
.
My 2p, etc. You probably already know all this.
Do you *have* to have SSH1 enabled ?
(Sorry if this is all off-target)
Good luck
Nick Boyce
Bristol, UK
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
not Tim ?
Or are you saying the computational effort involved is as huge as,
say, a DES crack would be ? (i.e. only national security services and
mobsters would have the resources ?)
Cheers
Nick Boyce
Bristol, UK
--
Yousa steala precious from meesa! - Jar-Jaromir
--
To UNSUBSCRIBE, email
On Tue, 17 Jun 2003 21:34:32 +0200, Florian Weimer wrote:
Nick Boyce [EMAIL PROTECTED] writes:
These attacks require wiretapping and traffic
manipulation capabilities.
I'd be interested if you could expand on this - do you mean a
connection to the victim's LAN is necessary ?
LAN or WAN
keystore.
Seems nice and stable to me.
Nick Boyce
Bristol, UK
--
Microsoft may provide updates that will be automatically downloaded onto
your computer. These updates may disable your ability to copy and/or play
content and use other software on your computer.
-- http://bsdvault.net
On 21 Jun 2003 10:44:47 +0200, Florent Rougon wrote:
Nick Boyce [EMAIL PROTECTED] wrote:
http://filezilla.sourceforge.net/
GUI Win32 client that does FTP, FTP over SSL, and SFTP. Apparently
has some integration with PuTTY,though I can't currently figure out
how to get FileZilla to use
with ?
Thanks,
Nick Boyce
Bristol, UK
--
... the fundamental design flaws are completely hidden by the
superficial design flaws.
Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
command, that is logged as a reason: field of the syslog
entry).
Nick Boyce
Bristol, UK
--
A. Because it breaks the logical sequence of discussion
Q. Why is top posting bad?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
bayesian systems by loading them up with all sorts of
normal words so that good mail gets false positives, thus
breaking the systems.
That sounds plausible :-(
Merry Happy Season Of Jollyness everyone
Nick Boyce
Bristol, UK
--
The 2003 Perl Advent Calendar: http://perladvent.org/2003
On Sat, 3 Jan 2004 11:16:26 +0100, Maurizio Lemmo wrote:
On sabato 03 gennaio 2004, alle 05:26, Nick Boyce wrote:
I'd be grateful if someone could please try to deconfuse me about what
the current stable kernel 2.4.18 source package is ..
DSA 403-1 (http://www.debian.org/security/2003/dsa
/20031121)
for more details
Which is the announcement about the November compromise.
That makes it sound like it _is_ a security issue ..
Nick Boyce
Bristol, UK
--
Ok spammer, I'll 'just hit delete'. You can be 'Delete'.
-- Ron SuperTroll Ritzman, NANAE
--
To UNSUBSCRIBE
. If this was NetBSD, I'd set something
like exim=no in somewhere like rc.conf ... is there a Debian
equivalent to that ?
TIA for any advice.
Nick Boyce
Bristol, UK
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Wed, 11 Feb 2004 11:53:38 +1000, Clayton Russell wrote:
On Wed, 2004-02-11 at 11:41, Nick Boyce wrote:
Sorry if this is a dumb question ...
I've just set up a secure (you know .. more than usual) Debian system,
and want to arrange things so that it can send mail out when necessary
attack surface of the dedicated
mailers is a Good Thing I suppose.
I may need timely notifications from this box (ok, it's an IDS), so I
don't want to rely on periodic cron-initiated mailer runs.
Again, many thanks for all the help.
Nick Boyce
Bristol, Uk
--
We did a risk management review. We
... when you ask it
things :)
Nick Boyce
Bristol, UK
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On Saturday 20 Mar 2004 1:56 am, Nick Boyce wrote:
Couldn't it say something like
OpenSSL version
OpenSSL 0.9.6c - Debian 19 jan 2004
I meant 19 mar 2004 ...
It's been a long day :-/
Cheers,
Nick Boyce
Bristol, UK
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
for my observation I'd be grateful.
debian-user ? debian-dpkg ?
Maybe a usability bug filed against make-kpkg ?
Or maybe I'm missing some point, and the above comments belong in the
trash.
Comments/flames welcome.
Cheers
Nick Boyce
Bristol, UK
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
On Mon, 22 Mar 2004 12:27:52 -0700, Stephen Keeling wrote:
Incoming from Nick Boyce:
Otherwise, I suggest you move /lib/modules/2.4.18 out of the way,
perhaps to /lib/modules/2.4.18.old or something, and then try
re-installing this image.
[snip]
What on earth is this trying to say to me
it
should be okay to simply change the permissions on
/var/run/samba/locking.tdb so only root can access it. There's no
real need for ordinary users to use smbstatus anyway. IMHO.
Nick Boyce
Bristol, UK
--
Expert, n.: Someone who comes from out of town and shows slides
--
To UNSUBSCRIBE, email
so
much longer to start up a session ... ]
TIA,
Nick Boyce
Bristol, UK
--
The universe is entering maintenance mode in 2 minutes. Please logout.
-- Your administrator
(say) _depends_ on having
its group telnetd membership for some purpose though ..
Cheers,
Nick Boyce
Bristol, UK
--
Microsoft may provide updates that will be automatically downloaded onto
your computer. These updates may disable your ability to copy and/or play
content and use other software
a thorough knowledge of the source code (which I
don't have) can elicit - that's why I sought comments :)
I'm still not sure about it.
Cheers,
Nick Boyce
Bristol, UK
--
Ok spammer, I'll 'just hit delete'. You can be 'Delete'.
-- Ron SuperTroll Ritzman, NANAE
to achieve it
I'd be very interested to hear about any such options in the Linux
world. AFAIK, Linux ACL facilities are still experimental
(http://packages.debian.org/testing/admin/kernel-patch-acl.html)
Thanks for your commentary, which was welcome.
Nick Boyce
Bristol, UK
--
The last ~700
On Fri, 30 Aug 2002 07:38:45 -0400, Edward Guldemond wrote:
On Thu, Aug 29, 2002 at 02:51:14AM +0100, Nick Boyce wrote:
I decided to start locking down permissions on sensitive files on a
recently installed Woody box, and discovered that when I changed the
permissions on hosts.allow
the debian-security archive but didn't hit any items
discussing this, so maybe it's a dumb question - sorry, I'm a newb
here.
Thanks for _any_ comments at all.
Nick Boyce
Bristol, UK
--
Stenderup's Law: The sooner you fall behind, the more time you will have to
catch up.
and push out stable signature updates - but I can see why that would
be difficult to set policy for.
Cheers,
Nick Boyce
Bristol, UK
--
... the fundamental design flaws are completely hidden by the
superficial design flaws.
Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.
On Sat, 7 Dec 2002 13:51:11 +0100, Javier Fernández-Sanguino Peña
wrote:
On Sat, Dec 07, 2002 at 02:46:01AM +, Nick Boyce wrote:
I'd suggest maybe a note about V1.8.4 being useless should be added
to http://packages.debian.org/stable/net/snort.html, along with some
advice about getting
the Snort package
altogether in these circumstances. What would be quicker : remove the
package, or add the warning to the web-page ? I guess we ought to do
*something*.
Comments ?
Nick Boyce
Bristol, UK
--
Special Relativity: The person in the other queue thinks yours is
moving faster.
to if it cannot.)
cut ===
Hope some of that helps :)
Nick Boyce
Bristol, UK
--
Special Relativity: The person in the other queue thinks yours is
moving faster.
codebase that it seems worth switching to one that's completely new
and unrelated.)
Nick Boyce
Bristol, UK
--
... the fundamental design flaws are completely hidden by the
superficial design flaws.
Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.
key, which validated OK.
Anyone else ?
Nick Boyce
Bristol, UK
On Saturday 22 Mar 2003 6:36 am, Martin Schulze wrote:
Nick Boyce wrote :
I get a bad signature reported by Kmail on this announcement.
Saving the message out to a text file and verifying manually also
fails :
Ditch KMail, it is a permanent source of problems when it comes to
digital
anything more helpful.
Nick Boyce
Bristol, UK
--
Remember - friends don't send friends HTML e-mail
been over a couple of weeks now, and still
no i386 fix.
The fix is in vanilla kernel 2.4.20 as I understand it, and it sounds
like some people here are downloading that source for their Woody i386
systems.
Anyone know what the official plan is ?
Thanks
Nick Boyce
Bristol, UK
--
Spence's Admonition
there's no easy way to incorporate up-to-date
signatures (rules) into Debian.
Cheers,
Nick Boyce
Bristol, UK
--
Boycott Amazon till they relent on the 1-click software patent
- http://www.gnu.org/philosophy/amazon.html
it is created insecurely
allows local users to overwrite arbitrary files via a symlink attack
on temporary files
So if you're the only user on the machine then I suppose you needn't
worry.
Cheers
Nick Boyce
Bristol, UK
--
There is no spoon.
.
My 2p, etc. You probably already know all this.
Do you *have* to have SSH1 enabled ?
(Sorry if this is all off-target)
Good luck
Nick Boyce
Bristol, UK
not Tim ?
Or are you saying the computational effort involved is as huge as,
say, a DES crack would be ? (i.e. only national security services and
mobsters would have the resources ?)
Cheers
Nick Boyce
Bristol, UK
--
Yousa steala precious from meesa! - Jar-Jaromir
On Tue, 17 Jun 2003 21:34:32 +0200, Florian Weimer wrote:
Nick Boyce [EMAIL PROTECTED] writes:
These attacks require wiretapping and traffic
manipulation capabilities.
I'd be interested if you could expand on this - do you mean a
connection to the victim's LAN is necessary ?
LAN or WAN
keystore.
Seems nice and stable to me.
Nick Boyce
Bristol, UK
--
Microsoft may provide updates that will be automatically downloaded onto
your computer. These updates may disable your ability to copy and/or play
content and use other software on your computer.
-- http://bsdvault.net
On 21 Jun 2003 10:44:47 +0200, Florent Rougon wrote:
Nick Boyce [EMAIL PROTECTED] wrote:
http://filezilla.sourceforge.net/
GUI Win32 client that does FTP, FTP over SSL, and SFTP. Apparently
has some integration with PuTTY,though I can't currently figure out
how to get FileZilla to use
with ?
Thanks,
Nick Boyce
Bristol, UK
--
... the fundamental design flaws are completely hidden by the
superficial design flaws.
Douglas Adams(1952 - 2001): So Long and Thanks For All The Fish.
to the
shutdown command, that is logged as a reason: field of the syslog
entry).
Nick Boyce
Bristol, UK
--
A. Because it breaks the logical sequence of discussion
Q. Why is top posting bad?
bayesian systems by loading them up with all sorts of
normal words so that good mail gets false positives, thus
breaking the systems.
That sounds plausible :-(
Merry Happy Season Of Jollyness everyone
Nick Boyce
Bristol, UK
--
The 2003 Perl Advent Calendar: http://perladvent.org/2003/
since
the DSA ?
TIA for any light anyone can shed.
Nick Boyce
Bristol, UK
--
We did a risk management review. We concluded that there was no risk
of any management.
-- Hugo Mills [EMAIL PROTECTED]
On Sat, 3 Jan 2004 11:16:26 +0100, Maurizio Lemmo wrote:
On sabato 03 gennaio 2004, alle 05:26, Nick Boyce wrote:
I'd be grateful if someone could please try to deconfuse me about what
the current stable kernel 2.4.18 source package is ..
DSA 403-1 (http://www.debian.org/security/2003/dsa
On Sun, 4 Jan 2004 12:16:57 -0800, Matt Zimmerman wrote:
On Sat, Jan 03, 2004 at 05:26:41AM +, Nick Boyce wrote:
DSA 403-1 (http://www.debian.org/security/2003/dsa-403) states that
the do_brk security hole was fixed in vanilla kernel 2.4.23, and that
For Debian it has been fixed
/20031121)
for more details
Which is the announcement about the November compromise.
That makes it sound like it _is_ a security issue ..
Nick Boyce
Bristol, UK
--
Ok spammer, I'll 'just hit delete'. You can be 'Delete'.
-- Ron SuperTroll Ritzman, NANAE
dumb blind if someone sends you spoofed
packets. I _think_ the current wisdom is that Port Sentry is an all
round Bad Idea, but maybe it's just a religious thing ..]
Somebody please tell me if I'm wrong here.
Nick Boyce
Bristol, UK
--
I tried to patent patent barratry as a business model
. If this was NetBSD, I'd set something
like exim=no in somewhere like rc.conf ... is there a Debian
equivalent to that ?
TIA for any advice.
Nick Boyce
Bristol, UK
On Wed, 11 Feb 2004 11:53:38 +1000, Clayton Russell wrote:
On Wed, 2004-02-11 at 11:41, Nick Boyce wrote:
Sorry if this is a dumb question ...
I've just set up a secure (you know .. more than usual) Debian system,
and want to arrange things so that it can send mail out when necessary
attack surface of the dedicated
mailers is a Good Thing I suppose.
I may need timely notifications from this box (ok, it's an IDS), so I
don't want to rely on periodic cron-initiated mailer runs.
Again, many thanks for all the help.
Nick Boyce
Bristol, Uk
--
We did a risk management review. We
... when you ask it
things :)
Nick Boyce
Bristol, UK
On Saturday 20 Mar 2004 1:56 am, Nick Boyce wrote:
Couldn't it say something like
OpenSSL version
OpenSSL 0.9.6c - Debian 19 jan 2004
I meant 19 mar 2004 ...
It's been a long day :-/
Cheers,
Nick Boyce
Bristol, UK
for my observation I'd be grateful.
debian-user ? debian-dpkg ?
Maybe a usability bug filed against make-kpkg ?
Or maybe I'm missing some point, and the above comments belong in the
trash.
Comments/flames welcome.
Cheers
Nick Boyce
Bristol, UK
On Mon, 22 Mar 2004 12:27:52 -0700, Stephen Keeling wrote:
Incoming from Nick Boyce:
Otherwise, I suggest you move /lib/modules/2.4.18 out of the way,
perhaps to /lib/modules/2.4.18.old or something, and then try
re-installing this image.
[snip]
What on earth is this trying to say to me
On Sat, 28 Jan 2006 13:56:50 +0100, Florian Weimer wrote:
* Nick Boyce:
From this I infer that mod_auth_ldap for Debian-packaged Apache 2 must
be included with the main Debian Apache packages, and that no
libapache(2)-auth-ldap package is required - and that I therefore need
fixed
2b43b65830f35ea3619ff8596340031d
http://security.debian.org/pool/updates/main/k/kdebase/libkonq4-dev_3.3.2-1sarge3_i386.deb
Size/MD5 checksum:44922 d07fda73f6365a4470db2ac21030c906
Cheers,
Nick Boyce
Bristol, UK
--
'If you don't pray in my school, I won't think in your church
Florian Weimer wrote:
* Nick Boyce:
For interest, can anyone explain why a problem with kdm leads to the
need to reissue so many KDE packages ?
Security updates a performed on per source package (after all, we need
to ship an updated source package to comply with the DFSG and various
Nick Boyce wrote:
I don't mean to complain - not being a developer I may well not be aware
of some very good reason for it - but the pain that ensues for people
like me, on dial-up links (don't ask ...), when we must download so many
binaries just because something small like kdm has changed
are saying this is a local root exploit only, the bulletin
points out it can be exploited by visiting a malicious webpage.
Cheers
Nick Boyce
--
Will no one rid me of this troublesome chair ?
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
thanks lucky stars this bit of Debian stable is so far behind the bleeding
edge :-)
Nick Boyce
Bristol, UK
--
Will no one rid me of this troublesome chair ?
Slight typo :
For the oldstable distribution (etch), this problem has been
fixed in version 4.3.0.dfsg.1-14sarge6 of xfree86.
s/etch/sarge/
Nick Boyce
--
If you don't pray in my school, I won't think in your church
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
own ClamAV, but I'd rather stick with Debian ...]
[1] http://bugs.debian.org/465207
Cheers
Nick Boyce
--
Microsoft suggests that users do not open or save Word files
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Stephen Gran wrote:
This one time, at band camp, Nick Boyce said:
.. it seems to me that simply enabling the --unrar parameter of
clamscan would not entail incorporating or distributing any unrar code
at all - the code to parse the --unrar parameter and call the non-free
unrar binary
Stefan Fritsch wrote:
On Wednesday 27 February 2008, Nick Boyce wrote:
But it seems to me that simply enabling the --unrar parameter of
clamscan would not entail incorporating or distributing any unrar
code at all - the code to parse the --unrar parameter and call the
non-free unrar binary
the idea :
http://marc.info/?t=11465108893r=1w=2
As the /. post says, Hats off to the reviewer who picked up on the
problem.
Cheers,
Nick Boyce
--
Leave the Olympics in Greece, where they belong.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact
resolver ?
All systems which *don't* have BIND installed ?
Cluebats welcome.
Cheers
Nick Boyce
--
Leave the Olympics in Greece, where they belong.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
HTTP 1.1 pipelining for some reason (proxy issues ?).
Cheers
Nick Boyce
--
But if we find we have left our bones to bleach in these desert
sands for nothing, beware the fury of the legions...
-- Centurion in a letter home from North Africa
3rd Century
--
To UNSUBSCRIBE, email
Just FYI: http://seclists.org/fulldisclosure/2010/Dec/222
contains a Perl script claimed to be based on the Metasploit module.
Contains this comment:
#Exim 4.63 (RedHat/Centos/Debian) Remote Root Exploit by Kingcope
Untested by me.
Cheers
Nick Boyce
--
I like paying taxes. With them I buy
[sigh] ... okay
On 15/12/2010 12:00, John Keimel wrote:
http://tinyurl.com/2b3g2l4
Also, since you need it:
http://tinyurl.com/ybpctcz
Please particularly note items on jeopardy reply or Top posting
and trimming.
+1
Nick
--
Posting at the top because that's where the cursor
On 14/02/2011 16:28, Nico Golde wrote:
We recommend that you upgrade your invalid memory access packages.
This has been a mistake during the auto-generation of the DSA template. Of
course thsi should say your openssl packages.
[ahem]
Erm ... missing .. [cough] .. exit-status check in the
On Wednesday 29 May 2013 15:23:54 Michael Gilbert wrote:
or possibly have unspecified other impact via unknown vectors.
I'm just wondering ... is that Google language for or possibly allow remote
code execution ?
The phrase occurs for many of the vulnerabilities listed in the advisory, and
On Sunday 02 Jun 2013 16:13:43 Michael Gilbert wrote:
On Sun, Jun 2, 2013 at 9:32 AM, Nick Boyce wrote:
On Wednesday 29 May 2013 15:23:54 Michael Gilbert wrote:
or possibly have unspecified other impact via unknown vectors.
I'm just wondering ... is that Google language
On Saturday 03 Aug 2013 20:33:03 Robert Tomsick wrote:
On 08/03/13 13:36, Rick Moen wrote:
[...]
Indeed, this whole line of query (from someone who cannot even bother to
read debian-legal and wants to be CCed; no thanks) is basically pretty
dumb
[...]
I'm not sure that hostility is
On Wed, 25 Jun 2014 23:43:36 -0500
Scott Blaydes sblay...@netteksolutions.com wrote:
Doesn’t it make you wonder about a company who’s Privacy, Security
and Compliance Officer can’t figure out how to get off of a mailing
list that he had to subscribe to and verify his address for?
Yep - it's
On Mon, 1 Aug 2016 08:25:01 -0700
Darren S. wrote:
> There are aspects of the flashplugin-nonfree package I am hoping to
> understand better in respect to installing the latest security updates
> for the Adobe Flash plugin on a Debian host.
[snip]
> It appears that the
On Wed, 3 Aug 2016 20:47:45 +0200
Moritz Mühlenhoff <j...@inutil.org> wrote:
> Nick Boyce <n...@glimmer.demon.co.uk> schrieb:
> > assuming Bart is MIA for some reason, is it possible
> > for the Security Team to either fix the update, or to make an
> > announce
On Wed, 3 Aug 2016 17:55:43 +0800
Paul Wise <p...@debian.org> wrote:
> On Wed, Aug 3, 2016 at 8:29 AM, Nick Boyce wrote:
[snip]
> > I realise the nonfree plugin is not really supported, but ...
> > assuming Bart is MIA for some reason, is it possible for the
> >
On Wed, 3 Aug 2016 22:53:28 +
Bart Martens wrote:
> On Mon, Aug 01, 2016 at 08:25:01AM -0700, Darren S. wrote:
[...]
> > 'update-flashplugin-nonfree --status` shows a newer release
> > of the plugin upstream.
> >
> >
> > options : --verbose --status --
> > temporary
85 matches
Mail list logo