Package: policycoreutils
Version: 3.0-1
Severity: normal
Tags: upstream
Ok: return value of 0.
Attempting to install module '/usr/share/selinux/default/zosremote.pp.bz2':
Ok: return value of 0.
Committing changes:
Found conflicting filecon rules
at
Package: swaks
Version: 20190914.0-1
Severity: normal
-> Date: Sun, 05 Apr 2020 09:21:35 +1100
Above is the date header sent by swaks.
# date
Sun 5 Apr 09:21:47 AEST 2020
# date +%z
+1000
Above is the unix time. Swaks is taking the current human readable time but
applying the timezone
On Wednesday, 25 March 2020 3:23:55 PM AEDT Michael Biebl wrote:
> > root@sevm:~# grep dele /proc/293/maps
> > 7fca8e8ef000-7fca8f0ef000 rw-s 00:15 2013277
> > /var/ log/journal/68f1b89bf8c73b0ed9ed905f535fa641/
> >
I created a user on the 21st of March, logged in a couple of times, then
didn't use that account again. Now on the 25th of March I have a mapped
deleted file. The command "journalctl --rotate" fixes the problem.
root@sevm:~# last|grep test
test pts/1103.75.204.226 Sat Mar 21
On Thursday, 19 March 2020 11:49:37 AM AEDT Russell Coker wrote:
> On Thursday, 19 March 2020 5:20:08 AM AEDT Michael Biebl wrote:
> > Or to put it differently: Can you provide steps how this particular
> > issue can be reproduced?
>
> It has happened twice, I have no
On Thursday, 19 March 2020 5:20:08 AM AEDT Michael Biebl wrote:
> Or to put it differently: Can you provide steps how this particular
> issue can be reproduced?
It has happened twice, I have not yet worked out what triggers it. I will
provide more information as I get it.
--
My Main Blog
On Tuesday, 17 March 2020 3:53:46 PM AEDT Michael Biebl wrote:
> control: tags -1 + moreinfo
>
> Am 14.03.20 um 08:23 schrieb Russell Coker:
> > root@sevm:/proc/291# ls -l fd|grep user
>
> What's process 291?
The systemd-journald process.
--
My Main Blog http://
root@sevm:/proc/291# ls -l fd|grep user
lrwx--. 1 root root 64 Mar 13 09:18 21 -> /var/log/journal/
68f1b89bf8c73b0ed9ed905f535fa641/user-1000.journal
lrwx--. 1 root root 64 Mar 13 09:18 26 -> /var/log/journal/
68f1b89bf8c73b0ed9ed905f535fa641/user-1001.journal
lrwx--. 1 root root 64
Package: systemd
Version: 245-2
Severity: normal
/var/log/journal/68f1b89bf8c73b0ed9ed905f535fa641/user-1000@802af85f15f0436cbbf371c9ef25cc3d--.journal
On this system the above file is deleted but mapped, is this operating as
designed? There are currently no
Package: boinc-manager
Version: 7.16.5+dfsg-1
Severity: normal
The command "boincmgr -g 31416 -n localhost -e /etc/boinc-client" used to
connect to the server on localhost when it started, but now it doesn't do so.
Version 7.16.5+dfsg-1exp1 also has this problem.
-- System Information:
Debian
tags 865266 +upstream
thanks
+ checking for automake-1.11 >= 1.11 ...
You must have automake-1.11 installed to compile Warzone2100.
Download the appropriate package for your distribution,
or get the source tarball at ftp://ftp.gnu.org/pub/gnu/automake/
dh_autoreconf: error: ./autogen.sh returned
I've attached the file that can't be converted to PDF on the build servers.
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
quickstartguide.html.xz
Description: application/xz
Package: wkhtmltopdf
Version: 0.12.5-1+b2
Severity: normal
https://buildd.debian.org/status/package.php?p=warzone2100
In the above build log you can see that warzone2100 doesn't build on alpha and
ppc64 due to a wkhtmltopdf SEGV. There probably isn't anyone who wants to run
warzone2100 on
close 706765
thanks
Some time ago the Warzone2100 upstream developers changed it to support
arbitrary window sizes and it doesn't permit a smaller size than will work. I
think all aspects of this bug are fixed.
--
My Main Blog http://etbe.coker.com.au/
My Documents Blog
close 581385
thanks
I can run Warzone2100 at the same time as mplayer without any problems. Also
in the process of developing some new SE Linux policy I tested running
Warzone2100 with a variety of combinations of access to audio resources
returning eperm in ways that the programmers wouldn't
close 473382
thanks
320*240 is not supported upstream. No further comments on this bug for 10
years so closing.
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
Should we close this bug now 3.3.0 is in Unstable?
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
close 839037
thanks
On Sunday, 8 March 2020 10:00:21 PM AEDT Simon McVittie wrote:
> Probably something has called dbus_shutdown(), which is basically never
> correct to do from a shared library or loadable module (because a shared
Thanks for the reminder about this. I can't reproduce it now
We are now on 3.3.0 in Unstable, is this problem fixed?
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
close 635248
thanks
This was reported several major versions ago. Please reopen or file a new bug
report if you can reproduce it now.
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
On Monday, 9 March 2020 4:57:33 AM AEDT Matthias Klose wrote:
> sorry, this was an update for the severity of all python3.8 tagged issues,
> when 3.8 became the default python3 version.
>
> Please close the issue if setools is able to build with 3.8 and is able to
> migrate to testing.
It
severity 952896 normal
reassign 952896 libqt5webenginecore5
thanks
It turns out that this only occurs if the QtWebEngineProc does not have
setrlimit access. As this is an unusual configuration that will affect few
people the severity is lower. Also it looks like it might be a bug in
severity 943495 normal
thanks
I was unable to reproduce a problem when building with the latest packages
from Unstable. It appears to be building the Python 3.8 stuff in the
cpython3_3.8 directory.
I've installed the gcc package from experimental to make all the gcc links
point to version
Package: kmail
Version: 4:19.08.3-1
Severity: critical
Justification: breaks unrelated software
I tagged this critical and breaks unrelated software as there seems no better
tag for software that is dangerous for epileptic people to use.
Every time I launch kmail the message body section
I've attached the Debian file for a 3.3.0 build. It's a little rough and you
might want to make some changes before putting it in Debian, but it compiles
and works for a basic game.
warzone2100_3.3.0-0.debian.tar.xz
Description: application/xz
I'm just trying to get 3.3.0 to build and I'm stuck on the micro-ECC part.
The latest version of Warzone2100 in Unstable has patches to remove use of the
3rdparty directory. But it seems that we don't have Micro ECC (uECC.h) by
Kenneth MacKay in Debian.
Should I keep the 3rdparty version of
https://lists.debian.org/debian-project/2020/02/msg00117.html
Here's the start of a relevant discussion on debian-project.
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
On Tuesday, 25 February 2020 8:26:07 AM AEDT Don Armstrong wrote:
> Control: tag -1 moreinfo
>
> On Mon, 24 Feb 2020, Russell Coker wrote:
> > spamc -u russ...@coker.com.au --max-size=10485760 127.0.0.1 < spam.mbox
> >
> > The above command will correctly sca
Package: net-tools
Version: 1.60+git20180626.aebd88e-1
Severity: normal
Tags: upstream
tcp6 0 0 2a01:4f8:140:71f5::d:25 :::*LISTEN
Above is part of the output of "netstat -tln" on one of my systems. It
doesn't show the last 8 characters of the address so I
Package: spamc
Version: 3.4.2-1+deb10u2
Severity: normal
spamc -u russ...@coker.com.au --max-size=10485760 127.0.0.1 < spam.mbox
The above command will correctly scan a file that's more than 500K in size.
spamc -u russ...@coker.com.au 127.0.0.1 --max-size=10485760 < spam.mbox
The above command
Package: spamass-milter
Version: 0.4.0-1+b1
Severity: normal
spamc -u russ...@coker.com.au --max-size=10485760 127.0.0.1 < spam.mbox
The above command will correctly scan a file that's more than 500K in size.
spamc -u russ...@coker.com.au 127.0.0.1 --max-size=10485760 < spam.mbox
The above
Package: spamassassin
Severity: wishlist
It would be good if the example configuration included a way of whitelisting
mail from known good GPG keys. An example configuration that would be useful
in real use would be the Debian developer keylist.
-- System Information:
Debian Release: 10.3
APT
Package: lists.debian.org
Severity: wishlist
Name: debian-antispam-user
Rationale:
A common use of Debian is for running mail servers. Anti-spam configuration is
a difficult area of MTA configuration that users often need assistance with.
Requests for assistance in configuration can also lead
Package: libsemanage1
Version: 3.0-1
Severity: normal
This patch allows you to build it again after it's already been built once.
Note that src/Makefile is probably buggy in that it won't remove the *.so files
when you run "make -C src clean".
--- libsemanage-3.0/debian/rules2019-12-12
In the file /etc/spamassassin/v320.pre the following line was commented out:
loadplugin Mail::SpamAssassin::Plugin::Bayes
That was what caused the following error:
ERROR: the Bayes learn function returned an error, please re-run with -D for
more information at /usr/bin/sa-learn line 500.
The
Package: isc-dhcp-server
Version: 4.4.1-2.1
Severity: important
In a fairly default configuration with systemd I can't stop the daemon in a
normal manner (this happens on Buster as well as Unstable).
# /etc/init.d/isc-dhcp-server stop
Stopping isc-dhcp-server (via systemctl):
Also you need to do the same thing for /var/lib/dhcp/dhcpd6.leases
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
Yes using touch to create the file looks like the correct solution to this
problem. Probably should unconditionally create the file with touch as
there's no reason not to have it. Maybe use install so you can easily set the
correct permissions on the file.
--
My Main Blog
Package: spamassassin
Version: 3.4.2-1+deb10u2
Severity: normal
# sa-learn --spam --showdots --max-size 0 $MAILDIR/.Spam/cur
Learned tokens from 0 message(s) (1 message(s) examined)
ERROR: the Bayes learn function returned an error, please re-run with -D for
more information at
Package: spamc
Version: 3.4.2-1+deb10u2
Severity: normal
Tags: upstream
When we ran mail servers on 32bit systems a default of skipping spam checks on
the rare messages that were more than 500k in size made sense.
Nowadays messages larger than that are normal and scanning a 10MB message is
not a
Package: initscripts
Version: 2.96-2.1
Severity: normal
Tags: patch
The following patch gives the correct SE Linux context for this file and does
nothing on systems that don't have SE Linux. Generally any time a system
script creates a file and needs to run chmod or similar it will need to run
https://www.coker.com.au/bug/
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
Package: apt-cacher-ng
Version: 3.2-2
Severity: normal
I get the following error repeatedly from the cron job:
/etc/cron.daily/apt-cacher-ng:
Maintenance Task: Expiration
See file /var/log/apt-cacher-ng/maint_1577993104.log.html for more details.
Server control address:
On Monday, 2 December 2019 6:08:27 AM AEDT Dmitry Shachnev wrote:
> reassign 944971 libqt5webenginecore5
> merge 887875 944971
> fixed 887875 qtwebengine-opensource-src/5.12.4+dfsg-1
> thanks
>
> Hi,
>
> On Sun, Jan 21, 2018 at 10:10:57PM +1100, Russell Coker wrote:
>
KDE. Passwords stored per user. When I resume the desktop is locked but the
keyring isn't.
I'll look into getting logs.
On 10 October 2019 10:37:15 am AEDT, Michael Biebl wrote:
>Control: tags -1 + moreinfo
>
>Am 10.10.19 um 01:03 schrieb Russell Coker:
>> Package: network-man
Package: network-manager
Version: 1.14.6-2
Severity: normal
Sometimes when I open the lid on my laptop to unsuspend it after logging in I
get prompted for my wifi password. This happens about twice a month. One
network this happens is on my office network and I can't be certain that
nothing was
Package: mon
Version: 1.3.3-4.1
Severity: normal
Below is what happens when trying to monitor a remote server that requires
authentication (or a server that disconnects abruptly, a server not running the
mon protocol, or many other potential protocol issues).
Firstly support for
Package: mon
Version: 1.3.3-4
Severity: normal
Tags: upstream
Here's what happens when a server named "example" is set to only accept
authenticated connections from mon clients.
What I expect is just the last 2 lines about the failure message.
$ /usr/lib/mon/mon.d/remote.monitor example
Odd
Package: mon
Version: 1.3.3-4
Severity: normal
If you use htpasswd to change the password for an account for mon login
(eg "htpasswd /etc/mon/monusers.cf username") when using "authtype = userfile"
in mon.cf then you won't be able to login. It seems that the perl crypt()
function requires that
To workaround this bug go to the Edit menu and select Preferences. Then set
the Theme to "System" (or anything other than Dark) as in the attached screen-
shot.
This bug is related to the Dark theme.
Package: spectre-meltdown-checker
Version: 0.42-1
Severity: wishlist
Tags: upstream
model name : Intel(R) Core(TM)2 Quad CPUQ9505 @ 2.83GHz
Above is the CPU specification from /proc/cpuinfo on this system.
Package: gimp
Version: 2.10.8-2
Severity: normal
When I try to save a file it makes the color for the entry field dark gray on
black which is almost impossible to read. I have done a
"rm -rf .gimp-2.8/ .config/GIMP/" and the problem persists, so it seems to be
the default.
After the bug report
Package: cron
Version: 3.0pl1-132
Severity: important
Tags: patch
Mar 16 20:36:39 xev cron[14032]: (rjc) ENTRYPOINT FAILED (crontabs/rjc)
Mar 16 20:36:39 xev cron[14032]: (torrent) ENTRYPOINT FAILED (crontabs/torrent)
Mar 16 20:36:39 xev cron[14032]: (test) ENTRYPOINT FAILED (crontabs/test)
When
Package: console-setup-linux
Version: 1.190
Severity: normal
The following patch makes it correctly label /run/console-setup. If SE Linux
isn't enabled then restorecon does nothing, if restorecon isn't installed then
nothing happens.
--- /lib/console-setup/console-setup.sh.orig2019-03-05
Package: netcat6
Version: 1.0-8
Severity: normal
Please compile nc with support for -C for the situations where servers want
that sort of thing.
# nc -C localhost 25
nc: internal error: invalid option -- C (netcat was compiled with
--disable-crlfoption)
(please report this error to nc6
Package: swaks
Version: 20181104.0-1
Severity: normal
Tags: upstream
Below is a transcript of my attempt to forge mail from my own domain by
replacing a Roman E character with a Cyrillic character that looks the same.
Postfix rejects the connection due to the lack of a SMTPUTF8 on the mail from
Firstly as Laurent noted you can run "setsebool -P allow_execmem 1" to
permanently enable execmem.
Another option is to run "setsebool allow_execmem 1" before running the
program in question and then run "setsebool allow_execmem 0" afterwards so
other programs are only vulnerably to execmem
Package: proftpd-basic
Version: 1.3.6-4
Severity: normal
Tags: patch
If restorecon exists it will label the directory if SE Linux is running or do
nothing otherwise. With this change (which has already been done for many
other daemons) the correct label will be applied if SE Linux is running.
Package: php7.3-fpm
Version: 7.3.2-3
Severity: normal
Tags: patch
If restorecon exists it will label the directory if SE Linux is running or do
nothing otherwise. With this change (which has already been done for many
other daemons) the correct label will be applied if SE Linux is running.
---
Package: clamav-freshclam
Version: 0.100.2+dfsg-2
Severity: normal
Tags: patch
The init script tries to set the context of the directory (think chown or
chmod) before creating it. Here is the patch to fix it.
--- /etc/init.d/clamav-freshclam.orig 2019-02-19 00:18:42.180626975 +1100
+++
Package: fetchmail
Version: 6.4.0~beta4-3
Severity: normal
Tags: patch
I think this patch is self-explanatiory.
--- /etc/init.d/fetchmail.orig 2019-02-19 00:03:36.763871514 +1100
+++ /etc/init.d/fetchmail 2019-02-19 00:03:50.483952018 +1100
@@ -103,7 +103,7 @@
mkdir
Package: policycoreutils
Version: 2.8-1
Severity: normal
Tags: upstream
If /.autorelabel exists and the system can't mount the root filesystem rw then
it will enter a boot loop and never recover. The only recovery from such a
situation is to boot with selinux=0 on the kernel command line, fix
Package: policycoreutils-python-utils
Version: 2.8-3
Severity: normal
When adding or modifying a selinux user via "semanage user -a" or
"semanage user -m" you have to specify the prefix for labelling with the -P
option.
Something like the following is an example:
semanage user -a -P staff -R
Package: mplayer
Version: 2:1.3.0-8+b4
Severity: normal
https://archive.org/details/lca2019-Distributed_storage_is_easier_now_usability_from_Ceph_Luminous_to_Nautilus
When trying to play an OGG video from the above page I get the following error.
When I download a MP4 from the same page it works
Package: systemd
Version: 240-4
Severity: normal
When I have a bogus /etc/crypttab entry (for example when converting an
encrypted laptop to a virtual machine that's not encrypted) the boot process
hangs for 90 seconds for no obvious reason.
[**] A start job is running for
On Wednesday, 23 January 2019 6:23:05 AM AEDT Hans van Kranenburg wrote:
> I'm hunting down old bug reports in the Xen packages, and also ran into
> this one. I see why it's useful.
>
> I can see that current init scripts (well, for Xen 4.11) do create
> /run/xen, as wel as /run/xenstored/:
>
>
On Wednesday, 9 January 2019 11:29:14 AM AEDT Colin Watson wrote:
> On Wed, Jan 09, 2019 at 10:43:42AM +1100, Russell Coker wrote:
> > It would probably be easier to just canonicalise all path names given
> > on the command line and then cd / before starting work. Apart from the
It would probably be easier to just canonicalise all path names given on the
command line and then cd / before starting work. Apart from the possibility of
a relative pathname on the command line there's no benefit in restoring the
directory.
--
Sent from my Huawei Mate 9 with K-9 Mail.
Package: grub2-common
Version: 2.02+dfsg1-9
Severity: normal
Below is one example of the problem. A trivial fix for this sort of problem
would be to have the /usr/sbin/update-grub shell script do "cd /" before
running grub-mkconfig (as update-grub is the documented way of doing things
on
Package: network-manager
Version: 1.14.4-4
Severity: normal
My laptop running Debian/Testing works perfectly at home. Connects to wifi
every time without problems. At home there is my own Wifi network and a few
networks of neighbors. At the office it usually fails to connect, the list of
Wifi
When I first saw this last year Lukas correctly identified the problem, sorry
for not mentioning this.
Now it happened again and it turned out that this bug report was one of only 2
google hits about it. I had forgotten about having this problem before.
Could you please patch the btrfs
Package: kmail
Version: 4:17.12.3-1
Severity: normal
Previously when a message was saved to a drafts folder you could press 't' to
edit it and send it later. This doesn't work now, neither on the IMAP Drafts
folder or the local drafts folder. It now seems impossible to do anything with
a draft
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=865441
We already have the above bug report suggesting that this package is obsolete.
The package postfix-policyd-spf-python has a configuration file and seems to
do everything that postfix-policyd-spf-perl does.
--
My Main Blog
Package: postfix-policyd-spf-perl
Version: 2.010-2
Severity: normal
This program should have a configuration file for distribution with Debian.
For a non-packaged program it might be regarded as OK to just edit the code to
change the configuration. But for a program that is part of a package
Package: fail2ban
Version: 0.9.6-2
Severity: normal
./jail.conf:port= pop3,pop3s,imap,imaps,submission,465,sieve
./jail.conf:port= imap,smtp,imaps,465
./jail.conf:port = smtp,465,submission,imap3,imaps,pop3,pop3s
./jail.conf:port = smtp,465,submission,imap3,imaps,pop3,pop3s
close 896134
thanks
After upgrading to 8.00~svn3725-2 this works. It appears to be fixed.
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
Source: secilc
Version: 2.7-1
Severity: normal
dpkg-source: info: using source format '3.0 (quilt)'
dpkg-source: info: building secilc using existing ./secilc_2.7.orig.tar.gz
dpkg-source: error: cannot represent change to
docs/pdf/CIL_Reference_Guide.pdf: binary file contents changed
https://www.akkadia.org/drepper/nonselsec.pdf
Page 8 of the above document gives some suggestions on how to solve this class
of problem.
Do you need some help with this?
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
https://www.akkadia.org/drepper/nonselsec.pdf
Page 8 of the above document gives some suggestions on how to solve this class
of problem.
Do you need some help with this?
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
Package: boinc-app-seti
Version: 8.00~svn3701-1
Severity: normal
The boincmgr program when it connects to thie system reports all SETI@home
tasks as having status "Computation error". The daemon.log file has the
following which may be related (or may be something different):
Apr 19 11:03:49
Package: checkpolicy
Version: 2.7-1
Severity: normal
Tags: upstream patch
https://marc.info/?l=selinux=152078548332657=2
The above URL has patches to make checkpolicy etc support sctp. The latest
git refpolicy has sctp and needs those patches to compile.
Below are the compilation errors you
Package: kmail
Version: 4:17.08.3-2
Severity: normal
On 2 systems, a workstation with an AMD video card and a laptop with built in
Intel video I have Kmail displaying a rectangle of the background after it
has been running for a while. I will attach screen shots after the bug number
has been
https://etbe.coker.com.au/2018/03/05/compromised-guest-account/
I just had one of my systems compromised. While I did stuff up, if the
default had been to have AllowUsers I would have set it to only allow desired
ssh users and everything would have been fine.
I suggest that the default
$ goplay
Xapian DatabaseOpeningError: Couldn't stat '/var/lib/apt-xapian-index/index'
Instead of just giving the above message it should say "the index should be
generating in the background, it should work soon". A progress indicator
isn't necessary, anything other than just exiting with a
What's the situation with this one? Could it be included in the next Stretch
update?
On Saturday, 9 December 2017 1:33:39 PM AEDT Russell Coker wrote:
> On Saturday, 2 December 2017 11:05:24 AM AEDT Adam D. Barratt wrote:
> > IFF it's versioned as 2:2.20161023.1-9+deb9u1, uses
Package: libparted2
Version: 3.2-20
Severity: normal
http://oss.tresys.com/pipermail/refpolicy/2018-February/010476.html
The udisks2 access to /dev/mem is discussed on the SE Linux list at the above
URL.
https://sources.debian.org/patches/parted/3.2-20/gptsync.patch/
It seems that the access
Package: policycoreutils-python-utils
Version: 2.6-3
Severity: normal
# semanage port -a -t ssh_port_t -p tcp 1234
ValueError: Port tcp/1234 already defined
# apt-get install python3-numpy
[...]
Setting up python3-numpy (1:1.12.1-3) ...
# semanage port -a -t ssh_port_t -p tcp 1234
Traceback (most
Package: libqt5webenginecore5
Version: 5.9.2+dfsg-2
Severity: normal
$ execstack -q /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2
X /usr/lib/x86_64-linux-gnu/libQt5WebEngineCore.so.5.9.2
The shared object is listed as requiring an executable stack. This weakens
the security of every
Package: systemd
Version: 232-25+deb9u1
Severity: normal
On a vm at linode.com /home wouldn't be mounted (mount would hang forever with
x-systemd.automount and abort leading to sulogin without it) and swap wouldn't
be enabled when udev wasn't installed.
udev was in "rc" state, so maybe a "dpkg
On Monday, 15 January 2018 2:15:40 PM AEDT James Cowgill wrote:
> > Sorry, we do not control the binaries that Valve
> > use in Steam. You're welcome to take this upstream to
> > https://github.com/ValveSoftware/steam-for-linux/issues/ if you believe
> > the use of generic i386 binaries is a
> Impact: am I right in thinking that this is not in itself a security
> vulnerability, but that if there is a separate security vulnerability
> somewhere in Valve's binaries, having execmod access makes it
> significantly easier for an attacker to turn that vulnerability into
> arbitrary code
On Monday, 15 January 2018 11:18:42 AM AEDT Simon McVittie wrote:
> Sorry, we do not control the binaries that Valve
> use in Steam. You're welcome to take this upstream to
> https://github.com/ValveSoftware/steam-for-linux/issues/ if you believe
> the use of generic i386 binaries is a security
Package: steam
Version: 1.0.0.54-3
Severity: normal
Tags: upstream
type=AVC msg=audit(1516012042.500:1381380): avc: denied { execmod } for
pid=4488 comm="steam" path="/home/rjc/.steam/ubuntu12_32/libavutil.so.55"
dev="sda2" ino=64950
Package: prosody
Version: 0.9.12-2
Severity: normal
Tags: patch
For a long time /var/run has been a symlink to /run. Therefore it's best to
use /run directly which avoids problems if /var isn't mounted (admittedly
a configuration that's not common) and makes the operation clearer.
On SE Linux
ve bootloader_t all the access it needs to create initramfs images in
+different situations and communicate with dpkg_t.
+Closes: #875676
+ * Allow dnsmasq_t to read it's config dir
+Closes: #875681
+
+ -- Russell Coker <russ...@coker.com.au> Sat, 09 Dec 2017 13:12:05 +1100
+
re
On Sunday, 19 November 2017 9:41:58 PM AEDT Adam D. Barratt wrote:
> > Section 5.5.1 of the above seemed to indicate that I should do it
> > that way.
> > Did I misunderstand it or does the documentation need improving?
>
> Some combination. :-)
>
> You used reportbug to file the report - did it
Package: swaks
Version: 20170101.0-2
Severity: normal
Tags: upstream
Here is what happens when I try to generate a TLS error:
$ swaks -tls --tls-verify --ehlo test.coker.com.au -f russ...@coker.com.au -t
exam...@example.com -s pop.sws.net.au
=== Trying pop.sws.net.au:25...
===
On Monday, 20 November 2017 7:48:18 AM AEDT Chris Lamb wrote:
> Sorry for replying earlier but I seemingly did not receive this bug report
> by mail and have just seen it via my QA page.
Maybe a DMARC issue. No big deal.
> > redis-server: Unknown lvalue 'RunTimeDirectory' in section 'Service'
>
I sent such a debdiff almost 2 months ago. Is it ok?
On 30 September 2017 1:39:15 am AEST, "Adam D. Barratt"
<a...@adam-barratt.org.uk> wrote:
>On Sat, 2017-09-30 at 01:08 +1000, Russell Coker wrote:
>> I've attached the patches. These all come from the package cu
reassign 880846 libc-bin
thanks
OK it's a libc-bin bug.
--
My Main Blog http://etbe.coker.com.au/
My Documents Bloghttp://doc.coker.com.au/
201 - 300 of 1335 matches
Mail list logo