Bug#342281: xpdf-reader: security issues by iDefense

2005-12-06 Thread Paul Szabo
/archive/1 Upstream/vendor patches are apparently available. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux

Bug#337195: mozilla-thunderbird: external movemail program ignored

2005-11-03 Thread Paul Szabo
ssue http://bugs.debian.org/272956 (which is exactly why I would want it). Curious: an external movemail was working fine with Netscape4... Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia

Bug#308347: [PATCH] Re: twiki: topic saves and file attachments fail after upgrade

2005-09-29 Thread Paul Szabo
The patch below should solve this problem. I expect this will also solve #305793 Attach files to TWiki topics fails after update and an un-related (un-reported?) problem. (Sven: should I make a reportbug for the "unrelated" problem?) Cheers, Paul Szabo [EMAIL PROTECT

Bug#308347: [PATCH] Re: twiki: topic saves and file attachments fail after upgrade

2005-09-29 Thread Paul Szabo
plains about tainting if a comment is present. Force a comment, and untaint it?) Cheers, Paul Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subj

Bug#305793: [PATCH] Attach files to TWiki topics fails after update

2005-10-03 Thread Paul Szabo
Seems to me that the following solves the issue. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia --- /usr/share/perl5/TWiki/Store/RcsWrap.pm.orig2005-04-13 12:33:16.0 +1000

Bug#329156: gnome-pty-helper foo

2005-10-07 Thread Paul Szabo
eam directly? Are not all security-tagged bug reports monitored, as a matter of course? (Are they knowledgeable to advise on your questions above?) Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustral

Bug#328141: mount: umount -r drops nosuid flag

2005-09-13 Thread Paul Szabo
Package: mount Version: 2.11n-7 Severity: critical File: /bin/umount Tags: security Justification: root security hole Please see http://www.securityfocus.com/archive/1/410333 for details. Verified (that noexec flag is gone) as follows: psz:~$ id uid=1001(psz) gid=1001(amstaff) groups=1001(am

Bug#328557: twiki: TWiki Remote Command Execution Vulnerability

2005-09-15 Thread Paul Szabo
Package: twiki Version: 20030201-6 Severity: critical Justification: root security hole Please see http://www.securityfocus.com/archive/1/410721 Verified with http://iw/iw/view/Main/TWikiUsers?rev=3D2%20%7Cless%20/etc/passwd http://iw/iw/view/Main/TWikiUsers?rev=3D2%20%7Cps%20aux|cat%20

Bug#328557: twiki: TWiki Remote Command Execution Vulnerability

2005-09-16 Thread Paul Szabo
ers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#329156: gnome-pty-helper foo

2005-10-11 Thread Paul Szabo
y01 Jan 01 02:03 (insecure.com"')" [EMAIL PROTECTED]:~$ should suitably freak them out. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EM

Bug#329156: /usr/sbin/gnome-pty-helper: writes arbitrary utmp records

2005-09-19 Thread Paul Szabo
, code below. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia OUTPUT: [EMAIL PROTECTED]:~$ gnome-pty-helper-exploit xyz & sleep 1; who; ps aux | grep psz; sleep 6; who [1] 31444 Writing

Bug#329156: /usr/sbin/gnome-pty-helper: writes arbitrary utmp records

2005-09-19 Thread Paul Szabo
ink of any "important" uses of utmp/wtmp files. I use utmp in some of my own scripts, that is how I looked at gnome-tty-helper.) Cheers, Paul Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia

Bug#329156: /usr/sbin/gnome-pty-helper: writes arbitrary utmp records

2005-09-26 Thread Paul Szabo
y running xhost, if it fails then surely you do not "own" that display. Slow, maybe secure. That is what I use now.) Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRI

Bug#329156: /usr/sbin/gnome-pty-helper: writes arbitrary utmp records

2005-09-26 Thread Paul Szabo
e know if you don't have a setup > permitting the check, or if you lack the time. Looking at the source vte-0.11.15/gnome-pty-helper/gnome-pty-helper.c in line 682 it grabs display_name = getenv ("DISPLAY"); and uses it without any sanity checks: yes, surely it is also affecte

Bug#328141: acknowledged by developer (Bug#329063: fixed in util-linux 2.12p-8)

2005-09-26 Thread Paul Szabo
Dear Debian Security, Quoting from http://www.debian.org/security/ : Debian takes security very seriously. Most security problems brought to our attention are corrected within 48 hours. Can we please have a DSA for this problem? Thanks, Paul Szabo [EMAIL PROTECTED] http

Bug#289958: rpc.statd should use a fixed port

2006-12-12 Thread Paul Szabo
instead of people re-discovering the problem and having to configure manually)? Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsub

Bug#289958: rpc.statd should use a fixed port

2006-12-14 Thread Paul Szabo
llocations? Seems the files/functions to change would be: glibc-2.3.2/sunrpc/bindrsvprt.c bindresvport() kernel-source-2.6.8/net/sunrpc/xprt.c xprt_bindresvport() kernel-source-2.6.8/net/ipv4/tcp_ipv4.c tcp_v4_get_port() kernel-source-2.6.8/net/ipv4/udp.c udp_v4_get_port() Cheers,

Bug#403695: twiki: Cannot set WEBLOGOIMG

2006-12-18 Thread Paul Szabo
ing "view source" in the browser): ... TWiki ... I can only get the "right" output by modifying /var/lib/twiki/templates/twiki.tmpl and "hard-coding" these values. What am I doing wrong? Thanks, Paul Szabo [EMAIL PROTE

Bug#403695: twiki: Cannot set WEBLOGOIMG

2006-12-19 Thread Paul Szabo
this bug: seems all caused by my lack of understanding the intricacies of twiki management. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject o

Bug#384105: #384105 /usr/X11R6/bin/X: X server slow

2006-11-11 Thread Paul Szabo
I now observe the same thing in Ubuntu, after upgrading from 6.06 "dapper" to 6.10 "edgy", e.g. with p=`ps -fC Xorg` time perl -e '$|=1; foreach $x (1..500) { print "x" foreach(1..$x); print " $x\n" }' echo "$p"; ps -fC Xo

Bug#384105: #384105 /usr/X11R6/bin/X: X server slow

2006-11-12 Thread Paul Szabo
XFree86.0.log output). Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#401769: twiki.postinst

2006-12-05 Thread Paul Szabo
er/conf.d/twiki.conf fi Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-spb1.6 Locale

Bug#147471: debbug #147471 sysklogd: please make binding to only one IP possible

2006-12-07 Thread Paul Szabo
tags 147471 + patch thanks We at Maths.USyd have been using the following patch for this; sorry, no patch for the man page. (Should have been passed on to Debian years ago; my excuse is that I took over management of the machine that uses this a short time ago.) Cheers, Paul Szabo [EMAIL

Bug#402094: kernel-source-2.6.8: Intel drivers (net/e100.c, net/e1000/e1000_main.c)

2006-12-07 Thread Paul Szabo
rce-2.6.8/drivers/net/e1000/e1000_main.c char e1000_driver_name[] = "e1000"; char e1000_driver_string[] = "Intel(R) PRO/1000 Network Driver"; char e1000_driver_version[] = "5.2.52-k4"; char e1000_copyright[] = "Copyright (c) 1999-2004 Intel Corporatio

Bug#406902: kernel-source: NFS data loss

2007-01-14 Thread Paul Szabo
13997 psz cwd DIR 0,15 40965800702 /pisa/users/amstaff/psz/tdir (pisa:/usr/users) Mon Jan 15 08:12:46 EST 2007 Settings: rome# grep psz /etc/passwd psz:x:1001:1001:Paul Szabo:/users/amstaff/psz:/bin/bash rome# ls -l /users/amstaff lrwxrwxrwx 1 root root 19 Jan 19 2

Bug#400270: php4-common: Perms of /var/lib/php4

2006-11-24 Thread Paul Szabo
ack PHP (by creating random files in there). Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Debian Release: 3.1 Architecture: i386 (i686) Kernel: Linux 2.6.8-spm1.6 Locale

Bug#295435: sylpheed: Mis-parsing mbox file From lines

2005-02-15 Thread Paul Szabo
e MAC adress is 00:00:aa:bb:cc:dd. Hope you can set DHCP for it. (seeing a bogus new message at the From line). Checking that the "From " line is followed by a header may be useful; but sylpheed MUST check that the "From " line follows a blank line (or is at the begi

Bug#299007: base-files: Insecure PATH in /root/.profile

2005-03-10 Thread Paul Szabo
g/doc/manuals/securing-debian-howto/ch11.en.html#s11.1.12.2 [6] http://hackersplayground.org/papers/sendmailholes.txt [7] http://lists.debian.org/debian-doc/2001/08/msg00041.html [8] http://lists.debian.org/debian-user/2003/12/msg02057.html Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.

Bug#296190: sendmail: mail.local From line quoting

2005-02-20 Thread Paul Szabo
There may be arguments for not using Content-Length at all. Some references: http://www.netscape.com/eng/mozilla/2.0/relnotes/demo/content-length.html http://groups.google.com/groups?hl=en&lr=&ie=ISO-8859-1&q=%22content-length%22+harmful http://www.washington.edu/imap/docu

Bug#384454: closed by Alberto Gonzalez Iniesta <[EMAIL PROTECTED]> (Bug#384454: fixed in linux-ftpd 0.17-20sarge2)

2007-02-17 Thread Paul Szabo
ot;wrong" patch. So this seems fixed in etch 0.17-23 since 25 Nov 2006, but not yet in sarge (==stable) 0.17-20sarge2. Please fix for sarge also. Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney

Bug#408879: /bin/ps: TIME drifted

2007-02-18 Thread Paul Szabo
Justin, > does this happen to you on a laptop machine, or otherwise? I do not have Debian laptops. So it is otherwise: on my "main" departmental login server.... Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics

Bug#384454: ftpd (was Bug#384454)

2007-02-18 Thread Paul Szabo
Dear Security team, A stupid little bug crept into (was left in) #384454 and DSA-1217. My fault originally: I humbly apologize. Please correct it for sarge. Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney

Bug#220892: suidperl is safe

2007-03-03 Thread Paul Szabo
I thought this had been fixed ages ago: see Bug#220486 and DSA 431-2. Maybe this could be closed also? Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL

Bug#413201: perl: truncate() misuses filehandle

2007-03-03 Thread Paul Szabo
staff 4 Mar 3 19:15 HAND HAND: abc 1 total 8 -rw--- 1 psz amstaff 4 Mar 3 19:15 FILE -rw--- 1 psz amstaff 2 Mar 3 19:15 HAND Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia --

Bug#408879: /bin/ps: TIME drifted

2007-02-18 Thread Paul Szabo
Justin, > ... Do you suspect some particular cause here, too? Yes, I "blame" ntpd. I only guess that it uses "suspend" to slow things down. (No, I wouldn't "manually" suspend my server.) Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.e

Bug#384454: ftpd (was Bug#384454)

2007-02-20 Thread Paul Szabo
accept). Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#384454: ftpd (was Bug#384454)

2007-02-21 Thread Paul Szabo
bugtraq if/when they accept). Bugtraq accepted also: http://www.securityfocus.com/archive/1/460742 Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED]

Bug#408759: gnome-terminal: terminal is slow

2007-03-19 Thread Paul Szabo
x\n" }' whereas a mere 4 seconds for perl -e '$|=0; foreach $x (1..500) { print "x" foreach(1..$x); print " $x\n" }' (Hmm... I now see that sarge 3.1r5 was released 18 Feb 07, and I still run the previous one. Will now update, re-test, and mayb

Bug#408759: gnome-terminal: terminal is slow

2007-03-19 Thread Paul Szabo
reach(1..$x); print " $x\n" }' Seems not fixed at all. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#408759: gnome-terminal: terminal is slow

2007-03-20 Thread Paul Szabo
output uses the same fonts. Please instruct what fonts should I try (and how to change to them), and I will try. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL P

Bug#384105: /usr/X11R6/bin/X: X server slow

2007-01-26 Thread Paul Szabo
audit 0 -auth /var/lib/gdm/:0.Xauth -nolisten tcp vt7 so I guess Xorg is buggy also. (This is with the ATI driver. I now cannot imagine how bad it would have been with VESA.) Regardless of Xorg, please do not close this bug: Debian (stable) has XFree86 only, not Xorg. Thanks, Paul Szabo [

Bug#384105: /usr/X11R6/bin/X: X server slow

2007-01-27 Thread Paul Szabo
erver of either. There was no bug, and nothing fixed, in the Xorg server. Seems I should have reported the bug against the terminals, not against the X server package.) Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics Univers

Bug#384105: /usr/X11R6/bin/X: X server slow

2007-01-28 Thread Paul Szabo
terminals were faster > before. Once we know that it is a regression, and not just a "slow" > implementation, the severity could be raised. As per initial bug report: >> ... 50 seconds ... At woody the above completed in under 1 second. so it seems proved a regression. Ch

Bug#408879: /bin/ps: TIME drifted

2007-01-28 Thread Paul Szabo
548 472 pts/6S+ 08:34 0:00 grep -E psz|USER psz 14627 0.0 0.0 2496 848 pts/6R+ 08:34 0:00 ps aux [EMAIL PROTECTED]:~$ Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia --

Bug#408879: /bin/ps: TIME drifted

2007-01-28 Thread Paul Szabo
Again looking at BTS, this bug seems similar to #161633. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe"

Bug#384922: nfs-kernel-server: root_squash is broken

2006-08-27 Thread Paul Szabo
NFS could document the issue, or help change policy.) Please see also bug#299007 http://bugs.debian.org/299007 . Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Debian Re

Bug#384922: nfs-kernel-server: root_squash is broken

2006-08-27 Thread Paul Szabo
Please see also http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/049079.html Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject

Bug#299007: NFS root_squash broken in Debian

2006-08-27 Thread Paul Szabo
Please see also http://bugs.debian.org/384922 http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/049079.html Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE

Bug#384922: nfs-kernel-server: root_squash is broken

2006-08-29 Thread Paul Szabo
o someone who just had his machine trashed because he trusted root_squash. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "

Bug#384922: nfs-kernel-server: root_squash is broken

2006-08-29 Thread Paul Szabo
(in more innocent times) was exactly about that PATH setting. > 4. You can login on the NFS server. > > This is not an impossible combination, but it's not a gaping security hole > either. My exact situation: my home directory is exported from a server (read/write and suid everywhe

Bug#384922: nfs-kernel-server: root_squash is broken

2006-08-29 Thread Paul Szabo
e fit. I was actually hoping that the NFS community would be able to convince the policymakers to fix the policy. They tricked you already: you were mistaken about root's PATH. With the wrong policy, bugs such as this will keep popping up; they will be reassigned, retitled, or otherwise s

Bug#384922: nfs-kernel-server: root_squash is broken

2006-08-30 Thread Paul Szabo
s a tiny policy change, to be permitted to drop /usr/local things from root's PATH, or to remove group staff writability from those things. Everyone seems to know those should be done... Thanks for your help, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mat

Bug#385384: nfs-kernel-server: root_squash to also squash group staff

2006-08-30 Thread Paul Szabo
currently the kernel does not understand such squashing of groups... so this feature should be activated as soon as the kernel supports it. Please see bugs #384922 and #299007 http://bugs.debian.org/384922 http://bugs.debian.org/299007 for details. Cheers, Paul Szabo [EMAIL PROTECTED] http

Bug#385377: nfs-kernel-server: Document group staff being root-equivalent

2006-08-30 Thread Paul Szabo
lation). Please see bugs #384922 and #299007 http://bugs.debian.org/384922 http://bugs.debian.org/299007 for details. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information:

Bug#299007: base-files: Insecure PATH

2006-08-30 Thread Paul Szabo
I note that Ubuntu has fixed this: https://launchpad.net/bugs/13795 Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of

Bug#384922: NFS insecure without support for squashing multiple groups

2006-08-30 Thread Paul Szabo
Dear Steve, You seem to think that this is "important" but not "critical". Don't you agree that it is a root security hole? Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustr

Bug#384922: NFS insecure without support for squashing multiple groups

2006-08-30 Thread Paul Szabo
root users; but that is not this bug. Yes, that is #299007, but am told that policy bugs cannot be critical... Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#384922: NFS insecure without support for squashing multiple groups

2006-08-31 Thread Paul Szabo
messages from Steinar, never anything from Anibal. After re-assigning to linux-2.6.16 (hmm... why the specific version?) where the maintainer is a nebulous committee, again you re-jiggle severity; and no word from the maintainers. Thanks, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au

Bug#384922: NFS insecure without support for squashing multiple groups

2006-08-31 Thread Paul Szabo
ve no skills to attack). And it can be fixed: root on the server will be safe if we fix either of the last two points, in the policy or if the policy allows us to fix our systems; or if at great expense we implement squashing GIDs. > The answer remains, "don't set your NFS environm

Bug#384922: NFS insecure without support for squashing multiple groups

2006-08-31 Thread Paul Szabo
severity 384922 critical thanks Dear Steve, The issue is root compromise of an NFS server. If that is possible then it is critical; if it is not possible then the bug is solved. It seems logically impossible to downgrade this kind of bugs. Cheers, Paul Szabo [EMAIL PROTECTED] http

Bug#384922: NFS insecure without support for squashing multiple groups

2006-08-31 Thread Paul Szabo
r it to function securely. But then those settings would need to go into its setup scripts, and it would be in breach of policy, triggering a "serious" bug and its removal from Debian. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and

Bug#384922: NFS insecure without support for squashing multiple groups

2006-09-02 Thread Paul Szabo
default root_squash working, and never set non-default permissions on /usr/local or altered root's PATH. I beleive it renders many other systems exploitable also, but have no ways to test that hypothesis. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of M

Bug#384105: /usr/X11R6/bin/X: X server slow

2006-08-21 Thread Paul Szabo
and 50 seconds on a Celeron2GHz, with /usr/bin/X11/X taking almost 100% CPU time. At woody the above completed in under 1 second. It is interesting to see more than one of those running simultaneously in several windows: only one at a time is "running". Cheers, Paul Szabo [E

Bug#384454: ftpd: Does not handle symlink? NFS? home directory

2006-08-24 Thread Paul Szabo
is nonsense when logging in to the machine containing my home dir. Settings that may be relevant to ftpd are: [EMAIL PROTECTED]:~$ grep psz /etc/passwd psz:x:1001:1001:Paul Szabo:/users/amstaff/psz:/bin/bash [EMAIL PROTECTED]:~$ ls -l /etc/ftp* -rw-r--r-- 1 root root 76 Apr 18 2002 /etc/ftpchro

Bug#384454: ftpd: Does not handle symlink? NFS? home directory

2006-08-24 Thread Paul Szabo
dir on asti was /users/amstaff/psz/root then on pisa I could set /user/amstaff/psz to by a symlink to /, so asti would resolve that as /root.) I do not know what misdeeds I can do by having an otherwise inaccessible cwd. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/

Bug#384454: ftpd: Does not handle symlink? NFS? home directory

2006-08-24 Thread Paul Szabo
See also http://lists.grok.org.uk/pipermail/full-disclosure/2006-August/049014.html Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a

Bug#384454: ftpd: Does not handle symlink? NFS? home directory

2006-08-24 Thread Paul Szabo
I suggest the patch below. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia --- linux-ftpd-0.17/ftpd/popen.c.bak1999-07-16 11:12:54.0 +1000 +++ linux-ftpd-0.17/ftpd/popen.c

Bug#384454: ftpd: Does not handle symlink? NFS? home directory

2006-08-25 Thread Paul Szabo
ted by /root being mode 700. Much more fun if /root/bin was mode 777... Please fix. Please issue DSA. Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to [EMAIL PROTECTED]

Bug#394371: cgiwrap: open file descriptors

2006-10-20 Thread Paul Szabo
31129 psz3r DIR8,14096 228481 /root Surely the directory /root should not be left open. This is not a major security hole, but is a breach of privacy. Cheers, Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics Uni

Bug#584663: Bug#584653: Patch to close CVE-2010-2055

2010-11-20 Thread paul . szabo
n|stat|access)' x.out | grep -E -v '"/(usr|etc|var|lib)/' strace -o x.out /usr/bin/gs -P x.ps >/dev/null 2>&1; grep -E '^(open|stat|access)' x.out | grep -E -v '"/(usr|etc|var|lib)/' The first two are identical: attempt to load various th

Bug#592569: Bug#584653: Patch to close CVE-2010-2055

2010-11-20 Thread paul . szabo
the same as was for -P-, and that was accepted as a "grave" bug. (If anything, a lack of -dSAFER is easier to exploit, with just the one PS file.) If -dSAFER is ever a good idea, then now is a good a time to change. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://ww

Bug#592569: Bug#584653: Patch to close CVE-2010-2055

2010-11-21 Thread paul . szabo
quot;god intended". > ... I choose to not change this for Squeeze, unless ... more > concrete proof that the system is insecure ... I cannot provide a more obvious way to attack gs... so for now I must accept your decision. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.m

Bug#592569: references to unsafe use of gs

2010-11-21 Thread paul . szabo
/faq/407-02.html http://www.troubleshooters.com/linux/gs.htm Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with

Bug#602333: /usr/bin/fusermount: fusermount allows unmount any filesystem

2010-11-22 Thread paul . szabo
Ubuntu has now added the reference CVE-2010-3879 to https://bugs.launchpad.net/bugs/670622 and marked in "confirmed". Other interesting references: https://bugzilla.redhat.com/show_bug.cgi?id=651183 https://bugzilla.novell.com/show_bug.cgi?id=651598 Cheers, Paul Paul

Bug#584663: imagemagick uses gs without -P-

2010-11-22 Thread paul . szabo
magick, no need for more "mass bug filing".) Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a sub

Bug#584663: imagemagick uses gs without -P-

2010-11-22 Thread paul . szabo
I do apologize if I misunderstood something, and done the wrong thing yet again. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@li

Bug#604883: dhcp3-client: Does not set hostname but leaves '(none)'

2010-11-24 Thread Paul Szabo
. Please let me know if I should check or debug something. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Debian Release: squeeze/sid APT prefers testing APT

Bug#584653: ghostscript: does not honor -P- option

2010-11-27 Thread paul . szabo
Dear Mehdi, > We prefer targeted fixes ... > ... we won't be able to review [gs 9.00] or accept it ... Supposing that those "targeted fixes" may not happen. Would you then release gs 8.71 with a grave (= RC) bug? Or would you drop gs, or delay squeeze? I am genuinely curious

Bug#740020: xpdf: printing fails with Floating point exception

2014-02-24 Thread Paul Szabo
libXt.so.6 #19 0xf7c38a88 in XtAppMainLoop () from /usr/lib/i386-linux-gnu/libXt.so.6 #20 0x5657367e in ?? () #21 0x56561a82 in main () (gdb) quit Please let me know if I should try or test something else. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of

Bug#740020: printing fails with Floating point exception

2014-02-25 Thread paul . szabo
I now notice that xpdf on a 64-bit (x86_64) machine can print, the problem occurs on a 32-bit (i386) machine. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To UNSUBSCRIBE

Bug#736666: /usr/lib/sm.bin/mail.local: lockmailbox failed code 75 EX_TEMPFAIL

2014-01-25 Thread Paul Szabo
(int) uid, errno, (int) getuid(), (int) geteuid()); exit(1); } if ((off = maillock(p, 15)) != 0) { printf("lockmailbox %s code %d errno=%d\n", p, off, errno); } mailunlock(); } = Thanks, Paul Paul Szabo

Bug#692579: Workaround: fix xauth in Xsession

2014-02-02 Thread paul . szabo
./g and $h=~s/3(\d)/$1/g and system "xauth add $h:$s $m $c"; exit' to that script, somewhere before the SESSIONFILES=$(run_parts $SYSSESSIONDIR) block. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and

Bug#738497: gdm3: XDMCP cannot handle multiple terminals

2014-02-09 Thread Paul Szabo
, I am not sure whether logged-in sessions would quit also. As a workaround, I will use squeeze GDM2 instead. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Deb

Bug#735014: mysql-server-5.5: mysqlhotcopy fails on cond_instances in performance_schema

2014-01-11 Thread Paul Szabo
as information_schema already skipped in mysqlhotcopy). The following one-line patch seems to have solved the problem for me. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia --- /usr

Bug#740020: xpdf: printing fails with Floating point exception

2014-02-27 Thread paul . szabo
This issue seems related to bug#658264. Using the i386 package from https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=658264#64 seems to solve the issue for me. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics

Bug#740782: html2ps: Use of assignment to $[ is deprecated

2014-03-04 Thread Paul Szabo
/html2ps/+bug/1130851 https://bugzilla.redhat.com/show_bug.cgi?id=822117 Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Information: Debian Release: 7.4 APT prefers stable

Bug#743743: initscripts: bootmisc.sh to use /run/nologin

2014-04-05 Thread Paul Szabo
(?) bootmisc.sh is shown below. I wonder whether bugs #510582 #510712 #546245 are now "done" and could be closed. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- System Informati

Bug#633928: texmacs: Segfault crash in five keypresses

2014-03-17 Thread paul . szabo
Dear Raju, At long last I remembered to test this... The bug seems gone at wheezy, TeXmacs 1.0.7.15. Please close this bug. Thanks, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia -- To

Bug#695182: [RFC] Reproducible OOM with just a few sleeps

2013-01-14 Thread paul . szabo
/proc/iomem will let you > locate your memory holes. Thanks, that might explain it. Output of /proc/iomem below: sorry I do not know how to interpret it. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics Universit

Bug#695182: [RFC] Reproducible OOM with just a few sleeps

2013-01-14 Thread paul . szabo
y reasonable workarounds ... Only one workaround was proposed: use amd64. PAE is buggy and useless, should be deprecated and removed. Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia

Bug#695182: [RFC] Reproducible OOM with just a few sleeps

2013-01-15 Thread paul . szabo
re 32-bit non-PAE HIGHMEM4G kernel would work fine), and that one should definitely switch with over 4GB RAM. There would be no need or use for PAE kernels, which should be dropped. I think I agree. Thanks, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Ma

Bug#695182: [RFC] Reproducible OOM with just a few sleeps

2013-01-17 Thread paul . szabo
free' shows total Mem 65854128 (up from 64447796 with PAE kernel), and I do not see much change in /proc/iomem output (below). Is that as should be? Thanks, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of S

Bug#695182: [PATCH] Negative (setpoint-dirty) in bdi_position_ratio()

2013-01-19 Thread paul . szabo
s64 also prevents overflow with left-shift; though normally these numbers are small and I never observed a 32-bit overflow there. (This patch does not solve the PAE OOM issue.) Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics

Bug#695182: [PATCH] MAX_PAUSE to be at least 4

2013-01-20 Thread paul . szabo
Ensure MAX_PAUSE is 4 or larger, so limits in return clamp_val(t, 4, MAX_PAUSE); (the only use of it) are not back-to-front. (This patch does not solve the PAE OOM issue.) Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics

Bug#695182: [PATCH] Subtract min_free_kbytes from dirtyable memory

2013-01-20 Thread paul . szabo
When calculating amount of dirtyable memory, min_free_kbytes should be subtracted because it is not intended for dirty pages. Using an "extern int" because that is the only interface to some such sysctl values. (This patch does not solve the PAE OOM issue.) Paul Szabo p...@maths.u

Bug#695182: [RFC] Comments and questions

2013-01-20 Thread paul . szabo
() should add or include NR_SLAB_RECLAIMABLE. (This does not solve the PAE OOM issue.) Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of SydneyAustralia Reported-by: Paul Szabo Reference: http://bugs.debian.org/695182

Bug#695182: Write couple of 1GB files for OOM crash

2013-01-21 Thread paul . szabo
t; of the issue: it protects against OOM when writing a few files, but does not protect when running a few sleeps. I am coming back to the idea that this is some signed-vs-unsigned or similar issue... though I could not find it yet! --- Using the amd64 kernel seems a "workable" workaroun

Bug#695182: [PATCH] Subtract min_free_kbytes from dirtyable memory

2013-01-22 Thread paul . szabo
patch is not needed on those newer kernels. A question: what is the use or significance of vm_highmem_is_dirtyable? It seems odd that it would be used in setting limits or threshholds, but not used in decisions where to put dirty things. Is that so, is that as should be? What is th

Bug#695182: [PATCH] Negative (setpoint-dirty) in bdi_position_ratio()

2013-01-24 Thread paul . szabo
r 32GB RAM. Oddly the problem does not seem to occur when using mem=32g or lower on the kernel boot line (or on machines with less than 32GB RAM). Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics University of Sydney

Bug#695182: [PATCH] Negative (setpoint-dirty) in bdi_position_ratio()

2013-01-24 Thread paul . szabo
quot; (not PAE but HIGHMEM4G) kernel handles the same "sleep test" without any problems. (Thus I now think that the remaining bug is not with writeback.) Cheers, Paul Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/ School of Mathematics and Statistics Univ

  1   2   3   4   5   6   7   >