Please remove g...@vanguardsa.ch from your list.
He no longer works for our company and his email inbox is readen only for
emergencies.
Regards,
Louise Bonadio
-
Louise Bonadio
Chief Legal Officer
Vanguard SA
22, rue de l'Athénée
1206 Genève
TVA n° 724 090
Le 11.12.12 20:11, «
Quoting Louise Bonadio l...@vanguardsa.ch:
Please remove g...@vanguardsa.ch from your list.
Please do it for yourself. Have a look at the footer, to find out how
to achieve this.
Cheers,
Georg
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of
Hi,
I do not want to discuss security implications of the upstream closed
source Adobe Flash plugin. This is about how the Flash plugin is
downloaded and installed in Debian.
/usr/sbin/update-flashplugin-nonfree downloads get-upstream-version.pl
On Wed, Dec 12, 2012 at 05:52:31PM +, adrelanos wrote:
Hi,
I do not want to discuss security implications of the upstream closed
source Adobe Flash plugin. This is about how the Flash plugin is
downloaded and installed in Debian.
/usr/sbin/update-flashplugin-nonfree downloads
Moritz Mühlenhoff:
On Wed, Dec 12, 2012 at 05:52:31PM +, adrelanos wrote:
Hi,
I do not want to discuss security implications of the upstream closed
source Adobe Flash plugin. This is about how the Flash plugin is
downloaded and installed in Debian.
/usr/sbin/update-flashplugin-nonfree
Hello Moritz,
On Wed, Dec 12, 2012 at 07:02:08PM +0100, Moritz Mühlenhoff wrote:
On Wed, Dec 12, 2012 at 05:52:31PM +, adrelanos wrote:
I do not want to discuss security implications of the upstream closed
source Adobe Flash plugin. This is about how the Flash plugin is
downloaded and
Hai,
On Wed, Dec 12, 2012 at 12:33 PM, Bart Martens ba...@debian.org wrote:
I already use mktemp -d /tmp/flashplugin-nonfree.XX. Isn't that
secure ? What is the problem you are suggesting to file a bug for ?
Please tell me you are trolling?
--
To UNSUBSCRIBE, email to
On Wed, Dec 12, 2012 at 05:52:31PM +, adrelanos wrote:
Since get-upstream-version.pl runs as root it can do anything.
I don't accuse him personally for anything. But should he ever be
compromised (forced, evil maid, etc...) it's very easy to mount a
stealth attack.
I would worry more
On Wed, Dec 12, 2012 at 12:52 PM, adrelanos wrote:
What is Debian policy on code execution from user websites?
Unfortunately there is none. I've tried to gain consensus that at a
minimum things downloaders like this need to stay out of main, but
that thought hasn't really gained traction.
The
On Thu, 13 Dec 2012, Moritz Mühlenhoff j...@inutil.org wrote:
Plus, installing Flash opens the Pandora's box anyway
When a user runs a web browser that calls the Flash plugin then that user
session is exposed to the risk of a compromised Adobe web site etc. When the
user visits a potentially
On Wed, 2012-12-12 at 17:26 -0500, Michael Gilbert wrote:
On Wed, Dec 12, 2012 at 12:52 PM, adrelanos wrote:
What is Debian policy on code execution from user websites?
Unfortunately there is none. I've tried to gain consensus that at a
minimum things downloaders like this need to stay out
CVE-2011-4316: RESERVED
CVE-2012-5577: RESERVED
CVE-2012-5625: RESERVED
CVE-2012-5631: RESERVED
--
The output might be a bit terse, but the above ids are known elsewhere,
check the references in the tracker. The second part indicates the status
of that id in the tracker at the moment the
12 matches
Mail list logo