On Mon, 2017-08-28 at 12:58 +0200, Aurelien Jarno wrote:
[...]
> > > These files haven't been built on a build daemon, but instead have
> > > been uploaded by the maintainer [1]. This is therefore not a buildd
> > > issue, the issue has been fixed there already with the upgrade to
> > > stretch.
>
.gz
> 41fb9f4cfb33c8a49bac4f88dc5a762f usr/share/man/man1/sancov-3.9.1.gz
It appears the rsync backups were corrupted by new packages recently
build for unstable that were source-modified in June:
<http://metadata.ftp-master.debian.org/changelogs/main/l/llvm-toolchain-3.9/llvm-toolchain-3.9_3.9.1-11_changelog>
Regards,
Adam Warner
s (using
--itemize-changes and --dry-run to check for modifications without
making changes to the destination).
Regards,
Adam Warner
On Sun, 2002-07-07 at 23:22, J.H.M. Dassen (Ray) wrote:
> On Sun, Jul 07, 2002 at 23:13:13 +1200, Adam Warner wrote:
> > This doesn't work:
> > $ ssh [EMAIL PROTECTED] '/root/apt-upgrade'
>
> Use "ssh -t [EMAIL PROTECTED] '/root/apt-upgrade
Hi all,
Can anyone give me a tip as to how I can automate this:
Say I wish to run this script remotely and interactively using SSH
3.4p1-1:
#!/bin/bash
apt-get update &&
apt-get upgrade -u
(let's call the script "apt-upgrade")
This doesn't work:
$ ssh [EMAIL PROTECTED] '/root/apt-upgrade'
apt
Dear Michael Stone and the rest of the Debian security team,
I'm very impressed at your successful demonstration of how well the new
security infrastructure can work. Getting out a response this quick for
OpenSSH 3.4 for all 11 Woody architectures is remarkable.
The chaos surrounding these unknow
On Wed, 2002-01-23 at 00:35, Preben Randhol wrote:
> Adam Warner <[EMAIL PROTECTED]> wrote on 22/01/2002 (10:00) :
> > Here's how you can reproduce it (running Debian unstable):
> >
> > 1. Log in as root
> > 2. su - user
>
> if you here write whoami
On Tue, 2002-01-22 at 23:31, martin f krafft wrote:
> also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.22.0511 +0100]:
> > I realise now that I have witnessed this kind of issue before ("In some
> > circumstances, it's possible for a non-privileged process to ha
On Wed, 2002-01-23 at 00:35, Preben Randhol wrote:
> Adam Warner <[EMAIL PROTECTED]> wrote on 22/01/2002 (10:00) :
> > Here's how you can reproduce it (running Debian unstable):
> >
> > 1. Log in as root
> > 2. su - user
>
> if you here write whoami
On Tue, 2002-01-22 at 23:31, martin f krafft wrote:
> also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.22.0511 +0100]:
> > I realise now that I have witnessed this kind of issue before ("In some
> > circumstances, it's possible for a non-privileged process to ha
On Tue, 2002-01-22 at 05:26, martin f krafft wrote:
> this is a proof-of-concept post. it's a FreeBSD exploit, thus it may or
> may not have been, be, or will be applicable to Debian Linux or Linux in
> general. you have been warned. properly.
>
> http://www.aerasec.de/security/index.html?id=ae-20
On Tue, 2002-01-22 at 05:26, martin f krafft wrote:
> this is a proof-of-concept post. it's a FreeBSD exploit, thus it may or
> may not have been, be, or will be applicable to Debian Linux or Linux in
> general. you have been warned. properly.
>
> http://www.aerasec.de/security/index.html?id=ae-2
On Tue, 2002-01-22 at 12:21, martin f krafft wrote:
> also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.21.2307 +0100]:
> > Federico, are you saying that if you su - to a user account (from root)
> > and then start X that you are running X as root? If so that is a major
>
On Tue, 2002-01-22 at 12:21, martin f krafft wrote:
> also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.21.2307 +0100]:
> > Federico, are you saying that if you su - to a user account (from root)
> > and then start X that you are running X as root? If so that is a major
On Tue, 2002-01-22 at 07:41, Federico Grau wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Sun, Jan 20, 2002 at 11:04:13AM +1300, Adam Warner wrote:
> > Hi everyone,
> >
> ...
> > The question I have is if I "su - username" and then brow
On Tue, 2002-01-22 at 03:11, martin f krafft wrote:
> also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.21.1444 +0100]:
> > Martin, it's a server in my spare room :-) The only person installing a
> > backdoor on the server would be an unlawful intruder. Or a cat who ca
On Tue, 2002-01-22 at 07:41, Federico Grau wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Sun, Jan 20, 2002 at 11:04:13AM +1300, Adam Warner wrote:
> > Hi everyone,
> >
> ...
> > The question I have is if I "su - username" and then br
On Tue, 2002-01-22 at 03:11, martin f krafft wrote:
> also sprach Adam Warner <[EMAIL PROTECTED]> [2002.01.21.1444 +0100]:
> > Martin, it's a server in my spare room :-) The only person installing a
> > backdoor on the server would be an unlawful intruder. Or a cat
On Mon, 2002-01-21 at 23:40, martin f krafft wrote:
> nevertheless, leave a root console open on a production machine really
> just calls for trouble. imagine you are about to head for lunch with a
> friend, but you decide to check something in the server room quickly.
> while you stare at your
On Mon, 2002-01-21 at 23:40, martin f krafft wrote:
> nevertheless, leave a root console open on a production machine really
> just calls for trouble. imagine you are about to head for lunch with a
> friend, but you decide to check something in the server room quickly.
> while you stare at your
On Sun, 2002-01-20 at 16:25, Mustafa Baig wrote:
> Hi,
>
> I updated and restarted bind today. Looking into syslog I noticed the
> following line:
>
> Jan 19 19:22:44 cold named[7247]: starting (/etc/bind/named.conf). named
> 8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001 [EMAIL
> PROTECTED]:/h
On Sun, 2002-01-20 at 15:16, Kevin Littlejohn wrote:
> On Sun, Jan 20, 2002 at 02:45:53PM +1300, Adam Warner wrote:
> > Can anyone provide a plausible scenario for how someone might be able to
> > gain root level access because su - has been used to switch to a user
> > accoun
On Sun, 2002-01-20 at 12:33, martin f krafft wrote:
I'm glad you were able to get that follow up response out of your system
Martin :-) So let's continue to address this technical question that I
haven't found much discussion about before on the web.
If the use of switch user has remote security
On Sun, 2002-01-20 at 16:25, Mustafa Baig wrote:
> Hi,
>
> I updated and restarted bind today. Looking into syslog I noticed the following line:
>
> Jan 19 19:22:44 cold named[7247]: starting (/etc/bind/named.conf). named
>8.2.3-REL-NOESW Sat Jan 27 01:46:37 MST 2001
>^Ibdale@winfree:/home/bd
On Sun, 2002-01-20 at 15:16, Kevin Littlejohn wrote:
> On Sun, Jan 20, 2002 at 02:45:53PM +1300, Adam Warner wrote:
> > Can anyone provide a plausible scenario for how someone might be able to
> > gain root level access because su - has been used to switch to a user
> >
On Sun, 2002-01-20 at 12:33, martin f krafft wrote:
I'm glad you were able to get that follow up response out of your system
Martin :-) So let's continue to address this technical question that I
haven't found much discussion about before on the web.
If the use of switch user has remote security
Hi everyone,
I'm just wondering about the safety of this security practice.
Firstly the servers are physically secure and there is no relevant issue
about having a local root console open for administration purposes.
The question I have is if I "su - username" and then browse the web,
etc. is it
Hi everyone,
I'm just wondering about the safety of this security practice.
Firstly the servers are physically secure and there is no relevant issue
about having a local root console open for administration purposes.
The question I have is if I "su - username" and then browse the web,
etc. is i
On Wed, 2002-01-16 at 01:07, Javier Fernández-Sanguino Peña wrote:
> Already did it yesterday (except for th column with the data).
> See
> http://www.debian.org/doc/manuals/securing-debian-howto/ch11.en.html#s11.3
Please consider removing any reference to the average amount of time in
the
On Wed, 2002-01-16 at 01:07, Javier Fernández-Sanguino Peña wrote:
> Already did it yesterday (except for th column with the data).
> See
> http://www.debian.org/doc/manuals/securing-debian-howto/ch11.en.html#s11.3
Please consider removing any reference to the average amount of time in
the
On Tue, 2002-01-15 at 09:44, Florian Weimer wrote:
> Adam Warner <[EMAIL PROTECTED]> writes:
>
> > http://www.linuxtoday.com/news_story.php3?ltsn=2002-01-14-002-20-SC-DB
> >
> > Someone with better knowledge of all the facts might want to comment on
> > the c
On Tue, 2002-01-15 at 09:44, Florian Weimer wrote:
> Adam Warner <[EMAIL PROTECTED]> writes:
>
> > http://www.linuxtoday.com/news_story.php3?ltsn=2002-01-14-002-20-SC-DB
> >
> > Someone with better knowledge of all the facts might want to comment on
> > the c
On Tue, 2002-01-15 at 01:41, Daniel Polombo wrote:
> Adam Warner wrote:
>
> > On Tue, 2002-01-15 at 01:05, Tim Haynes wrote:
>
> >>Some of us wouldn't dare say such things without at least reviewing the
> >>given distro's security policy, FAQ and hist
On Tue, 2002-01-15 at 01:41, Daniel Polombo wrote:
> Adam Warner wrote:
>
> > On Tue, 2002-01-15 at 01:05, Tim Haynes wrote:
>
> >>Some of us wouldn't dare say such things without at least reviewing the
> >>given distro's security policy, FAQ and hist
On Tue, 2002-01-15 at 01:05, Tim Haynes wrote:
> Adam Warner <[EMAIL PROTECTED]> writes:
>
> > http://www.linuxtoday.com/news_story.php3?ltsn=2002-01-14-002-20-SC-DB
> >
> > Someone with better knowledge of all the facts might want to comment on
> > the clai
http://www.linuxtoday.com/news_story.php3?ltsn=2002-01-14-002-20-SC-DB
Someone with better knowledge of all the facts might want to comment on
the claim that "Debian is always the last to fix security holes" and the
tag team follow up "I've been fighting for months now to try to convince
them to r
On Tue, 2002-01-15 at 01:05, Tim Haynes wrote:
> Adam Warner <[EMAIL PROTECTED]> writes:
>
> > http://www.linuxtoday.com/news_story.php3?ltsn=2002-01-14-002-20-SC-DB
> >
> > Someone with better knowledge of all the facts might want to comment on
> > the clai
http://www.linuxtoday.com/news_story.php3?ltsn=2002-01-14-002-20-SC-DB
Someone with better knowledge of all the facts might want to comment on
the claim that "Debian is always the last to fix security holes" and the
tag team follow up "I've been fighting for months now to try to convince
them to
38 matches
Mail list logo