ts documentation) should be considered to have
an 'important' bug ;)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662960#51
Celejar
was subverted in exactly that manner -
someone joined pretending to be loyal to the organization, but was
really intent on undermining it ...
Celejar
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive
us here in the first place, however the NSA only
needs one person.
A lot of people in this discussion seem to have your tacit assumption,
that the NSA and its tactics are fundamentally at odds with morality.
JFTR, many of us do not agree.
JK Abrams
Celejar
--
To UNSUBSCRIBE, email to debian
On Mon, 20 Jan 2014 11:45:08 +0800
Paul Wise p...@debian.org wrote:
On Mon, Jan 20, 2014 at 7:27 AM, Celejar wrote:
A lot of people in this discussion seem to have your tacit assumption,
that the NSA and its tactics are fundamentally at odds with morality.
JFTR, many of us do not agree
Debian, then they can
MITM the Debian security page and control what security bulletins that
organization can access.
BTW: if the NSA take one single trusted CA (and they did for sure),
HTTPS is b0rken for each site.
Yours,
VB.
--
Volker Birk
Celejar
--
To UNSUBSCRIBE, email
On Wed, 30 Oct 2013 10:34:15 -0200
Djones Boni 07ea86b...@gmail.com wrote:
On 30-10-2013 09:51, Celejar wrote:
Maybe I'm missing something, but the security of the apt system has
nothing to do with SSL - it uses GPG signatures. This discussion about
SSL concerns the website, etc
?
Tor hidden services can not only be used to hide the location of a
server, but they also provide alternative end-to-end encryption,
independent from SSL CA's.
The OP was asking for authentication, not encryption.
Celejar
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
On Tue, 29 Oct 2013 10:32:26 -0200
Djones Boni 07ea86b...@gmail.com wrote:
On 29-10-2013 09:56, Celejar wrote:
The OP was asking for authentication, not encryption. Celejar
Tor HS addresses are self authenticating (80 bits of entropy).
Okay, but the message I was replying to mentioned only
On Tue, 29 Oct 2013 11:03:55 -0200
Djones Boni 07ea86b...@gmail.com wrote:
On 29-10-2013 10:49, Celejar wrote:
The question is not whether it's better than clear text over HTTP, but
whether it's better than SSL.
*If no CA is compromized*, I think SSL alone is more secure than Tor alone
, and you may which to use a range
(for example 6881..6890) to allow multiple torrents running
simultaneously.
Multiple ports are only necessary for running multiple clients (or
instances of the same client); one client can run multiple torrents out
of the same port.
Celejar
, and most work for you, you can fetch the source, assuming the
dsc file is signed, and build your own package.
Thanks for the information. The package in question actually made it
into the repo shortly after I began this thread, but this is good to
know for the next time this happens.
Celejar
that the package I download is the one
he uploaded?
This is largely an academic question, since in the real world, this is
probably secure enough for my needs, but I'd like to know if there's a
Right Way to do this.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
On Tue, 8 Sep 2009 12:01:09 +1000
Morgan Storey m...@morganstorey.com wrote:
Hi Celejar,
You can get him to PGP/GPG sign the package, then just verify it with
his public key, or simply mdsum and sha1sum the package. There are MD5
collisions so someone could make a package of the same size
and
possible arbitrary code execution. (CVE-2009-0692)
...
For the unstable distribution (sid), these problems will be fixed
soon.
We recommend that you upgrade your dhcp3 packages.
Would it be a good idea to use something like udhcpc in the interim?
Celejar
--
mailmin.sourceforge.net
,just messages have been separated into parts with 8 char length
.(sniff shows that)
Gajim apparently supports GnuPG. I haven't tried it.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
point is just that it's not
exploitable.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
fool
http://www.shorewall.net/shoreline.htm
:)
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble
hilarious.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
On Thu, 15 Jan 2009 04:13:45 +0100
Cyril Brulebois k...@debian.org wrote:
Celejar cele...@gmail.com (14/01/2009):
We recommend that you upgrade your xulrunner packages.
On my Sid box, I only have 'xulrunner-1.9' from the official repo, and
xulrunner only from 'debian-multimedia.org
On Fri, 16 Jan 2009 00:53:06 +0100
Cyril Brulebois k...@debian.org wrote:
Celejar cele...@gmail.com (15/01/2009):
Is there any automatic way to check whether a given system has any of
the binary packages built from a given source package installed?
(without any deb-src) It looks like
On Fri, 16 Jan 2009 07:46:12 +0100
Cyril Brulebois k...@debian.org wrote:
Celejar cele...@gmail.com (15/01/2009):
(without any deb-src) It looks like the following does what you want:
| grep-status -sPackage -F Package $source_package
Works for me with blender, xulrunner, graphviz
xulrunner packages.
On my Sid box, I only have 'xulrunner-1.9' from the official repo, and
xulrunner only from 'debian-multimedia.org'. Shouldn't the DSA mention
'xulrunner-1.9'?
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver
On Thu, 15 Jan 2009 04:13:45 +0100
Cyril Brulebois k...@debian.org wrote:
Celejar cele...@gmail.com (14/01/2009):
We recommend that you upgrade your xulrunner packages.
On my Sid box, I only have 'xulrunner-1.9' from the official repo, and
xulrunner only from 'debian-multimedia.org
) on
every interface.
Can someone help me out with this?
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL
On Sun, 7 Oct 2007 14:00:16 -0600
Rob Sims [EMAIL PROTECTED] wrote:
On Sun, Oct 07, 2007 at 09:18:27PM +0200, Markus Maria Miedaner wrote:
On Sun, Oct 07, 2007 at 02:47:32PM -0400, you (Celejar) wrote:
Hi,
I have a pretty standard (default) CUPS installation. cupsd.conf
contains
malware that communicates with the outside
world via standard system apps / utilities using standard ports, e.g.
wget or even ssh.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email
who
shouldn't have been. Their account was cracked, then the cracker got root
access and installed a daemon that was ready to attack another server.
Just curious; anyone can forget a user account, but how did the
attacker get root?
R. W. Rod Rodolico
Celejar
--
mailmin.sourceforge.net - remote
, my
point about simplicity remains.
I may be off base here; I'm just expressing my (limited) understanding
of the issue.
Russ Allbery ([EMAIL PROTECTED]) http://www.eyrie.org/~eagle/
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net
an
interface or something similar and neglecting to reconfigure
shorewall ...
Cheers, English is essentially Plattdeutsch as spoken
Rick Moenby a Frisian pretending to be French.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net
/manuals/securing-debian-howto/ch12.en.html
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
trying to capture some data from your system and ftp it
outwards. I'm just guessing, but it does appear to be a threat.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to [EMAIL
Just for the record, I apparently interpreted the ftp business backward
in my earlier post; pulling in, not sending out.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to [EMAIL
On Wed, 2 May 2007 15:02:57 -0600
dann frazier [EMAIL PROTECTED] wrote:
On Wed, May 02, 2007 at 04:33:15PM -0400, Celejar wrote:
CVE ID : CVE-2007-0005 CVE-2007-0958 CVE-2007-1357 CVE-2007-1592
2) The advisory doesn't mention unstable, but three of the four CVEs
affect kernels up
On Wed, 2 May 2007 23:13:30 +0200
Stefan Fritsch [EMAIL PROTECTED] wrote:
Hi,
On Mittwoch, 2. Mai 2007, Celejar wrote:
Dann Frazier [EMAIL PROTECTED] wrote:
Package: linux-2.6
Vulnerability : several
Problem-Type : local/remote
Debian-specific: no
CVE ID
exist in stable?
[0] http://www.debian.org/security/
[1] http://www.debian.org/security/faq#testing
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED
35 matches
Mail list logo
