ready? If so, please ignore me (sorry for
not following closely...).
- Sebastian
¹ One can execute every file on GNU/Linux. But the attack is that
execution of a file, not the file (otherwise we'd have to consider `rm',
`gpg', `scp', and many more malware, too).
--
As I was walking down St
On 2022-06-10 23:23:35 +0900, Daichi Fukui wrote:
> Hello team,
> (CC: Samuel. Sebastian)
>
> I've prepared a new version of libewf [0], which is going to be
> 20140813-1 with this update.
> This version mainly introduces the following changes:
>
> * New upstream
Hi Fukui
On 2022-06-02 21:57:38, Daichi Fukui wrote:
> Hello Sebastian
>
> Nice to meet you.
> It looks like the VCS repository for libewf is not up to date - tag
> 20140807-2.1 is missing [0].
That tag does not exist. 201408107-2.1 was a non-maintainer upload. You
can import
Hi,
On Sat, Jan 26, 2019 at 12:32:28AM +0100, Hilko Bengen wrote:
> * Sebastian Reichel:
>
> > Thanks, for taking care of this. I'm currently a bit short on time.
> > I noticed, that you enabled OpenSSL, which is not ok.
>
> Right. Will revert that right away, now
de in it. Also I think we should
switch to upstream soname (3.2.1), which plains the way to use
meson instead of their own build system.
-- Sebastian
signature.asc
Description: PGP signature
SSL toolkit in Debian and one
might need to scan a non-Debian / older machine.
[0] https://github.com/rbsec/sslscan
Sebastian
Or use the the (non-free) Chrome DEBs provided by Google.
Did they stop to put their servers into /etc/apt/sources.list before
installing and, even worse, after de-installing? They did the last time
I (un-)installed Chrome.
- Sebastian
--
Ich setzte einen Fuß in die Luft, und sie trug
://security.debian.org stable/updates main contrib non-free
the other problem is, that you will not be able to install any software
which has never received any security fix:
e.g. neither vim nor nano are in the pool dir on that mirror.
Sebastian
--
Religion ist das Opium des Volkes. | _ ASCII
to enforce that the PRIVATE
KEY is password-protected - sadly, you can't see this from the public key, and
I'm not aware of any possibility to query the client concerning this specific
matter.
Sebastian
--
baboo
--
Neu: GMX Doppel-FLAT mit Internet-Flatrate + Telefon-Flatrate
für nur 19,99 Euro/mtl
such a thing.
Sadly, I'm not their bossbut they are more or less my customers, so putting a
security policy in place requiring the previously stated mechanism would be
more like starting a war than a small skirmish.
Sebastian
--
baboo
--
Neu: GMX Doppel-FLAT mit Internet-Flatrate + Telefon-Flatrate
für
information about the nature of the
update. Perhaps if I knew how to ask apt it would tell me? Anyway I
hate to apply patches that I don't have an idea about. So hopefully
someone can enlighten me.
debian-security-announce.lists.debian.org
Thanks!
John
HTH
Sebastian
for some of the OSs, please tell me which,
then please continue to answer how it will be possible for the others.
Thanks in advance,
Chip D. Panarchy
Sebastian
--
Religion ist das Opium des Volkes. Karl Marx
s...@sti@N GÜNTHER mailto:sam...@guenther-roetgen.de
. Would you think it a good idea to use a Debian server for Repositories?
Please try your best to answer those 6 questions.
I count 7...
But I won't answer to any of these, because there are missing some
fundamental constraints in this scenario to make any useful suggestions.
Sebastian
Example for the previous Mail:
In /etc/passwd Change the line
root:x:0:0:root:/root:/bin/bash
to
root::0:0:root:/root:/bin/bash
Note the missing 'x' which means this user has to provide a password.
Murat Ohannes Berin wrote:
Hi,
I just insralled Debian on my laptop. However, I can not
/MySQL my current
code probably has security issues. As this code
is running on a publicly accessible machine I
depend on the kindness of its users and
your security reviews.
If you spot a vulnerability in that code please
drop me a private mail about it. Thank you!
Sebastian
[1] http
--
|Sebastian Wehrmann - [EMAIL PROTECTED]|
||
| Reichenhainer Str. 35/336 |
| 09126Chemnitz |
| home: +49 371 2407260 |
| mobile: +49 179 9019256 |
||
| http
FIXED
Martin Schulze schrieb am 07.10.2005 17:51:
--
Debian Security Advisory DSA 846-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
October 7th, 2005
Martin Schulze wrote:
This message was modified by F-Secure Anti-Virus E-Mail Scanning.
This is what F-Secure gave me. Martin do you send viruses? ;)
Sebastian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Abwesenheit
Sehr geehrte Damen und Herren,
ich bin in der Zeit vom 21. August bis zum 9. September im Urlaub. In dieser Zeit
können Sie sich an Herrn Zander wenden.
Telefon
0391 544 56 70
Mit freundlichen Grüßen
Sebastian Hennebrüder
Leitung eCommerce - Internet
---
Grass GmbH, eCommerce
Abwesenheit
Sehr geehrte Damen und Herren,
ich bin in der Zeit vom 21. August bis zum 9. September im Urlaub. In dieser Zeit
können Sie sich an Herrn Zander wenden.
Telefon
0391 544 56 70
Mit freundlichen Grüßen
Sebastian Hennebrüder
Leitung eCommerce - Internet
---
Grass GmbH, eCommerce
Abwesenheit
Sehr geehrte Damen und Herren,
ich bin in der Zeit vom 21. August bis zum 9. September im Urlaub. In dieser
Zeit können Sie sich an Herrn Zander wenden.
Telefon
0391 544 56 70
Mit freundlichen Grüßen
Sebastian Hennebrüder
Leitung eCommerce - Internet
---
Grass GmbH, eCommerce
Abwesenheit
Sehr geehrte Damen und Herren,
ich bin in der Zeit vom 21. August bis zum 9. September im Urlaub. In dieser Zeit
können Sie sich an Herrn Zander wenden.
Telefon
0391 544 56 70
Mit freundlichen Grüßen
Sebastian Hennebrüder
Leitung eCommerce - Internet
---
Grass GmbH, eCommerce
Hi,
is there a kernel patch/update for the
'do_mremap VMA limit local privilege escalation vulnerability' described in
http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt ?
i have the kernel 2.4.22-2-686-smp running and do security updates on a daily
basis. But im still vulnerable, as
[...]
is there a kernel patch/update for the 'do_mremap VMA limit local
privilege escalation vulnerability' described in
http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt ?
That link provides the CVE identification CAN-2004-0077.
Hi,
is there a kernel patch/update for the
'do_mremap VMA limit local privilege escalation vulnerability' described in
http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt ?
i have the kernel 2.4.22-2-686-smp running and do security updates on a daily
basis. But im still vulnerable, as
[...]
is there a kernel patch/update for the 'do_mremap VMA limit local
privilege escalation vulnerability' described in
http://isec.pl/vulnerabilities/isec-0014-mremap-unmap.txt ?
That link provides the CVE identification CAN-2004-0077.
__Erdbeben im Iran: Zehntausende Kinder brauchen Hilfe. UNICEF hilft denKindern - helfen Sie mit! https://www.unicef.de/spe/spe_03.php
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe".
__Erdbeben im Iran: Zehntausende Kinder brauchen Hilfe. UNICEF hilft denKindern - helfen Sie mit! https://www.unicef.de/spe/spe_03.php
, if
there is a bug in the openssl libraries, you must restart all services
that use it. Just installing new libraries is not enough.
Sebastian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
, if
there is a bug in the openssl libraries, you must restart all services
that use it. Just installing new libraries is not enough.
Sebastian
users could for example get the idea of sending
fake logs of other users doing nasty things to the remote logging
server...).
Sebastian
Hi,
you get this message when you use different names for a machine, for
example the ip and the machine's name. One of them is saved in
known_hosts, the other one causes this message!
Sebastian
Ian Goodall wrote:
Thanks everyone for your help.
It must be his computer as all the computers I
bugs in the Debian kernels at:
http://bugs.debian.org/cgi-bin/pkgreport.cgi?which=pkgdata=kernelarchive=yesinclude=security
Bugs #146349 and #168190 are Netfilter-related.
Sebastian
back must patches be backported?
Is there a clear policy about this issue?
Sebastian
perl script for automatic updates...
secpack does what you are looking for:
http://therapy.endorphin.org/secpack/
Sebastian
,'
{} \;
the gnome-applets package does it this way.
bye,
sebastian
--
::: sebastian henschel
::: kodeaffe
::: lynx -source http://www.kodeaffe.de/shensche.pub | gpg --import
msg08410/pgp0.pgp
Description: PGP signature
,'
{} \;
the gnome-applets package does it this way.
bye,
sebastian
--
::: sebastian henschel
::: kodeaffe
::: lynx -source http://www.kodeaffe.de/shensche.pub | gpg --import
pgpKLwbKqZ2qm.pgp
Description: PGP signature
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Hi Ralf!
2. chroot everything
just chroot the users at the login after ssh (if you want to allow ssh),
How can chroot a user who logs in via ssh? Do you have some links about
this?
--
Sebastian Schinzel
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble
allowing direct root
logins is a problem.
- Sebastian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
, that such
device have to be transparent for all IP traffic (or may be for all
Ethernet traffic?).
regards
Jarek Tabor
Freeswan might be the solution.
Check www.freeswan.org
--
Sebastian Bruhn
System Tekniker / System Technichian
Email: [EMAIL PROTECTED]
Today is Boomtime, the 52nd day of Chaos
, that such
device have to be transparent for all IP traffic (or may be for all
Ethernet traffic?).
regards
Jarek Tabor
Freeswan might be the solution.
Check www.freeswan.org
--
Sebastian Bruhn
System Tekniker / System Technichian
Email: [EMAIL PROTECTED]
Today is Boomtime, the 52nd day of Chaos
ad 56kBit link and I pay by the minute.
- Sebastian
, since it doesn't add a final nul-byte if
strlen(src) n. Most people are not aware of this problem. So, most of
the time you use strncpy() you should use a construction like this:
strncpy(dst, src, len);
dst[len] = '\0';
- Sebastian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject
, since it doesn't add a final nul-byte if
strlen(src) n. Most people are not aware of this problem. So, most of
the time you use strncpy() you should use a construction like this:
strncpy(dst, src, len);
dst[len] = '\0';
- Sebastian
the listmaster (cc'ed) should have a look at which
addresses had subscribed at the time he describes.
- Sebastian
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
(cc'ed) should have a look at which
addresses had subscribed at the time he describes.
- Sebastian
are.
- Sebastian, who doesn't like YaST at all
(I believe)
But using this option prevents you from using the global /etc/shadow
file, which is problematic in some cases.
- Sebastian
to disagree. bind could use debconf and ask a question with
priority low, default set to running bind without root permissions.
Another approach is to fix bind by binding INADDR_ANY as was pointed out
in this thread. This may have undesirable side-effects, though.
- Sebastian
)
generally i'd say, don't use sendmail at all :)
sebastian
--
gravity is a myth. the earth sucks.
On Thu, 16 Mar 2000, Ivan Ivanovic wrote:
On my Slink placed on Inernet often appears auth port connection attempts
from various sites...
What (common) application needs this port?
irc server make ident connections to clients.
squid can use ident for authorization.
sendmail sometimes uses
On Thu, 16 Mar 2000, Fredrik Liljegren wrote:
i'd turn auth off for security reasons if your box has a direct
connection to internet.
Many people misunderstand the usefulness of identd, and so disable it or
block all off site requests for it. identd is not there to help out remote
sites.
54 matches
Mail list logo