Re: Is chromium updated?

2020-11-13 Thread Sven Hartge
On 17.10.20 14:28, Georgi Guninski wrote: Is Debian's chromium vulnerable now? Yes. The Team maintaining Chromium in Debian is clearly overloaded and understaffed and I am sure the Corona Crisis isn't helping here.

Re: Misuse/Abuse

2020-10-13 Thread Sven Hartge
On 13.10.20 16:00, Daniel Leidert wrote: Clearly someone tries to run a command put as an address. Out of curiosity: Which kind of vulnerability are they trying to use here? Probably CVE-2019-10149 https://www.qualys.com/2019/06/05/cve-2019-10149/return-wizard-rce-exim.txt Grüße, Sven.

Re: [SECURITY] [DSA 3909-1] samba security update

2017-07-14 Thread Sven Hartge
On 14.07.2017 14:25, Yves-Alexis Perez wrote: > For the oldstable distribution (jessie), this problem has been fixed > in version 2:4.2.14+dfsg-0+deb8u7. Is this just me or has the update for Jessie x86_64 been built in an unclean environment or from the wrong sources? For me the binary packages

Re: HTTPS needs to be implemented for updating

2016-12-20 Thread Sven Hartge
On 20.12.2016 10:45, Hans-Christoph Steiner wrote: > Also, it would be really awesome if there was: > > https://httpsredir.debian.org/debian > > Which automatically redirected to mirrors that support HTTPS. I filed > an issue here: > https://github.com/rgeissert/http-redirector/issues/78 There

Re: Is this a hacking attempt?

2015-01-22 Thread Sven Hartge
Bonno Bloksma wrote: > Van: paul.is.w...@gmail.com [mailto:paul.is.w...@gmail.com] Namens Paul Wise >>> Fortunately, this works, but there are sites where doesn't. >> >> Do you have any examples of sites that still need Flash? Obviously >> flash game sites still need it but surely almost all of t

Re: Funny story about mysteriously open port 21

2010-03-09 Thread Sven Hartge
On 09.03.2010 09:21, Sir Conquer wrote: > As I was testing new iptables rules on my remote Lenny server, port > 21 kept coming up as open, yet nothing was listening on it (according > to netstat and lsof). At which point I'm panicking and wondering > whether I've been owned! The panic had producti

Re: chkrootkit sniffers

2006-08-10 Thread Sven Hartge
/sbin/dhclient[29307]) > eth1: PACKET SNIFFER(/sbin/dhclient[29148]) > > is that serious? No. Both dhclient and dhcpd are known false positives. You should of course check, if those processes are _really_ a dhclient. Grüße, Sven. -- Sven Hartge -- professioneller Unix-Geek

Re: OpenSSL vs. GnuTLS in Exim

2006-04-03 Thread Sven Hartge
ems. What was the reason to use GnuTLS in exim ??? Licences problems regarding OpenSSL in combination with GPL'd code without a special clause allowing linking to OpenSSL-based code. Grüße, Sven. -- Sven Hartge -- professioneller Unix-Geek Meine Gedanken im Netz: http://www.svenhartge.de/ Acht