* Steve McIntyre:
> f...@deneb.enyo.de wrote:
>>I've got a buster VM (upgraded from stretch) which does not launch
>>sshd (and Unbound) until a login attempt happens on a TTY. (An
>>unsuccessful attempt appears to be enough.)
>>
>>At that point, both sshd and Unbound start successfully, and
I've got a buster VM (upgraded from stretch) which does not launch
sshd (and Unbound) until a login attempt happens on a TTY. (An
unsuccessful attempt appears to be enough.)
At that point, both sshd and Unbound start successfully, and network
login is possible. I don't think I have changed the
* kamaraju kusumanchi:
> On Fri, Dec 28, 2018 at 3:51 AM wrote:
>>
>> Whenever your DNS fails try a "traceroute 8.8.8.8". Compare its results
>> to what you get when you do it at times where your DNS works. Perhaps
>> this sheds some light on it.
>
> That is tough to capture because the problem
I'm using the Xfce desktop environment on Debian jessie. The keyboard
is plugged into a KVM switch which issues a USB disconnect if I switch
to another machine. Once I switch back, the USB connection comes back
again, but the keyboard settings are gone. This affects both the
changes in keyboard
* Dilan Wijesooriya:
> We need to install (bare metal ) Dabian 7 and Dabian 8 for bellow CISCO
> Server model (Quantity 2) , can you pls let us know the compatibility
> Of this , much appreciated your kind support and help for this project .
Dear Dilan,
you need to ask your hardware provider
If the DNS information does not change frequently, then you can make
the changes to both databases manually. You may be able to just copy
the zone files, I'm not sure, but you will need to update the serial
numbers.
Basti asked about resolvers, you are talking about authoritative
servers.
* Marty:
What I call the manifesto [1] claims that UEFI SecureBoot is needed
in a post Snowden World.
I don't think it's true. Apple and some Android devices are already
locked down very tightly, and it is not clear that this has helped to
protect users' privacy and prevent access to stored
* Steve Litt:
I've personally disabled Secure Boot from a cold boot to the BIOS, and
then installed Ubuntu, and had both OS's work. I've done this at least
twice, maybe more. That being said, perhaps the reason I failed to
install a *Debian* dual-boot was because I shut off Secure Boot from
* Bob Proulx:
In those systems the zero page is initially bit-zero and reading from
the zero point will return zero values from the contents there. If
the program writes to the zero page then subsequent reads will return
whatever was written there. This is bad behavior that was the default
* Zbigniew Komarnicki:
Is this OK or is this a bug, when the wariable 'n' is
initializing by negative value? There no any warning.
Is this normal? I know that value -5 is converted
to unsigned but probably this should by printed a warning,
when this is a constant value. What do you think
I'm trying to install the i386 version of openjdk-7-jre on an amd64
system. So I did:
# dpkg --add-architecture i386
# apt-get update
This appears to have been successful. But I still cannot install
packages:
# apt-get install openjdk-7-jre:i386
Reading package lists... Done
Building
* ricccardo:
ric@ricmbp:~$ dpkg -l | grep libnss
ii libnss3 2:3.13.4-3~bpo60+1 Network Security Service libraries
ii libnss3-1d 2:3.13.4-3~bpo60+1 Network Security Service libraries -
transitional package
These packages do not come from the stable distribution. You're using
* Bill Wohler:
When updating lenny this morning (yes, upgrading is on my todo list), I
got the following error:
E: Problem with MergeList
/var/lib/apt/lists/security.debian.org_dists_lenny_updates_main_binary-i386_Packages
E: The package lists or status file could not be parsed or
to local time
and our current workarounds aren't nice (hourly execution with an
additional check, or edit the entries twice a year).
--
Florian Weimerfwei...@bfk.de
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133 Karlsruhe
that this technology was pioneered on Android devices
(which tend to lock out alternative operating systems, not just custom
kernels).
--
Florian Weimerfwei...@bfk.de
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133
with this use case, but it has
been some time since I last read through its full documentation.
The documentation suggests that it's supported.
--
Florian Weimerfwei...@bfk.de
BFK edv-consulting GmbH http://www.bfk.de/
Kriegsstraße 100 tel: +49-721-96201-1
D-76133
* Brad Alexander:
Have you looked at the Maemo distribution? It came out for the Nokia Nseries
tablets (n770/800/810/900), and is Debian-based. I have (briefly) started
looking at whether this supports tablets. Since it was designed for
(smaller) tablets, hopefully, it will work on the larger
* Fresel Michal:
just wanted to get some feedback on mailing to t...@security.debian.org
any knowledge why there is no answer or any ACK of recieve after 8h?
There is no autoresponder, so all replies you receive are written by
hand.
--
To UNSUBSCRIBE, email to
* Kelly Dean:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-2943 was
published Sept 30, 2010, and says that Linux 2.6.32.5 is
vulnerable. Squeeze uses 2.6.32-5, built on Jan 12, 2011. Is
Squeeze's kernel fixed, or does it have the vulnerability?
According to our records, this
* Joe Riel:
This weekend I upgraded, and libstdc++6 went from
4.5.2-4 - 4.6.0-2. This has broken a commercial
package I use; I now get
By the way, this a bug in GCC 4.6.0, possibly related to
http://gcc.gnu.org/bugzilla/show_bug.cgi?id=48465.
--
To UNSUBSCRIBE, email to
* T. o. n. g.:
On Sun, 06 Feb 2011 18:20:45 +0100, Florian Weimer wrote:
I would like to automate the process of setting up KVM virtual machines
(containing lenny and squeeze images). The straightforward doesn't work
because the installer does not seem to support a serial console
I would like to automate the process of setting up KVM virtual
machines (containing lenny and squeeze images). The straightforward
doesn't work because the installer does not seem to support a serial
console, and automating VNC is a bit difficult.
A debootstrap variant which results in a
* Francesco Pietra:
Unfortunately, for dealing with most editors of scientific journals,
and for personal use of the scientific literature, either as author or
referee, neither the readers you mention, nor any one other I know
except acroread, are enough. Because of these problems (which are
* Hadi Motamedi:
Thank you so much . At now , my Lenny has access to Internet . I
wanted to install ethereal on my Lenny by trying as :
#apt-get install ethereal
But it cannot find it .
Ethereal has been renamed to Wireshark, so just install the latter.
--
To UNSUBSCRIBE, email to
* Boyd Stephen Smith, Jr.:
Who set up the dovecot installtion? Dovecot doesn't use a certificate by
default, so the person that generated the cert and got it signed would be the
best source of information on the cert.
dovecot-common's postinst in etch automatically generates a
certificate
* Matt McCants:
Does anyone here have PCI audits being done on their Debian boxes?
Yes, we hear about that from time to time.
The company I work for uses TrustKeeper and the one Debian box I've
managed to get my boss to allow keeps failing unjustly. Usually they
fail us due to version
* Andrew Reid:
http://security.debian.org//srv/security-master.debian.org/ftp/pool/updates/main/e/expat/libexpat1_2.0.1-4+lenny1_amd64.deb
This should have been fixed by now.
During an internal migration, incorrect package metadata was pushed to
the security mirror network. Sorry about
* J. Hwan Kim:
I hope to install Courier font in my lenny but I did not find the
proper package.
Whant package should I install ?
ttf-liberation contains a monospaced Truetype font which is fully
compatible with Courier New on Windows systems.
--
To UNSUBSCRIBE, email to
* hadi motamedi:
Can you please do me favor and let me know what is the cause of the
following error message that I got when trying to run my application on the
Linux server :
Incorrectly built binary which accesses errno, h_errno or _res directly.
Needs to be fixed.
You need to include
* Daniel D. Jones:
After doing that, my Snort report from my Debian server started
showing the following:
62 192.168.2.10 209.170.146.89 DNS SPOOF query response with TTL of 1
min. and no authority
This Snort rule appears to be complete bogus.
--
To UNSUBSCRIBE, email to
* Edward C. Jones:
I installed sun-java5-bin from sid non-free. I still get the error message.
This works, even with OpenJDK:
appletviewer
'http://radar.weather.gov/radar.php?rid=lwxproduct=N0Roverlay=1110loop=yes'
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with
What do you think is the main reason or the importance of hosting your
own DNS when your ISP and/or Domain Registrar can host it for you for
FREE?
You remain reachable when your DNS provider is under a DoS attack.
Such attacks happen from time to time to large providers (check the
news).
If
* Adrian Levi:
2009/3/8 Florian Weimer f...@deneb.enyo.de:
* Pet:
/etc/apt/sources.list
This looks fine. How did you figure out that you had installed PHP
5.1.6?
He doesn't have it installed, he wants it installed.
Ah, stupid me.
Pet, PHP 5.1.6 is out of security support by upstream
* Pet:
I'd like to install newest version of Debian available, but with one
of older releases of PHP (5.1.6). Is it possible? How can I accomplish
this?
For a while, PHP 5.1.6 hasn't been available in a released Debian
distribution.
Could you post your /etc/apt/sources.list file?
--
To
* Pet:
/etc/apt/sources.list
This looks fine. How did you figure out that you had installed PHP
5.1.6?
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
* john re:
What rates do you have?
Zero with appropriate cooling, more without it. I fully agree with
Stefan's comment below.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
* Phillipus Gunawan:
Is there any debian package offer such thing like that? A deb linux
VPN server to serve wind0e$ client?
OpenVPN is typically used for that.
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact
* Travis Crump:
I had a hard crash of my lenny system precisely when the leap second was
added. While X has flaked in the past, I've never had a hard crash
before. I have no other evidence they were related, but I wasn't doing
anything unusual at the time. Any ideas?
Do you run Oracle
* Richard Hartmann:
How are you handling this? Self-baked scripts to parse your
daily mail? Are you doing it by hand? Not at all?
What would be required for Zabbix integration? What kind of data does
Zabbix need?
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a
* Richard Hartmann:
What kind of data does Zabbix need?
It can collect, and then trigger on, arbitrary data. In this case, it
would probably make sense to collect CVE number, remote/local,
the package in question, the version in question, the severity and
if there is a fix available.
The
* Jiann-Ming Su:
On 9/9/05, Joey Hess [EMAIL PROTECTED] wrote:
deb http://secure-testing.debian.net/debian-secure-testing
etch/security-updates main contrib non-free
How is this different from deb http://security.debian.org/
testing/updates main?
Is testing/updates actually used? I don't
* Jeroen van Wolffelaar:
Fact is though that libc6 has been in Debian stable for over 7
years, since hamm was releaed mid-1998,
This suggests that we should give it three more years or something
like that.
However, if the packages aren't covered by security support anyway, it
probably doesn't
* Daniel Burrows:
Okay. I avoided stating my personal opinion, but here it is:
I think upstream is tired of the project and just using this as an
excuse to shut it down. If you go to the webpage, it contains a single
sentence stating that it is shut down due to a port of Finale, and a
* Kevin B. McCarty:
On 07/10/2004 12:18 PM, Florian Weimer wrote:
1.7 incorporates some other security fixes, apparently in the area of
cross-domain scripting vulnerabilities. So you probably should
upgrade anyway.
Does anyone know if there is some reason these fixes haven't been
* Kevin B. McCarty:
I admit this last question is a bit rhetorical. My point is that, as
sysadmin of a physics cluster running Debian/woody on which people
frequently look at downloaded PS files anyway, I want to know whether it
is really worth my time to upgrade Mozilla [currently running
* Don Armstrong:
Perhaps I've missed something, but everything that I've read in the
threads so far amounts to people either assuming that there's an issue
and not defining it, or attempting to figure out where the issue is.
This summary is correct as far as I can see. No real security issue
Miles Bader wrote:
I'm not sure what this has to do with the original question, but the
simplified chinese characters used in the PRC can look _very_ different
from the traditional forms used in Taiwan (anyway, it's not accurate to
say the difference is `close to bold-versus-normal').
It's
of softwarepatents, please visit the website
|
| http://www.noepatents.org
|
| The new URLs are:
|
| http://www.gnupg.dk/pub/contrib-dk/idea.c
| http://www.gnupg.dk/pub/contrib-dk/idea.c.sig
|
| Thanks.
--
Florian Weimer[EMAIL PROTECTED]
University of Stuttgart http
GDB from unstable (x86) is unable to read debugging information
generated by current GCC 3.1 CVS (using the -g) switch. Is this a
known problem? Are there any workarounds?
I thought that GDB 5.1 finally supported DWARF2, which is needed by
more recent GCC versions.
--
Florian Weimer
Steve Kowalik [EMAIL PROTECTED] writes:
At 10:04 am, Tuesday, October 9 2001, J.H.M. Dassen (Ray) mumbled:
On Mon, Oct 08, 2001 at 12:36:27 +0200, Florian Weimer wrote:
Has anybody packaged egcs 1.1.2 for kernel compilation?
I did some work on it, but abandoned it as I've encountered
Has anybody packaged egcs 1.1.2 for kernel compilation? It's still
the official compiler for the Linux kernel, and there are definitely
problems when using GCC 2.95.x instead.
--
Florian Weimer[EMAIL PROTECTED]
University of Stuttgart http://cert.uni-stuttgart.de
).
--
Florian Weimer[EMAIL PROTECTED]
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
, and probably MS-Exchange-based
solutions) cannot implement RFC 2015 since it's a MIME application.
--
Florian Weimer[EMAIL PROTECTED]
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
The direct attempt (editing /etc/apt/sources.list, 'apt-get update')
does not succeed, 'apt-get update' results in the following error
messages:
E: Line 97707 in package file
/var/state/apt/lists/source.rfc822.org_debian_dists_sid_main_binary-i386_Packages
is too long.(2)
E: Line 97707 in
Tibor D. [EMAIL PROTECTED] writes:
Unfortunately, the apt packages in stable and unstable depend on
glibc 2.1.x, resulting in a chicken-and-egg problem.
Which is the easiest way to upgrade to unstable under this
circumstances? Recompiling apt for glibc 2.0.7? Editing the Package
file?
CD (if you adjust your BIOS settings). No drivers are
required for that.
--
Florian Weimer[EMAIL PROTECTED]
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT +49-711-685-5973/fax +49-711-685-5898
could use scrlettr.cls? It supports putting some material
at the bottom of the first page (and perhaps subsequent ones, I'm not
sure about that).
--
Florian Weimer[EMAIL PROTECTED]
University of Stuttgart http://cert.uni-stuttgart.de/
RUS-CERT
of the OpenSSL library (BSD-style
license *with* advertising clause), and code under the GPL and LGPL.
In addition, the license doesn't permit you to change the start page
URL. All in all, these terms seem quite incompatible to me.
--
Florian Weimer[EMAIL PROTECTED]
University
58 matches
Mail list logo