ports SVN - CVS export. It was
previously missed that this (yet another automated system we run)
needed to be updated as well.
--
Simon L. B. Nielsen
Hat: FreeBSD.org clusteradm team / FreeBSD Security Team
___
freebsd-security@freebsd.org mailing list
The FreeBSD Project
Topic: Multiple Denial of Service vulnerabilities with named(8)
Just to make two points clear (since I suspect people might ask).
- These fixes are exported to CVS/CVSup.
- No, these SA's had nothing to do with the recent security incident.
--
Simon L
On 23 November 2012 00:11, Simon L. B. Nielsen si...@freebsd.org wrote:
On 23 November 2012 00:01, FreeBSD Security Advisories
security-advisor...@freebsd.org wrote:
=
FreeBSD-SA-12:06.bind
Security@ is an alias for secteam (to avoid accidentally leaking
confidential reports).
--
Simon L. B. Nielsen
Via mobile - sorry about the top posting
On 4 Sep 2012 13:29, Dag-Erling Smørgrav d...@des.no wrote:
Doug Barton do...@freebsd.org writes:
Please do ... probably security
been
able to find docs on how your initialize or administer them.
http://www.safenet-inc.com/products/data-protection/two-factor-authentication/etoken-pass/
They are sort of programable too if you really want:
https://www.youtube.com/watch?v=QiTNlSgk-xY :-)
--
Simon L. B. Nielsen
this issue can be fixed for
snmp in a easy way?
Make the snmp daemon not do it that way and support magic new scheme
which we will hopefully come up with?
--
Simon L. B. Nielsen
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman
On Tue, Aug 21, 2012 at 1:05 PM, Ulrich Spörlein u...@freebsd.org wrote:
On Mon, 2012-08-20 at 22:24:56 +0100, Simon L. B. Nielsen wrote:
Hello,
If you are not using geli(4) on -CURRENT (AKA FreeBSD 10) you can safely
ignore this mail. If you are, please read on!
-CURRENT users of geli(4
On 19 Aug 2012, at 13:33, Jilles Tjoelker jil...@stack.nl wrote:
On Sat, Aug 11, 2012 at 09:05:44PM +0200, Dag-Erling Smørgrav wrote:
Simon L. B. Nielsen si...@freebsd.org writes:
This has been discussed a number of time, but there are no nice and
simple solution.
There is a simple
it when/if one is
assigned.
Eh, why wouldn't a CVE name not be assigned? If none is we should ask
MITRE to assign one, but it would surprise me if NVIDIA or a Linux
vendor hasn't done this already.
--
Simon L. B. Nielsen
___
freebsd-security
on it.
--
Simon L. B. Nielsen
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to freebsd-security-unsubscr...@freebsd.org
is their support? When I
looked at their website I found nothing about security support, branch
handling etc. and nobody has replied to that part in these threads
(unless I missed it - I just rescanned thread without seeing a reply).
--
Simon L. B. Nielsen
On Tue, Jul 3, 2012 at 9:39 PM, Doug Barton do...@freebsd.org wrote:
On 07/03/2012 05:39, Dag-Erling Smørgrav wrote:
Doug Barton do...@freebsd.org writes:
The correct solution to this problem is to remove BIND from the base
altogether, but I have no energy for all the whinging that would
On Jun 19, 2012 3:16 PM, Maxim Khitrov m...@mxcrypt.com wrote:
On Tue, Jun 19, 2012 at 10:10 AM, ian ivy sidetripp...@gmail.com wrote:
Hello,
By default FreeBSD uses MD5 to encrypt passwords. MD5 is believed to be
more secure than e.g. DES but less than e.g. SHA512. Currently several
On 19 Jun 2012, at 19:15, Steven Chamberlain wrote:
On 18/06/12 22:37, Simon L. B. Nielsen wrote:
Note that this is ONLY for FreeBSD 8.1. Other branches are OK.
Having seen the correct fix now, I'm starting to wonder if the commit to
RELENG_7_4 was really okay too?
http
and I would rather fix the issue than battle with a mail program.
--
Simon L. B. Nielsen
FreeBSD Security Officer
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail
be encrypted.
--
Simon L. B. Nielsen
Mobile
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to freebsd-security-unsubscr...@freebsd.org
On Sun, Jun 10, 2012 at 3:53 PM, Gleb Kurtsou gleb.kurt...@gmail.com wrote:
On (10/06/2012 11:02), Simon L. B. Nielsen wrote:
On 8 Jun 2012, at 13:51, Dag-Erling Smørgrav wrote:
We still have MD5 as our default password hash, even though known-hash
attacks against MD5 are relatively easy
On Mon, Jun 11, 2012 at 11:44 AM, Lev Serebryakov l...@freebsd.org wrote:
Hello, Simon.
You wrote 10 июня 2012 г., 14:02:50:
SLBN Has anyone looked at how long the SHA512 password hashing
SLBN actually takes on modern computers?
Modern computers are not what should you afraid. Modern
and hardware support AESNI. Or simply replace the whole
thing with arc4random_*..
If somebody is interested in doing things along these lines, I strongly suggest
trying to rope in some OpenSSL people, e.g. benl@.
Patches are good to commit, IMHO.
Thanks for giving the patch more eyes.
--
Simon L. B
Hey,
Bleh, even I forget at times that security@ != freebsd-security@ :-).
Begin forwarded message:
From: Simon L. B. Nielsen si...@freebsd.org
Subject: Upgrade port audit now!
Date: 11 March 2012 21:40:26 GMT
To: po...@freebsd.org, secur...@freebsd.org
Hey,
If you have portaudit
possible you can manually build
and install stock OpenSSL by hand.
--
Simon L. B. Nielsen
Hats: Ex-OpenSSL maintainer, FreeBSD Deputy Security Officer
___
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
21 matches
Mail list logo