On 8/6/20 12:05 PM, Chris Laprise wrote:
On 8/6/20 3:54 AM, fiftyfourthparal...@gmail.com wrote:
On Thursday, 6 August 2020 12:31:44 UTC+8, Emily wrote:
-- I'm not unman, but I just checked the repo data and it appears
they use sha256
This is reassuring. Thanks, Emily
I hate to
On Friday, 7 August 2020 02:40:58 UTC+8, Chris Laprise wrote:
>
> Yes. Note that Qubes Security Bulletins are issued for vulns that affect
> dom0 and they reference the package versions that contain the patches.
> For example:
>
>
>
On 8/6/20 12:23 PM, fiftyfourthparal...@gmail.com wrote:
On Friday, 7 August 2020 00:13:52 UTC+8, Chris Laprise wrote:
IIRC that setting refers to checking packages, not the repomd.xml
files.
That's why an attacker can't replace packages with their own versions;
they have to
On Friday, 7 August 2020 00:13:52 UTC+8, Chris Laprise wrote:
>
> IIRC that setting refers to checking packages, not the repomd.xml files.
> That's why an attacker can't replace packages with their own versions;
> they have to manipulate the metadata to hold back packages from
> receiving
On 8/6/20 10:37 AM, fiftyfourthparal...@gmail.com wrote:
I hate to break that feeling, but Fedora is unique in that it doesn't
sign its repo metadata, and sadly that is what matters. They put a
bandaid on it by fetching more hashes via https... so the update
security in Fedora is
>
> I hate to break that feeling, but Fedora is unique in that it doesn't
> sign its repo metadata, and sadly that is what matters. They put a
> bandaid on it by fetching more hashes via https... so the update
> security in Fedora is based on the strength of https. That is bad, as
> https can be
On Thursday, 6 August 2020 18:05:25 UTC+8, Chris Laprise wrote:
>
> I hate to break that feeling, but Fedora is unique in that it doesn't
> sign its repo metadata, and sadly that is what matters. They put a
> bandaid on it by fetching more hashes via https... so the update
> security in Fedora
On 8/6/20 3:54 AM, fiftyfourthparal...@gmail.com wrote:
On Thursday, 6 August 2020 12:31:44 UTC+8, Emily wrote:
-- I'm not unman, but I just checked the repo data and it appears
they use sha256
This is reassuring. Thanks, Emily
I hate to break that feeling, but Fedora is unique in
On Thursday, 6 August 2020 12:31:44 UTC+8, Emily wrote:
>
>
> -- I'm not unman, but I just checked the repo data and it appears they
> use sha256
>
This is reassuring. Thanks, Emily
--
You received this message because you are subscribed to the Google Groups
"qubes-users" group.
To
On Thursday, 6 August 2020 09:03:31 UTC+8, unman wrote:The security isnt to be
found at the proxy level, but at the package
management level. It's there that verification is (and should be) done.
Unman, speaking of verification at the package management level, would you
happen to know the
On Thursday, 6 August 2020 09:03:31 UTC+8, unman wrote:
>
> The security isnt to be found at the proxy level, but at the package
> management level. It's there that verification is (and should be) done.
>
Unman, speaking of verification at the package management level, would you
happen to know
On Wed, Aug 05, 2020 at 05:59:05PM +0200, Qubes wrote:
> On 8/5/20 1:07 AM, Ulrich Windl wrote:
> > On 8/2/20 4:42 PM, Chris Laprise wrote:
> > > On 8/2/20 8:32 AM, fiftyfourthparal...@gmail.com wrote:
> > > > I have a ton of templates and standalones (>10), so updating
> > > > them one by one
On 8/5/20 1:07 AM, Ulrich Windl wrote:
On 8/2/20 4:42 PM, Chris Laprise wrote:
On 8/2/20 8:32 AM, fiftyfourthparal...@gmail.com wrote:
I have a ton of templates and standalones (>10), so updating them one
by one serially is a pain. I found a convenient dom0 script so I
thought I'd share.
On Wednesday, 5 August 2020 07:08:04 UTC+8, Ulrich Windl wrote:
>
> Actually instead of parallel updates (assuming limited bandwidth) I'd
> vote for a more verbose progress indicator (in the graphical update app):
> Currently the VMs start, update starts, and then ...long time
> nothing...,
On 8/2/20 4:42 PM, Chris Laprise wrote:
On 8/2/20 8:32 AM, fiftyfourthparal...@gmail.com wrote:
I have a ton of templates and standalones (>10), so updating them one
by one serially is a pain. I found a convenient dom0 script so I
thought I'd share.
Basically, take this and paste it into
15 matches
Mail list logo