As far as I can tell, yes, the 2.4.12 kernel from kernel.org is secure (at
least w/ regard to the bugs listed at
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
I've just built the kernel and ran the exploits provided in the securityfocus
article; s
is stock (non Debian) 2.4.12 now secure or not? i am getting confused.
if it isn't, where can i find patches for it to make it secure?
sorry to be asking so blatantly, but i don't have much time to worry
about my private systems these days. please help.
--
martin; (greetings from th
I run Debian; and I applied the OpenSSH patch myself as soon as it was posted.
Does anybody know of the advantages of waiting for a new .deb file to get
circulated are? The patch was a change to two lines of code; so I just made
the changes and rebuilt OpenSSH. That's how I do all of my non-kernel
On Fri, Oct 19, 2001 at 06:06:34PM -0400, [EMAIL PROTECTED] wrote:
> Hello,
>
> Has debian released a new ssh dpkg yet?
no
--
Ethan Benson
http://www.alaska.net/~erbenson/
pgpKxRSjHMTTx.pgp
Description: PGP signature
As far as I can tell, yes, the 2.4.12 kernel from kernel.org is secure (at
least w/ regard to the bugs listed at
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
I've just built the kernel and ran the exploits provided in the securityfocus
article;
is stock (non Debian) 2.4.12 now secure or not? i am getting confused.
if it isn't, where can i find patches for it to make it secure?
sorry to be asking so blatantly, but i don't have much time to worry
about my private systems these days. please help.
--
martin; (greetings from t
Hello,
Has debian released a new ssh dpkg yet?
Thanks.
Andrew
I run Debian; and I applied the OpenSSH patch myself as soon as it was posted.
Does anybody know of the advantages of waiting for a new .deb file to get
circulated are? The patch was a change to two lines of code; so I just made
the changes and rebuilt OpenSSH. That's how I do all of my non-kernel
On Fri, Oct 19, 2001 at 06:06:34PM -0400, [EMAIL PROTECTED] wrote:
> Hello,
>
> Has debian released a new ssh dpkg yet?
no
--
Ethan Benson
http://www.alaska.net/~erbenson/
PGP signature
Hello,
Has debian released a new ssh dpkg yet?
Thanks.
Andrew
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
* Juha J?ykk? ([EMAIL PROTECTED]) [011019 07:57]:
> I was wondering if there are any secure methods of centrally
> managing the versions of certain files on Debian machines. I currently
> have a woody, two sids and several potatos which need to be kept up to
> date. The security patches are not m
On Fri, Oct 19, 2001 at 09:41:22AM -0700, nrvale0 wrote:
> > maybe have a look at cfengine?
> > or apt-cache search / freshmeat / google for other options
>
> I was down this road just a few months ago. cfengine is nice except
> that the author doesn't believe that 'administrative information' is
Hello,
I run Woody with 2.2.19 compiled from source, and the ptrace exploited worked
even with an older version of Openwall applied (scary...), but I snagged
fresh kernel source and the new Openwall patch, and it fails with the message
you receive ("execl: Operation not permitted.").
Regards,
> Has anyone else noticed that the included exploit does not affect
> 2.2.19? I tested it on one of my boxes and got the expected 'Operation
> not permitted'. Maybe I'm misunderstanding the problem, but I thought
> taht 2.2.19 took care of (well hindered) the ptrace problems.
I can't make the pt
On Fri, Oct 19, 2001 at 12:24:45PM -0500, Kenneth Pronovici wrote:
> > i think Linus has already approved the patch. im not sure yet when will
> > it arrive though..
>
> Yes, the email linked to by that /. posting :
>
>
> http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2
> i think Linus has already approved the patch. im not sure yet when will
> it arrive though..
Yes, the email linked to by that /. posting :
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
has attached to it the Linus-blessed 2.2.19 patch.
KEN
On Fri, Oct 19, 2001 at 05:13:19PM +0100, Niall Walsh wrote:
> Hi,
>
> I just discovered
> http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
>
> thanks to /. (so I'm sure more of you are aware of it). I was just
> wondering if anyone can let me k
* Juha J?ykk? ([EMAIL PROTECTED]) [011019 07:57]:
> I was wondering if there are any secure methods of centrally
> managing the versions of certain files on Debian machines. I currently
> have a woody, two sids and several potatos which need to be kept up to
> date. The security patches are not
> maybe have a look at cfengine?
> or apt-cache search / freshmeat / google for other options
I was down this road just a few months ago. cfengine is nice except
that the author doesn't believe that 'administrative information' is
something that should be protected and thus has no plans to move f
> changes via cvs to a nfs mount, all the client machines download changes
> via a cron job.
Whoooa... nfs? Security++... I could consider using some secure
networked file system, though but I doubt cron would be a good idea.
Or maybe it is. Anyone any concerns?
Another thing that crossed my m
On Fri, Oct 19, 2001 at 09:41:22AM -0700, nrvale0 wrote:
> > maybe have a look at cfengine?
> > or apt-cache search / freshmeat / google for other options
>
> I was down this road just a few months ago. cfengine is nice except
> that the author doesn't believe that 'administrative information' is
Hello,
I run Woody with 2.2.19 compiled from source, and the ptrace exploited worked
even with an older version of Openwall applied (scary...), but I snagged
fresh kernel source and the new Openwall patch, and it fails with the message
you receive ("execl: Operation not permitted.").
Regards,
First announcement of
II INTERNACIONAL UNIX MEETING IN UNINET
(UMEET 2001)
December 1st -- December 15th, 2001
(Excuse us if you recive this letter more than once)
UniNet, is a University Network, a non profit organization, which
Hi,
I just discovered
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
thanks to /. (so I'm sure more of you are aware of it). I was just
wondering if anyone can let me know how we discover when we are likely
to see an update for the kernel on
On Fri, Oct 19, 2001 at 05:54:28PM +0300, Juha J?ykk? wrote:
> I was wondering if there are any secure methods of centrally
> managing the versions of certain files on Debian machines. I currently
> have a woody, two sids and several potatos which need to be kept up to
> date. The security patche
On Fri, Oct 19, 2001 at 06:33:43PM +0300, Juha J?ykk? wrote:
> > > 3. Break into one of the other machines, use the suided script to
> >^
> > I can't answer your questions - I know too little. Just one remark:
> > AFAIK, Linux doesn't
> Has anyone else noticed that the included exploit does not affect
> 2.2.19? I tested it on one of my boxes and got the expected 'Operation
> not permitted'. Maybe I'm misunderstanding the problem, but I thought
> taht 2.2.19 took care of (well hindered) the ptrace problems.
I can't make the p
> > 3. Break into one of the other machines, use the suided script to
>^
> I can't answer your questions - I know too little. Just one remark:
> AFAIK, Linux doesn't support suided shell scripts. At least it didn't do
> that a few year
On Fri, 19 Oct 2001 at 17:54:28 +0300, Juha Jäykkä wrote:
[...]
> case, which is the safest option? Currently I am considering
> configuring sudo to enable the admin user to execute a single script
> (mods 0700) without a password or just chmod that script 4700. I am not
On Fri, Oct 19, 2001 at 12:24:45PM -0500, Kenneth Pronovici wrote:
> > i think Linus has already approved the patch. im not sure yet when will
> > it arrive though..
>
> Yes, the email linked to by that /. posting :
>
>
>http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2
> i think Linus has already approved the patch. im not sure yet when will
> it arrive though..
Yes, the email linked to by that /. posting :
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
has attached to it the Linus-blessed 2.2.19 patch.
KE
I was wondering if there are any secure methods of centrally
managing the versions of certain files on Debian machines. I currently
have a woody, two sids and several potatos which need to be kept up to
date. The security patches are not much of a concern since they are
quite infrequent (except f
On Fri, Oct 19, 2001 at 05:13:19PM +0100, Niall Walsh wrote:
> Hi,
>
> I just discovered
>
>http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
>
> thanks to /. (so I'm sure more of you are aware of it). I was just
> wondering if anyone can let me
> maybe have a look at cfengine?
> or apt-cache search / freshmeat / google for other options
I was down this road just a few months ago. cfengine is nice except
that the author doesn't believe that 'administrative information' is
something that should be protected and thus has no plans to move
> changes via cvs to a nfs mount, all the client machines download changes
> via a cron job.
Whoooa... nfs? Security++... I could consider using some secure
networked file system, though but I doubt cron would be a good idea.
Or maybe it is. Anyone any concerns?
Another thing that crossed my
First announcement of
II INTERNACIONAL UNIX MEETING IN UNINET
(UMEET 2001)
December 1st -- December 15th, 2001
(Excuse us if you recive this letter more than once)
UniNet, is a University Network, a non profit organization, whic
Hi,
I just discovered
http://www.securityfocus.com/cgi-bin/archive.pl?id=1&mid=221337&start=2001-10-15&end=2001-10-21
thanks to /. (so I'm sure more of you are aware of it). I was just
wondering if anyone can let me know how we discover when we are likely
to see an update for the kernel on
On Fri, Oct 19, 2001 at 05:54:28PM +0300, Juha J?ykk? wrote:
> I was wondering if there are any secure methods of centrally
> managing the versions of certain files on Debian machines. I currently
> have a woody, two sids and several potatos which need to be kept up to
> date. The security patch
On Fri, Oct 19, 2001 at 06:33:43PM +0300, Juha J?ykk? wrote:
> > > 3. Break into one of the other machines, use the suided script to
> >^
> > I can't answer your questions - I know too little. Just one remark:
> > AFAIK, Linux doesn't
> > 3. Break into one of the other machines, use the suided script to
>^
> I can't answer your questions - I know too little. Just one remark:
> AFAIK, Linux doesn't support suided shell scripts. At least it didn't do
> that a few yea
On Fri, 19 Oct 2001 at 17:54:28 +0300, Juha Jäykkä wrote:
[...]
> case, which is the safest option? Currently I am considering
> configuring sudo to enable the admin user to execute a single script
> (mods 0700) without a password or just chmod that script 4700. I am not
I was wondering if there are any secure methods of centrally
managing the versions of certain files on Debian machines. I currently
have a woody, two sids and several potatos which need to be kept up to
date. The security patches are not much of a concern since they are
quite infrequent (except
[Fri, Oct 19, 2001 at 08:42:34AM +0200] vdongen :
> I do have snort installed and it gives me nicely daily status logs
> containing absolutely nothing
Have you configured snort ? Iff not, this can be done via the debconf
front-end or via 'hand'.
--
ragOO, VU2RGU http://gnuhead.net.dhi
I do have snort installed and it gives me nicely daily status logs
containing absolutly nothing :(
There might be more programs mailing root(or alias for root) with
nothingCRON maybe...
Gr,
Ivo
Without the darkness, ho
[Fri, Oct 19, 2001 at 08:42:34AM +0200] vdongen :
> I do have snort installed and it gives me nicely daily status logs
> containing absolutely nothing
Have you configured snort ? Iff not, this can be done via the debconf
front-end or via 'hand'.
--
ragOO, VU2RGU http://gnuhead.net.dh
45 matches
Mail list logo
