Re: [SECURITY] [DSA 1796-1] New libwmf packages fix denial of service

2009-05-07 Thread info
RISPOSTA AUTOMATICA Grazie per l’e-mail. Siamo assenti fino al 1 giugno 2009 Per casi urgenti vi preghiamo di contattare il Signor Silvano Ardia al numero di telefono +41 79 337 25 78. Il vostro mail sarà letto dal servizio di picchetto. Ringraziamo per la comprensione. Staff SkyHosting.ch

Re: [SECURITY] [DSA 1789-1] New php5 packages fix several vulnerabilities

2009-05-07 Thread Raphael Geissert
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Sébastien Le Ray wrote: > Thijs Kinkhorst a écrit : >> CVE-2008-5658 >> >> Directory traversal vulnerability in the ZipArchive::extractTo >> function allows attackers to write arbitrary files via a ZIP file >> with a file whose name contains .. (

Re: firewall critique

2009-05-07 Thread Florian Weimer
* Zachary Uram: > iptables -A INPUT -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT You should restrict RELATED to ICMP. For TCP and UDP, RELATED can open up your internal network to the outside world (depending on what firewall helpers you have loaded). -- To UNSUBSCRIBE, email to debia

[SEC#MXE-2kFJA-894] [SECURITY] [DSA 1786-1] New acpid packages fix denial of service

2009-05-07 Thread Dan Bassett
We're on 1.0.8-1, so we're okay. Dan

Re: [SECURITY] [DSA 1794-1] New Linux 2.6.18 packages fix several vulnerabilities

2009-05-07 Thread Dominic Hargreaves
On Thu, May 07, 2009 at 11:33:22AM +0200, mex wrote: > ist this the same like DSA-1787 / > http://www.debian.org/security/2009/dsa-1787 > ?? No, that relates to linux-2.6.24, an alternate kernel version for etch. Some of the issues will overlap, but the software release is different so which adv