On Sat, Apr 5, 2014 at 11:23 PM, Patrick Schleizer wrote:
> This approach seemed futile to me. At least for now. There are too many
> files, that are automatically generated created by postinst scripts. For
> example /usr/lib/pymodules/python2.7/**/__init__.pyc gets automatically
> generated. Even
Hi,
What about the prosody version in squeeze. Is it unaffected? If so, it
may help to make it clear in the DSA.
Warm regards and thanks for the good work,
Tom
On 06/04/14 01:10, Luciano Bello wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256
-
-
Elmar Stellnberger:
>>> As Debian package headers do not use to be signed
>> I think you are mistaken here or maybe I misunderstand. When you have a
>> Debian medium you trust (such as a Live DVD from a trusted source), we
>> can regard keys in /etc/apt/trusted.gpg.d/ and /etc/apt/trusted.gpg as
>>
Hi Patrick! Hi Adam!
Am 05.04.2014 15:23, schrieb Patrick Schleizer:
This approach seemed futile to me. At least for now. There are too many
files, that are automatically generated created by postinst scripts. For
example /usr/lib/pymodules/python2.7/**/__init__.pyc gets automatically
generated.
Ah; sometimes you oversee what is not hard to see; I am just updating
the web page for debcheckroot;
thx & kind regards, Elmar.
Am 05.04.2014 17:00, schrieb Adam D. Barratt:
On Sat, 2014-04-05 at 16:52 +, Elmar Stellnberger wrote:
Am 05.04.2014 15:23, schrieb Patrick Schleizer:
As Debian
On Sat, 2014-04-05 at 16:52 +, Elmar Stellnberger wrote:
> Am 05.04.2014 15:23, schrieb Patrick Schleizer:
> >> As Debian package headers do not use to be signed
> > I think you are mistaken here or maybe I misunderstand. When you have a
> > Debian medium you trust (such as a Live DVD from a tr
Am 05.04.2014 15:23, schrieb Patrick Schleizer:
Hi Elmar!
This is a most interesting tool!
The opensuse logo on http://www.elstel.org/debcheckroot/ is confusing,
since this is a Debian tool. This might scare of interested people.
Oh, what an embarrassing mishap!
Many Thanks for your evidence
Hi Elmar!
This is a most interesting tool!
The opensuse logo on http://www.elstel.org/debcheckroot/ is confusing,
since this is a Debian tool. This might scare of interested people.
> As Debian package headers do not use to be signed
I think you are mistaken here or maybe I misunderstand. When
Great! I do really believe that Debian and other distros are currently
lacking such a tool.
Have you also thought about retrieving checksums from package headers?
That is at least my approach because storing checksums spearately is a
tedious task which the casual user is not likely up to take. M
The tool is now ready to be downloaded at
http://www.elstel.org/debcheckroot.
Feedback will be highly appreciated!
Am 28.01.2014 11:40, schrieb Elmar Stellnberger:
Dear Debian-Security
Having just released debcheckroot I wanna shortly present you my new tool:
It was originally designed as a
10 matches
Mail list logo
