libiksemel: utterly insecure GNUTLS settings

2015-10-27 Thread duck
Package: libiksemel Version: 1.4-2 Severity: grave tags: security Control: affects -1 = zabbix-server-pgsql zabbix-server-mysql Coin, Since I changed my XMPP server, Zabbix failed to send alerts via XMPP with "tls handshake failed". The XMPP server said "no shared cipher". After some research

Re: [SECURITY] [DSA 3372-1] linux security update

2015-10-27 Thread Florian Weimer
* Denny Bortfeldt: > Hello everyone, > > does anyone know why there aren't any changelogs for deb7u4 and dev7u5 ?! Hi Denny, I checked, and there are changelog entries in the package. > It would be really nice to know what have been changed. > > ~# apt-get changelog linux-headers-3.2.0-4-amd64

Re: Debian Desktop Environment

2015-10-27 Thread Davide Prina
Hi Mateusz, I'm not a security expert. And also I'm not an English expert ;-) On 27/10/2015 12:29, Mateusz Kozłowski wrote: Could You tell me which debian desktop environment is the most security and the best privacy and which You recommned for debian users? (KDE, XFCE, GNOME etc.)? I think

Re: Debian Desktop Environment

2015-10-27 Thread Elmar Stellnberger
Dear Paul, My recommendation generally is to fetch it at least via tor/tails and another network and compare both .pukey files as described under http://www.elstel.org/software/GnuPG-usage.html.en. That should be ok. Concerning the strange https configuration it is just about me not having

Re: Debian Desktop Environment

2015-10-27 Thread Elmar Stellnberger
Dear Jason Fergus, Dear Subscribers of the Debian Security List, I am ready to share some more data about the incident and its circumstances as soon as you would contact me via gpg-mail as described under https://www.elstel.org/Contact.html. Anyone who is interested and reading this mail is

Re: Debian Desktop Environment

2015-10-27 Thread Jason Fergus
I'm curious about how you were infected by a rootkit, which one it was, and what you did to discover it?  Using a Sandbox is a great idea for those two, except of course those are generally the applications with the most sensitive data as well.  I always try to disable html email, but people insist

Re: Debian Desktop Environment

2015-10-27 Thread Elmar Stellnberger
I would believe that it will heavily depend on how you configure your desktop environment: * One feature I do always turn off is desktop auto indexing because otherwise even storing an email attachement just for invoking it with an online view-as-jpeg service could cause an infection. Note that

Re: Debian Desktop Environment

2015-10-27 Thread Konstantin Khomoutov
On Tue, 27 Oct 2015 12:29:53 +0100 Mateusz Kozłowski wrote: > Could You tell me which debian desktop environment is the most > security and the best privacy and which You recommned for debian > users? (KDE, XFCE, GNOME etc.)? Please ask this question on debian-users instead. This list is highly

Debian Desktop Environment

2015-10-27 Thread Mateusz Kozłowski
Hi, Could You tell me which debian desktop environment is the most security and the best privacy and which You recommned for debian users? (KDE, XFCE, GNOME etc.)?