s
the read-only security.
[1] http://packages.debian.org/stable/admin/debsums
Cheers,
Daniel van Eeden
On Sun, 2007-06-24 at 15:23 +0100, andy baxter wrote:
> hello,
>
> I am writing to ask what you think of the following idea? Something that
> I would like to see is a bootable CDROM w
George,
You could try booting from an debian install cd/dvd and choosing the
rescue option. Then you'll have to chroot into you installation and fix
the mountpoints. But this is a work-around, it shouldn't be so hard to
do.
Cheers,
Daniel
On Fri, 2007-04-20 at 20:30 -0500, George P Boutwell wro
This bug really should have critical or release-critical as severity
level. It almost caused an production box with debian sarge to break.
(/var filesystem full)
I verified this bug on stable and sid.
As this is an DOS attack.
Regards,
Daniel van Eeden
--
To UNSUBSCRIBE, email to [EMAIL
Why is /var/run/radvd setuid radvd?
The exact permissions of /var/run/radvd on my debian sid system:
drwsr-xr-x 2 radvd root 27 Nov 21 22:31 radvd
Cheers,
Daniel van Eeden <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "
Package: webcalendar
Version: 0.9.45-7
Severity: normal
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Every local user can view the password with this command:
debconf-get-selections | grep webcalendar/conf/db_password
The passwords for cacti and slapd are properly hidden, so this is
probaly not
file a bug report?
--
Daniel van Eeden <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME cryptographic signature
>
> http://security.debian.org/pool/updates/main/k/kdebase/konqueror_2.2.2-14.9_sparc.deb
> Size/MD5 checksum: 1939998 4b66439b38ab03d4882b9651523f46ab
>
> http://security.debian.org/pool/updates/main/k/kdebase/konsole_2.2.2-14.9_sparc.deb
> Size/MD5 checksum: 468830 f4d49ea7fa19782987bf7ad3048e1556
>
> http://security.debian.org/pool/updates/main/k/kdebase/kscreensaver_2.2.2-14.9_sparc.deb
> Size/MD5 checksum: 391342 2fbd92a134367967f5af6d74b54d67d1
>
> http://security.debian.org/pool/updates/main/k/kdebase/libkonq-dev_2.2.2-14.9_sparc.deb
> Size/MD5 checksum:46038 a31928bb3ae42311d8c12a7a4d857cbc
>
> http://security.debian.org/pool/updates/main/k/kdebase/libkonq3_2.2.2-14.9_sparc.deb
> Size/MD5 checksum: 219372 cd51b55bd951624d5336fc56d0befdf8
>
>
> These files will probably be moved into the stable distribution on
> its next update.
>
> -
> -
> For apt-get: deb http://security.debian.org/ stable/updates main
> For dpkg-ftp: ftp://security.debian.org/debian-security
> dists/stable/updates/main
> Mailing list: debian-security-announce@lists.debian.org
> Package info: `apt-cache show ' and http://packages.debian.org/
>
> -BEGIN PGP SIGNATURE-
> Version: GnuPG v1.2.5 (GNU/Linux)
>
> iD8DBQFB98T+W5ql+IAeqTIRAo08AJ4j+/SVb0nAKIkwLxGOVfracoqP3QCeMk/0
> CAgqM2quLUj7c9qrl95OeNY=
> =PU6m
> -END PGP SIGNATURE-
>
>
--
Daniel van Eeden <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME cryptographic signature
rc architecture:
> >
> >
> > http://security.debian.org/pool/updates/main/q/queue/queue_1.30.1-4woody2_sparc.deb
> > Size/MD5 checksum: 123792 6a6685be2847e8c50c71712b80b05c2c
> >
> >
> > These files will probably be moved into the stable distribution on
> > its next update.
> >
> > -
> > -
> > For apt-get: deb http://security.debian.org/ stable/updates main
> > For dpkg-ftp: ftp://security.debian.org/debian-security
> > dists/stable/updates/main
> > Mailing list: debian-security-announce@lists.debian.org
> > Package info: `apt-cache show ' and http://packages.debian.org/
> >
> > -BEGIN PGP SIGNATURE-
> > Version: GnuPG v1.2.5 (GNU/Linux)
> >
> > iD8DBQFB7MfgW5ql+IAeqTIRAk5gAKCiF4/BxJKCS9sO/unLnxk20Q/IkwCgp1pG
> > HTFfGLLM5sBKoRYUI5VqR3Y=
> > =LOOJ
> > -END PGP SIGNATURE-
> >
> >
> >
>
> --
> |> /+\ \| | |>
>
> David Croft
> Infotrek
>
>
--
Daniel van Eeden <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME cryptographic signature
I did reproduce it on my alpha running Debian 3.0
And it seems like I'm still logged on and all programs are just running
fine and I can still use the bash prompt which executed screen. The last
command says I'm still logged in, but w and who won't show my session.
Daniel va
seems like a blank line is reported instead of the desired
information.
It won't work if not connected to /dev/tty1
Could anybody confirm this?
--
Daniel van Eeden <[EMAIL PROTECTED]>
signature.asc
Description: This is a digitally signed message part
smime.p7s
Description: S/MIME cryptographic signature
now on. Are security updates now signed
> with the 2008 key, or will there be separate key for the security
> team? If the former, how do we get the 2008 key onto users' stable
> systems from 2007?
>
> Thanks,
>
--
Daniel van Eeden <[EMAIL PROTECTED]>
smime.p7s
Description: S/MIME cryptographic signature
7;^(0|90|180|270)$', $degree))||($degree == '')))
+ die('bad degree');
Good.
+ if (!((ereg('^1$', $rotate))||($rotate == '')))
+ die('bad rotate');
Good.
I don't like the die() cals which are made by this patch and by my
patch. Anybody a nice solution for this? (
Maybe a header("Location: security_error.php") kind of thing?
--
Daniel van Eeden <[EMAIL PROTECTED]> http://compukid.no-ip.org/
jabber: [EMAIL PROTECTED] aim: Compukid128 icq: 36952189
7;^(0|90|180|270)$', $degree))||($degree == '')))
+ die('bad degree');
Good.
+ if (!((ereg('^1$', $rotate))||($rotate == '')))
+ die('bad rotate');
Good.
I don't like the die() cals which are made by this patch and by my
patch. Anybody a nice solution for this? (
Maybe a header("Location: security_error.php") kind of thing?
--
Daniel van Eeden <[EMAIL PROTECTED]> http://compukid.no-ip.org/
jabber: [EMAIL PROTECTED] aim: Compukid128 icq: 36952189
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
It's not the most beatiful patch. (die is evil) but it seems to work.
Is it secure enough?
Daniel van Eeden <[EMAIL PROTECTED]>
Common subdirectories: phpix-2.0.2.orig/albums and phpix-2.0.2/albums
Only in phpix-2.0.2: build-stamp
Common subdirectories: phpix-2.0.2.orig/CVS and phpi
It's not the most beatiful patch. (die is evil) but it seems to work.
Is it secure enough?
Daniel van Eeden <[EMAIL PROTECTED]>
Common subdirectories: phpix-2.0.2.orig/albums and phpix-2.0.2/albums
Only in phpix-2.0.2: build-stamp
Common subdirectories: phpix-2.0.2.orig/CVS and phpi
You're right...not a root exploit. (but this exploit will make all local
root exploits act like remote root exploits)
Today I had a MyDoom breakfast, for lunch 12 gaim overflows and for
dinner a delicous phpix unsafe inclusion.
Anybody suggestions for the dessert?
Daniel van Eeden &l
You're right...not a root exploit. (but this exploit will make all local
root exploits act like remote root exploits)
Today I had a MyDoom breakfast, for lunch 12 gaim overflows and for
dinner a delicous phpix unsafe inclusion.
Anybody suggestions for the dessert?
Daniel van Eeden &l
Someone used this bug to attack my system...
My advice to all phpix users...chmod 700 /var/www/phpix
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=229794
Daniel van Eeden <[EMAIL PROTECTED]>
Someone used this bug to attack my system...
My advice to all phpix users...chmod 700 /var/www/phpix
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=229794
Daniel van Eeden <[EMAIL PROTECTED]>
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe".
-Forwarded Message-
> From: Martin Schulze <[EMAIL PROTECTED]>
> To: Daniel van Eeden <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: Gaim remote overflows (12x)
> Date: Tue, 27 Jan 2004 19:58:22 +0100
>
> Daniel van Eeden wrote:
> >
How about the stable version?
On Tue, 2004-01-27 at 19:55, Adam D. Barratt wrote:
> On Tue, 2004-01-27 at 18:40, Daniel van Eeden wrote:
> > Debian versions of gaim patched?
> > <http://security.e-matters.de/advisories/012004.html>
>
> gaim 0.75-2 was uploaded a couple
-Forwarded Message-
> From: Martin Schulze <[EMAIL PROTECTED]>
> To: Daniel van Eeden <[EMAIL PROTECTED]>
> Cc: [EMAIL PROTECTED]
> Subject: Re: Gaim remote overflows (12x)
> Date: Tue, 27 Jan 2004 19:58:22 +0100
>
> Daniel van Eeden wrote:
> >
Debian versions of gaim patched?
<http://security.e-matters.de/advisories/012004.html>
--
Daniel van Eeden <[EMAIL PROTECTED]> http://compukid.no-ip.org/
jabber: [EMAIL PROTECTED] aim: Compukid128 icq: 36952189
How about the stable version?
On Tue, 2004-01-27 at 19:55, Adam D. Barratt wrote:
> On Tue, 2004-01-27 at 18:40, Daniel van Eeden wrote:
> > Debian versions of gaim patched?
> > <http://security.e-matters.de/advisories/012004.html>
>
> gaim 0.75-2 was uploaded a couple
Debian versions of gaim patched?
<http://security.e-matters.de/advisories/012004.html>
--
Daniel van Eeden <[EMAIL PROTECTED]> http://compukid.no-ip.org/
jabber: [EMAIL PROTECTED] aim: Compukid128 icq: 36952189
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
25 matches
Mail list logo