Re: Analysis vulnerabilities associated to published security advisories, anyone?

2005-03-09 Thread David Schmitt
On Wednesday 09 March 2005 19:13, Steve Kemp wrote: > A simple script I wrote did that for me already - although there are > some fixups required as we seem to have a few different spellings > for different things. eg. sanitizing vs sanitising. > > You can see the simple output here along wi

Re: [SECURITY] [DSA 663-1] New prozilla packages fix arbitrary code execution

2005-02-23 Thread David Schmitt
On Wednesday 23 February 2005 14:21, Gilberto Martins wrote: > Good Morning (here ... :) > > Every time I receive a mail from debian-security, I get a message as the > one anexed, in the yellow strip, which says: > > "The message has been signed in 31-12-1969 20:59 with unknown key > 0x801EA932. Th

Re: .desktop arbitrary program execution (was: [SECURITY] [DSA 644-1] New chbg packages fix arbitrary code execution)

2005-01-20 Thread David Schmitt
On Wednesday 19 January 2005 04:45, David Mandelberg wrote: > Attached. > > Save to your GNOME/KDE desktop (like many newbies do) and double click the > new icon. .desktop files (currently) don't need the x bit set to work, so > no chmod'ing is necessary. Hmm, attached a screenshot how every MUA

Re: murphy in sbl.spamhaus.org

2004-11-26 Thread David Schmitt
On Fri, Nov 26, 2004 at 10:04:38AM +0100, Christian Storch wrote: > What about greylisting depending on results of e.g. SA? > Only above a limit of scores from SA greylisting would be become active. Use as many RBLs instead of the SA score, but use them not for blocking but for activating greylist