Re: DSA for CVE-2016-5696 (off-path blind TCP session attack)

something enormous (e.g. 9) will make it much harder for attackers to exploit the flaw. -- Jakub Wilk

Re: Call for testing: upcoming wordpress security update

nonsense unless proven otherwise. -- Jakub Wilk

Re: "Ian Murdock" Death

* Kyle Lussier , 2016-07-16, 07:15: I request people put "extra mental bandwidth" into responses I request that people don't feed the troll. Thanks. -- Jakub Wilk

Re: Which Debian packages leak information to the network?

* ale , 2016-05-20, 10:26: I think you could also use AppArmor profiles to filter network access per application in the way you describe. I don't believe Debian kernels support this: #712451 -- Jakub Wilk

Re: Which Debian packages leak information to the network?

3 May 2016","python":"2.7.11+","system":{"name":"Linux","release":"4.5.0-2-amd64"}} (As a side note, I don't think this is RFC-2616-compliant...) Popcon, bts, wnpp-check are the noted examples Could you explain how any of these tools leak any information "without a user's consent/expectation"? -- Jakub Wilk

Re: Archived Debian releases without security site: lists.debian.org

. Generating another OpenPGP key with keyid 473041FA is not really computationally expensive. -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.

Re: Unverifiable Signature on Debian Security Advisory Emails

debian.org/cgit/keyring/keyring.git/). How do I verify authenticity of a keyring that was retrieved by rsync or git? -- Jakub Wilk -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.