es should have been
expired for long...
On the other hand, root certificates are supposed to be long-lasting (a
few tens of years), so it's not surprising that some very old root
certificates (including X.509v1 ones) are still in use...
Regards,
--
Nicolas Boullis
École Centrale Paris
out of the question.)
What's the problem with this patch?
As for etch, I don't think the best approach is to keep things broken by
a security update.
As for lenny, I'd prefer not to have to add the intermediate CA to my
trusted list, but it certainly looks like a working solution.
uot; as the root certificate. It apparently is a v1 x509 certificate...
What is the solution for me? Should I rebuild all the applications and
libraries that use libgnutls, so that they request to accept x509v1
certificates? How?
--
Nicolas Boullis
--
To UNSUBSCRIBE, email to debian-security-r
what it's worth, libapache2-mod-suphp has no such disclaimer, so I
considered it safer to use.
Anyway, I don't think a security update should break existing setups
like this one did.
Cheers,
Nicolas Boullis,
slightly disappointed
PS: sorry Adrian for the duplicate message, I did not i
tup involves no symlink at all, I think this check exceeds
what is required to fix the security flaw.
Would it be possible to fix this behaviour?
Cheers,
Nicolas Boullis
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Hi,
The update for DSA 1494-1 lacks an update for the user-mode-linux package.
Note that I tried the exploit found in the wild. It worked fine with the
standard linux-image-2.6.18-6-686 kernel, but lead to a crash both in my
user-mode-linux virtual servers and with the
linux-image-2.6.18-6-686-big
Hi,
Steffen Joeris wrote:
>>
>>Note from what I can see, the sarge packages (except the i386 version) did
>>not depend on 238-1, but the etch packages do.
>>cc'ing the maintainer, maybe he knows why.
>
> I meant that the sarge packages did not depend on libkrb53 of course.
Thanks for your answer
Hi,
Steve Kemp wrote:
>
> Debian Security Advisory DSA-1430-1 [EMAIL PROTECTED]
> http://www.debian.org/security/ Steve Kemp
> December 11, 2007 http://www.de
Hi,
On Sat, Sep 27, 2003 at 01:24:47AM +0200, Bernd Eckenfels wrote:
> My point was refering to the fact that one needs a tool to find those
> problems, I know how to fix them :)
To find them, try apt-show-versions.
Regards,
Nicolas
Hi,
On Sat, Sep 27, 2003 at 01:24:47AM +0200, Bernd Eckenfels wrote:
> My point was refering to the fact that one needs a tool to find those
> problems, I know how to fix them :)
To find them, try apt-show-versions.
Regards,
Nicolas
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subje
Hi,
On Mon, Jun 09, 2003 at 08:25:27PM +0200, Helmar wrote:
> I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i
> cannot confirm that the above bug has been fixed. The simple exploit (i
> think it has been from bugtraq) is still working fine, giving every
> local user easily roo
Hi,
On Mon, Jun 09, 2003 at 08:25:27PM +0200, Helmar wrote:
> I just upgraded my kernel image from 2.4.18-k6 to 2.4.18-1-k6 and i
> cannot confirm that the above bug has been fixed. The simple exploit (i
> think it has been from bugtraq) is still working fine, giving every
> local user easily roo
Hi!
On Sun, Dec 15, 2002 at 09:07:21AM -0800, Torrin wrote:
> /etc/network/if-pre-up.d/iptables
>
> #!/bin/sh
>
> if [ `uname -r | cut -b -3` != "2.4" ]; then
> # echo "Not a 2.4 kernel. Exiting iptables firewall script.";
>exit 0;
> fi
>
> # This deletes existing tables
> iptables -F
>
Hi!
On Sun, Dec 15, 2002 at 09:07:21AM -0800, Torrin wrote:
> /etc/network/if-pre-up.d/iptables
>
> #!/bin/sh
>
> if [ `uname -r | cut -b -3` != "2.4" ]; then
> # echo "Not a 2.4 kernel. Exiting iptables firewall script.";
>exit 0;
> fi
>
> # This deletes existing tables
> iptables -F
>
14 matches
Mail list logo
