Re: Security support incomplete? (was: Re: [SECURITY] [DSA 3455-1] curl security update)

Hi, Le mardi 02 février 2016 à 18:21, Wolfgang Jeltsch a écrit : > • Where is a list of unfixed security issues? "debsecan" package might be an option for getting such a list. I don't have an oldstable install to check if this particular issue is in the list. Maybe someone else could check for

Re: Manually Archived keyrings can be installed - what about automatic?

Hi, Le samedi 13 juin 2015 à 12:46, Rajib Bandopadhyay a écrit : > Then what does this following line do in /etc/apt/sources.list : > deb http://security.debian.org stable/updates main contrib non-free ? > > According to https://www.debian.org/security/ this line to use apt > to easily get the

Re: Unverifiable Signature on Debian Security Advisory Emails

Hi, Le vendredi 12 décembre 2014 à 11:20, Hubert Chathi a écrit : > > I'll backport Sid version for my stable system, hope there won't be > > any side effect… > > Given that it's purely data and it has no dependencies, there shouldn't > be any side effects. However, remember that if you download

Re: Unverifiable Signature on Debian Security Advisory Emails

Hi, Le jeudi 11 décembre 2014 à 21:46, Hubert Chathi a écrit : > On Thu, 11 Dec 2014 17:28:32 -0800, Jeremie Marguerie > said: > > I guess there might/should be something on the official website with > > the key ID of official members. > > apt-get install debian-keyring? Thanks for pointing th

Re: [SECURITY] [DSA 3074-2] php5 regression update

Le mercredi 19 novembre 2014 à 15:12, Sébastien NOBILI a écrit : > Le mercredi 19 novembre 2014 à 14:57, David MENTRE a écrit : > > Le 19/11/2014 11:49, Yves-Alexis Perez a écrit : > > >so people are advised to keep kernel > > >symlink protection (sysctl fs.protected_s

Re: [SECURITY] [DSA 3074-2] php5 regression update

Le mercredi 19 novembre 2014 à 14:57, David MENTRE a écrit : > Le 19/11/2014 11:49, Yves-Alexis Perez a écrit : > >so people are advised to keep kernel > >symlink protection (sysctl fs.protected_symlinks=1) enabled as it is by > >default on Wheezy > > This setting is not set on my Wheezy machine.

Re: [SECURITY] [DSA 3074-1] php5 security update

Hi, Le mercredi 19 novembre 2014 à 7:59, Yves-Alexis Perez a écrit : > Yes, we're aware of that and working on a quick regression update. Thanks for this (quick) update! Seb -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact

No announce for file update ?

Hi, I received an upgrade notification from apticron about "file" packages (file & libmagic1) for Wheezy. It seems no announce has been sent about this upgrade (http://www.debian.org/security/). Is it safe to upgrade ? Seb -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org

Re: security advice wanted for home server

Le vendredi 27 février 09 à 10:43, andy baxter a écrit : > I can make sure that the server doesn't have any incoming ports open > except http and ssh) I would use another port than 22 for the SSH. If your machine's ports are being scanned and it appears port 22 is open, then you'll probably have