3.2-4+deb5u1.dsc is fine AFAIK.
Simon Valiquette
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/5432e22d.1040...@ieee.org
ues anyway) I don't think you
will have any problem.
If you want to be sure, you can increase the verbosity of OpenSSH and
check in the logs if any connection ever used something else than RSA. If
after few months no host ever used DSA, you'll know you probably can
disable it c
o restart it if
you want to be sure it use the new version of the library.
I hope that makes thing clearer.
Simon Valiquette
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://
tantan un jour écrivit:
Hello,
to know someone from using a packet generator?
tcpreplay allow you to send specific packets from a file, including
invalid ones AFAIK. Since you can alter the packets, it can be useful for
testing the application when receiving bad data like a string that is
Joey Schulze un jour écrivit:
Simon Valiquette wrote:
In the Securing Debian Manual, the key id to use to send an encrypted
email to the security team is 363CCD95, but on the following link,
it is F2E861A3 that is listed instead.
http://www.debian.org/security/faq.en.html#contact
Maybe
could someone clarify what will
happens after it expire in six weeks? Will it be replaced by a new
key, or will the expiration date simply be changed?
3. If the old key 363CCD95 is not used anymore, is there any reasons
for not revoking it?
Thank you in advance for the clarifications,
Simon Valiquett
I only made some quick tests by disabling one tty in securetty, so you
should check It before trusting that It works as intended.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
security problem (or
hiding/fixing the bug by pure luck). Checking for that bug is not very
difficult, but checking for this bug and all the other one can be very
time consumming and boring, which can explain some delay.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
fect 2.6.18?
More specifically, can someone confirm that CVE-2008-3915 doesn't
affect the 2.6.18 kernel series in Debian? If I believe this link, this
bug is not limited to 2.6.24 in Etch-and-a-half.
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2008-3915
Simon Valiquette
-
ge at your place.
Hopefully, the security team will eventually release an update for the
other kernel. If you can't wait, you can try to manualy patch your kernel
for the security issues that concern you the most and recompile.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PR
Eduardo M KALINOWSKI un jour écrivit:
Simon Valiquette wrote:
Personally, I would prefer never to see password stored in clear text
anywhere, whatever the file permissions are. And If I really want to
still see them, I certainly won't complain if all I have to do is make a
small chan
W. Martin Borgert un jour écrivit:
On 2008-08-28 20:40, Simon Valiquette wrote:
That's obviously true, but that doesn't cover the case when logs are
copied to a second system with sysadmins that doesn't have access to the
first server. And if someone use the standard 514 sysl
rd too often (possibly because they sometime put their
password in the user field) then they start writting down the password
somewhere they think nobody will find It, even if It is forbiden by policy.
Policy won't change human nature, sorry.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
most likely a very bad password that
someone could guess anyway, so that is a non-issue (except for the fact
that the password should obviously be changed for a better one).
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
t you don't like to see them lying about the server application
and version they use, which is something done by a lot of people on
production systems that directly face the Internet.
Simon Valiquette
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (Linux PPC)
iD8DBQFITE9qJPE+P+aMAJI
roper format for SSH. In any case,
It can generate 2048 DSA keys or even longer ones if needed.
Look at those man pages and on Google.
man openssl
man dsaparam
man gendsa
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Micah Anderson un jour écrivit:
* Simon Valiquette <[EMAIL PROTECTED]> [2008-05-14 16:36-0400]:
In other words, if a vulnerable key have been involved, and if someone
was able to intercept and save the encrypted data, he/she can now
decipher It, whether It is passwords, ssh se
probably easily answer this one.
I still need to change the passwords and host key of every possibly
affected system (mostly done), but I would feel better by knowing exactly
what to expect.
Thank you,
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
en care of).
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ude both fix at the same time.
But there should be an official way to get major problems fixed when
the risk of breaking somethings is low enough.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
And maybe make a statement about It if an architecture is not
affected (though It is obviously not the case here).
Simon Valiquette
http://gulus.USherbrooke.ca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (Linux PPC)
iD8DBQFHsNVRJPE+P+aMAJIRA9XjAKDBFjM1qF7Uoz69bWAqmShNgHr2vQCeJ
uch better than Sarge in my
opinion and would go directly there. If you are paranoid, you will also
want to activate SELinux.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
t-get -Vu build-dep rsync
sudo apt-get -Vu source --compile rsync
dpkg -i rsync_2.6.9-2etch1_powerpc.deb
At least, I was not forced to wait for support and could recompile
or patch It myself, which would not have been possible with most
closed source software :o)
Simon Valiquette
-BEGI
-BEGIN PGP SIGNED MESSAGE-
Hash: RIPEMD160
Simon Valiquette un jour écrivit:
>
> There is no updated packages for Debian Etch PowerPC, contrarily
> to what is stated on the previous line.
>
>
> In case sec.deb.org/dists/etch/updates/main/binary-powerpc/Packages.g
c.deb file, but realized the
whole section was also missing in the advisory.
Actually, the file have not been uploaded at all on security.debian.org
Is there again a problem with the build host or something?
Simon Valiquette
-BEGIN PGP SIGNATURE-
Version: G
an It will solve, and not makes the computer significantly
more secure (many trojan will use port 80 or 21 anyway). But adding the
option to install a firewall in the expert mode makes sense to me.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
il only when I was about to
answer.
How to reproduce It? apt-get -Vu remove --purge ftpd
Then your next installation will again download ftpd from this mirror.
Unless me missed something, problem solved.
Simon Valiquette
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of &qu
ght be worth
to verify.
Simon Valiquette
http://gulus.USherbrooke.ca
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (Linux PPC)
iD8DBQFE96xfJPE+P+aMAJIRA448AJ423Wn32g6MgB6fM+yDCytZ2wiXtgCeNMkp
RkaffrOc1zYvs1gWLCQKuJQ=
=xJSd
-END PGP SIGNATURE-
--
To UNSUBSCRIBE, email to [EMAIL PROTEC
28 matches
Mail list logo
