Ethan Benson <[EMAIL PROTECTED]> writes:
> On Wed, Nov 14, 2001 at 12:42:10PM +0100, Goswin Brederlow wrote:
> >
> > People with such old hardware are probably better of with bo or hamm
> > or potato. They probably need the low-mem target too.
>
> which are not (or will not in potato's case) be
Ethan Benson <[EMAIL PROTECTED]> writes:
> On Wed, Nov 14, 2001 at 12:42:10PM +0100, Goswin Brederlow wrote:
> >
> > People with such old hardware are probably better of with bo or hamm
> > or potato. They probably need the low-mem target too.
>
> which are not (or will not in potato's case) be
On Wed, Nov 14, 2001 at 12:42:10PM +0100, Goswin Brederlow wrote:
>
> People with such old hardware are probably better of with bo or hamm
> or potato. They probably need the low-mem target too.
which are not (or will not in potato's case) be supported with
security updates.
--
Ethan Benson
htt
Jørgen Hermanrud Fjeld <[EMAIL PROTECTED]> writes:
> Hi.
> Although it might sound stupid, my question is:
> Will there ever come a time when making 1220 boot floppies with 2.4.x kernel
> will be doable?
> If I assume that it's the kernel size that makes it difficult, then it
> doesn't matter we
On Wed, Nov 14, 2001 at 12:42:10PM +0100, Goswin Brederlow wrote:
>
> People with such old hardware are probably better of with bo or hamm
> or potato. They probably need the low-mem target too.
which are not (or will not in potato's case) be supported with
security updates.
--
Ethan Benson
ht
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi.
Although it might sound stupid, my question is:
Will there ever come a time when making 1220 boot floppies with 2.4.x kernel
will be doable?
If I assume that it's the kernel size that makes it difficult, then it
doesn't matter wether we use boot-
Jørgen Hermanrud Fjeld <[EMAIL PROTECTED]> writes:
> Hi.
> Although it might sound stupid, my question is:
> Will there ever come a time when making 1220 boot floppies with 2.4.x kernel
> will be doable?
> If I assume that it's the kernel size that makes it difficult, then it
> doesn't matter w
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi.
Although it might sound stupid, my question is:
Will there ever come a time when making 1220 boot floppies with 2.4.x kernel
will be doable?
If I assume that it's the kernel size that makes it difficult, then it
doesn't matter wether we use boot
On Tue, Nov 13, 2001 at 01:09:46PM +0100, Jørgen Hermanrud Fjeld wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Tuesday 13 November 2001 09:52, Ethan Benson wrote:
> > 2.4 is also especially problematic on i386 since you have to fit it on
> > all these archaic 1.22MB floppies and
On Tue, Nov 13, 2001 at 01:09:46PM +0100, Jørgen Hermanrud Fjeld wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> On Tuesday 13 November 2001 09:52, Ethan Benson wrote:
> > 2.4 is also especially problematic on i386 since you have to fit it on
> > all these archaic 1.22MB floppies and
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 13 November 2001 09:52, Ethan Benson wrote:
> 2.4 is also especially problematic on i386 since you have to fit it on
> all these archaic 1.22MB floppies and such.
Hmm, I thought the 2.4 kernel was quite compact, and sometimes smaller, when
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On Tuesday 13 November 2001 09:52, Ethan Benson wrote:
> 2.4 is also especially problematic on i386 since you have to fit it on
> all these archaic 1.22MB floppies and such.
Hmm, I thought the 2.4 kernel was quite compact, and sometimes smaller, when
On Tue, Nov 13, 2001 at 09:02:46AM +0100, Stefan Schwandter wrote:
> On Mon, Nov 12, 2001 at 04:54:04PM -0900, Ethan Benson wrote:
>
> > > Which makes me wonder, why ship Woody with 2.2.20 at all? Oh well, not
> > > my decision.
>
> > because 2.4 is not stable yet.
>
> Hmmm... I think it will ta
On Mon, Nov 12, 2001 at 04:54:04PM -0900, Ethan Benson wrote:
> > Which makes me wonder, why ship Woody with 2.2.20 at all? Oh well, not
> > my decision.
> because 2.4 is not stable yet.
Hmmm... I think it will take some months before woody is released. Don't
you think 2.4 will have stabilized e
On Tue, Nov 13, 2001 at 09:02:46AM +0100, Stefan Schwandter wrote:
> On Mon, Nov 12, 2001 at 04:54:04PM -0900, Ethan Benson wrote:
>
> > > Which makes me wonder, why ship Woody with 2.2.20 at all? Oh well, not
> > > my decision.
>
> > because 2.4 is not stable yet.
>
> Hmmm... I think it will t
On Mon, Nov 12, 2001 at 04:54:04PM -0900, Ethan Benson wrote:
> > Which makes me wonder, why ship Woody with 2.2.20 at all? Oh well, not
> > my decision.
> because 2.4 is not stable yet.
Hmmm... I think it will take some months before woody is released. Don't
you think 2.4 will have stabilized
On 2001-11-12 16:54 Ethan Benson wrote:
On Tue, Nov 13, 2001 at 10:10:10AM +0900, Howland, Curtis wrote:
CH> Which makes me wonder, why ship Woody with 2.2.20 at all? Oh well, not
CH> my decision.
EB> because 2.4 is not stable yet.
*applause* I was hoping for that. Great decision. In fact the o
On 2001-11-12 16:54 Ethan Benson wrote:
On Tue, Nov 13, 2001 at 10:10:10AM +0900, Howland, Curtis wrote:
CH> Which makes me wonder, why ship Woody with 2.2.20 at all? Oh well, not
CH> my decision.
EB> because 2.4 is not stable yet.
*applause* I was hoping for that. Great decision. In fact the
On Mon, Nov 12, 2001 at 05:54:04PM -0800, Ethan Benson wrote:
> On Tue, Nov 13, 2001 at 10:10:10AM +0900, Howland, Curtis wrote:
> > I will gladly grant that the tar file may not exist for the boot
> > floppies, and that I do not have on hand the CD to check it. It also
> may
> > have been a Potato
On Tue, Nov 13, 2001 at 10:10:10AM +0900, Howland, Curtis wrote:
> I will gladly grant that the tar file may not exist for the boot
> floppies, and that I do not have on hand the CD to check it. It also may
> have been a Potato(e) phenominon, no longer in use. However, it did
> exist.
yes releases
y off topic no matter how interesting. Thanks to
everyone for their help and advice, we shall see.
Curt-
-Original Message-
From: Henrique de Moraes Holschuh [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 13, 2001 09:53
To: Howland, Curtis
Cc: debian-security@lists.debian.org
Subject: Re: Vulnera
On Tue, Nov 13, 2001 at 09:41:54AM +0900, Howland, Curtis wrote:
> The tar file that contains the "base" Woody install, which is used as
> the jumping off point for installation.
there is no such thing.
> The tar file has binary kernel, /boot, /proc and other directories, I'm
> not sure exactly w
On Tue, 13 Nov 2001, Howland, Curtis wrote:
> The tar file that contains the "base" Woody install, which is used as
> the jumping off point for installation.
There isn't one, at least not for bootflopies. We use debootstrap to fetch
the most up-to-date packages of that distribution and install the
ssages from modutils on
both boot-up and shutdown about version conflicts and missing modules.
Curt-
-Original Message-
From: Ethan Benson [mailto:[EMAIL PROTECTED]
Sent: Tuesday, November 13, 2001 09:33
To: debian-security@lists.debian.org
Subject: Re: Vulnerable SSH versions
On Tue, N
On Tue, Nov 13, 2001 at 09:25:29AM +0900, Howland, Curtis wrote:
> Thanks.
>
> I've been keeping it up to date weekly or so, but just to be sure I
> changed the sources.list to be "... potato/..." instead of "...
> stable/..." for when "stable" changes.
>
> Even a blank-disk install of Woody wasn
01 09:15
To: debian-security@lists.debian.org
Subject: Re: Vulnerable SSH versions
On Tue, Nov 13, 2001 at 09:02:56AM +0900, Howland, Curtis wrote:
> A quick question concerning such things...
>
> I have a remote server that I do not trust myself to upgrade from
> Potato(e) to Woody,
On Tue, Nov 13, 2001 at 09:02:56AM +0900, Howland, Curtis wrote:
> A quick question concerning such things...
>
> I have a remote server that I do not trust myself to upgrade from
> Potato(e) to Woody, and such vulnerabilities do worry me a little. Is
> there any general expectation that such "bac
Previously Howland, Curtis wrote:
> I have a remote server that I do not trust myself to upgrade from
> Potato(e) to Woody, and such vulnerabilities do worry me a little. Is
> there any general expectation that such "back porting" will continue
> once Woody is released?
I expect only for a limited
--Original Message-
From: Jo Fahlke [mailto:[EMAIL PROTECTED]
Sent: Monday, November 12, 2001 19:45
To: Michal Kara
Cc: debian-security@lists.debian.org
Subject: Re: Vulnerable SSH versions
Am Mon, 12. Nov 2001, 11:30:49 +0100 schrieb Michal Kara:
> Hi there!
>
> During this week
On Mon, Nov 12, 2001 at 05:54:04PM -0800, Ethan Benson wrote:
> On Tue, Nov 13, 2001 at 10:10:10AM +0900, Howland, Curtis wrote:
> > I will gladly grant that the tar file may not exist for the boot
> > floppies, and that I do not have on hand the CD to check it. It also
> may
> > have been a Potat
On Tue, Nov 13, 2001 at 10:10:10AM +0900, Howland, Curtis wrote:
> I will gladly grant that the tar file may not exist for the boot
> floppies, and that I do not have on hand the CD to check it. It also may
> have been a Potato(e) phenominon, no longer in use. However, it did
> exist.
yes release
y off topic no matter how interesting. Thanks to
everyone for their help and advice, we shall see.
Curt-
-Original Message-
From: Henrique de Moraes Holschuh [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 13, 2001 09:53
To: Howland, Curtis
Cc: [EMAIL PROTECTED]
Subject: Re: Vulnerable SSH versi
On Tue, Nov 13, 2001 at 09:41:54AM +0900, Howland, Curtis wrote:
> The tar file that contains the "base" Woody install, which is used as
> the jumping off point for installation.
there is no such thing.
> The tar file has binary kernel, /boot, /proc and other directories, I'm
> not sure exactly
On Tue, 13 Nov 2001, Howland, Curtis wrote:
> The tar file that contains the "base" Woody install, which is used as
> the jumping off point for installation.
There isn't one, at least not for bootflopies. We use debootstrap to fetch
the most up-to-date packages of that distribution and install th
ssages from modutils on
both boot-up and shutdown about version conflicts and missing modules.
Curt-
-Original Message-
From: Ethan Benson [mailto:[EMAIL PROTECTED]]
Sent: Tuesday, November 13, 2001 09:33
To: [EMAIL PROTECTED]
Subject: Re: Vulnerable SSH versions
On Tue, Nov 13, 2001 at
On Tue, Nov 13, 2001 at 09:25:29AM +0900, Howland, Curtis wrote:
> Thanks.
>
> I've been keeping it up to date weekly or so, but just to be sure I
> changed the sources.list to be "... potato/..." instead of "...
> stable/..." for when "stable" changes.
>
> Even a blank-disk install of Woody was
2001 09:15
To: [EMAIL PROTECTED]
Subject: Re: Vulnerable SSH versions
On Tue, Nov 13, 2001 at 09:02:56AM +0900, Howland, Curtis wrote:
> A quick question concerning such things...
>
> I have a remote server that I do not trust myself to upgrade from
> Potato(e) to Woody, and such vul
On Tue, Nov 13, 2001 at 09:02:56AM +0900, Howland, Curtis wrote:
> A quick question concerning such things...
>
> I have a remote server that I do not trust myself to upgrade from
> Potato(e) to Woody, and such vulnerabilities do worry me a little. Is
> there any general expectation that such "ba
Previously Howland, Curtis wrote:
> I have a remote server that I do not trust myself to upgrade from
> Potato(e) to Woody, and such vulnerabilities do worry me a little. Is
> there any general expectation that such "back porting" will continue
> once Woody is released?
I expect only for a limite
--Original Message-
From: Jo Fahlke [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 12, 2001 19:45
To: Michal Kara
Cc: [EMAIL PROTECTED]
Subject: Re: Vulnerable SSH versions
Am Mon, 12. Nov 2001, 11:30:49 +0100 schrieb Michal Kara:
> Hi there!
>
> During this weekend, there has b
* Michal Kara <[EMAIL PROTECTED]> [02 11:35]:
> Hi there!
Hi
> During this weekend, there has been paper posted to bugtraq named
> "Analysis of SSH crc32 compensation attack detector exploit". It
> talks about a recorded successful exploit using overflow in CRC32
> compensation atta
Am Mon, 12. Nov 2001, 11:30:49 +0100 schrieb Michal Kara:
> Hi there!
>
> During this weekend, there has been paper posted to bugtraq named "Analysis
> of
> SSH crc32 compensation attack detector exploit". It talks about a recorded
> successful exploit using overflow in CRC32 compensation att
On Mon, Nov 12, 2001 at 11:30:49AM +0100, Michal Kara wrote:
> Hi there!
>
> During this weekend, there has been paper posted to bugtraq named "Analysis
> of
> SSH crc32 compensation attack detector exploit". It talks about a recorded
> successful exploit using overflow in CRC32 compensation
Hi there!
During this weekend, there has been paper posted to bugtraq named "Analysis of
SSH crc32 compensation attack detector exploit". It talks about a recorded
successful exploit using overflow in CRC32 compensation attack detection code, a
hole, which was discovered in February this year.
* Michal Kara <[EMAIL PROTECTED]> [02 11:35]:
> Hi there!
Hi
> During this weekend, there has been paper posted to bugtraq named
> "Analysis of SSH crc32 compensation attack detector exploit". It
> talks about a recorded successful exploit using overflow in CRC32
> compensation att
Am Mon, 12. Nov 2001, 11:30:49 +0100 schrieb Michal Kara:
> Hi there!
>
> During this weekend, there has been paper posted to bugtraq named "Analysis of
> SSH crc32 compensation attack detector exploit". It talks about a recorded
> successful exploit using overflow in CRC32 compensation attac
On Mon, Nov 12, 2001 at 11:30:49AM +0100, Michal Kara wrote:
> Hi there!
>
> During this weekend, there has been paper posted to bugtraq named "Analysis of
> SSH crc32 compensation attack detector exploit". It talks about a recorded
> successful exploit using overflow in CRC32 compensation at
Hi there!
During this weekend, there has been paper posted to bugtraq named "Analysis of
SSH crc32 compensation attack detector exploit". It talks about a recorded
successful exploit using overflow in CRC32 compensation attack detection code, a
hole, which was discovered in February this year
48 matches
Mail list logo
