eManager Notification *
The following mail was blocked since it contains sensitive content.
Source mailbox:
Destination mailbox(es): [EMAIL PROTECTED]
Policy: Attachment Removal
Attachment file name: your_picture.pif - application/octet-stream
Action: Replaced wi
On Tue, Mar 09, 2004 at 11:59:01AM -0800, Matt Zimmerman wrote:
> Anyone with the time and ability can work on a project like this without
> joining the security team. Mozilla in particular is a huge amount of
> work to bring up to date and so far no one has found it critical enough
> relative to
On Wed, Mar 10, 2004 at 04:58:14PM +1100, Russell Coker wrote:
> > I suspect that the problem can be with old glibc (2.2.5) but I'm not
> > sure. Because that I'd like to ask should I backport glibc from sarge?
>
> There have been some changes to the way libxattr works. From memory I think
> tha
On Wed, 10 Mar 2004 21:26, "Milan P. Stanic" <[EMAIL PROTECTED]> wrote:
> > There have been some changes to the way libxattr works. From memory I
> > think that you needed an extra -l option on the link command line when
> > compiling with old libc6. I can't remember whether it was linking the
>
On Wed, Mar 10, 2004 at 10:04:38PM +1100, Russell Coker wrote:
> > So, the question: how can I link libattr to libselinux1?
>
> Edit src/Makefile and add -lattr in the $(CC) line for $(LIBSO).
That is. I just rebuilt policycoreutils and pam with libselinux1
which is linked with libattr and it was
Jan Lühr wrote:
> So is mozilla the forgotten package? Considering how popular mozilla is,
> making it secure would be worth the effort - imho.
How many of Mozilla's security bugs which are fix during routine
upgrades are discussed publicly? Can they be backported easily?
--
Current mail filt
Greetings,
Am Mittwoch, 10. März 2004 17:06 schrieben Sie:
> Jan Lühr wrote:
> > So is mozilla the forgotten package? Considering how popular mozilla is,
> > making it secure would be worth the effort - imho.
>
> How many of Mozilla's security bugs which are fix during routine
> upgrades are disc
On Wed, Mar 10, 2004 at 05:06:12PM +0100, Florian Weimer wrote:
> Jan L?hr wrote:
>
> > So is mozilla the forgotten package? Considering how popular mozilla is,
> > making it secure would be worth the effort - imho.
>
> How many of Mozilla's security bugs which are fix during routine
> upgrades
Jan Lühr wrote:
> Am Mittwoch, 10. März 2004 17:06 schrieben Sie:
> > Jan Lühr wrote:
> > > So is mozilla the forgotten package? Considering how popular mozilla is,
> > > making it secure would be worth the effort - imho.
> >
> > How many of Mozilla's security bugs which are fix during routine
> >
On Wed, Mar 10, 2004 at 07:44:11PM +0100, Florian Weimer wrote:
> Hmm, has there been any Mozilla security update for woody? This looks
> like a *lot* of work. Maybe it's better to take some other
> distribution's Mozilla 1.4 package and ship that. 8->
That's highly unlikely to happen. It's bee
Noah Meyerhans wrote:
> On Wed, Mar 10, 2004 at 07:44:11PM +0100, Florian Weimer wrote:
> > Hmm, has there been any Mozilla security update for woody? This looks
> > like a *lot* of work. Maybe it's better to take some other
> > distribution's Mozilla 1.4 package and ship that. 8->
>
> That's h
On Wed, Mar 10, 2004 at 02:34:44PM -0500, Noah Meyerhans wrote:
> It was, generally, a fairly painful experience, and although I did get
> some patches applied (and tested!) I never felt like I made significant
> progress toward fixing all the known bugs.
This was my feeling as well, applying
On Wed, Mar 10, 2004 at 08:48:02PM +0100, Florian Weimer wrote:
> Noah Meyerhans wrote:
Hi,
> > That's highly unlikely to happen. It's been discussed before. In fact,
> > at one point somebody uploaded mozilla 1.0.2 to stable-proposed-updates,
> > but that was rejected. Apparently, although th
On Wed, Mar 10, 2004 at 01:29:16PM +0100, Milan P. Stanic wrote:
> That is. I just rebuilt policycoreutils and pam with libselinux1
> which is linked with libattr and it was smooth.
> Now I have to backport coreutils and sysvinit, huh.
Hate to reply myself, but I'd like to inform you that I backp
Sven Hoexter wrote:
> > Okay, if that's the case, I'm going to start a campaign for including
> > Mozilla 1.4 (plus fixes) in stable.
> Well why just include 1.4 and not 1.6?
AFAIK, 1.4 is the more stable branch, and fixes are still backported to
it (at least by MandrakeSoft 8-).
--
Current ma
* Sven Hoexter wrote:
> On Wed, Mar 10, 2004 at 08:48:02PM +0100, Florian Weimer wrote:
[...]
> > Okay, if that's the case, I'm going to start a campaign for
> > including Mozilla 1.4 (plus fixes) in stable.
>
> Well why just include 1.4 and not 1.6? I know that the backports.org
> mozilla package
On Thu, 11 Mar 2004 08:22, "Milan P. Stanic" <[EMAIL PROTECTED]> wrote:
> On Wed, Mar 10, 2004 at 01:29:16PM +0100, Milan P. Stanic wrote:
> > That is. I just rebuilt policycoreutils and pam with libselinux1
> > which is linked with libattr and it was smooth.
> > Now I have to backport coreutils an
eManager Notification *
The following mail was blocked since it contains sensitive content.
Source mailbox: <[EMAIL PROTECTED]>
Destination mailbox(es): [EMAIL PROTECTED]
Policy: Attachment Removal
Attachment file name: your_picture.pif - application/octet-stream
On Tue, Mar 09, 2004 at 11:59:01AM -0800, Matt Zimmerman wrote:
> Anyone with the time and ability can work on a project like this without
> joining the security team. Mozilla in particular is a huge amount of
> work to bring up to date and so far no one has found it critical enough
> relative to
On Wed, Mar 10, 2004 at 04:58:14PM +1100, Russell Coker wrote:
> > I suspect that the problem can be with old glibc (2.2.5) but I'm not
> > sure. Because that I'd like to ask should I backport glibc from sarge?
>
> There have been some changes to the way libxattr works. From memory I think
> tha
On Wed, 10 Mar 2004 21:26, "Milan P. Stanic" <[EMAIL PROTECTED]> wrote:
> > There have been some changes to the way libxattr works. From memory I
> > think that you needed an extra -l option on the link command line when
> > compiling with old libc6. I can't remember whether it was linking the
>
On Wed, Mar 10, 2004 at 10:04:38PM +1100, Russell Coker wrote:
> > So, the question: how can I link libattr to libselinux1?
>
> Edit src/Makefile and add -lattr in the $(CC) line for $(LIBSO).
That is. I just rebuilt policycoreutils and pam with libselinux1
which is linked with libattr and it was
Jan Lühr wrote:
> So is mozilla the forgotten package? Considering how popular mozilla is,
> making it secure would be worth the effort - imho.
How many of Mozilla's security bugs which are fix during routine
upgrades are discussed publicly? Can they be backported easily?
--
Current mail filt
Greetings,
Am Mittwoch, 10. März 2004 17:06 schrieben Sie:
> Jan Lühr wrote:
> > So is mozilla the forgotten package? Considering how popular mozilla is,
> > making it secure would be worth the effort - imho.
>
> How many of Mozilla's security bugs which are fix during routine
> upgrades are disc
On Wed, Mar 10, 2004 at 05:06:12PM +0100, Florian Weimer wrote:
> Jan L?hr wrote:
>
> > So is mozilla the forgotten package? Considering how popular mozilla is,
> > making it secure would be worth the effort - imho.
>
> How many of Mozilla's security bugs which are fix during routine
> upgrades
Jan Lühr wrote:
> Am Mittwoch, 10. März 2004 17:06 schrieben Sie:
> > Jan Lühr wrote:
> > > So is mozilla the forgotten package? Considering how popular mozilla is,
> > > making it secure would be worth the effort - imho.
> >
> > How many of Mozilla's security bugs which are fix during routine
> >
On Wed, Mar 10, 2004 at 07:44:11PM +0100, Florian Weimer wrote:
> Hmm, has there been any Mozilla security update for woody? This looks
> like a *lot* of work. Maybe it's better to take some other
> distribution's Mozilla 1.4 package and ship that. 8->
That's highly unlikely to happen. It's bee
Noah Meyerhans wrote:
> On Wed, Mar 10, 2004 at 07:44:11PM +0100, Florian Weimer wrote:
> > Hmm, has there been any Mozilla security update for woody? This looks
> > like a *lot* of work. Maybe it's better to take some other
> > distribution's Mozilla 1.4 package and ship that. 8->
>
> That's h
On Wed, Mar 10, 2004 at 02:34:44PM -0500, Noah Meyerhans wrote:
> It was, generally, a fairly painful experience, and although I did get
> some patches applied (and tested!) I never felt like I made significant
> progress toward fixing all the known bugs.
This was my feeling as well, applying
On Wed, Mar 10, 2004 at 08:48:02PM +0100, Florian Weimer wrote:
> Noah Meyerhans wrote:
Hi,
> > That's highly unlikely to happen. It's been discussed before. In fact,
> > at one point somebody uploaded mozilla 1.0.2 to stable-proposed-updates,
> > but that was rejected. Apparently, although th
On Wed, Mar 10, 2004 at 01:29:16PM +0100, Milan P. Stanic wrote:
> That is. I just rebuilt policycoreutils and pam with libselinux1
> which is linked with libattr and it was smooth.
> Now I have to backport coreutils and sysvinit, huh.
Hate to reply myself, but I'd like to inform you that I backp
Sven Hoexter wrote:
> > Okay, if that's the case, I'm going to start a campaign for including
> > Mozilla 1.4 (plus fixes) in stable.
> Well why just include 1.4 and not 1.6?
AFAIK, 1.4 is the more stable branch, and fixes are still backported to
it (at least by MandrakeSoft 8-).
--
Current ma
* Sven Hoexter wrote:
> On Wed, Mar 10, 2004 at 08:48:02PM +0100, Florian Weimer wrote:
[...]
> > Okay, if that's the case, I'm going to start a campaign for
> > including Mozilla 1.4 (plus fixes) in stable.
>
> Well why just include 1.4 and not 1.6? I know that the backports.org
> mozilla package
On Thu, 11 Mar 2004 08:22, "Milan P. Stanic" <[EMAIL PROTECTED]> wrote:
> On Wed, Mar 10, 2004 at 01:29:16PM +0100, Milan P. Stanic wrote:
> > That is. I just rebuilt policycoreutils and pam with libselinux1
> > which is linked with libattr and it was smooth.
> > Now I have to backport coreutils an
34 matches
Mail list logo
