DSAa mention which unstable package provides a fix. What
happens for something like 2.6.20, which doesn't exist in stable?
[0] http://www.debian.org/security/
[1] http://www.debian.org/security/faq#testing
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sou
On Wed, 2 May 2007 15:02:57 -0600
dann frazier <[EMAIL PROTECTED]> wrote:
> On Wed, May 02, 2007 at 04:33:15PM -0400, Celejar wrote:
> > > CVE ID : CVE-2007-0005 CVE-2007-0958 CVE-2007-1357 CVE-2007-1592
> > 2) The advisory doesn't mention unstable, but thre
On Wed, 2 May 2007 23:13:30 +0200
Stefan Fritsch <[EMAIL PROTECTED]> wrote:
> Hi,
>
> On Mittwoch, 2. Mai 2007, Celejar wrote:
> > Dann Frazier <[EMAIL PROTECTED]> wrote:
> > > Package: linux-2.6
> > > Vulnerability : several
> > > P
hat program are you surfing?
Where is that text displayed? The cmd.exe line looks like someone
trying to open the windows command shell; the next line looks like
someone trying to capture some data from your system and ftp it
outwards. I'm just guessing, but it does appear to be a threat.
Cele
ed dynamically by my ISP; it differs every time I
> > log in. But I do have vino-server running. I'm going to check on that.
> >
> > thanks
Just for the record, I apparently interpreted the ftp business backward
in my earlier post; pulling in, not sending out.
Celejar
w.debian.org/doc/manuals/securing-debian-howto/ch12.en.html
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". T
t up as an authorized ssh user who
> shouldn't have been. Their account was cracked, then the cracker got root
> access and installed a daemon that was ready to attack another server.
Just curious; anyone can forget a user account, but how did the
attacker get ro
as can be accomplished with a firewall? Even if the answer is yes, my
point about simplicity remains.
I may be off base here; I'm just expressing my (limited) understanding
of the issue.
> Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/>
Cele
network turned out to be due to renaming or adding an
interface or something similar and neglecting to reconfigure
shorewall ...
> Cheers, English is essentially Plattdeutsch as spoken
> Rick Moenby a Frisian pretending to be French.
Celejar
--
mailmi
filtering and monitoring executable
signatures doesn't catch malware that communicates with the outside
world via standard system apps / utilities using standard ports, e.g.
wget or even ssh.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge
ing on socket 631 (UDP) on
> every interface.
Can someone help me out with this?
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsub
On Sun, 7 Oct 2007 14:00:16 -0600
Rob Sims <[EMAIL PROTECTED]> wrote:
> On Sun, Oct 07, 2007 at 09:18:27PM +0200, Markus Maria Miedaner wrote:
> > On Sun, Oct 07, 2007 at 02:47:32PM -0400, you (Celejar) wrote:
> > > Hi,
> > >
> > > I have a p
. The page looks good, although the printer printed three
copies - not sure if that's something I asked for by mistake, some
misconfiguration on my part (although I've printed many test pages
before without this problem), or an actual problem with gs.
This is a Brother HL2280DW, printing via local network, using Brother's
proprietary drivers.
Celejar
ts documentation) should be considered to have
an 'important' bug ;)
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662960#51
Celejar
9.0.5-1.
>
> We recommend that you upgrade your xulrunner packages.
On my Sid box, I only have 'xulrunner-1.9' from the official repo, and
xulrunner only from 'debian-multimedia.org'. Shouldn't the DSA mention
'xulrunner-1.9'?
Celejar
--
mailmin.sourceforge.net
On Thu, 15 Jan 2009 04:13:45 +0100
Cyril Brulebois wrote:
> Celejar (14/01/2009):
> > > We recommend that you upgrade your xulrunner packages.
> >
> > On my Sid box, I only have 'xulrunner-1.9' from the official repo, and
> > xulrunner only from 'd
On Thu, 15 Jan 2009 04:13:45 +0100
Cyril Brulebois wrote:
> Celejar (14/01/2009):
> > > We recommend that you upgrade your xulrunner packages.
> >
> > On my Sid box, I only have 'xulrunner-1.9' from the official repo, and
> > xulrunner only from 'd
On Fri, 16 Jan 2009 00:53:06 +0100
Cyril Brulebois wrote:
> Celejar (15/01/2009):
> > Is there any automatic way to check whether a given system has any of
> > the binary packages built from a given source package installed?
>
> (without any deb-src) It looks like the fo
On Fri, 16 Jan 2009 07:46:12 +0100
Cyril Brulebois wrote:
> Celejar (15/01/2009):
> > > (without any deb-src) It looks like the following does what you want:
> > > | grep-status -sPackage -F Package $source_package
> > >
> > > Works for me with blender
On Thu, 29 Jan 2009 11:52:59 -0800
Rick Moen wrote:
...
> Matt Moen (no relation, but a friend) has done ground-breaking
> research/comedy -- yes, it really was both at the same time -- on this
> subject: http://www.linux.com/articles/42031
ROtFL! His writeup is utterly hilarious.
fool"
http://www.shorewall.net/shoreline.htm
:)
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe"
files must be protected, not the entire /etc.
I'm sure he knows it's an error; his point is just that it's not
exploitable.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator
--
To UNSUBSCRI
h a PGP
> privat key ,just messages have been separated into parts with 8 char length
> .(sniff shows that)
Gajim apparently supports GnuPG. I haven't tried it.
Celejar
--
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and
buffer overflow and
> possible arbitrary code execution. (CVE-2009-0692)
...
> For the unstable distribution (sid), these problems will be fixed
> soon.
>
> We recommend that you upgrade your dhcp3 packages.
Would it be a good idea to use something like udhcpc in the interim?
Celejar
I be sure that the package I download is the one
he uploaded?
This is largely an academic question, since in the real world, this is
probably secure enough for my needs, but I'd like to know if there's a
Right Way to do this.
Celejar
--
mailmin.sourceforge.net - remote access via se
On Tue, 8 Sep 2009 12:01:09 +1000
Morgan Storey wrote:
> Hi Celejar,
>
> You can get him to PGP/GPG sign the package, then just verify it with
> his public key, or simply mdsum and sha1sum the package. There are MD5
> collisions so someone could make a package of the same size
and most work for you, you can fetch the source, assuming the
> dsc file is signed, and build your own package.
Thanks for the information. The package in question actually made it
into the repo shortly after I began this thread, but this is good to
know for the next time t
tiple ports are only necessary for running multiple clients (or
instances of the same client); one client can run multiple torrents out
of the same port.
Celejar
--
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) emai
ldn't that be serious?
>
> Tor hidden services can not only be used to hide the location of a
> server, but they also provide alternative end-to-end encryption,
> independent from SSL CA's.
The OP was asking for authentication, not encryption.
Celejar
--
To UNSUBSCRIBE
On Tue, 29 Oct 2013 10:32:26 -0200
Djones Boni <07ea86b...@gmail.com> wrote:
> On 29-10-2013 09:56, Celejar wrote:
> > The OP was asking for authentication, not encryption. Celejar
> Tor HS addresses are self authenticating (80 bits of entropy).
Okay, but the message I was rep
On Tue, 29 Oct 2013 11:03:55 -0200
Djones Boni <07ea86b...@gmail.com> wrote:
> On 29-10-2013 10:49, Celejar wrote:
> > The question is not whether it's better than clear text over HTTP, but
> > whether it's better than SSL.
> *If no CA is compromized*, I think
n security site doesn't offer SSL, right?
> >>> If an attacker can MITM an organization that uses Debian, then they can
> >>> MITM the Debian security page and control what security bulletins that
> >>> organization can access.
> >>
> >> BTW: if
On Wed, 30 Oct 2013 10:34:15 -0200
Djones Boni <07ea86b...@gmail.com> wrote:
> On 30-10-2013 09:51, Celejar wrote:
> > Maybe I'm missing something, but the security of the apt system has
> > nothing to do with SSL - it uses GPG signatures. This discussion about
> &g
> calling that brought us here in the first place, however the NSA only
> needs one person.
A lot of people in this discussion seem to have your tacit assumption,
that the NSA and its tactics are fundamentally at odds with morality.
JFTR, many of us do not agree.
> JK Abrams
Celejar
-
On Mon, 20 Jan 2014 11:45:08 +0800
Paul Wise wrote:
> On Mon, Jan 20, 2014 at 7:27 AM, Celejar wrote:
>
> > A lot of people in this discussion seem to have your tacit assumption,
> > that the NSA and its tactics are fundamentally at odds with morality.
> > JFTR,
Don't forget that the NSA itself was subverted in exactly that manner -
someone joined pretending to be loyal to the organization, but was
really intent on undermining it ...
Celejar
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "
36 matches
Mail list logo
