On 10802 March 1977, Florent Rougon wrote:
> 1. There is also:
> * Entry created: /00/00 00:00:00 UTC
> * Entry modified: /00/00 00:00:00 UTC
Those fields could be removed and not shown, that would "fix" this. Its
just that in the past we had those filled in, now we d
On 10803 March 1977, Kurt Roeckx wrote:
> I assume you've used https and that you verified the certificate?
> And saw that it was issued by SPI? And then you looked up SPI's
> certificate? And you found that there is a text file with the SHA1 and
> MD5 sum signed by Wichert Akkerman?
> For those
On 10803 March 1977, Florent Rougon wrote:
> but unfortunately:
> % md5sum /etc/ssl/certs/spi-ca.pem
> 33922a1660820e44812e7ddc392878cb /etc/ssl/certs/spi-ca.pem
> And reading /etc/ssl/certs/spi-ca.pem is not very enlightening:
> It would be nice to have the whole procedure for verifying the
On 10855 March 1977, Santiago Garcia Mantinan wrote:
> I've just saw the DSA and I cannot find amd64 on it, furthermore, when I
> tried to update a sarge amd64 machine it cannot find the update is ut
> delayed or has amd64 been forgotten?
There has been a mail problem on klecker.debian.org. While
On 11320 March 1977, Filipus Klutiero wrote:
> This statement is in a security announcement. Martin Schulze confirmed that
> he
> wrote the statement. Does the security team think that oldstable security
> support duration is something to be proud of?
Yes, it is, and people visiting the Debian
On 11369 March 1977, Goswin von Brederlow wrote:
> FTP-master asked me on irc to get permission from you (debian-security)
> for splitting up ia32-libs into multiple source packages before going
> any further.
I asked to get the opinion from the security team about the new package
scheme, as they
On 11414 March 1977, Martin Bartenberger wrote:
> Now I want to find out which contrib and non-free packages are installed
> on my servers. Is there any special command or script for this or do I
> have to write one?
vrms
--
bye, Joerg
Some NM:
graphviz: ouch, that license is hard to read, damn
On 14527 March 1977, Christoph Biedl wrote:
> Well, this creates trust for the path until (but excluding) that
> particular mirror only. Can I trust the mirror? And even if, there's no
> guarantee the mirror got the data through a trusted path.
And why the heck would you ever trust any mirror? If
On 16550 March 1977, Marc Haber wrote:
I just wanted to reach out to the security team whether you're ok with
me closing #428770. Of course, you're also free to write to
428770-done@b.d.o yourself.
This is *not* the security teams contact.
Try t...@security.debian.org if you want them.
--
by
On 17077 March 1977, Stephan Verbücheln wrote:
How can Debian deal with this? Should Debian intervene to prevent the
worst?
We, as Debian, look and wait what comes out. And then *MAY* at some
point decide to add (or switch to) a new thing, if that appears better.
Also, it will be a high bar f
On 17184 March 1977, Gian Piero Carrubba wrote:
Due to recent events, the point release has been postponed. A new date
will be announced when possible.
Given the centrality of xz, and standing that AFAIK the intricacies of
the attack are not yet fully understood, should we expect a complete
re
>> The side-effect of that is that you are now listing only the source
>> package name, and not anymore the binary package names. But to do the
>> upgrade, the administrator of the machine has to select the binary
>> packages for upgrade, or, to check if the testing/sid version the
>> machine has
>> In addition, several Zope applications, like Plone, require a specific
>> Zope version. Therefore, we also would like to be able to offer, at the
>> same time, several major versions of Zope (2.12 and 2.13 for example),
>> like we once did for Zope 2.9 and 2.10, and like we do for versio
On 12686 March 1977, Moritz Muehlenhoff wrote:
> Previously announced security updates for the old release will continue
> to be available on security.debian.org.
You might want to qualify this statement.
We will NOT have them there unlimited.
A few weeks or something after the last Lenny point
[EMAIL PROTECTED] (Sami Juvonen) writes:
> Also note that the Debian packages for Cyrus are old, from a
> branch that is not being developed any more. I think your
> best bet is to download the source and compile your own. That's
> what I'm doing for a family-and-friends mailserver. I might
> co
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> Culd someone explain why is there a root shell prompt for the
> Linux kernel:
> "Press ENTER to obtain a shell" (waits 5 seconds)
> 1.- an explanation on why this is shipped by default (to add it to the
> "Securing Debian Manual"
[EMAIL PROTECTED] (Sami Juvonen) writes:
> Also note that the Debian packages for Cyrus are old, from a
> branch that is not being developed any more. I think your
> best bet is to download the source and compile your own. That's
> what I'm doing for a family-and-friends mailserver. I might
> com
Javier Fernández-Sanguino Peña <[EMAIL PROTECTED]> writes:
> Culd someone explain why is there a root shell prompt for the
> Linux kernel:
> "Press ENTER to obtain a shell" (waits 5 seconds)
> 1.- an explanation on why this is shipped by default (to add it to the
> "Securing Debian Manual"
Dale Amon <[EMAIL PROTECTED]> writes:
> For one, I've never seen the requirement for /var/empty
> pop up before, which makes me think debian has things
> built differently than I.
apt-get source ssh and look into debian/rules to see what the
Maintainer does?!
--
begin OjE-ist-scheisse.txt
bye,
19 matches
Mail list logo
