On 31/03/2024 11:46, David Wright wrote:
Double-clicking on the directory
mounts it and displays the files in it. Opening a text file
displays it. At least for a small file, FF does not hold the
file open, so I can immediately unmount the stick.
Gmail may do something more fancy
- https://devel
On Sat 30 Mar 2024 at 21:06:27 (+0200), Antti-Pekka Känsälä wrote:
> I was able to replicate this, by trying to send gmail to myself in Firefox,
> attaching a binary on a mounted USB stick.
Did you mount the stick yourself as a user (ie there's an
fstab entry for it), or as root, or does an automo
On 30/03/2024 22:54, Tim Woodall wrote:
I'm unclear whether backports is allowed to depend on -updates
You have not mentioned bookworm-security.
contrib : non-free non-free-firmware main
non-free : non-free-firmware main
non-free-firmware :
On 3/30/24 08:17, Antti-Pekka Känsälä wrote:
What could be the deal, when Firefox tries to stop me from unmounting a
stick, after I've accessed files on it through Firefox? I worry about my
stick security. Thanks.
Linux knows what files are open on each file system. If you try to
unmount a
Richmond writes:
> When playing videos in a web browser, and sending the sound to a
> bluetooth speaker (amazon echo) I get playback problems; stuttering,
> sound quality reduction to AM radio level or lower). These things can
> clear up after a minute or two, or be reduced.
>
> When playing from
Hi,
On Sat, Mar 30, 2024 at 08:57:14PM +, fxkl4...@protonmail.com wrote:
> so is this a threat to us normal debian users
If you have to ask, i.e. you do not know how to check that your
Debian install is secured against extremely well known recent
exploits that have been plastered across the e
On 2024-03-30, fxkl4...@protonmail.com wrote:
> so is this a threat to us normal debian users
> if so how do we fix it
Debian stable is not affected, Debian testing, unstable and
experimental must be updated.
https://lists.debian.org/debian-security-announce/2024/msg00057.html
so is this a threat to us normal debian users
if so how do we fix it
On Sat, 30 Mar 2024, Jeffrey Walton wrote:
> It looks like more analysis has revealed this is a RCE with the
> payload in the modulus of a public key: "The payload is extracted from
> the N value (the public key) passed to RSA_p
I'd just like to add that I have seen the problem despite reinstalls with
Debian stable minor versions. Thanks!
It looks like more analysis has revealed this is a RCE with the
payload in the modulus of a public key: "The payload is extracted from
the N value (the public key) passed to RSA_public_decrypt, checked
against a simple fingerprint, and decrypted with a fixed ChaCha20 key
before the Ed448 signature
On Sat, Mar 30, 2024 at 07:32:16PM +0200, Antti-Pekka Känsälä wrote:
> Yes, closing Firefox does allow the stick to unmount cleanly, but I still
> worry.
To get an idea of what's going on, you can use "lsof":
tomas@trotzki:~$ lsof /dev/sda1
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE
I can replicate this, by trying to send Gmail to myself in Firefox,
attaching a binary on a mounted USB stick. After the attachment supposedly
was uploaded, I tried to unmount the stick, but it blocked. "lsof | grep -i
KINGSTON" then shows a total of 129 lines from "x-www-browser". This lasted
for
I was able to replicate this, by trying to send gmail to myself in Firefox,
attaching a binary on a mounted USB stick. After the attachment supposedly
was uploaded, I tried to unmount the stick, but it blocks. "lsof | grep -i
KINGSTON" then shows a total of 129 lines from "x-www-browser". This last
On Sat, 30 Mar 2024 17:17:52 +0200
Antti-Pekka Känsälä wrote:
> What could be the deal, when Firefox tries to stop me from unmounting
> a stick, after I've accessed files on it through Firefox? I worry
> about my stick security. Thanks.
It sounds like Firefox has a file open on the stick. To c
On Sat, Mar 30, 2024 at 1:19 PM gene heskett wrote:
>
> On 3/30/24 11:36, Antti-Pekka Känsälä wrote:
> > What could be the deal, when Firefox tries to stop me from unmounting a
> > stick, after I've accessed files on it through Firefox? I worry about
> > my stick security. Thanks.
>
> Since this
Yes, closing Firefox does allow the stick to unmount cleanly, but I still
worry.
On 3/30/24 11:36, Antti-Pekka Känsälä wrote:
What could be the deal, when Firefox tries to stop me from unmounting a
stick, after I've accessed files on it through Firefox? I worry about
my stick security. Thanks.
Since this is normally a root operation, I'm confused. Likely what it
means i
On 2024-03-29, Andy Smith wrote:
> I wasn't trying to bait you in any way. The above was what I thought
> was a light-hearted way to say that I genuinely think you need to
> relax a little about things that are outside of your control. I'm
> sorry it wasn't taken that way and I get that you don't
Is there a wiki or something else that lays out exactly what other
distributions and components each debian (distribution,component) tuple
is allowed to depend on?
This is what I've concluded so far.
I'm assuming transitive dependencies are allowed, e.g.
bookworm-updates-contrib can depend on bo
What could be the deal, when Firefox tries to stop me from unmounting a
stick, after I've accessed files on it through Firefox? I worry about my
stick security. Thanks.
When playing videos in a web browser, and sending the sound to a
bluetooth speaker (amazon echo) I get playback problems; stuttering,
sound quality reduction to AM radio level or lower). These things can
clear up after a minute or two, or be reduced.
When playing from nvlc however I get no such pr
Hello,
On Fri, Mar 29, 2024 at 07:02:54PM +0100, Kamil Jo?ca wrote:
> O-o, is there any simple test to check if I have infected version or
> not?
For example, under root:
path="$(ldd $(which sshd) | grep liblzma | grep -o '/[^ ]*')"
if hexdump -ve '1/1 "%.2x"' "$path" | grep -q
f30f1efa55
22 matches
Mail list logo
