On Lu, 20 dec 21, 09:53:54, to...@tuxteam.de wrote:
> On Sun, Dec 19, 2021 at 01:44:35PM -0500, Polyna-Maude Racicot-Summerside
> wrote:
>
> [...]
>
> > Would you have some suggestion if I'd like to try out a Risc-V board ?
>
> Feeding your fave search engine with, e.g. single board computer +"
On Lu, 20 dec 21, 06:42:47, gene heskett wrote:
>
> The first arm board builder to give us two pcie slots or two net ports. or
> even 2 parports WILL OWN this market if the MSRP is under $100 with 2 gigs of
> ram. Ideal would be one pci-e, and one net port. SSD's can be put on the
> pi4's
> on
maxwillb wrote:
> https://security-tracker.debian.org/tracker/status/release/stable
>
> shows the list of packages currently considered vulnerable, but it does not
> show the severity.
Severity is a matter of opinion. The first opinion should be
based on whether the package is even installed. T
On Sat, Dec 25, 2021 at 12:07:26AM +0100, maxwillb wrote:
> https://security-tracker.debian.org/tracker/status/release/stable
>
> shows the list of packages currently considered vulnerable, but it does not
> show the severity.
>
> For example, https://nvd.nist.gov/vuln/detail/CVE-2021-37973 has
On Fri, Dec 24, 2021 at 08:32:14PM -0800, David Robert Newman wrote:
> I asked doas author Ted Unangst about this. His reply:
>
> > Sorry, only very limited env replacement can be done in setenv. root's
> > environment isn't available before the switch.
>
> Ergo, it is just as you suspected. Thi
December 25, 2021 1:51:39 PM CET "Andrew M.A. Cater"
wrote:On Sat, Dec 25, 2021 at 12:07:26AM +0100, maxwillb wrote:
> It's not as if people are massively dropping the ball here, in spite of your
> apprehension.
I'm sure Debian is doing its best. It's just that it's not enough:
https://securi
On Sat, Dec 25, 2021 at 12:07:26AM +0100, maxwillb wrote:
> No dev so much as bothered to click on the 'NVD' link?
>
> Merry Christmas!
Dear max, I am the ghost of Christmas Open Source and I encourage
you to ask for a full refund from Debian and all other volunteer
projects that you are unsatisf
[Sent by mistake to maxwillb only - forwarding to the list]
>From amaca...@einval.com Sat Dec 25 15:16:59 2021
Date: Sat, 25 Dec 2021 15:16:59 +
From: "Andrew M.A. Cater"
To: maxwillb
Subject: Re: How to see the list of CRITICALLY vulnerable packages in Debian?
Message-ID:
References: <4619
December 25, 2021 4:04:03 PM CET Andy Smith wrote:On Sat,
Dec 25, 2021 at 12:07:26AM +0100, maxwillb wrote:
> Dear max, I am the ghost of Christmas Open Source and I encourage you to ask
> for a full refund from Debian and all other volunteer projects that you are
> unsatisfied with!
I kn
On Sat, Dec 25, 2021 at 04:56:31PM +0100, maxwillb wrote:
>
>
> December 25, 2021 4:04:03 PM CET Andy Smith wrote:On
> Sat, Dec 25, 2021 at 12:07:26AM +0100, maxwillb wrote:
>
>
> > Dear max, I am the ghost of Christmas Open Source and I encourage you to
> > ask for a full refund from Debian
December 25, 2021 1:27:03 PM CET Dan Ritter
wrote:maxwillb wrote:
> Debian doesn't ship Google Chrome.
Chromium is a subset of Chrome. This vulnerability is in that subset. HTH
Merry Christmas!
--
Sent with https://mailfence.com
Secure and private email
On Ma, 21 dec 21, 05:31:31, Richard Owlett wrote:
> On 12/18/2021 08:55 AM, Andrei POPESCU wrote:
> > On Sb, 18 dec 21, 07:00:56, Richard Owlett wrote:
> > > >
> > > > Please demonstrate this by showing us the actual run of apt-file as well
> > > > as the output of
> > > >
> > > > dpkg -L b
On Saturday, December 25, 2021 10:26:06 AM Andrew M.A. Cater wrote:
> Hope this helps, as ever, Merry Christmas to all reading the list, by the
> w= ay
+1 (How's that for laziness ;-)
December 25, 2021 5:11:20 PM CET to...@tuxteam.de wrote:On Sat, Dec 25, 2021 at
04:56:31PM +0100, maxwillb wrote:
> some NVD database...
Do you know a better source that provides CVE impact metrics?
https://www.cvedetails.com/cve/CVE-2021-37973/
has this one too, but they list the outdated 6.8
On Sat, Dec 25, 2021 at 05:32:58PM +0100, maxwillb wrote:
> December 25, 2021 5:11:20 PM CET to...@tuxteam.de wrote:On Sat, Dec 25, 2021
> at 04:56:31PM +0100, maxwillb wrote:
>
> > some NVD database...
>
> Do you know a better source that provides CVE impact metrics?
That's not the point, and
On Ma, 21 dec 21, 10:13:07, Jeremy Ardley wrote:
> On 21/12/21 10:09 am, Jeremy Ardley wrote:s.
> > There is a type of attack called cross-site scripting (XSS). It's mostly
> > been eliminated by latest version browsers, but there are always
> > zero-day vulnerabilities.
> >
> > The effect is that
On Saturday, December 25, 2021 6:06:56 AM EST Andrei POPESCU wrote:
> On Lu, 20 dec 21, 06:42:47, gene heskett wrote:
> > The first arm board builder to give us two pcie slots or two net ports. or
> > even 2 parports WILL OWN this market if the MSRP is under $100 with 2 gigs
> > of ram. Ideal would
December 25, 2021 5:41:40 PM CET to...@tuxteam.de wrote:On Sat, Dec 25, 2021 at
05:32:58PM +0100, maxwillb wrote:
> Different folks have different criteria for different reasons, so
> whether I know a better (according to my criteria?) source is totally
> irrelevant here.
There are no viable alt
On 12/5/21 2:46 AM, Georgi Naplatanov wrote:
On 12/5/21 05:47, David Christensen wrote:
debian-user:
I installed debian-live-11.1.0-amd64-xfce+nonfree.iso on a Dell Latitude
E6520 today:
2021-12-04 19:28:18 dpchrist@laalaa ~
$ cat /etc/debian_version ; uname -a ; dpkg-query -W firefox-esr
11
December 25, 2021 4:16:59 PM CET "Andrew M.A. Cater"
wrote:On Sat, Dec 25, 2021 at 03:36:12PM +0100, maxwillb wrote:
> So you're raising issues that everyone knows but can't do a great deal about
Then what did you mean by "It's not as if people are massively dropping the
ball here" ?
By the w
December 25, 2021 4:16:59 PM CET "Andrew M.A. Cater"
wrote:
> So you're raising issues that everyone knows but can't do a great deal about
> given the difficulties
I hate to be a broken record, but you could edit
https://www.debian.org/security/ so that it
does not say "We handle all securit
21 matches
Mail list logo
