Re: Let's Encrypt

2019-10-12 Thread Garrett Wollman
< said: > Trond Endrestøl wrote: >> >> #minute hourmdaymonth wdaywho command >> >> 52 4 1 * * rootcertbot renew --quiet >> --pre-hook "service apache24 stop" --post-hook "service apache24 start" >> 52 1 15 * * root

Re: FreeBSD Security Advisory FreeBSD-SA-19:23.midi

2019-10-12 Thread Ian Lepore
On Wed, 2019-08-21 at 04:55 +0700, Eugene Grosbein wrote: > 21.08.2019 3:12, FreeBSD Security Advisories wrote: > > [skip] > > > IV. Workaround > > > > No workaround is available. Custom kernels without "device sound" > > are not vulnerable. > > Is it true that there is no way to disable vuln

Re: Git/Mtn for FreeBSD, PGP WoT Sigs, Merkel Hash Tree Based

2019-10-12 Thread Daniel Shahaf
grarpamp wrote on Fri, Sep 20, 2019 at 17:04:08 -0400: > How does one know their entire copy of repo obtained on > DVD, "mirror", or elsewhere cryptographically > matches the authoritative repo... If someone wanted to add "signed commits" functionality to svn, I think that would be possible and ev

Re: FreeBSD Security Advisory FreeBSD-SA-19:19.mldv2

2019-10-12 Thread Fernando Gont
Folks, Since FreeBSD ships with IPv6 support enabled by default, aren't all systems affected, one way or another? Thanks, Fernando > = > FreeBSD-SA-19:19.mldv2 Security Advisory >

Git/Mtn for FreeBSD, PGP WoT Sigs, Merkel Hash Tree Based

2019-10-12 Thread grarpamp
For consideration... SVN really may not offer much in the way of native internal self authenticating repo to cryptographic levels of security against bitrot, transit corruption and repo ops, external physical editing, have much signing options, etc. Similar to blockchain and ZFS hash merkle-izatio

Re: Let's Encrypt

2019-10-12 Thread Laurent Frigault
On Sun, Sep 08, 2019 at 09:58:35PM +0700, Victor Sudakov wrote: > Which client is now recommended to work with Let's Encrypt? > > I see numerous clients in the ports tree, some deleted, some renamed... > Which one is good? I've been using security/dehydrated for years. Never had any problem wi

MFH requests for mariadb103 and mariadb104

2019-10-12 Thread Bernard Spil
Hi, Forgot to add MFH 2019Q3 to https://svnweb.freebsd.org/ports?view=revision&revision=510703 https://svnweb.freebsd.org/ports?view=revision&revision=510711 Cheers, Bernard. ___ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mail

Re: AMD Secure Encrypted Virtualization - FreeBSD Status?

2019-10-12 Thread Tomasz CEDRO
On Thu, Oct 3, 2019 at 10:29 PM Clay Daniels Jr. wrote: > Just whose secure keys do you suggest? I go to a lot of trouble to disable > secure boot so I can load any operating system I want. The goal would be not to disable secure boot and have FreeBSD running with a secured bootloader :-) At the

Re: AMD Secure Encrypted Virtualization - FreeBSD Status?

2019-10-12 Thread Tomasz CEDRO
would be really nice also to get UEFI BOOT compatible with SECURE BOOT :-) -- CeDeROM, SQ7MHZ, http://www.tomek.cedro.info ___ freebsd-security@freebsd.org mailing list https://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any

Re: Git/Mtn for FreeBSD, PGP WoT Sigs, Merkel Hash Tree Based

2019-10-12 Thread Igor Mozolevsky
On Fri, 20 Sep 2019 at 22:01, grarpamp wrote: > > For consideration... > > SVN really may not offer much in the way of native > internal self authenticating repo to cryptographic levels > of security against bitrot, transit corruption and repo ops, > external physical editing, have much signing op

Re: Git/Mtn for FreeBSD, PGP WoT Sigs, Merkel Hash Tree Based

2019-10-12 Thread Igor Mozolevsky
On Mon, 7 Oct 2019 at 08:43, grarpamp wrote: > > On 10/4/19, Igor Mozolevsky wrote: > > On Fri, 20 Sep 2019 at 22:01, grarpamp wrote: > >> > >> For consideration... > >> https://lists.freebsd.org/pipermail/freebsd-security/2019-September/010099.html > >> > >> SVN really may not offer much in the