Secunia / Firefox Javascript "Arbitrary Memory Exposure" test

2005-04-05 Thread Ian G
I just confirmed the following bug on my firefox. http://secunia.com/advisories/14820/ Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050219 Firefox/1.0 (I think my firefox is a month or two behind, from ports, but the advisary indicates both 1.0.1 and 1.0.2 are effected.) FreeBSD loca

Re: FreeBSD Security Advisory FreeBSD-SA-05:21.openssl

2005-10-14 Thread Ian G
Jacques Vidrine wrote: On 2005-10-12, at 12:10 :19, Peter Jeremy wrote: On Tue, 2005-Oct-11 09:45:53 -0700, Jacques Vidrine wrote: On Oct 11, 2005, at 7:25 AM, Ian G wrote: Isn't the workaround obviously to switch off V2? Yes. Sorry that wasn't mentioned. That sounds l

Re: Slightly OT: SSL certs - best practice?

2006-05-16 Thread Ian G
Hi all, Clemens Renner wrote: Hi James, I would advise against using wildcard certificates. There certainly are situations where this might be adequate but I'm in favor of a single server certificate for each service that uses a different (virtual) host. Thus, I have created several certific

Re: FreeBSD Security Survey

2006-05-22 Thread Ian G
My experience is similar to that of others, with one variation - I've never been able to successfully install from packages, and at best have found that half way through, some port gets dragged in, and I've gradually been sucked into replacing everything with ports. ( Which is fine, for the most

Re: FreeBSD Security Survey

2006-05-23 Thread Ian G
[EMAIL PROTECTED] wrote: Might be wrong, but anything "auto-magic" sounds like not a very good idea, saves time probably in the short term, but I''m not sure that's what you want... Notwithstanding the dangers, I suspect it is an idea who's time has come - for security as well. It is what ha

On what versions of FreeBSD can we unreserve ports?

2006-05-27 Thread Ian G
On which versions of FreeBSD is it now possible to un-reserve ports? ( I've been waiting for this since forever ... have spent countless days - $$$ - trying to install workarounds, only to junk them later. I've even been paid a consulting gig to develop this, and declined to deploy it on my own

Re: On what versions of FreeBSD can we unreserve ports?

2006-05-28 Thread Ian G
Patrick Proniewski wrote: On 27 mai 2006, at 15:51, Ian G wrote: On which versions of FreeBSD is it now possible to un-reserve ports? host$ sysctl net.inet.ip.portrange.reservedhigh=0 According to freebsd web site, it has first came with 5.1R (http:// www.freebsd.org/releases/5.1R

On what versions of FreeBSD can we unreserve ports?

2006-05-29 Thread Ian G
On which versions of FreeBSD is it now possible to un-reserve ports? ( I've been waiting for this since forever ... have spent countless days - $$$ - trying to install workarounds, only to junk them later. I've even been paid a consulting gig to develop this, and declined to deploy it on my own