)
> Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), LANGUAGE not
> set
> Shell: /bin/sh linked to /usr/bin/dash
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
>
>
> Base image is debian:bookworm-slim
> no other sid packages
>
> image
Hello, Nelson.
We were going over the opened bugs on modsecurity-apache and noticed
this old one. Upstream did not update his forwarded bug either.
Is this still relevant to the current version or can we close it?
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y
0u1: Is
> 2.9.3-3+deb11u1 built with the option --enable-collection-global-lock?
>
> Best,
> Albert van der Veen
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://i
On Sun, Oct 08, 2023 at 12:59:21PM +0100, Jonathan Wiltshire wrote:
> Hi,
>
> On Mon, Jun 26, 2023 at 06:42:18PM +0100, Jonathan Wiltshire wrote:
> > On Tue, Mar 21, 2023 at 12:58:31PM +0100, Alberto Gonzalez Iniesta wrote:
> > > Hi, all. We're looking forward to uploadin
Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: modsecur...@packages.debian.org, car...@debian.org,
airw...@gmail.com
Control: affects -1 + src:modsecurity
[ Reason ]
Fix for CVE-2023-38285, not DSA for it.
[
fo
> >
> > Hi,
> >
> > On Mon, 08 May 2023 18:16:51 +0200 Alberto Gonzalez Iniesta
> > wrote:
> > > A new upstream version of modsecurity fixes a security bug
> > > (CVE-2023-28882, #1035083).
> > > We also fixed a FTBFS in the meant
sh
> Init: systemd (via /run/systemd/system)
> LSM: AppArmor: enabled
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
Hi, all. We're looking forward to uploading the latest CRS package to
bullseye-backports, but this will require this pending update to
bullseye. Any news on this front?
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en
On Mon, Dec 12, 2022 at 01:37:02PM +0100, Alberto Gonzalez Iniesta wrote:
> On Wed, Dec 07, 2022 at 08:14:50PM +, Adam D. Barratt wrote:
> > On Mon, 2022-09-19 at 19:25 +0200, Alberto Gonzalez Iniesta wrote:
> > > modsecurity-crs has been released today [1]. It fixes a se
On Wed, Dec 07, 2022 at 08:14:50PM +, Adam D. Barratt wrote:
> On Mon, 2022-09-19 at 19:25 +0200, Alberto Gonzalez Iniesta wrote:
> > modsecurity-crs has been released today [1]. It fixes a security
> > issue,
> > here is the announcement:
> >
> &
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
nmu tripwire_2.4.3.7-4+b3 . ANY . unstable . -m "Rebuild with new libc (Closes
#1022791)"
Tripwire is statically build and libc updates break it.
Thanks.
--
Alberto Gonzal
Hi, Salvatore.
Yes, I guess it'd be better to just remove it.
Regards,
Alberto
On Sat, Sep 24, 2022 at 02:02:42PM +0200, Salvatore Bonaccorso wrote:
> Hi,
>
> On Sat, Sep 24, 2022 at 01:39:17PM +0200, Alberto Gonzalez Iniesta wrote:
> > Package: wnpp
> > Severity: normal
Package: wnpp
Severity: normal
Control: affects -1 src:netkit-tftp
I intend to orphan the netkit-tftp package.
The package description is:
This is a transitional package. It can safely be removed.
Package: wnpp
Severity: normal
Control: affects -1 src:netkit-rwho
I intend to orphan the netkit-rwho package.
The package description is:
The rwho command produces output similar to who, but for all machines on
the local network. If no report has been received from a machine for 11
minutes
Package: wnpp
Severity: normal
Control: affects -1 src:netkit-rwall
I intend to orphan the netkit-rwall package.
The package description is:
The rwall command sends a message to the users logged into the specified host.
The message to be sent can be typed in and terminated with EOF or it can
Package: wnpp
Severity: normal
Control: affects -1 src:mboxgrep
I intend to orphan the mboxgrep package.
The package description is:
mboxgrep is a small utility that scans either standard Unix
mailboxes, Gnus nnml or nnmh mailboxes, MH mailboxes or Maildirs,
and displays messages matching a
Package: wnpp
Severity: normal
Control: affects -1 src:netkit-bootparamd
I intend to orphan the netkit-bootparamd package.
The package description is:
bootparamd is a server process that provides information to diskless clients
necessary for booting. It consults the /etc/bootparams file to
Package: wnpp
Severity: normal
Control: affects -1 src:netkit-rsh
I intend to orphan the netkit-rsh package.
The package description is:
This package contains rsh, rcp and rlogin.
Package: wnpp
Severity: normal
Control: affects -1 src:netkit-rusers
I intend to orphan the netkit-rusers package.
The package description is:
The rusers command produces output similar to who, but for the list of hosts
or all machines on the local network. For each host responding to the
Package: wnpp
Severity: normal
Control: affects -1 src:netkit-ntalk
I intend to orphan the netkit-ntalk package.
The package description is:
Talk is a visual communication program which copies lines from your terminal
to that of another user.
.
In order to talk locally, you will need to
Package: wnpp
Severity: normal
Control: affects -1 src:libapache-mod-evasive
I intend to orphan the libapache-mod-evasive package.
The package description is:
mod_evasive is an evasive maneuvers module for Apache to provide some
protection in the event of an HTTP DoS or DDoS attack or brute
Package: release.debian.org
Severity: normal
Tags: bullseye
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: airw...@gmail.com, christian.fol...@netnea.com
[ Reason ]
modsecurity-crs has been released today [1]. It fixes a security issue,
here is the announcement:
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
nmu tripwire_2.4.3.7-3+b3 . ANY . unstable . -m "Rebuild with new libc (Closes
#994910)"
Thanks.
tags 994910 + pending
thanks
Hi, I'll make an upload to unstable ASAP.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint
On Sat, Sep 04, 2021 at 03:17:25PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
>
> On Wed, 2021-08-25 at 16:55 +0200, Alberto Gonzalez Iniesta wrote:
> > This [1] security bug was found in modsecurity-crs.
> > As stated in #992863 by the security team,
patch to fix request body bypass
+CVE-2021-35368 (Closes: #992000)
+
+ -- Alberto Gonzalez Iniesta Tue, 24 Aug 2021 17:40:57
+0200
+
modsecurity-crs (3.3.0-1) unstable; urgency=medium
* New upstream version 3.3.0
diff -Nru modsecurity-crs-3.3.0/debian/patches/CVE-2021-35368.patch
Hi Salvatore!!
On Tue, Aug 24, 2021 at 03:17:36PM +0200, Salvatore Bonaccorso wrote:
> Hi Alberto,
>
> On Tue, Aug 24, 2021 at 01:57:26PM +0200, Alberto Gonzalez Iniesta wrote:
> > Package: release.debian.org
> > Severity: normal
> > Tags: buster
> > User: relea
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
diff -Nru modsecurity-crs-3.1.0/debian/changelog
Version: 3.2.0-1
Hi, the fix for this issue [1] was included upstream in 3.2.0.
Closing accordingly. Thanks Moritz for the heads up.
[1] https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1167
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip
. Sorry for the delay.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
fixed 967080 2.9.2-2
thanks
Hi, this was fixed in 2.9.2-2.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30
fixed 874542 2.9.2-2
thanks
The fix for this bug was included, as the changelog closing this bug
shows, in 2.9.2-2. Thus, 2.9.2-1~bpo9+1 still had the bug..
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y
./configure --prefix /usr --plug-in
> --fw-iptables --db-sqlite3 --sqlite3-path /var/lib/eurephia --eurephiadm
> --openvpn-src /usr/include/openvpn
> override_dh_auto_clean:
> rm -rf configure.log
> dh_auto_clean
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte téc
SFTPPAMEngine off
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
On Thu, Jun 11, 2020 at 10:59:06AM +0200, Valentin Vidic wrote:
> On Mon, Jun 08, 2020 at 12:29:35PM +0200, Alberto Gonzalez Iniesta wrote:
> > Some weeks ago I upgraded corosync (3.0.1-2 -> 3.0.1-2+deb10u1) and
> > started to notice these messages in my nodes (two node cluster)
Source: corosync
Version: 3.0.1-2+deb10u1
Severity: important
Hi,
Some weeks ago I upgraded corosync (3.0.1-2 -> 3.0.1-2+deb10u1) and
started to notice these messages in my nodes (two node cluster):
Jun 2 01:10:13 patty corosync[2346]: [KNET ] link: host: 2 link: 0 is down
Jun 2 01:10:13
kage: info: binary-only upload (no source included)
Build finished at 2020-04-19T14:14:59Z
I have no idea why in the rebuild this happened:
> > dh_gencontrol -- -VBuilt-Using="glibc (= 2.30-4)
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian@packages.debian.org
Usertags: pu
Hi,
A security issue (CVE-2019-19886) was found in Modsecurity 3.0.3. [1]
A fixed package is already in unstable. This upload only applies
upstream patch to fix that. Please
Package: libmodsecurity3
Version: 3.0.3-1
Severity: serious
Tags: security upstream
A security issue was discovered by Ervin Hegedüs in Modsecurity 3.0.3.
More info:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-denial-of-service-details-cve-2019-19886/
Fixed
=medium
-
- * Add upstream patch to fix php script upload rules.
-CVE-2019-13464 (Closes: #943773)
-
- -- Alberto Gonzalez Iniesta Sun, 03 Nov 2019 14:34:05
+0100
-
modsecurity-crs (3.1.0-1) unstable; urgency=medium
* New upstream release.
diff -Nru modsecurity-crs-3.1.0/debian/patches/CVE
On Sat, Oct 12, 2019 at 05:01:38PM +0200, Alberto Gonzalez Iniesta wrote:
> On Sat, Oct 12, 2019 at 03:57:14PM +0100, Adam D. Barratt wrote:
> > Control: tags -1 + moreinfo
> >
> > On Sat, 2019-10-12 at 15:16 +0200, Alberto Gonzalez Iniesta wrote:
> > > nmu li
On Sat, Oct 12, 2019 at 03:57:14PM +0100, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On Sat, 2019-10-12 at 15:16 +0200, Alberto Gonzalez Iniesta wrote:
> > nmu libapache2-mod-security2_2.9.3-1 . amd64 . buster . -m "Build
> > with libapr-1.6.5&quo
Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
nmu libapache2-mod-security2_2.9.3-1 . amd64 . buster . -m "Build with
libapr-1.6.5"
Looks like my build environment wasn't up to date when I built this.
The amd64 package is linked with
2 and above. The default setting is Paranoia Level 1.
> > ->
> > https://github.com/SpiderLabs/owasp-modsecurity-crs/issues/1359#issuecomment-487344654
>
> I don't understand. What does Nginx 3 have to do with it? There's not even
> such a version in unstable, the latest is
it again.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
Y_MODULE, TAINT_WARN, TAINT_OOT_MODULE
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
> LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/dash
> Init: unable to detect
>
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técni
, I have asked MITRE if those two CVEs should be used as well for
> netkit-rsh or if it would need two new CVEs.
Ooops! I should have asked before... Sorry.
Do you (sec team) think we should prepare an upload with this fix for
stable security?
Regards,
Alberto
--
Alberto Gonzalez Iniesta
scp.
Hi!
Thanks for noticing.
Attaching the patch so that others can check it.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint =
t.
> >>
> >> Regards,
> >>
> >> Alberto
>
> Hi Alberto,
>
> Yes, I have a bit of free time to take care of the development of OpenVPN and
> some packages in which I’m working now. So I will adopt OpenVPN
Hi, Manu.
OpenVPN is NOT for adoption. This RFA
On Mon, Dec 24, 2018 at 01:08:09PM +0100, Manu Alén wrote:
> On Sat, 7 Oct 2017 11:19:09 +0200 Alberto Gonzalez Iniesta
> wrote:
> > Package: wnpp
> > Severity: normal
> >
> > I request an adopter for the eurephia package.
> >
> > The package descript
hoped they would be. Still, at least for me, this is an improvement
> over to several handcrafted rules, especially for any future changes in
> the Debian build system.
>
[snip]
> ### Packages maintained by Alberto Gonzalez Iniesta
>
> * netkit-bootparamd
> * netkit-ntalk
&
On Sat, Nov 24, 2018 at 08:45:21AM +0100, Sebastiaan Couwenberg wrote:
> tags 914489 wontfix
> thanks
>
> Hi Alberto,
>
> On 11/23/18 9:26 PM, Alberto Gonzalez Iniesta wrote:
> > After updating nagios-nrpe-plugin in my monitoring host to
> > 3.2.1-1~bpo9+1 most
Package: nagios-nrpe-plugin
Version: 3.2.1-1~bpo9+1
Severity: important
Hi,
After updating nagios-nrpe-plugin in my monitoring host to
3.2.1-1~bpo9+1 most of my monitored instances fail to be checked.
AFAICT only those running Stretch continue to work. The error from the
new nagios-nrpe-plugin
ee" somewhere else, and I'm mostly done with it.
I'll look into your changes on bsd-finger and see if I can reproduce
those on others.
Thanks again,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
Package: modsecurity
Version: 3.0.2-1
Severity: serious
Yep, some tests are failing on all buildd. Looking into it.
Thanks Santiago Vila for the heads up.
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1,
Package: wnpp
Severity: wishlist
Owner: Alberto Gonzalez Iniesta
* Package name: libmodsecurity3
Version : 3.0.2
Upstream Author : Trustwave Holdings, Inc.
* URL : https://www.modsecurity.org/
* License : Apache-2.0
Programming Lang: C++
Description
ce a misbuild?
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
builds and is prohibited by the Debian policy
> > in section 4.6.
> >
> > Helmut
>
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
eply. Could you provide an example?
I'm not able to reproduce it:
agi@var ~% wc -l Mail/INBOX
25526 Mail/INBOX
agi@var ~% mboxgrep -P foo Mail/INBOX | wc -l
3084
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/L
Package: wnpp
Severity: normal
I request an adopter for the openvpn-auth-ldap package.
The package description is:
A plugin that implements username/password authentication via
LDAP for OpenVPN 2.x. It features:
.
* Simple Apache-style configuration file.
* LDAP group-based access
Package: wnpp
Severity: normal
I request an adopter for the eurephia package.
The package description is:
This plug-in enhances OpenVPN by adding user name and password authentication.
An eurephia user account is a combination of minimum one OpenVPN SSL
certificate and a user name with a
Package: wnpp
Severity: normal
I request an adopter for the easy-rsa package.
The package description is:
This package eases the creation of certificates, for example for
openvpn clients.
.
This was formerly part of the openvpn package.
re, and
> /usr/lib/tmpfiles.d/openvpn.conf being overriddden means that
> /run/openvpn is no longer created.
>
Ooops, fixing ASAP.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail prefe
Package: wnpp
Severity: normal
Due to lack of time I request an adopter for the openvpn package.
The package description is:
OpenVPN is an application to securely tunnel IP networks over a
single UDP or TCP port. It can be used to access remote sites, make
secure point-to-point connections,
ects causing not
+usable VPN tunnels.
+
+ -- Alberto Gonzalez Iniesta <a...@inittab.org> Mon, 22 May 2017 14:59:49
+0200
+
openvpn (2.4.0-5) unstable; urgency=high
* Change typo fix in command line help.
diff -Nru openvpn-2.4.0/debian/patches/series
openvpn-2.4.0/debian/patches/series
-
d use
> > nmcli with a configured VPN config file and a separate password file from a
> > paid service I
> > subscribe to.
> >
>
> Hi,
>
> Could you try 2.4.0-6 just uploaded to unstable? It fixes an issue that
> matches your symptoms.
>
> Regards,
>
> Alberto
>
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
ug report marked as 'not a bug' by the reporter is not to stay open for
long.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint =
atches your symptoms.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
ency,
> or as least listed as a recommends.
Seems like it's already there.
$ apt-cache show openvpn | grep resolv
Suggests: openssl, resolvconf
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted m
On Fri, Mar 24, 2017 at 08:41:00PM +0100, Daniel Schröter wrote:
> On 03/21/2017 10:16 PM, Alberto Gonzalez Iniesta wrote:
> > On Tue, Mar 21, 2017 at 09:27:28PM +0100, Daniel Schröter wrote:
> >> this one
> >> https://github.com/OpenVPN/openvpn/blob/master/distr
:42.0 +0100
@@ -1,3 +1,10 @@
+openvpn (2.4.0-4) unstable; urgency=medium
+
+ * Add NEWS entries on possible 2.4 migration issues.
+(Closes: #852381, #849909)
+
+ -- Alberto Gonzalez Iniesta <a...@inittab.org> Thu, 02 Feb 2017 14:15:42
+0100
+
openvpn (2.4.0-3) unstable; urgency=
On Tue, Mar 21, 2017 at 09:27:28PM +0100, Daniel Schröter wrote:
> Hello
>
> On 03/21/2017 09:02 PM, Alberto Gonzalez Iniesta wrote:
> > upstream's openvpn-server@.service unit is in fact included in
> > Debian's package.
>
> this one
> https://github.com/Open
's openvpn-server@.service unit is in fact included in
Debian's package.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
(--configure):
>dependency problems - leaving unconfigured
> Setting up libcap2-bin (1:2.25-1) ...
> Processing triggers for libc-bin (2.24-8) ...
> Processing triggers for systemd (232-8) ...
> Errors were encountered while processing:
>libapache2-mod-security2
>li
sr/bin/dash
> Init: systemd (via /run/systemd/system)
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
> > > Am 13.12.2016 um 18:02 schrieb Michael Biebl:
> > >> Am 13.12.2016 um 16:53 schrieb Alberto Gonzalez Iniesta:
> > >>> Hi there,
> > >>>
> > >>> The --tls-remote was removed in OpenVPN 2.4, and was already marked as
> > >
entry to warn users.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
d
either in OpenVPN v2.4 or v2.5. So please make sure you support the new
X.509 name formatting described with the --compat-names option as
soon as possible by updating your configurations to use
--verify-x509-name instead.
IMHO this should have been fixed in network-manager-openvpn before 2.4
arr
Control: unblock 827061 by -1
Uploaded 2.4~rc1-1 build against openssl1.0 until upstream moves to 1.1
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key
On Thu, Nov 24, 2016 at 07:39:01PM +0100, Julien Cristau wrote:
> On Thu, Nov 10, 2016 at 16:54:41 +0100, Alberto Gonzalez Iniesta wrote:
>
> > On Thu, Nov 10, 2016 at 03:38:12PM +, Adam D. Barratt wrote:
> > >
> > > On Wed, 2016-11-02 at 12:51 +0100,
On Thu, Nov 10, 2016 at 03:38:12PM +, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On Wed, 2016-11-02 at 12:51 +0100, Alberto Gonzalez Iniesta wrote:
> > I was asked to update modsecurity-crs in Jessie in order to fix #838009.
> > The fix is trivial
ckage.
>
> What do you think ?
Hi Ian,
I'm quite busy right now for this. If you want to see the change for
Stretch feel free to do the appropiate changes.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linu
On Thu, Nov 10, 2016 at 03:38:12PM +, Adam D. Barratt wrote:
>
> On Wed, 2016-11-02 at 12:51 +0100, Alberto Gonzalez Iniesta wrote:
> > I was asked to update modsecurity-crs in Jessie in order to fix #838009.
> > The fix is trivial [1] and was uploaded to unsta
Package: release.debian.org
Severity: normal
Tags: jessie
User: release.debian@packages.debian.org
Usertags: pu
Hi there,
I was asked to update modsecurity-crs in Jessie in order to fix #838009.
The fix is trivial [1] and was uploaded to unstable a while ago [2], but
I'm not sure if it
Hullo,
Please find attached a patch to fix the following error on
gnupod_addsong:
$ gnupod_addsong
Can't use a hash as a reference at /usr/share/perl5/GNUpod/FileMagic.pm
line 365
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip
tags + patch
thanks
Hiya,
As suggested in the error message (Maybe you should just omit the
defined()?), removing it seems to fix this. Removing brackets would end
in a different error. Please find patch attached.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y
On Mon, Jul 04, 2016 at 07:38:29PM +0200, Michael Biebl wrote:
> Hi Alberto
>
> On Mon, 23 May 2016 09:59:34 +0200 Alberto Gonzalez Iniesta
> <a...@inittab.org> wrote:
> > tags 804968 + pending
> > thanks
>
> You marked this bug as pending a while ago but
On Mon, Jun 13, 2016 at 10:09:56AM +0200, Kamil Kachyňa wrote:
> It is fixed in RouterOS version 6.36rc28 (Release candidate)
>
> *) ovpn - fixed compatibility with OpenVPN 2.3.11;
>
>
Hi Kamil,
Thanks for the info! Closing now.
Regards,
Alberto
--
Alberto Gonzalez Iniesta
=== AUTHENTICATING FOR org.freedesktop.systemd1.manage-units ===
Authentication is required to restart 'openvpn.service'.
If that's the case, OpenVPN has nothing to do with it. You may want to
run that with sudo (in order to avoid password prompts).
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, con
On Tue, May 10, 2016 at 12:53:17PM -0400, Simon Deziel wrote:
> Hi Alberto and Jim,
>
> On 2016-05-10 12:45 PM, Alberto Gonzalez Iniesta wrote:
> > So sorry took me this long to answer. I'm pretty sure this is related to
> > capabilities. Could try copying /lib/systemd/sy
ng to answer. I'm pretty sure this is related to
capabilities. Could try copying /lib/systemd/system/openvpn@.service to
/etc/systemd/system/openvpn@.service and removin the
CapabilityBoundingSet line from it?
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte té
cur due to your "special"
environment. Since the value is recommended upstream I'd rather not
change it. I'll add a note in README.Debian, closing this bug report.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.o
Hi,
Did you run "systemctl daemon-reload" after changing the .service file?
I'll upload 2.3.10 soon, can you check if it works with it?
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y soft
rote:
> Hi,
>
> I'm having this same problem in Debian 8.2. with openvpn 2.3.4-5.
>
> As the original reporter starting openvpn with
> # _SYSTEMCTL_SKIP_REDIRECT=1 /etc/init.d/openvpn start
> works.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técni
Hi all,
Is this still an issue with newer versions of OpenVPN?
THanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8
13 update-resolv-conf*
> tglase@tglase:~ $ fgrep -c ig42 /etc/default/openvpn
>
Running systemd? Maybe you deleted that file without running "systemctl
daemon-reload"?
--
Alberto Gonzalez Iniesta| Formación, consultoría y s
On Mon, Dec 14, 2015 at 07:56:45PM +0100, Michal Hocko wrote:
> On Mon, Dec 14, 2015 at 07:52:16PM +0100, Alberto Gonzalez Iniesta wrote:
> > On Mon, Dec 14, 2015 at 07:43:28PM +0100, Michal Hocko wrote:
> > > On Sat, Sep 19, 2015 at 10:25:15PM +0200, Michal Hocko wrote:
>
; > > which was filed against the openvpn package:
> > >
> > > #792309: init script no longer asks for user/passwd and fails connection
> > >
> > > It has been closed by Alberto Gonzalez Iniesta <a...@inittab.org>.
> > >
> > > Their e
On Thu, Nov 12, 2015 at 06:15:42PM +, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
>
> On 2015-11-12 16:48, Alberto Gonzalez Iniesta wrote:
> >I'd like to upload openvpn for the next point release. The reason is a
> >serious bug (#785200 and #787090) hitting
--no-block to if-up.d script to avoid hanging boot on
+interfaces with openvpn instances. (Closes: #787090, #785200)
+
+ -- Alberto Gonzalez Iniesta <a...@inittab.org> Thu, 12 Nov 2015 17:16:28
+0100
+
openvpn (2.3.4-5) unstable; urgency=high
* Apply upstream patch that fixes possib
1 - 100 of 395 matches
Mail list logo