On Thu, Apr 24, 2014 at 9:49 AM, Giacomo Mulas
wrote:
> On Thu, 24 Apr 2014, Steve Langasek wrote:
>
>> The apparmor policies in Debian apply a principle of minimal harm,
>> confining
>> only those services for which someone has taken the time to verify the
>> correct profile. There are obviously
Verstehe.
Am 25. April 2014 00:07:51 schrieb "Diegmann, Bjoern" :
Einfach nur weils grad so schoen passt ,)
--- Ursprüngl. Mitteilung ---
Von: Moritz Muehlenhoff
Gesend.: 24.04.2014, 23:38
An: debian-security-annou...@lists.debian.org
Betreff: [SECURITY] [DSA 2912-1] openjdk-6 security upda
On Thu, 24 Apr 2014, Steve Langasek wrote:
The apparmor policies in Debian apply a principle of minimal harm, confining
only those services for which someone has taken the time to verify the
correct profile. There are obviously pros and cons to each approach to MAC,
which I'm not interested in
On Thu, Apr 24, 2014 at 11:45:46AM +0200, Giacomo Mulas wrote:
> On Thu, 24 Apr 2014, Paul Wise wrote:
> >>Would the inclusion of more AppArmor profiles be applicable?
> >Thanks, added along with SELinux/etc.
> I second that. Actually, some time ago I tried using both AppArmor and
> SELinux, but
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 04/24/2014 11:21 AM, Salvatore Bonaccorso wrote:
> This is indeed seem a typo in the DSA-2911-1. The fixed version
> for the unstable distribution for the given CVEs is
> icedove/24.4.0-1.
>
> For reference see also [1].
>
> [1] https://security
Hi,
On Thu, Apr 24, 2014 at 10:05:08AM -0400, charlie derr wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> On 04/22/2014 11:25 AM, Moritz Muehlenhoff wrote:
> > -
> >
> >
> Debian Security Advisory DSA-2911-1
On 24. huhtikuuta 2014 12.57.45 EEST, Andrew McGlashan
wrote:
>It works for me [Orbot/Orweb -- 4.3 on both i9300 and i9505], did you
>get the case right?
wiki.d.o seems to be blocking at least some Tor exit nodes. IMHO it should not
do that, at least for read-only access.
--
To UNSUBSCRIBE
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
On 04/22/2014 11:25 AM, Moritz Muehlenhoff wrote:
> -
>
>
Debian Security Advisory DSA-2911-1 secur...@debian.org
> http://www.debian.org/security/
On Thu, 24 Apr 2014, Paul Wise wrote:
On Thu, 2014-04-24 at 02:53 -0007, Cameron Norman wrote:
Would the inclusion of more AppArmor profiles be applicable?
Thanks, added along with SELinux/etc.
I second that. Actually, some time ago I tried using both AppArmor and
SELinux, but gave up beca
On 24/04/2014 5:49 PM, Lesley Binks wrote:
> Apologies for the top posting, I'm writing this from my phone.
> I get a 403 when trying to access via Orbot/Orweb on Android 4.1 phone.
> Amusing.
It works for me [Orbot/Orweb -- 4.3 on both i9300 and i9505], did you
get the case right?
Strangely thou
> I suggest it might be better if exploits were each given a quick/approximate
> "ranking" in terms of severity (and if the severity is unknown it could be
> assigned a default median ranking), so that the algorithm you mention wouldn't
> just add number of unplugged exploits, but add them by weigh
On 10:57 Thu 24 Apr 2014, Paul Wise wrote:
> ..[snip]..
> https://wiki.debian.org/Hardening/Goals
Regarding the line (at that page):
> Refuse to install packages that are known to have X number of unplugged
> exploits (i.e. X number of open security bugs in the bug tracker) unless
> e.g. --allow-
Apologies for the top posting, I'm writing this from my phone.
I get a 403 when trying to access via Orbot/Orweb on Android 4.1 phone.
Amusing.
Lesley
On 24 Apr 2014 03:58, "Paul Wise" wrote:
> Hi all,
>
> I have written a non-exhaustive list of goals for hardening the Debian
> distribution, the
13 matches
Mail list logo