Re: Apache doesn't restart after new libssl is installed

On Wed, 2023-02-08 at 14:01 +, Phil Endecott wrote: > Whose responsibility is this? Should the Apache package somehow > know that it needs to restart itself? Should the libssl package > do something to cause Apache to restart? Should the unattended- > upgrades package know to restart Apache

Re: Some Debian package upgrades are corrupting rsync "quick check" backups

On Sat, 2017-01-28 at 23:00 +0100, Lupe Christoph wrote: > On Saturday, 2017-01-28 at 14:51:19 +, Holger Levsen wrote: > > On Sat, Jan 28, 2017 at 03:04:56PM +0100, Daniel Reichelt wrote: > > > I highly suspect this stems from packages' rules files supporting > > > reproducible builds. > > >

Re: goals for hardening Debian: ideas and help wanted

On 24. huhtikuuta 2014 12.57.45 EEST, Andrew McGlashan andrew.mcglas...@affinityvision.com.au wrote: It works for me [Orbot/Orweb -- 4.3 on both i9300 and i9505], did you get the case right? wiki.d.o seems to be blocking at least some Tor exit nodes. IMHO it should not do that, at least for

Re: SSL for debian.org/security?

On Tue, Nov 12, 2013 at 01:15:38PM -0500, Hans-Christoph Steiner wrote: Having the key generated on the card is the most secure, since those cards are designed so you can't read the secret key off of the card. So the cost of putting a new certificate on the card is only someone's time for

Re: Microcode update conundrum (was Re: ANNOUNCEMENT: Intel processor microcode security update)

On Sun, Sep 08, 2013 at 08:00:12AM +0900, Joel Rees wrote: (1) This requires enabling two repositories that I have been avoiding enabling, contrib and non-free. That means I have to watch the repository more carefully when using apt-cache search or synaptic to look for new tools,

Re: flashplugin-nonfree get-upstream-version.pl security concern

On Wed, Dec 12, 2012 at 05:52:31PM +, adrelanos wrote: Since get-upstream-version.pl runs as root it can do anything. I don't accuse him personally for anything. But should he ever be compromised (forced, evil maid, etc...) it's very easy to mount a stealth attack. I would worry more

Re: SELinux blocks(?) GDM in permissive mode

On Mon, Sep 10, 2012 at 01:01:16PM +0200, Kees de Jong wrote: Anyone please? I think this is the bug #68376 that was fixed a few days ago: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=683756 Have you tried upgrading to the latest selinux-policy-default package (2:2.20110726-10)? -- To

Re: Vulnerable PHP version according to nessus

On Wed, Dec 28, 2011 at 07:59:08AM +, Dave Henley wrote: When I scan my system for vulnerabillities with nessus I get the follwoing high risk output: Synopsis: The remote web server uses a version of PHP that is affected by multiple vulnerabilities. Description According to its

Re: Debian LTS?

. But maybe there is also a possibility of two-way co-operation with them? Just food for thought. -- Henrik Ahlgren Seestieto Lars Sonckin kaari 10, FI-02600 Espoo +358-50-3866200 -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact