date:20140807

Re: vacation mail

2014-08-07 Thread Daniel

It's not the first, and it won't be the last.

Y'know, if I was a malicious individual I might lurk the Debian security 
mailing lists until I saw such an announcement, and then wait for a security 
vulnerability, for example [DSA 2998-1] to be posted thereafter. Deducing that 
the individual or their organisation ran Debian, I might then scan or probe the 
domain which issued to vacation mail to ascertain if they were vulnerable. 
Having all the information I needed to take advantage of the vulnerability in 
the DSA, I might then attack said individual or their organisation, safe in the 
knowledge that they would not be back in the office to deal with the problem 
until August 25th. Such vacation mails would make my job alot easier.

IT is fortunate for the senders of such mails that I am not a malicious 
individual.

Best regards,

Daniel

On 6 Aug 2014, at 09:49, Grond wrote:

 Bugger, but someone has *reeaally* poor manners.
 
 A vacation notice to a mailing list?
 I mean; really?
 
 I do *hope* that we will not be spammed by this until 
 August 25th.
 
 (I realize that this rant may not meet
 minimum notability for this list.)
 
 
 On Tue, Aug 05, 2014 at 08:13:31PM +0200, programac...@sf-informatica.com 
 wrote:
 Els missatges enviats a aquesta adreça de correu no s'atendran fins al 25 
 d'agost. Si us plau, si és urgent, posi's en contacte amb 
 urgenc...@sf-informatica.com. Disculpi les molèsties.
 
 Los mensajes enviados a esta dirección de correo no se atenderán hasta el 25 
 de agosto. Por favor, si es urgente, póngase en contacto con 
 urgenc...@sf-informatica.com. Disculpe las molestias.
 
 
 
 
 -- 
 To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
 with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
 Archive: 
 https://lists.debian.org/20140805181331.32e066041d...@11vs2.vspain.net
 
 -- 
 
 Attached is my PGP public key.
 Primary key fingerprint: B7C7 AD66 D9AF 4348 0238  168E 2C53 D8FA 55D8 9FD9
 
 If you have a PGP key (and a minute to spare)
 please send it in reply to this email.
 
 If you have no idea what PGP is, feel free
 to ignore all this gobbledegook.
 Mail Attachment


--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/646a2551-a655-4620-b57f-46a5cbed4...@noflag.org.uk

Re: vacation mail

2014-08-07 Thread Jason Fergus

Ha, I think it's hilarious when people do this.  Also stupid, but if it
weren't for stupid people, who would we have to laugh at?  :D

On Thu, 2014-08-07 at 15:54 +0100, Daniel wrote:
 It's not the first, and it won't be the last.
 
 Y'know, if I was a malicious individual I might lurk the Debian security 
 mailing lists until I saw such an announcement, and then wait for a security 
 vulnerability, for example [DSA 2998-1] to be posted thereafter. Deducing 
 that the individual or their organisation ran Debian, I might then scan or 
 probe the domain which issued to vacation mail to ascertain if they were 
 vulnerable. Having all the information I needed to take advantage of the 
 vulnerability in the DSA, I might then attack said individual or their 
 organisation, safe in the knowledge that they would not be back in the office 
 to deal with the problem until August 25th. Such vacation mails would make my 
 job alot easier.
 
 IT is fortunate for the senders of such mails that I am not a malicious 
 individual.
 
 Best regards,
 
 Daniel
 
 On 6 Aug 2014, at 09:49, Grond wrote:
 
  Bugger, but someone has *reeaally* poor manners.
  
  A vacation notice to a mailing list?
  I mean; really?
  
  I do *hope* that we will not be spammed by this until 
  August 25th.
  
  (I realize that this rant may not meet
  minimum notability for this list.)
  
  
  On Tue, Aug 05, 2014 at 08:13:31PM +0200, programac...@sf-informatica.com 
  wrote:
  Els missatges enviats a aquesta adreça de correu no s'atendran fins al 25 
  d'agost. Si us plau, si és urgent, posi's en contacte amb 
  urgenc...@sf-informatica.com. Disculpi les molèsties.
  
  Los mensajes enviados a esta dirección de correo no se atenderán hasta el 
  25 de agosto. Por favor, si es urgente, póngase en contacto con 
  urgenc...@sf-informatica.com. Disculpe las molestias.
  
  
  
  
  -- 
  To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
  with a subject of unsubscribe. Trouble? Contact 
  listmas...@lists.debian.org
  Archive: 
  https://lists.debian.org/20140805181331.32e066041d...@11vs2.vspain.net
  
  -- 
  
  Attached is my PGP public key.
  Primary key fingerprint: B7C7 AD66 D9AF 4348 0238  168E 2C53 D8FA 55D8 9FD9
  
  If you have a PGP key (and a minute to spare)
  please send it in reply to this email.
  
  If you have no idea what PGP is, feel free
  to ignore all this gobbledegook.
  Mail Attachment
 
 



-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/1407426504.2771.0.ca...@jfergusdeb.proofpoint.com

Re: vacation mail

2014-08-07 Thread Gunnar Wolf

Jason Fergus dijo [Thu, Aug 07, 2014 at 09:48:24AM -0600]:
 Ha, I think it's hilarious when people do this.  Also stupid, but if it
 weren't for stupid people, who would we have to laugh at?  :D

Right. And these messages bug us, true. But please, stop it. Debian
project mailing lists are not the right place to laugh at people.


signature.asc
Description: Digital signature

Re: Mensaje Ausencia

2014-08-07 Thread Mason Loring Bliss

On Wed, Aug 06, 2014 at 01:49:21AM -0700, Grond wrote:

 A vacation notice to a mailing list?
 I mean; really?

Something to consider is that lots of folks run statistical filters that do a
great job of noting and nuking these things. However, when you copy the
effective spam in its entirety in your top-posted reply, the question arises
as to whether the reply should also be considered spam or not. Either your
reply weakens the spamminess of the original message or it is itself tossed
into the spam classifier, thus making your own messages marginally more
likely to be considered to be spam, and neither of those are great results.

In order of relevance and importance as I see it:

 1. Please don't reply to things that should be treated as spam .

 2. Please don't quote spam or things that should be treated like spam back
to the list where you saw it, to avoid the classification tangle noted.

 3. Please don't top-post.

-- 
Mason Loring Bliss  ((   If I have not seen as far as others, it is because
 ma...@blisses.org   ))   giants were standing on my shoulders. - Hal Abelson


-- 
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/20140807221212.gb2...@blisses.org

External check

2014-08-07 Thread Raphael Geissert

CVE-2014-3472: RESERVED
CVE-2014-5075: RESERVED
CVE-2014-5179: missing from list
--
The output might be a bit terse, but the above ids are known elsewhere,
check the references in the tracker. The second part indicates the status
of that id in the tracker at the moment the script was run.


-- 
To UNSUBSCRIBE, email to debian-security-tracker-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Archive: 
https://lists.debian.org/53e32047.u5exll2zz5b1aktn%atomo64+st...@gmail.com

Re: vacation mail

Re: vacation mail

Re: vacation mail

Re: Mensaje Ausencia

External check

5 matches

Site Navigation

Mail list logo

Footer information