Re: [SECURITY] [DSA 2563-1] viewvc security update
Hi, This DSA was signed with key 0x401DAC04, which is not in any debian-keyring package I can find, nor on pgp.mit.edu. Is this a mistake? Thanks! -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20121023204811.GJ25000@debian
Re: security issues with apache!
At 1141730613, Petter Senften wrote: Recently I've noticed that my Apache-installation gets violated and that an intruder somehow manages to put stuff in /tmp and /var/tmp. Then it makes Apache execute these. Do you have mod_cgi installed and activated? If you are not using it, disable it. If the trouble-maker is executing things via PHP scripts, you can stop them by disabling the exec and related functions in PHP. The following line in /etc/php.ini would do it for example: disable_functions = system, exec, shell_exec, passthru, popen, pcntl_exec, openlog Alternatively turning on safe mode does this, I believe. -- Jon Dowland http://alcopop.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 871-1] New libgda2 packages fix arbitrary code execution
On Tue, Oct 25, 2005 at 05:23:19PM +0200, Martin Schulze wrote: Package: libgda2 ^^^ snip http://security.debian.org/pool/updates/main/s/sudo/sudo_1.6.8p7-1.2.dsc ^ Sorry to be a pest :( -- Jon Dowland signature.asc Description: Digital signature