Upcoming stable point release (9.7)
Hi, The next point release for "stretch" (9.7) is in progress just now and should hit the mirrors in the next hours. Regards, Martin -- Martin Zobel-Helas Debian System Administrator Debian & GNU/Linux Developer Debian Listmaster http://about.me/zobel Debian Webmaster GPG Fingerprint: 6B18 5642 8E41 EC89 3D5D BDBB 53B1 AC6D B11B 627B
Re: HTTPS needs to be implemented for updating
Hi, On Tue Dec 20, 2016 at 10:45:23 +0100, Hans-Christoph Steiner wrote: > Also, it would be really awesome if there was: > > https://httpsredir.debian.org/debian > > Which automatically redirected to mirrors that support HTTPS. I filed > an issue here: > https://github.com/rgeissert/http-redirector/issues/78 httpredir is a dead horse. -- Martin Zobel-Helas Software in the Public Interest, Inc. | Member of the Board of Directors GPG Fingerprint: 6B18 5642 8E41 EC89 3D5D BDBB 53B1 AC6D B11B 627B
Re: Ticket received- [SECURITY] [DSA 3055-1] pidgin security update
Hi, On Thu Oct 23, 2014 at 23:15:54 +0100, Jack wrote: > On 23/10/2014 22:14, Multapplied Networks Technical Services wrote: > > Dear Debian-security, > > Ban the bots! > already kicked. Martin Zobel-Helas -- Debian Listmaster -- Martin Zobel-Helas Debian System Administrator Debian & GNU/Linux Developer Debian Listmaster http://about.me/zobel Debian Webmaster GPG Fingerprint: 6B18 5642 8E41 EC89 3D5D BDBB 53B1 AC6D B11B 627B -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/20141023223726.gt6...@ftbfs.de
Re: Long Exim break-in analysis
Hi,
On Tue Dec 21, 2010 at 23:07:37 +0100, Vladislav Kurz wrote:
>
> Lessons learned:
> 1. subscribe to DSA and run apt-get
> 2. /var/spool, /var/tmp, /tmp and other places where unprivileged users can
> write, should be mounted nosuid and even better noexec. It seems that this
> could prevent the attack, or at least make it much more difficult.
>
> As for point 2. it's a pity that dpkg is using /tmp and /var/lib/dpkg/ to run
> scripts during installation and removal of packages. It would be nice if
> whole /var could be mounted noexec.
>
# cat apt.conf.d/01remount
DPkg::Pre-Invoke {"if mount | awk '{print $3}' | grep -q '^/tmp$'; then
/bin/mount -o remount,exec /tmp; fi";};
DPkg::Post-Invoke {"if mount | awk '{print $3}' | grep -q '^/tmp$'; then
/bin/mount -o remount,noexec /tmp; fi";};
--
Martin Zobel-Helas | Debian System Administrator
Debian & GNU/Linux Developer | Debian Listmaster
Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870
GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870
--
To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/20101221221937.gs1...@ftbfs.de
Re: [SECURITY] [DSA 2134-1] Upcoming changes in advisory format
Hi, On Sat Dec 18, 2010 at 16:47:47 -0800, Vagrant Cascadian wrote: > On Sat, Dec 18, 2010 at 01:08:07PM +0100, Moritz Muehlenhoff wrote: > > Traditionally Debian security advisories have included MD5 check sums > > of the updated packages. This was introduced at a time when apt didn't > > exist yet and BIND was at version 4. > > > > Since apt cryptographically enforces the integrity of the archive for > > quite some time now, we've decided to finally drop the hash values > > from our advisory mails. > > thanks for all your work on the security team! i'm glad to hear this! > > > We'll also change some details of the advisory format in the upcoming > > months. > > i'm curious about some of the possible changes in the format. namely: > > will new advisories be in a machine parseable format? > > will it include a list of affected binary packages (in addition to source > packages)? ACK. +1 YAML? -- Martin Zobel-Helas | Debian System Administrator Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20101219102457.gn1...@ftbfs.de
Re: Upcoming etch point release
Hi, On Fri May 14, 2010 at 10:34:45 +0200, Johannes Wiedersich wrote: > Adam D. Barratt wrote: > > The next point release for the "etch" oldstable distribution, 4.0r9, is > > scheduled for Saturday, 22nd May. > > I guess this is rather a plain "formality" than an endorsement by the > project that this release is an up-to-date version of "etch" (say as far > as security is concerned). Maybe this should be pointed out more clearly > in order to avoid misunderstandings. before moving etch to archive.debian.org, it makes sense to integrate all pending DSAs into an point release. I am not even sure we can move DSAs into archive seperatly without breaking the GPG signature of the Release file. Cheers, Martin -- Martin Zobel-Helas | Debian System Administrator Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100514095119.gs1...@ftbfs.de
Re: ipv6 and security.debian.org
Hi, On Wed Jan 13, 2010 at 17:37:20 +0100, Eelco Jepkema wrote: > Hi, > > I've recently been allocated an ipv6 block to test ipv6 with. This > however has created a problem for me. > > # ping6 security.debian.org > PING security.debian.org(2001:a78::16) 56 data bytes > 64 bytes from 2001:a78::16: icmp_seq=1 ttl=58 time=117 ms > 64 bytes from 2001:a78::16: icmp_seq=2 ttl=58 time=58.3 ms That looks good. > > # dig -t security.debian.org > > ; <<>> DiG 9.5.1-P3 <<>> -t security.debian.org > ;; global options: printcmd > ;; Got answer: > ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40453 > ;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0 > > ;; QUESTION SECTION: > ;security.debian.org. IN > > ;; ANSWER SECTION: > security.debian.org.263 IN 2001:a78::16 > security.debian.org.263 IN 2001:8d8:2:1:6564:a62:0:2 > security.debian.org.263 IN 2001:a78::1a That is european view from GeoDNS. > > This seems to work then. Now however I do "apt-get update" but it hangs > on security.debian.org. > > Am i doing something wrong or is security.debian.org doing something > wrong (i.e. not making the mirrors available on http ipv6)? > > On a related note, as a workaround for this problem I went looking for a > '-4' option (or alike) to force apt-get to use ipv4 but couldn't find > one. Is such an APT config option available? Can you give us a tcptraceroute6 to from your machine to security.d.o? Greetings Martin -- Martin Zobel-Helas | Debian System Administrator Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Re: [SECURITY] [DSA 1633-1] New slash packages fix multiple vulnerabilities
Hi, On Mon Sep 01, 2008 at 20:55:11 +0200, [EMAIL PROTECTED] wrote: > *** out of office auto-reply *** unsubscribed. -- Martin Zobel-Helas <[EMAIL PROTECTED]> | Debian System Administrator Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 1615-1] New xulrunner packages fix several vulnerabilities
Hi, On Wed Jul 23, 2008 at 16:41:49 -0500, Bob Tanner wrote: > > On Jul 23, 2008, at 3:44 PM, [EMAIL PROTECTED] wrote: > > >Hello. I am on vacation and out of the office from July 20th to July > >27th. If you need assistance with e-mail, web hosting, or technical > >support, please leave a message with Danny Beckett or Ray Brown at > >616-301-1037. If you have any other questions or messages, please > >leave a detailed message at 616-301-1037. > > > Please unsubscribe [EMAIL PROTECTED] from the mailing list. done. please report such persons to [EMAIL PROTECTED] -- Martin Zobel-Helas <[EMAIL PROTECTED]> | Debian Release Team Member Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: clamav.* package versions (etch)
Hi, On Thu May 29, 2008 at 22:04:21 -0400, Jim Popovitch wrote: > My experience, from when I ran a volatile mirror, was that the > team/person responsible had too many other priorities (hey, that's > life). If Debian needs some assistance in pushing releases to > mirrors, then please please let someone know. Is is already escalated, and we are working on that problem getting fixed. clamav will be available in a few minutes. Greetings Martin -- Martin Zobel-Helas <[EMAIL PROTECTED]> | Debian Release Team Member Debian & GNU/Linux Developer | Debian Listmaster Public key http://zobel.ftbfs.de/5d64f870.asc - KeyID: 5D64 F870 GPG Fingerprint: 5DB3 1301 375A A50F 07E7 302F 493E FB8E 5D64 F870 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
Hi, On Fri Dec 28, 2007 at 19:19:50 -0500, Jim Popovitch wrote: > On Fri, 2007-12-28 at 22:36 +0100, Martin Zobel-Helas wrote: > > On Fri Dec 28, 2007 at 22:10:08 +0100, Wolfgang Jeltsch wrote: > > > However, I cannot see any security announcement for most of these. Were > > > they > > > updated because of the security fix for tar? If yes, why doesn’t the > > > security announcement mention that updated versions are available also > > > for > > > those packages? > > > > see > > http://lists.debian.org/debian-announce/debian-announce-2007/msg4.html > > Martin, > > First, I (and many others) appreciate your and everyone else's work on > Debian. That said, I too am confused by the latest Debian 4.0 release. > It seems to me that, in the past, all Debian patches were released with > DSAs (why patch w/o a DSA?), and that further updates to the core > release (Potato, Sid, Sarge, Etch, etc) were only a roll-up of > previously issued DSAs. I don't recall new functionality ever being > added in a core release update bundle (although I could be wrong). You are (mostly) wrong here. Most of the packages mentioned under "Miscellaneous Bugfixes" in the Release Announcement are just bug fixes, several of them also have CVE numbers, of which the security team thinks which are not so important to fix. Others just add missing dependencies without those the package would not be able to run. Also other packages just get RC bugs fixed. The only package which got REAL updates this time was the Debian Linux Kernel, to support eg. SGI o2 machines. Also some (sub-)architectures were missing some important kernel modules the other (sub-)archtitectures had, so we considered that as worth for updating the kernel. > Consider that some people, such as myself, only update servers based on > review of public DSA statements. Yet now we find ourselves with > multiple days of updates to multiple pkgs, but no corresponding DSA > announcements to cross reference for validity (which can easily make one > suspect a mirror has been hacked). Thus we try to send out the announcement to that 'point release' very short after packages have been pushed out to the mirrors (read as in: within one day). We cannot send it directly after the dinstall process, as only the tier-1 mirrors then would have those packages, but not tier-2 and tier-3 mirrors. Also consider some mirrors only update by cron twice a day. > Since I'm not the only one confused by the recent updates, can we get > some clarification on this process please. Specifically, is it > currently Debian policy to release non-critical pkg updates, i.e. > releases without DSAs, in periodic core release rollups? (is this new or > has it been so in the past?) Could Debian be better served by calling > the rollup (including new non-critical updates) a new release (i.e 4.1)? These releases are called 'point releases' and are prepared publicly. Preperation mails to these point releases are periodicly sent to [EMAIL PROTECTED] Also prior releases had 'Miscellaneous Bugfixes', see eg. [2]. The list of 'Miscellaneous Bugfixes' just got a bit bigger, as the last point releases was for various reasons not 2 but 6 month ago. Also my predecessor, Joey Schulze, was much more strict regarding 'Miscellaneous Bugfixes', and several Debian Developers expressed the wish that his rules should be eased a bit. We are still very strict regarding these bugfixes but not as strict as he was. I hereby will also say that these bugfixes (and point releases) will happen in future as well, so be prepared to it. You really should read [EMAIL PROTECTED], as all these updates will be announced to that mailing list. Hope that eMail helps a bit to clarify. Greetings Martin [1] http://lists.debian.org/debian-release/2007/12/msg00203.html or http://lists.debian.org/debian-release/2007/12/msg00254.html [2] http://lists.debian.org/debian-announce/debian-announce-2007/msg3.html or http://lists.debian.org/debian-announce/debian-announce-2007/msg0.html -- [EMAIL PROTECTED] /root]# man real-life No manual entry for real-life -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 1438-1] New tar packages fix several vulnerabilities
Hi, On Fri Dec 28, 2007 at 22:10:08 +0100, Wolfgang Jeltsch wrote: > Am Freitag, 28. Dezember 2007 16:29 schrieb Florian Weimer: > > > > Debian Security Advisory DSA-1438-1 [EMAIL PROTECTED] > > http://www.debian.org/security/ Florian Weimer > > December 28, 2007 http://www.debian.org/security/faq > > > > > > Package: tar > > Vulnerability : several > > Problem type : local(remote) > > Debian-specific: no > > CVE Id(s) : CVE-2007-4131, CVE-2007-4476 > > > > Several vulnerabilities have been discovered in GNU Tar. > > Hello, > > during the last six days, updates of the following packages were available > via > security.debian.org: wrong. > debconf > debconf-i18n > findutils > klibc-utils > libc6 > libc6-i386 > libklibc > libpam-modules > libpam-runtime > libpam0g > linux-image-2.6.18-5-amd64 > locales > tar > tzdata > > However, I cannot see any security announcement for most of these. Were they > updated because of the security fix for tar? If yes, why doesn’t the > security announcement mention that updated versions are available also for > those packages? see http://lists.debian.org/debian-announce/debian-announce-2007/msg4.html -- [EMAIL PROTECTED] /root]# man real-life No manual entry for real-life -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: security.debian.org: MD5Sum mismatch
Hi, On Fri Aug 17, 2007 at 13:12:34 +0200, Lupe Christoph wrote: > On Friday, 2007-08-17 at 10:46:32 +, [EMAIL PROTECTED] wrote: > > On Fri, Aug 17, 2007 at 12:20:34PM +0200, Lupe Christoph wrote: > > > > I *wish* those updates > > > were atomic, but they probably arent'. > > > why not though ? > > Because they involve a lot of files. You would have to use two areas > that contain alternating generations and switch the (http|ftp|rsync) > servers between them. Only that switch can be atomic. > > Doing this would make the operation of the server a lot more complicated > and thus less robust. Official debian mirrors usually should use rsync --delay-updates --delete-after to avoid such problems. I am using that now for quite a while on debian.netcologne.de, and didn't hear any user in the last years complaining our mirror would be broken. Greetings Martin -- [EMAIL PROTECTED] /root]# man real-life No manual entry for real-life -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: verifying archive signature keys?
Hi, On Wed Aug 15, 2007 at 10:54:02 +0200, Hadmut Danisch wrote: > Hi, > > just a question because someone had asked me for help. The problem was > that apt-get update had complained about not beeing able to verify > signatures due to a missing pgp key. > > Was easy to tell to do > gpg --recv-key A70DAF536070D3A1 > gpg -a --export A70DAF536070D3A1 | sudo apt-key add - > > > > but: How would one verify that this key is the correct debian > key (and not, e.g. the key used by an intruder to fake packages and > simply uploaded to public key repositories)? > > > gpg --check-sigs A70DAF536070D3A1 > > lists some signatures of several people, but none that I personally > know, I don't even know whether these people actually exist. The best way to check this, is to check against the Debian Keyring. Either you download the Debian Keyring from keyring.debian.org like: rsync -az --progress \ keyring.debian.org::keyrings/keyrings/debian-keyring.gpg \ ./debian-keyring.gpg and check against this keyring, or you check the Key-IDs via http://db.debian.org/, but you need the fingerprint of those key IDs then. Greetings Martin -- [EMAIL PROTECTED] /root]# man real-life No manual entry for real-life -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: security mirror out of date: 128.101.240.212
Hi, On Mon May 14, 2007 at 17:17:13 -0400, Jim Popovitch wrote: > On Tue, 2007-05-15 at 00:14 +0300, Tomas Nykung wrote: > > What I don't understand is why I always got the bad mirror, regardless > > how many times I tried to rerun aptitude/apt-get update both yesterday > > and today (and on two computers while the first one I upgraded did get > > the upgrade without any problem). > > > > The only way I could get the upgraded kernel version was to wget it > > and install i by hand. > > > > Not that I will lose any sleep because of this ;) but if someone have > > time to shed some light on this I would be grateful. > > it's pre-defined in /etc/hosts? > > local (or upstream) cache is stale? > > random luck? no. Bad karma. -- [EMAIL PROTECTED] /root]# man real-life No manual entry for real-life -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#417328: links2: should not be part of any stable release
Package: links2 Version: 2.1pre16-1 Severity: serious Tags: security Justification: seem to buggy to be supported by the security team Hi, on December 21st, DSA 1240 was released from a member of the security team. It was issued to fix 'arbitrary shell command execution'. Within a week the stable release team informed the security team, that the DSA was not release with all architectures. The security team was reminded about this issue from me several times, please see Message-ID: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Message-ID: <[EMAIL PROTECTED]> Even our DPL and FTP-Master aj became active on that and offered the build logs to become available to all security team members (embargoed and non-embargoed team). Also the security team got reminded about that issue several times on IRC in #debian-security. This issue stands now for 3.5 month without reaction from the security team. Therefor i conclude that the security team is a) either unwilling to support links2 in stable or b) this package is too buggy to be supported. I therefore propose also to remove this package from stable with the next point release (to be happen on Thursday or Friday this week) and advice the rest of the release team to do the same for Etch. Greetings Martin System Information: Debian Release: 4.0 APT prefers testing APT policy: (1003, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages links2 depends on: ii libc6 2.3.6.ds1-13 GNU C Library: Shared libraries ii libdirectfb-0.9-250.9.25.1-5 direct frame buffer graphics - sha ii libgpmg1 1.19.6-25 General Purpose Mouse - shared lib ii libjpeg62 6b-13 The Independent JPEG Group's JPEG ii libpng12-01.2.15~beta5-1 PNG library - runtime ii libssl0.9.8 0.9.8c-4 SSL shared libraries ii libsvga1 1:1.4.3-24 console SVGA display libraries ii libtiff4 3.8.2-7Tag Image File Format (TIFF) libra ii libx11-6 2:1.0.3-6 X11 client-side library ii zlib1g1:1.2.3-13 compression library - runtime links2 recommends no packages. -- no debconf information signature.asc Description: Digital signature
Re: Fabien Trauchessec est absent(e).
Hi Fabien, On Mon Nov 27, 2006 at 10:31:59 -0500, [EMAIL PROTECTED] wrote: > My auto-reply software sends severals messages to the debian-security > mailing-list. > Now my address is on google and I began to recieve some spam. The Debian-Listarchives-Policy is to NOT remove or alter any postings if they are published. Even if we would, it wouldn't help, as our lists are archived elsewhere, so once an email has been accepted it is out in the wild with its entire content and addresses and theres no way to get it back. Please see http://www.debian.org/MailingLists/#disclaimer and http://www.debian.org/MailingLists/disclaimer Greetings Martin, with his listmaster's hat on -- [EMAIL PROTECTED] /root]# man real-life No manual entry for real-life -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: bind9 security problem?
On Sat Nov 04, 2006 at 10:30:55 +0100, Adrian von Bidder wrote: > Yodel! > > Is there a security problem in some bind version? Or in some syncml-related > application? Or is somebody just being silly? I have these in my logs: > > === > Nov 3 15:35:03 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'cscursor.so/NS/IN': myforwarderip1#53 > Nov 3 15:35:03 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'pptpd-logwtmp.so/NS/IN': myforwarderip1#53 > Nov 3 15:35:03 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'libsyncml_plugin.so/NS/IN': myforwarderip1#53 > Nov 3 15:35:03 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'libgnutls.so/NS/IN': myforwarderip1#53 > Nov 3 15:35:05 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'cscursor.so/NS/IN': myforwarderip2#53 > Nov 3 15:35:05 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'pptpd-logwtmp.so/NS/IN': myforwarderip2#53 > Nov 3 15:35:05 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'libsyncml_plugin.so/NS/IN': myforwarderip2#53 > Nov 3 15:35:05 myhost named[8286]: unexpected RCODE (SERVFAIL) resolving > 'libgnutls.so/NS/IN': myforwarderip2#53 > Nov 3 15:35:08 myhost named[8286]: unexpected RCODE (REFUSED) resolving > 'cscursor.so/NS/IN': someip#53 > Nov 3 15:35:08 myhost named[8286]: unexpected RCODE (REFUSED) resolving > 'libsyncml_plugin.so/NS/IN': someip#53 > Nov 3 15:35:08 myhost named[8286]: unexpected RCODE (REFUSED) resolving > 'pptpd-logwtmp.so/NS/IN': someip#53 > Nov 3 15:35:08 myhost named[8286]: unexpected RCODE (REFUSED) resolving > 'libgnutls.so/NS/IN': someip#53 > Nov 3 15:35:08 myhost named[8286]: lame server resolving 'cscursor.so' (in > 'so'?): someotherip#53 > Nov 3 15:35:08 myhost named[8286]: lame server resolving > 'libsyncml_plugin.so'(in 'so'?): someotherip#53 > Nov 3 15:35:08 myhost named[8286]: lame server resolving 'pptpd-logwtmp.so' > (in 'so'?): someotherip#53 > Nov 3 15:35:08 myhost named[8286]: lame server resolving 'libgnutls.so' (in > 'so'?): someotherip#53 > === I also have them quite often in my logs, but did not yet found out, what they come from. -- [EMAIL PROTECTED] /root]# man real-life No manual entry for real-life -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: bug in tar 1.14-2.1
Hi Andi, On Monday, 27 Mar 2006, you wrote: > * Martin Zobel-Helas ([EMAIL PROTECTED]) [060324 16:00]: > > Looks like just rebuilding the security version resolves that error, for > > whatever reason. Julien and me just cross checked that and got the same > > result. > > > > If noone minds we reupload tar with a bumped version number to s-p-u. > > Is a binary-only upload enough? If so, why not just queue a binNMU by > the buildd? (And one should check all the archs BTW, and also add a test > suite one day :) as Julien and me found out, tar works only if either ssh is installed or the correct enviroment variables are set. As ssh is not installed per default in buildd enviroment we need to patch the rules-file to get the correct enviroment variables set. So, no, binNMU is not enough (only if you can persue all buildd maintainers to install ssh inside the changeroot per default ;) ) Greetings Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: bug in tar 1.14-2.1
Hi mollo, On Sunday, 19 Mar 2006, you wrote: > On Tue, 7 Mar 2006 15:19:58 +0100 > using tar 1.14-2.1 > > fw:/home/mathieu# tar --rmt-command=/usr/sbin/rmt -cvf > '[EMAIL PROTECTED]:/home/mathieu/test.tgz' /etc tar: > [EMAIL PROTECTED]:/home/mathieu/test.tgz: Cannot open: Input/output > error tar: Error is not recoverable: exiting now ack, same here. i can reproduce that error. > > > using old tar 1.14-2 : > > fw:/home/mathieu# tar.ori --rmt-command=/usr/sbin/rmt -cvf > '[EMAIL PROTECTED]:/home/mathieu/test.tgz' /etc/ssh Password: > tar.ori: Removing leading `/' from member names > /etc/ssh/ Looks like just rebuilding the security version resolves that error, for whatever reason. Julien and me just cross checked that and got the same result. If noone minds we reupload tar with a bumped version number to s-p-u. Greetings Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: problem with unsubscribe
Hi Thomas, looks like you are subscribed to debian-security-announce@lists.debian.org You can either go to http://lists.debian.org/debian-security-announce/ and use the unsubscribe function there or you send a mail to [EMAIL PROTECTED] with the subject "unsubscribe". If you are not sure with which address you are subscribed, have a look on the header of the mail. Usualy you find your mail-address in "Return-Path:" eg. for my mail address, this looks like: Return-Path: [EMAIL PROTECTED] which means that [EMAIL PROTECTED] is subscribed to [EMAIL PROTECTED] Greetings Martin On Monday, 13 Feb 2006, you wrote: > Hi, > > I've got a problem with your list. I can't unsubscribe. > > The problem is, that i can't remember with which address i've subscribed > for this list. > > Can you remove all @oberhausser.ch mail addresses or tell me who can do > that? > > > Sorry, that i write list-problems to you, but i don't know who can help... > > > Thanks in advance > Thomas Oberhausser -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 930-1] New smstools packages fix format string vulnerability
Hi Thijs, On Monday, 09 Jan 2006, you wrote: > Michael Stone wrote: > >Vulnerability : format string attack > >Problem-Type : local > >Debian-specific: no > >CVE ID : CVE-2006-0083 > > > >Ulf Harnhammar from the Debian Security Audit project discovered a > >format string attack in the logging code of smstools, which may be > >exploited to execute arbitary code with root privileges. > > > >The old stable distribution (woody) does not contain smstools package. > > > >For the stable distribution (sarge) this problem has been fixed in > >version 1.14.8-1sarge0. > > > >For the unstable distribution the package will be updated shortly. > > > It's great to hear that unstable will be fixed soon, but why wasn't > there a grave bug filed against the package? If for some reason the > maintainer misses this DSA, it is lateron unknown that the version in > unstable is vulnerable and still needs to be fixed... you are right, but also the testing security team usually tracks this kinds of bugs so i guess (if it is not filed already) it will do so soon. Greetings Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 701-1] New samba packages fix arbitrary code execution (fwd)
Hi Rolf.Joschke, On Monday, 04 Apr 2005, you wrote: > > Dear Martin, > > I have been unable to find the security-fixed version samba 3.0.10-1. Can > you mail me the URL where to get it from. > have a look on http://packages.debian.org/testing/net/samba and choose your architecture. Greetings Martin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
