Re: MySQL Bug#21074 fixed in 5.0.32-7etch8 ?
Am Thu, 06 Nov 2008 14:24:24 +0100 schrieb Janosch Siller: > sorry but i did not find any information if the MySQL Bug #21074 (Large > query_cache freezes mysql server sporadically under heavy load) is fixed > in 5.0.32-7etch8 . > Can anybody please confirm if this is fixed or not? It's not fixed in 5.0.32-7etch8. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mysql-dfsg-5.0 CVE-2007-6303
Am Mon, 29 Sep 2008 15:08:10 +0200 schrieb Jan Christoph Ebersbach: > I was looking at the security issues regarding the mysql-server and I'm > wondering why CVE-2007-6303 does not seem to be fixed in Debian but in > all other major distributions. Fixed since 5.0.45-5, 5.0.32 from etch was not affected. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: What is a security bug?
* Michelle Konzack wrote: > Unfortunatly it is not possibel to open two instances of mozilla. You can run multiple instances of mozilla using different profiles. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 879-1] New gallery packages fix privilege escalation
* Martin Schulze wrote: > A bug in gallery has been discoverd that grants all registrated > postnuke users full access to the gallery. Huh? Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Unusual incoming traffic detected from klecker.debian.org and sou rce.rfc822.org
* Mathieu JANIN wrote: > I detected some unexpected incoming traffic from klecker.debian.org > (ports TCP 4672, 4668), and source.rfc822.org (port TCP 1794), all > coming from port 80 at 12:17 yesterday. > > I was updating my system at that time, but klecker.debian.org is not > in my sources (or perharps with an other name). klecker.debian.org is security.debian.org, source.rfc822.org is ftp2.de.debian.org. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Security fixes for mozilla and firefox in Sarge?
* Paul Gear wrote: > Sam Morris wrote: > > I'm attaching a diff against mozilla-firefox_1.0.6-1.diff that > > makes Firefox 1.0.6 build on Sarge. > > I've been trying to build Firefox 1.06 based on the current unstable > sources (1.0.6-3 instead of 1.0.6-1), but i'm not sure where your > patch should be used in the process. I already did that for 1.0.6-2, and update it to 1.0.6-3 as soon as I'll find some time. http://www.backports.org/incoming/mozilla-firefox/ Regards, Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: On Mozilla-* updates
* Matthias Westphal wrote: > 2) why wasnt firefox 1.04 removed off the package list immediately > if the problem couldnt be fixed in time ? Read this thread again. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 715-1] New cvs packages fix unauthorised repository access
* Martin Schulze wrote: > For the unstable distribution (sid) these problems have been fixed > in version 1.12.9-11. This should be 1.12.9-12, which was never uploaded (-13 was uploaded today). Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: {Spam?} Re: woody kernel image
* Michelle Konzack wrote: > There will be no new version of 2.4.XX Wrong. Message-ID: <[EMAIL PROTECTED]> Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: woody kernel image
* Michelle Konzack wrote: > Am 2005-01-29 14:45:37, schrieb Harald Krammer: > > You are right, but why is the kernel image from woody not up-to > > date ? > > There are Security Updates for kernel 2.4.18 The last update for kernel-source-2.4.18 in stable was in April 2004. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: [SECURITY] [DSA 536-1] New libpng, libpng3 packages fix multiple vulnerabilities
* Josselin Mouette wrote: > On mer, 2004-08-04 at 19:10 -0700, Matt Zimmerman wrote: > > For the unstable distribution (sid), these problems will be fixed > > soon. > > I've just uploaded fixed packages for unstable; however I've noticed > mozilla still crashes on the crafted PNG provided by Chris Evans. It > seems that /usr/lib/mozilla/components/libimglib2.so is not > dynamically linked with libpng, but still includes code from it. Maybe that's the reason why mozilla.org released new versions of mozilla, mozilla-thunderbird and mozilla-firefox. Norbert
Re: Backporting SELinux to woody
* Milan P. Stanic wrote: > Can I put in version something like libselinux1_1.6-0.1-bp.mps_i386.deb > instead of libselinux1_1.6-0.1_i386.deb? Well, if 1.6-0.1 will be in our next stable release, your backport will not be replaced with the version from stable. I'd suggest using libselinux1_1.6-0.0-bp.mps_i386.deb instead. Norbert
Re: Backporting SELinux to woody
* Milan P. Stanic wrote: > Can I put in version something like libselinux1_1.6-0.1-bp.mps_i386.deb > instead of libselinux1_1.6-0.1_i386.deb? Well, if 1.6-0.1 will be in our next stable release, your backport will not be replaced with the version from stable. I'd suggest using libselinux1_1.6-0.0-bp.mps_i386.deb instead. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: mozilla - the forgotten package?
* Sven Hoexter wrote: > On Wed, Mar 10, 2004 at 08:48:02PM +0100, Florian Weimer wrote: [...] > > Okay, if that's the case, I'm going to start a campaign for > > including Mozilla 1.4 (plus fixes) in stable. > > Well why just include 1.4 and not 1.6? I know that the backports.org > mozilla packages are working at least on i386. They aren't working on alpha. Norbert
Re: mozilla - the forgotten package?
* Sven Hoexter wrote: > On Wed, Mar 10, 2004 at 08:48:02PM +0100, Florian Weimer wrote: [...] > > Okay, if that's the case, I'm going to start a campaign for > > including Mozilla 1.4 (plus fixes) in stable. > > Well why just include 1.4 and not 1.6? I know that the backports.org > mozilla packages are working at least on i386. They aren't working on alpha. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Antivirus for proxy
* Raffaele D'Elia wrote: > This antivirus should protect web clients, not the proxy itself: I'm > quite sure I've already protected the server choosing debian... Try mod_clamav, it's a apache2 module, and it works quite well here. The only bad news is that there's currently no Debian package for it, but it's on my TODO list. Norbert
Re: Antivirus for proxy
* Raffaele D'Elia wrote: > This antivirus should protect web clients, not the proxy itself: I'm > quite sure I've already protected the server choosing debian... Try mod_clamav, it's a apache2 module, and it works quite well here. The only bad news is that there's currently no Debian package for it, but it's on my TODO list. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Faked samba packages / rootkit?
* Markus Schabel wrote: > Does anybody know of these samba packages? > > http://ftp.cvut.cz/samba/samba-latest.tar.gz > > AFAICS they are faked and contain some kind of rootkit (you can see > this in the history below. the server this history is from is taken > offline for security reasons, and nobody is there till 7th Jan I > can't give you more details) Verify the file with the Samba Distribution Verification Key. Norbert
Re: Faked samba packages / rootkit?
* Markus Schabel wrote: > Does anybody know of these samba packages? > > http://ftp.cvut.cz/samba/samba-latest.tar.gz > > AFAICS they are faked and contain some kind of rootkit (you can see > this in the history below. the server this history is from is taken > offline for security reasons, and nobody is there till 7th Jan I > can't give you more details) Verify the file with the Samba Distribution Verification Key. Norbert -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: What will be old configurations if new kernel installed
* E&Erdem wrote: > I have not upgraded kernel before this. What will be my > configurations? For example my old modules (sound, eth, USB, > iptables etc.) will been changed? They are still available with the new kernel. If you have added them to /etc/modules they will be loaded while booting the new kernel. When you install the new kernel, read the output carefully, and follow the described steps especially for the initrd stuff. -- - nobse
Re: What will be old configurations if new kernel installed
* E&Erdem wrote: > I have not upgraded kernel before this. What will be my > configurations? For example my old modules (sound, eth, USB, > iptables etc.) will been changed? They are still available with the new kernel. If you have added them to /etc/modules they will be loaded while booting the new kernel. When you install the new kernel, read the output carefully, and follow the described steps especially for the initrd stuff. -- - nobse -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian servers "hacked"?
* Thomas Sjögren wrote: [...] > Server security mishap - you think?! http://luonnotar.infodrom.org/~joey/debian-announce.txt -- - nobse -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Debian servers "hacked"?
* Thomas Sjögren wrote: [...] > Server security mishap - you think?! http://luonnotar.infodrom.org/~joey/debian-announce.txt -- - nobse
Re: new open udp port with bind 9.2.3rc
* Christoph Moench-Tegeder wrote: > BIND binds to a socket for outgoing querys. But he already did that in > 9.2.2 (at least he does here). Looks like BIND doesn't open a socket for outgoing queries when it's running only as a forwarder. -- - nobse
Re: new open udp port with bind 9.2.3rc
* Christoph Moench-Tegeder wrote: > BIND binds to a socket for outgoing querys. But he already did that in > 9.2.2 (at least he does here). Looks like BIND doesn't open a socket for outgoing queries when it's running only as a forwarder. -- - nobse -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: new open udp port with bind 9.2.3rc
* Mark Ferlatte <[EMAIL PROTECTED]> wrote: > Norbert Tretkowski said on Mon, Sep 29, 2003 at 03:34:16PM +0200: > > I've upgraded to bind 9.2.3rc4 because of that new delegation-only > > feature, and I noticed that bind is opening a new udp port. > > > > , > > | udp0 0 0.0.0.0:43338 0.0.0.0:* > > 22720/named > > ` > > > > This is new, and didn't happen with 9.2.2. If I restart named, the port > > changed. What's this port for? > > rndc, I think. Aeh... rndc is on 953 tcp.
Re: new open udp port with bind 9.2.3rc
* Mark Ferlatte <[EMAIL PROTECTED]> wrote: > Norbert Tretkowski said on Mon, Sep 29, 2003 at 03:34:16PM +0200: > > I've upgraded to bind 9.2.3rc4 because of that new delegation-only > > feature, and I noticed that bind is opening a new udp port. > > > > , > > | udp0 0 0.0.0.0:43338 0.0.0.0:* > > 22720/named > > ` > > > > This is new, and didn't happen with 9.2.2. If I restart named, the port > > changed. What's this port for? > > rndc, I think. Aeh... rndc is on 953 tcp. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
new open udp port with bind 9.2.3rc
I've upgraded to bind 9.2.3rc4 because of that new delegation-only feature, and I noticed that bind is opening a new udp port. , | udp0 0 0.0.0.0:43338 0.0.0.0:* 22720/named ` This is new, and didn't happen with 9.2.2. If I restart named, the port changed. What's this port for?
new open udp port with bind 9.2.3rc
I've upgraded to bind 9.2.3rc4 because of that new delegation-only feature, and I noticed that bind is opening a new udp port. , | udp0 0 0.0.0.0:43338 0.0.0.0:* 22720/named ` This is new, and didn't happen with 9.2.2. If I restart named, the port changed. What's this port for? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Will Bind9 in stable get patched?
* Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > On Sun, 21 Sep 2003 at 12:58:54PM +0200, J.H.M. Dassen (Ray) wrote: > > On Sat, Sep 20, 2003 at 11:13:35 -0700, Bill Moseley wrote: > > > Will Bind9 in stable get the delegation-only patch? > > > > Probably not. Stable only gets updated for security issues. > > > > A Bind9 with the delegation-only patch is available for woody from > > http://people.debian.org/~lamont/ . > > Is the unstable version patched? If so one could 'apt-get source > --compile -t unstable bind9' No, unstable version is not patched, but ISC includes the delegation-only patch in 9.2.3rc3, which we already have in unstable.
Re: Will Bind9 in stable get patched?
* Phillip Hofmeister <[EMAIL PROTECTED]> wrote: > On Sun, 21 Sep 2003 at 12:58:54PM +0200, J.H.M. Dassen (Ray) wrote: > > On Sat, Sep 20, 2003 at 11:13:35 -0700, Bill Moseley wrote: > > > Will Bind9 in stable get the delegation-only patch? > > > > Probably not. Stable only gets updated for security issues. > > > > A Bind9 with the delegation-only patch is available for woody from > > http://people.debian.org/~lamont/ . > > Is the unstable version patched? If so one could 'apt-get source > --compile -t unstable bind9' No, unstable version is not patched, but ISC includes the delegation-only patch in 9.2.3rc3, which we already have in unstable. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: Kernel 2.4.21+grsecurity+p-o-m
* Federico Lazcano <[EMAIL PROTECTED]> wrote: > Hi, i'm using the official kernel 2.4.21, and I've patched it with the > following > > + IPSEC patch from Debian > + patch-omatic H.323 patch from www.netfilter.org > + grsecurity patch para kernel 2.4.21 > > Anyone knows conflicts or problems? Depending on your grsecurity kernel configuration, it can break dpkg-reconfigure locales.
Re: Kernel 2.4.21+grsecurity+p-o-m
* Federico Lazcano <[EMAIL PROTECTED]> wrote: > Hi, i'm using the official kernel 2.4.21, and I've patched it with the > following > > + IPSEC patch from Debian > + patch-omatic H.323 patch from www.netfilter.org > + grsecurity patch para kernel 2.4.21 > > Anyone knows conflicts or problems? Depending on your grsecurity kernel configuration, it can break dpkg-reconfigure locales. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: PTRACE Fixed?
* Matteo Moro <[EMAIL PROTECTED]> wrote: > "Laurent Tickle" <[EMAIL PROTECTED]> wrote: > > [...] a patch who work on Kernel 2.2.X and 2.4.X ;) > > It's 2.4.20 only... :-P That bug was the reason why 2.2.25 was released.
Re: PTRACE Fixed?
* Matteo Moro <[EMAIL PROTECTED]> wrote: > "Laurent Tickle" <[EMAIL PROTECTED]> wrote: > > [...] a patch who work on Kernel 2.2.X and 2.4.X ;) > > It's 2.4.20 only... :-P That bug was the reason why 2.2.25 was released. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: the slrn-0.9.6.2 -hole
* Juha Jäykkä wrote: > I have a woody which would need slrn removed if woody's newest > version (that is, 0.9.7.2-4) is vulnerable. Use 0.9.7.2-6 from unstable. pgpsG51eOWdLu.pgp Description: PGP signature
