lug-bg: Debian Openssl vulnerability
Novinata e malko stara no vse pak ako niakoi ne e razbral :) Debian : ASN.1 parsing vulnerability - --Debian Security Advisory DSA 394-1 [EMAIL PROTECTED]http://www.debian.org/security/ Martin SchulzeOctober 11th, 2003 http://www.debian.org/security/faq- -- Package : openssl095Vulnerability : ASN.1 parsing vulnerabilityProblem-Type : remoteDebian-specific: noCVE references : CAN-2003-0543 CAN-2003-0544 CAN-2003-0545Steve Henson of the OpenSSL core team identified and prepared fixesfor a number of vulnerabilities in the OpenSSL ASN1 code that werediscovered after running a test suite by British NationalInfrastructure Security Coordination Centre (NISCC).A bug in OpenSSLs SSL/TLS protocol was also identified which causesOpenSSL to parse a client certificate from an SSL/TLS client when itshould reject it as a protocol error.The Common Vulnerabilities and Exposures project identifies thefollowing problems:CAN-2003-0543:Integer overflow in OpenSSL that allows remote attackers to cause adenial of service (crash) via an SSL client certificate withcertain ASN.1 tag values.CAN-2003-0544:OpenSSL does not properly track the number of characters in certainASN.1 inputs, which allows remote attackers to cause a denial ofservice (crash) via an SSL client certificate that causes OpenSSLto read past the end of a buffer when the long form is used.CAN-2003-0545:Double-free vulnerability allows remote attackers to cause a denialof service (crash) and possibly execute arbitrary code via an SSLclient certificate with a certain invalid ASN.1 encoding. This bugwas only present in OpenSSL 0.9.7 and is listed here only forreference.For the stable distribution (woody) this problem has beenfixed in openssl095 version 0.9.5a-6.woody.3.This package is not present in the unstable (sid) or testing (sarge)distribution.We recommend that you upgrade your libssl095a packages and restartservices using this library. Debian doesn't ship any packages thatare linked against this library.The following commandline (courtesy of Ray Dassen) produces a list ofnames of running processes that have libssl095 mapped into theirmemory space:find /proc -name maps -exec egrep -l 'libssl095' {} /dev/null \; | sed -e 's/[^0-9]//g' | xargs --no-run-if-empty ps --no-headers -p | sed -e 's/^\+//' -e 's/ \+/ /g' | cut -d ' ' -f 5 | sort | uniqYou should restart the associated services.Upgrade Instructions- wget urlwill fetch the file for youdpkg -i file.debwill install the referenced file.If you are using the apt-get package manager, use the line forsources.list as given below:apt-get updatewill update the internal databaseapt-get upgradewill install corrected packagesYou may use an automated update by adding the resources from thefooter to the proper configuration.Debian GNU/Linux 3.0 alias woody- Source archives:http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a-6.woody.3.dscSize/MD5 checksum: 631 ba6e597ab2db2984aef6c2a765ac29c0http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a-6.woody.3.diff.gzSize/MD5 checksum: 38851 6b197111a7068a7ea29ef55176771d89http://security.debian.org/pool/updates/main/o/openssl095/openssl095_0.9.5a.orig.tar.gzSize/MD5 checksum: 1892089 99d22f1d4d23ff8b927f94a9df3997b4Alpha architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_alpha.debSize/MD5 checksum: 497152 fe3d6854382f8dbe2d10f3f5700dd8f6ARM architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_arm.debSize/MD5 checksum: 402498 551b79fbb80903f174d6edeffd9869dfIntel IA-32 architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_i386.debSize/MD5 checksum: 399752 2a856ac6b45d41beb0bf78880b236966Motorola 680x0 architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_m68k.debSize/MD5 checksum: 376738 980e428e9b913672d939ebe77c18cd6dBig endian MIPS architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_mips.debSize/MD5 checksum: 412624 b8c7cc0b4dcbf1cf03480b93c78cd610Little endian MIPS architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_mipsel.debSize/MD5 checksum: 407388 de02385580cf33c344c1ffadcf8aed88PowerPC architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_powerpc.debSize/MD5 checksum: 425452 c3d04af89c64e6e9f0175e6cd4997058Sun Sparc architecture:http://security.debian.org/pool/updates/main/o/openssl095/libssl095a_0.9.5a-6.woody.3_sparc.debSize/MD5 checksum: 412196 ae1181c2873a304c583800459da53e5aThese files will probably be moved into the stable distribution onits next
lug-bg: ppp multilink
, Infotel2 (.. multilink), kak (slackware 8.1)? - http://www.Elmaz.com - ! A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: debian: cdrom vs internet
thanx za infoto... knoppixa/morphix-a e idealniq wariant da zapochna poleka leka da ucha i debian... On Wednesday 08 October 2003 16:36, raptor wrote: hi, setnah si cd-romite sys apt-cdrom, kak da go nakaram ako daden paket go ima w cd-to izobshto da ne tyrsi w internet za po nowi wersii.. ami apt vinagi ste predpo4ete po-nova versiq nezavisimo ot kyde e, dokato ne mu promenish misleneto ot /etc/apt/sources.list, /etc/apt/apt.conf ili /etc/ apt/preferences (man apt_preferences) ili ot command line options... Dokolkoto razbiram ti iskash ako go ima na CD-to i na http/ftp mirrors to nezavisimo ot versiqta da predpo4ete da to4i ot cd, a ako go nqma na cd-to togava da to4i ot mirrors. Ima mnogo na4ini, no naj-lesniq e da imash sources.list samo s add-nati CDROM's izto4nici, drug samo s http/ftp izto4nici i takyf s vsi4ki CDROM i ftp/http izto4nici i prosto da gi smenqsh kak si iskash i apt-get update sled tova. Ako vis4ko e v edin sources.list ste trqbva da izberesh nqkakvo diferencirane ili razdelenie kogto izvikvash apt-get. Osven tova mozhesh da ne izpylnqvash apt-cdrom add, a prosto mount-vash CD-to v /mnt/cdrom da re4em. Sled tova dobavqsh v sources.list dobavqsh archiva kato localen (s unikalen path, kojto ste izpolzvash za da diferencirash/razgrani4ish izto4nicite s -t): file:/mnt/cdrom/debian/ stable main i posle: apt-get install -t mnt/cdrom package ... mozhe da stane i po-slozhno s apt-cdrom add i net archives v sources.list, kato gledash s apt-cache policy package prioriteta za vseki URI i go promenqsh s pinning ot /etc/apt/preferences taka 4e da to4i ot CD-to dori i s po-malka version da e package i samo ako nqma takyf package na CD-to da to4i ot inet... mozhe da se polu4i taka, 4e apt da ti kazhe, 4e tazi selekciq koqto si izbral naprimer old version ot CD na daden paket i new version na drug paket kojto go nqma na CD-to i ste go to4ish ot inet mirrors e broken... i syotvetno ste izplue to4no kakvo mu lipsva i da mu razreshish da izto4i to4nite versions. Mozhe i apt-cache policy package, da vidish versiite, prioritetite i URI-tata i da mu kazhesh da proveri dali to4no dadena version na paket e installable, a ti ste izberesh tazi versiq koqto idva ot izto4nika CD. # apt-get install package=version Naprimer: Ako ima i depends za to4no tazi version na paketa i tqh razreshavash na apt premoderi ;-) A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
Re: lug-bg: Sendmail Mail Hub in chroot
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Redaktirano izdanie na documenta: http://www.lcpe.uni-sofia.bg/linuxdoc/sendmail/chroot-sendmail.html Specialni blagodarnosti na: George Danchev [EMAIL PROTECTED] za TeX redakciata i commint-a.. Vesselin Kolev On Monday 13 Oct 2003 12:48, Vesselin Kolev wrote: , Sendmail Mail Hub SSLv3/TLSv1 chroot Linux -BEGIN PGP SIGNATURE- Version: GnuPG v1.0.7 (GNU/Linux) iD8DBQE/i+1P+48lZPXaa+MRAvIcAKDqK8kt9PUhNJxHCjGGQvYPa1NqiACfbCUg Wj/cxz/1/fq6Rk//NYe3MsU= =Y0R/ -END PGP SIGNATURE- A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html
lug-bg: SMTP-AUTH
Íÿêîé äà å íàÿñíî äàëè â Mozilla (v1.4) ïîùåíñêèÿò êëèåíò ïîäúðæà ïðîòîêîëà SMTP-AUTH è îò êàäå ñå èçâúðøâà ñàìàòà íàñòðîéêà àêî èìà òàêàâà, àêî íÿìà äàëè èìà free ïðîãðàìà çà ÷åòåíå íà ïîùà, êîÿòî äà ãî ïîäúðæà. __ Do you Yahoo!? The New Yahoo! Shopping - with improved product search http://shopping.yahoo.com A mail-list of Linux Users Group - Bulgaria (bulgarian linuxers). http://www.linux-bulgaria.org - Hosted by Internet Group Ltd. - Stara Zagora To unsubscribe: http://www.linux-bulgaria.org/public/mail_list.html