Re: Flash plugin
On Thu, 6 Oct 2011, Yasha Karant wrote: On 10/06/2011 04:37 PM, Dag Wieers wrote: On Thu, 6 Oct 2011, Yasha Karant wrote: I realise that except for the Fermilab/CERN staff persons, almost all of the rest of those maintaining material for SL are unpaid volunteers. With that stated, what is the typical/average/median/whatever delay from the Adobe release until the SL compatible port for the flash plugin? In some cases, Adobe adds functionality -- but in most cases it is a matter of bug and security-hole fixes -- and the sooner one installs a valid security fix, the better. Do you have proof that this is a security fix. Because I track the RHEL packages and no such update has come through their channels. It seems as if the release was simply their official Flash Player 11 release, rather than a security fix. If it is a security fix, even Red Hat is behind. Somehow I don't believe that, but for you to provide proof of what you state. Thanks. I use the direct Mozilla (and OpenOffice) distributions and updates. For Firefox 7.x (that the Firefox update on Help -- About Firefox reports as up to date), I ran an update check on the addons, including plugins using Tools -- Add ons and URL https://www.mozilla.org/en-US/plugincheck/ and the following was displayed: Vulnerable plugins: Plugin Icon Shockwave Flash Shockwave Flash 11.0 r1 Vulnerable (more info) (11.0.1.129 is what actually is installed) Again, without any information it is hard to determine whether the plugincheck is mainly checking the version against the latest (known) available, or whether it actually knows about vulnerabilities. I bet the first option is what is implemented (because the second adds complexity without any real gain). Their aim is to have people running the latest. ALso, if we look at TUV, they still offer flash-plugin-10.3.183.10-1.el6, which is most likely not vulnerable (and which was the version offered by Repoforge until this morning too). In other words, we are now disconnected from the RHSA information. If you noticed a flash-plugin update from Adobe, feel free to let us know so we can update our flash-plugin package too. Thanks in advance, -- -- dag wieers, d...@wieers.com, http://dag.wieers.com/ -- dagit linux solutions, i...@dagit.net, http://dagit.net/ [Any errors in spelling, tact or fact are transmission errors]
Re: Flash plugin
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 The 64 bit version I installed an hour or so ago from the Adobe yum repo is: flash-plugin-11.0.1.152-release.x86_64 Dag Wieers wrote: | On Thu, 6 Oct 2011, Yasha Karant wrote: | | On 10/06/2011 04:37 PM, Dag Wieers wrote: | On Thu, 6 Oct 2011, Yasha Karant wrote: | | I realise that except for the Fermilab/CERN staff persons, almost all | of the rest of those maintaining material for SL are unpaid | volunteers. With that stated, what is the | typical/average/median/whatever delay from the Adobe release until | the | SL compatible port for the flash plugin? |In some cases, Adobe adds functionality -- but in most cases it | is a | matter of bug and security-hole fixes -- and the sooner one | installs a | valid security fix, the better. | | Do you have proof that this is a security fix. Because I track the RHEL | packages and no such update has come through their channels. It | seems as | if the release was simply their official Flash Player 11 release, | rather | than a security fix. | | If it is a security fix, even Red Hat is behind. Somehow I don't | believe | that, but for you to provide proof of what you state. Thanks. | | I use the direct Mozilla (and OpenOffice) distributions and updates. | For Firefox 7.x (that the Firefox update on Help -- About Firefox | reports as up to date), I ran an update check on the addons, including | plugins using Tools -- Add ons and URL | https://www.mozilla.org/en-US/plugincheck/ and the following was | displayed: | | Vulnerable plugins: | Plugin Icon | Shockwave Flash | Shockwave Flash 11.0 r1 Vulnerable (more info) | | (11.0.1.129 is what actually is installed) | | Again, without any information it is hard to determine whether the | plugincheck is mainly checking the version against the latest (known) | available, or whether it actually knows about vulnerabilities. | | I bet the first option is what is implemented (because the second adds | complexity without any real gain). Their aim is to have people running | the latest. | | ALso, if we look at TUV, they still offer | flash-plugin-10.3.183.10-1.el6, which is most likely not vulnerable (and | which was the version offered by Repoforge until this morning too). In | other words, we are now disconnected from the RHSA information. | | If you noticed a flash-plugin update from Adobe, feel free to let us | know so we can update our flash-plugin package too. | | Thanks in advance, - -- Robert E. Blair, Room C221, Building 360 Argonne National Laboratory (High Energy Physics Division) 9700 South Cass Avenue, Argonne, IL 60439, USA Phone: (630)-252-7545 FAX: (630)-252-5782 GnuPG Public Key: http://www.hep.anl.gov/reb/key.asc -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFOjqn/OMIGC6x7/XQRAhFvAJ9QBWWochI/ODbT+jfTvfM8YpxjLwCgrOxG qdBTZXJirs0EQgmSn2XL/Eg= =gp6S -END PGP SIGNATURE- attachment: reb.vcf smime.p7s Description: S/MIME Cryptographic Signature
Re: Flash plugin
On 2011/10/07 00:12, Dag Wieers wrote: On Thu, 6 Oct 2011, Yasha Karant wrote: On 10/06/2011 04:37 PM, Dag Wieers wrote: On Thu, 6 Oct 2011, Yasha Karant wrote: I realise that except for the Fermilab/CERN staff persons, almost all of the rest of those maintaining material for SL are unpaid volunteers. With that stated, what is the typical/average/median/whatever delay from the Adobe release until the SL compatible port for the flash plugin? In some cases, Adobe adds functionality -- but in most cases it is a matter of bug and security-hole fixes -- and the sooner one installs a valid security fix, the better. Do you have proof that this is a security fix. Because I track the RHEL packages and no such update has come through their channels. It seems as if the release was simply their official Flash Player 11 release, rather than a security fix. If it is a security fix, even Red Hat is behind. Somehow I don't believe that, but for you to provide proof of what you state. Thanks. I use the direct Mozilla (and OpenOffice) distributions and updates. For Firefox 7.x (that the Firefox update on Help -- About Firefox reports as up to date), I ran an update check on the addons, including plugins using Tools -- Add ons and URL https://www.mozilla.org/en-US/plugincheck/ and the following was displayed: Vulnerable plugins: Plugin Icon Shockwave Flash Shockwave Flash 11.0 r1 Vulnerable (more info) (11.0.1.129 is what actually is installed) Again, without any information it is hard to determine whether the plugincheck is mainly checking the version against the latest (known) available, or whether it actually knows about vulnerabilities. I bet the first option is what is implemented (because the second adds complexity without any real gain). Their aim is to have people running the latest. ALso, if we look at TUV, they still offer flash-plugin-10.3.183.10-1.el6, which is most likely not vulnerable (and which was the version offered by Repoforge until this morning too). In other words, we are now disconnected from the RHSA information. If you noticed a flash-plugin update from Adobe, feel free to let us know so we can update our flash-plugin package too. In that vein it seems odd to me that a 32 bit package would be accepted as an update for a 64 bit package. This seems to be to be a bug. {^_^}
Re: Flash plugin
On Fri, 7 Oct 2011, jdow wrote: In that vein it seems odd to me that a 32 bit package would be accepted as an update for a 64 bit package. This seems to be to be a bug. The reason is that some 64bit users have been using 32bit flash-plugins on 64bit. Repoforge for some time (and now Adobe) offer 64bit flash-plugin packages, but a lot of 64bit users have the 32bit repository enabled. Hence you get those conflicts. There is nothing I can do regarding this. Users having problems may have to change their configuration and use the 64bit plugin instead. The only thing that is under my control is keeping the flash-plugin up-to-date. Which is not that simple, because Red Hat is at flash-plugin v10 and Adobe does not release any security information, nor is there something I can subscribe to to get informed of updates. Although I did add the 32bit and 64bit repositories to my local mrepo instance. -- -- dag wieers, d...@wieers.com, http://dag.wieers.com/ -- dagit linux solutions, i...@dagit.net, http://dagit.net/ [Any errors in spelling, tact or fact are transmission errors]
Re: Flash plugin
On Fri, 7 Oct 2011, Robert E. Blair wrote: Dag Wieers wrote: | Again, without any information it is hard to determine whether the | plugincheck is mainly checking the version against the latest (known) | available, or whether it actually knows about vulnerabilities. | | I bet the first option is what is implemented (because the second adds | complexity without any real gain). Their aim is to have people running | the latest. | | ALso, if we look at TUV, they still offer | flash-plugin-10.3.183.10-1.el6, which is most likely not vulnerable (and | which was the version offered by Repoforge until this morning too). In | other words, we are now disconnected from the RHSA information. The 64 bit version I installed an hour or so ago from the Adobe yum repo is: flash-plugin-11.0.1.152-release.x86_64 Ok, let's hope I can kill this thread with actual vendor information instead. On the Adobe website, there's even no mention of flash-plugin v11. http://www.adobe.com/support/security/#flashplayer So as I suspected, the new v11 release is just the first official release announcement, which is *NOT* security-related. At least there is not information to support such claims, and no proof that the v10 offering is vulnerable. Wrt. to Red Hat not tracking flash-plugin security updates. As far as I can tell, TUV has the latest flash-plugin v10, so there is no security impact. TUV provides flash-plugin-10.3.183.10-1.el6, which is newer than the latest Adobe security bulletin from the Adobe page above. Executive summary: - Do not mix 32bit and 64bit flash-plugin packages. Decide which to use and stick to it. - New Adobe releases do not imply new security vulnerabilities. - Red Hat is offering a secure flash-plugin offering (even newer than the latest Adobe security bulletin), even when it is not the latest and greatest (just-released) v11. Please only reply to this thread if you have new information and some references to back it up. Thanks :-) -- -- dag wieers, d...@wieers.com, http://dag.wieers.com/ -- dagit linux solutions, i...@dagit.net, http://dagit.net/ [Any errors in spelling, tact or fact are transmission errors]
Re: Showing hostname on the gnome up toolbar
There's a project on SourceForge for a panel applet... http://giplet.sourceforge.net/ Note: I've never used this so you're on your own... You can also find various guides on line for creating your own applets. From: carlopmart carlopm...@gmail.com To: scientific-linux-us...@fnal.gov Sent: Thursday, October 6, 2011 7:19 AM Subject: Showing hostname on the gnome up toolbar Hi all, Somebody knows how can I configure up gnome toolbar to show the hostname near sound and clock preferencies?? (It is a SL6.1 laptop). Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com
Re: DNS/DHCP problems
I have not used multiple dhcp-ranges before. but it seems to me for the problem 2) When I set the tag for the pxeboot group, it was not honored by the DHCP. Why? for the dhcp-range command should it be. dhcp-range=tag:devbox,10.1.2.1,10.1.2.255,255.255.0.0,12h
Re: DNS/DHCP problems
Hi i was looking somemore and saw an example were the clients vendor class is used to divide the clients into groups, and hence assigned to different dhcp ranges by the server, http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2005q1/000117.html i think in the new version of dnsmasq tag: can be used instead of net:
Re: Flash plugin
On Fri, 7 Oct 2011, Vladimir Mosgalin wrote: On 2011.10.07 at 01:34:38 +0200, Dag Wieers wrote next: Evidently, a number of stock end-user applications, such as Firefox, Thunderbird, and the like, have security holes as well as bugs, and thus need regularly kept current. Do you have any proof of security problems ? Was there a security advisory for this release ? It's not as simple as that. There was no supported version of 64-bit flash 10 plugin. Information about security problems in betas and RCs of flash plugins aren't displayed on that page that you saw - it does, however, appear in news from adobe and in adobe blogs; but they don't add them to list of problems in final releases. I am nog arguing about that. But people using 64bit flash plugins did not have any security for months either. I personally don't care about security for people that don't care about security :) But that said, now that an official 64bit release is out, we have it too. Btw, 64-bit flash 10 plugin was even in more sorry state: there were lot of known security problems for it, but adobe stopped developing it and latest known (beta) version was said to be very vulnerable. Again, no arguing against that. If you look at the mail(s) I was replying too, I was answering to the general view that: - Not having the latest flash-plugin is a security problem - Red Hat is failing to provide a secure flash-plugin Both statements are false, unless you apply them (only) to already insecure situations (eg. 64bit beta). Which is more of a mental excercise anyway. -- -- dag wieers, d...@wieers.com, http://dag.wieers.com/ -- dagit linux solutions, i...@dagit.net, http://dagit.net/ [Any errors in spelling, tact or fact are transmission errors]
Re: unattended installation from DVD
On Thursday, October 06, 2011 09:50:06 PM Nico Kadel-Garcia wrote: Hmm. Did you try simply excluding NetworkManager? I've found it to be a maintenance nightmare with unannounced and unplanned changes, interfering with normal DHCP operations, standard server configurations, and VPN setups haphazardsly. Ripping it out entirely is one of my favorite steps for stabilizing a server or desktop setup. FWIW, I'm running an upstream EL box as a server (remote desktops as well as web, database, and file). Since it serves remote desktops, GNOME is installed, and thus NetworkManager. I haven't had any NM-related breakage; this is upstream EL6.1 fully updated, and running for several months as a server with multiple ethernets and some other tunneled connections.
Re: Showing hostname on the gnome up toolbar
On 10/07/2011 11:45 AM, Kevin Wood wrote: There's a project on SourceForge for a panel applet... http://giplet.sourceforge.net/ Note: I've never used this so you're on your own... You can also find various guides on line for creating your own applets. Many thanks Kevin ... I will try it. -- CL Martinez carlopmart {at} gmail {d0t} com
Major bug in libreOffice 3.43
There is a major problem with the spread sheet and how it error checks calculations. The example is: Spread Sheet cell K7 = K6+D7-H7-I7-J7 The displayed value is #value All cells are formatted as Dollars two decimal places. Tried to add $0.00 to all empty cells - did not change anything. If I remove the K6 cell from the calculation it now works but answere is now worthless. Tried to look up #value in help but it was not found. Good thing I didn't retire OpenOffice 3.3.2 on all systems in shop. Friday and a nice weekend and I may be stuck here removing libreoffice 3.4.3 from all machines in shop. Larry Linder
Error WARNING: Can't find Tcl configuration definitions
Hi all, I am trying to install tcltls libaries (http://tls.sourceforge.net) on a SL6.1 x86_64 laptop, but I can't. When I launch configure returns me this error: ./configure --prefix=/opt/tls --libdir=/opt/tls/lib --disable-threads checking for correct TEA configuration... ok (TEA 3.6) checking for Tcl configuration... configure: WARNING: Can't find Tcl configuration definitions In config.log appears this: $ ./configure --prefix=/opt/tls --libdir=/opt/tls/lib --disable-threads ## - ## ## Platform. ## ## - ## hostname = lapsl61.homelab.net uname -m = x86_64 uname -r = 2.6.32-131.12.1.el6.x86_64 uname -s = Linux uname -v = #1 SMP Wed Aug 24 13:32:23 CEST 2011 /usr/bin/uname -p = unknown /bin/uname -X = unknown /bin/arch = x86_64 /usr/bin/arch -k = unknown /usr/convex/getsysinfo = unknown hostinfo = unknown /bin/machine = unknown /usr/bin/oslevel = unknown /bin/universe = unknown PATH: /usr/local/sbin PATH: /usr/local/bin PATH: /sbin PATH: /bin PATH: /usr/sbin PATH: /usr/bin PATH: /root/bin ## --- ## ## Core tests. ## ## --- ## configure:1328: checking for correct TEA configuration configure:1347: result: ok (TEA 3.6) configure:1473: checking for Tcl configuration configure:1583: WARNING: Can't find Tcl configuration definitions I have installed tcl-devel and openssl-devel libraries needed to install this library, but it doesn't works ... On a SL6.1 i386 workstation I have installed without problems ... Any idea?? Thanks. -- CL Martinez carlopmart {at} gmail {d0t} com
libreoffice 3.4.3
Kids have added a twinkey box around the last used cell - does not follow active cell or #value or anything relevant. Its all eye candy - and no one cares about accuracy as long as its pretty. As my old grandmother said pretty is and pretty does you can add what you want to quote. G- Larry Linder
Re: libreoffice 3.4.3
Hello Larry, This may be something you want to bring up to the Libreoffice mailing list. I would assume that TUV only packages the software, not modifies it - and they would definitely have more expertise in their software than the SL mailing list folks :) LibreOffice mailing lists: http://www.libreoffice.org/get-help/mailing-lists/ -Chris On 2011-10-07, at 1:17 PM, Larry Linder wrote: Kids have added a twinkey box around the last used cell - does not follow active cell or #value or anything relevant. Its all eye candy - and no one cares about accuracy as long as its pretty. As my old grandmother said pretty is and pretty does you can add what you want to quote. G- Larry Linder
Re: Error WARNING: Can't find Tcl configuration definitions
On Fri, Oct 7, 2011 at 1:15 PM, carlopmart carlopm...@gmail.com wrote: Hi all, I am trying to install tcltls libaries (http://tls.sourceforge.net) on a SL6.1 x86_64 laptop, but I can't. When I launch configure returns me this error: ./configure --prefix=/opt/tls --libdir=/opt/tls/lib --disable-threads checking for correct TEA configuration... ok (TEA 3.6) checking for Tcl configuration... configure: WARNING: Can't find Tcl configuration definitions In config.log appears this: $ ./configure --prefix=/opt/tls --libdir=/opt/tls/lib --disable-threads I saw someone suggesting that one can add a location/path for tcl like so: ./configure --with-tclconfig=/usr/lib64/tcl8.5/tclx8.4/ Maybe worth a try. Akemi