Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: binnmu
nmu tripwire_2.4.3.7-4+b3 . ANY . unstable . -m "Rebuild with new libc (Closes
#1022791)"
Tripwire is statically build and libc updates break it.
Thanks.
--
Alberto Gonzal
tags 994910 + pending
thanks
Hi, I'll make an upload to unstable ASAP.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key finger
ure) ./configure --prefix /usr --plug-in
> --fw-iptables --db-sqlite3 --sqlite3-path /var/lib/eurephia --eurephiadm
> --openvpn-src /usr/include/openvpn
> override_dh_auto_clean:
> rm -rf configure.log
> dh_auto_clean
--
Alberto Gonzalez Iniesta| Formación, consultoría y soport
cluded)
dpkg-source --after-build .
dpkg-buildpackage: info: binary-only upload (no source included)
Build finished at 2020-04-19T14:14:59Z
----
I have no idea why in the rebuild this happened:
> > dh_gen
Package: libmodsecurity3
Version: 3.0.3-1
Severity: serious
Tags: security upstream
A security issue was discovered by Ervin Hegedüs in Modsecurity 3.0.3.
More info:
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/modsecurity-denial-of-service-details-cve-2019-19886/
Fixed package
ng it again.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
ed they would be. Still, at least for me, this is an improvement
> over to several handcrafted rules, especially for any future changes in
> the Debian build system.
>
[snip]
> ### Packages maintained by Alberto Gonzalez Iniesta
>
> * netkit-bootparamd
> * netkit-ntalk
&
the thing called "setup
> fee" somewhere else, and I'm mostly done with it.
I'll look into your changes on bsd-finger and see if I can reproduce
those on others.
Thanks again,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
Package: modsecurity
Version: 3.0.2-1
Severity: serious
Yep, some tests are failing on all buildd. Looking into it.
Thanks Santiago Vila for the heads up.
-- System Information:
Debian Release: buster/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental'
ould you let me know how to reproduce a misbuild?
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
ently successful misbuilds and is prohibited by the Debian policy
> > in section 4.6.
> >
> > Helmut
>
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
re, and
> /usr/lib/tmpfiles.d/openvpn.conf being overriddden means that
> /run/openvpn is no longer created.
>
Ooops, fixing ASAP.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail prefe
und these days)
and seems to work fine.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6
lan was to start working on this today, let see if real life agrees
on this. I'l start with sid, stretch, jessie and then wheezy. I'll let
you know when I start working on wheezy to avoid duplicate efforts.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y
age libapache2-modsecurity (--configure):
>dependency problems - leaving unconfigured
> Setting up libcap2-bin (1:2.25-1) ...
> Processing triggers for libc-bin (2.24-8) ...
> Processing triggers for systemd (232-8) ...
> Errors were encountered while processing:
>libap
> > > Am 13.12.2016 um 18:02 schrieb Michael Biebl:
> > >> Am 13.12.2016 um 16:53 schrieb Alberto Gonzalez Iniesta:
> > >>> Hi there,
> > >>>
> > >>> The --tls-remote was removed in OpenVPN 2.4, and was already marked as
> > >&g
ebian entry to warn users.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347 CBD8 3E30 A9EB 4D7D 4BF2 009B 3375 6B9A AA55
. It will be removed
either in OpenVPN v2.4 or v2.5. So please make sure you support the new
X.509 name formatting described with the --compat-names option as
soon as possible by updating your configurations to use
--verify-x509-name instead.
IMHO this should have been fixed in network-manager-op
Control: unblock 827061 by -1
Uploaded 2.4~rc1-1 build against openssl1.0 until upstream moves to 1.1
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key
y running openvpn via 'openvpn server.conf' and
> 'openvpn client.conf' works.
>
> Same configuration is working with upstart on Ubuntu 12.04
>
Could you provide your /etc/default/openvpn, and the ouput of:
systemctl status openvpn
--
Alberto Gonzalez Iniesta
Yep, I can reproduce it. Sorry for the bug. I'm working on it.
Cheers,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 5347
OpenVPN service
>Loaded: loaded (/lib/systemd/system/openvpn.service; disabled)
>Active: inactive (dead)
> ###
systemctl enable openvpn ?
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
mailto/sip: a...@inittab.org | en GNU/Linux y software libre
Encrypted
Loading kernel module for a network device with CAP_SYS_MODULE (deprecated).
> Use CAP_NET_ADMIN and alias netdev- instead.
>
> Regards,
>
> Maciek
>
> W dniu 12.09.2014 o 09:57, Alberto Gonzalez Iniesta pisze:
> >On Fri, Sep 12, 2014 at 12:10:44AM +0200, Maciej Kotl
3.26.245.199:46853 WARNING: 'tun-mtu' is used
> inconsistently, local='tun-mtu 1500', remote='tun-mtu 1532'
Have you tried following this advice:
> Thu Sep 11 23:59:57 2014 83.26.245.199:46853 WARNING: 'mtu-dynamic' is present
> in remote config but mis
possible solutions is available at
> http://wiki.debian.org/qa.debian.org/FTBFS . You're welcome to contribute!
>
> About the archive rebuild: The rebuild was done on EC2 VM instances from
> Amazon Web Services, using a clean, minimal and up-to-date chroot. Every
> failed
sive (versioned as 1.10.1-1.1)
> and uploaded it to DELAYED/2. Please feel free to tell me if I should
> delay it longer.
>
> Regards,
>
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted
ntime, could you try the new package (amd64) here [1]?
http://fotos.inittab.org/openvpn_2.2.1-8+deb7u2_amd64.deb
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred|
made or should we go back to 2.2.1 without
the patch to fix CVE-2013-2061?
Thanks,
Alberto
[0]
https://github.com/OpenVPN/openvpn/commit/11d21349a4e7e38a025849479b36ace7c2eec2ee
[1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=707329
[2] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=71
On Mon, Jun 17, 2013 at 03:45:04PM +0600, Aleksey I Zavilohin wrote:
> 17.06.2013 14:23, Alberto Gonzalez Iniesta пишет:
> >On Mon, Jun 17, 2013 at 01:00:23PM +0600, Aleksey I Zavilohin wrote:
> >>after upgrade to 2.2.1-8+deb7u1 stop working udp server
> >>
> &g
On Mon, Jun 17, 2013 at 01:00:23PM +0600, Aleksey I Zavilohin wrote:
> after upgrade to 2.2.1-8+deb7u1 stop working udp server
>
Hi Aleksey,
Did this happen with all clients? Which client versions are you running?
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consult
2.06-1
> ii libpam0g 1.1.3-7.1
> ii libpkcs11-helper1 1.09-1
> ii libssl1.0.01.0.1e-2
> ii net-tools 1.60-24.2
>
> openvpn recommends no packages.
>
> Versions of packages openvpn suggests:
> ii openssl 1.0.1e-2
> pn
n in the next point release? (Note that the freeze for the NEW
> queue for it is already the coming weekend).
Hi Salvatore,
I was the AFK all the weekend, I'm preparing the upload to unstable now,
and will contact SRM afterwards.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formaci
urity2, and the .load/.conf files should be named like
> the .so, too (which is what you did by applying my patch).
Hi Arno,
Thank you for your patch. I'll check the symlink issue you point. I'll
change the package name in an future (soon) upload too.
Thanks,
Alberto
--
Alberto
On Sat, Apr 06, 2013 at 12:08:41PM +0200, Salvatore Bonaccorso wrote:
> Hi Alberto, hi Thomas
>
> On Sat, Apr 06, 2013 at 10:50:43AM +0200, Alberto Gonzalez Iniesta wrote:
> > On Sat, Apr 06, 2013 at 02:43:39PM +0800, Thomas Goirand wrote:
> > > Hi,
> > >
> &
e sure it fixes the CVE,
> then I believe I could NMU the fixed package in the delayed queue.
Hi Thomas and Salvatore,
Thanks for the heads-up. Strangely I didn't get the first mail (the bug
report), but luckily got Thomas' mails. I'll check this ASAP and make an
upload accordingl
>
> Here's a new patch that fixes that compile error.
>
> A.
Thanks! Just uploaded.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fin
on the libapache2-modsecurity package.
>
> Does this help?
Hi Salvatore,
Yes, it does help. I'll try to fix this ASAP (no time yet).
Thanks a lot,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y soft
.6.6-3.log
The requested URL
/squeeze2wheezy/fail/libapache-mod-security_2.6.6-3.log was not found on
this server
?
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://i
upload. I didn't use iproute on
the Debian packages, but couldn't remember why. Only the Linux kernel
works with it.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred
NAME=${CONFIG%%.conf}
> # Is it an autostarted VPN ?
> if test -z "$AUTOSTART" -o "x$AUTOSTART" = "xall" ; then
> AUTOVPN=1
> else
> if test "x$AUTOSTART" = "xnone" ; then
> AUTOVPN=
On Fri, Oct 22, 2010 at 03:29:11PM +0300, Teodor MICU wrote:
> Hi,
>
> On Thu, Oct 21, 2010 at 2:03 PM, Alberto Gonzalez Iniesta
> wrote:
> > I've got a new -2 package (same location) with upstream's solution,
> > instead of mine. Would you mind testing it? Th
On Fri, Oct 15, 2010 at 05:45:48PM +0300, Teodor MICU wrote:
> Hi,
>
> On Fri, Oct 15, 2010 at 3:39 PM, Alberto Gonzalez Iniesta
> wrote:
> > Could you try with this package [1]?
> > [1] http://etc.inittab.org/~agi/openvpn_2.1.3-2_i386.deb
>
> I've rever
On Thu, Oct 14, 2010 at 01:15:49PM +0300, Teodor MICU wrote:
> Hi,
>
> On Thu, Oct 14, 2010 at 11:37 AM, Alberto Gonzalez Iniesta
> wrote:
> > Hi, could you attach (without sensitive data) the server and client
> > configurations?
>
> Sure. The real company add
On Thu, Oct 14, 2010 at 01:15:49PM +0300, Teodor MICU wrote:
> Hi,
>
> On Thu, Oct 14, 2010 at 11:37 AM, Alberto Gonzalez Iniesta
> wrote:
> > Hi, could you attach (without sensitive data) the server and client
> > configurations?
>
> Sure. The real company add
le.
>
> I've attached the connection log from /var/log/syslog (some real info was
> replaced with
> generic names).
Hi, could you attach (without sensitive data) the server and client
configurations?
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y
On Thu, Mar 11, 2010 at 09:03:38AM +0100, Nico Golde wrote:
> Hi Alberto,
> what is the status of this bug?
Hi Nico,
I'm building the new package right now. Thanks for the ping.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(
On Wed, Jan 20, 2010 at 09:08:50PM +0100, Patrick Matthäi wrote:
> > make: *** [kmod_build] Error 2
> > build failed with return value 2
> >
> >
>
> Upstreams driver does not work with this kernel, we have patched it.
A! Good to know. Thanks a lot for th
ule_/lib/modules/fglrx/build_mod/2.6.x] Error 2
make[1]: Leaving directory `/usr/src/linux-headers-2.6.32-11-generic'
make: *** [kmod_build] Error 2
build failed with return value 2
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 9782 04E7 2B75 405C F5E9 0C81 C514 AF8E 4BA4 01C3
--
To UNSUBSCRIBE, email
output from the cam)
move your mouse in to its window and...
$ gqcam -v /dev/video0
gqcam: Fatal IO error 11 (Resource temporarily unavailable) on X server :0.0.
I'm attaching an strace of it, in case it helps.
Thanks again,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y
penvpn,
> action "start" failed.
> dpkg: error processing openvpn (--configure):
> subprocess post-installation script returned error exit status 1
The init.d script was modified to use LSB functions in the last upload.
But that shouldn't break it. Could you run the script wit
see if openvpn-vulnkey
is also moving and upload a new version accordingly.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 978
the last upload (1.1.1-1) but I had to test it
before closing it (thus the 'pending' tag, it was pending some testing :) ).
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
onsired important by the sec team.
I'm attaching my previous mail.
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
Encrypted mail preferred| http://inittab.com
Key fingerprint = 9782 04E7 2B75
I sent the fix to the security team, but they decided to ignore it.
I wasn't in the mood to fight with them... Feel free to contact them at
[EMAIL PROTECTED] You can Cc me if you want.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|d
at change to be made, defaulting at yes.
>
> I think the default should be no.
>
That's what /etc/default/openvpn is for. You don't want to run it, just
set AUTOSTART="none". Just like many other packages.
--
Alberto Gonzalez Iniesta| Formación, consultoría y
retitle 348076 Kmyfirewall Hangs and KDE also does
severity 348076 normal
tags 348076 moreinfo unreproducible
thanks tronko
Hi,
I'm not able to reproduce this behavior, but it could be due to a
erroneous firewall config, and had nothing to do with Kmyfirewall per
se. So please, let me know the e
Packages for Sarge, until they get released by the security team may by
found at:
http://etc.inittab.org/~agi/
Packages for sid/testing will be uploaded RSN.
--
Alberto Gonzalez Iniesta| Formación, consultoría y soporte técnico
agi@(inittab.org|debian.org)| en GNU/Linux y software libre
ig --includedir returns:
> /usr/include/postgresql
[EMAIL PROTECTED]:~$ pg_config --includedir
/usr/include/postgresql/8.0
I was using an outdated version of libpq-deb (8.0.3-7).
Upgrading system and updating package.
Thanks,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consultoría y
the simplest fix.
>
> libapache2-mod-ldap-userdir has an exception for OpenSSL already.
>
Thanks a lot for the tip! I'll talk with upstream about this. I'm sure
he'll add the permission to the license.
Regards,
Alberto
--
Alberto Gonzalez Iniesta| Formación, consult
60 matches
Mail list logo