Package: python-netaddr-docs
Version: 0.7.19-4
Severity: grave
Justification: renders package unusable
Dear Maintainer,
*** Reporter, please consider answering these questions, where appropriate ***
* What led up to the situation?
I wanted to read the documentation for the python-netaddr
reason to believe this to be false?
Your observed behavior could easily be explained by the fact that
Firefox doesn't check the signatures immediately, and it might have
happened to check them just as you were altering the "studies" settings,
which themselves did nothing.
My installed version is:
Package: firefox-esr
Version: 60.6.1esr-1~deb9u1
/Teddy Hogeborn
essful run.
There is a typo on line 179; the $ and { characters seem to be
transposed. Patch included.
/Teddy Hogeborn
*** End of the template - remove these template lines ***
-- System Information:
Debian Release: 8.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500,
the other hand, there seems to be some upstream activity -
Python-GnuTLS 3.0.0 was released on March 9th, claiming to support
GnuTLS 3.2 and later.
/Teddy Hogeborn
--
The Mandos Project
https://www.recompile.se/mandos
signature.asc
Description: PGP signature
up when the client connects.
1) http://mail.recompile.se/pipermail/mandos-dev/2014-October/000305.html
2) https://release.debian.org/transitions/html/gnutls28.html
3) https://wiki.debian.org/gnutls3
/Teddy Hogeborn
--
The Mandos Project
http://www.recompile.se/mandos
--
To UNSUBSCRIBE, email
to the Depends line for the mandos
package baffles me even more; the mandos binary package does not
depend on any specific version of python-gnutls, it uses what's
available, and runs well with either.
/Teddy Hogeborn
--
The Mandos Project
http://www.recompile.se/mandos
--
To UNSUBSCRIBE, email
leaning towards the latter.
/Teddy Hogeborn
--
The Mandos Project
http://www.recompile.se/mandos
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
tags 762760 +patch
stop
Chet Ramey has posted a patch for this (also attached):
http://www.openwall.com/lists/oss-security/2014/09/25/10
/Teddy Hogeborn
*** ../bash-20140912/parse.y 2014-08-26 15:09:42.0 -0400
--- parse.y 2014-09-24 22:47:28.0 -0400
***
*** 2959,2962
will have to do some more tests in my
copious spare time.
/Teddy Hogeborn
--
The Mandos Project
http://www.recompile.se/mandos
pgp6LNwJet4oL.pgp
Description: PGP signature
suspecting a GnuTLS regression with SECURE256 and CTYPE-OPENPGP.
Note: The clients need no changes.
/Teddy Hogeborn
--
The Mandos Project
http://www.recompile.se/mandos
--
To UNSUBSCRIBE, email to debian-bugs-rc-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas
Teddy Hogeborn te...@recompile.se writes:
Uncommenting the priority setting in mandos.conf and appending
:+SIGN-RSA-SHA224 makes it work; i.e. this line should be present in
/etc/mandos.conf:
priority = SECURE256:!CTYPE-X.509:+CTYPE-OPENPGP:+SIGN-RSA-SHA224
I meant, of course, /etc/mandos
Package: libpulsecore5
Version: 0.9.10-3+lenny2
Severity: grave
Justification: renders package unusable
The update from 0.9.10-3+lenny1 to 0.9.10-3+lenny2 made pulseaudio
stop working:
te...@bris:~$ pulseaudio
E: main.c: Failed to create '/tmp/pulse-teddy': Permission denied
te...@bris:~$
It
made an
attacker any happier.
If you think I'm wrong, please explain in a little more detail how an
attack would be constructed with this bug in place. (But I *am*
fixing this bug immediately.)
/Teddy Hogeborn
- --
The Mandos Project
http://www.fukt.bsnet.se/mandos
-BEGIN PGP SIGNATURE
.
The upload would fix these Debian bugs: 551907
The Debian package for unstable can be found on mentors.debian.net:
- - dget http://mentors.debian.net/debian/pool/main/m/mandos/mandos_1.0.13-1.dsc
/Teddy Hogeborn
- --
The Mandos Project
http://www.fukt.bsnet.se/mandos
-BEGIN PGP SIGNATURE
package mandos-client
retitle 549585 udev: creates /dev/{u,}random with too strict permissions
summary 549585 20
tags 549585 patch
reassign 549585 udev 146-3
package udev
affects 549585 mandos-client
thanks
Teddy Hogeborn te...@fukt.bsnet.se writes:
Indeed, it seems that both /dev/random
to
force some specific module to be loaded in the initrd - which used to
be loaded by default or compiled in - to provide the random device
drivers. In that case, the question is: what module?
/Teddy Hogeborn
- --
The Mandos Project
http://www.fukt.bsnet.se/mandos
-BEGIN PGP SIGNATURE
to
force some specific module to be loaded in the initrd - which used to
be loaded by default or compiled in - to provide the random device
drivers. In that case, the question is: what module?
/Teddy Hogeborn
- --
The Mandos Project
http://www.fukt.bsnet.se/mandos
-BEGIN PGP SIGNATURE
to
wait until tomorrow (when I should have access to a sid machine) to
check which of the many changes from lenny to sid could cause it.
On the bright side, we seem to have found the actual cause of the
problem; we just need to get udev to create the devices with the
proper permissions.
/Teddy
this and other bugs.
/Teddy Hogeborn
- --
The Mandos Project
http://www.fukt.bsnet.se/mandos
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFKueMmOWBmT5XqI90RAnY+AKC7KRWAQHYZWKGvtMKw5WiCi3+O1ACgwoOj
jSv1QCi3xSl6AinUlspWtZk=
=aqpm
-END PGP SIGNATURE-
--
To UNSUBSCRIBE
not revoked my old key,
since there's nothing wrong with it, but I will be using my new key
wherever possible from now on:
pub 2048R/E0C20CFF 2009-05-09
Key fingerprint = 6391 763B 3994 3426 98E5 820E F7EE 616E E0C2 0CFF
uid Teddy Hogeborn te...@fukt.bsnet.se
sub 2048R
20 matches
Mail list logo
