Wichert Akkerman <[EMAIL PROTECTED]> writes:
> Previously Olaf Meeuwissen wrote:
> > For a truly stable Debian system, drop
> > deb http://http.us.debian.org/debian dists/potato-proposed-updates/
>
> I wouldn't recommend that, on occasion a package ma
Christian Hammers wrote:
> On Sat, Jun 22, 2002 at 11:50:10PM -0700, Jamie Heilman wrote:
> > its not just mod_proxy, apache was vulnerable regardless
> BTW: in the case that mod_proxy is not loaded: is it enough to just
> backport the get_chunk_size function from http_protocol.c (like in the
>
On Sun, Jun 23, 2002 at 04:51:20PM -0400, Phillip Hofmeister wrote:
> > Well, still binary patching could be implemented (although, in a rather
> > osbscure way) using pre-install scripts which would patch the definition
> > files. However, this would require two packages providing the same
> > ver
> Well, still binary patching could be implemented (although, in a rather
> osbscure way) using pre-install scripts which would patch the definition
> files. However, this would require two packages providing the same
> version of the definition files (a patch package and a complete
> new-version p
On Sun, Jun 23, 2002 at 11:49:02AM -0500, Steve Langasek wrote:
> On Sun, Jun 23, 2002 at 01:25:56PM -0300, Peter Cordes wrote:
> > On Sun, Jun 23, 2002 at 12:46:27AM +0300, Pavel Minev Penev wrote:
> > > I would think of using xdelta, or similar to distrubute changes as
> > > binary patches, since
Previously John Foster wrote:
> apache-1.3.26-0woody
I thgink you are missing a 1 at the end there
> apache-ssl-1.3.26.1+1
That is not the security fixed version, that is 1.3.26.1+1.48-0woody2
Wichert.
--
_
/[EMAIL PROTECTED]
Wichert Akkerman wrote:
> That's not the architecture. Architecture is one of alpha, arm, i386,
> ia64, hppa m68k, mips, mipsel, powerps, s390, sparc.
Sorry I had a brain lapse... i386
> > * what exact version of apache (or apache-ssl or apache-perl) do you have?
apache-1.3.26-0woody
apache-ss
Previously John Foster wrote:
> Wichert Akkerman wrote:
> > * what architecture are you running
>
> Debian Woody (currently upgraded thru today)
That's not the architecture. Architecture is one of alpha, arm, i386,
ia64, hppa m68k, mips, mipsel, powerps, s390, sparc.
> > * what exact version of
also sprach Micah Anderson <[EMAIL PROTECTED]> [2002.01.10.0127 +0100]:
> Potato has 1.2-14 as its latest for poppasswd... I agree that
> v1.8-ceti would be a better solution, especially considering the
> security issues you cited. What does it take to get this version into
> the security updates?
On Sun, Jun 23, 2002 at 11:49:02AM -0500, Steve Langasek wrote:
> On Sun, Jun 23, 2002 at 01:25:56PM -0300, Peter Cordes wrote:
> > Unfortunately, it's probably too late to integrate rsync into the whole apt
> > system, so it can rsync stuff in /var/cache/apt/archives.
>
> First thing's first: we
On Sat, Jun 22, 2002 at 03:33:59PM -0500, Rob VanFleet wrote:
> Regardless, thanks for the dsa suggestion, it solves my problem, but I'm
> still curious as to why the rsa key did not work.
You compiled openssh yourself on one of the machines. Maybe you didn't
include RSA support. RSA used to be
On Sun, Jun 23, 2002 at 01:25:56PM -0300, Peter Cordes wrote:
> On Sun, Jun 23, 2002 at 12:46:27AM +0300, Pavel Minev Penev wrote:
> > I would think of using xdelta, or similar to distrubute changes as
> > binary patches, since there could be a real server overload when a few
> > hundred administra
On Sun, Jun 23, 2002 at 12:46:27AM +0300, Pavel Minev Penev wrote:
> I would think of using xdelta, or similar to distrubute changes as
> binary patches, since there could be a real server overload when a few
> hundred administrators and mere people start downloading the brand new
> deifinitions si
Previously John Foster wrote:
> Will there be an apache-ssl version added to the security area?
Yes, I actually just put it there for most architectures.
Wichert.
--
_
/[EMAIL PROTECTED] This space intentionally left occ
Previously John Foster wrote:
> I did the upgrade to the security patched version. After doing so I had
> to restart Apache with only the DSO modules running in order to keep it
> from segfaulting. I determined by a lot of trial and error that this was
> being caused by several of the modules that
Will there be an apache-ssl version added to the security area?
--
John Foster
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I did the upgrade to the security patched version. After doing so I had
to restart Apache with only the DSO modules running in order to keep it
from segfaulting. I determined by a lot of trial and error that this was
being caused by several of the modules that I load. It seems to run
fine after re
Hello
On Sat, Jun 22, 2002 at 11:50:10PM -0700, Jamie Heilman wrote:
> its not just mod_proxy, apache was vulnerable regardless
BTW: in the case that mod_proxy is not loaded: is it enough to just
backport the get_chunk_size function from http_protocol.c (like in the
file debian/patches/cert_vuce
On Sat, 22 Jun 2002 02:20:20 -0500
"Rob VanFleet" <[EMAIL PROTECTED]> wrote:
> I am trying to use RSA authentication between different machines, but
> I'm running into trouble between machines running different versions of
> ssh.
Are you sure the different versions of OpenSSH make the difference.
> Regardless, thanks for the dsa suggestion, it solves my problem, but I'm
> still curious as to why the rsa key did not work.
Maybe on machine B in sshd_config you enabled only Protocol 2 or
RSAAuthentication is "no" <-- its for rsa1
PubkeyAuthentication yes <-- its for rsa and dsa protocol 2
On Sat, 2002-06-22 at 21:08, Brendan Hack wrote:
> I've had this problem before with apache spontaneously seg faulting when
> trying to execute it. I know we all hate killing the uptime but if I
> rebooted it would solve the problem.
Maybe it ran out of sysv shared memory? You can use ipcs to ch
> Can someone clarify for me, please (not directly debian related, I know,
> but...) - the patches appear to only be to the chunk-encoding functions
> in mod_proxy. If mod_proxy isn't loaded, is apache still vulnerable?
its not just mod_proxy, apache was vulnerable regardless
--
Jamie Heilman
22 matches
Mail list logo