Hi,
I noticed today on Debian Weekly News that FFMpeg has had a
security-related bug.
Are you aware that ffmpeg in Debian ships static libraries? If I
understand correctly, this means other packages building against FFMpeg
(Xine, GStreamer and VLC comes to my mind) actually contain a copy of
the
Jonas Smedegaard wrote:
Are you aware that ffmpeg in Debian ships static libraries? If I
understand correctly, this means other packages building against FFMpeg
(Xine, GStreamer and VLC comes to my mind) actually contain a copy of
the libavcodec library rather than linking to it dynamically -
Moritz Muehlenhoff wrote:
This question comes from time to time. If someone wants to write a FAQ entry
for
the Debian Security FAQ, please send it to [EMAIL PROTECTED]
It's now documented in the Debian Security FAQ.
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with
-Mensaje original-
De: Martin Schulze [mailto:[EMAIL PROTECTED]
Enviado el: miƩrcoles, 15 de marzo de 2006 9:43
Para: Debian Security Announcements
Asunto: [SECURITY] [DSA 1002-1] New webcalendar packages fix several
vulnerabilities
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
-
Michel Messerschmidt [EMAIL PROTECTED] writes:
Neal Murphy said:
The point is to obscure the ssh server from everyone, including those
who
are authorized to access it remotely.
You're right, this is just the old idea of security by obscurity.
And quite pointless. Better install a fake sshd
Michael Stone [EMAIL PROTECTED] writes:
On Mon, Mar 13, 2006 at 03:03:24PM -0500, Neal Murphy wrote:
Yes, allowing UDP packets in is, in a sense, an open port, but it's
a one-way port. UDP packets have a fixed maximum size and the
information carried in the packet is trivial in nature; UDP
On Wed, Mar 15, 2006 at 02:35:53PM +0100, Goswin von Brederlow wrote:
Michael Stone [EMAIL PROTECTED] writes:
No, anyone can generate encrypted parts. IMHO, there's not much chance
that the decryption routines in your magic udp parser are going to be
less vulnerable than those in openssh
Michael Stone [EMAIL PROTECTED] writes:
On Wed, Mar 15, 2006 at 02:35:53PM +0100, Goswin von Brederlow wrote:
Michael Stone [EMAIL PROTECTED] writes:
No, anyone can generate encrypted parts. IMHO, there's not much chance
that the decryption routines in your magic udp parser are going to be
Neal Murphy wrote:
The point is to reduce brute-forace attacks to the point of nearly total
ineffectiveness.
I use OpenSSH public/private key authentication to achieve this. Based on needs one could
also use two factor authentication (e.g. one time password tokens) or even a combination
of
Hi all!
Sorry to be jumping in without preserving the In-Reply-To.
Allard Hoeve wrote:
I'm afraid this new package introduces some serious errors in software
that depends on this package. I have tested the new package on three
different Sarge machines with the following results. Please
On Wed, Mar 15, 2006 at 05:06:34PM +0100, Goswin von Brederlow wrote:
His idea is to add a 100% non responsive knocking (using udp) before
the actual ssh handshake so unauthorized clients can't even determine
that sshd is running. Not that I find that usefull but thats the idea.
Traditional
Gary Foster
CTO, Pace Systems Group, Inc.
office: 800-624-5999 x9104
mobile: 904-226-4901
fax:925-871-4511
-Original Message-
From: Martin Schulze [mailto:[EMAIL PROTECTED]
Sent: Wednesday, March 15, 2006 3:43 AM
To: Debian Security Announcements
Subject: [SECURITY] [DSA 1002-1]
On Wednesday 15 March 2006 11:06, Goswin von Brederlow wrote:
He trying to solve that a tcp connect to port 22 establishes a
connection and thereby reveals that the server is running an sshd and
attcking it makes sense.
His idea is to add a 100% non responsive knocking (using udp) before
the
13 matches
Mail list logo