Re: 398254 is a security bug (SUID permission is 755 instead of 700 during installation)

On Fri, Jan 02, 2009 at 09:37:12PM +0100, Bastien ROUCARIES wrote: > tags 398254 + security > tags 398254 + patch > thanks > > >The postinst of fuse-utils creates the group fuse and sets the > >permissions of fusermount to root:fuse 4754. Before that happens, > >fusermount has the permissions spe

502300 is a security bug (SUID permission is 755 instead of 700 during installation)

tags 502300 + security tags 502300 + patch tags 398254 - security thanks Sorry it was 502300 and not 398254 (lack of coffee) Le vendredi 2 janvier 2009, Bastien ROUCARIES a écrit : > tags 398254 + security > tags 398254 + patch > thanks > > >The postinst of fuse-utils creates the group fuse and

398254 is a security bug (SUID permission is 755 instead of 700 during installation)

tags 398254 + security tags 398254 + patch thanks >The postinst of fuse-utils creates the group fuse and sets the >permissions of fusermount to root:fuse 4754. Before that happens, >fusermount has the permissions specified in the deb, namely root:root >4755. Thus, during the installation of fuse

Re: [SECURITY] [DSA 1694-1] New xterm packages fix remote code execution

* Peter Palfrader: > On Fri, 02 Jan 2009, Florian Weimer wrote: > >> As an additional precaution, this security update also disables font >> changing > > Is this really ncessary? I use that feature a lot and I rely on it for > most of my desktop setup. What are other (scriptable) means to change

Re: New xterm packages fix remote code execution

Dies ist eine Automatische Antwort: Ich bin im Winterurlaub, und werde ihre E-Mail Anfang Jaenner 2009 bearbeiten. Mit freundlichen Gruessen, Leo Gerber, diewebdesigner.com -- To UNSUBSCRIBE, email to debian-security-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact li

Re: [SECURITY] [DSA 1694-1] New xterm packages fix remote code execution

On Fri, 02 Jan 2009, Florian Weimer wrote: > As an additional precaution, this security update also disables font > changing Is this really ncessary? I use that feature a lot and I rely on it for most of my desktop setup. What are other (scriptable) means to change font size from within an xter

URGENT RESPOND

You are invited to "URGENT RESPOND". By your host Mrabudu Idrisa: Date: Friday January 2, 2009 Time: 12:45 pm - 1:45 pm (GMT +00:00) Will you attend? RSVP to this invitation at: http://calendar.yahoo.com/mrabuduidrisa?v=126&a1=0&iid=Jx%40HH2x%40JJs3%

Re: "Certification Authorities are recommended to stop using MD5 altogether"

On Thu, Jan 01, 2009 at 12:45:22PM -0500, Micah Anderson wrote: > >>On Wed, 31 Dec 2008, Micah Anderson wrote: > >> > >> Does anyone have a legitimate reason to trust any particular Certificate > >> Authority? > > Yves-Alexis Perez writes: > > > > > I may b