CVE-2020-25657: RESERVED
CVE-2020-25688: RESERVED
CVE-2020-25711: RESERVED
CVE-2020-28362: RESERVED
CVE-2020-28366: RESERVED
CVE-2020-28367: RESERVED
CVE-2020-7768: TODO: check
CVE-2020-8569: RESERVED
--
The output might be a bit terse, but the above ids are known elsewhere,
check the
Hi,
13 nov. 2020 à 11:06 de ggunin...@gmail.com:
> Definitely won't say "thank you" to some entity which gives
> me long unpatched important component like a web browser.
>
I confess that having an unpatched browser is really not recommended because of
all exploits that could happen on the fly
On Fri, Nov 13, 2020 at 12:27 PM John Runyon wrote:
>
> Imagine calling yourself a “Debian contributor” because you... reported a few
> bugs? Guess I’m a Debian contributor too.
>
I was wrong about being _contributor_, sorry (misunderstood
the definition).
Hello,
the Debian Buster release notes state that no security updates are
possible for software written in Go due to its static linking - Debian
lacks the infrastructure to mass-rebuild all affected Go packages. Did
this change in the mean time? If not, is there ongoing work to change this?
* [Fri, Nov 13, 2020 at 05:26:56AM -0500] John Runyon:
Why do we have such messages on the security mailing list? Is there a
way to get actual security team announcements without all this spam?
That's a job for debian-security-announce@l.d.o (please note the
'-announce' suffix)
Ciao,
Gian
John Runyon (Fri 2020-11-13 05:26:56 -0500) :
> Why do we have such messages on the security mailing list? Is there a way to
> get actual security team announcements without all this spam?
Yes, there is such a list [1]. This list [2] is for (quote):
Discussion about security issues,
Come on man, if someone contributes, they contribute. Big or small.
And sure, let's quiet down a bit~
Best,
Alana X
On Fri, Nov 13, 2020 at 7:27 PM John Runyon wrote:
> Imagine calling yourself a “Debian contributor” because you... reported a
> few bugs? Guess I’m a Debian contributor too.
>
Imagine calling yourself a “Debian contributor” because you... reported a
few bugs? Guess I’m a Debian contributor too.
Why do we have such messages on the security mailing list? Is there a way
to get actual security team announcements without all this spam? There is,
after all, no shortage of
On Fri, Nov 13, 2020 at 12:06:50PM +0200, Georgi Guninski wrote:
> On Fri, Nov 13, 2020 at 10:21 AM Pavlos Ponos wrote:
> > BUT we should not forget to say a THANK YOU to these guys which give their
> > best in order all of us to use this OS for free ;-)
> I believe I am debian contributor too,
On Fri, Nov 13, 2020 at 10:21 AM Pavlos Ponos wrote:
> BUT we should not forget to say a THANK YOU to these guys which give their
> best in order all of us to use this OS for free ;-)
I believe I am debian contributor too, search in google for:
"georgi guninski" site:debian.org
Definitely
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA512
- -
Debian Security Advisory DSA-4791-1 secur...@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
November 13, 2020
Hi,
some brain storming: what about working together with the LinuxMint
people, they just got a dedicated compiling machine, just for getting
updated Chromium for LMDE in time:
http://packages.linuxmint.com/list.php?release=Debbie
Consolidating resources might do the trick here,
Kind
Hello,
Pavlos Ponos (Fri 2020-11-13 10:20:36 +0200) :
> BUT we should not forget to say a THANK YOU to these guys
and gals
> which give their best in order all of us to use this OS for free ;-)
I was about to write the same thing: a big thank you to all
volunteers.
--
Emmanuel
Your question(?) is answered by the FAQ in
https://www.debian.org/doc/manuals/securing-debian-manual/index.en.html
Bjørn
On 13-11-2020 08:18, Georgi Guninski wrote:
Some more exploit vectors from the FD list:
https://seclists.org/fulldisclosure/2020/Nov/13
Partial results:
1. mutt (text email client) exposes ~/.mutt/muttrc,
which might contain the imap password in plaintext.
Interesting find. Please report
On 17.10.20 14:28, Georgi Guninski wrote:
Is Debian's chromium vulnerable now?
Yes. The Team maintaining Chromium in Debian is clearly overloaded and
understaffed and I am sure the Corona Crisis isn't helping here.
16 matches
Mail list logo
