Re: tracking security issues without CVEs

good if it does get resolved. -- Brian May

Re: tracking security issues without CVEs

asy way of being able to link each issue to each patch. So if a CVE was provided for each issue, it would be relatively hard to link it to the appropriate patch with 100% certainty. With so many different issues, I suspect it is going to be overwhelming requesting a CVE for each issue no matter what you do. -- Brian May

Re: Security issues with the PAM modules for Kerberos?

nd you get no additional security from using Kerberos over sending passwords over an encrypted channel (whether SSL or SSH based). I have updated my FAQ at <http://snoopy.apana.org.au/~bam/debian/faq/> to include this question, as it seems to be a very common question. -- Brian May <[EMAIL PROTECTED]>

Re: Security issues with the PAM modules for Kerberos?

nd you get no additional security from using Kerberos over sending passwords over an encrypted channel (whether SSL or SSH based). I have updated my FAQ at <http://snoopy.apana.org.au/~bam/debian/faq/> to include this question, as it seems to be a very common question. -- Brian May <[EMAIL

Re: PGP vs. GPG && BAD SIGNATURE

--_=XFMail.1.4.4.Linux:2430005809:27687=_-- oh wait, yes they are the same. Why XFMail is doing this, I don't know (as I don't use it myself). Perhaps this is a bug in XFMail. -- Brian May <[EMAIL PROTECTED]>

Re: Sendmail

suggestions for how to make pine and mh use sendmail rather then port 25. This was years ago now, the situation might be different now. I have purged pine, so can't check. -- Brian May <[EMAIL PROTECTED]>

Re: One Time Password support in debian

Jacob> solution like hotmail would be a good start. Another option: perhaps some sort of mail <--> WWW gateway might work. With SSL encryption... Not sure what free mail <--> WWW gateways exist, I am sure somebody can fill in the details for me. -- Brian May <[EMAIL PROTECTED]>

Re: Automatic password changing

isting... Out of curiosity: Is there anyway to avoid this? -- Brian May <[EMAIL PROTECTED]>

Re: Kerberos V anyone?

but both may have been fixed since I last checked. I hope that explains the situation... -- Brian May <[EMAIL PROTECTED]>

Re: Kerberos V anyone?

rom happening? Alexander> Given the newly relaxed crypto export laws, it may be Alexander> quite possible to export it now, if that's what's Alexander> preventing it from being Debianized. Heimdal is a free implementation of Kerberos 5 that is in potato and woody

Re: denial of service attack for X/esound?

This would be better. However, it still doesn't solve the initial problem I had where the previous user still owned /tmp/.esd/socket, denying me access ;-(. (unless you reboot...). -- Brian May <[EMAIL PROTECTED]>

denial of service attack for X/esound?

hat package to file the bug against... -- Brian May <[EMAIL PROTECTED]>