> Jonas.
>
> On Sat, 9 May 2020, 01:22 Roman Medina-Heigl Hernandez,
> mailto:ro...@rs-labs.com>> wrote:
>
> Gracias Alberto. Now it's solved (it has been a little bit tricky).
>
> My final config:
>
> * /etc/imapd.conf
> tls_ciphers: TLSv1.
col = None
> CipherString = DEFAULT
> To:
> /etc/ssl/openssl.cnf
>
> Regards,
>
> Alberto
>
> On Fri, May 08, 2020 at 09:07:31PM +0200, Roman Medina-Heigl Hernandez wrote:
>> Hi,
>>
>> I upgraded from Jessie to Buster (thru Stretch) and noticed that Cyr
Hi,
I upgraded from Jessie to Buster (thru Stretch) and noticed that Cyrus
(imaps & pop3s) stopped negotiating TLS 1.0 and 1.1 protocols (I know
they're not recommended but I need them for older clients). I tried
several combinations of tls_ciphers and tls_versions in /etc/imapd.conf
(even very
El 19/02/2019 a las 17:44, Russ Allbery escribió:
> Roman Medina-Heigl Hernandez writes:
>
> So you cannot overwrite /home/synology/rsyncd.conf.
> Can the client just do:
>
> rsync rsyncd.conf :./
>
You're right, I was wrong. It's game over :)
> I think to make this
El 19/02/2019 a las 4:16, Russ Allbery escribió:
> Unfortunately, I took a closer look, and it turns out that this command
> was never safe. It also allows arbitrary code excution on the server
> side if the client can write to $HOME. This is because:
>
>--config=FILE
> This
El 18/02/2019 a las 18:27, Russ Allbery escribió:
> While I agree that using undocumented features of rsync is a little
> dubious, I'm also willing to include a fix to allow the specific command
> line "rsync --server --daemon " since (a) it seems to be safe, (b)
> looks easy enough to do, and (c)
Added Russ (rssh maintainer).
I cannot probe it but I guess chances are high that the issue is present
both in stable and oldstable (I cannot find a good reason to filter
different commands: solution should be the same or very similar) so I'm
still keeping debian-security in the loop.
PS: Thx
Hi security-fellows,
I applied recent rssh security updates to Debian 8 (jessie) and I
noticed that it breaks Synology's "Hyper backup" tool (with rsync method).
The relevant log lines at my Debian server:
Feb 10 03:28:21 roman rssh[19985]: cmd 'rsync' approved
Feb 10 03:28:21 roman
Hi,
Someone working on a fixed .deb for this?
http://www.openwall.com/lists/oss-security/2018/03/17/2
--
Saludos,
-Román
Hello,
Have you seen this?
http://seclists.org/bugtraq/2009/Mar/0187.html
I'm wondering:
1) Is Alberto going to release updated (no official) packages?
(http://etc.inittab.org/~agi/debian/libapache-mod-security2)
2) When will mod-security be re-incorporated to Debian? ETA? I think
license issues
, inspecting all traffic, and
generating on the fly SSL certificates... Of course, they are not
cheap at all... (maybe around $20.000 each).
Best regards,
Jonas.
On Dec 15, 2007 8:53 AM, Roman Medina-Heigl Hernandez [EMAIL PROTECTED]
wrote:
Hi Jonas,
I didn't explain well... L7 filtering
Willi Mann escribió:
I'm interested in a better authentication method than registering all
the MACs+IPs of all my users (which after all is just dust in the wind
...) using my current hardware (16 servers, 1 for at least 250
clients). I was thinking about ppp based authentication but it
check
Application Layer Packet Classifier for Linux:
http://l7-filter.sourceforge.net/
Kernel Iptables Layer 7: http://l7-filter.sourceforge.net/HOWTO-kernel
On Dec 14, 2007 6:53 PM, Roman Medina-Heigl Hernandez [EMAIL PROTECTED]
wrote:
Willi Mann escribió:
If you want
Hi all. Sorry for my late response. I'm on vacation. Comments inline.
On Thu, 22 Jul 2004 20:28:23 +0200 (CEST), you wrote:
About security fixes in the SquirrelMail code; SquirrelMail does not (contrary to
Roman's standpoint) adhere to a obscurity-policy but in stead openly discloses any
Is there any official or non-official .deb package with a chrooted
apache distro? Any related project?
Thanks.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
Is there any official or non-official .deb package with a chrooted
apache distro? Any related project?
Thanks.
Saludos,
--Roman
--
PGP Fingerprint:
09BB EFCD 21ED 4E79 25FB 29E1 E47F 8A7D EAD5 6742
[Key ID: 0xEAD56742. Available at KeyServ]
:58:50PM +0100, Roman Medina wrote:
On Thu, 30 Oct 2003 12:21:09 -0500, you wrote:
Ask [EMAIL PROTECTED]
See above.
I'm not subscribed to debian-apache neither I'm going to subscribe only
to ask this. If this is a security issue in Debian, why not to discuss it
in a Debian security ml
:58:50PM +0100, Roman Medina wrote:
On Thu, 30 Oct 2003 12:21:09 -0500, you wrote:
Ask [EMAIL PROTECTED]
See above.
I'm not subscribed to debian-apache neither I'm going to subscribe only
to ask this. If this is a security issue in Debian, why not to discuss it
in a Debian security ml
On Thu, 30 Oct 2003 12:21:09 -0500, you wrote:
On Thu, Oct 30, 2003 at 05:49:34PM +0100, [EMAIL PROTECTED] wrote:
It's a Woody 3.0 up-to-date machine. Are you sure Apache shipped on Debian
is actually secure? These segfaults scare me... it smells like
0day-exploit...
[...]
Ask [EMAIL
19 matches
Mail list logo