Hi. Sorry if I've missed discussions on this. What's the scoop?
apt-listbugs is telling me don't do it:
critical bugs of iceweasel (2.0.0.16-0etch1 - 2.0.0.17-0etch1) pending
I guess I'll scurry off to
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=497789
Hmm ... Flash related? Don't
Vincent Deffontaines [EMAIL PROTECTED]:
Marek Kubica a écrit :
On Thu, 4 Sep 2008 13:25:13 +0100
Pawe? Krzywicki [EMAIL PROTECTED] wrote:
the solution was as Cerbelle said. Login as a normal user and do
sudo ( or you can activate root login from the login menu; but i
personally
Pawe? Krzywicki [EMAIL PROTECTED]:
On czwartek, 4 wrze?nia 2008, Murat Ohannes Berin wrote:
I just installed Debian on my laptop. However, I can not login as root. It
...^^^
Try to login as a single user and change your
Micah Anderson [EMAIL PROTECTED]:
* Wolfgang Jeltsch [EMAIL PROTECTED] [2008-07-09 13:31-0400]:
configure it to only listen on 127.0.0.1,
How do I do this? dpkg-reconfigure doesn?t help.
I think the bind9 package comes configured this way by default in
Debian (a caching-only local
Incoming from Micah Anderson:
* s. keeling [EMAIL PROTECTED] [2008-07-09 17:31-0400]:
Micah Anderson [EMAIL PROTECTED]:
* Wolfgang Jeltsch [EMAIL PROTECTED] [2008-07-09 13:31-0400]:
configure it to only listen on 127.0.0.1,
How do I do this? dpkg-reconfigure doesn?t help
Harrison Conlin [EMAIL PROTECTED]:
On Wed, Jun 4, 2008 at 10:58 AM, Dan Christensen [EMAIL PROTECTED] wrote:
I had this problem with a completely up-to-date Ubuntu gutsy install on
I can't reproduce this now, as I have since upgraded the machine to
hardy, which doesn't show the problem.
Izak Burger [EMAIL PROTECTED]:
On Thu, May 15, 2008 at 9:58 PM, Guido Hennecke
[EMAIL PROTECTED] wrote:
In Germany we say: Wer nichts macht, macht auch nichts verkehrt.
Which means: he who does nothing makes no mistakes. (For those who
don't understand German)
Danke.
Behold, the
Marc Haber [EMAIL PROTECTED]:
This is a remarkable way to make the blatant failure to release Sarge
in a timely manner an advantage from a different poit of view.
If we really manage to release stable every 18 months, that would make
the normal support cycle for any stable release 30
Sorry to continue this. :-P
Filipus Klutiero [EMAIL PROTECTED]:
No. My point is not that users shouldn't upgrade or that Debian
releases should be supported for longer. I'm just pointing that
it's useless/misleading to state the project is proud of the
security support duration.
An
Incoming from Henrique de Moraes Holschuh:
On Sun, 03 Apr 2005, chad wrote:
where trying to get into me from. so i wrote a script to do it for me.
I would change that script to trigger only with two or more attempts from
the same IP...
... And realize that reports like this are routinely
Incoming from Malcolm Ferguson:
I completely agree that this needs to be discussed, but is a Debian
security list the right forum?
No, and sorry for continuing it. Just one more thought ...
It's clear that Debian is used for different purposes and one size might
not fit all. Personally
Incoming from LeVA:
Can someone please suggest me a secure ident daemon. I can not choose from
the
apt searched list.
fauxident.py
--
Any technology distinguishable from magic is insufficiently advanced.
(*)http://www.spots.ab.ca/~keeling Please don't Cc: me.
- -
--
To
Incoming from Brian Kim:
[snip]
solution, what sorts of security concerns does it present, aside from
the obvious anyone can see anything sort of concern?
Do you understand what anyone can see anything really means? Have
you pumped tcpdump output into ethereal lately?
anyone can see anything
Incoming from David Mandelberg:
s. keeling wrote:
Do you understand what anyone can see anything really means? Have
you pumped tcpdump output into ethereal lately?
anyone can see anything really means anyone can see anything.
Think about it. And what's the real reason why you don't
Incoming from David Mandelberg:
s. keeling wrote:
... should be != are. Are you sure no-one there's using telnet,
ftp, etc?
Allowing
network
sniffing is just another good incentive not to send confidential data
Incoming from Alvin Oga:
On Wed, 2 Mar 2005, David Mandelberg wrote:
s. keeling wrote:
Isn't it generally accepted that black hats who get local access (ie.,
a user login account) is _much_ worse than black hats who've been kept
anybody and everybody has local access
Incoming from Florian Weimer:
* s. keeling:
People who don't use stupid Windows email clients have no trouble with
attachments at all. Attachments are a very useful tool; for instance,
for code listings, they arrive unmangled by line wrap.
Get a better email client, running
Incoming from Moe:
Martin Schulze wrote:
Part 1 Type: C
Encoding: 8bit
After all these months/years of warnings to NEVER open email
attachments, why are you sending attachments instead of in-line?
People who don't use stupid Windows email clients have no trouble
Incoming from David Mandelberg:
s. keeling wrote:
Incoming from Moe:
Martin Schulze wrote:
Part 1 Type: C
Encoding: 8bit
After all these months/years of warnings to NEVER open email
attachments, why are you sending attachments instead of in-line?
People
Incoming from Rick Moen:
Quoting David Mandelberg ([EMAIL PROTECTED]):
Do you mean to say that opening message.txt\t\t\t.desktop which
happens to be a freedesktop.org compliant launcher for the program rm
-rf $HOME is safe because it's designed for people running one of the
F/OSS
Incoming from Denis O'Toole:
Can you please OT: this
Hint: the d key will probably do this for you. Please stop
interfering with discussions of insecure applications on
debian-security. TVM. :-)
--
Any technology distinguishable from magic is insufficiently advanced.
(*)
Incoming from Rick Moen:
Quoting s. keeling ([EMAIL PROTECTED]):
Well, even mutt will, if you turn on autoload crap in .muttrc and load
up your .mailcap with stupid helper apps.
Out of the box, no, mutt doesn't do that.
Ja. We might call the .mailcap scenario the aim-gun-at-my-foot
Incoming from RatÓn:
I´m new to packet-filtering. As you can imaging starting to use
iptables. Well once I´ve reached my first configuration I want to test
it by asking iptables if a certain type of traffic is going to be
ACCEPTED or not. To do this I make use of the -c option as follows:
Incoming from RatÓn:
So it is not ment for iptables testing. How can I test my config then??
Here's how I do it:
iptables -A INPUT -s ! 127.0.0.1/32 -m state --state NEW -j LOG
iptables -A INPUT -s ! 127.0.0.1/32 -m state --state NEW -j DROP
Then I just watch Xconsole. Modify those to LOG
Incoming from Andreas Goesele:
Andreas Goesele [EMAIL PROTECTED] writes:
After the last security update with libkpathsea3 and tetex-bin my
LaTeX installation doesn't work any more. When I try to compile a
LaTeX file I get:
I can't find the format file `latex.fmt'!
What can I do to
Incoming from [EMAIL PROTECTED]:
chkrootkit found nothing but rkhunter found quite a lot:
/bin/login /bin/su /usr/bin/locate /usr/sbin/useradd /usr/sbin/usermod
/usr/sbin/vip
All these binaries have been alerted within rkhunter.
I got a message like this [ and there was indeed an
Incoming from Rick Moen:
Quoting Milan Jurik ([EMAIL PROTECTED]):
The question isn't if stop using telnet. The question is why Debian's
telnetd is still vunerable.
I'd apologise for the off-topic digression -- if I thought I'd given
offence. ;-
No-one should have to apologise for
Incoming from James Renken:
Greetings,
I noticed the message below on BUGTRAQ last weekend, reporting a remote
root compromise in telnetd. I haven't seen any discussion of this on the
list archives, nor a new DSA. Am I missing something?
Is anyone still using telnet when there's ssh?
Incoming from Daniel Pittman:
*Most* mail clients under Unix are better written than to do that, but
Even mutt (a terrific MUA) _can be told_ to automatically handle
MIME types for you, if you want. It just depends what's in your
~/.mailcap, and that can contain any sort of command you can
Incoming from Timo Veith:
if I have a package on hold for some reason AND I would not read
debian-security-announce, how could I get to know whether there is a
secur[it]y update for that package ?
i) Subscribe to debian-security-announce !?!
ii) Go to lists.debian.org and see
Incoming from Bernd Eckenfels:
In article [EMAIL PROTECTED] you wrote:
Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC=
SRC=201.129.122.85 DST=12.65.24.43 LEN=48 TOS=0x00 PREC=0x00 TTL=115
ID=40023 DF PROTO=TCP SPT=4346 DPT=445 WINDOW=16384 RES=0x00 SYN URGP=0
...
Incoming from Daniel Pittman:
On 14 Aug 2004, s. keeling wrote:
Are you suggesting that I might see stuff in my logs that was destined
for a foreign IP?
Not often, but occasionally, depending on how your ISP connects you to
the Internet. It is most common on a LAN or a cable setup
Incoming from Wanda Round:
After reading that I should look through /var/log/messages, I did
and found many lines like these:
Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC=
SRC=201.129.122.85 DST=12.65.24.43 LEN=48 TOS=0x00 PREC=0x00 TTL=115
ID=40023 DF PROTO=TCP SPT=4346
Incoming from s. keeling:
Incoming from Wanda Round:
After reading that I should look through /var/log/messages, I did
and found many lines like these:
Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC=
SRC=201.129.122.85 DST=12.65.24.43 LEN=48 TOS=0x00 PREC=0x00 TTL=115
Incoming from Wanda Round:
s. keeling [EMAIL PROTECTED] wrote in message news:[EMAIL PROTECTED]...
Incoming from Wanda Round:
Aug 12 04:36:53 towern kernel: |iptables -- IN=ppp0 OUT= MAC=
SRC=201.129.122.85 DST=12.65.24.43 LEN=48 TOS=0x00 PREC=0x00 TTL=115
ID=40023 DF PROTO=TCP
Incoming from Ross Tsolakidis:
One of our webservers seems to get compromised on a daily basis.
When I do a ps ax I see these processes all the time.
18687 ?S 0:00 shell
18701 ?Z 0:00 [sh defunct]
18704 ?T 0:00 ./3 200.177.162.185 1524
I vaguely
Incoming from Ross Tsolakidis:
One of our webservers seems to get compromised on a daily basis.
When I do a ps ax I see these processes all the time.
18687 ?S 0:00 shell
18701 ?Z 0:00 [sh defunct]
18704 ?T 0:00 ./3 200.177.162.185 1524
I vaguely
Incoming from no name supplied:
First off, if you are not Richard Atterer ([EMAIL PROTECTED])
and you are strapped for time, I'd like to warn you in advance that
Noted.
On Jun 10, 2004, at 6:10 AM, Richard Atterer wrote:
On Thu, Jun 10, 2004 at 12:27:04PM +0300, Dmitry Golubev wrote:
I
Incoming from no name supplied:
First off, if you are not Richard Atterer ([EMAIL PROTECTED])
and you are strapped for time, I'd like to warn you in advance that
Noted.
On Jun 10, 2004, at 6:10 AM, Richard Atterer wrote:
On Thu, Jun 10, 2004 at 12:27:04PM +0300, Dmitry Golubev wrote:
I
Incoming from Rick Moen:
Quoting Russell Coker ([EMAIL PROTECTED]):
Some of the anti-spam people are very enthusiastic about their work. I
wouldn't be surprised if someone writes a bot to deal with CR systems.
A bot to detect C-R queries and add them to the refused-mail ACL list
would
Incoming from Alvin Oga:
On Thu, 3 Jun 2004, David Stanaway wrote:
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: from host-69-145-228-124.client.bresnan.net (unknown
[69.145.228.124]) by david.dialmex.net (Postfix) with SMTP id
CF733146132E
Incoming from Alvin Oga:
On Thu, 3 Jun 2004, s. keeling wrote:
why is your spam filter allowing 3 basic spam signs thru ??
- email to undisclosed-recipients should be bounced
- email from non-existent hosts should be bounced
host-69-145-228-124.client.bresnan.net
Incoming from Phillip Hofmeister:
On Thu, 03 Jun 2004 at 12:57:46PM -0400, Alvin Oga wrote:
- email from [EMAIL PROTECTED] should be bounced since
its not coming from bresnan.net
This is a bad suggestion. My ISP requires us (by blocking port 25
outbound) to use their SMTP
Incoming from Phillip Hofmeister:
On Thu, 03 Jun 2004 at 01:32:55PM -0400, s. keeling wrote:
Assuming my incoming mail is POPped off my ISP's mailhost and my
outgoing mail goes to my ISP's mailhost, how do I implement this?
If I can't, what does my ISP have to do to implement
Incoming from Rick Moen:
Quoting s. keeling ([EMAIL PROTECTED]):
However, I _would_ like to STOP it from being delivered at all, as
[snip]
What's it going to cost my ISP to implement this? Is it feasible for
an ISP to implement this?
Is it feasible for them _not_ to? ;-
Yes
Incoming from Rick Moen:
Quoting s. keeling ([EMAIL PROTECTED]):
Yes. The problem with Alvin's solution is it only looks at the crap
that spammers send. A lot of legitimate mail does all the silly
things that spammers do, and users do want to receive that mail.
1. Content-based
Incoming from Phillip Hofmeister:
On Thu, 03 Jun 2004 at 04:10:30PM -0400, s. keeling wrote:
I don't use spamassisin, just bogofilter. Here is my relevant
procmailrc snippet...
Downloading it now, thanks. Hopefully this gets me back to a
maintainable system without all
Incoming from Alvin Oga:
On Thu, 3 Jun 2004, s. keeling wrote:
personal email .. you can proably reject alll html emails
and whitelist all your friends that are sending html emails
... Assuming you can see into the future and can predict where all
your future mail will be coming from
Incoming from Michael Stone:
It's not misbehaving to generate a bounce message. Glad I could clear
that up.
s/bounce/valid bounce/
You're welcome.
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://www.spots.ab.ca/~keeling
- -
--
To
Incoming from Alvin Oga:
On Thu, 3 Jun 2004, David Stanaway wrote:
X-Original-To: [EMAIL PROTECTED]
Delivered-To: [EMAIL PROTECTED]
Received: from host-69-145-228-124.client.bresnan.net (unknown
[69.145.228.124]) by david.dialmex.net (Postfix) with SMTP id
CF733146132E
Incoming from Alvin Oga:
On Thu, 3 Jun 2004, s. keeling wrote:
why is your spam filter allowing 3 basic spam signs thru ??
- email to undisclosed-recipients should be bounced
- email from non-existent hosts should be bounced
host-69-145-228-124.client.bresnan.net
Incoming from Phillip Hofmeister:
On Thu, 03 Jun 2004 at 12:57:46PM -0400, Alvin Oga wrote:
- email from [EMAIL PROTECTED] should be bounced since
its not coming from bresnan.net
This is a bad suggestion. My ISP requires us (by blocking port 25
outbound) to use their SMTP
Incoming from Phillip Hofmeister:
On Thu, 03 Jun 2004 at 01:32:55PM -0400, s. keeling wrote:
Assuming my incoming mail is POPped off my ISP's mailhost and my
outgoing mail goes to my ISP's mailhost, how do I implement this?
If I can't, what does my ISP have to do to implement
Incoming from Rick Moen:
Quoting s. keeling ([EMAIL PROTECTED]):
However, I _would_ like to STOP it from being delivered at all, as
[snip]
What's it going to cost my ISP to implement this? Is it feasible for
an ISP to implement this?
Is it feasible for them _not_ to? ;-
Yes
Incoming from Rick Moen:
Quoting s. keeling ([EMAIL PROTECTED]):
Yes. The problem with Alvin's solution is it only looks at the crap
that spammers send. A lot of legitimate mail does all the silly
things that spammers do, and users do want to receive that mail.
1. Content-based
Incoming from Phillip Hofmeister:
On Thu, 03 Jun 2004 at 04:10:30PM -0400, s. keeling wrote:
I don't use spamassisin, just bogofilter. Here is my relevant
procmailrc snippet...
Downloading it now, thanks. Hopefully this gets me back to a
maintainable system without all
Incoming from Alvin Oga:
On Thu, 3 Jun 2004, s. keeling wrote:
personal email .. you can proably reject alll html emails
and whitelist all your friends that are sending html emails
... Assuming you can see into the future and can predict where all
your future mail will be coming from
Incoming from Michael Stone:
It's not misbehaving to generate a bounce message. Glad I could clear
that up.
s/bounce/valid bounce/
You're welcome.
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://www.spots.ab.ca/~keeling
- -
Incoming from Bernd Eckenfels:
In article [EMAIL PROTECTED] you wrote:
Are you suggesting then, that we should not relay mail at all?, not even
to/from our customers?
If you relay mail from your customers, you have to deliver them their
bounces if they spam. If you relay to your
Incoming from [EMAIL PROTECTED]:
If it was rooted, I need to get some source code off it. Can I just
stick the hard drive in another system, so I can get that source off
of it, and diff it to my backups?
Probably simpler to just boot from a CD and mount the filesystem you
need to get stuff
Incoming from [EMAIL PROTECTED]:
If it was rooted, I need to get some source code off it. Can I just
stick the hard drive in another system, so I can get that source off
of it, and diff it to my backups?
Probably simpler to just boot from a CD and mount the filesystem you
need to get stuff
Incoming from Costas Magkos:
I am running woody on a SPARCstation 10 with kernel from testing:
# uname -a
Linux foo 2.4.24-sparc32 #1 Fri Jan 30 16:04:55 EST 2004 sparc unknown
When I run ps I get the following two lines before the actual output.
# ps ax
{iommu_get_scsi_sgl_pflush}
Incoming from Costas Magkos:
On 30/03/04 18:50, s. keeling wrote:
I doubt debian-security is the right place for this.
I've tried debian-sparc before posting here, but got no reply. Sorry for
the inconvenience. :-)
No problem. debian-user would have been appropriate I think. You'd
Incoming from Costas Magkos:
I am running woody on a SPARCstation 10 with kernel from testing:
# uname -a
Linux foo 2.4.24-sparc32 #1 Fri Jan 30 16:04:55 EST 2004 sparc unknown
When I run ps I get the following two lines before the actual output.
# ps ax
{iommu_get_scsi_sgl_pflush}
Incoming from Costas Magkos:
On 30/03/04 18:50, s. keeling wrote:
I doubt debian-security is the right place for this.
I've tried debian-sparc before posting here, but got no reply. Sorry for
the inconvenience. :-)
No problem. debian-user would have been appropriate I think. You'd
Incoming from Brett Furlong:
Soz, to pester.
Got spam though debian security list again...
Was from Jalousies M. Pseudonyms [EMAIL PROTECTED]
Not winging @ Deb Mail Crew, You guys rock.
But yeh, is there a way, we can have a human filter all the eMails before
they
are allowed to be
Incoming from Brett Furlong:
Soz, to pester.
Got spam though debian security list again...
Was from Jalousies M. Pseudonyms [EMAIL PROTECTED]
Not winging @ Deb Mail Crew, You guys rock.
But yeh, is there a way, we can have a human filter all the eMails before they
are allowed to be
Incoming from Nick Boyce:
Otherwise, I suggest you move /lib/modules/2.4.18 out of the way,
perhaps to /lib/modules/2.4.18.old or something, and then try
re-installing this image.
[snip]
What on earth is this trying to say to me ?
Hi. This is the kernel install helper thingy. As I've
Incoming from Klaus Maxam:
von: s. keeling / Thu, 4 Mar 2004 09:56:01 -0700
Incoming from Costas Magkos:
Can someone give me some best-practices for setting up iptables on a
Good question. I'm using ppp and I have a script in /etc/ppp/ip-up.d
that should be run by /etc/ppp/ip-up
Incoming from Martin Schulze:
s. keeling wrote:
Incoming from Martin Schulze:
Debian Security Advisory DSA 455-1 [EMAIL PROTECTED]
Package: libxml, libxml2
libxml2 is a library for manipulating XML files.
[snip]
For the stable distribution
Incoming from Klaus Maxam:
von: s. keeling / Thu, 4 Mar 2004 09:56:01 -0700
Incoming from Costas Magkos:
Can someone give me some best-practices for setting up iptables on a
Good question. I'm using ppp and I have a script in /etc/ppp/ip-up.d
that should be run by /etc/ppp/ip-up
Incoming from Martin Schulze:
s. keeling wrote:
Incoming from Martin Schulze:
Debian Security Advisory DSA 455-1 [EMAIL PROTECTED]
Package: libxml, libxml2
libxml2 is a library for manipulating XML files.
[snip]
For the stable distribution
Incoming from Costas Magkos:
Can someone give me some best-practices for setting up iptables on a
Debian system? I'm looking for things like where should the rules be
placed, what startup script to use [1], good configuration tools [2] and
Good question. I'm using ppp and I have a script
Incoming from Costas Magkos:
Can someone give me some best-practices for setting up iptables on a
Debian system? I'm looking for things like where should the rules be
placed, what startup script to use [1], good configuration tools [2] and
Good question. I'm using ppp and I have a script
Incoming from Jan Lühr:
Greetings,
I discovered some strange output of the last command on our Woody
Terminalserver (for X11). I have already posted it on debian-user-german, but
I didn't get any answer. (I hope you don't mind, if I post it for the english
speaking majority)
Although I
Incoming from Jan Lühr:
Greetings,
I discovered some strange output of the last command on our Woody
Terminalserver (for X11). I have already posted it on debian-user-german, but
I didn't get any answer. (I hope you don't mind, if I post it for the english
speaking majority)
Although I
Incoming from Matt Zimmerman:
On Thu, Feb 19, 2004 at 09:12:42PM -0700, s. keeling wrote:
Incoming from Matt Zimmerman:
On Thu, Feb 19, 2004 at 02:24:42PM +0100, Florian Weimer wrote:
You don't. Tough luck, of course, but that's the price for running
affordable, off-the-shelf
Incoming from Matt Zimmerman:
On Thu, Feb 19, 2004 at 02:24:42PM +0100, Florian Weimer wrote:
You don't. Tough luck, of course, but that's the price for running
affordable, off-the-shelf software (free or proprietary).
You seem to imply that one is better off with a proprietary software
Incoming from Matt Zimmerman:
On Thu, Feb 19, 2004 at 09:12:42PM -0700, s. keeling wrote:
Incoming from Matt Zimmerman:
On Thu, Feb 19, 2004 at 02:24:42PM +0100, Florian Weimer wrote:
You don't. Tough luck, of course, but that's the price for running
affordable, off-the-shelf
Incoming from Matt Zimmerman:
On Thu, Feb 19, 2004 at 02:24:42PM +0100, Florian Weimer wrote:
You don't. Tough luck, of course, but that's the price for running
affordable, off-the-shelf software (free or proprietary).
You seem to imply that one is better off with a proprietary software
Incoming from John Hardcastle:
So the default file permissions don't do what you want.
$ umask
Read the manual page for the umask command,
$ man umask
As root, change the umask in /etc/profile to reflect the permissions you
want.
# vi /etc/profile
Then have all users logout and login
Incoming from Eduardo Almeida:
I don't know if all of you already heard about this. This message is a
virus as you can see below.
Pardon me if this seems a bit thick headed, but why should I care? The
Windows world is always being attacked by crap like this. Why is this
news?
I don't use
Incoming from Eduardo Almeida:
I don't know if all of you already heard about this. This message is a
virus as you can see below.
Pardon me if this seems a bit thick headed, but why should I care? The
Windows world is always being attacked by crap like this. Why is this
news?
I don't use
Incoming from Jonas J Linde:
And [EMAIL PROTECTED] spoke unto the world. And said:
I need a tool that does the following work:
checks for new mail in a maibox via pop3;
So, IMAP is the wrong answer.
verify the digital signature and decrypts the mail;
GnuPG
parse the body;
Incoming from ZsoL:
Hash: SHA1
On Tuesday 06 January 2004 06.37, s. keeling wrote:
Incoming from Matt Zimmerman:
Debian Security Advisory DSA 411-1
[EMAIL PROTECTED] http://www.debian.org/security/
Matt Zimmerman January 5th, 2004
Incoming from ZsoL:
Hash: SHA1
On Tuesday 06 January 2004 06.37, s. keeling wrote:
Incoming from Matt Zimmerman:
Debian Security Advisory DSA 411-1
[EMAIL PROTECTED] http://www.debian.org/security/
Matt Zimmerman January 5th, 2004
Incoming from Rick Moen:
Quoting Marcel Weber ([EMAIL PROTECTED]):
But what made me shudder was this: In the /tmp folder I found these files:
drwx-- 2 root root 48 Aug 10 19:36 Ib2KZi
drwx-- 2 root root 88 Jan 3 06:12 MF2oMw
drwx-- 2
Incoming from Martin Schulze:
- --
Debian Security Advisory DSA 407-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
January 5th, 2004
Incoming from Matt Zimmerman:
Debian Security Advisory DSA 411-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
January 5th, 2004 http://www.debian.org/security/faq
Package: mpg321
Vulnerability
Incoming from Rick Moen:
Quoting Marcel Weber ([EMAIL PROTECTED]):
But what made me shudder was this: In the /tmp folder I found these files:
drwx-- 2 root root 48 Aug 10 19:36 Ib2KZi
drwx-- 2 root root 88 Jan 3 06:12 MF2oMw
drwx-- 2
Incoming from Martin Schulze:
- --
Debian Security Advisory DSA 407-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Martin Schulze
January 5th, 2004
Incoming from Matt Zimmerman:
Debian Security Advisory DSA 411-1 [EMAIL PROTECTED]
http://www.debian.org/security/ Matt Zimmerman
January 5th, 2004 http://www.debian.org/security/faq
Package: mpg321
Vulnerability
Incoming from Kjetil Kjernsmo:
Not quite. In addition to the bf-images, there are a bunch of images
that are architecture-specific. Uhm, packages.debian.org are still
down, otherwise you could have seen them there. Anyway, do
You don't need p.d.o for that:
(0) keeling /home/keeling_
Incoming from Kjetil Kjernsmo:
Not quite. In addition to the bf-images, there are a bunch of images
that are architecture-specific. Uhm, packages.debian.org are still
down, otherwise you could have seen them there. Anyway, do
You don't need p.d.o for that:
(0) keeling /home/keeling_
FYI, procmail users: This appears to work fairly well so far; fwiw:
#
# inept mailing list (un)su[b]?scribe attempts, and vacation dorks.
#
:0 HB
* 1^0 ()(I will be out of the office|I will respond to your message when I return\.)
* 1^0
FYI, procmail users: This appears to work fairly well so far; fwiw:
#
# inept mailing list (un)su[b]?scribe attempts, and vacation dorks.
#
:0 HB
* 1^0 ()(I will be out of the office|I will respond to your message when I
return\.)
* 1^0
Incoming from Markus Schabel:
Does anybody know of these samba packages?
http://ftp.cvut.cz/samba/samba-latest.tar.gz
AFAICS they are faked and contain some kind of rootkit (you can see
this in the history below. the server this history is from is taken
offline for security reasons, and
Incoming from Adeodato Sim?:
* s. keeling [Mon, 22 Dec 2003 23:52:30 -0700]:
With help from one of the list recipients, this is now verified and
reproducible. Something between me and those people whose keys are
determined by my copy of gpg to be Bad signature, is mangling mail
Incoming from s. keeling:
Incoming from Thomas Sj?gren:
On Mon, Dec 22, 2003 at 12:35:49PM -0700, s. keeling wrote:
gpg: Signature made Sun Dec 21 17:50:12 2003 MST using DSA key ID
946886AE
gpg: BAD signature from Trey Sizemore [EMAIL PROTECTED]
Now, from the same guy, same
Incoming from Adeodato Sim?:
* s. keeling [Mon, 22 Dec 2003 23:52:30 -0700]:
With help from one of the list recipients, this is now verified and
reproducible. Something between me and those people whose keys are
determined by my copy of gpg to be Bad signature, is mangling mail
1 - 100 of 110 matches
Mail list logo
