Re: NMUs applying sleeping wishlist bugs about translation

On Wed, Aug 27, 2003 at 09:01:26PM -0500, Steve Langasek wrote: > Quite. But I believe that doing NMUs *does* improve the overall quality > of Debian, and I believe that putting NMUers on the spot over bugs they > didn't cause would be a sufficient deterrent that Debian would suffer > for it. H

Re: New release of ifupdown planned

On Wed, Aug 27, 2003 at 09:36:31PM +0200, Thomas Hood wrote: > Since the maintainer of ifupdown doesn't answer repeated attempts > to contact him by e-mail, I suppose it is appropriate to report > here that there is a group of people working on a new ifupdown > release. The term is "an ifupdown

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 05:40:46PM -0700, Don Armstrong wrote: > On Wed, 27 Aug 2003, Adam McKenna wrote: > > TMDA does not ship with any defaults, except a couple of customizable > > text files (templates). It is entirely up to the user to create a > > TMDA configuration along with his own whitel

Re: New release of ifupdown planned

On Wed, Aug 27, 2003 at 09:36:31PM +0200, Thomas Hood wrote: > The ifupdown package hasn't been touched by its maintainer for over > two years and it is about time some of its problems were addressed. Thanks for taking the initiative on this. I'd noticed it's neglect a while back but didn't have

Re: DebToo: Debian, Gentoo-style

El Wed, 27 Aug 2003 22:22:28 +1000 Glenn McGrath <[EMAIL PROTECTED]> escribió: > Source based distro's are more bandwidth friendly as the source can be > reused to produce new revisions of existing packages. > > As a developer i would _much_ rather have a cache of old source code > than a cache o

Re: NMUs applying sleeping wishlist bugs about translation

On Wed, Aug 27, 2003 at 02:05:15PM -0500, Manoj Srivastava wrote: > On Wed, 27 Aug 2003 11:46:41 -0500, Steve Langasek <[EMAIL PROTECTED]> said: > > This is the sticking point, I think. Are we talking about resolving > > the possible problems *from* NMUing, or are we talking about > > resolving

Re: Patch needs Sponsor - 20 bugs left - sorted by mtime

Joel Baker <[EMAIL PROTECTED]> writes: > On Wed, Aug 27, 2003 at 12:32:59PM +0200, Goswin von Brederlow wrote: > > > > TITLE #195527: mysql++: FTBFS with g++-3.3: Missing include > > Severity: serious > > Package:mysql++ > > Age:87 days > > Last changed: 15 days

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 07:26:24PM -0400, Joey Hess wrote: > Colin Watson wrote: > > Some of those challenges arrive at [EMAIL PROTECTED] instead. > > I'm curious; how many would you say it gets per package on avarage, that > have some real impact? (A TMDA response to a BTS ACK mail has little > i

Re: Sarge+1: ideas for Experimental V1.2 (or is that 0.2?)

Andreas Barth <[EMAIL PROTECTED]> writes: > * Goswin von Brederlow ([EMAIL PROTECTED]) [030826 21:50]: > > Andreas Barth <[EMAIL PROTECTED]> writes: > > > This mass-introduces bugs reports of glibc-bugs to other packages. No, > > > glibc (and the other core parts) must be the most conservative par

Re: NMUs applying sleeping wishlist bugs about translation (was something else)

On Wed, Aug 27, 2003 at 02:57:28PM -0400, Stephen Frost wrote: > * Steve Langasek ([EMAIL PROTECTED]) wrote: > > Holding NMUers accountable for the quality of their uploads: yes. > > Holding NMUers accountable for the quality of the maintainer's package: no. > I'm happy to clarify my position if y

Re[5]:

Title: 0rCm1Rey and when it Debian-devel wtz He's about cjDFr dRTE Wrong number I Debian-devel some advice about kbZFZ

Re: DebToo: Debian, Gentoo-style

Andrew Pimlott <[EMAIL PROTECTED]> writes: > On Tue, Aug 26, 2003 at 01:14:41PM -0700, Chris de Vidal wrote: > > Volunteers needed! > > http://debtoo.org > > You get Debian's benefits, like their stellar package > management, with *completely* optional optimization. > > I would be intere

Re: cpu usage, consideration of others, apt-listbugs

Masato Taruishi <[EMAIL PROTECTED]> writes: > Adam Heath wrote: > > > > On IRC, I was suggested that apt-listbugs should use index.db. I had to > > > use debbugs .status file too because index.db doesn't have subject. > > > > > > apt-listbugs fetches just few static files from web server, two ind

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, 27 Aug 2003, Adam McKenna wrote: > TMDA does not ship with any defaults, except a couple of customizable > text files (templates). It is entirely up to the user to create a > TMDA configuration along with his own whitelist and filter > directives. If possible, perhaps you could consider w

Re: looking for nco maintainer Brain Mays

Rorik Peterson <[EMAIL PROTECTED]> wrote: > I am one of the upstream developers of the nco package. We have > been unable to contact via email the maintainer Brian Mays after > several attempts beginning 2003/03/03, although db.debian.org reports > activity as recent 2003/08/13. We would greatly

unsubscribe

-- .''`. Rodrigo Tadeu Claro (rlinux) : :' : Debian-SP - irc.freenode.net - #debian-sp `. `'` email - [EMAIL PROTECTED] `-www.rodrigoclaro.cjb.net ->> UIN168799234 -- Linux User Registered #301748 Debian-BR User #504 GPGkey ID D3

Re: NMUs applying sleeping wishlist bugs about translation

* Joel Baker ([EMAIL PROTECTED]) wrote: > This argument would carry more weight with me if it were possible to either > A) test the upload *completely* before making it (IE, catch all possible > FTBFS bugs or other quirks that happen when dealing with the build daemons, > many of which even a sane

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

This one time, at band camp, Adam McKenna said: > Stephen, > > TMDA does not ship with any defaults, except a couple of customizable > text files (templates). It is entirely up to the user to create a TMDA > configuration along with his own whitelist and filter directives. > > TMDA is actually

Re: Bits from the RM

On Mon, Aug 25, 2003 at 09:58:31PM +0200, Sven Luther wrote: > On Wed, Aug 20, 2003 at 08:11:55PM -0500, Branden Robinson wrote: > > Interested parties, please catch up on the last month's worth of traffic > > to the debian-x mailing list to get a feel for the environment. > > Maybe you could spli

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

Colin Watson wrote: > Some of those challenges arrive at [EMAIL PROTECTED] instead. I'm curious; how many would you say it gets per package on avarage, that have some real impact? (A TMDA response to a BTS ACK mail has little impact.) Perhaps my numbers were low, since I only counted the ones I oc

Do you Think Your Funny??? Want to be a Comedian??

Laugh Across America Las Vegas Comedy Festival 3945 W. Reno Ave., Suite E Las Vegas, NV 89118 Phone: (702) 736

looking for nco maintainer Brain Mays

I am one of the upstream developers of the nco package. We have been unable to contact via email the maintainer Brian Mays after several attempts beginning 2003/03/03, although db.debian.org reports activity as recent 2003/08/13. We would greatly like to update the unstable source since many

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

Stephen Gran dijo [Wed, Aug 27, 2003 at 03:02:33PM -0400]: > The project certainly can and should prohibit maintainers from uploading > things that will cause problems for the project (crypto, copyright > infringement, etc.), but that is a different case than this. > Distributing TMDA doesn't infri

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 03:02:33PM -0400, Stephen Gran wrote: > I think that either a large warning on bugs.d.o about the use of C-R > systems in corrspondence, or a similar warning in the description of > TMDA would suffice. I am not familiar with TMDA, so I may be wrong, but > couldn't it be shi

Re: NMUs applying sleeping wishlist bugs about translation

On Wed, Aug 27, 2003 at 02:05:15PM -0500, Manoj Srivastava wrote: > On Wed, 27 Aug 2003 11:46:41 -0500, Steve Langasek <[EMAIL PROTECTED]> said: > > > Holding NMUers accountable for the quality of their uploads: yes. > > Quite. If your upload caused the situation to deteriorate, > whether

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 07:49:27PM +0100, Colin Watson wrote: > On Wed, Aug 27, 2003 at 12:30:07PM -0400, Joey Hess wrote: > > Adam McKenna wrote: > > > The arguments are facile and specious, I do not intend to waste my > > > precious time responding to them. > > That's a shame. I don't believe Ka

Re: Urgent coreutils/libc6? problem

On Wed, 27 Aug 2003, Jørgen Hermanrud Fjeld wrote: > I don't think so, since > # > egrep "(^passwd)|(^group)" /etc/nsswitch.conf > passwd: files > group: files > # > And PAM should have no interference with looking up groups, as far as I can > see, and this is not a login issue. >

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

Matijs van Zuijlen <[EMAIL PROTECTED]> writes: >> That's over two months (and two releases) old. The current galeon in >> unstable is 1.3.7.20030813-1, which has the "Add bookmark to" submenu at >> the top of the bookmark menu. > > I only have the "Add bookmark" submenu, not the "Add bookmark to"

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 12:30:07PM -0400, Joey Hess wrote: > Adam McKenna wrote: > > The arguments are facile and specious, I do not intend to waste my precious > > time responding to them. > > Speaking of precious time, let me bore you with another facile and > specious argument.. [snip] He's no

Re: 0 RC bugs == releasable quality?

Branden Robinson dijo [Tue, Aug 26, 2003 at 01:07:04PM -0500]: > > Hrm. I guess that theory doesn't scale up beyond the package level... > > It doesn't even scale up to XFree86. *Every time* someone talks to me > in person about XFree86, I expect they want my help with a problem, or > they want t

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On Wed, Aug 27, 2003 at 10:27:10AM -0400, Omen Wild wrote: > Quoting Andreas Tille <[EMAIL PROTECTED]> on Wed, Aug 27 09:38: > > > >- the "add bookmark to" menu entry to put a certain bookmark directly > > into > > the right place > > Turns out this feature is actually there. Go into yo

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On Wed, Aug 27, 2003 at 04:50:28PM +0200, Dagfinn Ilmari Mannsåker wrote: > Andreas Tille <[EMAIL PROTECTED]> writes: > > > On Wed, 27 Aug 2003, Michael Piefel wrote: > > > > To answer you other questions after checking on a machine with Galeon > > 1.3 installed: > > > >> Am 27.08.03 um 09:38:47 s

New release of ifupdown planned

The ifupdown package hasn't been touched by its maintainer for over two years and it is about time some of its problems were addressed. Since the maintainer of ifupdown doesn't answer repeated attempts to contact him by e-mail, I suppose it is appropriate to report here that there is a group of pe

Re: NMUs applying sleeping wishlist bugs about translation (was something else)

On Wed, Aug 27, 2003 at 11:46:41AM -0500, Steve Langasek wrote: > On Thu, Aug 28, 2003 at 12:31:30AM +1000, Anthony Towns wrote: > > On Wed, Aug 27, 2003 at 09:35:08AM +0200, Sven Luther wrote: > > > It only means that someone > > > wanting to do an NMU for some probably minor, not really touching

Ye olde " and is not working in X" bug

Yo! This was discussed at length (iirc soon after woody release, in one of the 'what should be better in sarge' threads). but without any real solution being presented. I don't know, has there been any progress? Somebody (a DD) failed to reproduce it. I did set up a few Debian machines recentl

Re: NMUs applying sleeping wishlist bugs about translation

On Wed, 27 Aug 2003 11:46:41 -0500, Steve Langasek <[EMAIL PROTECTED]> said: > This is the sticking point, I think. Are we talking about resolving > the possible problems *from* NMUing, or are we talking about > resolving any problems that happen to show up after the NMU? I How can one

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On 2003-08-27T09:38:47+0200, Andreas Tille wrote: > Moreover I do not like the new hot keys because I was comfortable with > {,} to go {back,foreward} > which was replaced by some other keys which are used in my special environment > for a different purpose. Sounds like gnome vs emacs text

Re: NMUs applying sleeping wishlist bugs about translation (was something else)

* Steve Langasek ([EMAIL PROTECTED]) wrote: > Holding NMUers accountable for the quality of their uploads: yes. > Holding NMUers accountable for the quality of the maintainer's package: no. I'm happy to clarify my position if you aren't clear on it and would rather you do that then make misleading

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 12:30:07PM -0400, Joey Hess wrote: > Adam McKenna wrote: > > The arguments are facile and specious, I do not intend to waste my > > precious time responding to them. That's a shame. I don't believe Karsten to be in the habit of putting forward specious arguments. > Speakin

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

This one time, at band camp, Joey Hess said: > > I don't think that TMDA is yet enough of a problem for this to be a big > deal, but I think it has the potential to become one. Debian as a whole > is empowered to override the wishes of one maintainer, if it turns out > that the software he is pack

Re: tmda: Challenge-response is fundamentally broken

On Wed, 27 Aug 2003 11:44:34 +0100 Stephen Stafford <[EMAIL PROTECTED]> wrote: > Sorry, but I do NOT see how this is a grave bug. It's wishlist (at best). I tend to agree with the grave aspect. > YOU might not agree that C-R systems are good (personally I detest them), > but that does NOT me

Re: osirusoft down

On Wed, 2003-08-27 at 20:12, martin f krafft wrote: > also sprach Martin List-Petersen <[EMAIL PROTECTED]> [2003.08.27.1832 +0200]: > > > http://www.merit.edu/mail.archives/nanog/msg12818.html > > > > Actually there is a chance of your/my mail getting through > > how? The line at osirusoft was

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

* Florian Weimer <[EMAIL PROTECTED]> [030827 19:08]: > That's why it's better to get rid of generic MX secondaries (IOW > secondaries which are not under you administrative control). The > effect you describe hampers effective anti-spam measures, too. It can also help anti-spam measures. They a

Re: osirusoft down

also sprach Martin List-Petersen <[EMAIL PROTECTED]> [2003.08.27.1832 +0200]: > > http://www.merit.edu/mail.archives/nanog/msg12818.html > > Actually there is a chance of your/my mail getting through how? > and if people at least have configured their mailer to monitor > abandoned mail, then t

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 05:16:40PM +0200, Florian Weimer wrote: > Most MTAs support rejecting unknown destinations at the SMTP level. > They don't generate bounce messages in such cases. > It's a pity if Postfix can't do this. So far, I assumed only qmail > had this weird property. Postfix supp

Re: cpu usage, consideration of others, apt-listbugs

2003$BG/(B08$B7n(B28$BF|(B(?)$B$N(B01$B;~(B58$BJ,$K(B Adam Heath (Bwrote: (B (B> > On IRC, I was suggested that apt-listbugs should use index.db. I had to (B> > use debbugs .status file too because index.db doesn't have subject. (B> > (B> > apt-listbugs fetches just few static fi

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On Wed, Aug 27, 2003 at 04:50:28PM +0200, Dagfinn Ilmari Manns??ker wrote: > Andreas Tille <[EMAIL PROTECTED]> writes: > > > On Wed, 27 Aug 2003, Michael Piefel wrote: > > > > To answer you other questions after checking on a machine with Galeon > > 1.3 installed: > > > >> Am 27.08.03 um 09:38:47

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On Wed, 27 Aug 2003 16:50:28 +0200 [EMAIL PROTECTED] (Dagfinn Ilmari Mannsåker) wrote: > That's over two months (and two releases) old. The current galeon in > unstable is 1.3.7.20030813-1, which has the "Add bookmark to" submenu > at the top of the bookmark menu. Huh?!? well I must be blind then

Re: osirusoft down

On Wed, 2003-08-27 at 11:43, martin f krafft wrote: > In case you run a mailserver with RBL and you don't know about this > yet. (mh, are you going to get this mail then?) > > http://www.merit.edu/mail.archives/nanog/msg12818.html Actually there is a chance of your/my mail getting through and i

Re: tmda: Challenge-response is fundamentally broken

Mark Brown <[EMAIL PROTECTED]> writes: > The part where SMTP is completely unauthenticated means that this > doesn't help - the SMTP envelope sender can be forged just as easily as > the From: inside the message. You're right, I forgot to say that the idea only applies to non-relayed mail where th

thanking u

Thanks for mailing. I'll reply u as soon as possible. Have a nice day. ...Shashi...

Re: Urgent coreutils/libc6? problem

On Tue, Aug 26, 2003 at 10:21:27PM -0400, Jaldhar H. Vyas wrote: > Could it be something in your nsswitch or PAM configuration? Are you > using NIS? (I heard it was broken in the latest libc6) I don't think so, since # egrep "(^passwd)|(^group)" /etc/nsswitch.conf passwd: files group:

Re: cpu usage, consideration of others, apt-listbugs

On 27 Aug 2003, Masato Taruishi wrote: > On IRC, I was suggested that apt-listbugs should use index.db. I had to > use debbugs .status file too because index.db doesn't have subject. > > apt-listbugs fetches just few static files from web server, two index > files and .status files of actual criti

Re: tmda: Challenge-response is fundamentally broken

* Mark Brown > You do realise that all parts of SMTP are generally completely > unauthenticated and can be trivially forged? Yes. It's indeed very sad that it is so. However, my main issue still remains -- the difference (for the user) between «I'm installing this package and accep

Re: NMUs applying sleeping wishlist bugs about translation (was something else)

On Thu, Aug 28, 2003 at 12:31:30AM +1000, Anthony Towns wrote: > On Wed, Aug 27, 2003 at 09:35:08AM +0200, Sven Luther wrote: > > It only means that someone > > wanting to do an NMU for some probably minor, not really touching the > > package, will not do it because he don't want that responsaibili

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

Adam McKenna wrote: > The arguments are facile and specious, I do not intend to waste my precious > time responding to them. Speaking of precious time, let me bore you with another facile and specious argument.. Like many of us here, I occasionally receive bug reports from our users, and reply fo

unsubscribe

unsubscribe

Re: tmda: Challenge-response is fundamentally broken

Mark Brown <[EMAIL PROTECTED]> writes: >> Why cannot the C-R system issue the challenge during the SMTP session >> (respond with a reject containing the challenge)? With the latest >> Sobig flood I've begun to consider all list software sending back > > The part where SMTP is completely unauthenti

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 12:37:36PM +0100, Colin Watson wrote: > Perhaps some compromise could be found here to improve the package's > description. Adam, I also think it would be helpful if you could respond > to at least some points from the original bug report. I do believe that > Karsten has tho

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

Stephen Stafford wrote: > As long as SOME users like it, and find it useful and it fits THEIR needs, > then we should not be removing it from Debian (as long as it meets DFSG). Great! Then someone needs to revive that ITP filed April 1st 2002. This new policy will certianly make a lot of script ki

Re: Patch needs Sponsor - 20 bugs left - sorted by mtime

On Wed, Aug 27, 2003 at 12:32:59PM +0200, Goswin von Brederlow wrote: > > TITLE #195527:mysql++: FTBFS with g++-3.3: Missing include > Severity: serious > Package: mysql++ > Age: 87 days > Last changed: 15 days Please be more careful about these reports; this bug has be

Re: DebToo: Debian, Gentoo-style

On Tue, Aug 26, 2003 at 01:14:41PM -0700, Chris de Vidal wrote: > Volunteers needed! > http://debtoo.org You get Debian's benefits, like their stellar package management, with *completely* optional optimization. I would be interested in a source-based system that is focused on convenience

Re: tmda: Challenge-response is fundamentally broken

Tore Anderson <[EMAIL PROTECTED]> writes: > severity 207300 grave > quit > > * Karsten M. Self > > > Briefly: challenge-response (C-R) spam fighting systems are > > fundamentally broken by design. > > > I am recommending that TMDA be dropped from Debian. I use tmda, but not in challenge-respo

Re: DebToo: Debian, Gentoo-style

On Wed, Aug 27, 2003 at 10:22:28PM +1000, Glenn McGrath wrote: > Source based distro's are more bandwidth friendly as the source can be > reused to produce new revisions of existing packages. This is only true in cases where you get more than one Debian revision out of a given upstream release of

Re: galeon in Debian stable

On Wed, 27 Aug 2003 10:10:11 +0200, Mark Howard wrote: > Sorry for cross-posting. There are many interested people who only read > one of the lists I'm posting to. > > Hello again, > It's great to see so many positive comments about galeon. Hopefully > 1.3.8 will go into stable. It would be re

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On Wed, Aug 27, 2003 at 03:53:42PM +0200, Andreas Tille wrote: > I forgot a further very helpful feature: External viewer / editor for viewing > page source is missing. right click->open with > And last but not least I'm missing the "Page information" feature. No doubt > that > the brilliant Ga

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

Christian Marillat wrote: > See the discussion on -gnome-gtk. Not shipping galeon in sarge is a big > mistake. Users will be very happys. I think I agree with you. I'm also glad I've switched to firebird.. Sorry about starting a duplicate thread. -- see shy jo pgpKM4OihI3LN.pgp Description: P

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

John Goerzen <[EMAIL PROTECTED]> writes: > Sometimes, there is no choice. That could be the case if, for instance, you > are backup MX for a server that is down. You have accepted the message from > the original sender already -- possibly hours ago. The primary server comes > back up and reject

Re: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 04:07:58PM +0300, Kalle Kivimaa wrote: > Mark Brown <[EMAIL PROTECTED]> writes: > > You do realise that all parts of SMTP are generally completely > > unauthenticated and can be trivially forged? A system like this has no > > option but to work with unauthenticated data. >

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On Wed, 27 Aug 2003, Mark Howard wrote: > right click->open with ... which is not as fast as , isn't it? > I don't think anyone is actually, there are other things which they're > more interested in at the moment. Patches would really help speed things > up - even if the code you submit isn't tha

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

Peter Makholm <[EMAIL PROTECTED]> writes: > I think we could just as well remove postfix[0] on this account. I have > received a lot of so called bounces because some silly postfix > installation believes that I have send mail to some non-existant > account. Most MTAs support rejecting unknown de

Re: tmda: Challenge-response is fundamentally broken

Bernd Eckenfels <[EMAIL PROTECTED]> writes: > Every MTA is sending bounces to mails with forged headers. The MXes I'm responsible for don't do this (even the secondary MXes handle such cases gracefully). They just refuse messages with unknown destinations at the SMTP level. AFAIK, all MTAs whic

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 10:00:13PM +1000, Brian May wrote: > On Wed, Aug 27, 2003 at 12:58:19PM +0200, Peter Makholm wrote: > > Tore Anderson <[EMAIL PROTECTED]> writes: > > > How many other innocent third parties have you spammed through the use > > > of this broken program? How many of these

Re: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 04:07:58PM +0300, Kalle Kivimaa wrote: > Mark Brown <[EMAIL PROTECTED]> writes: > > You do realise that all parts of SMTP are generally completely > > unauthenticated and can be trivially forged? A system like this has no > > option but to work with unauthenticated data.

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

Andreas Tille <[EMAIL PROTECTED]> writes: > On Wed, 27 Aug 2003, Michael Piefel wrote: > > To answer you other questions after checking on a machine with Galeon > 1.3 installed: > >> Am 27.08.03 um 09:38:47 schrieb Andreas Tille: >> >>>- the "add bookmark to" menu entry to put a certain bookma

Re: Removal of automake1.5, Phase 2: The Mass Bug filing

ons 2003-08-27 klockan 14.37 skrev Artur R. Czechowski: > On Sat, Aug 16, 2003 at 08:28:40PM -0400, Eric Dorland wrote: > > Luckily, my previous message seemed to have spurred many into action, > > as only 21 source packages have automake1.5 in their Build-Depends > > line, and of those only: > Som

Re: NMUs applying sleeping wishlist bugs about translation (was something else)

On Wed, Aug 27, 2003 at 09:35:08AM +0200, Sven Luther wrote: > It only means that someone > wanting to do an NMU for some probably minor, not really touching the > package, will not do it because he don't want that responsaibility or > more probably cannot assume it. That's the correct response.

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 01:43:29PM +0200, Tore Anderson wrote: > I fully agree, and I would not hesitate to submit a RC bug on the > Postfix That's a completely inappropriate use of the RC severity, and possibly the BTS entirely. The discussion is a good and useful one, trying to inflate your

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

Quoting Andreas Tille <[EMAIL PROTECTED]> on Wed, Aug 27 09:38: > >- the "add bookmark to" menu entry to put a certain bookmark directly into > the right place Turns out this feature is actually there. Go into your bookmarks like you are going to open one, right click on the folder, and

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 01:43:29PM +0200, Tore Anderson wrote: > However, a quick test shows that this is not the case (as Postfix > appears to reject the SMTP RCPT command for non-existent accounts), > so I fail to see how it is relevant. Sometimes, there is no choice. That could be the case

Re: tmda: Challenge-response is fundamentally broken

Mark Brown <[EMAIL PROTECTED]> writes: > You do realise that all parts of SMTP are generally completely > unauthenticated and can be trivially forged? A system like this has no > option but to work with unauthenticated data. Why cannot the C-R system issue the challenge during the SMTP session (r

Re: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 01:35:12PM +0200, Tore Anderson wrote: > [ Please do not send me CC's, as I have not explicitly asked for them. ] Apologies. > > * Stephen Stafford > > > Sorry, but I do NOT see how this is a grave bug. It's wishlist (at best). > > > > YOU might not agree that C-R sy

Re: NMUs applying sleeping wishlist bugs about translation (was something else)

Quoting Martin Quinson ([EMAIL PROTECTED]): > with not only translating abilities (in fact I'm even rather bad at > translating). That's fine, I'm rather bad at programming... :-)

Re: Accepted galeon 1.3.7.20030825-1 (i386 source)

On Wed, 27 Aug 2003, Michael Piefel wrote: To answer you other questions after checking on a machine with Galeon 1.3 installed: > Am 27.08.03 um 09:38:47 schrieb Andreas Tille: > >- the brush clearing the URL field > ^L not working for you? ^L just marks the URL and thus removes the mouse bu

Re: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 11:08:23AM +0200, Tore Anderson wrote: [snip... oh my!] How amusing to see Sobig.F cited as the reason for reassigning grave severity to a bug! Looks to me as if you just didn't find a sobig-f package to file the bug against, so something else had to be the culprit. In t

Re: DebToo: Debian, Gentoo-style

Glenn McGrath <[EMAIL PROTECTED]> writes: > Optimised binaries wont run slower than non-optimised binaries. It actually does happen. One reason can be loop-unrolling and cache-sizes. -- Peter Makholm |'Cause suicide is painless [EMAIL PROTECTED] |

Re: NMUs applying sleeping wishlist bugs about translation (was something else)

On Tue, Aug 26, 2003 at 07:28:03PM +1000, Anthony Towns wrote: > On Tue, Aug 26, 2003 at 10:26:32AM +0200, Sven Luther wrote: > > Let's say i do translataion work, for that i have to build the package, > > and notice that it FTBFS (at least on some obscure arch or something). I > > then fill a FTBF

Re: tmda: Challenge-response is fundamentally broken

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On Wednesday 27 August 2003 11:08, Tore Anderson wrote: > > I do not intend to play BTS games here; if you change the severity back > > to grave, or to any other RC state, I will consider it to be abuse of > > the BTS and report your actions to the

Re: DebToo: Debian, Gentoo-style

Debian is caching debs rather than targzs. What i got from here, if the argument is on deciding on whether project shold cache-old the source code tarballs rather then binaries - i got debs from here as binary , because i did not come accross other binaries cached in the system - , I cannot see any

Re: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 02:54:43PM +0300, Lars Wirzenius wrote: > TDMA seems to hurt innocent outsiders by sending them mail (e.g., in > response to garbage sent by viruses or spammers). The other examples you > gave (Emacs, Gnome, CUPS) don't do that, as far as I know. The > difference is importan

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 12:58:19PM +0200, Peter Makholm wrote: > Tore Anderson <[EMAIL PROTECTED]> writes: > > > How many other innocent third parties have you spammed through the use > > of this broken program? How many of these are Debian users, do you > > think? > > I think we could just

Re: DebToo: Debian, Gentoo-style

Some comments Source code is more important than binaries, that we should all agree on. Fixing bugs that such a project uncovers makes Free software more robusts and is good for the community. Source based distro's are more bandwidth friendly as the source can be reused to produce new revisi

Re: Sarge+1: ideas for Experimental V1.2 (or is that 0.2?)

* Goswin von Brederlow ([EMAIL PROTECTED]) [030826 21:50]: > Andreas Barth <[EMAIL PROTECTED]> writes: > > > * Goswin von Brederlow ([EMAIL PROTECTED]) [030826 15:20]: > > > Only those contained in the sections enabled on the users system. If > > > you have experimental-core and experimental-gnome

MEI Whitelist Autoresponse

Your message to [EMAIL PROTECTED] has been quarantined! You only need to do this once, but this time, you must verify that you are a human. This is an automated response send by the MEI Whitelist system. At paul's request, this system blocks and quarantines email from senders that are not on a

Re: Removal of automake1.5, Phase 2: The Mass Bug filing

On Sat, Aug 16, 2003 at 08:28:40PM -0400, Eric Dorland wrote: > Luckily, my previous message seemed to have spurred many into action, > as only 21 source packages have automake1.5 in their Build-Depends > line, and of those only: Some packages has been fixed (bugs closed or NMUed). I've checked all

Re: Bug#207300: tmda: Challenge-response is fundamentally broken

[ Please do not send me CC's, as I have not explicitly asked for them. ] * Tore Anderson >> How many other innocent third parties have you spammed through the use >> of this broken program? How many of these are Debian users, do you >> think? * Peter Makholm > I think we could just as

Re: cpu usage, consideration of others, apt-listbugs

On Wed, Aug 27, 2003 at 07:54:07PM +0900, Masato Taruishi wrote: > On IRC, I was suggested that apt-listbugs should use index.db. I had to > use debbugs .status file too because index.db doesn't have subject. I suggest that you generate your own index.db file containing the subjects you need. Thi

Re: tmda: Challenge-response is fundamentally broken

On Wed, Aug 27, 2003 at 01:35:12PM +0200, Tore Anderson wrote: > with is that the C-R system in question ignores the fact that SMTP > headers are trivially (and regulary) forged. I believe this is deliberate, > and that TMDA does not attempt to verify that the recipient of the > challenge tru

Re: tmda: Challenge-response is fundamentally broken

severity 207300 wishlist thanks On Wed, Aug 27, 2003 at 11:08:23AM +0200, Tore Anderson wrote: > severity 207300 grave > quit Sorry, Tore, but this is not a grave bug. The package does what it says on the tin, even if you think that its goals are broken in the wider picture (and I'd happen to agr

Re: Sarge+1: ideas for Experimental V1.2 (or is that 0.2?)

* Goswin von Brederlow ([EMAIL PROTECTED]) [030826 21:50]: > Mark Howard <[EMAIL PROTECTED]> writes: > > > On Tue, Aug 26, 2003 at 10:25:24AM +0200, Goswin von Brederlow wrote: > > > So speak up Mark, what do you mean with changed? > > > > I meant identifying that bug X was fixed in version Y; pa

  1   2   >