harden-flaws

2003-04-17 Thread Ola Lundqvist
Hello Due to lack of time I have a hard time to maintain the harden-localflaws, harden-3rdflaws and harden-remoteflaws packages. Therefore I have split out theese three pacakges from the main harden source package to its own package harden-flaws. It should be easier to maintain then. So now to

Re: The harden-*flaws packages.

2002-09-03 Thread Ola Lundqvist
On Mon, Sep 02, 2002 at 06:28:44PM +0200, Javier Fernández-Sanguino Peña wrote: > On Mon, Sep 02, 2002 at 05:13:51PM +0200, Ola Lundqvist wrote: > > > > Now we just have to solve the upload-to-security problem, or simply > > write some other check that scans the security.d.o web pages and > > make

Re: The harden-*flaws packages.

2002-09-02 Thread Javier Fernández-Sanguino Peña
On Mon, Sep 02, 2002 at 05:13:51PM +0200, Ola Lundqvist wrote: > > Now we just have to solve the upload-to-security problem, or simply > write some other check that scans the security.d.o web pages and > make clever things of it. Maybe using tiger, maybe some other things. But > because tiger can

Re: The harden-*flaws packages.

2002-09-02 Thread Ola Lundqvist
ed easily to just check *one* thing. Just customize the > cron > job at will. That can be interesting for the harden-*flaws pacakges (or similar). > (..) > > > > Agreed. Without having too much digging in tiger it might be a good > > idea. The contact I have had wi

Re: The harden-*flaws packages.

2002-09-02 Thread Javier Fernández-Sanguino Peña
On Mon, Sep 02, 2002 at 04:09:21PM +0200, Ola Lundqvist wrote: > Hi > > > If you want a program to check for security flaws please use one designed > > for that > > precisely. Tiger is such a program. Just have the *flaws package recommend: > > or > > depend: on tiger. > > On the other hand tig

Re: The harden-*flaws packages.

2002-09-02 Thread Ola Lundqvist
Hi On Mon, Sep 02, 2002 at 03:09:28PM +0200, Javier Fernández-Sanguino Peña wrote: > On Mon, Sep 02, 2002 at 08:47:53AM +0200, Ola Lundqvist wrote: > > > > Yes. Luckily I just saw someone that have written a script that checks > > the DSA:s and tell the maintainer that he/she has a vulnerable pac

Re: The harden-*flaws packages.

2002-09-02 Thread Javier Fernández-Sanguino Peña
On Mon, Sep 02, 2002 at 08:47:53AM +0200, Ola Lundqvist wrote: > > Yes. Luckily I just saw someone that have written a script that checks > the DSA:s and tell the maintainer that he/she has a vulnerable package. > That is a good solution (best?). The problem is that the DSA is > not able to disti

Re: The harden-*flaws packages.

2002-09-02 Thread Goswin Brederlow
Daniel Martin <[EMAIL PROTECTED]> writes: > Martin Schulze <[EMAIL PROTECTED]> writes: > > Hrm. The more I think about this the more I wonder if maybe the > harden-*flaws packages make much sense in stable at all. If someone > is apt-get'ing from security.debia

Re: The harden-*flaws packages.

2002-09-02 Thread Ola Lundqvist
e entire idea of having a stable release, Joey [8]explained. Hence, > > the same policy as before will be used for point-releases of woody. > > Yes, but how does this apply to a package that does nothing but > conflict with existing packages? (As is the case with most of the > harde

Re: The harden-*flaws packages.

2002-09-01 Thread Daniel Martin
s, but how does this apply to a package that does nothing but conflict with existing packages? (As is the case with most of the harden-* packages) Agreed, _random_ updates would be a bad thing. However, what the maintainer is proposing here is updates that are driven by DSAs. Although I find it a

Re: The harden-*flaws packages.

2002-09-01 Thread Martin Schulze
Please see the thread summarized in : Policy for Woody Point-Releases. [4]Several [5]developers [6]would [7]like to add new packages and updates to their packages to the recently released stable distribution of Debian. Adding new packages and random upd

Re: The harden-*flaws packages.

2002-08-29 Thread Ola Lundqvist
Hi On Thu, Aug 29, 2002 at 01:39:35PM +0100, Colin Watson wrote: > On Thu, Aug 29, 2002 at 02:35:13PM +0200, Ola Lundqvist wrote: > > I'm the maintainer of the harden-*flaws packages. The idea is to > > have conflicts with packages that are known to have security holes. &

Re: The harden-*flaws packages.

2002-08-29 Thread Colin Watson
On Thu, Aug 29, 2002 at 02:35:13PM +0200, Ola Lundqvist wrote: > I'm the maintainer of the harden-*flaws packages. The idea is to > have conflicts with packages that are known to have security holes. > This is not a big problem for unstable (and mostly for testing) > but now

The harden-*flaws packages.

2002-08-29 Thread Ola Lundqvist
Hi I'm the maintainer of the harden-*flaws packages. The idea is to have conflicts with packages that are known to have security holes. This is not a big problem for unstable (and mostly for testing) but now woody have become stable. So I now ask you what you think. Should I upload up

Re: Harden

2002-01-10 Thread Ola Lundqvist
On Mon, Dec 31, 2001 at 11:41:25AM +0100, Edi STOJICEVIC wrote: > Hi, > > I would like to have some information about harden ? What kind of information do you need? > Where can i find how to use and configure it ? You can't. It is a meta-package. Regards

Harden

2001-12-31 Thread Edi STOJICEVIC
Hi, I would like to have some information about harden ? Where can i find how to use and configure it ? Thnx +==+ | Why Reboot ?? | | Use Debian GNu/Linux | | www.debianworld.org| +==+