On Tue, 2 Dec 2003 [EMAIL PROTECTED] wrote:
> This package is an empty dummy package that always depends on a package
> built for Debian's default Python version.
Why that. It should depend from Debian's Zope version or if explicite
Python dependency is needed for one or the other reason it shoul
[Gürkan Sengün]
> I could not reach [EMAIL PROTECTED] which is mentioned
> on the following page:
> http://people.debian.org/~apenwarr/popcon/
Are you aware that the popcon project are now on alioth?
https://alioth.debian.org/projects/popcon/>
The work stopped up a bit because of the break-in, b
On Wed, Dec 03, 2003 at 02:57:11AM +0100, Bernd Eckenfels wrote:
> On Wed, Dec 03, 2003 at 10:54:24AM +1000, Andrew Pollock wrote:
> > The only way to have avoided this kernel vulnerability from day-0 of
> > discovery/fix release would have been to be constantly upgrading to
> > pre-release kernels
On Tue, 02 Dec 2003, Tom wrote:
> Yes but the attacker did not "steal" the DD's computer. He rooted it
> remotely.
So the machine is rooted remotely, the DD logs into a debian box even
using our new fangled smart cards, and the attacker still can control
the connection.
In this particular intrus
On Wed, Dec 03, 2003 at 12:20:59AM -0800, Don Armstrong wrote:
> On Tue, 02 Dec 2003, Tom wrote:
> > Yes but the attacker did not "steal" the DD's computer. He rooted it
> > remotely.
>
> So the machine is rooted remotely, the DD logs into a debian box even
> using our new fangled smart cards, an
A levelezőm azt hiszi, hogy Matt Zimmerman a következőeket írta:
> On Fri, Nov 28, 2003 at 10:08:45AM +0100, Bernd Eckenfels wrote:
>
> > In the final announcement I would add also a statement about reducing the
> > number of trust relations between the machines and perhaps limiting shell
> > acce
[NB: I wanted to take this OT discussion off [EMAIL PROTECTED] and into private
mail, but your e-mail address was munged in some sort of anti-spam
measure, and not trivially un-mungeable. Please consider providing
information on how to demunge it in some X- header, or not using
munging at all.]
On
On Wed, Dec 03, 2003 at 08:24:09AM +0100, Bernd Eckenfels wrote:
| > This is the Proprietary software model, with artificial, government
| > imposed (via copyright laws) monopolies, resulting in customer lock-in
| > and price maximization.
|
| I dont see a monopol, at least no government imposed.
On Wed, Dec 03, 2003 at 01:03:16AM -0800, Don Armstrong wrote:
> [NB: I wanted to take this OT discussion off [EMAIL PROTECTED] and into
> private
> mail, but your e-mail address was munged in some sort of anti-spam
> measure, and not trivially un-mungeable. Please consider providing
> information
On Wed, Dec 03, 2003 at 01:16:39AM -0800, Tom wrote:
>
> If something could have prevented something that actually happened, I
> say go for it.
Oh, one last thing: each DD should pay for the device him/her self and
should be required to fly to meet wherever they can pick them up. Why
do you a
On Wed, Dec 03, 2003 at 02:00:51PM +1100, Russell Coker wrote:
> I agree that smartcards would help a lot. However as has been previously
> suggested the cost of 1200+ smart-card readers is probably prohibitive.
What about RSA tokens? This solution does not require any special hardware
to connect
On Wed, 03 Dec 2003, Tom wrote:
> each DD should pay for the device him/her self and should be required
> to fly to meet wherever they can pick them up. Why do you assume
> somebody has to pay for everything? What's wrong with bearing some
> of the costs yourself?
Could it possibly be because eq
On Tue, 2 Dec 2003, John Goerzen wrote:
> First of all. This is obviously not a Debian projects
I see it clearly as Debian project and can't find the rationale why
you sais that it is _obviousely_ not.
> (since it is not operating within the Debian framework.)
Why.
If I see this right Zenaan is p
On Wed, 3 Dec 2003, Fabian Fagerholm wrote:
> In my view (as I said), it would be logical to name a further
> subdivision of that product "flavor".
I like this interpretation of the term flavor and it would be easily applicable
for Debian-Med to flavors like:
- Medical practice
-
On Tue, 2 Dec 2003, Fabian Fagerholm wrote:
> Actually, I'd like to see the term "Custom Debian Distribution" be set
> aside because a "custom" something is created each time someone modifies
> an original. Debian Enterprise certainly is an original. By the time a
> capable sysadmin has installed
On Tue, Dec 02, 2003 at 02:02:19PM -0600, Steve Langasek wrote:
> On Tue, Dec 02, 2003 at 06:05:44PM +0100, Andreas Metzler wrote:
> > Joey Hess <[EMAIL PROTECTED]> wrote:
> > > Goswin von Brederlow wrote:
> > >> > dpkg that it is downgrading the package, and a clever attacker might
> > >> > avoid
On Tue, Dec 02, 2003 at 10:16:32PM +0100, Matthias Urlichs wrote:
> Hi, Henrique de Moraes Holschuh wrote:
>
> > On Tue, 02 Dec 2003, Wouter Verhelst wrote:
> >> So unless you have a suggestion that would solve this particular issue,
> >> I'm afraid this idea won't work in practice.
> >
> > We co
On Wed, 3 Dec 2003 20:34, "Artur R. Czechowski" <[EMAIL PROTECTED]> wrote:
> On Wed, Dec 03, 2003 at 02:00:51PM +1100, Russell Coker wrote:
> > I agree that smartcards would help a lot. However as has been previously
> > suggested the cost of 1200+ smart-card readers is probably prohibitive.
>
> W
On Wed, Dec 03, 2003 at 06:50:09AM +0100, Goswin von Brederlow wrote:
> Bernd Eckenfels <[EMAIL PROTECTED]> writes:
> > How often has this person glance over the results? As I understand debian
> > build daemons run unattended and build continously. Correct me when I am
> > wrong here.
> >
> > Bu
On Wed, Dec 03, 2003 at 09:49:21PM +1100, Russell Coker wrote:
> On Wed, 3 Dec 2003 20:34, "Artur R. Czechowski" <[EMAIL PROTECTED]> wrote:
> > On Wed, Dec 03, 2003 at 02:00:51PM +1100, Russell Coker wrote:
> > > I agree that smartcards would help a lot. However as has been previously
> > > sugges
On Tue, Dec 02, 2003 at 05:19:22PM -0800, Tom wrote:
> On Wed, Dec 03, 2003 at 10:54:24AM +1000, Andrew Pollock wrote:
> > On Wed, Dec 03, 2003 at 11:17:19AM +1100, Russell Coker wrote:
>
> >
> > The only way to have avoided this kernel vulnerability from day-0 of
> > discovery/fix release would
On Wed, Dec 03, 2003 at 12:06:33PM +0100, Artur R. Czechowski wrote:
> > What is a "RSA token"?
> Device used in some internet banks. You have a device, which has only
> chipset, digital pad with on/off switch and display, all embedded in small
> case. Authentication is made using C/R algorithm: yo
On Wed, 2003-12-03 at 12:17, Andreas Tille wrote:
> On Tue, 2 Dec 2003, Fabian Fagerholm wrote:
> > The term suggests that the distribution is "not-Debian", which is
> > unneccessary and confusing.
>
> As non native speaker and also in general I try to avoid joining stupid
> naming discussions. Bu
On Wed, Dec 03, 2003 at 12:10:28PM +0100, Wouter Verhelst wrote:
>
> Are you going to pay for all those smartcards plus their readers?
> Including any smartcards for possible future DD's?
>
> If not, I suggest we forget about this, as it won't be feasible.
I don't think the USB models cost that
Hi,
[ I'm Cc-ing Werner Koch on this ]
Wouter Verhelst:
> On Tue, Dec 02, 2003 at 10:16:32PM +0100, Matthias Urlichs wrote:
> > Hi, Henrique de Moraes Holschuh wrote:
> >
> > > On Tue, 02 Dec 2003, Wouter Verhelst wrote:
> > >> So unless you have a suggestion that would solve this particular iss
On Wed, Dec 03, 2003 at 12:06:33PM +0100, Artur R. Czechowski wrote:
> > What is a "RSA token"?
> Device used in some internet banks. You have a device, which has only
> chipset, digital pad with on/off switch and display, all embedded in small
> case. Authentication is made using C/R algorithm: yo
On Wed, Dec 03, 2003 at 12:08:10PM +0100, Matthias Urlichs wrote:
> Wouter Verhelst:
> > Especially in the case of larger .debs, that would probably reduce the
> > actual signature size as well...
>
> ?? A hash is a hash, and should be independent of file size.
Obviously, sorry. I don't know how
On Sun, Nov 23, 2003 at 06:19:39PM +0100, Tobias Grimm wrote:
> Hi!
>
> I'm working on a nvram-wakeup package for a Debian based VDR
> distribution (c't vdr). nvram-wakeup needs a special kernel-image, that
> forces a shutdown on the next reboot. Normally this image is installed
> to /boot and
* Chad Walstrom <[EMAIL PROTECTED]> [031202 18:14]:
> I'm not following your logic, if that's what you call it. You're saying
> that checking the current filesystem on a daily basis is NOT a good way
> to verify filesystem integrity?
I say it won't give you an real advantage over checking the *.m
Package: wnpp
Severity: wishlist
* Package name: audiolink
Version : 0.04
Upstream Author : Amit Shah <[EMAIL PROTECTED]>
* URL : http://audiolink.sourceforge.net/
* License : GPLv2
Description : makes managing and searching for music easier
AudioLink is
On Wed, 3 Dec 2003 22:27:39 +1100, Hamish Moffatt <[EMAIL PROTECTED]>
wrote:
>The RSA SecurID tokens are a bit smarter than that; the output for a
>given input changes every minute. My employer uses them for remote
>access to their intranet; you have a fixed pin number which you enter
>into the car
Package: wnpp
Severity: wishlist
* Package name: sks
Version : 1.0.5
Upstream Author : "Yaron M. Minsky" <[EMAIL PROTECTED]>
* URL : http://www.nongnu.org/sks/
* License : GPL (parts are LGPL, BSD)
Description : Synchronizing OpenPGP Key Server
SKS is an
Hi,
Werner Koch:
> There are some minor problems because we don't just sign a hash but
> need to add some more data. Creating an incomplete hash on the remote
> machine is not the cleanest solution, so I have to come up with a
> better way.
>
You're the GPG expert...
I'm also a bit concerned a
On Wed, 3 Dec 2003, Fabian Fagerholm wrote:
> It might be hard, impossible and undesirable to reverse the decision to
> use the term.
Exactly.
> I think the term can be correctly understood if you
> present it as I have in some recent postings to this list:
>
> Debian is the super-project.
>
On Wed, 3 Dec 2003 23:06, Marc Haber <[EMAIL PROTECTED]> wrote:
> >I have no idea what they cost. Also the newest ones are not exactly fit
> >for carrying around in your wallet. They last 3 years on internal
> >batteries.
>
> I seriously doubt that the server-side software is DFSG-free. The only
>
On Wed, Dec 03, 2003 at 01:06:08PM +0100, Marc Haber wrote:
> On Wed, 3 Dec 2003 22:27:39 +1100, Hamish Moffatt <[EMAIL PROTECTED]>
> wrote:
> >The RSA SecurID tokens are a bit smarter than that; the output for a
> >given input changes every minute. My employer uses them for remote
> >access to the
On Wed, Dec 03, 2003 at 01:16:39AM -0800, Tom wrote:
> On Wed, Dec 03, 2003 at 01:03:16AM -0800, Don Armstrong wrote:
> > [NB: I wanted to take this OT discussion off [EMAIL PROTECTED] and into
> > private
> > mail, but your e-mail address was munged in some sort of anti-spam
> > measure, and not
Wouter Verhelst <[EMAIL PROTECTED]> writes:
> On Tue, Dec 02, 2003 at 10:16:32PM +0100, Matthias Urlichs wrote:
> > Hi, Henrique de Moraes Holschuh wrote:
> >
> > > On Tue, 02 Dec 2003, Wouter Verhelst wrote:
> > >> So unless you have a suggestion that would solve this particular issue,
> > >> I'
On Thu, Dec 04, 2003 at 12:20:57AM +1100, Hamish Moffatt wrote:
>
> How about including your full name somewhere in your posts too then?
> I find it a bit off-putting to discuss security with someone who's
> obscuring their identity.
Ha Ha Ha what a joke. I don't want to be googled for all etern
Matthias Urlichs <[EMAIL PROTECTED]> writes:
> Hi,
>
> Werner Koch:
> > There are some minor problems because we don't just sign a hash but
> > need to add some more data. Creating an incomplete hash on the remote
> > machine is not the cleanest solution, so I have to come up with a
> > better w
Javier =?iso-8859-15?Q?Fern=E1ndez-Sanguino_Pe=F1a?= <[EMAIL PROTECTED]> writes:
> On Sun, Nov 23, 2003 at 06:19:39PM +0100, Tobias Grimm wrote:
> > Hi!
> >
> > I'm working on a nvram-wakeup package for a Debian based VDR
> > distribution (c't vdr). nvram-wakeup needs a special kernel-image, tha
On Thu, 4 Dec 2003 00:19:36 +1100, Hamish Moffatt <[EMAIL PROTECTED]>
wrote:
>On Wed, Dec 03, 2003 at 01:06:08PM +0100, Marc Haber wrote:
>> I seriously doubt that the server-side software is DFSG-free. The only
>> Linux Agent that is available from rsa.com is for RedHat 7.3, and I
>> would be asto
Hi,
Werner Koch:
> On Wed, 3 Dec 2003 13:26:02 +0100, Matthias Urlichs said:
> > the local side is supposed to sign should probably be encrypted with the
> > signer's public key, otherwise I can just replace the data packet with
> > something that ends up signing a totally different file. :-/
>
>
On Wed, Dec 03, 2003 at 01:24:24PM +0200, Fabian Fagerholm wrote:
> If some of the people who participated in the Debcamp Custom
> Distribution BOF (see
> http://www.debian.org/devel/debian-nonprofit/News/2003/20030717) are
> listening, perhaps you could elaborate? (Cc'ing Mako Hill since he
> was
On Wed, Dec 03, 2003 at 01:24:50AM -0800, Tom wrote:
> On Wed, Dec 03, 2003 at 01:16:39AM -0800, Tom wrote:
> >
> > If something could have prevented something that actually happened, I
> > say go for it.
> Oh, one last thing: each DD should pay for the device him/her self and
> should be requi
On Wed, Dec 03, 2003 at 08:45:49AM -0600, Steve Langasek wrote:
>
> Share the crack.
In my experience kids in college and right out tend to freak out over
the thought of having to spend a few dollars of disposable income,
because they don't have any :-)
Hey, laugh if you want, most organizatio
Steve Greenland <[EMAIL PROTECTED]> wrote:
[...]
> I think the idea of a namespace for usernames used by packages is a good
> idea, but rather than "debian-", we should take this to the LSB folk, so
> that we can get it done once.
The problem with this is time. I need to add a system-user (for exi
On Wed, Dec 03, 2003 at 05:42:20AM -0800, Tom wrote:
> Let me tell you a story about a job I had one time: I worked for a guy
> (in his basement -- don't ask) who bought your personal credit card data
> and other publicly available information. He would pay about $10,000 or
> $15,000 for lists
On December 1, 2003 07:05 pm, Enrico Zini wrote:
> On Mon, Dec 01, 2003 at 02:33:57PM -0600, Chad Walstrom wrote:
> > > - GNU ERP software project ?name?
> >
> > GNU Enterprise (gnue) http://www.gnue.org/
>
> I've just learnt of Cubit from South Africa: http://www.cubit.co.za/
Is it free softwa
I think the reason for that is because on old BF days disk space was expensive
(so
lost 32MB for a journal file ou more than that would be a considerable lost).
Joey Hess <[EMAIL PROTECTED]> escreveu em Sun, 30 Nov 2003 21:43:54 -0500:
> Package: partconf
> Severity: normal
>
> Most users will
On Wed, Dec 03, 2003 at 09:06:07AM -0600, Graham Wilson wrote:
>
> So you've aided telemarketers and worked for Microsoft? Is your last
> name Darkness, middle name Prince of?
Satan fell because he wanted to know. So do I.
I'm a contrarian. I believe the opposite of whatever I'm confronted
wit
Hi,
as co-maintainer for the exim4-packages, I have noticed an issue with
dselect. Currently, exim4 is the default MTA, and exim4, exim4-base,
exim4-config and exim4-daemon-light are Priority: important, while
exim4-daemon-light provides mail-transport-agent. The exact package
dependencies can be
On Wed, Dec 03, 2003 at 04:41:00PM +0100, Marc Haber wrote:
> as co-maintainer for the exim4-packages, I have noticed an issue with
> dselect. Currently, exim4 is the default MTA, and exim4, exim4-base,
> exim4-config and exim4-daemon-light are Priority: important, while
> exim4-daemon-light provid
file=main/libp/libpng/libpng2_1.0.12-3.woody.3_i386.deb
wget -q -O 1.deb http://ftp.debian.org/debian/pool/$file
wget -q -O 2.deb http://security.debian.org/pool/updates/$file
diff 1.deb 2.deb
Binary files 1.deb and 2.deb differ
How could this happen? Should I worry about it?
On Thu, Dec 04, 2003 at 02:15:30AM +1000, Anthony Towns wrote:
> On Wed, Dec 03, 2003 at 04:41:00PM +0100, Marc Haber wrote:
>> as co-maintainer for the exim4-packages, I have noticed an issue with
>> dselect. Currently, exim4 is the default MTA, and exim4, exim4-base,
>> exim4-config and exim4-dae
On Wed, 2003-12-03 at 18:36, bruce wrote:
> hi...
>
> I was talking with Ian Murdock yesterday, and he suggested I pose the
> question to this group.
>
> We're interested in creating a development environment that would allow open
> source applications to be created. The development environment w
On Wed, 03 Dec 2003 15:01:09 +1100, Zenaan Harkness wrote:
> (Really should read ahead further ... here are more, and all laid out
> together)
>
> * DFSG Free Software only (I know this one will get debated, but this is
> the whole point of Debian Enterprise - if you want proprietary software,
>
On Wed, Dec 03, 2003 at 01:54:22PM +1100, Matthew Palmer wrote:
> >Nov 28 22:39 Linux 2.4.23 released
> > ^
>
> Bernd is correct, though - if the machines had been running 2.4.23, they
> wouldn't have been vulnerable. The fact that it was impossible to
* Russell Coker ([EMAIL PROTECTED]) [031203 04:03]:
> I have sent a message to Werner asking if the GPG smart-card device could be
> re-implemented with a USB interface. I think that a USB dongle with GPG
> technology would be a good option as most developer's machines already have
> USB suppor
On Mon, 1 Dec 2003 19:22:44 -0200, Henrique de Moraes Holschuh <[EMAIL
PROTECTED]> said:
> On Mon, 01 Dec 2003, Thomas Viehmann wrote:
>> Henrique de Moraes Holschuh wrote:
>> > On Mon, 01 Dec 2003, christophe barbe wrote:
>> >
>> >>Before mass bug-filling, it would be necessary to make it
>> >>
On Wed, 2003-12-03 at 05:49, John Goerzen wrote:
> > * Office Suite - OpenOffice (there's no other near as feature complete)
>
> And OpenOffice is the only one that runs on only two -- yes, two --
> architectures that Debian supports.
You missed two. OOo is available on i386, powerpc, sparc and
I demand that Tom may or may not have written...
> On Wed, Dec 03, 2003 at 08:45:49AM -0600, Steve Langasek wrote:
>> Share the crack.
> In my experience kids in college and right out tend to freak out over the
> thought of having to spend a few dollars of disposable income, because they
> don't
Zenaan Harkness said on Wed, Dec 03, 2003 at 02:58:18PM +1100:
> Flavours (and sub-flavours/ tasks/ yadda) is as good a place to start as
> any. So here are some proposed flavours:
>
> - Enterprise (base packages and more "neutral" config)
> - Enterprise Desktop - with sub-flavours of:
> - S
On Wed, 3 Dec 2003, Andreas Tille wrote:
> On Wed, 3 Dec 2003, Fabian Fagerholm wrote:
>
> > In my view (as I said), it would be logical to name a further
> > subdivision of that product "flavor".
> I like this interpretation of the term flavor and it would be easily
> applicable for Debian-Med to
On Mon, 1 Dec 2003 18:08:28 +0100, Eduard Bloch <[EMAIL PROTECTED]> said:
> AFAICS the only way to verify the contents of maintainer scripts
> automaticaly is to have the binary package, verify its contents via
> .changes or Release/Packages path, extract it and compare the
> files. Too complicat
On Wed, Dec 03, 2003 at 04:36:18PM +1100, Zenaan Harkness wrote:
> How many financials implementations are ultimately needed - really only
> one, perhaps customized for vertical markets.
A healthy market requires competition. And different companies have very
different needs. The IT Infrastructure
On Wed, 2003-12-03 at 01:32, Zenaan Harkness wrote:
> > Debian is the super-project.
> > Debian Enterprise is a Debian Subproject that creates
> > a Custom Debian Distribution,
>
> Subproject and custom debian distribution, here, are the same thing. No
> point "officially" having t
Bernd Eckenfels <[EMAIL PROTECTED]> writes:
> On Wed, Dec 03, 2003 at 03:17:20AM +0100, Goswin von Brederlow wrote:
> > What the admins signature can gives us is a trusted timestamp and
> > another pair of eyes reading the changes files.
>
> Well, a trusted timestamp can be added/required by a th
On Wed, 03 Dec 2003 14:45:51 +1100, Zenaan Harkness wrote:
> As per the recommendations from Bruce Perens' User Linux paper
> http://userlinux.com/white_paper.html, this thread is to discuss the
> applications within the bounded set of Debian Enterprise/ User Linux.
I think discussing the favori
Is there anywhere i can download debian-installer beta images (im getting a
new laptop tommorow), prefereably with support for reiserfs filesystems?
Gluck still isnt working and i cant seem to find mirrors anywhere.
Thanks
Tom
--
^__^| Tom Badran
(oo)\__ | Imperial Colle
Hamish Moffatt <[EMAIL PROTECTED]> writes:
> On Tue, Dec 02, 2003 at 02:10:56PM +, Jonathan Dowland wrote:
> > On Mon, Dec 01, 2003 at 07:06:41PM -0500, Joey Hess wrote:
> >
> > > Similarly, to check the build depends of a source package file:
> > > apt-get build-dep apt-listchanges-1.49-1
On Wednesday 03 December 2003 19:33, Joshua Kwan wrote:
> On Wed, Dec 03, 2003 at 09:22:14AM +0100, Werner Wobrowsky wrote:
> > Debian Installer sarge-i386-bussinescard.iso, httP://freedesktop.or/
>
> Cool, but...
>
> > FreeBSD 5.1-RELEASE-p11 #0: Thu Nov 27 15:07:08 CET 2003
> > [EMAIL PROTECT
"AKL. Mantas Kriauciunas" <[EMAIL PROTECTED]> writes:
> Hi,
>
> Debian has a usability problem - it's hard to start lots of programs,
> installed from debian packages, because simple users just can't find
> them in menu.
> Standart debian menu entry isn't good solution for user-friendly
> desktop
On Wednesday 03 December 2003 18:12, Andreas Metzler wrote:
> http://freedesktop.org/~daniel/d-i/
> cu andreas
You star ;)
Thanks
Tom
--
^__^| Tom Badran
(oo)\__ | Imperial College
(__)\ )\/\| Department of Computing
||w || ---
On Wed, 3 Dec 2003 12:08:10 +0100, Matthias Urlichs said:
>> signature algorithm would allow for hashing the data on the remote
>> machine, and signing that hash locally.
>>
> ... that would work. It'd probably require a few hooks within GPG
> to generate a hash packet / .
Since I moved my actua
On Wed, Dec 03, 2003 at 05:44:36PM +0100, Santiago Vila wrote:
> file=main/libp/libpng/libpng2_1.0.12-3.woody.3_i386.deb
> wget -q -O 1.deb http://ftp.debian.org/debian/pool/$file
> wget -q -O 2.deb http://security.debian.org/pool/updates/$file
> diff 1.deb 2.deb
> Binary files 1.deb and 2.deb dif
On Wed, Dec 03, 2003 at 06:43:18AM +0100, Goswin von Brederlow wrote:
> Matt Zimmerman <[EMAIL PROTECTED]> writes:
>
> > On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote:
> >
> > > But this kind of tampering _can_ be checked by apt before installing
> > > the deb simply by ad
On Wed, 2003-12-03 at 20:15, Herbert Xu wrote:
> AKL. Mantas Kriauciunas <[EMAIL PROTECTED]> wrote:
> >
> > Solution is to add freedesktop.org standartized menu entry for programs,
> > which could be started from menu (for example there is no meaning to
> > start apt-get tool from menu). Then user
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 2003-12-03 12:24, Fabian Fagerholm wrote:
> On Wed, 2003-12-03 at 12:17, Andreas Tille wrote:
> > On Tue, 2 Dec 2003, Fabian Fagerholm wrote:
> > > The term suggests that the distribution is "not-Debian", which is
> > > unneccessary and confusing.
>
AKL. Mantas Kriauciunas wrote:
> Herbert Xu: "Please discuss this on debian-devel before filing further
> bugs."
IMHO, there's no need to discuss this to death -- .desktop files make
sense, therefore packages should supply them. There's no sane way to ask
maintainers to do so except to file bugs,
Anthony Towns writes:
> On Tue, Dec 02, 2003 at 02:02:19PM -0600, Steve Langasek wrote:
> > You change the contents of the compromised Packages file, so that
> > Package: bash
> > is accompanied by
> > Filename: pool/main/b/bash/vulnerable-ident-server_1.0-1_i386.deb
> > which contains a perfect
On Thu, 4 Dec 2003 04:21:55 +1000, Anthony Towns
wrote:
>I'm going to ignore the -config package, since it's not really part of
>the problem.
Is it?
>Okay, so you want to say:
>
> * any exim4-daemon package should only be installed when exim4-base
> is already installed and setup
>
On Mon, 1 Dec 2003 17:12:36 -0500, christophe barbe <[EMAIL PROTECTED]> said:
> I don't see why adding a md5dsum_are_mandatory clause to the debian
> policy would be difficult (what would be a good reason to not add
> md5sum to a package?).
Because it buys little security wise? Because t
On Thu, 2003-12-04 at 01:51, Andreas Metzler wrote:
> Steve Greenland <[EMAIL PROTECTED]> wrote:
> [...]
> > I think the idea of a namespace for usernames used by packages is a good
> > idea, but rather than "debian-", we should take this to the LSB folk, so
> > that we can get it done once.
>
> T
Le Wed, Dec 03, 2003 at 08:58:19AM +0100, Andreas Tille a écrit :
> On Tue, 2 Dec 2003 [EMAIL PROTECTED] wrote:
>
> > This package is an empty dummy package that always depends on a package
> > built for Debian's default Python version.
> Why that. It should depend from Debian's Zope version or i
On Wed, 3 Dec 2003 06:54:29 -0800, Tom Ballard <[EMAIL PROTECTED]> said:
> On Wed, Dec 03, 2003 at 08:45:49AM -0600, Steve Langasek wrote:
>>
>> Share the crack.
> In my experience kids in college and right out tend to freak out
> over the thought of having to spend a few dollars of disposable
On Wed, Dec 03, 2003 at 09:26:15AM -0600, Manoj Srivastava wrote:
> Guess what the median age of a Debian developer is.
Don't know, don't care.
> Volunteer organization have dues?
Yes, I don't know what planet you're from, but on this planet the
Rotarians, Kiwanas, Civitans, Knights
On Wed, Dec 03, 2003 at 09:28:30AM -0600, Manoj Srivastava wrote:
> Sender: Tom Ballard <[EMAIL PROTECTED]>
Yeah, somebody else pointed that out. It's bullshit that mutt was doing
that to me. My /etc/email-addresses:
# This is /etc/email-addresses. It is part of the exim package
#
# This file
On Tue, Dec 02, 2003 at 05:34:05PM -0800, Don Armstrong wrote:
> On Tue, 02 Dec 2003, Tom wrote:
> > I think the DD's should seriously think about requiring smartcards.
> > It would have prevented the proxmiate cause of our recent troubles.
>
> Smartcards are not a magical panacea either. The prob
On Wed, Dec 03, 2003 at 05:49:20PM +0100, Andreas Metzler wrote:
> exim4 is a metapackage that depends on the other three and is not hit by
> the problem. The rest is a straighforward chain.
>
> daemon -->-- -base -->-- -config.
> other possible dependencies would be:
> daemon -->-- -config -->--
On Wed, Dec 03, 2003 at 09:24:07AM -0600, Manoj Srivastava wrote:
> Heh. Your grasp of the practicality of the situation is
> slipping. Not only do these guys donate a fairly expensive chunk of
> billable hours and expertise, they must pay to be able to volunteer?
Sure, if you care about
On Tue, 2 Dec 2003 23:46:45 +, Geoff Richards <[EMAIL PROTECTED]> said:
> On Tue, Dec 02, 2003 at 01:28:28PM -0800, Tom wrote:
>> I read all the words but took a completely different meaning :-)
>> I'm from the South, we have different speech patterns...
> South of where?
The Mason-
On Wed, 3 Dec 2003, cobaco wrote:
> hm, I've added a definition to the wiki:
>
> A Custom Debian Distribution (CDD) is a version of Debian that is tailored
I do not like the term "version". I'd prefer a "subset of Debian". You
get a CDD together with main but you get a helping hand to cope wit
On Sun, 2003-11-30 at 07:47, Bernhard R. Link wrote:
> Could anyone familar with cups explain why this is no RC-bug?
From when I've seen it do it, for the same reason SWAT and webmin aren't
RC bugs: They do it because the administrator said to change the config.
signature.asc
Description: This
Matt Zimmerman <[EMAIL PROTECTED]> writes:
> On Wed, Dec 03, 2003 at 03:07:17AM +0100, Goswin von Brederlow wrote:
>
> > But this kind of tampering _can_ be checked by apt before installing
> > the deb simply by adding a signature verifyer into the
> > DPkg::Pre-Install-Pkgs config option, the sa
On Wed, Dec 03, 2003 at 05:44:36PM +0100, Santiago Vila wrote:
> wget -q -O 1.deb http://ftp.debian.org/debian/pool/$file
> wget -q -O 2.deb http://security.debian.org/pool/updates/$file
> diff 1.deb 2.deb
>
> Binary files 1.deb and 2.deb differ
>
> How could this happen? Should I worry about it
On Wed, Dec 03, 2003 at 09:22:14AM +0100, Werner Wobrowsky wrote:
> Debian Installer sarge-i386-bussinescard.iso, httP://freedesktop.or/
Cool, but...
> FreeBSD 5.1-RELEASE-p11 #0: Thu Nov 27 15:07:08 CET 2003
> [EMAIL PROTECTED]:/usr/src/sys/i386/compile/NEW
I didn't know the sarge ISOs supp
Package: wnpp
Severity: wishlist
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
* Package name: distcmd
Version : 0.9
Upstream Author : Anthony DeRobertis <[EMAIL PROTECTED]>
* URL : http://ntp.derobert.net/DistCmd/
* License : GPL
Description : Distribute
On Sun, 2003-11-30 at 12:29, Steve Greenland wrote:
> I think the idea of a namespace for usernames used by packages is a good
> idea, but rather than "debian-", we should take this to the LSB folk, so
> that we can get it done once.
As long as the LSB allocates an area for distribution-created na
On Wed, 3 Dec 2003 01:24:50 -0800, Tom <[EMAIL PROTECTED]> said:
> On Wed, Dec 03, 2003 at 01:16:39AM -0800, Tom Ballard wrote:
> Oh, one last thing: each DD should pay for the device him/her self
> and should be required to fly to meet wherever they can pick them
> up. Why do you assume someb
1 - 100 of 173 matches
Mail list logo
