a fix to it still isn't in sid, and therefore is not
yet in the process of percolating down to stretch?
Is there a preferred way of temporarily mitigating the problem?
Remote exploitation that you can trigger by forcing a program to DNS
queries seems kind of bad.
Perry
--
Perry E. Me
vpn
>
> and
>
> https://tracker.debian.org/pkg/openvpn
>
> let you down?
In the respect that I didn't know they existed and I could look at
them?
Perry
--
Perry E. Metzgerpe...@piermont.com
On Thu, 22 Jun 2017 23:10:21 +0300 Adrian Bunk
wrote:
> On Thu, Jun 22, 2017 at 10:20:09AM -0400, Perry E. Metzger wrote:
> > There was a security advisory against openvpn a couple of days
> > ago;
>
> Yesterday, not a couple of days ago.
>
> > just wondering wh
There was a security advisory against openvpn a couple of days ago;
just wondering when updated packages are likely to show up?
--
Perry E. Metzgerpe...@piermont.com
problem.
What you're looking for is an implementation of the Sieve
language/system for mail filtering. You don't say what IMAP
server you are using, but Dovecot has an implementation of this called
"Pigeonhole" that is very likely what you want.
Perry
--
Perry E. Metzgerpe...@piermont.com
workarounds.
Users rely on the security update mechanism to get their security
updates. Most organizations aren't even equipped to follow the
torrent of security alerts happening at any given time on an
independent basis.
Perry
--
Perry E. Metzgerpe...@piermont.com
ernel/linux.git/commit/?h=wheezy-security&id=f383788fb866fc61daf26836bccd92ebf7a6f02f
Very cool. Any idea when the actual release by the security people
might be?
Perry
--
Perry E. Metzgerpe...@piermont.com
On Mon, 29 Aug 2016 11:55:03 +0100 Tixy wrote:
> On Sun, 2016-08-28 at 15:36 -0400, Perry E. Metzger wrote:
> > On Sun, 28 Aug 2016 14:35:01 +0200 Frederic Marchal
> [...]
> > >
> > > Even if the requirements are met, the attack fails if the
> > > cli
le? And again, leaving such holes unpatched puts
people at risk -- and at an utterly unnecessary risk.
You claim this isn't easily feasible, but it has been demoed. It is
known possible.
The hole needs to be fixed.
Perry
--
Perry E. Metzgerpe...@piermont.com
On Fri, 26 Aug 2016 21:06:15 +0200 Frederic Marchal
wrote:
> On Friday 26 August 2016 11:04:04 Perry E. Metzger wrote:
> > According to:
> >
> > https://security-tracker.debian.org/tracker/CVE-2016-5696
> >
> > Wheezy and Jessie are still vulnerable. The atta
r example:
http://seclists.org/oss-sec/2016/q3/294
)
However, no fixed kernels have been released by Debian yet...
Perry
--
Perry E. Metzgerpe...@piermont.com
idea out there when updates to the kernels in question will be
released?
Perry
--
Perry E. Metzgerpe...@piermont.com
On Thu, 26 Aug 2010 23:52:31 +0200 Christoph Anton Mitterer
wrote:
> On Thu, 2010-08-26 at 17:43 -0400, Perry E. Metzger wrote:
> > I presume you mean the cipher by Anderson, Biham and Knudsen.
> Yep was there another one of the same name?
>
>
> > I'm unawar
ary.
I presume you mean the cipher by Anderson, Biham and Knudsen.
I'm unaware of one, but I think it is a fairly bad move to use
algorithms other than standard ones. Unless you have very good reason
to use something eperimental, I would stick to AES.
--
Perry E. Metzgerpe...@p
ting backup programs
to send incrementals onto the partition daily.
Perry
--
Perry E. Metzgerpe...@piermont.com
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http:/
t as he goes along, with me syncing the whole thing
> periodically. Since I will not be there most of the time, this
> strikes me as simple and workable. But anacron may also be a
> possibility.
If the goal is to use this thing for backup, use a backup utility
rather than just cop
one. At the very least, file a bug report.
--
Perry E. Metzgerpe...@piermont.com
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive:
http://lists.debian.org/20100818151047.72863...@jabberwock.cb.piermont.com
Are any MAC systems integrated into Debian other than SELinux?
(Also, does this differ between Lenny and Squeeze?)
--
Perry E. Metzgerpe...@piermont.com
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Conta
>
> Does anyone use Debian on a box like this (headless) that they can
> recommend?
If you're willing to leave the world of x86, there are lots of cool
things out there like the Beagleboard, Shivaplug/Guruplug, etc.
--
Perry E. Metzgerpe...@piermont.com
--
To
On Wed, 28 Jul 2010 21:34:06 +0200 Aniruddha
wrote:
> On Wed, Jul 28, 2010 at 9:09 PM, Perry E. Metzger
> wrote:
> > On Wed, 28 Jul 2010 14:46:29 +0200 Aniruddha
> > wrote:
> >> I have done some testing with Debian stable in Virtualbox and I
> >> have to say
ted were meaningful, the jobs of
systems programmers would be much simpler. We could just try
something a couple of times by hand and we would know if our code was
flawless. Sadly, the world does not work that way.
--
Perry E. Metzgerpe...@piermont.com
--
To UNSUBS
f the file system. You can probably
just do
dd if=/dev/zero of=/dev/scd bs=1M
or some moral equivalent.
--
Perry E. Metzgerpe...@piermont.com
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble
also be opening UDP ports here and
there -- just lsof repeatedly to catch them.
--
Perry E. Metzgerpe...@piermont.com
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.de
23 matches
Mail list logo
