search for: ephemerality

On my CentOS box that I use mainly as a web server, I have iptables set to log and reject anything that I don't expect. So lately, I have getting things like this: Mar 29 17:27:20 mbrc20 kernel: IPT-DROP IN= OUT=lo SRC=192.168.9.20 DST=192.168.9.20 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=46910 DF PROTO=TCP SPT=56624 DPT=80 WINDOW=32792 RES=0x00 SYN URGP=0 OPT

Hello again, In discussing my proposed patches for supporting alignment assumptions (for supporting __builtin_assume_aligned; see http://lists.cs.uiuc.edu/pipermail/llvm-commits/Week-of-Mon-20121126/157659.html), Chandler and I have started discussing an infrastructure for declaring invariants in the IR for use by the optimizer. The basic idea is to introduce a new intrinsic: void

On Wed, 4 May 2016, Nux! wrote: > Direct links > > https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588#p132726 > https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3714 > > Mitigation: > > As a workaround the /etc/ImageMagick/policy.xml file can be edited to disable > processing of MVG, HTTPS, EPHEMERAL and MSL commands within image files,

Hello I'm using CentOS Linux release 7.3.1611 (Core) with kernel 3.10.0-514.16.1.el7.x86_64 Using iperf for bond benchmarking, and opening several sockets, I noticed a strange behavior. My Centos using iperf as a client to connect to an iperf server (running either CentOS or Debian) requesting N parallel TCP connections. I notice that the local ephemeral ports used are not consecutive and

https://imagetragick.com/ As CentOS is often used for web servers, I thought this should be posted here. Bug in ImageMagick allows remote exploit. AFAIK no patch exists yet but defense against the exploit is detailed at the link. CVE-2016?3714

>From this change (res_rtp_asterisk): ast 13.10 to 13.11 webrtc JSSIP stop working, failing with chan_sip.c:4083 retrans_pkt: Hanging up call 7238b48c11581d4166b899bf747a05f7 at 130.211.62.184:0 - no reply to our critical packet (see https://wiki.asterisk.org/wiki/display/AST/SIP+Retransmissions). is there any way to configure to have the previous behaviour? Im trying to set

On Thu, Nov 7, 2013 at 9:39 PM, Filip Pizlo <fpizlo at apple.com> wrote: > NEW PROPOSAL > > The solution is to introduce meta-data that is explicit about how the > safe-to-execute condition ought to be evaluated. Instead of an SSA use, we > can have meta-data that says: > > %v = load %p !notrap !{ @f, <args> } > > where @f is a function in the

Hi, I've seen that in the past, libvirt couldn't start VMs when the disk image was stored on a file system that doesn't support direct I/O having the 'cache=none' configuration [0]. On the KubeVirt project, we have some storage tests on a particular provider which does just that - try to create / start a VM whose disk is on tmpfs and whose definition features

On Tue, 11 Jun 2024, SCOTT FIELDS wrote: > I'm not seeing if this has been asked in the past. > > Has there been discussion about implementing facilities with OpenSSH > for having it pull "Match" rules from a central repository, namely > LDAP or a RESTAPI service? You could probably hack something together using the exising ssh_config "Match exec" and

Except you'd need to cycle SSHD to pickup any changes/updates. ________________________________ From: Damien Miller <djm at mindrot.org> Sent: Wednesday, June 12, 2024 9:28 PM To: SCOTT FIELDS <Scott.Fields at kyndryl.com> Cc: openssh-unix-dev at mindrot.org <openssh-unix-dev at mindrot.org> Subject: [EXTERNAL] Re: OpenSSH - Central repository for "Match" rules On

No, the command would run every ssh invocation On Thu, 13 Jun 2024, SCOTT FIELDS wrote: > Except you'd need to cycle SSHD to pickup any changes/updates. > > ____________________________________________________________________________ > From: Damien Miller <djm at mindrot.org> > Sent: Wednesday, June 12, 2024 9:28 PM > To: SCOTT FIELDS <Scott.Fields at

http://bugzilla.mindrot.org/show_bug.cgi?id=238 Summary: sshd.pid file written AFTER key generation causes race condition Product: Portable OpenSSH Version: 3.1p1 Platform: All OS/Version: All Status: NEW Severity: enhancement Priority: P5 Component: sshd AssignedTo:

On Sat, Dec 09, 2017 at 03:03:52PM -0500, Stephen John Smoogen wrote: > On 9 December 2017 at 14:04, C. L. Martinez <carlopmart at gmail.com> wrote: > > Hi all, > > > > I have installed dnscrypt's rpm package from EPEL repo under a CentOS 7.4 and using unbound as a resolver. But, I see constant timeouts and responses are very slow ... Using same config in a Debian 9

----- Original Message ----- > > > > > > On Nov 8, 2013, at 1:13 AM, Chandler Carruth < chandlerc at google.com > > wrote: > > > > > > > > > On Thu, Nov 7, 2013 at 9:39 PM, Filip Pizlo < fpizlo at apple.com > > wrote: > > > > NEW PROPOSAL > > The solution is to introduce meta-data that is explicit

I will try to explain this as best I can. I have two computers; one a Supermicro X10SAE running CentOS 6, the other a very old DOS box.[*] The DOS box runs a CCD camera, sending images via Ethernet to the X10SAE. Thus, the X10SAE runs a Python server on port 5700 (a socket which binds to 5700 and listens, and then accepts a connection from the DOS box; nothing fancy).[**] The DOS box connects to

> On Nov 8, 2013, at 1:13 AM, Chandler Carruth <chandlerc at google.com> wrote: > > >> On Thu, Nov 7, 2013 at 9:39 PM, Filip Pizlo <fpizlo at apple.com> wrote: >> NEW PROPOSAL >> >> The solution is to introduce meta-data that is explicit about how the safe-to-execute condition ought to be evaluated. Instead of an SSA use, we can have meta-data that

Not sure if this is a factor yet, but your forwardzone is looking for 3 ports but only 2 ports are configured in the systemd startup.. so are 1/3 of all lookups going to fail? Or is the 6355 a 'given' (aka it will be set up whether 6353 and 6354 are setup?) On 9 December 2017 at 16:45, C. L. Martinez <carlopmart at gmail.com> wrote: > On Sat, Dec 09, 2017 at 10:25:41PM +0100, C.

On 05/04/2016 08:15 AM, John Hodrien wrote: > On Wed, 4 May 2016, Nux! wrote: > >> Direct links >> >> https://www.imagemagick.org/discourse-server/viewtopic.php?f=4&t=29588#p132726 >> >> https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-3714 >> >> Mitigation: >> >> As a workaround the /etc/ImageMagick/policy.xml file can be edited

http://bugzilla.mindrot.org/show_bug.cgi?id=440 djm at mindrot.org changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED ------- Additional Comments From djm at mindrot.org 2003-05-15 21:16

Hi! Previously in the "Add a 'notrap' function attribute?” thread we had discussed a way to use meta-data to specify that a load does not trap under certain conditions. Andy and Hal and I talked about this more in private and I just wanted to summarize what I think we arrived at. First I’ll summarize the original !notrap meta-data, then I’ll just mention why it’s hard to get it