search for: ucko

Package: logcheck-database Version: 1.2.23 Followup-For: Bug #254681 Please generalize "nobody" to "[_[:alnum:]-]+", as some cron jobs su to other users: Jul 11 06:51:16 tux su[10385]: + ??? root:hinfo Jul 11 06:57:25 tux su[29801]: + ??? root:www-data Thanks. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500,

...two servers running the same version with the same configuration.) > * the second omits the PID of the ssh daemon - mistake or did older > messages look like that? (the ones I see do have the PID) Me too. The second line comes from aa313203, a large (and pretty recent) commit by Aaron M. Ucko. > * the second does use the new PAM format - but does the part after > ssh: really need to match anything but auth? I would guess so, since this line should be the result of pam_unix failing during the auth phase. As for the rest, I'll leave it to you to merge these two lines if yo...

Package: logcheck-database Version: 1.2.43a Severity: minor Since last weekend's upgrade of logcheck-database from 1.2.42 to 1.2.43a, logcheck stopped ignoring routine SpamAssassin messages of the form Feb 20 21:36:16 tux64 spamd[4665]: spamd: checking message <20060220190721.0E0B41C5207 at llwb563.servidoresdns.net> for amu:7286 Could you please edit the second pattern in

I just had a remote root break-in on my machine (x86 running Red Hat Linux 5.0 with all the updates except for kernel-2.0.32-3) this morning at 06:03:28 EDT. From what I''ve been able to gather, it appears to have been through snmpd, which I missed when I was weeding out unused daemons. Sorry for the feeble message, but all I know (or at least strongly suspect) is that there''s a

> > systems which no longer seem to have this. This file contained an archive of > > the trojan''s that were inserted into the compromised system - does anybody know > > what is in these trojans? > > Check the Linux RootKit ... (LRK).. > > Typically LRK to use config-files.. (and typically LRK-users to place > files in /dev.. find /dev -type f | grep -v

I''m in the process of locking down as much of my systems here as possible as to available ports. I am down to only a handful but am not sure how much of a security risk they pose and was wondering if anyone here might be able to comment, or suggest secure versions to run: 21/FTP (WU-ftpd v2.4.2 BETA 14) 22/SSH (1.22) 23/TELNET (Netkit 0.09) 25/SMTP (Sendmail

...rked as fixed in versions 2.6.13-1~bpo70+1. > notfixed 717086 8.5.0-2.1 Bug #717086 {Done: Sergei Golovan <sgolovan at nes.ru>} [src:tcltk-defaults] Dependency is broken in package 'tk' No longer marked as fixed in versions 8.5.0-2.1. > notfixed 716834 1.3.2-3 Bug #716834 {Done: ucko at debian.org (Aaron M. Ucko)} [libfltk1.3-dev] libfltk1.3-dev: --ldflags should contain -ldl No longer marked as fixed in versions 1.3.2-3. > found 715727 0.38-1 Bug #715727 {Done: Daniel Baumann <daniel.baumann at progress-technologies.net>} [libcgroup] cgcreate can crash on manually cra...

...g files (opengl/*.pd_linux), aborting Added tag(s) jessie. > tags 440538 + jessie Bug #440538 {Done: Sebastian Andrzej Siewior <sebastian at breakpoint.cc>} [openssl] openssl: FTBFS with gcc-4.2: sect239k1 testsuite failure. Added tag(s) jessie. > tags 196003 + jessie Bug #196003 {Done: ucko at debian.org (Aaron M. Ucko)} [libfltk1.1-dev] libfltk1.1-dev: Upgrade of the package didn't ask about the header links. Added tag(s) jessie. > tags 617109 + jessie Bug #617109 [src:sugar-record-activity] sugar-record-activity: deprecation of dh_pycentral, please use dh_python2 Added tag(s)...