similar to: full-d] Administrivia: List Compromised due to Mailman Vulnerability (fwd)

More patch-o-rama :-( ---Mike >From: Michal Zalewski <lcamtuf@dione.ids.pl> >To: bugtraq@securityfocus.com, <vulnwatch@securityfocus.com>, > <full-disclosure@netsys.com> >X-Nmymbofr: Nir Orb Buk >Subject: [Full-Disclosure] Sendmail 8.12.9 prescan bug (a new one) >[CAN-2003-0694] >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere:

Has anyone around here heard of this ? ---Mike >Subject: Re: [Full-Disclosure] new ssh exploit? >From: christopher neitzert <chris@neitzert.com> >Reply-To: chris@neitzert.com >To: full-disclosure@lists.netsys.com >X-Mailer: Ximian Evolution 1.4.3.99 >Sender: full-disclosure-admin@lists.netsys.com >X-BeenThere: full-disclosure@lists.netsys.com

anyone want to work next to a lake? i went to ntbugtraq / canada day party / conference last month and had a great time meeting interesting peole in a relaxed atmosphere. i thought i'd forward this on to the samba mailing lists as a lot of the people involved with samba have to deal with heavy duty nt environments. luke p.s don't bug russ if you don't cover the job requirements,

You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #

You've probably already seen the latest sendmail vulnerability. http://lists.netsys.com/pipermail/full-disclosure/2003-September/010287.html I believe you can apply the following patch to any of the security branches: http://cvsweb.freebsd.org/src/contrib/sendmail/src/parseaddr.c.diff?r1=1.1.1.17&r2=1.1.1.18 Download the patch and: # cd /usr/src # patch -p1 < /path/to/patch #

Forwarded message: > From full-disclosure-admin@lists.netsys.com Wed Apr 21 11:49:12 2004 > To: full-disclosure@lists.netsys.com > From: Darren Bounds <dbounds@intrusense.com> > Subject: [Full-Disclosure] IETF Draft - Fix for TCP vulnerability > Date: Tue, 20 Apr 2004 18:19:58 -0400 > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > >

Roy Sutton wrote: > I think commit e-mails are getting rejected by mailman. Here are the > instructions from RubyForge''s FAQ: I have not received any bounce messages, and I couldn''t find any evidence of svn message bounces within the mailman admin pages. But I followed the instructions anyway, so whether svn has been getting bounces, or isn''t yet properly

The Linux Foundation is hosting this list now. Mailing to virtualization@lists.osdl.org will continue to work, but you may need to update your procmail, etc. filters, I know I did. thanks, -chris

The Linux Foundation is hosting this list now. Mailing to virtualization@lists.osdl.org will continue to work, but you may need to update your procmail, etc. filters, I know I did. thanks, -chris

$ git clone git://git.annexia.org/git/libguestfs.git Initialized empty Git repository in /tmp/libguestfs/.git/ remote: Counting objects: 13903, done. remote: Compressing objects: 100% (3093/3093), done. Receiving objects: 19% (2642/13903), 1.33 MiB | 52 KiB/s It always stops at the same place. The particularly strange thing is, it always stops at the same place _when I run it on the git server

Olly Betts <olly at survex.com> wrote: > A few hours ago 20 addresses got unsubscribed from this list due to > bounces caused by Yahoo's DMARC p=reject policy: > > https://help.yahoo.com/kb/SLN24050.html > > This breaks mailing lists. Yahoo are well aware of this, but don't seem > to care: Fwiw, mailman has a 'cleanse-dkim' handler which strips

You have probably noticed the steady stream of Outlook viruses that have been appearing on the mailing list. To stem this flow somewhat, I have reduced the maxiumum message size of the list back to 40kb - most of these viruses create messages greater than 100kb. If you have large patches or logs, please post them on a website somewhere and send a URL. Apologies for any hassle that this

Someone on this mailing list has been reporting spam emails forwarded by the mailing list to spamcop. This has resulted in several listings of my mail server in their database of spam relays and a significant amount of inconvenience for myself and the other users of the mail relay. You have all been warned in the list welcome message that this is an open list and that the occasional spam gets

I have just hooked up SpamAssassin[1] to the openssh-unix-dev mailing list. Hopefully this will mitigate further annoyances from spammers that have been harassing the list. It is sure that there will be some "false positives" in the attempt to remove spam. If you find your email being consistently dropped, please contact me and I'll look into it. -d [1] http://spamassassin.org/ (I

Some time last night, the mailing list server corrupted its databases. I have restored the list membership information, but Mailman will have reset your passwords and any options you may have set on your account. If you want to reset these, please visit: http://www.mindrot.org/mailman/listinfo/openssh-unix-dev If you sent anything to the list which hasn't appeared, please resend it.

Hi, Rather than melting my mailserver by sending every Bugzilla change to the ~700 member openssh-unix-dev mailing list, I have created a new read-only openssh-bugs list to receive this Bugzilla messages. If you would like to receive notifications of new or changed bugs, please subscribe to that list. The reply-to address on the new list points back to the openssh-unix-dev list, and all

Hi, Rather than melting my mailserver by sending every Bugzilla change to the ~700 member openssh-unix-dev mailing list, I have created a new read-only openssh-bugs list to receive this Bugzilla messages. If you would like to receive notifications of new or changed bugs, please subscribe to that list. The reply-to address on the new list points back to the openssh-unix-dev list, and all

Hi, You may have noticed some small changes to the list over the last few days. These are a result of the mailing list server and software being upgraded. This has brought several changes: 1. Automatic detection of bouncing subscribers. The newer version of the list software encodes an individual return-path address to detect recipients whose mail is bouncing. If too many bounces are detected,

Hi, I'm sure you have all noticed the recentincrease in spam making it through the list filters. I guess this is due to the spammers adopting techniques specifically intended to evade SpamAssassin. Over the next week, I will be adding add some extra anti-spam measures to the list. Hopefully this will stop this abuse. Until then, patience please. Thanks, Damien Miller

Hi, I would like to find a home for a public anoncvs, cvsweb and snapshot repository for Portable OpenSSH in a decent datacenter. Can anyone recommend (off-list) good and affordable co-lo facilities in Australia, preferably Melbourne? The facilities needed are a couple of RU and Internet connectivity. IPv6 access is a strong plus, as is access to multiple carriers. If an ISP or data centre