similar to: Quoting practice

Hello John, On Thu, 2017-02-09 at 16:33 +0000, John Hodrien wrote: > On Thu, 9 Feb 2017, Leonard den Ottolander wrote: > > > How about my request for checksums in the git repo? > > What checksums would you actually want in git? SRPMS are signed which allows the integrity of the contents to be checked. Such an integrity check is missing from the git repo. Either a checksum

Hello team, Just wondering how the build of 5.10 is coming along. Is there a resource that informs us on these matters? Thanks! Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hello Jonathan, On Wed, 2016-12-14 at 15:03 -0500, Jonathan Billings wrote: > On Wed, Dec 14, 2016 at 07:29:19PM +0100, Leonard den Ottolander wrote: > > > get_sources.sh > > > > The name suggests this is what we need (or do we??) If only I could find > > that script anywhere... > > Johnny said it at the beginning of his email. I'll paste it again so

On Thu, 2017-02-02 at 06:40 -0800, John R Pierce wrote: > On 2/2/2017 6:22 AM, Leonard den Ottolander wrote: > > However, the fact that the binary in the example is setuid is orthogonal > > to the fact that heap spraying is a very serious attack vector. > > without privilege escalation, what does it attack ? pkcheck might not be directly vulnerable. However, pkexec is.

Hi, I woke up Saturday morning unable to boot my freshly upgraded 5.6 with grub hanging at "GRUB". After getting the boot loader fixed I experienced crashes in evolution. Downgrading glibc to 2.5-58 seems to fix these issues. Anyone else seeing this? Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hello, On Thu, 2015-04-02 at 14:25 +0100, Karanbir Singh wrote: > On 04/02/2015 11:45 AM, Leonard den Ottolander wrote: > > Just noticed that the distro tag used in openssl is different from > > upstream. Upstream and the last update (openssl-1.0.1e-30.el6_6.7) use > > "el6_6" where as the latest update (openssl-1.0.1e-30.el6.8) uses > > "el_6". Any

Hi, Reading http://www.centos.org/modules/newbb/viewtopic.php?topic_id=30939&forum=37 I noticed a warning about an upcoming bugged update xorg-x11-server-utils-7.1-5.el5_6.1 I would advise everyone to add exclude=xorg-x11-server-utils-7.1-5.el5_6.1 to their updates repo config. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hi, Updating selinux-policy-targeted to 3.7.19-260 fails. The archive seems corrupt. Got another copy from http://mirror.centos.org/centos/6/os/x86_64/Packages/ which also fails: # rpm -Fv selinux-policy-targeted-3.7.19-260.el6.noarch.rpm Preparing packages for installation... selinux-policy-targeted-3.7.19-260.el6 warning: /etc/selinux/targeted/contexts/customizable_types saved as

Hi, Anyone else seeing this? C7 Gnome Desktop, opened a gnome-terminal, click File -> New Profile and gnome-terminal-server gets killed. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hello Johnny, On Wed, 2017-02-15 at 09:47 -0600, Johnny Hughes wrote: > 2. They already have shell access on the machine in question and they > can already run anything in that shell that they can run via what you > are pointing out. No, assuming noexec /home mounts all they can run is system binaries. > 3. If they have access to a zeroday issue that give them root .. they >

Hello list, To my astonishment the openssh versions on both C6 and C7 will by default negotiate an MD5 HMAC. C6 client, C7 server: debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none C7 client & server: debug2: mac_setup: setup hmac-md5-etm at openssh.com debug1:

Hi, On Thu, 2016-10-27 at 11:25 +0200, Alessandro Baggi wrote: > === START OF READ SMART DATA SECTION === > SMART overall-health self-assessment test result: PASSED That's the line you are looking for. Since your disk apparently does not store an error log - not sure if that's something with SSDs in general or just with this particular disk - you will always have to invoke

Hello, The latest update to sudo (sudo-1.7.2p1-14.el5_8.2) breaks postgresql. https://bugzilla.redhat.com/show_bug.cgi?id=846631 It might break other services that rely on access to /etc/nsswitch.conf too. Assuming you have a "sudoers" line in /etc/nsswitch.conf that file will be recreated with incorrect file permissions. After having had issues with selinux permissions on that

Hello, The links under the CentOS-Fasttrack paragraph at http://wiki.centos.org/AdditionalResources/Repositories all refer to non existent pages/files at mirror.centos.org. Where can one find the repo files and readme? Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hi, Just noticed that the distro tag used in openssl is different from upstream. Upstream and the last update (openssl-1.0.1e-30.el6_6.7) use "el6_6" where as the latest update (openssl-1.0.1e-30.el6.8) uses "el_6". Any reason for this discrepancy? Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hi, The debuginfo repodata for C6 is missing: http://debuginfo.centos.org/6/x86_64/repodata/7a42847903e6a76f9397c0bc9aca6afbbef1f74c-filelists.sqlite.bz2: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found" Trying other mirror. Error: failure: repodata/7a42847903e6a76f9397c0bc9aca6afbbef1f74c-filelists.sqlite.bz2 from debug: [Errno 256] No more mirrors to

Hello Gordon, On Fri, 2017-01-27 at 10:26 -0800, Gordon Messmer wrote: > Cryptographers still consider MD5 secure for HMAC use. Wikipedia's > references (currently 6, 7, and 8) in this article are useful: > > https://en.wikipedia.org/wiki/Hash-based_message_authentication_code https://en.wikipedia.org/wiki/MD5 seems to disagree: "The security of the MD5 has been severely

Based on an article that was mentioned on this list https://googleprojectzero.blogspot.nl/2014/08/the-poisoned-nul-byte-2014-edition.html I found two attacker controlled memory leaks in the option parsing of pkcheck.c. These memory leaks allow a local attacker the ability to "spray the heap", i.e. initialize large parts of the heap before launching his attack. The original attack

Hello Johnny, On Thu, 2017-02-09 at 09:07 -0600, Johnny Hughes wrote: > Yes .. that content will be republished. It was an accident. How about my request for checksums in the git repo? Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hello Glen, On Thu, 2016-12-15 at 10:10 -0800, Glenn E. Bailey III wrote: > I was most def root. There's a difference whether you logged in as root or su-ed to root. In the latter case /home is still in use by the user you su-ed from. Even though it is not strictly necessary to init 1 you must make sure not a single user that uses /home for their home directory is logged in and no system