similar to: Bug#683279: CVE-2012-3432

Package: xen Severity: grave Tags: security Justification: user security hole Please see the following links: http://www.openwall.com/lists/oss-security/2012/09/05/11 http://www.openwall.com/lists/oss-security/2012/09/05/10 http://www.openwall.com/lists/oss-security/2012/09/05/9 http://www.openwall.com/lists/oss-security/2012/09/05/8 http://www.openwall.com/lists/oss-security/2012/09/05/7

Salvatore Bonaccorso writes ("Re: Updated Xen packages for XSA 216..225"): > On Tue, Jul 11, 2017 at 11:34:38PM +0200, Moritz Muehlenhoff wrote: > > On Mon, Jul 03, 2017 at 12:33:54PM +0100, Ian Jackson wrote: > > > Moritz M?hlenhoff writes ("Re: Updated Xen packages for XSA 216..225"): > > > > Sorry for the late reply, was on vacation for a week.

Package: xen Severity: important Tags: security Justification: user security hole Hi, This issue is still unfixed in Wheezy: https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-2625 Patch: http://xenbits.xensource.com/hg/xen-unstable.hg/rev/60f09d1ab1fe Cheers, Moritz

https://bugzilla.mindrot.org/show_bug.cgi?id=1469 Summary: Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576) Classification: Unclassified Product: Portable OpenSSH Version: 5.0p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2

Moritz Muehlenhoff writes ("Re: Xen package security updates for jessie 4.4, XSA-213, XSA-214"): > On Thu, May 04, 2017 at 05:59:18PM +0100, Ian Jackson wrote: > > Should I put jessie-security in the debian/changelog and dgit push it > > (ie, from many people's pov, dput it) ? > > Yes, the distribution line should be jessie-security, but please send > a

Hi I have some odd problem with running dovecot. Program dies with message in maillog: Mar 31 21:04:02 test-box dovecot: Dovecot starting up Mar 31 21:04:04 test-box dovecot: execv(imap-login) failed: Resource temporarily unavailable Mar 31 21:04:04 test-box dovecot: execv(imap-login) failed: Resource temporarily unavailable Mar 31 21:04:04 test-box dovecot: Login process died too early -

Saw this on the Exim List:- From: Tony Finch <dot--at-- at dotat.at> Subject: [exim] CVE-2015-0235 - glibc gethostbyname remotely exploitable via exim Date: Tue, 27 Jan 2015 17:33:45 +0000 "The Exim mail server is exploitable remotely if configured to perform extra security checks on the HELO and EHLO commands ("helo_verify_hosts" or "helo_try_verify_hosts"

Package: xen Severity: grave Tags: security Please see https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4255 for a description and a link to the upstream report/patch. Cheers, Moritz

On Mon, Jul 03, 2017 at 12:33:54PM +0100, Ian Jackson wrote: > Moritz M?hlenhoff writes ("Re: Updated Xen packages for XSA 216..225"): > > Sorry for the late reply, was on vacation for a week. What's the status > > of jessie? Most of the XSAs seem to affect oldstable as well. > > Sorry, I forgot about them... > > I will see what I can do. Did you look

Hello. Is it possible to run wine on openwall-patched linux kernel? Invoking /opt/wine/bin/wine.bin /home/ftp/pub/windows/telnet/putty.exe ... err:win32:do_relocations Standard load address for a Win32 program not available - patched kernel ? err:win32:do_relocations FATAL: Need to relocate Z:\home\ftp\pub\windows\telnet\putty.exe, but no relocation records present (stripped during link). Try to

I am looking at adding some tests based on John the Ripper to the test suite repository. http://www.openwall.com/john/ Does anyone have a problem with this? Are there specific algorithms people would like to see benchmarked? Thx Chris Matthews chris.matthews@.com (408) 783-6335 -------------- next part -------------- An HTML attachment was scrubbed... URL:

Source: xen Version: 4.1.3~rc1+hg-20120614.a9c0a89c08f2-5 Severity: important - x86: Make asmlinkage explicitly a no-op, and avoid usage in arch/x86 Build-fix, done different in Debian. - tools/ocaml: Fix 2 bit-twiddling bugs and an off-by-one Relevant for xcp. - x86_64: Fix off-by-one error setting up the Interrupt Stack Tables Hypervisor code running with wrong stack. Breaks error handling

On Tue, January 27, 2015 1:58 pm, Peter Lawler wrote: > On 28/01/15 04:47, Always Learning wrote: >> >> Saw this on the Exim List:- >> > <SNIP> >> >> I use Exim on C5 and C6 - should I be worried about Exim on C6 ? >> > > upstream references: > https://rhn.redhat.com/errata/RHSA-2015-0092.html When I read this I read that it is fixed in

Hello! I have trouble with multipath routing. Those options are enabled in kernel: [*] IP: policy routing [*] IP: equal cost multipath [*] IP: equal cost multipath with caching support (EXPERIMENTAL) <*> MULTIPATH: round robin algorithm But issuing: ip r a 1.2.3.0/23 scope global equalize nexthop via 80.245.176.11 \ dev eth0 weight 1 nexthop via 80.245.176.13 dev eth0

https://bugzilla.mindrot.org/show_bug.cgi?id=1471 Summary: sshd can block if authorized_keys is a named pipe Classification: Unclassified Product: Portable OpenSSH Version: 4.7p1 Platform: All OS/Version: Linux Status: NEW Severity: minor Priority: P2 Component: sshd AssignedTo: bitbucket at

2009/9/16 Olivier Meurant <meurant.olivier at gmail.com>: >         Average 13836499.46     12447973.17     1388526.29      10.03 >         Standard deviation      53189.13        515638.56 > 522400.98       3.77 That was pretty much what I was expecting from the article... numbers. It doesn't matter who's best, you can't be best in all areas, but profiling must be

Good afternoon, I am trying to setup dovecot to authenticate using the userdata from wordpress. It's being a bit mor difficult than I thought. This is the relevant part of the dovecot-sql.conf default_pass_scheme = CRYPT password_query = SELECT user_pass AS password FROM wp_users WHERE user_email='%u'; user_query = SELECT 501 as uid, 501 as gid,'maildir:storage=51200' as

OpenSSH 3.6.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. This is a release of the Portable version only. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Changes

OpenSSH 3.6.1p2 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. This is a release of the Portable version only. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support and encouragement. Changes

https://bugzilla.samba.org/show_bug.cgi?id=3432 Summary: rsync -azv --cvs-exclude forgets "LocalSettings.php" Product: rsync Version: 2.6.6 Platform: x86 URL: http://pto.linux.dk/albackup.tgz OS/Version: Linux Status: NEW Severity: major Priority: P3 Component: core