similar to: OpenSSL bufffer overflow

Colin, good day! Spotted two patches for x11-servers/xorg-server port: see entries for x11r6.9.0-dbe-render.diff and x11r6.9.0-cidfonts.diff at http://xorg.freedesktop.org/releases/X11R6.9.0/patches/index.html Seems like they are not applied to the xorg-server-6.9.0_5. May be it should be added to the VuXML document? There is a ports/107733 issue that incorporates these patches. May be you

What does mean this bizarre msgid? maillog: Mar 31 19:31:15 cu sm-mta[5352]: h2VFVEGS005352: from=<nb@sindbad.ru>, size=1737, class=0, nrcpts=1, msgid=<!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAfp4Fa2ShPE2u4pP/QpPDIMKAAAAQAAAAj+zb4Isbuk+tYEPVF9Vf, proto=ESMTP, daemon=MTA, relay=wg.pu.ru [193.124.85.219] -- Nikolaj I. Potanin, SA http://www.drweb.ru ID

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers() Category: contrib Module: openssl

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-07:08.openssl Security Advisory The FreeBSD Project Topic: Buffer overflow in OpenSSL SSL_get_shared_ciphers() Category: contrib Module: openssl

Can anyone provide more details about the posting below ? >Mailing-List: contact bugtraq-help@securityfocus.com; run by ezmlm >List-Id: <bugtraq.list-id.securityfocus.com> >List-Post: <mailto:bugtraq@securityfocus.com> >List-Help: <mailto:bugtraq-help@securityfocus.com> >List-Unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com> >List-Subscribe:

SSH.COM says their SSH2 is not vulnerable to the ZLIB problem even though they use the library (details below). Can OpenSSH say the same thing? In either case, it seems like there ought to be an openssh-unix-announce message about what the situation is. I may have missed it, but I don't believe there was one. Yes, openssh doesn't have its own copy of zlib source but it would still be

This affects only 3.7p1 and 3.7.1p1. The advice to leave PAM disabled is far from heartening, nor is the semi-lame blaming the PAM spec for implementation bugs. I happen to like OPIE for remote access. Subject: Portable OpenSSH Security Advisory: sshpam.adv This document can be found at: http://www.openssh.com/txt/sshpam.adv 1. Versions affected: Portable OpenSSH versions 3.7p1

>>>> I did some local testing and it seems that you are using a curve >>>> that is not acceptable for openssl as a server key. >>>> I tested with openssl s_server -cert ec-cert.pem -key ec-key.pem >>>> -port 5555 >>>> using cert generated with brainpool. Everything works if I use >>>> prime256v1 or secp521r1. This is a

I have a somewhat busy sftp server where the users are all chrooted into their home directory. In order to log all the commands they enter, I have to create a /dev/log entry and hard link in their home directory so that syslog works for their commands Match user * ForceCommand internal-sftp -f local1 -l verbose Everything works, but its a bit of a pain if someone restarts syslogd and forgets

Operating system virtualization is the most effective way to utilize your system resources, jails let you setup isolated mini-systems. Jails are explains well in handbook however, from practical standpoint of view, the presented material is incomplete. The post below setup few scrips that follow handbook's 'Application of Jails' article and enhance with few missing features

Main question: is it safe, to open a port for an openssl server? e.g.: server side - generate a self-signed cert. time openssl req -x509 -nodes -days 365 -newkey rsa:8192 -keyout mycert.pem -out mycert.pem openssl s_server -accept 52310 -cert mycert.pem Is it secure? - it could be DOSed' [DenialofService] or could it be attacked in any way? Are there any iptables rule for restricting

On 31.07.2018 03:32, ????? wrote: >> Perhaps for whose interested - IETF RFC 7027 specifies for TLS use: >> >> [ brainpoolP256r1 | brainpoolP384r1 | brainpoolP512r1 ] >> >> And thus t1 would not work anyway. However, having tested r1 the result >> was just the same. >> >> A tcpdump during the openssl test [ s_server | s_client ] then revealed

On a rather full customer web server, I am trying to track down whose web site script is trying to make outbound network connections when they should not be. In /etc/security/audit_control, I added to the flags line dir:/var/audit flags:lo,aa,-nt minfree:5 to log failed network connection. When I try an make an outbound connection to something that is blocked in pf, it seems to sometimes work.

Hello, Is there any support (existing or planned) for host keys/certs being managed by some hardware device (tpm,hsm,etc..) instead of a flat file? thanks, -Kenny

Hello, I am getting errors when doing a make clean under /usr/src, I have always done this before doing a make world, and never a problem. I have tried deleting all of /usr/src and re cvsuped, but the problem persists. FreeBSD 4.7-STABLE #0: Fri Feb 14 13:49:58 EST 2003 ===> secure/usr.bin/openssl rm -f buildinf.h openssl/opensslconf.h openssl/evp.h xopenssl app_rand.o apps.o asn1pars.o ca.o

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 30 July 2018 at 21:00 ѽ҉ᶬḳ℠ < <a href="mailto:vtol@gmx.net">vtol@gmx.net</a>> wrote: </div> <div> <br>

...Vulnerability - CVE-2007-6015" http://www.freshports.org/net/samba3/ ============================================================================ samba3 3.0.26a_2,1 <http://www.freshports.org/net/>net<http://www.freshports.org/faq.php#watchlistcount> <http://www.freshports.org/search.php?stype=depends_all&method=match&query=net/samba3>=220 FORBIDDEN:

Zitat von Remko Lodder <remko at freebsd.org>: Hi Remko, > Emails can only be read if they are authenticated / authorized in > someway to access the store. That means you might need to share the > info@ credentials with the other > people so that they can read it over imap or webmail etc. That is self-evident and it is not a problem. I can't understand what you

Hi, I'm new to this list. For some years I've used CryptoSticks and YubiKeys to authenticate to SSH on the client side. Now I wondered if the same also worked on the server side. The closest I found was this old thread from 2012: http://www.gossamer-threads.com/lists/openssh/dev/54825 How did this progress further? Is it in the packages in the debian repositories yet? And is there some

Other than cranking up logging to debug2, is there a way to better tune logging on a server to see if I am running into max sessions ? On FreeBSD RELENG11 I am periodically seeing connections being refused- 3way handshake not completing or completing and then FINs. Typically, I have a hundred or so connections at one time, but they can bounce up to a few hundred on occasion. Without leaving the