similar to: Semi-OT: thunderbird displaying inline

Hello Mark, On Sun, 2016-12-18 at 11:56 -0500, mark wrote: > This is odd. Just recently, at home, even though I have it set to display > messages as plain text, I'm suddenly seeing pics attached to spam inline, as > though I had it set to display html. > > Can't find anything to make it stop - anyone have a clue? You are probably being confronted with content

Hello list, To my astonishment the openssh versions on both C6 and C7 will by default negotiate an MD5 HMAC. C6 client, C7 server: debug2: mac_setup: found hmac-md5 debug1: kex: server->client aes128-ctr hmac-md5 none debug2: mac_setup: found hmac-md5 debug1: kex: client->server aes128-ctr hmac-md5 none C7 client & server: debug2: mac_setup: setup hmac-md5-etm at openssh.com debug1:

Hi, I am trying to install a C6 VM on C6 using the text installer using: # virt-install -n C6_1 -r 3072 --os-variant=rhel6 -l \ ftp://ftp.nluug.nl/site/centos.org/CentOS/6.3/os/x86_64/ --disk \ path=/dev/VG1/vm_c6_1 -w network:default --nographics \ -x "console=ttyS0" --autostart /dev/VG1/vm_c6_1 has been successfully created. The installation starts but once I get to the disk

Hi, I usually receive updates after the related announcement has hit my inbox. But today I see a thunderbird update, but no message on centos-announce yet, not even in the archives. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

On Sun, Sep 25, 2016 at 04:38:39PM +0200, Leonard den Ottolander wrote: > The qemu-kvm option "-enable-nesting" that I dug up in the source looks > promising. No mention in the man page on either C6 or C7 but it is > mentioned here: > https://www.redhat.com/archives/libvir-list/2012-October/msg01138.html > > How do I pass the "-enable-nesting" option to

Hi, The fact that apparently the last tigervnc update from upstream was missed triggered me to check for missing updates and packages in 6.3. Here are my results. Sorry for any false positives that might have crept in, but note that some of the 6_x updates actually are updates and not a parsing error. And perhaps an occasional false positive due to having to compare upstream SRPMS vs downstream

Hello, I'm trying to get the Android Emulator to run inside a kvm vm on CentOS-6. Apparently the latest Android Emulators cannot run without hardware acceleration so I am trying to get the vm to see the svm cpu flag. Host: $ grep model\ name /proc/cpuinfo | sort -u model name : AMD Phenom(tm) II X4 965 Processor $ grep svm /proc/cpuinfo | sort -u flags : fpu vme de pse tsc msr pae mce cx8

Hi, The debuginfo repodata for C6 is missing: http://debuginfo.centos.org/6/x86_64/repodata/7a42847903e6a76f9397c0bc9aca6afbbef1f74c-filelists.sqlite.bz2: [Errno 14] PYCURL ERROR 22 - "The requested URL returned error: 404 Not Found" Trying other mirror. Error: failure: repodata/7a42847903e6a76f9397c0bc9aca6afbbef1f74c-filelists.sqlite.bz2 from debug: [Errno 256] No more mirrors to

Hello John, On Thu, 2017-02-09 at 16:33 +0000, John Hodrien wrote: > On Thu, 9 Feb 2017, Leonard den Ottolander wrote: > > > How about my request for checksums in the git repo? > > What checksums would you actually want in git? SRPMS are signed which allows the integrity of the contents to be checked. Such an integrity check is missing from the git repo. Either a checksum

Hello team, Just wondering how the build of 5.10 is coming along. Is there a resource that informs us on these matters? Thanks! Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

On 10/19/2016 11:34 AM, Leonard den Ottolander wrote: > Hello Gordon, > *snip* > > Personally I would be more concerned whether or not to enable ECDSA > algorithms (https://blog.cr.yp.to/20140323-ecdsa.html). > > Regards, > Leonard. > For web server ECDSA certs is currently a concern because the only curves with popular support across browsers have parameters that were

On Wed, Sep 2, 2015 at 1:59 PM, Leonard den Ottolander < leonard at den.ottolander.nl> wrote: > Hello Mike, > > On Wed, 2015-09-02 at 13:05 -0400, Mike - st257 wrote: > > I've been through the virt-install manpage a few times now to no avail. > > What is wrong with my syntax here (seen below)? > > > ~]# virt-install --connect qemu:///system -n blahhost

me at tdiehl.org wrote: > On Fri, 25 Aug 2017, Leonard den Ottolander wrote: >> >> I usually receive updates after the related announcement has hit my >> inbox. But today I see a thunderbird update, but no message on >> centos-announce yet, not even in the archives. > > Just a guess but Johnny Hughes usually does those announcements. There is > a large Hurricane

Hi, I woke up Saturday morning unable to boot my freshly upgraded 5.6 with grub hanging at "GRUB". After getting the boot loader fixed I experienced crashes in evolution. Downgrading glibc to 2.5-58 seems to fix these issues. Anyone else seeing this? Leonard. -- mount -t life -o ro /dev/dna /genetic/research

Hello Johnny, On Wed, 2017-02-15 at 09:47 -0600, Johnny Hughes wrote: > 2. They already have shell access on the machine in question and they > can already run anything in that shell that they can run via what you > are pointing out. No, assuming noexec /home mounts all they can run is system binaries. > 3. If they have access to a zeroday issue that give them root .. they >

On 25 September 2016 at 17:57, Leonard den Ottolander >> > >> Nested Virtualization will be a tech preview in RHEL 7.3 Beta, and so >> it'll be available after RHEL 7.3 is released and CentOS rebuilds it. > Officially its gonna be tech-preview in 7.3, but I can tell you we've been successfully using it for testing oVirt since 7.1... (For el7 on top of el7, see [1]

Hi, Reading http://www.centos.org/modules/newbb/viewtopic.php?topic_id=30939&forum=37 I noticed a warning about an upcoming bugged update xorg-x11-server-utils-7.1-5.el5_6.1 I would advise everyone to add exclude=xorg-x11-server-utils-7.1-5.el5_6.1 to their updates repo config. Regards, Leonard. -- mount -t life -o ro /dev/dna /genetic/research

On Thu, 2017-02-02 at 13:40 -0800, Gordon Messmer wrote: > Escalation *requires* attacking a program in a security context other > than your own. Not necessarily. Suppose the adversary is aware of a root exploit/privilege escalation in a random library. Then the heap spraying allows this attacker to easily trigger this exploit because he is able to initialize the entire contents of the

On 10/19/2016 08:30 AM, Leonard den Ottolander wrote: > Where did you get the idea that AES (~ Rijndael) is a weak cipher? It's not the cipher, but the mode. CBC has several known weaknesses in TLS, and is frequently regarded as potentially insecure as a result. https://www.openssl.org/~bodo/tls-cbc.txt

Hi, In a recent security review some systems I manage were flagged due to supporting "weak" ciphers, specifically the ones listed below. So first question is are people generally modifying the list of ciphers supported by the ssh client and sshd? On CentOS 6 currently it looks like if I remove all the ciphers they are concerned about then I am left with Ciphers