Jump to content

sunrat

Forum Moderators
  • Content Count

    6,001
  • Joined

  • Last visited

Community Reputation

1,984 Excellent

1 Follower

About sunrat

  • Rank
    Thread Kahuna
  • Birthday 09/04/1954

Profile Information

  • Gender
    Male
  • Location
    Melbourne, Australia
  • Interests
    Computers - Linux, graphics, music
    Flying R/C helicopters
    Gardening
    Sound Engineering/Production
    Ingress

Previous Fields

  • Main System Specs:
    OS:siduction, AVLinux, Debian Buster/ KDE, MX-17.1, Win10, Intel Core i5-6500 @ 3.6 GHz, Gigabyte H170-HD3-CF mobo, Corsair RM750i PS, 16GB RAM Kingston HyperX 2133, ASUS GTX970, M-Audio Audiophile 2496 soundcard, Samsung 850 EVO 500GB SSD, WD SATA2 HD 2TB, Sony 43" 4k TV
  • Secondary System Specs:
    OS: siduction, Debian Buster KDE Plasma 5, KXStudio, Win7, Core2Duo E8500 @ 3.17 GHz, Gigabyte GA-EP45-UD3R mobo, Antec Earth Watts 650W, 4GB RAM Kingston HyperX 800, ASUS GTX560Ti, OCZ Vertex2 SSD 120GB, WD SATA2 HD 2x1TB, LG 27MU67 4k monitor
  • Other System(s) Specs:
    LG GPad 8.3 Android tablet, Google Pixel phone, ASUS EeePC 900 antiX

Recent Profile Visitors

647 profile views
  1. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4546-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 20, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openjdk-11 CVE ID : CVE-2019-2894 CVE-2019-2945 CVE-2019-2949 CVE-2019-2962 CVE-2019-2964 CVE-2019-2973 CVE-2019-2975 CVE-2019-2977 CVE-2019-2978 CVE-2019-2981 CVE-2019-2983 CVE-2019-2987 CVE-2019-2988 CVE-2019-2989 CVE-2019-2992 CVE-2019-2999 Several vulnerabilities have been discovered in the OpenJDK Java runtime, resulting in cross-site scripting, denial of service, information disclosure or Kerberos user impersonation. For the stable distribution (buster), these problems have been fixed in version 11_11.0.5+10-1~deb10u1.
  2. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4545-1 security@debian.org https://www.debian.org/security/ Moritz Muehlenhoff October 18, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : mediawiki CVE ID : CVE-2019-16738 It was discovered that the Special:Redirect functionality of MediaWiki, a website engine for collaborative work, could expose suppressed user names, resulting in an information leak. For the oldstable distribution (stretch), this problem has been fixed in version 1:1.27.7-1~deb9u2. For the stable distribution (buster), this problem has been fixed in version 1:1.31.4-1~deb10u1.
  3. ^^^ Kids these days. Treat every day like "Talk like a pirate day".
  4. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4544-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond October 16, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : unbound CVE ID : CVE-2019-16866 Debian Bug : 941692 X41 D-Sec discovered that unbound, a validating, recursive, and caching DNS resolver, did not correctly process some NOTIFY queries. This could lead to remote denial-of-service by application crash. For the stable distribution (buster), this problem has been fixed in version 1.9.0-2+deb10u1.
  5. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4509-3 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 15, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : apache2 CVE ID : CVE-2019-10092 Debian Bug : 941202 It was reported that the apache2 update released as DSA 4509-1 incorrectly fixed CVE-2019-10092. Updated apache2 packages are now available to correct this issue. For reference, the relevant part of the original advisory text follows. CVE-2019-10092 Matei "Mal" Badanoiu reported a limited cross-site scripting vulnerability in the mod_proxy error page. For the oldstable distribution (stretch), this problem has been fixed in version 2.4.25-3+deb9u9. For the stable distribution (buster), this problem has been fixed in version 2.4.38-3+deb10u3.
  6. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4543-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 14, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : sudo CVE ID : CVE-2019-14287 Debian Bug : 942322 Joe Vennix discovered that sudo, a program designed to provide limited super user privileges to specific users, when configured to allow a user to run commands as an arbitrary user via the ALL keyword in a Runas specification, allows to run commands as root by specifying the user ID - -1 or 4294967295. This could allow a user with sufficient sudo privileges to run commands as root even if the Runas specification explicitly disallows root access. Details can be found in the upstream advisory at https://www.sudo.ws/alerts/minus_1_uid.html . For the oldstable distribution (stretch), this problem has been fixed in version 1.8.19p1-2.1+deb9u1. For the stable distribution (buster), this problem has been fixed in version 1.8.27-1+deb10u1.
  7. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4539-3 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 13, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssl Debian Bug : 941987 The update for openssl released as DSA 4539-1 introduced a regression where AES-CBC-HMAC-SHA ciphers were not enabled. Updated openssl packages are now available to correct this issue. For the stable distribution (buster), this problem has been fixed in version 1.1.1d-0+deb10u2.
  8. LOL. That reminds me of a Pakulu Papito post, "Prank your housemates by filling all the sugar bowls in the house with cocaine".
  9. Epic drone chase of the ride HELIX at Liseberg in Gothenburg, Sweden. That's some unbelievably amazing drone flying!
  10. Just to confuse you even more, you can set up rsync to run as a systemd service with a systemd timer. Or even run it to watch folders for changes as shown in SB's above linked Arch wiki page. However, I just use Syncthing for that. The cron method is probably a touch easier for starters though.
  11. No social media here either. Avaaz are running an ongoing campaign to force Facebook et al to take down lots of these disinformation posts and accounts. I just donated 10 bucks to help them. https://secure.avaaz.org/campaign/en/war_on_planet_rb_loc/?fpla
  12. Edit, 1hour later: Just stumbled upon this - https://issuu.com/readdork/docs/dork__october_2017
  13. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4539-2 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso October 07, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : openssh Debian Bug : 941663 A change introduced in openssl 1.1.1d (which got released as DSA 4539-1) requires sandboxing features which are not available in Linux kernels before 3.19, resulting in OpenSSH rejecting connection attempts if running on an old kernel. This does not affect Linux kernels shipped in Debian oldstable/stable, but may affect buster systems which are running on an older kernel. For the stable distribution (buster), this problem has been fixed in version 1:7.9p1-10+deb10u1.
  14. - ------------------------------------------------------------------------- Debian Security Advisory DSA-4542-1 security@debian.org https://www.debian.org/security/ Sebastien Delafond October 06, 2019 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : jackson-databind CVE ID : CVE-2019-12384 CVE-2019-14439 CVE-2019-14540 CVE-2019-16335 CVE-2019-16942 CVE-2019-16943 Debian Bug : 941530 940498 933393 930750 It was discovered that jackson-databind, a Java library used to parse JSON and other data formats, did not properly validate user input before attempting deserialization. This allowed an attacker providing maliciously crafted input to perform code execution, or read arbitrary files on the server. For the oldstable distribution (stretch), these problems have been fixed in version 2.8.6-1+deb9u6. For the stable distribution (buster), these problems have been fixed in version 2.9.8-3+deb10u1.
×
×
  • Create New...