The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Draft: Security Alert Announce#1 Debian/GNU Linux

To: Bernd Eckenfels <lists@lina.inka.de>
Subject: Re: Draft: Security Alert Announce#1 Debian/GNU Linux
From: Juergen Menden <menden@informatik.tu-muenchen.de>
Date: Wed, 30 Oct 1996 09:48:07 +0100 (MET)
Cc: debian-private@lists.debian.org, security@debian.org
Delivered-to: security@debian.org
Importance: low
In-reply-to: <m0vIRH9-0004ijC@lina>
Priority: non-urgent
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"cBvm81.0.Hd6.MbnTo"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

On Wed, 30 Oct 1996, Bernd Eckenfels wrote:
> 
> lprng should be moved to stable very quickly. I suggest to create 1.1.14

well, before crying for action you should describe the problem.
just because there are bugs isn't enough for a security alert. :-(

> DESCRIPTION
> 
>  There are Bugs in the upstream version of zircon and lpr which makes your
>  system vulnerable to exploits. Please check if you have installed one of
>  those packages with the command:

one line description telling that there are bugs in lpr. what bugs?
do you think lprng has got none? is this a bug report or a security
_alert_? the rest of the description paragraph is better noted as
'how to find out if you are vulnerable?' it is not at all a description
of the vulnerability. 

more questions: is CERT informed? or anyone else?

this is no serious security alert as it only tells about
half-trues and heard-offs which are aparently unchecked.
please look at any CERT alert for some inspiration.

:-(((
jjm

-- 
Juergen Menden                   | Disclaimer: The opinions expressed by me, 
tel:    +49 (89) 289 - 22387     +-----------+ are (usually) not the opinions 
e-mail: menden@informatik.tu-muenchen.de     | of anyone else on this planet.

Hi! I'm a .signature virus!  Add me to your .signature and join in the fun!

--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Follow-Ups:
- Re: Draft: Security Alert Announce#1 Debian/GNU Linux
  - From: Juergen Menden <menden@informatik.tu-muenchen.de>

References:
- Draft: Security Alert Announce#1 Debian/GNU Linux
  - From: lists@lina.inka.de (Bernd Eckenfels)

Prev by Date: Re: Draft: Security Alert Announce#1 Debian/GNU Linux
Next by Date: Re: Draft: Security Alert Announce#1 Debian/GNU Linux
Previous by thread: Re: Draft: Security Alert Announce#1 Debian/GNU Linux
Next by thread: Re: Draft: Security Alert Announce#1 Debian/GNU Linux
Index(es):
- Date
- Thread