gmane.linux.redhat.fedora.security

Breakpoint 2012 Call For Papers

2012-05-10T11:48:16

                 . ______________________________________
                 ._\\.         Breakpoint 2012           (___.
                 :          Intercontinental Rialto          :
                 :           Melbourne,  Australia           :
                 :             October 17th-18th             :
                 :__                                    . ___:
                    )____________________________________\\
                                                            .
                          www.ruxconbreakpoint.com
                          www.twitter.com/ruxconbpx



Introduction
------------

 Breakpoint is a new security conference to be held on the 17th and 18th of
 October, in Melbourne Australia. The event will show case the work of expert
 security researchers from around the world on a wide range of topics.
 Breakpoint is organised by the Ruxcon conference team and will offer a
 specialised and more professional security conference to complement and lead
 into the larger and

Ruxcon 2012 Call For Papers

2012-04-19T05:04:06

Ruxcon 2012 Call For Papers

The Ruxcon team is pleased to announce the call for papers for the 2012 annual Ruxcon conference.

This year the conference will take place over the weekend of 20th and 21st of October at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 15th of July.


* What is Ruxcon?

Ruxcon is the premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations.

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

For more information, please visit http://www.ruxcon.

Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02for GnuTLS and Libtasn1

Security — 2012-03-21T02:14:00

Hello Open Source Distributors,

Any libgnutls and libtasn1 packages you may have in your environments should be updated to the latest versions in order to correct the below vulnerabilities we released today. Various popular packages such as Wireshark / tshark use these packages and could also be affected.

http://www.gnu.org/software/gnutls/security.html
http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/

Regards,
Matthew Hall
Mu Dynamics Research Team
Mu Dynamics, Inc.

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1

TLS record handling vulnerability in GnuTLS [MU-201202-01]
ASN.1 length decoding vulnerability in Libtasn1 [MU-201202-02]

20 March 2012

http://blog.mudynamics.com/2012/03/20/gnutls-and-libtasn1-vulns/
http://labs.mudynamics.com/advisories.html

Affected Products/Versions:

* libgnutls up to 3.0.16.
* libtasn1 up to 2.11.

Product Overview:

GnuTLS is an open source implementation of SSL,

Re: Upgrade Unhide package

Rakesh Pandit — 2012-03-12T07:00:10

----- Original Message -----

Currently over burdened with my day job. I will look at updating this packaging on weekend. In case proven packager in list can do it before me reaching on it please go ahead.

Regards,
--
security mailing list
security< at >lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security

Re: Upgrade Unhide package

Eric H. Christensen — 2012-03-10T03:17:09

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sat, Mar 10, 2012 at 03:58:38AM +0100, Yago Jesus wrote:

The package maintainer of unhide is Rakesh Pandit and can be reached at rpandit< at >redhat.com.

- -- Eric

- --------------------------------------------------
Eric H Christensen        eric< at >christensenplace.us
"Sparks"                  sparks< at >fedoraproject.org
    .... . .-.. .-.. ---  .-- --- .-. .-.. -..
097C 82C3 52DF C64A 50C2  E3A3 8076 ABDE 024B B3D1
- --------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)

iQIcBAEBAgAGBQJPWse1AAoJEIB2q94CS7PRZUAQAN6jpfKD4Zgoh7OCDoAvfz+V
xhGZ7JJXdv0J6XR6aEW0h5oCj/Oo7EiabqIypohdeqmYXKE+C3LOG+wJPSfhqXug
TFmulXdiv0YYk9uUzZbVRQQ3AZsoDdselwrNlUw4TOR2JEfko2n103Sxgz+Bx2LV
A2uK5eEyQXHE2vsGtGR3v0wylu7MS0jddCh22SEoCZiBipTJ/6jeENLAtJvbLORo
wwpKZhWDA17J2UAkC/w1EOjJ9MVvuafvf2yRit4zG47MaPRP8JPRyzgImyDnsDS9
HAiHxBYyZOnmdmJANl0T5s+90S0R3GxOME/+AT0tjAOFw8MITf6xXsllkI5TLU3w
w8B+0nRKHFC59JJPKpN4Bpi1qJLSurxyrTyULlPUGTqzO8iWn

Re: Upgrade Unhide package

Yago Jesus — 2012-03-10T14:40:20

Thanks, Eric, Tristan, Bruno. Im going to open a case in bugzilla

Sorry for the noise in the mail-list :)

2012/3/10 Bruno Wolff III <bruno< at >wolff.to>:
--
security mailing list
security< at >lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security

Re: Upgrade Unhide package

Bruno Wolff III — 2012-03-10T14:35:37

On Sat, Mar 10, 2012 at 03:58:38 +0100,
  Yago Jesus <yjesus< at >security-projects.com> wrote:

Normally the right thing to do is to file an RFE bug against the package.
If the packager isn't active then this might not work too well.
--
security mailing list
security< at >lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security

Re: Upgrade Unhide package

Tristan Santore — 2012-03-10T07:04:58

Hello Yago,

You would have to contact the package maintainer to address the issues
you mentioned. If you are the developer, how about either becoming the
maintainer yourself or becoming a co-maintainer ?
Maybe the current package maintainer has abandoned the packaging process
or has other work commitments, so has been too busy to apply updates.
Please also note, we generally try and keep some kind of version
stability with each release, but that does not mean patches and fixes
are not welcome or desired.

With regards to contacting the right people, you could join
#fedora-devel on irc freenode. Or find the right mailing list.

I hope this helps.

Regards,

Tristan

P.S: You did contact the wrong list, this list is for security issues or
incidences. If there is a security issue with your package please file a
bugzilla on bugzilla.redhat.com.

Upgrade Unhide package

Yago Jesus — 2012-03-10T02:58:38

Hi,

I don't know if this is the correct mail list so if I make a mistake,
please accept my apologizes.

I'm the author of Unhide http://www.unhide-forensics.info and I have
noted that Unhide package from Fedora is outdated. I think you should
upgrade the package because the new releases of Unhide improves the
tool and fixes some bugs.

Thanks
--
security mailing list
security< at >lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security

Re: Self introduction

Tristan Santore — 2012-03-03T00:26:48

Christoper,

This list is mainly a security response list, not a public forum for
security issue. I am not quite sure what other advice I can give you, if
you are interested in security related issues.

Regards,

Tristan

Self introduction

Christopher Meng — 2012-03-03T00:13:31

Hi everyone,I just join this list in order to help improving the security team.

Re: security Digest, Vol 51, Issue 1

Tristan Santore — 2011-12-20T15:55:44

Hello,
Anything is possible, although it might result in some undesired
results. Why not just use a live disc ?

Also, this list is for security reports, not end-user support. Please
either add the fedora mailing list, and ask your question there, or join
#fedora on the irc network freenode.

https://lists.fedoraproject.org/mailman/listinfo

Look for users list.

I hope that helps.

Regards,
Tristan

thank you very much for the excellent Fedora

2011-12-19T13:31:44

Good morning,
thank you very much for the excellent Fedora.
I worry about safety, surf the Internet without antivitus.
Is it possible to configure the system or boot partition for the linux
read-only?
Thus, placing the system in a partition of the data reading and a read /
write the system is not corrupt.

Greetings and thank you very much.

Roberto


--
security mailing list
security< at >lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security

Re: Review Request: python-pyflag - Forensic and Log Analysis GUI

soumya chakraborty — 2011-11-25T15:11:46

devel list then

Regards,

Soumya

Re: security Digest, Vol 50, Issue 1

Tristan Santore — 2011-11-25T12:06:51

Soumya,

you are barking at the wrong tree here. You should find a trusted
packager, that is willing to review the package request. You would be
better off requesting that on the devel list.

https://admin.fedoraproject.org/mailman/listinfo/devel

Regards,

Tristan

Review Request: python-pyflag - Forensic and Log Analysis GUI

soumya chakraborty — 2011-11-24T21:07:33

Hi

Please review the package request for
Pyflag<http://www.pyflag.net/cgi-bin/moin.cgi>.
This is in the packaging wishlist for Fedora Security Spin. The only
problem I found with packaging this tool was a no show from upstream. After
sending mails and pinging them in #irc didn't help to get a single
response. The package which is build has a "Incorrect fsf address" error
which cannot be removed by me and can be only be sorted out by the upstream.

Please review the package and let me know the suggestions The Bugzilla link
is here <https://bugzilla.redhat.com/show_bug.cgi?id=756856> .

Thanks,
---------------------------------------
Soumya Kanti Chakraborty
--
security mailing list
security< at >lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/security

Ruxcon 2011 Final Call For Papers

2011-08-15T10:53:07

Ruxcon 2011 Final Call For Papers

The Ruxcon team is pleased to announce the final call for papers for the seventh annual Ruxcon conference.

This year the conference will take place over the weekend of 19th and 20th of November at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 15th of October.

* What is Ruxcon?

Ruxcon is the premier technical computer security conference in the Australia-Pacific region. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations.

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

For more information

Ruxcon 2011 Final Call For Papers

2011-08-15T10:53:07

Ruxcon 2011 Final Call For Papers

The Ruxcon team is pleased to announce the final call for papers for the seventh annual Ruxcon conference.

This year the conference will take place over the weekend of 19th and 20th of November at the CQ Function Centre, Melbourne, Australia.

The deadline for submissions is the 15th of October.

* What is Ruxcon?

Ruxcon is the premier technical computer security conference in the Australia-Pacific region. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations.

The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security.

Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community.

For more information

Re: Fedora Security URL full Path!

Matt McCutchen — 2011-08-04T01:18:15

This is not a security question, even if you are using the answer for
some kind of security update tracking.

To answer your question, look at the yum repo files in the
fedora-release package (on a Fedora system or download the desired
version manually from
http://koji.fedoraproject.org/koji/packageinfo?packageID=9) and append
repodata/primary.xml.gz to the basedir entries.

Fedora Security URL full Path!

Jan Muhammad — 2011-08-03T17:25:15

Hi Group,

In configuring my Patch Management System-- Pakiti (http://pakiti.sourceforge.net/), I need to specify the URL for Fedora based OS. 

What would be the URL to put the full path to the file which contains the list of packages
provided by the repository?
For example the Scientific Linux has URL to full path:
http://linuxsoft.cern.ch/cern/slc54/x86_64/yum/os/repodata/primary.xml.gz


Also the Debian based systems working with following details:

Repository Name: Debian 5.x main
Select architecture: x86_64
URL:
http://security.ubuntu.com/ubuntu/dists/karmic-security/main/binary-amd64/Packages.gz
Tick contains security updates
Select OS group: Debian 5.x

Thanks in advance for help!

Regards

-Jan

one numpty later

Tim Thomas — 2011-06-20T20:37:23

Hi again, I realised just after I sent the last mail and went in to disable
the wife's acct, her acct was set 'yes' to auto log on. Is this causing the
problem when I am logged in? (mine set to no) I have disabled her auto log
on for now.

T