Mans Matulewicz | 1 Aug 01:15 2003
Picon
Picon

Re: emerge security updates?

This weekend I gonna try to make a pageripper that uses the anounce
forum to create that XML if you are intrested. I dont have any clue in
what timespan i will finish it. 

cyber

PS if the Gentoo forum admin tells not todo I dont even start.

if you have this message already i got a failure notice back so i resend

On Thu, 2003-07-31 at 22:37, Marius Mauch wrote:
> On 07/31/03  mndfreeze <at> crackrock.net wrote:
> 
> > Im wondering if there is an option to do something similar to emerge
> > world -u --deep, but that ONLY applise security updates.  I have alot
> > of production machines running gentoo that I dont want to emerge world
> > and rebuild half the machine, but think a security option somewhere
> > (make.conf perhaps, with tags in ebuilds or something) would be a
> > great idea if it doesnt already exist. 
> 
> I've written a little tool to do that, the main problem is that it
> requires the GLSA in a XML form and I've not written a converter yet. If
> you're interested in the code or DTD check
> http://gentoo.devel-net.org/glsa (oh, and there are no docs yet ;).
> 
> Marius
> 
> --
> gentoo-security <at> gentoo.org mailing list
> 
(Continue reading)

Cliff Hazell | 1 Aug 01:18 2003
Picon

duplicate message.

I keep getting every single message to this list twice.
It's somewhat annoying. I'm not sure if this is a list specific problem
or just me ? anyone else have this problem ?

I am on a number of other  <at> gentoo.org lists (announce, GWN, cvs etc) and
this doesn't happen on those. or on any of the other mailing lists (non
gentoo)

ideas and/or solutions would be appreaciated.

Cliff
--

-- 
"Jesus saves! Moses has the Rebound... he shooots ... he SCORES!!!"
Jason Short | 1 Aug 01:31 2003

Re: duplicate message.

This address is subscribed to -announce, -desktop, -dev, -gwn, -hardened, -security, -server, and
-user.  It has not received more than one copy of any messages in the past several days.

Check the Return-Path headers of the messages in question.  Each message has a sequential message number as
well as the full address to which it was sent.  You might be subscribed under multiple addresses that are
aliased to the same mailbox.

If you're asking about the post "Re: [gentoo-security] emerge security updates?" from "Mans Matulewicz
<cybermans <at> xs4all.nl>", then the answer is "he sent it twice".  Go figure.

On 01 Aug 2003 01:18:12 +0200
Cliff Hazell <cliff <at> imaginet.co.za> wrote:

> I keep getting every single message to this list twice.
> It's somewhat annoying. I'm not sure if this is a list specific problem
> or just me ? anyone else have this problem ?
> 
> I am on a number of other  <at> gentoo.org lists (announce, GWN, cvs etc) and
> this doesn't happen on those. or on any of the other mailing lists (non
> gentoo)
Tim Head | 1 Aug 02:41 2003
Picon

Re: emerge security updates?


Hi

i just talked to marius in #gentoo-server about his tool and now I see
this little caht going on here;]]

I thought that it perhaps would be nice to have a emaila dress on every
production machine subscribed to -announce and a little script that
reads the glsa and creates the xml out of it.

Pro:
* no extra work for the GLSA admins
* the GLSA are spread very fast and you can verify that they are real
because of the GPG/PGP key Daniel Ahlberg uses

Con:
* you need a damn smart script that understands the text of the email
and can convert it to xml eg it isn't sure that the steps you have to
perform to have a secure system again will always be at the end and one
command per line

Perhaps you could convince Daniel that he sends the cml formated GLSA as
an attachment to his mails. Then you would save the "damn smart script"
part, dunno perhaps we should put the GLSA somewhere else also because a
attacker could somehow block your smtp server and then attack your host
via a hole that was just announced and you don't know about, perhaps
this is unlikley but still..;]]
someone could run a little webpage with a index or they are placed
somewhere on the gentoo.org host

(Continue reading)

Patrick Hsieh | 1 Aug 07:46 2003
Picon

several 2.4 kernel vulnerabilities

http://lwn.net/Vulnerabilities/40595/

Is the gentoo-sources or any other kernel source flavors in the portage
already has put these patches? Debian just released DSA-358-1
http://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00155.html
and I'm afraid these patchs could be very critical.

--

-- 
Patrick Hsieh <pahud <at> ezplay.tv>

--
gentoo-security <at> gentoo.org mailing list

Mans Matulewicz | 1 Aug 17:54 2003
Picon
Picon

Re: emerge security updates?

Hi,
I am working now on a script that uses the anounce forum as source. From
that data i will parse an xml script. I prefer that this script is run
from a host with an https posability because of some extra protection
(if you find this useless notify me). For bandwith savings all the
anounces will be saved in a database so the script will only be updating
if there is no update last x minutes (dont want to dos the forum
server). I think that would give an acceptable delay. I hope that I can
still use the gpg sigs check (this needs a server capable of this or am
I wrong?). Because of the lack at a highspeed connection i am not be
able to run the public version.

cyber

----
You must realize that the computer has it in for you.  The irrefutable
proof of this is that the computer always does what you tell it to do.

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> Hi
>
> i just talked to marius in #gentoo-server about his tool and now I see
> this little caht going on here;]]
>
> I thought that it perhaps would be nice to have a emaila dress on
every
> production machine subscribed to -announce and a little script that
> reads the glsa and creates the xml out of it.
(Continue reading)

Thomas T. Veldhouse | 8 Aug 15:43 2003
Picon

Firewall logging and syslog

I am not a syslog expert, so need some help.  I have rules in my firewall
for logging, but currently, it is all logged into my syslog file.  How do I
setup syslog to filter them out and put them in a separate file.  Does
anybody here have a scheme for this?  What I mean is, do you use multiple
files for various firewall rules?  How did you set this up?

Thanks in advance,

Tom Veldhouse

--
gentoo-security <at> gentoo.org mailing list

Stephen Clowater | 8 Aug 19:19 2003

Re: Firewall logging and syslog

I'm not sure about syslog, But I use metalog and then edit metalog.conf and
add in the 'kern'
facility a line 'command =' and then point it at a bash script that checks
for the log prefix
I put in iptables, if its there, it appends it to my log file, if not, it
disregards it, and the other
directive in the kern facility preform normal logging as not to comprimise
meta logs way of
logging things.

I havent worked with syslog in a while, but if you direct * at a bash
script, you should be able to
pick up your log prefixes and append them to a file.

----- Original Message ----- 
From: "Thomas T. Veldhouse" <veldy <at> veldy.net>
To: <gentoo-security <at> gentoo.org>
Sent: Friday, August 08, 2003 10:43 AM
Subject: [gentoo-security] Firewall logging and syslog

> I am not a syslog expert, so need some help.  I have rules in my firewall
> for logging, but currently, it is all logged into my syslog file.  How do
I
> setup syslog to filter them out and put them in a separate file.  Does
> anybody here have a scheme for this?  What I mean is, do you use multiple
> files for various firewall rules?  How did you set this up?
>
> Thanks in advance,
>
> Tom Veldhouse
(Continue reading)

Jeremy Bowers | 8 Aug 17:07 2003

GLSA announcements

I subscribed to this list because I had hoped the GLSA announcements 
would be echoed to it. Evidently not.

Can we either get GLSA announcements echoed here, or can someone tell me 
where I can go to to get them e-mailed to me? Other then the weekly 
newsletter, there's nowhere *obvious* I could find to find them at all, 
let alone have them conveniently emailed to me in a timely fashion.

--
gentoo-security <at> gentoo.org mailing list

Joby Walker | 8 Aug 17:10 2003

Re: GLSA announcements

GLSA's are released on gentoo-announce.

jbw

Jeremy Bowers wrote:
> I subscribed to this list because I had hoped the GLSA announcements 
> would be echoed to it. Evidently not.
> 
> Can we either get GLSA announcements echoed here, or can someone tell me 
> where I can go to to get them e-mailed to me? Other then the weekly 
> newsletter, there's nowhere *obvious* I could find to find them at all, 
> let alone have them conveniently emailed to me in a timely fashion.
> 
> 
> -- 
> gentoo-security <at> gentoo.org mailing list
> 
Attachment (smime.p7s): application/x-pkcs7-signature, 4627 bytes

Gmane