 |
|
|
|
|
|
| principal nivel superior enviar artículo buscar administrar acerca de ... rdf rss main |
Posted by Víctor Martínez Martínez on Friday January 30, @08:40PM el 2009from the Tremendas vacaciones dept. Reporte de actividades 14 de diciembre 2008 al 30 de enero 2009 Diciembre 15 5 mensajes de spam en la cola de la lista icme. Se purgan. Esta lista fue creada para la administración del evento en Monterrey, he de imaginar que ya no tiene uso (sirvio 4 años), la pongo en que descarte automáticamente todos los mensajes que le lleguen que no sean de los suscritos, ¿la cierro o archivo? Diciembre 16 He modificado la lista icme a: generic_nonmember_action=discard Para que cualquier mensaje enviado por alguien no suscrito a la lista sea rechazado en automático. http://tech.groups.yahoo.com/group/squishdot/message/2678 Postee nuestro problema con Squishdot en la lista (en realidad desde el 11 http://tech.groups.yahoo.com/group/squishdot/message/2676 ) al 30 de enero de 2009 sigo esperando solución por que me dicen que solo aplique el fixdot, que si corre, pero al migrar hacia arriba la cosa no funciona. Diciembre 18 Tratando de activar captchas en icme11.org no satisfactorio, 2 o un poco mas de horas en el proceso... parece que crea conflictos con otros módulos, y no desactivo que envíen comentarios, puesto que los visitantes aun utilizan la forma de contacto. Diciembre 19 Junta de trabajo 3 horas. Diciembre 21 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1678-2 security@debian.org http://www.debian.org/security/ Florian Weimer December 21, 2008 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : perl Vulnerability : design flaws Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-5302 CVE-2008-5303 Debian Bug : 286905 286922 479317 The perl update in DSA-1678-1 contains a regression which is triggered by some Perl scripts which have changed into the directory tree removed by File::Path::rmtree. In particular, this happens if File::Temp::tempdir is used. This new update corrects this regression. Diciembre 22 Se cancela el VPS en Tektonic puesto que la prueba comparativa ha terminado Enero 2 janus - ------------------------------------------------------------------------ Debian Security Advisory DSA-1695-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 02, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : ruby1.8, ruby1.9 Vulnerability : memory leak Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2008-3443 Debian Bug : 494401 The following packages will be upgraded: irb1.8 libopenssl-ruby1.8 libreadline-ruby1.8 libruby1.8 rdoc1.8 ruby1.8 ruby1.8-dev ruby1.8-elisp xterm 9 packages upgraded, 0 newly installed, 0 to remove and 0 not upgraded. Need to get 4114kB of archives. After unpacking 745kB will be freed. Writing extended state information... Done Enero 6 Varias maquinas en Ajusco afectadas. [SECURITY] [DSA 1694-2] New xterm packages fix regression -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------------ Debian Security Advisory DSA-1694-2 security@debian.org http://www.debian.org/security/ Florian Weimer January 06, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : xterm Vulnerability : design flaw Problem type : local (remote) Debian-specific: no CVE Id(s) : CVE-2008-2383 Debian Bug : 510030 The xterm update in DSA-1694-1 disabled font changing as a precaution. However, users reported that they need this feature. The update in this DSA makes font shifting through escape sequences configurable, using a new allowFontOps X resource, and unconditionally enables font changing through keyboard sequences. Enero 9 echoed If your wiki is installed under a "wiki." subdomain See also: Short URL like wiki.example.com/Page_title in the MediaWiki Manual 1. Install MediaWiki in a directory, e.g., ~/wiki.yourdomain.com/ 2. Configure your wiki as normal with ugly URLs 3. Modify the following options in LocalSettings.php $wgScriptPath = ""; $wgScript = "$wgScriptPath/index.php"; $wgRedirectScript = "$wgScriptPath/redirect.php"; $wgArticlePath = "$wgScriptPath/$1"; 1. In the ROOT directory of wiki.yourdomain.com place the following .htaccess file: RewriteEngine on RewriteBase / RewriteCond %{REQUEST_URI} !^/(skins|stylesheets|images|config)/ RewriteCond %{REQUEST_URI} !^/(redirect|texvc|index).php RewriteRule ^(.*)$ /index.php?title=$1 [L,QSA] Nice URLS on fisicos68. Enero 9 Xc9 got all twext dir permission wrong, ticket up, go and back 8 hours after we got the site up again. (It also affected other wikis we had on DH, but for other reasons that DH can’t reproduce and fixed “automagically”) Enero 12 Linux, Janus y Avalon actualizados. - ------------------------------------------------------------------------ Debian Security Advisory DSA-1703-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : bind9 Vulnerability : interpretation conflict Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-0025 It was discovered that BIND, an implementation of the DNS protocol suite, does not properly check the result of an OpenSSL function which is used to verify DSA cryptographic signatures. As a result, incorrect DNS resource records in zones protected by DNSSEC could be accepted as genuine. Linux, shmate, janus y otros actualizados. - ------------------------------------------------------------------------ Debian Security Advisory DSA-1702-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : ntp Vulnerability : interpretation conflict Problem type : remote Debian-specific: no CVE Id(s) : CVE-2009-0021 Debian Bug : 511227 It has been discovered that NTP, an implementation of the Network Time Protocol, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which may ultimately lead to the acceptance of unauthenticated time information. (Note that cryptographic authentication of time servers is often not enabled in the first place.) - ------------------------------------------------------------------------ Debian Security Advisory DSA-1701-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 12, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : openssl, openssl097 Vulnerability : interpretation conflict Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-5077 Debian Bug : 511196 It was discovered that OpenSSL does not properly verify DSA signatures on X.509 certificates due to an API misuse, potentially leading to the acceptance of incorrect X.509 certificates as genuine (CVE-2008-5077). Enero 13 cl@jerx.net = cl@lists.jerx.net Investigar OS para router linksys. Sugiero OpenWRT Enero 19 Actualizado en linux - ------------------------------------------------------------------------ Debian Security Advisory DSA-1708-1 security@debian.org http://www.debian.org/security/ Florian Weimer January 19, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : git-core Vulnerability : shell command injection Problem type : remote Debian-specific: no CVE Id(s) : CVE-2008-5516 CVE-2008-5517 Debian Bug : 512330 It was discovered that gitweb, the web interface for the Git version control system, contained several vulnerabilities: Remote attackers could use crafted requests to execute shell commands on the web server, using the snapshot generation and pickaxe search functionality (CVE-2008-5516). Local users with write access to the configuration of a Git repository served by gitweb could cause gitweb to execute arbitrary shell commands with the permission of the web server (CVE-2008-5517). Enero 21 Afecta nuestros equipos en Ajusco. - ------------------------------------------------------------------------ Debian Security Advisory DSA-1709-1 security@debian.org http://www.debian.org/security/ Thijs Kinkhorst January 21, 2009 http://www.debian.org/security/faq - ------------------------------------------------------------------------ Package : shadow Vulnerability : race condition Problem type : local Debian-specific: no CVE Id(s) : CVE-2008-5394 Debian Bug : 505271 Paul Szabo discovered that login, the system login tool, did not correctly handle symlinks while setting up tty permissions. If a local attacker were able to gain control of the system utmp file, they could cause login to change the ownership and permissions on arbitrary files, leading to a root privilege escalation. Enero 24 Twext.com fuera de línea durante varias horas… soporte no tiene ni idea de por que xc9 estaba desactivado, proceden a reactivarlo después de levantar ticket (3 horas después). Enero 30 Gunnar: Pidió ser retirado del alias squishmaster y de la lista talleres. < Reporte 30-I-09 | Akismet >
|
|
|||||||||||
|
|||||||||||||
 |
||
 
|
"Any system that depends on reliability is unreliable." -- Nogg's Postulate | |
| All trademarks and copyrights on this page are owned by their respective companies. Comments are owned by the Poster. The Rest ©1999 Butch Landingin. | ||
Reporte de actividades 14 de diciembre 2008 al 30 de enero 2009 
