Collaborate Disseminate
I have a completely up-to-date debian bullseye system. However, debsecan tool running on it retrieve more than 800 vulnerable packages.
Does it mean that all of these packages are vulnerable and even if my Debian system is totally up-to-da… Continue reading debsecan still retrieves +800 packages impacted by vulnerabilities on up-to-date bullseye system
my Parrot OS is doing weird things. Sometimes it shows a cross before my username. E.g if i use gpg. Like here:
If i run smth with firejail it always says:
"Warning an abstract Session D-BUS might still be available"
"/usr… Continue reading Is Parrot OS always so buggy? [migrated]
I’m digging into UUIDv1 generation and bruteforce, in order to take control of a password reset feature of a website which sends a link with a get parameter token=UUIDvX.
I’m trying to identify which version of UUID hashing algorithm the s… Continue reading Guessing UUIDv1 hashes?
I’m trying to build a base image that pulls from php:7.3-fpm, which is built on debian:buster-slim. The php:7.3-fpm base image has vulnerabilities out of the box, like https://security-tracker.debian.org/tracker/CVE-2019-3844 and https://s… Continue reading Remediating base image vulnerabilities
Usually people say directly using root account is a very bad idea. However, my current setting is like this: to achieve a higher level of isolation, all services have their own virtual machine instances.
In this scenario, is it okay to sim… Continue reading Can I use root account if every server only runs one service [Debian/Ubuntu Server]
RemotePC has updated their remote access for Linux offering with new features: Linux Remote Sound – enables users to listen to audio files from the remote machine on their local device Linux Headless Server Remote Access Support – users can… Continue reading RemotePC adds new features for Linux remote access
An anonymous reader writes:
Debian Project Secretary Kurt Roeckx has announced the results of a closely-watched vote on what statement would be made about Richard Stallman’s readmission to the Free Software Foundation’s board.
Seven options were co… Continue reading Debian Votes to Issue No Statement on Stallman’s Return to the FSF Board
New submitter juul_advocate shares a report from iTWire: The outcome of a general resolution proposed by the Debian GNU/Linux project, to decide how to react to the return of Free Software Foundation founder Richard Stallman to the board, will be known… Continue reading Results of Debian Vote On Stallman To Be Known By April 17
Does the snapd package manager in Debian-based systems require successful cryptographic authentication and integrity validation for all packages?
I know that software downloaded with apt-get packages must be cryptographically verified beca… Continue reading Does snapd enforce cryptographic authentication and integrity validation by default for all packages? (debian, ubuntu)
Does the built-in apt package manager in Debian-based systems require successful cryptographic authentication and integrity validation for all packages?
My understanding was that software downloaded with apt-get packages would be cryptogra… Continue reading Does apt-get enforce cryptographic authentication and integrity validation by default for all packages? (debian, ubuntu)