The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: URGENT/IMPORTANT: Linux/FreeBSD lpr stuff

To: "Alexander O. Yuriev" <alex@bach.cis.temple.edu>
Subject: Re: URGENT/IMPORTANT: Linux/FreeBSD lpr stuff
From: Sven Rudolph <sr1@os.inf.tu-dresden.de>
Date: Tue, 29 Oct 1996 22:33:38 +0100
Cc: security@debian.org
Delivered-to: security@debian.org
Importance: low
In-reply-to: "Alexander O. Yuriev"'s message of Mon, 28 Oct 1996 12:29:04 -0500
Priority: non-urgent
References: <199610281729.MAA28027@bach.cis.temple.edu>
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"3jQ3x.0.1t1.pidTo"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

In article <199610281729.MAA28027@bach.cis.temple.edu> "Alexander O. Yuriev" <alex@bach.cis.temple.edu> writes:

> 	This is a call for official fixes for the lpr vulnerabilities which
> 	are to be included into the upcoming LSF Update. Please note that
> 	other platforms such as BSD running on x86 achitecture also
> 	appear to be vulnerable. 

On Debian GNU/Linux the BSD-derived lpd subsystem is replaced by
LPRng; however the LPRng package for Debian is quite new. (I already
worked on preparing and testing LPRng, so I released it instead of
fixing BSD lpr's security hole.)

The package will be available from all Debian FTP archives
(unfortunately it isn't there yet due to mirroring delays).

The the canonical source for the i386 package is
ftp.debian.org:/debian/Debian-1.1-updates/binary-i386/lprng_2.3.12-3.deb

The original announcement (in a Debian-specific format) contains the
md5sums for source and binary:

-----BEGIN PGP SIGNED MESSAGE-----

Format: 1.5
Date: Mon, 7 Oct 1996 19:10:48 +0200
Source: lprng
Binary: lprng
Architecture: source i386
Version: 2.3.12-3
Distribution: unstable stable
Urgency: high
Maintainer: Sven Rudolph <sr1@inf.tu-dresden.de>
Description: 
 lprng      - lpr/lpd printer spooling system
Changes: 
 lprng (2.3.12-3) unstable stable; urgency=high
 .
   * moved to unstable and stable
   * replaces lpr which has security problems
Files: 
 3e2596c962c8f735cb55e3e71d747555 601 net optional lprng_2.3.12-3.dsc
 f1c23e214a752e1c2dab2399b3457d2d 634830 net optional lprng_2.3.12.orig.tar.gz
 18ec67923700ff932ed93ec0ea0c17fa 9854 net optional lprng_2.3.12-3.diff.gz
 f28798ef594cc3d06d5c9b8e3195b54c 450178 net optional lprng_2.3.12-3_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i

iQCVAwUBMnT3JvcN927BSdxBAQEouQQAlca4GGtCYbDvRokfdNJ9xg8Zd5UFLMg0
dZmBl7DTcwYzUsLGsId11ITc/rlAayHjRdFHdTSdn2dw5n1J73pgOCtgWGv4bq1t
KCd9Db+rrDDvD0e1hEqE+3pK5Ci6JUTHFvFXzRyud2r9bV1l7hyM4dQZ8DrWNpYl
52a1D+JOcb8=
=I1pp
-----END PGP SIGNATURE-----


	Sven
-- 
Sven Rudolph <sr1@inf.tu-dresden.de> ; WWW : http://www.sax.de/~sr1/

--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Follow-Ups:
- Re: URGENT/IMPORTANT: Linux/FreeBSD lpr stuff
  - From: Dan Stromberg <strombrg@hydra.acs.uci.edu>

References:
- URGENT/IMPORTANT: Linux/FreeBSD lpr stuff
  - From: "Alexander O. Yuriev" <alex@bach.cis.temple.edu>

Prev by Date: Re: Zircon
Next by Date: Re: URGENT/IMPORTANT: Linux/FreeBSD lpr stuff
Previous by thread: URGENT/IMPORTANT: Linux/FreeBSD lpr stuff
Next by thread: Re: URGENT/IMPORTANT: Linux/FreeBSD lpr stuff
Index(es):
- Date
- Thread