The next (maybe next next? There is a security update to do) version of net-snmp for #Debian will have TLS and DTLS enabled as well as the transport security model. This means the authentication can be done at the lower layers (e.g. the TLS level) instead of in the SNMP layer.
They would have been there a day earlier except I forgot to actually sign and upload them!
5.4.2 is a security release and fixes about 6 security vulnerabilities plus an annoying problem where spammers can use the brief time between sending a spammy comment and it getting deleted.
#autopkgtest is very useful facility to check for Debian packages as-installed. It probably has the second-worst documentation in history (the first being sendmail).
If I actually understood it, I'd fix the documentation, but I don't.
The #debian project is planning on holding a mini DebConf online.
This will be "4 days of Debianites working together to improve Debian" and will be totally online like all the cool kids are doing.
It will be 28-31st May 2020, more details at https://wiki.debian.org/DebianEvents/internet/2020/MiniDebConfOnline
Guess what? #wordpress have release a new version and its a security fix. There are 6 security bugs fixed, they even have CVE IDs! Much excitement.
Pretty much every version of wordpress is vulnerable except for CVE-2020-11030 because the block editor is new from about WordPress 5.0 or so.
I'll be cooking up the #Debian packages this weekend.
I can't really see much that is different. They have done some enhancements in the editor and there is a new 2020 theme but other than that, its the same WordPress you know and love (or hate, or both, whatever).
Found a curious bug in the #debian #wordpress package last night. There is a reasonably old security patch for CVE-2017-14990 where the activation key is stored in plaintext for multisite users (normal users it's hashed).
Anyway it's a broken patch because it doesn't decide the user id. Easy to fix but I never used it before.
Debian packages now should be source only, otherwise they won't make it to bullseye ( the next release).
So the wiki has the flags to add to build source only, so that's all you need to do?
debsign and debrelease need to be told too. ( Both with -S)
So the #debian toolchain will create a package that is guaranteed to be rejected using the default setup. The only way to fix it is to use two different sets of options.
Installing #debian on a laptop that needs non-free firmware for the wifi to work, is there anything more frustrating?
It's pretty bad if a Debian user of over 20 years still struggles with this process, find the firmware its right there dammit.
WordPress version 5.2.3 is now out which is a security release. It fixes a bunch of XSS problems and some sanitization problems. Debian packages soon.
So I started to work on the new #debian snmp packages that use net-snmp 5.8
The snmpd daemon fails to start and initial debugging shows it attempting to bind to UDP port 161 *twice* ; which is why it bugs out.
So next part of the puzzle is why twice?
Free Software programmer, network engineer and Debian developer.
100% tomato verified. 🍅✔
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!