MESSAGE
| DATE | 2007-02-17 |
| FROM | David Sugar
|
| SUBJECT | Re: [NYLXS - HANGOUT] [meissner@suse.de: [suse-security-announce] SUSE Security Announcement: samba remote denial of service (SUSE-SA:2007:016)]
|
How is this a "package management" issue?
Ruben Safir wrote:
> Speaking of Package Maangmeent
>
>
> ----- Forwarded message from Marcus Meissner -----
>
> Mailing-List: contact suse-security-announce-help-at-suse.com; run by ezmlm
> Precedence: bulk
> List-Post:
> List-Help:
> List-Unsubscribe:
> List-Subscribe:
> X-Mailinglist: suse-security-announce
> Delivered-To: mailing list suse-security-announce-at-suse.com
> Delivered-To: moderator for suse-security-announce-at-suse.com
> Date: Thu, 15 Feb 2007 16:03:13 +0100
> From: Marcus Meissner
> To: suse-security-announce-at-suse.com
> User-Agent: Heirloom mailx 12.1 6/15/06
> Subject: [suse-security-announce] SUSE Security Announcement: samba remote denial of service
> (SUSE-SA:2007:016)
> X-Keywords:
> X-UID: 30638
>
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> ______________________________________________________________________________
>
> SUSE Security Announcement
>
> Package: samba
> Announcement ID: SUSE-SA:2007:016
> Date: Thu, 15 Feb 2007 15:00:00 +0000
> Affected Products: SUSE LINUX 9.3
> SUSE LINUX 10.0
> SUSE LINUX 10.1
> openSUSE 10.2
> SUSE SLES 9
> Novell Linux Desktop 9
> Open Enterprise Server
> Novell Linux POS 9
> SUSE SLED 10
> SUSE SLES 10
> Vulnerability Type: remote denial of service
> Severity (1-10): 5
> SUSE Default Package: yes
> Cross-References: CVE-2007-0452 CVE-2007-0453 CVE-2007-0454
>
> Content of This Advisory:
> 1) Security Vulnerability Resolved:
> samba remote denial of service
> Problem Description
> 2) Solution or Work-Around
> 3) Special Instructions and Notes
> 4) Package Location and Checksums
> 5) Pending Vulnerabilities, Solutions, and Work-Arounds:
> See SUSE Security Summary Report.
> 6) Authenticity Verification and Additional Information
>
> ______________________________________________________________________________
>
> 1) Problem Description and Brief Discussion
>
> The Samba daemon was affected by a security problem, where a
> logic error in the deferred open code can lead to an infinite loop
> (CVE-2007-0452).
>
> This problem could be used by remote authenticated attackers that
> have access to the samba daemon.
>
> Two other problems fixed in the upstream samba security release
> that do not affect the SUSE Samba version:
>
> - CVE-2007-0454: A format string problem in AFS ACL handling.
> None of our shipping Samba versions have this option compiled in.
>
> - CVE-2007-0453: A buffer overflow in nss_winbind on Solaris.
> Linux is generally not affected by this problem.
>
> 2) Solution or Work-Around
>
> There is no known workaround, please install the update packages.
>
> 3) Special Instructions and Notes
>
> None.
>
> 4) Package Location and Checksums
>
> The preferred method for installing security updates is to use the YaST
> Online Update (YOU) tool. YOU detects which updates are required and
> automatically performs the necessary steps to verify and install them.
> Alternatively, download the update packages for your distribution manually
> and verify their integrity by the methods listed in Section 6 of this
> announcement. Then install the packages using the command
>
> rpm -Fhv
>
> to apply the update, replacing with the filename of the
> downloaded RPM package.
>
>
> x86 Platform:
>
> openSUSE 10.2:
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/samba-3.0.23d-19.2.i586.rpm
> 6b4cb2859d1321648fd46c30a6cfd343
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/samba-client-3.0.23d-19.2.i586.rpm
> b168ff8f07a792bf6fb66a91c893ae33
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/i586/samba-winbind-3.0.23d-19.2.i586.rpm
> 23e180e09af077fd64b35d8154d414c6
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/samba-3.0.22-13.27.i586.rpm
> 898c1eb0d0d4f1c806ce7fb8907753d7
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/samba-client-3.0.22-13.27.i586.rpm
> d4f4efa7488aa12edd8f9ac2074fbbc3
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/i586/samba-winbind-3.0.22-13.27.i586.rpm
> f2d11fdea4fa460cfb5bda4e20fc5e86
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/i586/samba-3.0.20b-3.8.i586.rpm
> ce7bcec67ee32a5415d4cb5907ec0372
>
> SUSE LINUX 9.3:
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/i586/samba-3.0.13-1.6.i586.rpm
> 7cc438d1cc0e8d4f479844bfccc8f698
>
> Power PC Platform:
>
> openSUSE 10.2:
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/samba-3.0.23d-19.2.ppc.rpm
> d3b20aff8d493b48741b160c223bd268
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/samba-client-3.0.23d-19.2.ppc.rpm
> 790670189510dce128dca2f3f32f2b9c
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/ppc/samba-winbind-3.0.23d-19.2.ppc.rpm
> 43815e4efd08eae9e26242be281ba2fe
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/samba-3.0.22-13.27.ppc.rpm
> a2d2ce421081a74258c5328a5a432629
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/samba-client-3.0.22-13.27.ppc.rpm
> f86d3c623aadc34f1f64f173108f9c4b
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/ppc/samba-winbind-3.0.22-13.27.ppc.rpm
> b95e5643763b4f172adec030fa9033be
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/ppc/samba-3.0.20b-3.8.ppc.rpm
> 8badc1520efe79ac17b053be83648e46
>
> x86-64 Platform:
>
> openSUSE 10.2:
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-3.0.23d-19.2.x86_64.rpm
> a23ee65e112c499b91af6c00ab068efa
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-32bit-3.0.23d-19.2.x86_64.rpm
> 09785d54c57f6da705acfa0f911b0b8d
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-client-3.0.23d-19.2.x86_64.rpm
> c4b7be8c144842fd6947bfa7bf56891a
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-client-32bit-3.0.23d-19.2.x86_64.rpm
> 5a474e36e2f20b086138fb1d7a225942
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-winbind-3.0.23d-19.2.x86_64.rpm
> c3ebad542ec53b71d3641310f796b430
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/x86_64/samba-winbind-32bit-3.0.23d-19.2.x86_64.rpm
> 1d0480ab089c3be84de54bc6bad71910
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/samba-3.0.22-13.27.x86_64.rpm
> be6125ae205f2274150a29a4c251e8c0
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/samba-32bit-3.0.22-13.27.x86_64.rpm
> 6bd817cbdf52fd2e4ff8257442ba1d60
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/samba-client-3.0.22-13.27.x86_64.rpm
> 5cd72ad1de6b29173a9e3d23a1012b2c
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/samba-client-32bit-3.0.22-13.27.x86_64.rpm
> a6509bd2aa7b9c7421e4d1777ce2bba3
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/samba-winbind-3.0.22-13.27.x86_64.rpm
> 0d3cb4f0c3bcef1a5569dd5d72b3c73b
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/x86_64/samba-winbind-32bit-3.0.22-13.27.x86_64.rpm
> e9dbf740b218735e385a348524d31108
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/x86_64/samba-3.0.20b-3.8.x86_64.rpm
> f0ad5468ce42ff2631e9a6b3231010c1
>
> SUSE LINUX 9.3:
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/x86_64/samba-3.0.13-1.6.x86_64.rpm
> fbd0c2a208fd91da991e53b54fb1a57d
>
> Sources:
>
> openSUSE 10.2:
> ftp://ftp.suse.com/pub/suse/update/10.2/rpm/src/samba-3.0.23d-19.2.src.rpm
> 54d62f5dad95981f0ae894619d0f06ea
>
> SUSE LINUX 10.1:
> ftp://ftp.suse.com/pub/suse/update/10.1/rpm/src/samba-3.0.22-13.27.src.rpm
> 8b2e1c4b662fc43fa03fe1ba60342c00
>
> SUSE LINUX 10.0:
> ftp://ftp.suse.com/pub/suse/i386/update/10.0/rpm/src/samba-3.0.20b-3.8.src.rpm
> 9217074c11c43c30860be28b33f034dd
>
> SUSE LINUX 9.3:
> ftp://ftp.suse.com/pub/suse/i386/update/9.3/rpm/src/samba-3.0.13-1.6.src.rpm
> 117006e9e50e888e4848aa320e88b18d
>
> Our maintenance customers are notified individually. The packages are
> offered for installation from the maintenance web:
>
> SUSE SLES 10
> http://support.novell.com/techcenter/psdb/1324cf66bf45968bebbd721ece5f92c7.html
>
> SUSE SLED 10
> http://support.novell.com/techcenter/psdb/1324cf66bf45968bebbd721ece5f92c7.html
>
> Open Enterprise Server
> http://support.novell.com/techcenter/psdb/75665d46b2b2dc409e252b880a1ad2f4.html
>
> Novell Linux POS 9
> http://support.novell.com/techcenter/psdb/75665d46b2b2dc409e252b880a1ad2f4.html
>
> Novell Linux Desktop 9
> http://support.novell.com/techcenter/psdb/75665d46b2b2dc409e252b880a1ad2f4.html
>
> SUSE SLES 9
> http://support.novell.com/techcenter/psdb/75665d46b2b2dc409e252b880a1ad2f4.html
>
> ______________________________________________________________________________
>
> 5) Pending Vulnerabilities, Solutions, and Work-Arounds:
>
> See SUSE Security Summary Report.
> ______________________________________________________________________________
>
> 6) Authenticity Verification and Additional Information
>
> - Announcement authenticity verification:
>
> SUSE security announcements are published via mailing lists and on Web
> sites. The authenticity and integrity of a SUSE security announcement is
> guaranteed by a cryptographic signature in each announcement. All SUSE
> security announcements are published with a valid signature.
>
> To verify the signature of the announcement, save it as text into a file
> and run the command
>
> gpg --verify
>
> replacing with the name of the file where you saved the
> announcement. The output for a valid signature looks like:
>
> gpg: Signature made using RSA key ID 3D25D3D9
> gpg: Good signature from "SuSE Security Team "
>
> where is replaced by the date the document was signed.
>
> If the security team's key is not contained in your key ring, you can
> import it from the first installation CD. To import the key, use the
> command
>
> gpg --import gpg-pubkey-3d25d3d9-36e12d04.asc
>
> - Package authenticity verification:
>
> SUSE update packages are available on many mirror FTP servers all over the
> world. While this service is considered valuable and important to the free
> and open source software community, the authenticity and the integrity of
> a package needs to be verified to ensure that it has not been tampered
> with.
>
> There are two verification methods that can be used independently from
> each other to prove the authenticity of a downloaded file or RPM package:
>
> 1) Using the internal gpg signatures of the rpm package
> 2) MD5 checksums as provided in this announcement
>
> 1) The internal rpm package signatures provide an easy way to verify the
> authenticity of an RPM package. Use the command
>
> rpm -v --checksig
>
> to verify the signature of the package, replacing with the
> filename of the RPM package downloaded. The package is unmodified if it
> contains a valid signature from build-at-suse.de with the key ID 9C800ACA.
>
> This key is automatically imported into the RPM database (on
> RPMv4-based distributions) and the gpg key ring of 'root' during
> installation. You can also find it on the first installation CD and at
> the end of this announcement.
>
> 2) If you need an alternative means of verification, use the md5sum
> command to verify the authenticity of the packages. Execute the command
>
> md5sum
>
> after you downloaded the file from a SUSE FTP server or its mirrors.
> Then compare the resulting md5sum with the one that is listed in the
> SUSE security announcement. Because the announcement containing the
> checksums is cryptographically signed (by security-at-suse.de), the
> checksums show proof of the authenticity of the package if the
> signature of the announcement is valid. Note that the md5 sums
> published in the SUSE Security Announcements are valid for the
> respective packages only. Newer versions of these packages cannot be
> verified.
>
> - SUSE runs two security mailing lists to which any interested party may
> subscribe:
>
> opensuse-security-at-opensuse.org
> - General Linux and SUSE security discussion.
> All SUSE security announcements are sent to this list.
> To subscribe, send an e-mail to
> .
>
> suse-security-announce-at-suse.com
> - SUSE's announce-only mailing list.
> Only SUSE's security announcements are sent to this list.
> To subscribe, send an e-mail to
> .
>
> =====================================================================
> SUSE's security contact is or .
> The public key is listed below.
> =====================================================================
> ______________________________________________________________________________
>
> The information in this advisory may be distributed or reproduced,
> provided that the advisory is not modified in any way. In particular, the
> clear text signature should show proof of the authenticity of the text.
>
> SUSE Linux Products GmbH provides no warranties of any kind whatsoever
> with respect to the information contained in this security advisory.
>
> Type Bits/KeyID Date User ID
> pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team
> pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key
>
> - -----BEGIN PGP PUBLIC KEY BLOCK-----
> Version: GnuPG v1.4.2 (GNU/Linux)
>
> mQENAzbhLQQAAAEIAKAkXHe0lWRBXLpn38hMHy03F0I4Sszmoc8aaKJrhfhyMlOA
> BqvklPLE2f9UrI4Xc860gH79ZREwAgPt0pi6+SleNFLNcNFAuuHMLQOOsaMFatbz
> JR9i4m/lf6q929YROu5zB48rBAlcfTm+IBbijaEdnqpwGib45wE/Cfy6FAttBHQh
> 1Kp+r/jPbf1mYAvljUfHKuvbg8t2EIQz/5yGp+n5trn9pElfQO2cRBq8LFpf1l+U
> P7EKjFmlOq+Gs/fF98/dP3DfniSd78LQPq5vp8RL8nr/o2i7jkAQ33m4f1wOBWd+
> cZovrKXYlXiR+Bf7m2hpZo+/sAzhd7LmAD0l09kABRG0JVN1U0UgU2VjdXJpdHkg
> VGVhbSA8c2VjdXJpdHlAc3VzZS5kZT6JARUDBRA24S1H5Fiyh7HKPEUBAVcOB/9b
> yHYji1/+4Xc2GhvXK0FSJN0MGgeXgW47yxDL7gmR4mNgjlIOUHZj0PEpVjWepOJ7
> tQS3L9oP6cpj1Fj/XxuLbkp5VCQ61hpt54coQAvYrnT9rtWEGN+xmwejT1WmYmDJ
> xG+EGBXKr+XP69oIUl1E2JO3rXeklulgjqRKos4cdXKgyjWZ7CP9V9daRXDtje63
> Om8gwSdU/nCvhdRIWp/Vwbf7Ia8iZr9OJ5YuQl0DBG4qmGDDrvImgPAFkYFzwlqo
> choXFQ9y0YVCV41DnR+GYhwl2qBd81T8aXhihEGPIgaw3g8gd8B5o6mPVgl+nJqI
> BkEYGBusiag2pS6qwznZiQEVAwUQNuEtBHey5gA9JdPZAQFtOAf+KVh939b0J94u
> v/kpg4xs1LthlhquhbHcKNoVTNspugiC3qMPyvSX4XcBr2PC0cVkS4Z9PY9iCfT+
> x9WM96g39dAF+le2CCx7XISk9XXJ4ApEy5g4AuK7NYgAJd39PPbERgWnxjxir9g0
> Ix30dS30bW39D+3NPU5Ho9TD/B7UDFvYT5AWHl3MGwo3a1RhTs6sfgL7yQ3U+mvq
> MkTExZb5mfN1FeaYKMopoI4VpzNVeGxQWIz67VjJHVyUlF20ekOz4kWVgsxkc8G2
> saqZd6yv2EwqYTi8BDAduweP33KrQc4KDDommQNDOXxaKOeCoESIdM4p7Esdjq1o
> L0oixF12CohGBBARAgAGBQI7HmHDAAoJEJ5A4xAACqukTlQAoI4QzP9yjPohY7OU
> F7J3eKBTzp25AJ42BmtSd3pvm5ldmognWF3Trhp+GYkAlQMFEDe3O8IWkDf+zvyS
> FQEBAfkD/3GG5UgJj18UhYmh1gfjIlDcPAeqMwSytEHDENmHC+vlZQ/p0mT9tPiW
> tp34io54mwr+bLPN8l6B5GJNkbGvH6M+mO7R8Lj4nHL6pyAv3PQr83WyLHcaX7It
> Klj371/4yzKV6qpz43SGRK4MacLo2rNZ/dNej7lwPCtzCcFYwqkiiEYEEBECAAYF
> AjoaQqQACgkQx1KqMrDf94ArewCfWnTUDG5gNYkmHG4bYL8fQcizyA4An2eVo/n+
> 3J2KRWSOhpAMsnMxtPbBmQGiBDnu9IERBACT8Y35+2vv4MGVKiLEMOl9GdST6MCk
> YS3yEKeueNWc+z/0Kvff4JctBsgs47tjmiI9sl0eHjm3gTR8rItXMN6sJEUHWzDP
> +Y0PFPboMvKx0FXl/A0dM+HFrruCgBlWt6FA+okRySQiliuI5phwqkXefl9AhkwR
> 8xocQSVCFxcwvwCglVcOQliHu8jwRQHxlRE0tkwQQI0D+wfQwKdvhDplxHJ5nf7U
> 8c/yE/vdvpN6lF0tmFrKXBUX+K7u4ifrZlQvj/81M4INjtXreqDiJtr99Rs6xa0S
> cZqITuZC4CWxJa9GynBED3+D2t1V/f8l0smsuYoFOF7Ib49IkTdbtwAThlZp8bEh
> ELBeGaPdNCcmfZ66rKUdG5sRA/9ovnc1krSQF2+sqB9/o7w5/q2qiyzwOSTnkjtB
> UVKn4zLUOf6aeBAoV6NMCC3Kj9aZHfA+ND0ehPaVGJgjaVNFhPi4x0e7BULdvgOo
> AqajLfvkURHAeSsxXIoEmyW/xC1sBbDkDUIBSx5oej73XCZgnj/inphRqGpsb+1n
> KFvF+rQoU3VTRSBQYWNrYWdlIFNpZ25pbmcgS2V5IDxidWlsZEBzdXNlLmRlPohi
> BBMRAgAiBQJA2AY+AhsDBQkObd+9BAsHAwIDFQIDAxYCAQIeAQIXgAAKCRCoTtro
> nIAKypCfAJ9RuZ6ZSV7QW4pTgTIxQ+ABPp0sIwCffG9bCNnrETPlgOn+dGEkAWeg
> KL+IRgQQEQIABgUCOnBeUgAKCRCeQOMQAAqrpNzOAKCL512FZvv4VZx94TpbA9lx
> yoAejACeOO1HIbActAevk5MUBhNeLZa/qM2JARUDBRA6cGBvd7LmAD0l09kBATWn
> B/9An5vfiUUE1VQnt+T/EYklES3tXXaJJp9pHMa4fzFa8jPVtv5UBHGee3XoUNDV
> wM2OgSEISZxbzdXGnqIlcT08TzBUD9i579uifklLsnr35SJDZ6ram51/CWOnnaVh
> UzneOA9gTPSr+/fT3WeVnwJiQCQ30kNLWVXWATMnsnT486eAOlT6UNBPYQLpUprF
> 5Yryk23pQUPAgJENDEqeU6iIO9Ot1ZPtB0lniw+/xCi13D360o1tZDYOp0hHHJN3
> D3EN8C1yPqZd5CvvznYvB6bWBIpWcRgdn2DUVMmpU661jwqGlRz1F84JG/xe4jGu
> zgpJt9IXSzyohEJB6XG5+D0BuQINBDnu9JIQCACEkdBN6Mxf5WvqDWkcMRy6wnrd
> 9DYJ8UUTmIT2iQf07tRUKJJ9v0JXfx2Z4d08IQSMNRaq4VgSe+PdYgIy0fbj23Vi
> a5/gO7fJEpD2hd2f+pMnOWvH2rOOIbeYfuhzAc6BQjAKtmgR0ERUTafTM9Wb6F13
> CNZZNZfDqnFDP6L12w3z3F7FFXkz07Rs3AIto1ZfYZd4sCSpMr/0S5nLrHbIvGLp
> 271hhQBeRmmoGEKO2JRelGgUJ2CUzOdtwDIKT0LbCpvaP8PVnYF5IFoYJIWRHqlE
> t5ucTXstZy7vYjL6vTP4l5xs+LIOkNmPhqmfsgLzVo0UaLt80hOwc4NvDCOLAAMG
> B/9g+9V3ORzw4LvO1pwRYJqfDKUq/EJ0rNMMD4N8RLpZRhKHKJUm9nNHLbksnlZw
> rbSTM5LpC/U6sheLP+l0bLVoq0lmsCcUSyh+mY6PxWirLIWCn/IAZAGnXb6Zd6Tt
> IJlGG6pqUN8QxGJYQnonl0uTJKHJENbI9sWHQdcTtBMc34gorHFCo1Bcvpnc1LFL
> rWn7mfoGx6INQjf3HGQpMXAWuSBQhzkazY6vaWFpa8bBJ+gKbBuySWzNm3rFtT5H
> RKMWpO+M9bHp4d+puY0L1YwN1OMatcMMpcWnZpiWiR83oi32+xtWUY2U7Ae38mMa
> g8zFbpeqPQUsDv9V7CAJ1dbriEwEGBECAAwFAkDYBnoFCQ5t3+gACgkQqE7a6JyA
> CspnpgCfRbYwxT3iq+9l/PgNTUNTZOlof2oAn25y0eGi0371jap9kOV6uq71sUuO
> =ypVs
> - -----END PGP PUBLIC KEY BLOCK-----
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.5 (GNU/Linux)
>
> iQEVAwUBRdR2Fney5gA9JdPZAQLeawf/Uo/2+4TN671UTrhta64JVfjQBnVVJHiN
> ENzfVaWsXa/bz5ap6gTBgBq5JXXnP1iWa45X9ExDAENa6f6X3Q5FYk8OCXELoA8p
> Gfxply/IhHNEDpeBtyaGD5spElVf6rPrqemxfmd8CZYS3pAlrVdItWuTI3c0JaNX
> n1o3JwEBg+sit43moI55kkShvUgkpg4ZYPXtBV+sENSS5bzB8i6ZHgSpI3Xn++Gx
> lH01aDeei31TBEgb8PQ6dAWLdXmxlqVS7a3MQqWBlbog/Kthi7/dNqbypPHY1UxV
> 2FXBpFigSkRIYXHty5kCEhSyVTL8YKiFwTrgtavS9fJxp/2iuTAdzg==
> =MPha
> -----END PGP SIGNATURE-----
>
> --
> To unsubscribe, e-mail: suse-security-announce-unsubscribe-at-suse.com
> For additional commands, e-mail: suse-security-announce-help-at-suse.com
>
> ----- End forwarded message -----
>
> --
> http://www.mrbrklyn.com - Interesting Stuff
> http://www.nylxs.com - Leadership Development in Free Software
>
> So many immigrant groups have swept through our town that Brooklyn, like Atlantis, reaches mythological proportions in the mind of the world - RI Safir 1998
>
> http://fairuse.nylxs.com DRM is THEFT - We are the STAKEHOLDERS - RI Safir 2002
>
> "Yeah - I write Free Software...so SUE ME"
>
> "The tremendous problem we face is that we are becoming sharecroppers to our own cultural heritage -- we need the ability to participate in our own society."
>
> "> I'm an engineer. I choose the best tool for the job, politics be damned.<
> You must be a stupid engineer then, because politcs and technology have been attacted at the hip since the 1st dynasty in Ancient Egypt. I guess you missed that one."
|
|
