[ubuntu-hardened] ubuntu-hardened Digest, Vol 60, Issue 3

Abhijeet Sawant abhijeet.1308 at gmail.com
Fri Apr 5 07:34:56 UTC 2013 

Hi All,

Sorry to say, but I am little worried about view of Community regarding
system security of Ubuntu. This is mainly because on 04/03/2013 mozilla
release some CVE regarding Vulu. in Firefox/ SeaMonkey/  Thunderbird, but
it took almost day to ubuntu community to release security update for above
products. I might be security paranoid but I just want to ask why we need a
day to release such an important update (As browser is mainly faces
internet and it's comman target for client-side exploit.)

Have a nice day.

Regards,
Savio


On Thu, Apr 4, 2013 at 5:30 PM, <ubuntu-hardened-request at lists.ubuntu.com>wrote:

> Send ubuntu-hardened mailing list submissions to
>         ubuntu-hardened at lists.ubuntu.com
>
> To subscribe or unsubscribe via the World Wide Web, visit
>         https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
> or, via email, send a message with subject or body 'help' to
>         ubuntu-hardened-request at lists.ubuntu.com
>
> You can reach the person managing the list at
>         ubuntu-hardened-owner at lists.ubuntu.com
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of ubuntu-hardened digest..."
>
>
> Today's Topics:
>
>    1. Re:  tcp: sysctl to disable TCP simultaneous      connect
>       (Daniel Curtis)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Wed, 3 Apr 2013 17:05:21 +0200
> From: Daniel Curtis <sidetripping at gmail.com>
> To: Ubuntu security discussion <ubuntu-hardened at lists.ubuntu.com>
> Subject: Re: [ubuntu-hardened] tcp: sysctl to disable TCP simultaneous
>         connect
> Message-ID:
>         <CAASvXNuaO1nKxe1Svv51As5qp=aweOF_wLB5=
> CkzJzZpXcMiTg at mail.gmail.com>
> Content-Type: text/plain; charset="iso-8859-1"
>
> Hi Mr Cook;
>
> First of I would like to thank you for a such great, really great job on
> the security field etc. It's amazing! What a shame, that this patch was
> rejected by upstream. I hope Ubuntu Security Team will apply this feature
> to e.g. 3.2.x kernel.
>
> I'm a little worried, because Mr Ben Hutchings on Wed, 27 Mar had announced
> the release of the 3.2.42 kernel, while in Ubuntu 12.04.2 available kernel
> is 3.2.39 and 3.2.40 - but with so-called 'proposed updates'. As probably
> with every kernel update, this update included several important fixes. I
> hope, that Ubuntu Team will release 3.2.42 kernel for 12.04.2 as soon as
> possible.
>
> These things that have been NAKed upstream are also very interesting.
> Especially 'devtmpfs: mount with noexec and nosuid'.
>
> Best regards.
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <
> https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20130403/f5d49b54/attachment-0001.html
> >
>
> ------------------------------
>
> --
> ubuntu-hardened mailing list
> ubuntu-hardened at lists.ubuntu.com
> https://lists.ubuntu.com/mailman/listinfo/ubuntu-hardened
>
>
> End of ubuntu-hardened Digest, Vol 60, Issue 3
> **********************************************
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ubuntu.com/archives/ubuntu-hardened/attachments/20130405/c6f84f65/attachment.html>

More information about the ubuntu-hardened mailing list