oss-sec mailing list archives
Re: CVE for Kali Linux
From: Florian Weimer <fw () deneb enyo de>
Date: Sun, 22 Mar 2015 12:04:57 +0100
* Kurt Seifried:
So I guess we enter uncharted territory here.
No, this is pretty much the same as bug 998: <https://bugzilla.redhat.com/show_bug.cgi?id=998> Here's one non-working attempt at solving this with the Microsoft trust root: <https://fedoraproject.org/wiki/Features/PackageSignatureCheckingDuringOSInstall> (It does not work because anyone can have binaries signed under the Microsoft trust root.)
Vendor has front page that recommends doing something completely insane and insecure (http/md5s/etc.).
Please tone down your language, it's not constructive at all.
Current thread:
- Re: CVE for Kali Linux, (continued)
- Re: CVE for Kali Linux Kurt Seifried (Mar 21)
- Re: CVE for Kali Linux Daniel Micay (Mar 21)
- Re: CVE for Kali Linux Russ Allbery (Mar 21)
- Re: CVE for Kali Linux Daniel Micay (Mar 21)
- Re: CVE for Kali Linux Daniel Micay (Mar 21)
- Re: CVE for Kali Linux Florian Weimer (Mar 22)
- Re: CVE for Kali Linux Daniel Micay (Mar 22)
- Re: CVE for Kali Linux Kurt Seifried (Mar 21)
- Re: CVE for Kali Linux Amos Jeffries (Mar 22)
- Re: CVE for Kali Linux Daniel Micay (Mar 22)
- Re: CVE for Kali Linux Michael Samuel (Mar 21)
- Re: CVE for Kali Linux Florian Weimer (Mar 22)
- Re: CVE for Kali Linux Kurt Seifried (Mar 22)
- Re: CVE for Kali Linux Jeremy Stanley (Mar 22)
- Re: CVE for Kali Linux Kurt Seifried (Mar 22)
- Re: CVE for Kali Linux David A. Wheeler (Mar 22)
- Re: CVE for Kali Linux Solar Designer (Mar 22)
- Re: CVE for Kali Linux Solar Designer (Mar 22)
- Re: CVE for Kali Linux Kurt Seifried (Mar 22)
- Re: CVE for Kali Linux Donald Stufft (Mar 22)
- Re: CVE for Kali Linux Daniel Micay (Mar 22)
- Re: CVE for Kali Linux Kristian Fiskerstrand (Mar 22)