Re: "Ian Murdock" Death
Dead as in dead. Please take your conspiracy theories elsewhere.
On Fri, 2016-07-15 at 16:18 -0700, Kyle Lussier wrote:
> CONFIDENTIAL
>
> Hello Debian / Savatore -
>
> I am investigating the death of Ian Murdock and also a debian user.
>
> * Debian's core MIT distribution may have been compromised by
> "Ian" internally to get into one of our servers.
>
> * Can you confirm that "Ian Murdock" was the "ian" in debian?
>
> * Can you confirm that he is actually dead/committed suicide?
>
> * If not, did he fake his death? Perhaps after compromising
> servers intentionally and committing many felonies?
>
> The coroner and related PD have not responded however several
> federal agencies are aware of the issue.
>
> This is a very serious matter.
>
> Thank you for your assistance!
>
> Kyle
>
>
> -------- Original Message --------
> Subject: [SECURITY] [DSA 3620-1] pidgin security update
> From: Salvatore Bonaccorso <carnil@debian.org>
> Date: Fri, July 15, 2016 12:03 pm
> To: debian-security-announce@lists.debian.org
>
> Error verifying signature: gpg: armor header: Hash: SHA512
> gpg: invalid dash escaped line: -\r\n
> gpg: unexpected armor: ----------------------------------------------
> ---------------------------\r\n
> gpg: invalid armor header: Debian Security Advisory DSA-3620-1 securi
> ty@debian.org\r\n
> Content-Type: application/x-inlinepgp-signed; charset="utf-8"
> Content-Transfer-Encoding: quoted-printable
>
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA512
>
> -
> -------------------------------------------------------------------
> ------
> Debian Security Advisory DSA-3620-1 security@debian.org
> https://www.debian.org/security/ Salvatore Bonaccorso
> July 15, 2016 https://www.debian.org/security/faq
> -
> -------------------------------------------------------------------
> ------
>
> Package : pidgin
> CVE ID : CVE-2016-2365 CVE-2016-2366 CVE-2016-2367 CVE-2016-2368
> CVE-2016-2369 CVE-2016-2370 CVE-2016-2371 CVE-2016-2372
> CVE-2016-2373 CVE-2016-2374 CVE-2016-2375 CVE-2016-2376
> CVE-2016-2377 CVE-2016-2378 CVE-2016-2380 CVE-2016-4323
>
> Yves Younan of Cisco Talos discovered several vulnerabilities in the
> MXit protocol support in pidgin, a multi-protocol instant messaging
> client. A remote attacker can take advantage of these flaws to cause
> a
> denial of service (application crash), overwrite files, information
> disclosure, or potentially to execute arbitrary code.
>
> For the stable distribution (jessie), these problems have been fixed
> in
> version 2.11.0-0+deb8u1.
>
> For the testing distribution (stretch), these problems have been
> fixed
> in version 2.11.0-1.
>
> For the unstable distribution (sid), these problems have been fixed
> in
> version 2.11.0-1.
>
> We recommend that you upgrade your pidgin packages.
>
> Further information about Debian Security Advisories, how to apply
> these updates to your system and frequently asked questions can be
> found at: https://www.debian.org/security/
>
> Mailing list: debian-security-announce@lists.debian.org
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBCgAGBQJXiTCbAAoJEAVMuPMTQ89E4nUP/jEpNVpOe4FcStlU24Cv1qOS
> BsNBvRlp1XhhshzoBAWZSBTKFi4jqilOZUgjsHO76nHS7j0J4wzoWc36ZIp23O5p
> KX9+A87ZdS4C3hI1YGgTdCcMTKSnWIrS1YcOW/0qBx7jdXt5EhFPKJa/byhHsp23
> zguJ+glemJQ9uqpylc5om2udV4u9U5Nnc+Ga92zeR7Kefs20yRTLOef4Pd69LPwh
> +zM0/qkI+JMii0yMpMJsIpMsXzQvzvgd4E6r3+NrWOHOCoZ8XZD4UvsR3Bnw8nvg
> ed+hg2nj3uMWgXtv4Bdx+yUxsWdRFSjpiD1EXWmvzREgmDdrlnCGZB3yQbepA0Yi
> lHsHEAwq3GZalLAeW8lwIQVaSLSREO6ZxcY7OxG2vdYzbkoQKCK7K4rR4T3yxB83
> tAvYWRxCTMaeRxqUgLEAq0iMqQhvrmNDDEt5VVsE1bSn9gig6MkSGepFdzx4Yipq
> +a8XUgJt8tLbpuTD9Pg9Ig8Mee0SaHSxr8bP6fFlfJu0Wt59MKn3wNzcqPhb+3Ie
> FtLyo6XBC4hnsoVlRT569fwkuYaI/kptT95tKiqyYI+RFnSW0WP4dycmo2pHOuIP
> mckCbAM7s+vuCGe1YQHJiOCeTrIDKAkKPbudjBL/g2zbcY+KayMXTvZbbW+ma8c0
> wMiDOiIYUd4xMSvjBeF0
> =3DQNWs
> -----END PGP SIGNATURE-----
Reply to: