IRC Logs for #crux-devel Wednesday, 2014-09-24

*** mavrick61 has quit IRC02:54
*** mavrick61 has joined #crux-devel02:55
pitillogood morning07:18
pitillosorry for being boring with this topic, but can someone make a change in my private repo url (again, sorry) from to ?07:19
teK__done, running pdbcacher now..08:23
pitillothank you very much teK__ :)08:27
*** Romster has quit IRC09:09
*** Romster has joined #crux-devel09:16
frinnstStephane Chazelas discovered a vulnerability in bash, related to how14:11
frinnstenvironment variables are processed: trailing code in function14:11
frinnstdefinitions was executed, independent of the variable name.14:11
frinnstIn many common configurations, this vulnerability is exploitable over14:11
frinnstthe network.14:11
frinnstChet Ramey, the GNU bash upstream maintainer, will soon release14:11
frinnstofficial upstream patches.14:12
frinnstI guess it's CVE-2014-627114:17
frinnstdebian just released a patch14:17
teK__over the network? wat.14:19
frinnstfucking embargoes14:20
jueoops, all versions since 3.0 are affected14:57
juefrinnst: do you have an update ready or should I do it?14:59
juefrinnst: done15:22
teK__mind pushing that to 3.0? :))15:23
jueyeah, can do that even though I guess we didn't push everything security related to 3.0?15:25
teK__probably not15:27
teK__I coulddo it, too15:27
jueteK__: will do it later today15:55
diverseare they still maintaining the 3.0 version?16:01
teK__not really16:03
teK__i.e. no guarantees16:03
teK__what about it17:39
jueteK__: done17:44
teK__thx :)17:47
teK__=======> ERROR: Md5sum mismatch found:17:48
teK__MISSING   1fb7f3f6bf92ce6c5c9ed9949ae858fe  procps-ng-3.3.10.tar.xz17:48
teK__NEW       48923adcd063442882d98718e070102e  procps-ng-3.3.10.tar.xz17:48
teK__=======> ERROR: Building '/usr/ports/packages/procps#3.3.10-1.pkg.tar.gz' failed.17:48
teK__my fault?17:48
jaegerI bet frinnst did it18:02
teK__if it's not my fault it's his, for sure18:03
jueteK__: works for me and the md5sum from the sourceforge page is still the same as ours18:21
teK__I'm using a gentoo mirror18:21
teK__fucking upstream..18:21 its probably a good idea to patch bash there, too18:47
frinnst9pm, zzzzzzzz18:48
teK__we have #PermitUserEnvironment no18:48
*** Workster has quit IRC19:08
*** Workster_ has joined #crux-devel19:08
teK__frinnst: get to work ASAP!20:24
*** dwts has quit IRC22:35
*** dwts has joined #crux-devel22:36

Generated by 2.11.0 by Marius Gedminas - find it at!