IRC Logs for #crux-devel Wednesday, 2014-12-10

*** Feksclaus has quit IRC02:54
*** kori has quit IRC03:45
*** mavrick61 has quit IRC03:48
*** mavrick61 has joined #crux-devel03:49
*** kori has joined #crux-devel04:07
*** deus_ex has quit IRC04:40
*** kori has quit IRC05:32
*** kori has joined #crux-devel05:39
frinnstheh, i was running a xorg-server 1.17-rc before i rebuild with 1.16.2.90108:20
frinnstyou sure get some wierd errors unless you rebuild the drivers when downgrading08:20
RomsterABI yeah08:21
frinnstI thought i had some hardware issue when i turned on my box this morning08:22
frinnstjust a blank screen08:22
Romsteranyone going to do alancos kde4 branch update to 3.108:22
Romsterhah man that reminds me of the error screensaver.... the moment i glanced at my monitor it had the kenrel panic of linux....08:23
Romsteri was WTF08:24
Romsteroh gawd it was just the screensaver08:24
prologicanyone else have trouble using bintary in sources for ports?08:28
prologiceven wget'ing the url sucks08:29
teK_Workster / Romster I updated kde4 to point to 3.1. Should hit the website tomorrow, when pdb was updated08:29
RomsterteK_, thanks man. alan seems to have a hard time with updates or isn't around for a dev to see.08:39
RomsterteK_, does all the site work anymore.08:39
Romsterwhen i read the xorg security venerability's i was shocked.08:40
teK_heh08:41
diverseit was the heartbleed of GUIs huh?08:41
Romsterhttp://www.phoronix.com/scan.php?page=news_item&px=MTg1ODQ08:42
RomsterThese issues date back to the 80's and 90's -- thus affecting most X.Org running systems out there. The oldest of these vulnerabilities go back to 1987 with X11 core protocol requests.08:42
Romsterdoes no one valgrind or other tools for these?08:43
diversealright, more like the Bash shellshock of GUIs08:43
teK_Ilja van Sprundel probably did ;)08:43
teK_but I think that he was a fuzzer-guy so he probably used that, too08:44
RomsterAmong the vulnerabilities are an unchecked malloc in client authentication leading to a potential denial of service, integer overflows, and out of bounds access due to not checking lengths/offsets in requests.08:44
Romsteri mean the first rule is never trust user input. check everything.08:44
Romsterpoor programming practices.08:45
teK_the fixes mention "added paranoia" which reflects a strange attitude towards this topic. IMHO08:47
diversewhat does "added paranoia" mean specifically?08:49
diversestill 3 bigs ones this years, heartblead, shellshock, and now this08:51
diverse*year08:51
Romsteryeah i hope this is the last one for this year....09:06
teK_diverse: it means they do proper length checking instead of relying on the users to behave...09:14
diverseah gotcha09:14
teK_it's like using a parameter superuser=(0|1) in the URL of your webapp without checking09:15
diverseoh I guess I was thinking of array bounds checking09:16
*** Feksclaus has joined #crux-devel09:29
teK_yeah that was faulty too, iirc09:41
diversebuffer overflows huh?09:42
teK_for maximum pleasure, read the linked ML posts09:42
diversesomehow I think it's more important that programmers get re-educated in the art of code-correctness09:44
diversebecause that seems to be in much higher demand now with all these expliot findings10:05
prologicWhere's sepan these days?11:02
prologichis @crux.nu email is non-existent11:02
frinnsthe hosts his own mailserver at home and its down11:02
frinnstfor a few days even11:02
frinnstpitillo has his other gmail address (i forgot)11:03
Romstersepen at crux-arm.nu11:08
Romsteris something of his not right prologic ?11:09
pitillobeep beep... shared on pm11:26
prologicno, it's fine :)11:34
prologicjust wanted him to add a symlink for VBoxManage for the virtualbox port11:34
*** Workster has quit IRC16:36
jaegerRomster: wine needs a bit of a tweak, it has the wrong gecko and mono versions currently. http://sprunge.us/DLYK16:52
jaeger(oops, that patch doesn't bump release)16:52
*** leo-unglaub has joined #crux-devel17:36
*** deus_ex has joined #crux-devel18:10
*** deus_ex has quit IRC18:16
*** crash_ has joined #crux-devel18:50
*** crash_ has quit IRC18:50
*** crash_ has joined #crux-devel18:51
juehello19:37
juewrt mailing list thread: '... X does not work with slim ...'19:39
jueI see the same messages in my xorg log, can someone else confirm this, please?19:40
juelooks like we have to add a --disable-systemd-logind19:41
teK_same here19:45
teK_I refrained from testing or better: reporting back for various reasons19:46
jaegerI see the systemd login error but it doesn't cause X to fail on my system19:47
jaegerI do run dbus19:47
teK_dito and dito.19:50
leo-unglaubhey :)19:53
juethx, I'll commit a new release with a explicit --disable-systemd-logind19:56
juewith that I no longer see the errors19:56
jaegerok19:56
prologicslim works fine here now20:53
prologicit didn't a little while ago20:53
prologicbut xfce4 runs debus for me20:53
prologicooooh21:00
prologicthe new Xorg server with all the bug fies21:00
prologicand the new hard systemd integration :)21:01
prologicthat's going to screw me over too isn't it :)21:01
*** crash_ has quit IRC21:51
*** leo-unglaub has quit IRC23:17
*** Workster has joined #crux-devel23:26

Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!