IRC Logs for #crux-devel Tuesday, 2015-02-03

*** Feksclaus has quit IRC01:15
*** Workster_ has joined #crux-devel01:49
*** Workster has quit IRC01:49
*** Workster has joined #crux-devel01:49
*** _mavrick61 has quit IRC03:27
*** __mavrick61 has joined #crux-devel03:28
frinnst <- wat?08:27
diversewell at least he solved his problem08:30
diversewhatever that problem was08:31
*** jue has quit IRC08:44
*** Feksclaus has joined #crux-devel10:50
*** atharic has quit IRC12:31
*** xetver has joined #crux-devel12:31
*** Feksclaus has quit IRC12:33
*** Feksclaus has joined #crux-devel15:17
*** leo-unglaub has joined #crux-devel20:34
frinnstthere are quite a few +5 year old bugs in FS. anybody mind if I clean up?20:51
frinnsttoo late21:00
teK_21:56 < jedisct1> RT @geeknik: Details aren't public yet, but my OpenSSL bug has been assigned CVE-2015-0208.21:23
prologicWe're not going to bother updating 3.0 with this glibc vulnerability are we?21:31
teK_is ist vulnerable?21:46
prologicyes I believe so21:47
prologiclemme double check actually21:48
prologic$ dki crux:3.0 bash -c 'pkginfo -i | grep glibc'21:53
prologicglibc 2.16.0-321:53
prologicglibc-32 2.16.0-321:53
prologicSo yeah it's vulnerable21:53
prologicAre we doing to update 3.0 at all?21:53
prologicOtherwise I'll drop the crux:3.0 tag I support as an Official Docker Image21:54
teK_there's a POC checker somewhere21:54
teK_I still run 3.021:54
teK_is there an official glibc update for 2.16.0?21:54
prologicperhaps let's update glibc for 3.0 then21:54
prologicand update the iso so I can update the docker image(s)21:54
prologiccan't we just bump it to 2.18?21:55
teK_dunno about the ISO. new installations of 3.0 should be discouraged :)21:55
prologicI suppose that's a major toolchain update?21:55
teK_dunno. 0 intereset in screwing my desktop, though21:55
prologicit's just I build/update the docker iamges based off of the iso :)21:55
teK_dunno if jaeger is willing to make the effort, I could understand if he wouldn't21:56
prologicI think this one will be "too hard" to patch for 3.021:56
prologicI'll just drop the 3.0 image?21:56
jaegerI'd say it's probably not worth maintaining a 3.0 anything but that's me. Why are you still using it instead of 3.1?21:57
prologicI'm not :)21:58
jaegeroh, that was teK_, I misread21:59
teK_still lacking the time to update my desktop to 3.1; will take another two-three months I think :((22:00
jaegerThat's fine, I just wondered if there were some reason other than "too busy"22:00
teK_prologic: found a patch for 2.16.0 and CVE -023522:01
teK_can build/test that on 3.0 tomorrow22:02
teK_for (my reference:
prologicahh nice22:06
prologiclet me know if it proves viable22:06
prologicmaybe we can patch 3.022:06
teK_it better does, I have no time screwing my desktop :O22:09
frinnst<teK_> I still run 3.022:37
frinnsti have not been pushing security fixes to 3.0 for a long time22:38
frinnstupgrading glibc to 2.19 or 2.20 wont screw your desktop22:39
frinnstits harmless22:39
frinnsthell, upgrading 2.6 to 2.10 is also harmless :)22:39
frinnstnow, reverting from 2.19 or whatnot to 2.16 is probably *not* harmless22:40
frinnstbtw, i've not had time to look at cherry-picking for 2.6 yet, tek22:41
frinnstThe bro CLI is a Ruby Gem and can be installed as follows <- how is that not a surprise? :D22:43
prologicwtf re bro pages22:59
prologicdamn ruby zealots :)23:00
teK_frinnst: I have no choice. 3.0 or no CRUX (= no Linux) atm23:09
teK_I am browsing VERY carefully, thoguh :D23:09
teK_also: sepen seems to have missed/held back th 40.x update for chromium23:09
prologicit's not that hard/difficulty to upgrade to 3.1 though really23:11
prologicalthough I have to admit I re-installed from scratch myself23:11
prologicsince my previous ssd died23:11
teK_I don't recall reinstalling sinc 2.4 or so23:25
teK_neither when I switched to my current SSD ;-)23:26
prologicsometimes it's quicker/easier :)23:30
teK_I may never find out ;)23:31
*** deus_ex has quit IRC23:43

Generated by 2.11.0 by Marius Gedminas - find it at!