IRC Logs for #crux-devel Saturday, 2015-07-11

*** Feksclaus has quit IRC00:37
*** _mavric has quit IRC02:52
*** __mavric has joined #crux-devel02:53
*** nrxtx has quit IRC05:46
Romsterjue, libpcre has 2 CVE's CVE-2015-3210 and CVE-2015-507307:06
Romsteror frinnst or teK__ who ever has access to core07:06
Romsterfrinnst, you probably want to edit thunderbird and remove/add this to match up with firefox07:28
Romster-ac_add_options --enable-tree-freetype07:28
Romster+ac_add_options --enable-pic07:29
Romsteri also sorted the items07:30
Romsteror maybe that tree-freetype needs to be changed in thunderbird 39?07:33
Romstermy system is a little behind on updates like freetype.07:33
juegood morning07:34
Romstermorning jue07:35
Romsterfrinnst, yeah scratch removing --enable-tree-freetype until thunderbird 39.x07:35
jueRomster: guess our patch libpcre/01-seven-... covers all security issues, or are the two patches you find additional stuff?07:38
Romsteroh i didn't see that...07:39
Romsterand i'm not sure07:39
Romsterlet me guess that was taken off master svn at the time07:41
Romsterthen i guess it is covered if that diff was made recent enough.07:43
Romster Reported: 2015-05-29 08:4507:44
Romster Reported: 2015-06-23 06:2907:45
Romster2015-06-07 Fredrik Rinnestam[notify] libpcre: Fixes several security vulnerabilities07:46
Romsterso i'll say it's probably not covered going by those dates.07:46
Romsterand if there is 7 serurity issues there were are the CVEs assigned to them?07:47
Romsterunless they got fixed before being reported.07:48
Romster doens't even offer any patch07:49
Romsterlooks like frinnst got the patch from here
Romstergit-svn-id: file:///srv/repos/svn-packages/svn@240351 eb2447ed-0c53-47e4-bac8-5bc4a241df7807:56
Romsterseems CVE-2015-3210 is covered but no mention of CVE-2015-507307:58
Romsterso i should use that 01-seven-security-patches.patch place in place of CVE-2015-321008:00
jueI'd say so, will apply the other patch later08:03
Romsteri'll wait on your advice beofre i do that if it's ok to use 01-seven-security-patches.patch and libpcre-8.37-CVE-2015-5073.patch ?08:03
Romsteri'd like to keep in line with core/libpcre08:05
jueso, i'm back now08:49
Romsterta jue id did the same change too.08:56
Romsterfor libpcre-3208:56
juevery good :)09:00
Romsteri was looking at other stuff and i just happened to stumble upon that.09:16
*** jue has joined #crux-devel09:45
*** Romster has quit IRC12:37
*** Romster has joined #crux-devel12:38
*** Feksclaus has joined #crux-devel12:54
*** Feksclaus has quit IRC13:21
frinnstthere were a bunch of security issues with pcre reported a while back. no fixes were available at that time15:16
*** Romster has quit IRC16:28
*** Romster has joined #crux-devel16:28
*** Romster has quit IRC18:46
*** Romster has joined #crux-devel18:47
*** crash_ has quit IRC19:44
*** frinnst has quit IRC19:59
*** frinnst has joined #crux-devel20:00
*** crash_ has joined #crux-devel21:32
*** nrxtx has joined #crux-devel21:36
*** nrxtx has quit IRC21:36
*** nrxtx has joined #crux-devel21:36
*** crash_ has quit IRC21:43
*** crash_ has joined #crux-devel22:01

Generated by 2.11.0 by Marius Gedminas - find it at!