IRC Logs for #crux-devel Wednesday, 2016-10-05

*** onodera has quit IRC00:07
*** _________mavric6 has quit IRC02:34
*** _________mavric6 has joined #crux-devel02:36
*** pitillo has quit IRC05:06
*** pitillo has joined #crux-devel05:06
jueteK_: sorry, but still not visible on https://crux.nu/gitweb/08:35
frinnst2jue did you push something else to the repo? I think you need to do that for it to appear09:09
frinnst2iirc we had to do that with the other repos09:09
jueno, will try that09:16
juehmm, pushed something and now the repo is visible but without any commit in the master branch09:29
jueok, works now09:34
juethe problem was that the new dirs in pkgutils.git/objects, I've created yesterday, had a file mode o-x09:36
juefrinnst2: .oO two security fixes for bash09:38
frinnst2oh?09:38
juehttps://lists.gnu.org/archive/html/bug-bash/2016-10/msg00009.html09:38
juehttps://lists.gnu.org/archive/html/bug-bash/2016-10/msg00008.html09:38
frinnst2nothing on oss-sec yet? or did I miss it09:38
jueno, not yet09:39
frinnst2ah recognise the PS4 thing. did we patch that already?09:39
frinnst2ah, only on the 3.3 branch with bash 409:39
frinnst24.4 or whatever we run in 3.309:40
frinnst2ACTION is confusing himself09:40
jueyeah, only bash 4.309:41
jueAFAIKS09:41
*** onodera has joined #crux-devel09:41
frinnst22 branches is confusing :)09:41
frinnst2what remains for 3.3?09:43
jueif we omit the download-as thing nothing IMO09:46
juemany projects on github are providing propper downloads now, e.g. cups, so the initially reason has gone, more or less09:49
jueand I agree, having two branches is confusing and a lot of more work09:50
juenow bash ...09:51
frinnst2yeah. download-as would be nice though09:51
jueyeah, but I don't see a propper solution up to now09:53
frinnst2nothing really prevents us from adding this feature during the 3.3 lifecycle and then start to "support it" in 3.4 or whatever09:54
juefrinnst2: btw, I've pushed util-linux to 2.29-rc1 so we can test it09:54
frinnst2would allow for easier testing too09:54
frinnst2cheers09:55
frinnst2i really miss my connection. feels so handicapped with this useless 4g09:55
jueyeah, sounds like a plan wrt download-as09:56
*** onodera has quit IRC10:06
juefrinnst2: I was wrong, both bugs are on oss-sec10:06
Romsterremote: rm: cannot remove `/home/crux/git-to-rsync-working-copy/xorg/3.2.old/xorg-font-bh-type1/.md5sum': Permission denied10:48
RomsterTo crux:/home/crux/scm/ports/xorg.git10:48
Romster   49ed369..c8a1a6a  3.2 -> 3.210:48
Romsterpermissions on xorg.git post-receive hook are messed up?10:49
Romsteri got that for 2.8 3.0 3.110:49
juehmm, guess it was because the group for that branches was set to users and not xorg11:11
jueshould work now, changed it to xorg11:11
*** onodera has joined #crux-devel11:15
Romsterwill find out later when i push again.11:56
teK_remote code exec in UDP stack11:57
teK_oh myyy11:57
Romsterdoes that fix all the CVEs now?11:58
Romsterit's not that bad unless you tunnel to X afaik11:58
Romsterstill i would not trust any input from another process to be sane and not checked for length or malicious code.11:59
Romsterthat is just asking for trouble.11:59
frinnst2teK_: ?12:25
*** onodera has quit IRC13:19
*** onodera has joined #crux-devel13:48
*** onodera has quit IRC14:02
*** darfo has quit IRC14:38
*** jue has joined #crux-devel14:39
*** darfo has joined #crux-devel14:39
*** erdic has quit IRC14:42
*** erdic has joined #crux-devel14:44
*** onodera has joined #crux-devel14:51
*** onodera has quit IRC15:02
*** onodera has joined #crux-devel16:35
*** erdic has quit IRC18:03
*** erdic has joined #crux-devel18:03
teK_http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=34b88a68f26a75e4fded796f1a49c40f82234b7d21:04
teK_== remote code execution in the UDP stack of Linux21:04
teK_Fixes: a2e2725541fa ("net: Introduce recvmmsg socket syscall")  was btw from 200921:04
frinnstlovely, how did you find that?21:06
frinnsti like how the kernel people keep security issues quiet21:06
teK_up side: I checked the commit date (March '16) ..21:06
teK_https://news.ycombinator.com/item?id=1264043221:06
frinnstim currently downloading something in 600kb/s so it appears i cant do dns lookups21:07
frinnsthow do people live like this?21:07
teK_it's what I have in my flat/room in munich because the plan for this DSL line must be >10 years old :P21:08
frinnstI wonder if that has been backported to my debian squeeze kernels21:09
teK_so it's just today that the remote exec flaw has been public PoC'd21:10
teK_which makes this less bad, but still21:10
frinnstWhat happened to make this updated? This was patched in March upstream, and it appears it made it into an Android patch release a couple of days ago.21:13
teK_because they did not give a shit about security as it 'only' was use after free?21:13
teK_or because they are slow?21:13
teK_or because some shady company dropped 0day on human rights activists21:13
teK_dunno21:13
frinnstbtw i was quoting a post21:14
frinnstindeed its worrysome21:14
teK_they simply dont label their patches and thats a bad decision21:14
frinnstACTION is pondering how to assign ipv6 addresses on the lan21:16
frinnstits like its a bigger decision than to set a hostname21:16
frinnst:666 is a given21:16
frinnstbut then what?21:16
frinnst:69 obviously21:16
teK_alle the hex codez?21:16
teK_-e21:17
teK_0xbdc0ded21:17
teK_deadbeaf21:17
teK_or just parts of that21:17
teK_I went with :{1..3}21:17
teK_;)21:17
teK_also: DHCP6 + autodiscover? ;-)21:17
frinnstcurrently using ra but thats lame21:22
teK_ra?21:30
frinnstrouter advertisement for routing and address generation based on mac address21:31
teK_ok21:33
teK_I have not looked into any of this..21:34
frinnstits a jungle21:34
frinnstbut pretty fun. shame its so difficult to play with (because nobody in sweden offers ipv6)21:35
teK_dont watch van hauser's (THC) talk on ipv6 at the CCC21:35
teK_yeah that's a pity21:35
frinnstwe got a /32 last summer. still not routed to us21:35
frinnstand my boss is dragging his heels to get it sorted21:37
frinnstwhy not?21:37
frinnstah the insecurity crap?21:37
teK_yeah21:39
frinnstnet.ipv6.conf.all.accept_ra=021:39
frinnstnet.ipv6.conf.all.autoconf=021:39
frinnst;; connection timed out; no servers could be reached21:39
frinnstawesome21:39
frinnstGIVE ME BACK MY FAT PIPE!21:39
teK_:))21:46
*** onodera has quit IRC23:42
*** onodera has joined #crux-devel23:42

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!