IRC Logs for #crux-devel Tuesday, 2019-10-15

*** TimB_ has joined #crux-devel00:12
*** junland has joined #crux-devel01:16
Romsterhttps://seclists.org/oss-sec/2019/q4/18 CVE-2019-14287 Sudo 1.8.28 has been today, October 14th, 2019 which includes a fix09:36
Romsterfor the following security-related issue which has been assigned09:36
RomsterCVE-2019-14287.  The information below is also available at09:36
Romsterhttps://www.sudo.ws/alerts/minus_1_uid.html09:36
jueI'm on it09:38
Romstercool09:39
ryuoRomster: excelsior was already patched.09:40
ryuonot that I think we needed it.09:40
Romsteronly us that has root already09:40
ryuoand afaik it only cropped up under non-default configurations.09:40
Romsteri think the really rare case of wehre sudo is set to let a user run some specific command09:41
Romsterwhere*09:41
ryuomakes me think setuid might be a better idea.09:41
ryuosetsuid09:41
ryuoa basic feature to run a program as a specific user regardless of who runs it09:42
frinnstuntil you update said program09:42
Romsterapparmor?09:42
Romsterbecause bugger selinux ugh09:43
ryuoRomster: Access denied. You are not authorized to fart.09:43
frinnstif sudo were to disappear lots of web developers would freak out09:43
frinnstthose that run sudo in front of everything09:43
frinnst"sudo ./install.sh"09:44
ryuoi don't like to install anything that requires root these days and can't just use the user directory.09:44
Romsteri don't like installing anything with out making a Pkgfile for it09:45
Romsternot like they are hard to throw one together09:46
*** chinarulezzz has joined #crux-devel09:53
Romsteris it just me or the sudo download is super slow10:27
Romsterwouldn't surprise me it's prob ably being hammered currently10:28
Romsterjue, https://pastebin.com/jr7c7GQ310:34
Romster# prt-get fsearch Xvlib.h10:35
RomsterFound in /usr/ports/xorg/xorg-libxv:10:35
Romster  /usr/include/X11/extensions/Xvlib.h10:35
Romsterwhy did you remove that dependency?10:35
Romsterrevdep reports no breakage10:35
*** chinarulezzz has quit IRC10:45
frinnstworks for me11:08
juebecause it's not needed, they removed xv from xvmc.pc but forget to remove the test for it from configure, thus libxvmc get linked against libxv, which is useless12:00
juethere's a comment in the Pkgfile12:00
jueAh I see, we still have a build-time dep to libxv, no problem for a regular install but building in a clean environment will break12:29
juejaeger: have you seen ticket 1774?12:50
jaegerI hadn't yet but I see it now. Will build the new one today and check out the mesa3d conflict13:43
*** pedja_hpmini has joined #crux-devel14:15
*** chinarulezzz has joined #crux-devel17:56
jaegerjue: ok, updating libglvnd to 1.2.0 and removing the duplicate headers from mesa3d works fine for me, haven't found any problems yet19:37
jaegerIt's not the cleanest thing to remove them but I assume they will be removed from mesa3d upstream in the near future19:52
jaegerThis is what I did, though if someone wants to make it more elegant, feel free:20:56
jaegerhttp://ix.io/1YMc20:56
*** chinarulezzz has quit IRC20:58
pedja_hpminiif i am reading the spec files correctly, opensuse is doing the opposite21:07
pedja_hpmininot shipping headers with libglvnd21:08
pedja_hpminibut I still haven't wrapped my head around how rpm packaging works, so who knows :)21:10
*** pedja_hpmini has quit IRC22:53
*** chinarulezzz has joined #crux-devel23:05

Generated by irclog2html.py 2.14.0 by Marius Gedminas - find it at mg.pov.lt!