Checking the bug tracker should be the first spot to look for an answer
https://bugs.archlinux.org/task/68601
Local files got mixed after the test build as the tree contained a rebuild
bump. Just wait for -3 hitting the repos and upgrade to it.
Cheers
On October 7, 2020 11:58:52 PM GMT+02:00, karx via arch-general
wrote:
>On Wed, Oct 7, 2020 at 3:05 PM Jayesh Badwaik via arch-general <
>arch-general@archlinux.org> wrote:
>How long has the updated version been available? If it was just
>released
>then it will take some time for it to get
On 6/24/20 11:37 PM, arch user via arch-general wrote:
> Hello,
>
> the package usbguard was flagged out of date in november. Three new
> versions came out since then. A package update or any info on this would
> be greatly appreciated.
>
> Kind regards
>
The trust chain is broken as the
On 2/12/20 12:58 AM, Genes Lists via arch-general wrote:
> I've selected a few to highlight based on age and my own view of
> importance (no claim its a good view).
>
> So, here's a few that might benefit from an update:
>Cal Pkg
> Name
On 2/2/20 10:59 PM, Christopher W. via arch-general wrote:
> Hi. The wiki states that database signatures for pacman are currently
> a work in progress. It's been that way for a long time, so I assume
> there is no "progress" happening. What is currently in the way of this
> much-needed security
On 10/1/19 12:58 AM, Turritopsis Dohrnii Teo En Ming via arch-general wrote:
> Noted with thanks.
>
> [...]
@Turritopsis Dohrnii Teo En Ming
@José Vilmar Estácio de Souza
Please do not top-post. On all Arch mailing lists we have a bottom-post
policy for replies (it also makes reading posts more
On 6/21/19 8:25 AM, David C. Rankin wrote:
> After 5.12.1 is there any further mitigation needed for:
>
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11477
>
> related:
>
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-11478
>
On June 16, 2019 5:57:34 PM GMT+02:00, Eli Schwartz via arch-general
wrote:
>That being said, if you have signed the repository db then as you
>mentioned the sha256 checksums for the package file are securely
>signed,
>so you are guaranteed that use of pacman -S pkgname will securely
>verify
On April 4, 2019 7:11:07 PM GMT+02:00, Maarten de Vries via arch-general
wrote:
>A better fix is mentioned on the steam forum [1] by a WorMzy:
>> $ export
>LD_PRELOAD="/usr/lib/libgio-2.0.so.0:/usr/lib/libglib-2.0.so.0"
>> $ steam-native
>
>Apparently those libraries still come from the steam
As already stated, may you just wait until it's rules out, problems with other
packages fixed, rebuild and replaced? Thanks
On February 14, 2019 12:17:02 AM GMT+01:00, "brent s."
wrote:
>On 2/13/19 5:18 PM, Doug Newgard via arch-general wrote:
>> On Wed, 13 Feb 2019 15:25:19 -0500
>> "brent s." wrote:
>>
>>> On 2/13/19 3:16 PM, Storm Dragon via arch-general wrote:
Hi,
I'm having some issues with
On 9/17/18 6:27 PM, Doug Newgard via arch-general wrote:
>
> Going forward with the new release policies, would it be better to just have
> an
> openjdk/openjre package that's always the latest version, then versioned
> packages for the lts releases, such as they are?
>
This is exactly what
On 9/10/18 7:31 PM, Geo Kozey wrote:
>>
>> From: Levente Polyak
>> Sent: Mon Sep 10 18:42:14 CEST 2018
>> To: Geo Kozey
>> Cc: General Discussion about Arch Linux
>> Subject: Re: [arch-general] AppArmor support
&
On 9/10/18 5:58 PM, Geo Kozey wrote:
> I think you may consider disabling CONFIG_PANIC_ON_OOPS in linux-hardened
> default config. Preventing users from being able to debug and report their
> issues upstream or even discouraging them from using linux-hardend at all is
> quite a big cost of it.
On 9/10/18 1:43 PM, Carsten Mattner wrote:
> On 9/10/18, Levente Polyak via arch-general
> wrote:
>> Just a crazy idea but how about contributing back instead of just
>> complaining? People on the bug tracker always help guiding how to report
>> upstream or finding releva
On 9/9/18 10:26 PM, Carsten Mattner via arch-general wrote:
> On 9/9/18, Gus wrote:
>> Linux-hardened doesn't support hibernation and i think it's overkill to
>> use it on desktop.
>
> Not arguing in anyway for or against AppArmor, just another
> data point regarding linux-hardened 4.17 and
On July 30, 2018 5:14:56 PM GMT+02:00, "данила кивер via arch-general"
wrote:
>
>I want one of his packages (
>https://www.archlinux.org/packages/extra/x86_64/visualvm ) to be
>updated because an important bug was fixed in the upstream (I've
>already built this package, installed and tested
On 07/23/2018 10:43 AM, Ralf Mardorf wrote:
> [1]
> 4.17.8 still in Core allegedly also contains it.
>
> $ grep pkg.e.= linux/repos/core-x86_64/PKGBUILD
> pkgver=4.17.8
> pkgrel=1
> $ grep SALSA linux/repos/core-x86_64/config
> CONFIG_CRYPTO_SALSA20=m
> CONFIG_CRYPTO_SALSA20_X86_64=m
>
> I
On April 7, 2018 6:18:39 AM GMT+02:00, "David C. Rankin"
wrote:
>On 04/01/2018 07:43 PM, David C. Rankin wrote:
>>
>>
>> I was looking for confirmation of the bug and whether the devs want
>it
>> filed here to track or to not waste time filing with Arch and just
On March 2, 2018 12:38:33 PM GMT+01:00, Dan Haworth wrote:
>On 02/03/18 11:17, Alajos Odoyle wrote:
>> On 2018-03-02 11:38, Dan Haworth wrote:
>>>
>>> I had the same issue, seems to be related to the following bug
>>> https://github.com/mono/mono/issues/6752. I downgraded
On 01/08/2017 08:11 AM, David C. Rankin wrote:
> I'll download a new iso and try, but I'd be
> surprised if an iso less than 5 months old no longer works?
>
Well IMO 5 months is pretty damn ancient in the Arch Linux world. :p
Most of the time a simple keyring package update does the trick:
On 12/16/2016 06:03 AM, Eli Schwartz via arch-general wrote:
> On 12/15/2016 08:35 PM, fnodeuser wrote:
>> what i said is that the users must check the integrity of the sources too.
>> it is not something that only the package maintainers must do.
>> the users must check the PKGBUILD files to
On 10/31/2016 10:50 PM, Leonid Isaev wrote:
> On Mon, Oct 31, 2016 at 06:04:48PM +0100, Levente Polyak wrote:
>> I get your point what you try to achieve but the PKGBUILD already
>> contains the integrity values (checksums) for all external sources and
>> if you sig
On 10/31/2016 04:43 PM, Patrick Burroughs (Celti) wrote:
> On Mon, 31 Oct 2016 16:16:21 +0100
> Levente Polyak <anthr...@archlinux.org> wrote:
>
>> On 10/31/2016 04:03 PM, Patrick Burroughs (Celti) wrote:
>>> As a middle ground, I think it would be more rea
On 10/31/2016 04:03 PM, Patrick Burroughs (Celti) wrote:
> As a middle ground, I think it would be more reasonable (or at least,
> less unreasonable) to modify makepkg to allow signing PKGBUILDs, or at
> least parts of them. For an existing example, OpenBSD's signify(1) uses
> their cryptographic
On 10/23/2016 03:10 PM, Roel de Wildt via arch-general wrote:
>
> Do I need something to change to make it working against 4.0.x?
>
After a rough look I can't reproduce your issue by playing around with
the config, it just works. Something seems to eat up the responses.
A better place for
On 07/10/2016 11:05 AM, pelzflorian (Florian Pelz) wrote:
> [...] Bundles ship with the version
> of their dependencies which they need. Dependencies are not
> force-upgraded with the operating system, but easily upgradable by the
> bundle creator.
We, as the Security Team, are strongly against
On 06/13/2016 12:59 AM, David C. Rankin wrote:
> [...] prevent whip-sawing all arch users who following the
> recommendation in configuring their desktop from finding out their config is
> broken on the first reboot after update following removal.
>
That's highly overdramatized, isn't it? Lets
On 06/01/2016 07:02 PM, Jude DaShiell wrote:
> I've been reading a thread on aur-general about too many loose git
> objects and it appears the problem may be on the aur server not a user's
> machine and git prune needs to be run. I am concerned that all of the
> current technical difficulties may
On 05/16/2016 05:47 PM, Information Technology Works wrote:
> I also don't understand the lack of discussion on something this
> important by other devs. one person had concerns about various things
> and another mentioned whether upstream would support it and that was it.
> I was hoping to at
On 03/12/2016 11:29 PM, Harley W wrote:
> I've been using Compton on my laptop for about a year without any issues.
> Recently, I noticed that transparency stopped working, and even more
> recently, shadows stopped working. If I try calling Compton from the command
> line I get an error saying
On 03/07/2016 01:04 PM, Harrison Wells wrote:
> Haven't reported in security list before. Should I just repost my previous
> message?
It's a announcement only mailing list, discussions should go here
(arch-general) and most of the time we also notice and read that.
However to directly report or
On 01/28/2016 04:29 PM, Elmar Stellnberger wrote:
> Now there are different opinions about this:
> Some people certainly estimate comments, questions and discussion about
> security issues which do not solely pertain to updates of packages for
> already known security issues. Allowing discussion
On 01/25/2016 10:27 AM, Damjan Georgievski wrote:
> huh, now what?
> [...]
> gpg: keyserver refresh failed: Permission denied
As the error message indicates, you need to do that as root.
It's also possible to grab the new archlinux-keyring package from [testing].
cheers,
Levente
signature.asc
On 01/25/2016 03:17 AM, Jayesh Badwaik wrote:
> Hi,
>
> I'm receiving message about unknown trust while trying to install the confuse
> package.
>
Looks like people tend to forget about updating pacman keyring.
pacman-key --refresh-keys
cheers,
anthraxx
signature.asc
Description:
On 01/27/2015 05:42 PM, Ido Rosen wrote:
Hi Allan others,
This is a pretty big remote vulnerability, with a big attack
surface. I'm not sure if this is the right list to be sending it to,
but I'd suggest patching glibc right away. I think RedHat's already
released an RHEL5 backported
besides the upstream stable release discussion (which i will leave out
here) i have two small questions:
On 12/17/2014 03:03 PM, Ido Rosen wrote:
On the gnupg-devel mailing list I've seen a few
potentially serious security issues with it.
No offense, but out of interest:
Could you please point
On 12/17/2014 07:32 PM, Ido Rosen wrote:
Several security patches went into 2.1 after its release, and there
continue to be patches submitted for minor issues that are borderline
security/usability issues in the bug fix category. Most of those
bugs at worst result in DoSes, but two of them in
38 matches
Mail list logo