On 08/15/2017 08:00 PM, Peter Silva wrote:
Isn't there kind of a universal issue that tar and compression happen
sort of in the wrong order? Wouldn't it make more sense to make files
that were .gz.tar (ie. compress the files individually, then have an
index into them via tar.)
That way gives a
On Wed, Aug 16, 2017 at 01:38:11AM +0200, Julian Andres Klode wrote:
> bsdiff was specifically invented for patching binaries. See the
> evaluation I posted a (few) hour(s) ago. It's used succesfully by
> FreeBSD, Chrome, Android, Apple App Store, and other places.
[...]
> Especially for security
Hi!
While this sounds indeed interesting, I think it's impractical for at
least the two reason below:
On Tue, 2017-08-15 at 09:26:24 +0200, Christian Seiler wrote:
> AFAQ (Anticipated frequently asked questions):
>
> Q: How can you reconstruct a tarball from the installed system? Won't
>that
Hi,
Julian Andres Klode wrote:
> Today's research has shown that rolling hashes do not perform well
> on executables because of changing offsets and so on destroying the
> hashes. There were no measurable space savings when adding fairly
> similar firefox releases to either a casync or borg repos
Hi intri,
> tl;dr: I hereby propose we enable AppArmor by default in testing/sid,
> and decide one year later if we want to keep it this way in the
> Buster release.
So… in the spirit of taking (reversible!) risks, can you briefly outline
what's blocking us enabling this today? :)
Best wishes,
Hey intri,
> 1. Use the simplest of systemd's hardening features (e.g.
>Protect{Home,System}=, Private{Devices,Tmp,Network}=,
>CapabilityBoundingSet=) to their full extend.
>
>Not many unit files we ship do that yet. Generally these
>improvements can be implemented upstream and be
Isn't there kind of a universal issue that tar and compression happen
sort of in the wrong order? Wouldn't it make more sense to make files
that were .gz.tar (ie. compress the files individually, then have an
index into them via tar.) Then tar works perfectly well for
extracting individual files
On Sun, Aug 13, 2017 at 12:38:56PM +0300, Adrian Bunk wrote:
> On Sat, Aug 12, 2017 at 02:16:21PM -0400, Julian Andres Klode wrote:
> >...
> > I think delta debs are generally a thing we should aim to have,
> >...
>
> It sounds like something that would have been a cool feature 20 years
> ago when
On Sun, Aug 13, 2017 at 10:53:16AM -0400, Peter Silva wrote:
> You are assuming the savings are substantial. That's not clear. When
> files are compressed, if you then start doing binary diffs, well it
> isn't clear that they will consistently be much smaller than plain new
> files. it also isn'
On Tue, Aug 15, 2017 at 05:04:50PM +0200, Kurt Roeckx wrote:
> My problem is that if we don't do something, TLS 1.0 will be used
> for an other 10 year, and that's just not acceptable.
The usage of TLS in the wild does not rely on you. Neither its does to
Debian, IMHO.
Now, when talking about th
On Sat, Aug 12, 2017 at 02:16:21PM -0400, Julian Andres Klode wrote:
> Hi everyone,
>
> (I CCed -devel and deity, but we probably should just discuss
> that on -dpkg)
>
> while breakfast here at DebConf, the topic of delta upgrades
> came up. I think delta debs are generally a thing we should
>
On Tue, Aug 15, 2017 at 09:26:24AM +0200, Christian Seiler wrote:
> Hi there,
>
> I've come to believe that binary diff packages are not the best way of
> solving this issue. Intead I'd like to propse a radically different
> solution to this issue.
>
> The gist of it: instead of adding a format f
On Tue, Aug 15, 2017 at 10:43:08AM -0700, Michael Lustfield wrote:
> I don't think it was answered... Is there an actual reason that this needs
> to be handled urgently? Is TLSv1.0/v1.1 considered broken?
Yes.
Kurt
On viernes, 4 de agosto de 2017 19:31:36 -03 intrigeri wrote:
> Hi!
>
> tl;dr: I hereby propose we enable AppArmor by default in testing/sid,
> and decide one year later if we want to keep it this way in the
> Buster release.
>
> My goals when initiating this discussion are:
>
> - Get a rough i
On Aug 15, 2017 08:05, "Kurt Roeckx" wrote:
> Do you really think that big companies like cable provides give a
> about what Debian deprecates? I was personally fighting with similar
> problems in Firefox and the internal side at my university.
My problem is that if we don't do something,
On Fri, Aug 11, 2017 at 02:52:56PM +0200, Marco d'Itri wrote:
> On Aug 11, Marco d'Itri wrote:
>
> > but I see on your link that Android pre-5.x still has a ~25% market
> > share, so unless it will drop a lot in the next year I do not think that
> > we can cut them off from Debian-based web ser
On Tue, Aug 15, 2017 at 05:04:50PM +0200, Kurt Roeckx wrote:
> On Tue, Aug 15, 2017 at 10:49:05PM +0900, Norbert Preining wrote:
>...
> > Do you really think that big companies like cable provides give a
> > about what Debian deprecates? I was personally fighting with similar
> > problems i
Kurt Roeckx writes:
[...]
>
> Disabling the protocols is the only way I know how to identify
> all the problems. And I would like to encourage everybody to
> contact the other side if things break and get them to upgrade.
And who pay for new windows licenses (And I do not know if ever windows
10
> Disabling the protocols is the only way I know how to identify
> all the problems. And I would like to encourage everybody to
> contact the other side if things break and get them to upgrade.
So you make the decision that everyone should talk to their providers
etc.? I can actually understand yo
On Tue, Aug 15, 2017 at 10:49:05PM +0900, Norbert Preining wrote:
> Hi Kurt,
>
> I read your announcement on d-d-a, but due to moving places
> I couldn't answer.
>
> I consider the unconditional deprecation of TLS 1.0 and 1.1
> a very wrong move.
>
> Be strict with what you are sending out, but
Hi Kurt,
I read your announcement on d-d-a, but due to moving places
I couldn't answer.
I consider the unconditional deprecation of TLS 1.0 and 1.1
a very wrong move.
Be strict with what you are sending out, but relaxed with what
you receive.
This paradigm is hurt by this move and our users at
Dear Andreas.
Thank you for the clarification. I personally didn't file that bug but I
was planning to. Since it was exactly what I was planning to describe I
just referenced it. Last night I was trying to rebuild libgda from stable
with "--with-ui" argument. I got an error when start compiling te
On 31 July 2017, Ondřej Surý wrote:
> I am looking for a new maintainer for opendnssec and softhsm package.
> Honestly, I am not using neither, and it's quite hard to do a packaging
> when you don't use the packages in question, and I think the package
> suffer as a consequence, and I very much dis
Hello Pavlo Solntsev,
On Mon, Aug 14, 2017 at 03:10:59PM -0500, Pavlo Solntsev wrote:
> Hello,
> I am not sure where I should direct my question. There is a bug #862251 for
> libgda-5.0 package. UI modules are not compiled and not available.
> Basically, I have to manually compile those. The bug i
Sven Hartge writes:
[...]
>
> Not everything is regulated by the PCI council.
>
> If, after upgrading to Buster, suddenly 25% of the students of my
> university can no longer connect to the wireless network, it will be
> hell on earth for me and my support staff.
>
> It is nice to say "well, then
Hi there,
I've come to believe that binary diff packages are not the best way of
solving this issue. Intead I'd like to propse a radically different
solution to this issue.
The gist of it: instead of adding a format for how deltas work, I
propose to introduce a new format for storing Debian packa
26 matches
Mail list logo
