On 2023/09/18 13:07:23 +0100, Stuart Henderson wrote:
> On 2023/09/18 11:07, Omar Polo wrote:
> > it uses c++ to build a sub-library (basis-universal) and to link, I
> > guess that's why c++ ends up in the wantlibs but doesn't link to
> > c++abi nor pthread... Here's why i'm not using COMPILER_LI
On 2023/09/28 22:10:08 +0300, Mikhail wrote:
> Core was generated by `rofi'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0 strlen () at /usr/src/lib/libc/arch/amd64/string/strlen.S:125
> 125 movq(%rax),%rdx /* get bytes to check */
> (gdb) bt
> #0
On 2023/09/28 08:31:12 +0200, Matthieu Herrb wrote:
> On Wed, Sep 27, 2023 at 09:39:32PM +0200, Matthieu Herrb wrote:
> > Hi,
> >
> > eltclsh 1.19 released
> > https://git.openrobots.org/news/291
> > Anthony Mallet
> >
> > h3. Changes
> >
> > * Fix off-by-one in brace parsing function (Arvid Bj
ftr, it still works fine for me.
Omar Polo wrote:
> Index: Makefile
> ===
> RCS file: /home/cvs/ports/games/taisei/Makefile,v
> retrieving revision 1.16
> diff -u -p -r1.16 Makefile
> --- Makefile 26 Sep 2023 09:41:42 - 1.1
Otto Moerbeek wrote:
> I can only guess about powerdns_recursor here, ads I do not have a
> modern Intel machine: it's the context switch assembly in boot-md. I
> have no clue yet how to fix this, I did not follow the IBT
> developments closely. Sadly I'll also be leaving for a holiday for a
> w
Cc:
+ Thomas Adam, Michael for fvwm3 expertise
- jasper since this is no longer about rofi
> > As a side note - yesterday I got very suspicious crash in fvwm3
> > during simple fvwm restart, I can't reproduce it, but the bt also had
> > __vfprintf in it, fvwm3 dev's said that it was very strange
Hello,
the following would update wtf(6) to 20230906 (from 20230828).
Does this need a quirk because the package name changes?
Marcus
Index: Makefile
===
RCS file: /cvs/ports/games/wtf/Makefile,v
retrieving revision 1.112
diff -u -
> I ran into a similar backtrace with Taisei [0]. Most seemingly it needs
> to USE_NOBTCFI=Yes as our Boost sits at 1.80.0, while CET was introduced
> in boost::context at 1.81.0 and updating Boost is not an option at this
> point.
>
> I successfully tested it with USE_NOBTCFI.
>
> [0]: https://g
On Sat, 30 Sept 2023 at 11:32, Theo Buehler wrote:
Hey all,
> ===
> RCS file: patches/patch-fvwm_infostore_c
> diff -N patches/patch-fvwm_infostore_c
> --- /dev/null 1 Jan 1970 00:00:00 -
> +++ patches/patch-fvwm_infostore_c
On Sat, Sep 30, 2023 at 11:43:10AM +0100, Thomas Adam wrote:
> On Sat, 30 Sept 2023 at 11:32, Theo Buehler wrote:
>
> Hey all,
>
> > ===
> > RCS file: patches/patch-fvwm_infostore_c
> > diff -N patches/patch-fvwm_infostore_c
> > ---
On Sat, Sep 30, 2023 at 12:42:53PM +0200, Theo Buehler wrote:
> > I ran into a similar backtrace with Taisei [0]. Most seemingly it needs
> > to USE_NOBTCFI=Yes as our Boost sits at 1.80.0, while CET was introduced
> > in boost::context at 1.81.0 and updating Boost is not an option at this
> > poi
On 2023/09/30 12:40, Marcus MERIGHI wrote:
> Hello,
>
> the following would update wtf(6) to 20230906 (from 20230828).
> Does this need a quirk because the package name changes?
changes in what way?
> Marcus
>
> Index: Makefile
>
On Sat, Sep 30, 2023 at 11:00:10AM +0200, Omar Polo wrote:
> I managed to reproduce it. It doesn't seem to fail with CWM, so I run
> fvwm3 inside Xephyr.
>
> The issue seems to be in source/xcb.c:
>
> (gdb) p wtitle.strings
> $2 = 0xf9d9ce2ce30 "FVWM", '\004' , '\337' times>, ...
>
> wtitle.st
On 2023/09/30 10:00, Omar Polo wrote:
> On 2023/09/18 13:07:23 +0100, Stuart Henderson wrote:
> > On 2023/09/18 11:07, Omar Polo wrote:
> > > it uses c++ to build a sub-library (basis-universal) and to link, I
> > > guess that's why c++ ends up in the wantlibs but doesn't link to
> > > c++abi nor
> http://build-failures.rhaalovely.net/sparc64/2023-09-28/archivers/snappy.log
(DIST_TUPLE issue in this and a couple of other ports, should now be fixed)
> http://build-failures.rhaalovely.net/sparc64/2023-09-28/devel/llvm/13.log
Error:
/usr/obj/ports/llvm-13.0.0/fake-sparc64/usr/local/llvm13/
On 9/30/2023 7:06 AM, Stuart Henderson wrote:
> On 2023/09/30 12:40, Marcus MERIGHI wrote:
>> Hello,
>>
>> the following would update wtf(6) to 20230906 (from 20230828).
>> Does this need a quirk because the package name changes?
>
> changes in what way?
>
wtf is boring and routine to update; i
With OpenBSD release fast approaching and considering the lack of solid
information about the vulnerabilities, I think we should probably mark
mail/exim BROKEN for now.
And also consider whether we want to keep this in ports at all...
The response to this was much weaker than I'd expect from maint
Le 30/09/2023 à 15:27, Stuart Henderson a écrit :
With OpenBSD release fast approaching and considering the lack of solid
information about the vulnerabilities, I think we should probably mark
mail/exim BROKEN for now.
And also consider whether we want to keep this in ports at all...
The respons
Stuart Henderson wrote:
> With OpenBSD release fast approaching and considering the lack of solid
> information about the vulnerabilities, I think we should probably mark
> mail/exim BROKEN for now.
That's almost too kind.
> And also consider whether we want to keep this in ports at all...
> Th
Hi,
I would be grateful for any clues on how to package a Haskell program that has
version 9.0.x on hackage, but the latest version on GitHub is 11.2.x and the
project appears to not be interested in hackage going forward. This is what I
have so far.
If I use the 9.0.1 line, I can at least do
Unfortunately I like/use exim for years - pretty simple config file syntax.
from here:
https://seclists.org/oss-sec/2023/q3/254
So... I suppose those fixes were shared also with Exim's OpenBSD manteiners?
--
Next contact with ZDI was in May 2023. Right after this contact we
created project bu
po...@phosphorus.com.br wrote:
> Unfortunately I like/use exim for years - pretty simple config file syntax.
Yes, you like unsafe software.
> https://seclists.org/oss-sec/2023/q3/254
>
> So... I suppose those fixes were shared also with Exim's OpenBSD manteiners?
Wow. Are you not listening?
On 30/09/2023 15:37, Theo de Raadt wrote:
Stuart Henderson wrote:
With OpenBSD release fast approaching and considering the lack of solid
information about the vulnerabilities, I think we should probably mark
mail/exim BROKEN for now.
That's almost too kind.
This is not the first time th
Hello,
It seems games/minecraft has been broken for quite a while. And is not
really maintained by qbit anymore anyway.
Also, you can easily run with the java version without this package
anyway. And that package is only some kind of helper script, which could
easily be replaced nowadays by "p
Right, it is not the first time.
Will it be the last time?
Doubtful.
If it won't be the last time, will the next time be just as bad?
For sure, because there is no security architecture in it.
I'll try to summarize my point.
When less-secure AND more-secure pieces of software exist in the
the same role/service area, I think it is valid for developers who
care about security of their userbase to *DEMOTE* the less-secure
variations.
This kind of "hide the garbage" policy needs to exist s
On 30/09/2023 16:32, Theo de Raadt wrote:
I'll try to summarize my point.
When less-secure AND more-secure pieces of software exist in the
the same role/service area, I think it is valid for developers who
care about security of their userbase to *DEMOTE* the less-secure
variations.
This kind
Renaud Allard wrote:
> On 30/09/2023 16:32, Theo de Raadt wrote:
> > I'll try to summarize my point.
> >
> > When less-secure AND more-secure pieces of software exist in the
> > the same role/service area, I think it is valid for developers who
> > care about security of their userbase to *DEMOT
My patch was incomplete -- str was still accessed later, after the
debug printf, so a better fix was due.
Mikhail sent my diff upstream[0], where was improved and committed[1]
a couple of hours ago. Here's an adaptation for the version we have
currently in tree.
[0]: https://github.com/davatoriu
On 2023/09/30 15:35, Solène Rapenne wrote:
> What would marking it BROKEN solve? People upgrading to 7.4 will keep
> the old version, but indeed new user won't be able to install it.
It would mean that new users won't be able to install it.
True it won't help 7.3-stable etc. But hard to say what
s...@spacehopper.org (Stuart Henderson), 2023.09.30 (Sat) 13:06 (CEST):
> On 2023/09/30 12:40, Marcus MERIGHI wrote:
> > Hello,
> >
> > the following would update wtf(6) to 20230906 (from 20230828).
> > Does this need a quirk because the package name changes?
>
> changes in what way?
It doesn't
On 30/09/2023 17:16, Stuart Henderson wrote:
So here's an alternative diff to disable SPA... (I have added a quirks
vulnerability marker on -current so pkg_add will warn about it - that
can go to -stable too).
That looks like a plaster on a wooden leg, but it's better than nothing.
The quirk
On Sat, Sep 30, 2023 at 04:24:24PM +0200, Renaud Allard wrote:
> Hello,
>
> It seems games/minecraft has been broken for quite a while. And is not
> really maintained by qbit anymore anyway.
> Also, you can easily run with the java version without this package anyway.
> And that package is only so
So here is the start of a port for a few RK3566 and RK3568 boards.
These boards currently need some binary blobs to run. And a LICENSE
file was added to the relevant repository that explicitly allows
redistribution of these blobs.
The default baudrate for the serial console is embedded in one of
34 matches
Mail list logo
