On Fri, Jun 13, 2014 at 02:48:05PM -0400, Jon Bernard wrote:
> Heya, I just created a small utility that dumps the porterbox machine
> list to stdout, which makes looking up a test machine for a particular
> architecture much quicker (at least for me).
I'll add my script[0] to the list as well. I
On Fri, Jun 13, 2014 at 06:51:44PM +, Jacob Appelbaum wrote:
> I would expect that if the NSA wanted to take control of the RDRAND or
> the rest of the CPU, they'd dynamically update the microcode in the
> CPU to change how it behaves. To do this, it appears that they'd need
> to sign a microco
Package: wnpp
Severity: wishlist
Owner: Andreas Tille
* Package name: r-cran-bbmisc
Version : 1.6-1
Upstream Author : Bernd Bischl
* URL : http://cran.r-project.org/web/packages/BBmisc/
* License : BSD
Programming Lang: R
Description : GNU R Miscellane
On Fri, 13 Jun 2014, Jon Bernard wrote:
> https://github.com/jbernard/porterbox
Ick.
I usually just spell that "ldapsearch".
ldapsearch -h db.debian.org -x -b dc=debian,dc=org 'purpose=porterbox'
My shell history suggests I tend to throw in a couple of things to pretty up
the output (an
Package: wnpp
Severity: wishlist
Owner: Emmanuel Bourg
* Package name: openjdk-9
Version : 9~b17
Upstream Author : Oracle Corporation
* URL : http://openjdk.java.net
* License : GPL-2 with Classpath Exception
Programming Lang: Java, C++
Description : Op
Joey Hess wrote:
> int cpu_has_rdrand()
> {
> uint32_t ax,bx,cx,dx,func=1;
> __asm__ volatile ("cpuid":\
> "=a" (ax), "=b" (bx), "=c" (cx), "=d" (dx) : "a" (func));
> return (cx & 0x4000);
> }
That's actually buggy on any platform building position-independent code
(com
* Jon Bernard , 2014-06-13, 14:48:
I just created a small utility that dumps the porterbox machine list to
stdout, which makes looking up a test machine for a particular
architecture much quicker (at least for me). I wasn't aware of anything
like this in existence, please correct me if I'm wron
On 6/13/14, Theodore Ts'o wrote:
> On Fri, Jun 13, 2014 at 10:09:02AM +0200, Martijn van Oosterhout wrote:
>> > Excuse me if I'm blunt here, but I understand that, on the point of
>> > using entropy to seed a PRNG, if you have several shitty entropy
>> > sources and one _really_ good one, and you
Heya, I just created a small utility that dumps the porterbox machine
list to stdout, which makes looking up a test machine for a particular
architecture much quicker (at least for me). I wasn't aware of anything
like this in existence, please correct me if I'm wrong. Maybe someone
will find it u
Henrique de Moraes Holschuh wrote:
> Now, the kernel can soft-blacklist RDRAND (and RDSEED) usage[2]. In that
> case, the kernel won't use it and it disappears from /proc/cpuinfo, and we
> could do that also to avoid processor errata, not just due to user request.
> However, AFAIK kernel blacklist
Package: wnpp
Severity: wishlist
Owner: Markus Frosch
* Package name: icinga2
Version : 2.0.0~beta2
Upstream Author : Icinga Development Team
* URL : http://www.icinga.org/
* License : GPL-2+ with OpenSSL exceptions
Programming Lang: C++ with Boost
Descrip
On Fri, Jun 13, 2014 at 10:09:02AM +0200, Martijn van Oosterhout wrote:
> > Excuse me if I'm blunt here, but I understand that, on the point of
> > using entropy to seed a PRNG, if you have several shitty entropy
> > sources and one _really_ good one, and you xor them all together, the
> > resultin
On Wed, 11 Jun 2014, Joey Hess wrote:
> I don't have a stong opinion on the security of RDRAND, which is a
> contentious topic in a domain I am not expert in. However, I would much
> rather rely on linux developers to make the right decision on that,
> rather than libraries deciding on an ad-hoc ba
On Fri, 13 Jun 2014 13:13:17 +0200
Harald Dunkel wrote:
> Hi folks,
>
> would it be reasonable to introduce a new bug severity
> "new upstream"?
That's not a single severity, it is just one part of the bug itself.
New upstream versions can be a bad idea and require significant work to
harmoni
Martijn van Oosterhout dijo [Fri, Jun 13, 2014 at 10:09:02AM +0200]:
> > Excuse me if I'm blunt here, but I understand that, on the point of
> > using entropy to seed a PRNG, if you have several shitty entropy
> > sources and one _really_ good one, and you xor them all together, the
> > resulting o
Hi folks,
would it be reasonable to introduce a new bug severity
"new upstream"?
Regards
Harri
--
To UNSUBSCRIBE, email to debian-devel-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: https://lists.debian.org/539adccd.9040...@aixi
On Fri, Jun 13, 2014 at 12:50 PM, Eugene Zhukov wrote:
> Hello,
>
> I'm struggling to get debian/watch working for the package jing-trang.
> The problem is upstream says Google no longer allows publishing
> tarballs under [0]. So they only have tag for the latest release [1].
> My question is, is
On 13/06/14 11:50, Eugene Zhukov wrote:
> I'm struggling to get debian/watch working for the package jing-trang.
> The problem is upstream says Google no longer allows publishing
> tarballs under [0].
We are having the same problem with the abcde package, our solution has
been to move the code ba
Hello,
I'm struggling to get debian/watch working for the package jing-trang.
The problem is upstream says Google no longer allows publishing
tarballs under [0]. So they only have tag for the latest release [1].
My question is, is it possible to write a d/watch file for that?
[0] https://code.goo
At Thu, 12 Jun 2014 18:35:39 +0200,
Christoph Anton Mitterer wrote:
>
> On Thu, 2014-06-12 at 10:30 +0200, Thorsten Glaser wrote:
> > The buildd-related software (and most people when doing manual builds
> > with cowbuilder) uses “apt-get source foo” to download the file, fully
> > assuming that
On 13 June 2014 06:27, Gunnar Wolf wrote:
>
> Excuse me if I'm blunt here, but I understand that, on the point of
> using entropy to seed a PRNG, if you have several shitty entropy
> sources and one _really_ good one, and you xor them all together, the
> resulting output is as random as the best
There was a thread on d-private in early March about the benefits and
downsides to to requiring every DD and aspiring DD to sign their
messages. One of the reasons raised for not doing it is some felt
uncomfortable carrying around their GPG keys when travelling.
My initial reaction was "that's be
22 matches
Mail list logo
