won't remove the kernel's menu entry. I don't know what's worse,
or how much it matters given the unlikeliness of removing linux-base.
Ben.
--
Ben Hutchings
Tomorrow will be cancelled due to lack of interest.
signature.asc
Description: This is a digitally signed message part
On Sun, 2025-05-04 at 15:58 +, Bill Allombert wrote:
> Le Sat, May 03, 2025 at 04:08:55PM +0200, Ben Hutchings a écrit :
> > Hi all,
> >
> > I'm proposing to add a linux-run-hooks command to the linux-base package
> > [1] that will then be used in all m
[2] https://salsa.debian.org/kernel-team/linux/-/merge_requests/1493
--
Ben Hutchings
It is impossible to make anything foolproof
because fools are so ingenious.
signature.asc
Description: This is a digitally signed message part
mpiled without optimizations on i386:
> https://salsa.debian.org/debian/rust-wide/-/blob/debian/latest/debian/patches/2001_fail_non-sse2-x86.patch
[...]
That's unfortunate. However, I think this a short-term problem. Since
we no longer ship an i386 kernel, after the trixie release we should be
_main_binary-amd64_Packages
Package: libgm2-0
Package: genometools-common
Package: libpth-dev
Package: zhcon
but it does seem like it can be dropped now.
Ben.
--
Ben Hutchings
If more than one person is responsible for a bug, no one is at fault.
signature.asc
Description: This is a digitally signed message part
;t need
> nor use the symlinks, are they still created. For most systems, they're
> superfluous.
>
> iustin, who also dislikes these and always needs to disable them
I agree they are not normally needed, but I just never got round to
changing the default.
Ben.
--
Ben Hutchings
O
ach bracket replaced with '*' (wildcard).
(This is also useful for covering usr-move differences in packages
that get backported.)
Ben.
--
Ben Hutchings
No political challenge can be met by shopping. - George Monbiot
signature.asc
Description: This is a digitally signed message part
On Mon, 2024-10-21 at 00:49 +0200, наб wrote:
> On Sun, Oct 20, 2024 at 11:39:36PM +0200, Ben Hutchings wrote:
> > On Sun, 2024-10-20 at 20:03 +0200, наб wrote:
> > > I'd like to use an epoch so I'm asking for consensus per policy 5.6.12.
> > >
> > >
nothing to lose", is it
really suitable to replace the current implementation?
Perhaps it would be better not to provide any replacement until fuse-
ext2 is more mature - at which point its version may have increased
such that an epoch is not necessary.
Ben.
--
Ben Hutchings
Usenet i
away from using the Apache name, so if that package
is to be renamed then something like "asf-httpd" would be better.
Ben.
--
Ben Hutchings
Klipstein's 4th Law of Prototyping and Production:
A fail-safe circuit will destroy others.
signature.asc
De
> the source package signify.
>
> Renaming signify-openbsd(src) to signify(src) was *not* suggested.
I think it's reasonable to do that too, though it is less important.
Ben.
--
Ben Hutchings
If more than one person is responsible for a bug, no one is at fault.
signature.asc
Description: This is a digitally signed message part
ource package name, but for a different package?
[...]
There are 2 prominent examples:
- chromium (the original chromium is now chromium-bsu)
- git (the oriignal git is now gnuit)
Ben.
--
Ben Hutchings
If more than one person is responsible for a bug, no one is at fault.
signature.asc
Description: This is a digitally signed message part
On Sat, 2024-10-05 at 20:15 +0200, Simon Josefsson wrote:
> Ben Hutchings writes:
>
> > On Sat, 2024-10-05 at 12:31 +0200, Simon Josefsson wrote:
> > [...]
> > > This will rename the binary package to 'signify-mail', as suggested in
> > > the first b
And of course, a situation like that is also confusing to humans.
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve it makes it worse.
signature.asc
Description: This is a digitally signed message part
when that is uploaded, and as we
> try to keep packages uptodate a new soname is normally uploaded every time
> it's bumped by the upstream.
But we *don't* rebuild when there is not an soversion bump, so the
previous unintended ABI changes in libfuse3-3 may well have caused
silent is
at right?
This would mean that a driver needed for the internal keyboard was
missing. The keyboard-configuration package wouldn't help with this.
We'll need to update the list of drivers included in the installer.
Ben.
--
Ben Hutchings
Man invented language to sa
it heads-up.
I've made a team upload of iproute2 (version 6.10.0-2) with this change
reverted.
Luca, please leave the symlink in place at least as long as there are
packages that rely on it.
Ben.
--
Ben Hutchings
All the simple programs have been written, and all the good names taken
signature.asc
Description: This is a digitally signed message part
ou think will be needed
from us?
Ben.
--
Ben Hutchings
friends: People who know you well, but like you anyway.
signature.asc
Description: This is a digitally signed message part
.com/en/resources/product-security/support-policy.html>.)
I also don't think these vulnerabilities are likely to be a practical
concern for people using 32-bit-only CPUs. But we definitely should
discourage users from using i386 kernel packages on 64-bit-capable
hardware, if we don'
isn't necessary because "reportbug kernel" automagically does
the right thing.
Ben.
--
Ben Hutchings
Experience is what causes a person to make new mistakes
instead of old ones.
signature.asc
Description: This is a digitally signed message part
ansition would be desirable for group (b) but would make i386 useless
for group (a). There was some talk then about creating a new port like
"i386t64" for use by group (b), while i386 would serve group (a) only.
Did anything come of this?
Ben.
--
Ben Hutchings
I say we take off; nuke the site from orbit.
It's the only way to be sure.
signature.asc
Description: This is a digitally signed message part
erry Trail devices in Debian amd64. Bookworm has added it (moved it from
> multi-arch iso to amd64 isos), but trixie seems to be dropping it. If Debian
> thinks 2015 is ancient enough in 2025, this suggestions can be ommited.
[...]
You should ask about that on the debian-cd or debian-boot list.
this point.
>
> The T60 will do amd64.
[...]
According to thinkwiki, the T60 had CPU options of Core Solo/Duo (32-
bit) and Core 2 Duo (64-bit) CPUs, so this may or may not be correct.
Ben.
--
Ben Hutchings
Horngren's Observation:
Among economists, the real world is often a special case.
signature.asc
Description: This is a digitally signed message part
On Wed, 2023-10-18 at 14:01 +0200, Ben Hutchings wrote:
> On Tue, 2023-10-17 at 20:03 +0200, Ben Hutchings wrote:
> > On Tue, 2023-10-17 at 10:57 -0500, Justin wrote:
> > > Hello all,
> > >
> > > I have recently encountered a case where a VIA C3 N
On Tue, 2023-10-17 at 20:03 +0200, Ben Hutchings wrote:
> On Tue, 2023-10-17 at 10:57 -0500, Justin wrote:
> > Hello all,
> >
> > I have recently encountered a case where a VIA C3 Nehemaiah CPU returns
> > "Illegal
> > Instruction" when trying to
-compatible).
[...]
ENDBR32 uses one of the previously reserved hint encodings that i686
processors are supposed to ignore if they don't specifically support
them. The release notes for Debian 12 "bookworm" state that the i386
architecture now requires that:
https://www.debian.org
ee we should not have UDisks probing for any of the (many) kernel
filesystems that aren't being actively maintained including responding
to security issues.
Beyond that, I would also like to see libmount limiting the filesystems
that it will probe when the fstab type is "auto". But
Package: wnpp
Severity: wishlist
Owner: Ben Hutchings
X-Debbugs-Cc: debian-devel@lists.debian.org, debian-ker...@lists.debian.org,
Steve Dickson , Chuck Lever III
* Package name: ktls-utils
Version : 0.9
Upstream Contact: kernel-tls-handsh...@lists.linux.dev
* URL
to test the next release,
installation images for that are at
<https://www.debian.org/devel/debian-installer/>.
Please report back whether you still have problems after using one of
these installers.
Ben.
--
Ben Hutchings
The two most common things in the universe are hydrogen and stupidity.
signature.asc
Description: This is a digitally signed message part
> # makes somewhat smaller initrd files and buys some time
> COMPRESS=zstd
[...]
This is the default in bookworm.
Ben.
--
Ben Hutchings
If the facts do not conform to your theory, they must be disposed of.
signature.asc
Description: This is a digitally signed message part
If PipeWire does, I think
that's a serious limitation in PipeWire, and it is not ready for us to
make it the default.
Ben.
--
Ben Hutchings
Design a system any fool can use, and only a fool will want to use it.
signature.asc
Description: This is a digitally signed message part
of whatever is the
> preferred replacement.
--
Ben Hutchings
Man invented language to satisfy his deep need to complain.
- Lily Tomlin
signature.asc
Description: This is a digitally signed message part
headers-5.10.0-11-amd64. So long as you
install the metapackage linux-headers-amd64, replacements like this
should be upgraded automatically.
> libirs-export161_1:9.11.19+dfsg-2.1
This is the only version available in Debian. It is built separately
from bind9 and is only used by the ISC DHC
ed list of
> > valgrind architectures in sync between my debian/control and
> > debian/rules.
>
> if which valgrind >/dev/null; then
This should use "command -v", not which, I think?
Ben.
--
Ben Hutchings
Beware of programmers who carry screwdrivers. - Leonard Brandwein
signature.asc
Description: This is a digitally signed message part
mp;apropos=0&sektion=0&manpath=CentOS+7.1&arch=default&format=html>,
<https://carlowood.github.io/which/> (1999 or earlier). This is
written in C.
So 'which' has a very long history in csh, which was the default
interactive shell in many versions of Unix. Its a
licy/ch-source.html#main-building-script-debian-rules>.
>
That has no effect in this case. The makefile being used is
debian/rules.gen, not debian/rules.
Ben.
--
Ben Hutchings
We get into the habit of living before acquiring the habit of thinking.
t suggested on
> [1]?
Because no-one thought to add them yet.
Please report this as a bug in the "kernel-handbook" package (which is
the source for this web site). If you can provide a patch, that would
be even better.
Ben.
> Best,
> Antonio
>
> [1]
> https://kerne
checksums of the orig tarball. I would take this
up with the FTP team.
Ben.
--
Ben Hutchings
It is a miracle that curiosity survives formal education.
- Albert Einstein
signature.asc
Description: This is a digitally signed message part
re. For
AMD hardware the amdgpu driver absolutely requires it; the others might
be semi-functional without.
Ben.
--
Ben Hutchings
Computers are not intelligent. They only think they are.
signature.asc
Description: This is a digitally signed message part
that don't
need an initramfs are also supported options.
Ben.
--
Ben Hutchings
Experience is directly proportional to the value of equipment destroyed
- Carolyn Scheppner
signature.asc
Description: This is a digitally signed message part
table kernel branches (KAISER) was sufficiently
different from that used upstream, that i386 support has not been added
to it.
As a result, stretch:i386 is still vulnerable when running the default
(4.9-based) kernel.
Ben.
--
Ben Hutchings
Once a job is fouled up, anything done to improve
Package: wnpp
Severity: wishlist
Owner: Ben Hutchings
* Package name: jinja-vanish
Version : 0.2~gitXXX
Upstream Author : Marc Brinkmann
* URL : https://github.com/mbr/jinja-vanish
* License : Expat
Programming Lang: Python
Description : Jinja2
rn first? C or C++?
> Thanks in advance!
If you hate system programming, why pick a system programming language?
But if you want to do it anyway, Rust is another option to consider.
Ben.
--
Ben Hutchings
It is a miracle that curiosity survives formal education.
o unlikely to have a test suite. They might build,
> but the resulting binaries might not work.
Which is why I think we need to rebuild anyway, and have users of
testing/unstable report such regressions.
Ben.
--
Ben Hutchings
It is a miracle that curiosity survives formal education.
correctly with the current build tools (failure to
build at all would usually be caught and reported, though)
I think we should be rebuilding everything at least once per release
cycle, so we don't have a nasty surprise when these "mature" packages
need bug fixes.
Ben.
--
Ben H
uot; or something similar will
> be implemented to solve this.
Linux 5.6 introduces time namespaces - though currently they only allow
offsets to monotonic clocks (so containers can have monotonic time when
migrated), not CLOCK_REALTIME.
Ben.
--
Ben Hutchings
Tomorrow will be cancelled due to lack of
se-notes/ch-information.en.html#late-mounting-usr
So although usrmerge is optional, I believe there is no need to install
libraries under /lib except for the dynamic linkers (which the kernel
loads using absolute paths).
Ben.
> TIA, cu Andreas
--
Ben Hutchings
Any sufficiently advanced bug i
On Sat, 2020-02-15 at 18:26 +0100, Geert Stappers wrote:
> On Sat, Feb 15, 2020 at 05:02:03PM +0000, Ben Hutchings wrote:
> > On Sat, 2020-02-15 at 14:16 +0100, Harald Dunkel wrote:
> > > Hi folks,
> > >
> > > I am maintainer for mg, currently on salsa. Proble
or, I
don't think it is viable to keep the Debian packaging in the upstream
project's repository.
Ben.
--
Ben Hutchings
Any sufficiently advanced bug is indistinguishable from a feature.
signature.asc
Description: This is a digitally signed message part
o use (or are not allowed to use) Github.
Ben.
> Every helpful comment is highly appreciated
> Harri
>
> https://github.com/hboetes/mg
> https://salsa.debian.org/debian/mg
--
Ben Hutchings
Any sufficiently advanced bug is indistinguishable from a feature.
signature.asc
Description: This is a digitally signed message part
On Sun, 2020-02-09 at 11:57 +0100, Florian Weimer wrote:
> * Ben Hutchings:
>
> > If I recall correctly, glibc *will* provide both entry points, so there
> > is no ABI break. But the size of time_t (etc.) exposed through libc-
> > dev is fixed at glibc build time.
>
32 bit version of the functions.
LFS is a great example of how *not* to do it. 23 years on, we still
have open bugs for programs that should opt in but didn't. Not every
program needs to handle > 2 GiB files, but there are now filesystems
with 64-bit inode numbers and they break every non-LFS pr
tallations since it's only Priority: important.
Is there a higher priority package, independent of init system, that
would be suitable for carrying the Debian sysctl policy?
Ben.
--
Ben Hutchings
I'm not a reverse psychological virus.
Please don't copy me into your signature.
signature.asc
Description: This is a digitally signed message part
tity.
I think many of us can guess the sender's identity. Don't give him the
attention.
Ben.
--
Ben Hutchings
All the simple programs have been written, and all the good names taken
signature.asc
Description: This is a digitally signed message part
destructor is wrong and the delete is correct.
If it has been allocated in some unusual way, then the direct call to
the destructor is probably correct and the delete is wrong.
Ben.
--
Ben Hutchings
Lowery's Law:
If it jams, force it. If it breaks, it needed replacing anyway.
signature.asc
Description: This is a digitally signed message part
for unstable.
[...]
So long as the experimental versions are listed in the changelog, so
that the BTS recognises the new version as based on them, you don't
need to close the bugs again.
Ben.
--
Ben Hutchings
Humour is the best antidote to reality.
signature.asc
Description: This is a
; pls which one I can choice for my system ?
>
> ---
> Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.39-1+deb8u1 (2017-02-22) x86_64
> GNU/Linux
[...]
You have skipped nearly 3 years of kernel updates and you are worrying
about an obscure sudo secur
ny init system.
All that said, Docker has name recognition to the point that's is
almost synonymous with containers, so people are going to keep trying
to use it for things it doesn't do well.
Ben.
--
Ben Hutchings
It is easier to change the specification to fit the program
than vice ver
nstall haveged, and
> this helps for general cases. But then I have corner cases like when
> the root filesystem is readonly then haveged doesn't work.
>
> I'm not using ancient hardware I'm on a modern arm64 processor, but it
> is an embedded environment with no keyboard or
_0.17.orig.tar.gz, but the file differs:
> in dsc: 82c115920b5570e1e33c613b008736086db210bc8f9b2c2e75f970e9696d8ec5
> found: 64ca6eeb1d646e9992b134b4c89c7b0da5d2f9e141d03ffe29ff76729c4a4975
>
> Please, rebuild your package against the correct file.
>
> Please try to fix it and re-upload. Thanks,
>
> -- mentors.debian.n
On Fri, 2019-08-09 at 00:28 +0200, Aurelien Jarno wrote:
> On 2019-08-08 22:23, Ben Hutchings wrote:
[...]
> > 1a. Require 32-bit build environments to be multiarch with the
> > related 64-bit architecture also enabled.
>
> Indeed, but that looks like the first step. Fr
ny comments, ideas, or help here?
[...]
1a. Require 32-bit build environments to be multiarch with the
related 64-bit architecture also enabled.
Ben.
--
Ben Hutchings
Experience is directly proportional to the value of equipment destroyed
- Carolyn Scheppner
signature.asc
Description: This is a digitally signed message part
P if you net-boot
without an initramfs.
Ben.
--
Ben Hutchings
You can't have everything. Where would you put it?
signature.asc
Description: This is a digitally signed message part
ssages aren't very helpful.
Ben.
--
Ben Hutchings
If God had intended Man to program,
we'd have been born with serial I/O ports.
signature.asc
Description: This is a digitally signed message part
kages.
See
<https://manpages.debian.org/buster/cgit/cgitrc.5.en.html#SIGNATURES>
and the "git-archive-signer" script in
<https://git.kernel.org/pub/scm/linux/kernel/git/mricon/korg-helpers.git/>.
Ben.
--
Ben Hutchings
If God had intended Man to program,
we'd have been born with serial I/O ports.
signature.asc
Description: This is a digitally signed message part
> privileged. But I would not go that route as I see it as destructive
> one.
[...]
We can't force individual developers to do anything, and yet we manage
to release with a large number of packages that mostly follow policy.
If it's our policy that packages must support cron (
y and other programs/games with
> IAPs?
>
> Cheers, Bagas
>
--
Ben Hutchings
friends: People who know you well, but like you anyway.
signature.asc
Description: This is a digitally signed message part
that (might) need a security update.
Obviously I build them in a jessie chroot, but it seems like overkill
to do that for the initial source download too. And back when I was
doing triage for Debian LTS I wouldn't build at all - I would only look
at the source to see if a bug was present in the ol
gt; Petter for further input.
Linux doesn't distinguish between devices found in an initial
enumeration or hot-plugged later, so I doubt that isenkram is limited
in that way.
Ben.
--
Ben Hutchings
Any sufficiently advanced bug is indistinguishable from a feature.
signature.asc
Descr
counts, regardless of
whether the vendor is interested in being a sponsor.
Ben.
--
Ben Hutchings
Unix is many things to many people,
but it's never been everything to anybody.
signature.asc
Description: This is a digitally signed message part
19.37
>
> https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.19.38
>
> The commit also affects ZFS 0.7 because SIMD is used for checksum operations.
>
> There might be a performance penalty in ZFS only if Debian Buster
> upgrades to 4.19.38.
Which we will, some time soon.
tignore but
> not usually Makefile.in).
[...]
Perhaps we should update policy to say that the .orig tarball may (or
even "should") be generated from an upstream release tag where
applicable.
Ben.
--
Ben Hutchings
Horngren's Observation:
Among economists, the real
beside debian/control.
I have an unmerged branch that changes various things to be compatible
with dgit. It adds debian/control and debian/tests/control to git and
defers generation of other things to build time.
Ben.
--
Ben Hutchings
Horngren's Observation:
Among economist
own or non-free dataset [...]
> 3. A model is Non-free Model as long as any of the following
> conditions is satisfied: (1) trained from unknown/non-free data [...]
Is category 2 intended to be a subset of category 3, or am I missing
some distinction?
Ben.
--
Ben Hutchings
Any sufficient
On Tue, 2019-05-14 at 12:54 +0200, Andreas Tille wrote:
> On Tue, May 14, 2019 at 10:38:06AM +0100, Ben Hutchings wrote:
> > On Tue, 2019-05-14 at 11:07 +0200, Andreas Tille wrote:
> > > Can you give an example for a package that has a non-dh rules file
> > > "wo
d/rules file?
linux is one.
I did a lot of work to address lintian warnings last year, and most of
that did not involve debian/rules*.
Ben.
--
Ben Hutchings
I haven't lost my mind; it's backed up on tape somewhere.
signature.asc
Description: This is a digitally signed message part
On Mon, 2019-05-13 at 19:08 +, Holger Levsen wrote:
> reassign -1 base-files
> retitle -1 base-files: please add a break on d-s-s < 2019.04.25
> thanks
>
> On Mon, May 13, 2019 at 01:00:14PM +0100, Ben Hutchings wrote:
> > On Mon, 2019-05-13 at 11:52 +, Holger
random developers can do the
NMU.
Ben.
--
Ben Hutchings
For every complex problem
there is a solution that is simple, neat, and wrong.
signature.asc
Description: This is a digitally signed message part
r from *any* stretch pointrelease) by adding a "pre-depends:
> debian-security-support (>= 2019.04.25)" to base-files in buster.
[...]
This makes debian-security-support transitively essential, whereas it
used to be optional.
Is "Conflicts" not strong enough?
Ben.
--
ging that I raised in
October. (I say "we" because I realise you are likely to need me or
someone else to spend time explaining and testing the specific
scenarios that didn't work.)
Ben.
--
Ben Hutchings
It is easier to write an incorrect program
than to understand a correct one.
the
-updates suite will not be removed until end of LTS.
As for jessie-backports, the removal was announced in July 2018.
Ben.
> OK, I am a little late to pick up on this, but I'm sure there are
> other people still running some Jessie systems who only run update
> commands on the
-updates suite will not be removed until end of LTS.
As for jessie-backports, the removal was announced in July 2018.
Ben.
> OK, I am a little late to pick up on this, but I'm sure there are
> other people still running some Jessie systems who only run update
> commands on them every mo
Control: summary -1
GRUB and Linux images are now signed by the production key trusted by
shim-signed. Debian-installer apparently installs the signed packages,
but other installation systems are not yet ready.
Ben.
--
Ben Hutchings
Quantity is no substitute for quality, but it's the onl
On Sun, 2019-03-03 at 22:55 +0100, Kurt Roeckx wrote:
> On Sun, Mar 03, 2019 at 08:19:44PM +0000, Ben Hutchings wrote:
> > On Sun, 2019-03-03 at 18:59 +0100, Kurt Roeckx wrote:
> > [...]
> > > Most people will actually have at least 2 hardware RNGs: One in
> > > t
l problems with doing this: some of these hardware
RNGs are probably quite weak, so we have to be very conservative, but
then the less entropy we credit the more CPU time will be spent in the
hardware RNG reader thread.
Ben.
--
Ben Hutchings
No political challenge can be met by shopping. - George Mo
"arc4random" functions really use ChaCha20 today, anyway.
Ben.
> I hope you have found this review helpful.
--
Ben Hutchings
This sentence contradicts itself - no actually it doesn't.
signature.asc
Description: This is a digitally signed message part
On Thu, 2019-02-28 at 11:56 +, Ian Jackson wrote:
> Ben Hutchings writes ("Re: FYI/RFC: early-rng-init-tools"):
> > On Mon, 2019-02-25 at 19:37 +0200, Uoti Urpala wrote:
> > > Generally you don't ever
> > > need to use /dev/random instead of /dev/urand
On Tue, 2019-02-26 at 22:29 +0200, Uoti Urpala wrote:
> On Tue, 2019-02-26 at 19:10 +0000, Ben Hutchings wrote:
> > But if the input to the seed doesn't provide enough entropy, the seed
> > is not completely secret (that is, you can recover it with less work
> > than a
On Mon, 2019-02-25 at 14:36 -0500, Sam Hartman wrote:
> > > > > > "Ben" == Ben Hutchings writes:
>
> Ben> The output of the RNG may well become public, for example in
> Ben> document UUIDs. So when estimating the entropy that the new
>
ndom() without also unblocking /dev/random. If the seed
files used in two different boots are somewhat correlated, and the
entropy estimation doesn't account for that, the output of /dev/random
may also be somewhat correlated between the boots, which is not
supposed to happen.
Ben.
--
Ben Hu
On Mon, 2019-02-25 at 16:48 +, Thorsten Glaser wrote:
> Ben Hutchings dixit:
>
> >> ‣ writes between 32 and 256 bytes to /dev/urandom (but does not
> >> accredit them yet, just remembers the amount written)
> >
> >How do you determi
On Mon, 2019-02-25 at 18:27 +0200, Uoti Urpala wrote:
> Ben Hutchings wrote:
> > The major input into the new seed file contents is the old seed file
> > contents. You are adding very little entropy on x86, and possibly
> > almost none on other architectures.
> >
>
file contents is the old seed file
contents. You are adding very little entropy on x86, and possibly
almost none on other architectures.
Please reconsider this, as this description sounds dangerously
insecure.
Ben.
--
Ben Hutchings
The obvious mathema
n 2011 (Ivy Bridge core) and AMD only implemented in 2015
(Excavator core).
Ben.
--
Ben Hutchings
The obvious mathematical breakthrough [to break modern encryption]
would be development of an easy way to factor large prime numbers.
- Bil
And it has HSTS, which is nice, but it is missing the redirection
that's needed to make that work completely.
Ben.
--
Ben Hutchings
When in doubt, use brute force. - Ken Thompson
signature.asc
Description: This is a digitally signed message part
On Mon, 2019-01-21 at 21:46 +, Ben Hutchings wrote:
> On Mon, 2019-01-21 at 20:49 +, Andy Simpkins wrote:
> [...]
> > Should we add to or change the possible entropy sources?
> [...]
>
> Yes, we should (by default) enable use of available hardware RNGs to
> produc
inks, and many other
kinds of security hardening changes. We made them anyway and took the
temporary pain for a long-term security gain.
Ben.
--
Ben Hutchings
The most exhausting thing in life is being insincere.
- Anne Morrow Lindberg
signature.asc
Description: This is a digitally signed message part
ous software entropy gathering daemons.
We should also document this so that users that distrust certain
entropy sources will know how to disable them.
Ben.
--
Ben Hutchings
Klipstein's 4th Law of Prototyping and Production:
A fail-safe circuit will destro
nvestigate the bugs. You said
> you provided links, but I couldn't find any in your e-mail messages or
> earlier ones on this thread. Perhaps I missed them; in which case, my
> apologies. Can you please send/resend those links?
[...]
I sent you a bunch of bug links in mes
icularly good term to describe the unique feature of the new
> repo either. In my eyes, 'fastpaced' makes the point far better.
>
> But as said, the main argument against calling it 'rolling' is that it
> would create confusion due to the name already being used in other
> (Debian-related) contexts.
At the risk of bikeshedding, some alternate names that might be less
confusing:
- fresh-apps
- evergreen
- rolling-apps
Ben.
--
Ben Hutchings
Power corrupts. Absolute power is kind of neat. - John Lehman
signature.asc
Description: This is a digitally signed message part
1 - 100 of 1222 matches
Mail list logo
