Christian Weisgerber:
> Here's the list of ports that still need fixes or deeper analysis:
>
> www/webkitgtk4,webkitgtk41 ?
> www/webkitgtk4,webkitgtk50 ?
> www/webkitgtk4 ?
This is the last one on my list.
TL;DR: I think it's fine.
semarie's clang diff produced warn
Christian Weisgerber:
> editors/neovim ? luajit, requires build
> games/tome4 ? luajit, requires build
> lang/luajit ? required build
Those are false positivies. The luajit build produces a 2700-line
file lj_vm.s, which contains function d
Here's the list of ports that still need fixes or deeper analysis:
audio/wavpack log2_table
editors/neovim ? luajit, requires build
games/tome4 ? luajit, requires build
lang/luajit ? required build
lang/mono
Volker Schlecht:
> > lang/erlang/25 6
>
> I only find 3, not 6.
Indeed. The port failed to build and I re-built it after grabbing
the fix, so the log file ended up containing two builds.
> However, those are all false positives (.byte 0x0F, x01, 0xD0)
That turns out to be a v
On Thu, Jan 19, 2023 at 09:38:22PM +0100, Volker Schlecht wrote:
>
>
> > lang/node 65765
>
> I've tried applying robert@'s patch to www/chromium to lang/node, but got a
> segfault when building.
>
> My current best guess is that it might be this patch that's missing from t
My current list is below.
Unfortunately there was a flurry of commits while my build was
running that I couldn't keep track of.
===> false positives
archivers/lzop
audio/flac
audio/libsoxr
audio/mpg123
databases/mongodb/36
databases/mongodb/44
devel/ccache
devel/cryptopp
devel/gmp
multimedia/libvp
On 1/19/23 15:15, Christian Weisgerber wrote:
Quite a few warnings will be false positives, because it is a
somewhat common idiom to use data directives to embed opcodes for
new CPU instructions that assemblers might not yet support.
E.g. audio/flac uses ".byte 0x0f, 0x01, 0xd0" for the "xgetb
lang/node 65765
I've tried applying robert@'s patch to www/chromium to lang/node, but
got a segfault when building.
My current best guess is that it might be this patch that's missing from
the version from v8 in lang/node
https://github.com/v8/v8/commit/739bdd1ce3
Here's the status of the security/ category
> security/botan 3
false positive
> security/gnutls 15552
> security/libgcrypt 14212
> security/libnettle 56
fixed on amd64 and arm64
> security/libsodium 6
false positive
> se
Christian Weisgerber:
> False positives from ports I've looked at so far:
archivers/lzop insn unknown
audio/flac insn xgetbv
audio/libsoxr insn xgetbv
audio/mpg123insn xgetbv
databases/mongodb/36insn xgetbv, c
False positives from ports I've looked at so far:
archivers/lzop insn unknown
audio/flac insn xgetbv
audio/libsoxr insn xgetbv
audio/mpg123insn xgetbv
devel/gmp insn nop; padding
How are we going to
As part of the ever ongoing exploit mitigation work, OpenBSD is now
moving towards code segments (.text) that can only be executed but
not be read. It will no longer be possible to intermingle code and
data. The compiler already handles this. Handwritten assembly
language parts might not. To fi
12 matches
Mail list logo
