Re: [gentoo-user] Re: dev-libs/nss-3.29.5 security level problem?

2018-05-10 Thread Mick
On Thursday, 10 May 2018 11:31:45 BST Dale wrote: > Mick wrote: > > On Thursday, 10 May 2018 10:48:06 BST Mick wrote: > >> Hi All, > >> > >> I just discovered the last nss update broke things completely on mozilla > >> apps which use nss. Firefox now refuses to connect to any site with > >>

[gentoo-user] Re: Spectre-NG

2018-05-10 Thread Ian Zimmerman
On 2018-05-10 14:35, Wol's lists wrote: > > Code may be "security-sensitive" but buggy. Is the compiler writer > > really responsible for guessing what the programmer meant to > > accomplish with buggy code? > > What do you mean by "buggy"? Relying on UB, or not telling the compiler the whole

[gentoo-user] Re: Spectre-NG

2018-05-10 Thread Martin Vaeth
Rich Freeman wrote: > On Thu, May 10, 2018 at 1:34 AM Martin Vaeth wrote: > >> As a simple example, assume that you have read a password file >> into a string of your language and now access a single password. >> No matter, how you mark the end of the password

Re: [gentoo-user] Re: Spectre-NG

2018-05-10 Thread Rich Freeman
On Thu, May 10, 2018 at 1:34 AM Martin Vaeth wrote: > As a simple example, assume that you have read a password file > into a string of your language and now access a single password. > No matter, how you mark the end of the password (fixed-length, \0, \n, > ...) speculative

Re: [gentoo-user] Re: Spectre-NG

2018-05-10 Thread Wol's lists
On 09/05/18 23:50, Ian Zimmerman wrote: Code may be "security-sensitive" but buggy. Is the compiler writer really responsible for guessing what the programmer meant to accomplish with buggy code? What do you mean by "buggy"? It would of course be preferable if the compiler could just

Re: [gentoo-user] Re: dev-libs/nss-3.29.5 security level problem?

2018-05-10 Thread Dale
Mick wrote: > On Thursday, 10 May 2018 10:48:06 BST Mick wrote: >> Hi All, >> >> I just discovered the last nss update broke things completely on mozilla >> apps which use nss. Firefox now refuses to connect to any site with https. >> Trying to load google.com brings up this error message: >> >>

[gentoo-user] Re: dev-libs/nss-3.29.5 security level problem?

2018-05-10 Thread Mick
On Thursday, 10 May 2018 10:48:06 BST Mick wrote: > Hi All, > > I just discovered the last nss update broke things completely on mozilla > apps which use nss. Firefox now refuses to connect to any site with https. > Trying to load google.com brings up this error message: > >

[gentoo-user] Re: dev-libs/nss-3.29.5 security level problem?

2018-05-10 Thread Mick
On Thursday, 10 May 2018 10:48:06 BST Mick wrote: > Hi All, > > I just discovered the last nss update broke things completely on mozilla > apps which use nss. Firefox now refuses to connect to any site with https. > Trying to load google.com brings up this error message: > >

[gentoo-user] dev-libs/nss-3.29.5 security level problem?

2018-05-10 Thread Mick
Hi All, I just discovered the last nss update broke things completely on mozilla apps which use nss. Firefox now refuses to connect to any site with https. Trying to load google.com brings up this error message: = Your connection is not secure The website tried

Re: [gentoo-user] vulkan development...

2018-05-10 Thread David Haller
Hello, On Tue, 08 May 2018, Alan Grimes wrote: >After playing Rise of The Tombraider using Vulkan on Gentoo I got >inspired to try to poke with some source code. I downloaded vkQuake from >github and tried to build it. It couldn't find ... > >Uh, where are the headers? What package are they in?