[qubes-users] Re: HCL: Supermicro AMD server: success!
On Sunday, 9 October 2016 19:03:49 UTC+11, dlme...@gmail.com wrote: > Tried this Bill? https://www.coreboot.org/Board:supermicro/h8qgi > > DM. Oops, just noticed you're on H8DGI :O| -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/b03bc6fd-f407-41ad-b33a-1410ec083abb%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: HCL: Supermicro AMD server: success!
Tried this Bill? https://www.coreboot.org/Board:supermicro/h8qgi DM. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/7b2ab7ce-f185-4b2f-b867-5a04989d870f%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: installing Signal on Qubes mini-HOWTO
On Friday, 23 September 2016 07:56:15 UTC+10, dlme...@gmail.com wrote: > On Friday, 23 September 2016 04:11:33 UTC+10, se...@redhat.com wrote: > > On Thursday, September 22, 2016 at 3:57:01 AM UTC-4, dlme...@gmail.com > > wrote: > > > On Monday, 15 August 2016 20:43:18 UTC+10, pixel fairy wrote: > > > > On Sunday, August 14, 2016 at 3:22:30 PM UTC-7, Alex wrote: > > > > ... > > > > > 1. Install the Chromium browser in your appvm template - skip if you > > > > > were already using it. Shut down the template VM. > > > > > > > > I keep wondering how safe chromium browser is. do redhat or debian > > > > track updates in time with google-chrome? > > > > > > > > > Chromium in the supported Fedora template for Qubes (FC23) contains High > > > severity security bugs: > > > > > > FC23 = 52.0.2743.116-10.fc23. > > > FC24 = 53.0.2785.113-1.fc24. > > > > > > See: https://apps.fedoraproject.org/packages/chromium (for builds) > > > > > > Numerous security vulnerabilities, including High severity CVE's here: > > > https://googlechromereleases.blogspot.com.au/2016/09/stable-channel-update-for-desktop_13.html > > > > > > Newer RPMs available here, but haven't been tagged to either updates or > > > updates-testing for FC23: > > > > > > http://koji.fedoraproject.org/koji/buildinfo?buildID=802754 > > > > > > So what you're saying is we should move to Fedora 24. > > Sure. However, FC23 is still listed as a supported release: > https://fedoraproject.org/wiki/Releases#Current_Supported_Releases. Maybe > only "Critical" security fixes would make it to FC23 though, not "High" > (https://www.chromium.org/developers/severity-guidelines), but people likely > assume otherwise. Note also that Chromium is not listed as a Critical Path > package, unlike Firefox. Qubes 3.1 doesn't have an fc24 template. Qubes 3.2 won't be released with fc23 because it's too late in testing, but will (does currently for the RC) have an fc24 template available. It looks like chromium-53.0.2785.116-1.fc23 should now be in 'updates-testing' repo (since 2016-09-21 17:43:43Z), but it hasn't propagated far. Out of 6 mirrors in Australia, only one here even had the previous 53.0.2785.113-1.fc23.x86_64, in 'updates-testing', which is now ~8 days old. YMMV, but looks like Fedora needs to drop some consistently slow mirrors: https://admin.fedoraproject.org/mirrormanager/propgation Also, if fc23 users want Chromium, it needs package testers. https://fedoraproject.org/wiki/QA:Updates_Testing. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/638ea945-7e38-4d96-9e20-9e6d68e0b35c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: installing Signal on Qubes mini-HOWTO
On Friday, 23 September 2016 04:11:33 UTC+10, se...@redhat.com wrote: > On Thursday, September 22, 2016 at 3:57:01 AM UTC-4, dlme...@gmail.com wrote: > > On Monday, 15 August 2016 20:43:18 UTC+10, pixel fairy wrote: > > > On Sunday, August 14, 2016 at 3:22:30 PM UTC-7, Alex wrote: > > > ... > > > > 1. Install the Chromium browser in your appvm template - skip if you > > > > were already using it. Shut down the template VM. > > > > > > I keep wondering how safe chromium browser is. do redhat or debian track > > > updates in time with google-chrome? > > > > > > Chromium in the supported Fedora template for Qubes (FC23) contains High > > severity security bugs: > > > > FC23 = 52.0.2743.116-10.fc23. > > FC24 = 53.0.2785.113-1.fc24. > > > > See: https://apps.fedoraproject.org/packages/chromium (for builds) > > > > Numerous security vulnerabilities, including High severity CVE's here: > > https://googlechromereleases.blogspot.com.au/2016/09/stable-channel-update-for-desktop_13.html > > > > Newer RPMs available here, but haven't been tagged to either updates or > > updates-testing for FC23: > > > > http://koji.fedoraproject.org/koji/buildinfo?buildID=802754 > > > So what you're saying is we should move to Fedora 24. Sure. However, FC23 is still listed as a supported release: https://fedoraproject.org/wiki/Releases#Current_Supported_Releases. Maybe only "Critical" security fixes would make it to FC23 though, not "High" (https://www.chromium.org/developers/severity-guidelines), but people likely assume otherwise. Note also that Chromium is not listed as a Critical Path package, unlike Firefox. -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/6be8b0f0-1330-4e9c-b5a0-03fa3b9befd9%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: installing Signal on Qubes mini-HOWTO
On Monday, 15 August 2016 20:43:18 UTC+10, pixel fairy wrote: > On Sunday, August 14, 2016 at 3:22:30 PM UTC-7, Alex wrote: > ... > > 1. Install the Chromium browser in your appvm template - skip if you were > > already using it. Shut down the template VM. > > I keep wondering how safe chromium browser is. do redhat or debian track > updates in time with google-chrome? Chromium in the supported Fedora template for Qubes (FC23) contains High severity security bugs: FC23 = 52.0.2743.116-10.fc23. FC24 = 53.0.2785.113-1.fc24. See: https://apps.fedoraproject.org/packages/chromium (for builds) Numerous security vulnerabilities, including High severity CVE's here: https://googlechromereleases.blogspot.com.au/2016/09/stable-channel-update-for-desktop_13.html Newer RPMs available here, but haven't been tagged to either updates or updates-testing for FC23: http://koji.fedoraproject.org/koji/buildinfo?buildID=802754 -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/460445e5-7190-47df-ad23-9c16d9d42204%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[qubes-users] Re: adding gresecurity to Qubes
On Wednesday, 15 June 2016 04:40:03 UTC+10, Lorenzo Lamas wrote: > Imho it would still be a good idea because of the PaX protections on user > applications. > For example it could prevent exploitation of your mail client. The infection > may not be able to survive AppVM reboot but it could still steal information. > You can of course limit the damage by compartmentalizing more granular, but > that doesn't prevent it in the first place and more AppVMs means more > resource usage. That's how I looked at it too. (Additionally, reboots don't protect against infections in /home, such as malicious browser extension, modified .bash_rc, etc.) -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to qubes-users+unsubscr...@googlegroups.com. To post to this group, send email to qubes-users@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/c00da32c-e7d5-4116-a48f-487703937bed%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
