Hello,
Le 30/04/2020 à 10:07, Anders Andersson a écrit :
On Thu, Apr 30, 2020 at 6:02 AM James Jerkins
wrote:
This patch adds two new options to sysupgrade. The first option is for small
box systems like an APU system that only has the base and manual sets
installed. The second option is
gwes wrote:
> On 5/1/20 9:13 AM, Theo de Raadt wrote:
> > I think there's a bit of drama going on here.
> >
> > Once a person uses one example in the examples directory, they
> > will become aware of the directory and see it has other files.
> > And possibly use them in the future.
> >
> > It is
On 5/1/20 9:13 AM, Theo de Raadt wrote:
I think there's a bit of drama going on here.
Once a person uses one example in the examples directory, they
will become aware of the directory and see it has other files.
And possibly use them in the future.
It is not clear to me that example
The following patch tightens the pledges for ftp(1).
This guarantees that ftp(1) cannot spawn child processes when operating
in batch mode, which is a significant security win.
Index: usr.bin/ftp/main.c
===
RCS file:
On 2020-05-02 17:04, Hiltjo Posthuma wrote:
> On Sat, May 02, 2020 at 04:48:38PM -0400, Qubes privileged user wrote:
>> The following patch tightens the pledges for ftp(1).
>>
>> This provides some additional guarantees, including that ftp(1) cannot
>> spawn child processes. This is a significant
On Sat, 2 May 2020, j...@bitminer.ca wrote:
> A couple of further questions embedded:
>
> A question on the std-dev -- is this for "n" measures as defined
> by -r interval? "ping" reports an N packets transmitted. Maybe
> this is obvious but your revised manpage doesn't say. Could this
>
The following patch tightens the pledges for ftp(1).
This provides some additional guarantees, including that ftp(1) cannot
spawn child processes. This is a significant security win for
sysupgrade(8).
I hope I did not mess up the diff - this is my first time submitting one.
Index:
Jesper Wallin(jes...@ifconfig.se) on 2020.05.01 12:15:06 +0200:
> Hi all,
>
> I was trying to score 100 on all the tests over at ssllabs.com, but seem
> to only reach 90 on "Key Exchange". Not sure if it's related, but I was
> playing with the "dhe" option in relayd.conf(5) in order to increase
A couple of further questions embedded:
On 2020-05-02 05:41, richard.n.proc...@gmail.com wrote:
On Fri, 1 May 2020, j...@bitminer.ca wrote:
> From: richard.n.procter () gmail ! com
> This implements ping(1)-like summary statistics for tcpbench(1), e.g.
>
> ^C
> --- localhost tcpbench
On 2020/05/02 16:48, Stuart Henderson wrote:
> Seeing some of these, including in brand new -current. I think it's triggered
> when another ospf6-speaker in the area restarts.
>
> ospf6d[1296]: route decision engine exiting
> ospf6d[214]: kernel routing table decoupled
> ospf6d[214]: ospf engine
Seeing some of these, including in brand new -current. I think it's triggered
when another ospf6-speaker in the area restarts.
ospf6d[1296]: route decision engine exiting
ospf6d[214]: kernel routing table decoupled
ospf6d[214]: ospf engine terminated; signal 11
ospf6d[214]: terminating
Program
Hi,
I've found incorrect use of time in iked (-current). The event API doen’t use
the monotonic clock, so this breaks the timer:
ikev2_ike_sa_alive: outgoing CHILD SA spi 0x07409b52 last used
7466(gettime) - 1588405979(sadb_lifetime_usetime) = 2706568783 second(s) ago
Stephan Mending wrote:
> On 02/05/2020 02:58, Theo de Raadt wrote:
>
> > Stephan Mending wrote:
> >
> >> I don't get how this could be ?
> > then go study.
> >
> I think I've struck a nerve right here. I'm sorry to have caused you
> high blood pressure by sending this diff. I do not doubt the
On Sat, May 02, 2020 at 10:15:53AM +0200, René Ammerlaan wrote:
> Hi,
>
> I've found incorrect use of time in iked (-current). The event API doen’t use
> the monotonic clock, so this breaks the timer:
> ikev2_ike_sa_alive: outgoing CHILD SA spi 0x07409b52 last used
> 7466(gettime) -
On 2020/05/02 14:29, Mark Kettenis wrote:
> I've always interpreted the bit of code that takes the bus number from
> _CRS instead of _BBN, ut allegedly this is not how it works and _BBN
> is supposedly only there to make sure we can access PCI config space
> of the host bridge from AML code.
>
>
I've always interpreted the bit of code that takes the bus number from
_CRS instead of _BBN, ut allegedly this is not how it works and _BBN
is supposedly only there to make sure we can access PCI config space
of the host bridge from AML code.
Fortunately having _CRS provide the bus number is just
On Fri, 1 May 2020, j...@bitminer.ca wrote:
> > From: richard.n.procter () gmail ! com
> > This implements ping(1)-like summary statistics for tcpbench(1), e.g.
> >
> > ^C
> > --- localhost tcpbench statistics ---
> > 1099642814 bytes sent over 4.126 seconds
> > bandwidth min/avg/max/std-dev =
On 02/05/2020 02:58, Theo de Raadt wrote:
Stephan Mending wrote:
I don't get how this could be ?
then go study.
I think I've struck a nerve right here. I'm sorry to have caused you
high blood pressure by sending this diff. I do not doubt the competency
of you or the other developers. And
On 02/05/2020 01:45, Tobias Heider wrote:
Hi Stephan,
"Also: the mentioned sha1 transform is also a HMAC construction and technically
safe to use (for now), same as the PRF."
I don't get how this could be ? SHA-1 for signage and hash generation is
colliding. How can it be that this doesn't
19 matches
Mail list logo
