*** arcean has quit IRC | 00:10 | |
*** kolp has quit IRC | 00:53 | |
*** _rd has quit IRC | 00:56 | |
Pali | merlin1991: on gitorious cssu are small fixes for upstart and ke-recv packages | 01:34 |
---|---|---|
Pali | both fixes are for mouting FAT partitions (e.g. MyDocs) | 01:35 |
Pali | problem about mount-opts file (part of upstart source package) is described in cssu-t TMO thread | 01:36 |
Pali | and fix for ke-recv package is just shell script fix (one line) | 01:36 |
Pali | needs some testing and after that packages should be put into CSSU-T | 01:37 |
Pali | as some users have problem with read-only MyDocs | 01:37 |
*** nox- has joined #maemo-ssu | 01:51 | |
*** nox- has quit IRC | 04:34 | |
*** DrCode has quit IRC | 04:41 | |
*** DrCode has joined #maemo-ssu | 04:43 | |
*** LauRoman has quit IRC | 05:12 | |
*** futpib has quit IRC | 05:39 | |
*** sparetire_ has quit IRC | 07:31 | |
*** kolp has joined #maemo-ssu | 09:14 | |
*** _rd has joined #maemo-ssu | 09:28 | |
*** anYc has quit IRC | 10:10 | |
*** radekp has joined #maemo-ssu | 11:20 | |
*** sunny_s has quit IRC | 11:22 | |
*** arcean has joined #maemo-ssu | 11:23 | |
*** xes has joined #maemo-ssu | 12:31 | |
*** lizardo has joined #maemo-ssu | 13:02 | |
*** lizardo is now known as lizardo_away | 13:17 | |
*** lizardo_away is now known as lizardo | 13:33 | |
*** futpib has joined #maemo-ssu | 15:43 | |
*** NishanthMenon has joined #maemo-ssu | 15:44 | |
*** anYc has joined #maemo-ssu | 16:38 | |
*** LauRoman has joined #maemo-ssu | 16:43 | |
*** lizardo is now known as lizardo_away | 16:49 | |
*** anYc has quit IRC | 16:54 | |
*** futpib has quit IRC | 17:08 | |
*** sparetire_ has joined #maemo-ssu | 17:13 | |
*** lizardo_away is now known as lizardo | 17:14 | |
*** anYc has joined #maemo-ssu | 17:34 | |
*** _rd has quit IRC | 17:48 | |
*** anYc has quit IRC | 17:50 | |
*** sec has joined #maemo-ssu | 18:17 | |
*** radekp has quit IRC | 18:33 | |
*** dhbiker has joined #maemo-ssu | 18:59 | |
freemangordon | kerio: bb-power is in the repo | 19:27 |
kerio | yay | 19:30 |
*** _rd has joined #maemo-ssu | 19:37 | |
*** dhbiker has quit IRC | 19:41 | |
*** anYc has joined #maemo-ssu | 19:47 | |
kerio | ah shieeeeet | 20:39 |
kerio | there's so many upgrades | 20:39 |
kerio | upstart and system-services | 20:39 |
kerio | from community-devel | 20:39 |
kerio | Pali: do i yolo upgrade | 20:41 |
Pali | it could fix problem reported on tmo | 20:41 |
Pali | problem: etc default mount-opts was not updated with new version of package | 20:42 |
kerio | i have my own fstab | 20:42 |
kerio | whatever, YOLO | 20:45 |
kerio | what's new in upstart? | 20:45 |
sec | Thumb or normal as well? | 20:53 |
kerio | holy shit my PowerOff ledd pattern is so fancy | 20:54 |
kerio | *led | 20:55 |
sec | kerio: Is this on thumb or normal as well? | 20:55 |
kerio | thumb | 20:55 |
kerio | i'm missing like two packages from -devel | 20:55 |
sec | Aw, alright | 20:55 |
kerio | why? | 20:56 |
sec | I am not on thumb | 20:57 |
sec | :/ | 20:57 |
kerio | sucks to be you | 20:57 |
sec | The last time I installed thumb, it seemed slower than normal | 20:58 |
kerio | alright, i'm at community-devel minus calendar-backend,libhildon1,telepathy-gabble | 21:00 |
Pali | kerio: in upstart nothing, only in system-services... but system-services package is part of upstart source | 21:01 |
*** futpib has joined #maemo-ssu | 21:02 | |
*** DrCode has quit IRC | 21:02 | |
Pali | anyway I have some problems with LED too | 21:02 |
Pali | it does not work until I restart mce... | 21:02 |
Pali | freemangordon: ^^^^ | 21:02 |
Pali | any idea? | 21:02 |
Pali | problem is there after reboot or power on again | 21:03 |
Pali | stop mce && start mce fix it | 21:03 |
*** DrCode has joined #maemo-ssu | 21:07 | |
*** sec has quit IRC | 21:20 | |
*** LauRoman|Alt has joined #maemo-ssu | 21:54 | |
*** sec has joined #maemo-ssu | 22:01 | |
*** LauRoman has quit IRC | 22:17 | |
*** LauRoman|Alt has quit IRC | 22:18 | |
*** dhbiker has joined #maemo-ssu | 22:38 | |
kerio | freemangordon et al.: is there a good reason our libssl isn't upgraded? | 22:39 |
*** dhbiker has quit IRC | 22:47 | |
Pali | kerio: yes, manpower | 22:53 |
Pali | need to test if API/ABI was changed | 22:53 |
Pali | or backport patches | 22:54 |
Pali | nobody has time for it | 22:54 |
kerio | holy fucking shit we're on 0.9.8n and the current 0.9.8 is 0.9.8zc | 22:55 |
kerio | how fucking sad does your release schedule have to be to reach 28 patch releases | 22:55 |
kerio | 29, actually | 22:55 |
kerio | there was a plain 0.9.8 | 22:55 |
kerio | TWENTY | 22:56 |
kerio | FUCKING | 22:56 |
kerio | NINE | 22:56 |
kerio | well, if https://gitorious.org/community-ssu/openssl is the repo, we're currently vulnerable to POODLE | 22:57 |
kerio | not sure if that's server or client, tho | 22:58 |
sec | Both I think depending on the application using libssl | 23:02 |
kerio | we should upgrade to 0.9.8zc | 23:02 |
kerio | i wonder if the debian one would work | 23:02 |
sec | It's not easy I think, there will be dependencies where the older libraries are required and can not be replaced | 23:03 |
Pali | ~ping | 23:04 |
infobot | ~pong | 23:04 |
Pali | kerio: problem is that openssl does not have stable ABI | 23:04 |
kerio | we're on 0.9.8 | 23:05 |
kerio | upgrading to 0.9.8 will not require any other change | 23:05 |
kerio | like, the latest 0.9.8 | 23:05 |
Pali | even 0.9.8 do not have to have stable ABI | 23:05 |
kerio | ...but it's literally the same .so file | 23:05 |
Pali | kerio: do tests and prepare new update | 23:06 |
kerio | if it's not abi-compatible, they fucked up | 23:06 |
Pali | openssl is not ABI compatible | 23:06 |
sec | ^ | 23:06 |
Pali | kerio: can you look into openssl patches and prepare new release? | 23:07 |
kerio | hold on i'm going to do something stupid first | 23:10 |
kerio | how similar is fremantle to squeeze? | 23:10 |
kerio | awww, needs too recent of a libc :( | 23:10 |
sec | kerio: Try Lenny | 23:11 |
bencoh | no, lenny is too young | 23:13 |
bencoh | try etch&half | 23:13 |
sec | I was thinking the same | 23:13 |
kerio | is "arm" the same as "armel"? | 23:13 |
bencoh | (actually it could work) | 23:13 |
sec | But Etch's packages would be so far behind | 23:13 |
bencoh | kerio: arm usually is little-endian, so most of the time in this context yeah | 23:14 |
kerio | lenny's openssl is older than ours | 23:14 |
sec | Hehe | 23:15 |
bencoh | kerio: yeah, but what about libc ? :) | 23:16 |
kerio | do you guys think anything bad will happen if i add the current debian repos and upgrade? | 23:17 |
bencoh | POODLE is a protocol issue, so clients and servers try not to be exposed | 23:17 |
kerio | like, yolo upgrade | 23:17 |
bencoh | add the current debian repo to what ? maemo ? | 23:17 |
kerio | yes :3 | 23:18 |
bencoh | one way ticket to reflash | 23:18 |
bencoh | unless you want to manually revert | 23:18 |
bencoh | (from a chroot) | 23:18 |
bencoh | (in rescueos :p) | 23:18 |
kerio | from a chroot? :o | 23:19 |
sec | It won't work kerio :P | 23:19 |
sixwheeledbeast^ | http://talk.maemo.org/showthread.php?t=93296 | 23:19 |
bencoh | I dont understand why they decided to break 0.9.8 ABI after n | 23:20 |
bencoh | it sounds unreal | 23:20 |
sec | You can avoid problems by configuring servers to reject SSL in its entirety and only use TLS | 23:20 |
kerio | hahahah did we really avoid heartbleed just by being too old | 23:20 |
kerio | sec: TLSv1 is also vulnerable | 23:21 |
kerio | without patching | 23:21 |
sec | Hm, that could probably be configured too in some cases | 23:21 |
kerio | just needs a patch | 23:21 |
kerio | or you just go "fuck it" and only allow tls 1.2 | 23:21 |
sec | Even OpenSSH/Dropbear are super old | 23:21 |
kerio | (and 1.1, but who the fuck supports 1.1 but not 1.2?) | 23:22 |
bencoh | going "fuck it" would just prevent a non-negligeable amount of customers from accessing your services :) | 23:23 |
bencoh | (I tried, and I reverted back to keeping tlsv1) | 23:23 |
sec | Also, I doubt many people run servers on N900s | 23:23 |
sec | Does anyone have newer OpenSSH/Dropbear packages? | 23:24 |
bencoh | sec: 0.9.8n doesnt have tls1.2 | 23:24 |
sec | What ._. | 23:24 |
bencoh | I'm not even sure it has proper support for tls1.1 | 23:24 |
bencoh | well, unless I'm mistaken | 23:24 |
kerio | the cipher support is ass | 23:24 |
sec | Well we're screwed then aye | 23:24 |
bencoh | yeah ;) | 23:24 |
bencoh | 22:23 < bencoh> going "fuck it" would just prevent a non-negligeable amount of customers from accessing your services :) | 23:25 |
bencoh | I forgot to tell "including n900" ;) | 23:25 |
kerio | xchat can't connect to my znc \_o_/ | 23:25 |
*** lizardo has quit IRC | 23:25 | |
bencoh | yay | 23:25 |
sec | Lol | 23:25 |
kerio | although it could be a configuration issue | 23:25 |
kerio | like, on xchat side | 23:25 |
sec | Also, it's only going to get worse with OpenSSL refactoring code and weeding out bugs now that they're getting funded. I am assuming this za will be xyz in another few months | 23:26 |
kerio | rofl | 23:26 |
kerio | no way | 23:26 |
bencoh | :)) | 23:26 |
kerio | you mean zza | 23:26 |
kerio | xyz < za | 23:26 |
sec | That doesn't sound right | 23:27 |
sec | http://talk.maemo.org/showpost.php?p=1428683&postcount=13 | 23:27 |
bencoh | anyawy, what brought openssl here tonight ? :) | 23:28 |
Pali | my happy new year message :D | 23:28 |
Pali | eh, no it was on #neo900 | 23:28 |
Pali | not here | 23:28 |
* sec waits for the day maemo sources are leaked somehow | 23:32 | |
bencoh | http://upstream.rosalinux.ru/compat_reports/openssl/0.9.8o_to_0.9.8p/abi_compat_report.html | 23:32 |
bencoh | sec: we could still patch/revert ABI changes, but meh | 23:33 |
bencoh | last time debian played with ssl ... | 23:33 |
sec | bencoh: http://talk.maemo.org/showpost.php?p=1430524&postcount=21 | 23:33 |
sec | Is there a #openssl? | 23:34 |
bencoh | prolly | 23:34 |
sec | # Topic for ##openssl: NEWS: OpenSSL 0.9.8zc, 1.0.0.o and 1.0.1j released 15-October-2014 | security advisory => | 23:34 |
sec | What did I say | 23:34 |
bencoh | sec: pure luck, considering http://upstream.rosalinux.ru/versions/openssl.html :] | 23:35 |
bencoh | I guess maemo/the software he has installed doesnt use the impacted symbols/structures | 23:36 |
bencoh | but still .... "struct dtls1_bitmap_st (1) Size of this type has been changed from 44 bytes to 20 bytes." | 23:37 |
bencoh | and "struct dtls1_state_st (1) Size of this type has been changed from 808 bytes to 760 bytes." | 23:37 |
sec | I don't know what to think of it. I don't want to believe it's pure luck at this point xD | 23:37 |
Pali | revert those changes | 23:37 |
bencoh | I think it all comes from the changes in BIGNUM / PQ_64BIT | 23:39 |
bencoh | hmm, maybe this has no impact on arm (bignum on arm ... meh) | 23:40 |
sec | Can't wait for 10" phones and 4" tablets at CES this year | 23:43 |
sec | Pali: http://talk.maemo.org/showthread.php?t=94426 | 23:45 |
bencoh | sec: cant wait for qualcomm MSM stuff everywhere ? :> | 23:47 |
sec | xD | 23:47 |
sec | Alright, guys: #openssl says: | 23:47 |
sec | sec$ Hello, could anyone help out. I would like to know whether 0.9.8n and 0.9.8za are ABI compatible or not. | 23:47 |
sec | richmoore2$ they're supposed to be however there could be bugs. however you'd be mad to update to za rather than zb and in the | 23:47 |
sec | event of problems you'd be mad not to solve them and go straight to 1.1 | 23:48 |
kerio | LOL | 23:53 |
kerio | hold on, why zb and not zc | 23:54 |
Generated by irclog2html.py 2.15.1 by Marius Gedminas - find it at mg.pov.lt!