You are not logged in.
- Topics: Active | Unanswered
#726 News & Announcements » Linux security hole - The Register » 2023-10-05 02:40:38
- Altoid
- Replies: 2
Hello:
This appeared on The Register tonight:
-----------------------------------------------------------------------------------------------------
Make-me-root 'Looney Tunables' security hole on Linux needs your attention
By Thomas Claburn - Wed 4 Oct 2023 // 21:27 UTC
https://www.theregister.com/2023/10/04/ … ables_bug/
-----------------------------------------------------------------------------------------------------
... a security hole that can be fairly easily exploited by rogue users, intruders, and malicious software to gain root access ...
... a buffer overflow vulnerability in the GNU C Library's handling of an environmental variable ...
... arises from the GNU C Library's dynamic loader (ld.so) mishandling of the GLIBC_TUNABLES environmental variable.
As usual. we'll see a patch/fix in no time at all.
Best,
A.
#727 News & Announcements » X.Org Security Advisory: Issues in libX11 prior to 1.8.7 & libXpm » 2023-10-03 18:32:05
- Altoid
- Replies: 0
Hello:
Just got this in my inbox.
Good to see that things 'X11' are rolling along steadily.
Best,
A.
***********************************************************************************
X.Org Security Advisory: October 3, 2023
Issues in libX11 prior to 1.8.7 & libXpm prior to 3.5.17
========================================================
Multiple issues have been found in the libX11 & libXpm libraries published
by X.Org for which we are releasing security fixes in libX11 1.8.7 &
libXpm 3.5.17.
The first issue (CVE-2023-43785) can be triggered by connecting to an
X server that sends specially crafted replies to X11 protocol requests.
The other 4 issues can be triggered by opening specially crafted XPM format
image files via libXpm. Two of the four issues have root causes in the
libX11 library and are fixed there, but patches have also been applied
to libXpm to avoid passing the invalid data to libX11 in the first place.
----------------------------------------------------------------------------
1) CVE-2023-43785 libX11: out-of-bounds memory access in _XkbReadKeySyms()
Introduced in: X11R6.1 [released March 1996]
Fixed in: libX11 1.8.7
Found by: Gregory James DUCK
Fixed by: Alan Coopersmith of Oracle Solaris Engineering
When libX11 is processing the reply from the X server to the XkbGetMap
request, if it detected the number of symbols in the new map was less
than the size of the buffer it had allocated, it always added room for
128 more symbols, instead of the actual size needed. While the
_XkbReadBufferCopyKeySyms() helper function returned an error if asked
to copy more keysyms into the buffer than there was space allocated for,
the caller never checked for an error and assumed the full set of keysyms
was copied into the buffer and could then try to read out of bounds when
accessing the buffer. libX11 1.8.7 has been patched to both fix the size
allocated and check for error returns from _XkbReadBufferCopyKeySyms().
Fix:
https://gitlab.freedesktop.org/xorg/lib … 78a3358a7f
2) CVE-2023-43786 libX11: stack exhaustion from infinite recursion
in PutSubImage()
Introduced in: X11R2 [released Feb. 1988]
Fixed in: libX11 1.8.7
Found by: Yair Mizrahi of the JFrog Vulnerability Research team
Fixed by: Alan Coopersmith of Oracle Solaris Engineering
When splitting a single line of pixels into chunks that fit in a single
request (not using the BIG-REQUESTS extension) to send to the X server,
the code did not take into account the number of bits per pixel, so would
just loop forever finding it needed to send more pixels than fit in the
given request size and not breaking them down into a small enough chunk to
fit. An XPM file was provided that triggered this bug when loaded via
libXpm's XpmReadFileToPixmap() function, which in turn calls XPutImage()
and hit this bug.
Further hardening to prevent similar bugs was done in libX11 by making
XPutImage() clip images to the maximum X protocol pixmap size (limited
by the use of unsigned 16-bit integers for height & width) when writing
to X pixmaps, and by making XCreatePixmap() generate X errors if a
height or width was specified that did not fit into an unsigned 16-bit
integer. In libXpm, hardening was done to return error codes for any
call that would have passed out-of-bounds width or height values to
XCreatePixmap().
Fix:
https://gitlab.freedesktop.org/xorg/lib … 536e863a86
Hardening:
https://gitlab.freedesktop.org/xorg/lib … 0f442ddf4a
https://gitlab.freedesktop.org/xorg/lib … 0b9b48784b
https://gitlab.freedesktop.org/xorg/lib … c31a50701c
3) CVE-2023-43787 libX11: integer overflow in XCreateImage() leading to
a heap overflow
Introduced in: X11R2 [released Feb. 1988]
Fixed in: libX11 1.8.7
Found by: Yair Mizrahi of the JFrog Vulnerability Research team
Fixed by: Yair Mizrahi of the JFrog Vulnerability Research team
When creating an image, there was no validation that the multiplication
of the caller-provided width by the visual's bits_per_pixel did not
overflow and thus result in the allocation of a buffer too small to hold
the data that would be copied into it. An XPM file was provided that
triggered this bug when loaded via libXpm's XpmReadFileToPixmap() function,
which in turn calls XCreateImage() and hit this bug.
Further hardening to prevent similar bugs was done in libXpm to return
error codes for any call to XCreateImage() that would have resulted in
this calculation overflowing.
Fix:
https://gitlab.freedesktop.org/xorg/lib … 9907aea6a0
Hardening:
https://gitlab.freedesktop.org/xorg/lib … 6da02e911e
4) CVE-2023-43788 libXpm: out of bounds read in XpmCreateXpmImageFromBuffer()
Introduced in: unknown - prior to xpm-3.4k [released 1998]
Fixed in: libXpm 3.5.17
Found by: Alan Coopersmith of Oracle Solaris Engineering
Fixed by: Alan Coopersmith of Oracle Solaris Engineering
When the test case for CVE-2022-46285 (fixed in libXpm 3.5.15) was run
with the Address Sanitizer enabled, it found an out-of-bounds read in
ParseComment() when reading from a memory buffer instead of a file, as
it continued to look for the closing comment marker past the end of the
buffer.
Fix:
https://gitlab.freedesktop.org/xorg/lib … f139ed67e0
5) CVE-2023-43789 libXpm: out of bounds read on XPM with corrupted colormap
Introduced in: unknown - prior to xpm-3.4k [released 1998]
Fixed in: libXpm 3.5.17
Found by: Alan Coopersmith of Oracle Solaris Engineering
Fixed by: Alan Coopersmith of Oracle Solaris Engineering
Fuzzing with clang's -fsanitize/libfuzzer generated an XPM file with a
corrupted colormap section which caused libXpm to read out of bounds.
Fix:
https://gitlab.freedesktop.org/xorg/lib … bc3fcd8f51
----------------------------------------------------------------------------
X.Org thanks all of those who reported and fixed these issues, and those
who helped with the review and release of this advisory and these fixes.
The X.Org security team would like to take this opportunity to remind X client
authors that current best practices suggest separating code that requires
privileges from the GUI, to reduce the risk of issues like CVE-2023-43785.
--
-Alan Coopersmith- alan.coopersmith@oracle.com
X.Org Security Response Team - xorg-security@lists.x.org
--
-Alan Coopersmith- alan.coopersmith@oracle.com
Oracle Solaris Engineering - https://blogs.oracle.com/solaris
#728 Re: Other Issues » deb package installation issue » 2023-10-02 02:26:33
Hello:
... su to root ...
From Chimaera Release notes:
https://files.devuan.org/devuan_chimaer … _notes.txt
su
The behaviour of su changed in Devuan 3 Beowulf. These changes persist
in Devuan 4 Chimaera. Use su - to get root's path or use the full path
to commands if you use only su. See the following for more information:https://www.debian.org/releases/buster/ … -variables -
https://wiki.debian.org/NewInBuster -
https://bugs.debian.org/905564
A.
#729 Re: Hardware & System Configuration » Lenovo Ideapad 100e F-Keys Work in Mint/Ubuntu but not Devuan/Debian » 2023-09-30 21:31:51
Hello:
Thanks ...
You're welcome.
... look into the the kernel log and the only keyboard related stuff I found was
Ubuntu 22.04-1 (Linux version 5.15.0-43-generic) [ 0.740658] kernel: input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input3 [ 23.149199] systemd[1]: Starting Set the console keyboard layout... [ 25.390693] kernel: input: Ideapad extra buttons as /devices/pci0000:00/0000:00:1f.0/PNP0C09:00/VPC2004:01/input/input8 Devuan 4 (Linux version 5.10.0-23-amd6) [ 2.366659] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input0 [ 5.505134] input: Ideapad extra buttons as /devices/pci0000:00/0000:00:1f.0/PNP0C09:00/VPC2004:01/input/input6
Right.
We can see that both installs 'see' and 'identify' both the keyboard and the Ideapad extra buttons.
... must be some additional software configuration that makes them work.
Could be.
Note the process in each boot.
Ubuntu 22.04 is Starting Set the console keyboard layout... while Devuan 4 is not.
... where else to look or what to look for, as I don't recall having any keyboard related issues ...
Something (module? package?) in being loaded by Ubuntu but not by Devuan.
In Ubuntu, the infamous systemd is taking care of that.
Just in case, check dmesg for errors:
~$ sudo dmesg | grep -i "error\|warning\|fail\|segfault\|fatal\|not"I recall that the issue with my 1000HE was related to a file/package (eeepc-wmi?) not loading due to some change in the kernel.
Best,
A.
#730 Re: Other Issues » installing Appimagelauncher » 2023-09-27 17:17:50
Hello:
... using the daedalus version.
I do not know if these dependencies are suitable ...
Is that package in the Debian repositories?
I cannot find it.
Devuan is Debian albeit without systemd so if a package is not in the Debian repositories you won't find it in the Devuan repositories.
Now, if it is in the Debian repositories but requires systemd to run, then you won't find it in the Devuan repositories.
As a Devuan user you should know that by now. (!)
That and that installing applications from foreign repositories is really not a good idea.
That said, from the information you have posted it is quite obvious that the package you are attempting to install requires systemd to be present.
Devuan does not and will not ever use systemd.
If you really (really) need to have an appimage launcher, you will need to find a Linux distribution that uses it.
There's no way around that.
Best,
A.
#731 Re: Hardware & System Configuration » Lenovo Ideapad 100e F-Keys Work in Mint/Ubuntu but not Devuan/Debian » 2023-09-26 16:14:33
Hello:
... laptops where the function keys have special action assigned to them.
My Asus 1000HE had/has a similar issue which was never fixed by Debian.
Check the Ubuntu dmesg printout against the Devuan dmesg printout and see if there's any mention of that.
There's probably some driver or module you need loaded, present in the Ubuntu distribution and not in the Debian based ones.
Best,
A.
#732 Re: Desktop and Multimedia » viber font issue » 2023-09-21 15:37:40
Hello:
... ideas are appreciated!
I cannot find that package in any of the Devuan repositories.
I cannot find it in the Debian repositories either.
At this time, Devuan is Debian albeit without systemd so if a package is not in the Debian repositories you won't find it in the Devuan repositories.
Where did you get it from?
How did you install it?
Best,
A.
#733 Re: Installation » Devuan repository with insecure connection? Can't be ... » 2023-09-17 19:05:33
Hello:
about:preferences is a user-friendly front-end ...
Yes and the settings there should be properly reflected in about:config.
It is actively discouraged by FF to go there, soon we won't be able to tweak anything.
Independently of the fact that not eveyone fiddles around with about:config, dom.security.https_only_mode is set to false.
I have FF 91.9.1 esr installed on my 1000HE and it works properly. ie: with the option Don’t enable HTTPS-Only set as I have done for the longest while.
... check whether there's any "safebrowsing" crap ...
No.
Besides, I cannot recall this happening with the previous version. ie: 102.15.0esr-1~deb10u1
EDIT:
It seems that it is an issue with FF.
And from the looks of it, it won't be looked at by Mozilla or fixed any time soon.
At least, the thread seems to suggest that the solution is that you emply a work-around.
ie: with FF everything has to be via HTTPS and if you don't like that, file exceptions.
Yet another reason to ditch FF.
Thanks for your input.
Best,
A.
#734 Re: Installation » Devuan repository with insecure connection? Can't be ... » 2023-09-17 15:02:39
Hello:
... main setting is (should be) a three option radio group, looking ...
Yes.
That is exactly what I have and how I have it set.
As I understand it (with no per-site exceptions enabled) when you check that option ie: the one I have set, FF should not be enabling HTTPS-Only Mode.
But apparently it does.
So, my guess (?) is that something is amiss but then I may not have had enough espresso yet.
Thanks for your input.
Best,
A.
#735 Re: Installation » Devuan repository with insecure connection? Can't be ... » 2023-09-17 13:33:04
Hello:
Read that entry carefully: I think it means ...
Indeed ...
Makes me wonder why it would be worded in that rather confusing manner.
Wouldn't it have been much better (especially for idiots like mysef) to do it like this:
about:preferences#privacy
Enable HTTPS-Only Mode -> falseie: no double negatives
But that is in the about:preferences page.
The UI I does not have True or False (boolean) options.
It just has a circle, like box to tick but round.
Like this:
O Don’t enable HTTPS-Only Mode So ...
If I don't tick the circle, it does/should not set the option Don’t enable HTTPS-Only Mode
If I do tick the circle, it does/should set the option Don’t enable HTTPS-Only Mode
Seems there's something amiss (?).
Thanks for your input.
Best,
A.
#736 Re: Installation » Devuan repository with insecure connection? Can't be ... » 2023-09-17 12:40:28
Hello:
Check FF options: if the "only https" option is selected ...
No, it is not selected.
I never set it up that way.
about:preferences#privacy
Don’t enable HTTPS-Only Mode -> falseThanks for your input.
Best,
A.
#737 Re: Installation » Devuan repository with insecure connection? Can't be ... » 2023-09-17 11:40:04
Hello:
Thanks for the prompt reply.
... link uses "http" instead of "https".
Yes, I had read something here about that some time ago.
... be sure to check the package ...
Always do that to make sure any package is downloaded intact.
But as my installations/updates/upgrades all go through apt, I'd never seen this before.
I have inherent trust in Devuan repositories, what I do not trust is my sometimes flaky ADSL. 8^/
What called my attention is that this seems to be a FF thing as Pale Moon does not issue a warning.
Best,
A.
#738 Installation » Devuan repository with insecure connection? Can't be ... » 2023-09-17 09:58:35
- Altoid
- Replies: 10
Hello:
Just a heads up, not sure I understand exactly what is happening.
Updated FF 102.15.1esr-1~deb10u1 over 102.15.0esr-1~deb10u1.
Then, having seen a post on SLiM I went to check on the last package information. Wanted to read the change log for my all time favourite log-in manager.
Clicked on the package file and got this warning from FF:
File not downloaded. Potential security risk.
The file uses an insecure connection. It may be corrupted blah, blah, blah ...
What's going on?
Note: does not happen with the latest Pale Moon 32.4.0.1
Thanks in advance.
Best,
A.
#740 Re: Desktop and Multimedia » [SOLVED] DigiKam » 2023-09-10 19:02:30
Hello:
Thanks for responding!
You're welcome.
... no dependency issues reported during install.
As apt takes care of the pesky dependencies, when you have an issue it won't be reported because it wasn't declared to apt in the first place, which in itself is the issue.
ie: apt won't know about it, won't bitch about it but the application will say it cannot find it. There are other scenarios, of course.
At least I think it works that way and there are other scenarios.
... don't see libtiff5 nor libIlmImf.
It seems that libtiff.so.5 library is provided by the libtiff5 package.
See here: https://packages.debian.org/search?sear … e&arch=any
As for libIlmImf it is provided by the libopenexr package.
See here: https://packages.debian.org/search?mode … =libIlmImf
See if you have it with this: ~$ apt list | grep libtiff5 (do the same as below for libopenexr.
If you do you should get this line:
libtiff5/oldoldstable-security,now 4.1.0+git191117-2~deb10u8 amd64 [installed,automatic]
If you don't have it, try installing it ...
~# apt install libtiff5... and then see if DigiKam works
Please post the result.
Best,
A.
#741 Re: Desktop and Multimedia » [SOLVED] DigiKam » 2023-09-10 14:16:50
Hello:
Upgraded to Daedalus ...
... installed DigiKam.
... but does not start.
... from terminal window it says there is no libtiff.so.5.
Some dependency issue (?)
... probably doing something wrong.
Not necessarily.
... correct steps after apt-get install digikam?
If it is being installed from the correct Devuan repositories, apt install digikam (as sudo or root) should suffice.
I run Beowulf (not Daedalus) with a backported kernel and XFCE so if I try to install it a HUGE 176MB of files get drawn in.
I do not like KDE so it is definitely not for me.
But being Daedalus a recent release, you should check if all dependencies are being met, maybe something slipped through the packager's error detecting sieve, happens sometimes:
~$ apt show digikam
Package: digikam
Version: 4:5.9.0-1+b1
Priority: optional
Section: graphics
Source: digikam (4:5.9.0-1)
Maintainer: Debian KDE Extras Team <pkg-kde-extras@lists.alioth.debian.org>
Installed-Size: 3731 kB
Depends: digikam-private-libs (= 4:5.9.0-1+b1), libc6 (>= 2.14), libgcc1 (>= 1:3.0), libkf5configcore5 (>= 4.97.0), libkf5coreaddons5 (>= 4.100.0), libkf5filemetadata3 (>= 5.1.0.1), libkf5i18n5 (>= 4.97.0), libqt5core5a (>= 5.11.0~rc1), libqt5gui5 (>= 5.4.0), libqt5sql5 (>= 5.4.0), libqt5widgets5 (>= 5.4.0), libstdc++6 (>= 4.1.1), perl:any, libqt5sql5-sqlite, libqt5sql5-mysql, digikam-data (= 4:5.9.0-1), kipi-plugins (= 4:5.9.0-1+b1)
Recommends: www-browser, ffmpegthumbs
Suggests: digikam-doc, systemsettings
Homepage: http://www.digikam.org
Tag: field::arts, hardware::camera, implemented-in::c++,
interface::graphical, interface::x11, role::program,
scope::application, suite::kde, uitoolkit::qt, use::browsing,
use::learning, use::organizing, use::searching, use::viewing,
works-with::image, works-with::image:raster, x11::application
Download-Size: 3577 kB
APT-Sources: http://deb.devuan.org/merged beowulf/main amd64 Packages
Description: digital photo management application for KDE
~$In my case (Beowulf), it boils down to this:
Depends:
digikam-private-libs (= 4:5.9.0-1+b1)
libc6 (>= 2.14)
libgcc1 (>= 1:3.0)
libkf5configcore5 (>= 4.97.0)
libkf5coreaddons5 (>= 4.100.0)
libkf5filemetadata3 (>= 5.1.0.1)
libkf5i18n5 (>= 4.97.0)
libqt5core5a (>= 5.11.0~rc1)
libqt5gui5 (>= 5.4.0)
libqt5sql5 (>= 5.4.0)
libqt5widgets5 (>= 5.4.0)
libstdc++6 (>= 4.1.1)
perl:any
libqt5sql5-sqlite
libqt5sql5-mysql
digikam-data (= 4:5.9.0-1)
kipi-plugins (= 4:5.9.0-1+b1)Once you get your own (Daedalus) depends list, check to see if the right libraries/versions are present and let us know.
Someone who knows more than I about this will surely chip in.
Best,
A.
#742 Re: Hardware & System Configuration » [SOLVED] How to daemonize Timeshift so it can be run as a service? » 2023-09-07 20:39:48
Hello:
Thanks ...
... was wondering exactly this.
You're welcome.
If so, please mark the thread as [solved].
Best,
A.
#743 Re: Other Issues » [SOLVED] Messed up keyboard characters » 2023-09-07 13:32:34
Hello:
... characters on the keyboard changed places.
... when it comes to any symbols like a dot ...
First we need to know what your exact keyboard layout is.
I take it that it is an English language layout, yes?
Does it have an identifying sticker label somewhere?
---
Most Dell-branded devices such as keyboard, mouse, external hard drive, speakers, do not have a Service Tag or Express Service Code. Such devices must be identified using the model number or name of the device. The label containing the device name and model number is usually located on the bottom of the device.
---
Please post a photo of the sticker label.
Best,
A.
#744 Re: Hardware & System Configuration » [SOLVED] How to daemonize Timeshift so it can be run as a service? » 2023-09-06 20:28:08
Hello:
Tnanks ...
You're welcome.
Be sure to check the different targets that Timeshift and BackInTime have.
Timeshift is better suited for system file backups and BackInTime for data file backups.
Timeshift is similar to applications like rsnapshot, BackInTime ... ... but with different goals. It is designed to protect only system files and settings. User files such as documents, pictures and music are excluded. This ensures that your files remains unchanged when you restore your system to an earlier date.
Best,
A.
#745 Re: Hardware & System Configuration » [SOLVED] How to daemonize Timeshift so it can be run as a service? » 2023-09-06 02:02:17
Hello:
... clues on to run timeshift as a system daemon.
As a system daemon?
I have been using timeshift for many years now.
But it is not set up as a daemon (at least not since I started using it).
It runs cron jobs which you set up when you configure it to do what you want.
ie: schedule the [hourly, daily, weekly, monthly] snapshots.
And if you need to take one manually, you just do it directly from the UI.
Bear in mind that the original developer/maintainer (teejee) closed shop and it is now maintained by the people at Linux Mint.
HTH.
Best,
A.
#746 Re: Devuan » Question for devs... Debian 12 can be installed without systemd » 2023-09-05 20:56:48
Hello:
AntiX & MX Linux developers have been ...
... so, yes, it can be done.
I beg to differ.
If it could be done, Devuan would not exist as an OS, it would be a (maybe) complex script or collection of linked scripts.
You and I are referring to two very different things:
1. installing Debian (as it comes out of the box) without systemd.
2. installing Devuan or AntiX/MX via what their respective developers/maintainers do.
If you are installing Debian you do not have a choice of inits.
And if you want to weed it out after installing Debian, you cannot.
Please read the post at the provided link and the ensuing thread, it is explained albeit I don't know if correctly / thoroughly enough.
Once I realised what it was about, I stopped reading.
I don't know exactly what AntiX/MX developers/maintainers do, so I cannot compare.
But I more or less know what Devuan developers/maintainers do*:
Devuan developers/maintainers use sysvinit and then sanitize any Debian packages that need systemd so that they will work without it.
And if they cannot be sanitized, they are blacklisted/banned from the Devuan repositories which, to all extent and purposes, are exactly the same as the Debian repositories albeit without the banned packages.
In short: Devuan is Debian without systemd.
That's about it, so my contribution to this thread (useful or not) ends here. 8^)
Best,
A.
* corrections encouraged and welcomed.
#747 Re: Devuan » Question for devs... Debian 12 can be installed without systemd » 2023-09-05 11:10:34
Hello:
When Debian 12 was released, I read through the release notes/wiki and saw it's possible to install a different init system.
In my opinion, it was just pour la galerie, so to speak. ie: an effort to, in the early stages of the systemd takeover, appease those who voiced their dissent.
But ...
Debian with another init?
Please ...
There was some more smoke and mirrors FUD from a self described Debian insider sometime ago but it was just that.
Sorry to be the one to break the news to you but that is definitely *not* in Debian's plans.
Deprecating SystemV support was the last step in that direction.
"Support for System V service scripts is now deprecated and will be removed in a future release. Please make sure to update your software
*now* [1] to include a native systemd unit file instead of a legacy System V script to retain compatibility with future systemd releases."
[1] the asterisks are not mine, they are in the original.
The inevitable result will be that in a very short time there will be no SystemV compatible packages in the Debian repositories as devs/maintainers will not include init scripts for a deprecated init in their packages, something that will inevitably extend to all Debian based distributions using systemd.
I've said it many times before: there is a lot of moolah behind making systemd the de-facto init for the Linux ecosystem.
systemd is nothing but a MS registry for Linux and the main purpose is to turn Linux into a MS type OS, with all that such a thing implies.
Like a poster at The Register once said with respect to systemd:
"... it is nothing but a developer sanctioned virus running inside the OS, constantly changing and going deeper and deeper into the host with every iteration and as a result, progressively putting an end to the possibility of knowing/controlling what is going on inside your box as it becomes more and more obscure."
But there's nothing new at hand: it is the old MS embrace, extend, and extinguish that has been going on for decades, only that now there's active and quite visible participation from IBM/RH and last but not least Microsoft, corporation that that went from labelling Linux a cancer to wanting to become best friends with it while everyone smiled and said "how nice of them to do so".
Devuan (and derivatives) is still holding on but who knows for how long this will be so.
Best,
A.
#748 News & Announcements » New version of sudo in Rust » 2023-09-02 19:11:59
- Altoid
- Replies: 1
Hello:
Came across this today.
The sudo command-line tool has been implemented in the Rust programming language
to hopefully rid it of any exploitable memory-safety bugs.
Prossimo, a project overseen by the non-profit Internet Security Research Group (ISRG),
announced the first stable release of sudo-rs this week. That open source codebase
includes the related su command-line program, again in Rust.
https://github.com/memorysafety/sudo-rs
Best,
A.
#749 News & Announcements » The Register's OS desk writes about Devuan Daedalus » 2023-08-21 21:19:39
- Altoid
- Replies: 4
Hello:
The Register's Liam Proven and his article on Devuan5:
---
Version 5 of systemd-free Debian remix Devuan is here
Debian Bookworm without the controversial init – or the platform support, or the polish
Liam Proven - Mon 21 Aug 2023 // 10:00 UTC
---
https://www.theregister.com/2023/08/21/ … ee_debian/
I am of those that think that itis better to be talked about than ignored, but ...
Devuan is a hard distro to summarize.
On the one hand, the sort of xNix graybeard who favours Debian is also exactly the sort of curmudgeon who harbors grave concern about systemd, so it's good that there's an option.On the other hand, it's bad that it split the already understaffed Debian developer community.
I'll just hold my thoughts and go make me a cuppa.
Best,
A.
#750 Re: Devuan Derivatives » Refracta problems on Ideapad laptop » 2023-08-08 01:17:49
Hello:
Thank-you.
You're welcome.
#1:
# dmesg | grep -i keyboard [ 13.000115] input: AT Translated Set 2 keyboard as /devices/platform/i8042/serio0/input/input8 [ 22.030425] ideapad_acpi VPC2004:00: Keyboard backlight control not available
Right, there is the working kb, as seen by SystemRescue.
#2:
# xinput list ⎡ Virtual core pointer id=2 [master pointer (3)] ⎜ ↳ Virtual core XTEST pointer id=4 [slave pointer (2)] ⎜ ↳ PixArt USB Optical Mouse id=10 [slave pointer (2)] ⎜ ↳ ELAN Touchscreen id=11 [slave pointer (2)] ⎣ Virtual core keyboard id=3 [master keyboard (2)] ↳ Virtual core XTEST keyboard id=5 [slave keyboard (3)] ↳ Power Button id=6 [slave keyboard (3)] ↳ Video Bus id=7 [slave keyboard (3)] ↳ Power Button id=8 [slave keyboard (3)] ↳ Sleep Button id=9 [slave keyboard (3)] ↳ Lenovo EasyCamera : Lenovo Easy id=12 [slave keyboard (3)] ↳ Ideapad extra buttons id=13 [slave keyboard (3)] ↳ AT Translated Set 2 keyboard id=14 [slave keyboard (3)]
There is the PixArt USB Optical Mouse and what SystemRescue sees as a touch screen.
I assume that there's no such thing, just a touchpad.
Right?
I've had a quick look around and it seems that the Elan touchpads are a rather troublesome thingy for Linux.
Please do this:
sudo dmesg | grep -i elan to see *if* dmesg has something to say about the touchpad.
and
cat /var/log/Xorg.0.log | grep -i "input driver" to see what driver SystemRescue uses for the kb and post the results.
Best,
A.
Board footer
