search for: unmitigated

Displaying 12 results from an estimated 12 matches for "unmitigated".

Did you mean: mitigated
2020 Jun 08
2
Mitigating straight-line speculation vulnerability CVE-2020-13844
...: [AArch64] Add clang command line support for -mharden-sls= 7. https://reviews.llvm.org/D81405: [AArch64] Avoid incompatibility between SLSBLR mitigation and BTI codegen, by only using X16 and X17 registers for BLRs. There are a few known places where this toolchain mitigation leaves instructions unmitigated: * Some accesses to thread-local variables use a code sequence with a BLR instruction. This code sequence is part of the binary interface between compiler and linker. If this BLR instruction needs to be mitigated, it'd probably be best to do so in the linker. It seems that the code sequence...
2015 Nov 13
1
Differences from upstream RHEL
...for RHEL "just work" with Centos > and I don't remember any case where it didn't. I have however heard > whisperings on a grapevine that RH may want to try and make future > versions of Centos slightly incompatible with RHEL but these are > probably just whisperings. Unmitigated rumors. Until someone official says otherwise there is no case where CentOS will ever purposefully be made incompatible with RHEL. There are some very minor edge cases where it can happen incidentally due to: 1. Certain identifying information being changed from RedHat to CentOS such as the pre...
2018 Mar 23
5
RFC: Speculative Load Hardening (a Spectre variant #1 mitigation)
...bits. # ... .LBB0_N: cmovneq %r8, %rax # Conditionally update predicate state. shlq $47, %rax orq %rax, %rsp retq ``` This approach is effective when all code is mitigated in this fashion, and can even survive very limited reaches into unmitigated code (the state will round-trip in and back out of an unmitigated function, it just won't be updated). But it does have some limitations. There is a cost to merging the state into `%rsp` and it doesn't insulate mitigated code from mis-speculation in an unmitigated caller. ##### Rewrite AP...
2018 Oct 19
1
What are the differences between systemd and non-systemd Linux distros?
...or possibly even a web server, but with the wide variety of services run on top of CentOS, there would be no foolproof way of automating the process. If someone was to spend the time to create an automated tool to convert init scripts to systemd services, I have a feeling their life would become an unmitigated hell trying to accommodate all the corner cases out there where a simple conversion won't work (and we all know how people love to complain that free software doesn't do what they need it to do for corner case #65,535, and therefore the developer who spent their own time writing it to fill...
2015 Nov 11
2
Differences from upstream RHEL
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 11/11/15 15:17, Edward Ned Harvey (centos) wrote: >> From: centos-bounces at centos.org >> [mailto:centos-bounces at centos.org] On Behalf Of Devin Reade >> >> The above answer is right-on. From a technical perspective, you >> can probably expect the 3rd party software to work exactly the >> same on RHEL and
2009 Aug 21
12
What to do before launching v1.0?
I’m launching a rails website, the app is written and works, undoubtedly it’ll be an unmitigated disaster when I launch but none the less I thought I’d least attempt to give myself the best chance of success by asking all the gurus here for some advice – pre launch advice if you like. In an ideal world I’d spend days and hours on all of these things and get it absolutely spot on, but as we all...
2012 Jun 20
3
Failing Network card
Everyone, Most of the time I am over my head in trying to troubleshoot problems. However, after reading manuals, man pages, and getting advice from this list I have been able to work my way through difficulties, and at the end, I usually have a better understanding of what 'is going on'. I can only hope this method will work on this problem too. I have been chasing a problem with a
2020 Mar 25
2
[RFC] Speculative Execution Side Effect Suppression for Mitigating Load Value Injection
I'm also a bit unclear on that point. I think one input here has to be: what are some example, existing codebases we want to mitigate, and what should the user experience be to mitigate them? I don't think we can make good engineering tradeoffs without having concrete use cases to evaluate. Another point: it seems some mitigation options have already been added to the GNU toolchain
2018 May 07
1
Non-meritocratic t.&a. projects will be damned. Re: I am leaving llvm
What unmitigated bullshit. Your attempt at logic is laughable. You hold up threadbare stereotypes as the norm, when in reality they are little more than characters straight out of Central Casting. The "genius hermit who can't associate with people" is dumb and false. It's meant to excuse behavior...
2018 May 07
0
Non-meritocratic t.&a. projects will be damned. Re: I am leaving llvm
...o try to advance their own causes. This sort of behavior has no place here, and I’d strongly recommend that people resist the urge to respond and just ignore the trolls. -Chris > On May 7, 2018, at 12:45 AM, Bill Wendling via llvm-dev <llvm-dev at lists.llvm.org> wrote: > > What unmitigated bullshit. Your attempt at logic is laughable. You hold up threadbare stereotypes as the norm, when in reality they are little more than characters straight out of Central Casting. The "genius hermit who can't associate with people" is dumb and false. It's meant to excuse behavior...
2018 Oct 18
7
What are the differences between systemd and non-systemd Linux distros?
Valeri Galtsev wrote: > On 10/17/18 7:55 PM, Warren Young wrote: <snip> >> Benno Rice is right: Lennart Poettering gets stuff done. Because he's funded. And I strongly suspect that a lot of that funding comes from M$'s interest in Upstream. <snip> > > With all due respect, many people just stopped offering any argument > about systemd, and simply fled
2012 May 08
6
registry vulnerabilities in R
...ico, Romeo G Civ USAF AFMC AFRL/RVIO; Mickey, Dallas C Civ USAF AFMC AFRL/RVIO; Trujillo, Lloyd P Civ USAF AFMC AFRL/RVIO Subject: R/RStudio Software Mr. Martin, After completing the vulnerability analysis, we decided to decline to approve R/RStudio software on the NIPRNet. We discovered many unmitigated risks and numerous registry vulnerabilities. Above mentioned open source software poses high risks to the NIPRNet. We recommend using software from the Kirtland Base approved list. Here are some examples of the base approved statistical software: SPSS v19.x LISREL v8.x JMP v8.x - Soon to be c...