search for: unpatching

On 2/7/2017 20:02, Kostya Serebryany wrote: > ... > > My understanding is that BNDCU is the cheapest possible instruction, > just like XOR or ADD, > so the overhead should be relatively small. > Still my guesstimate would be >= 5% since stores are very numerous. > And such overhead will be on top of whatever overhead SafeStack has. > Do you have any measurements to

I just switched gcc from 4.6.2 to 4.7.1 and see the massive amount of warnings, see few examples below. They mostly didn't exist with gcc-4.6.2. rev.159224 Yuri /usr/home/yuri/llvm-2012-06/latest-unpatched/llvm-fix/include/llvm/ADT/PointerUnion.h:56:10: warning: enumeral mismatch in conditional expression:

-Wenum-compare is buggy / bogus. We should turn this warning off in our build scripts if possible. On Tue, Jun 26, 2012 at 5:15 PM, Yuri <yuri at rawbw.com> wrote: > I just switched gcc from 4.6.2 to 4.7.1 and see the massive amount of > warnings, see few examples below. > They mostly didn't exist with gcc-4.6.2. > > rev.159224 > > Yuri > > >

Hi List, Looks like this affects on centos 5 and is unpatched like on rhel 5? https://access.redhat.com/articles/1537873 Trying to test if this affects on centos 5. can someone compile this exploit on centos 5? https://www.qualys.com/research/security-advisories/roothelper.c any ideas how to compile it on centos 5? -- Eero

Hi, If i download the patches in my tree with "hg pull -u" and i think a certain patch breaks my setup, how can i unpatch the file. i have the patch in .diff format... kind regards, Robin van Leeuwen _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel

Suppose I have a CentOS 5.7 machine running the default Apache with no extra modules enabled, and with the "yum-updatesd" service running to pull down and install updates as soon as they become available from the repository. (Assume further the password is strong, etc.) On the other hand, suppose that as the admin, I'm not subscribed to any security alert mailing lists which send

well, very sad to hear as I use commercial rhel 5 and paying for it.. Eero 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>: > On 08/12/2015 10:43 PM, Eero Volotinen wrote: > > Hi List, > > > > Looks like this affects on centos 5 and is unpatched like on rhel 5? > > > > https://access.redhat.com/articles/1537873 > > > > Trying to

Does anyone know off hand what the longest known serious security issue (i.e. remote compromise) has been with FreeBSD that went unpatched ? e.g. security hole is reported to security-officer@FreeBSD.org. X days later, fix and advisory committed. What has been the largest X ? My jaw dropped when I saw http://www.eeye.com/html/Research/Upcoming/index.html ---Mike

On 08/12/2015 10:43 PM, Eero Volotinen wrote: > Hi List, > > Looks like this affects on centos 5 and is unpatched like on rhel 5? > > https://access.redhat.com/articles/1537873 > > Trying to test if this affects on centos 5. can someone compile this > exploit on centos 5? > https://www.qualys.com/research/security-advisories/roothelper.c > > any ideas how to

On 08/13/2015 12:41 PM, Eero Volotinen wrote: > well, very sad to hear as I use commercial rhel 5 and paying for it.. > Well, in that case, I would recommend RHEL-6 or RHEL-7 for your RHEL-5 workloads :) > > 2015-08-13 19:57 GMT+03:00 Johnny Hughes <johnny at centos.org>: > >> On 08/12/2015 10:43 PM, Eero Volotinen wrote: >>> Hi List, >>>

Sound very weird, that supported os is not patched. is the list of non patched security issues in rhel 5 / centos 5 -- Eero 2015-08-14 7:59 GMT+03:00 Mark Milhollan <mlm at pixelgate.net>: > On Thu, 13 Aug 2015, Eero Volotinen wrote: > > >Looks like this affects on centos 5 and is unpatched like on rhel 5? > > >Trying to test if this affects on centos 5. > > It

FWIW, I use claws, which is about the only one not mentioned.? I don't like Thunderbird. For one thing, it is in caretaker status. Mozilla believes Web based mail is the "future." I rather not run roundcube, given I got hacked via an unpatched roundcube ?back when I was using a hosting company. ? Webmail just increases your attack surface.?

Hello, 1) when compiling the lustre modules for the server the ./configure script behaves a bit odd. The --enable-server option is silently ignored when the kernel is not 100% patched. Unfortunatly the build works for the server, but during the mount the error message claims about a missing "lustre" module which is loaded and running. What is really missing are the ldiskfs et al

Hi, Here is the refreshed version of the multi-page ring patch for blkfront and blkback. I currently don''t have time to refresh the blktap part of the patch. The patch should apply cleanly to the following changeset in the linux 2.6.18 tree: changeset: 752:0b859c9516ba tag: qparent parent: 751:6591b4869889 parent: 748:5012c470f875 user: Keir Fraser

Hello all, https://bugzilla.samba.org/show_bug.cgi?id=15418#c20 "This could be a shortterm fix in order to behave like an unpatched windows server" What is the attack scenario of an unpatched windows server? After all Microsoft likely patched to fix an issue, the short term solution probably restores not only NLA but also the vulnerability.. I am not arguing against the fix, as the

Full_Name: John Garvin Version: 1.9.0 OS: OSF1 Alpha ev6 Submission from: (NULL) (128.42.129.78) I configured R 1.9.0 with --enable-R-shlib on Alpha. 'make check' fails with an unresolved symbol. Here's the relevant output: running code in 'reg-tests-1.R' ...529442:/home/garvin/research/tel/R-alpha/unpatched/R-1.9.0/lib/R/bin/R.bin: /sbin/loader: Fatal Error: call to

This is not really a Samba problem, but it does relate to Samba, in a fashion... In regards to: http://www.microsoft.com/technet/treeview/?url=/technet/security/bulleti n/MS04-004.asp Since the latest security patch from Microsoft (last Thursday?) was applied to common desktop machines within our school we have been suffering from problems with network connections. We run several Mac OS X

We put together a samba 3.0.x server to replace an nt domain controller 3 weeks ago when our nt servers were being hit by and unpatched/unpatchable vulnerability in nt. we went through numerous howto's and other documents. The net rpc vampire seem to grab everything fine. However, now when we attempt to add a machine to the domain we get a failure. looking through the log files we see

Hi, I previously posted about using 32-bit X86 segmentation to harden SafeStack: http://lists.llvm.org/pipermail/llvm-dev/2016-May/100346.html That involves lowering the limits of the DS and ES segments that are used for ordinary data accesses while leaving the limit for SS, the stack segment, set to its maximum value. The safe stacks were clustered above the limits of DS and ES. Thus, by

http://fatooh.org/esfq-2.6/ http://fatooh.org/esfq-2.6/esfq-2.6.12-rc1.tar.gz This version no longer interferes with the original SFQ; unlike previous versions, you can still use an unpatched tc with SFQ. Patching tc is still needed for ESFQ, though. I''ve tested this patch with Linux 2.6.11 as well. Please tell me if you have any problems. I''m subscribed to lartc again. -Corey