In other ancient package news. I also asked for gjay to be removed. This is a gtk based music sorter that creates playlists. I've not worked on it for four years and needs some major work, so off it goes.

The package just got removed from the archive after I requested it removal. Unfortunately, it is too difficult to maintain in a distribution.

It's a great mud client, it is just a little wild and crazy on its required dependencies.

package for 5.3.2 has just been uploaded. This fixes some important problems introduced in 5.3.1 That version fixed a few security-related bugs, mainly XSS (again).

The update should be available for Debian sid in the next few hours.

Is there anything more confusing than shared library numbering?

There are three numbers: current, revision and age. Depending on what you are doing to the API one or more of those numbers will change. Seems the last relase I did months ago I got it wrong and bumped the age when that can't happen by itself, I think.

Oh and the soname of the library is definitely connected to, but not exactly, those three numbers (I think its C.R.R-A or something like that).

Found a curious bug in the package last night. There is a reasonably old security patch for CVE-2017-14990 where the activation key is stored in plaintext for multisite users (normal users it's hashed).

Anyway it's a broken patch because it doesn't decide the user id. Easy to fix but I never used it before.

version 23.3 was released tonight. This has a few minor changes such as pstree with colouring depending on the process age and a fix for killall finding processes.

I just found out someone still maintains one of the first free software programs I wrote so many years ago. Checked the changelog and it was 25 July 1995! A 24 -year old program still in use.

There has been a bit of a clean up and all my comment out debug code removed (good!) but its basically the same.

Fortunately the Linux kernel driver I wrote has long gone 😱

psmisc is almost ready for release. I have sent a pre-release version over to the translation project for the updated translated files. Give them a few days and then it will be ready.

I added a new feature to pstree last night. It will now can show the age of processes in colour. The colours and ages of processes (minute, hour, other) are fixed for now but there is room for expansion later. That should be the last thing before the next release.

5.2.4 is now available! This security release fixes 6 security issues.

WordPress versions 5.2.3 and earlier are affected by these bugs, which are fixed in version 5.2.4. Updated versions of WordPress 5.1 and earlier are also available for any users who have not yet updated to 5.2

net-snmp packages version 5.8-1 just got uploaded. The previous upstream version 5.7.2 has been around for 4 years so this has been a long time coming.

5.8 packages also drop support of python modules, use pysnmp instead as its better in most ways.

Every time I have to interact with sourceforge it reminds me how backward the site is. I have had so many 503 errors, comments disappearing from bug reports or some truly bizzare happenings in text boxes where the words repeat.

I'm so glad I moved my stuff off it, originally due to the previous owners dodgy behavior but now for all this.

An update! They looked at the net-snmp bug again and there was a fix already, just not in the current release.

Amazing how two simple lines can ruin your day.

Show thread

Uploaded the mastodon module into the repository tonight. This gets it inline with the pypi version 1.4.6

It now conditionally links http_ece, so no more Debian patches :drake_like:

The program can use but there is no package inside Debian yet.

I have now use the system package for libjs-underscore rather than the one shipped with . For once, the Debian version is newer but linking it didn't seem to give any errors on a browser console. It also meant I had to update my profile for wordpress.

WordPress version 5.2.3 is now out which is a security release. It fixes a bunch of XSS problems and some sanitization problems. Debian packages soon.

OK future me, it looks like the resolver does some 'good at the time but dumb now' assumption about localhost + no port = port 161, this sits under the tdomain debugs.

Done some work on tonight, mainly some merge requests and bug fixes.

Matching NFS still can cause problems (they changed the way NFS "looks" in the proc filesystem) but I merged in some changes so it hangs less, I hope.

peekd will also work with ARM64 CPUs after someone gave me a patch for that.

I was looking at the net-snmp code trying to work out the differences between the PID file generating code for snmpd and snmptrapd.

πŸ”Ή snmpd uses open() with permissions of 0600
πŸ”Ή snmptrapd uses fopen() with permissions of 0644

Given there on my system there is only one other PID file with 0600 I patched snmpd to use 0644.

Show more
Mastodon on Dropbear

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!