The men’s world conkers champion is accused of cheating with a steel chestnut.
Daily Archives: October 16, 2024
FIDO Alliance Proposes New Passkey Exchange Standard
The new set of specifications could enable users to securely move passkeys and all other credentials across providers
llvm-test-suite-18.1.8-3.fc40
FEDORA-2024-300397332b
Packages in this update:
llvm-test-suite-18.1.8-3.fc40
Update description:
Remove ClamAV subdirectory because of viruses in input files:
These were the findings:
MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf: Eicar-Signature
MultiSource/Applications/ClamAV/inputs/clam.zip: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/docCLAMexe.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc11.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc1.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/clam.cab: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc2.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/clam.exe.bz2: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/doc3.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/clam.exe: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc22.rtf: Clamav.Test.File-6
Remove broken links in source tarball
Before it wasn’t possible to pass -DTEST_SUITE_SUBDIRS=CTMark to cmake
when configuring the llvm-test-suite:
— Adding directory CTMark
CMake Error at CTMark/CMakeLists.txt:1 (add_subdirectory):
add_subdirectory given source “7zip” which is not an existing directory.
CMake Error at CTMark/CMakeLists.txt:5 (add_subdirectory):
add_subdirectory given source “lencod” which is not an existing directory.
The llvm-test-suite command script pkg_test_suite.sh removes
directories with BAD or unreviewed licenses. Currently this leaves at
least two directories in a broken state:
/usr/share/llvm-test-suite/CTMark/7zip -> ../MultiSource/Benchmarks/7zip
/usr/share/llvm-test-suite/CTMark/lencod -> ../MultiSource/Applications/JM/lencod
In both cases the link target is non-existent.
Therefore I find any broken symbolic links, remove them and adapt the
CMakeLists.txt to not have the add_subdirectory(broken_link) entry in
it. Here’s an excerpt of what the pkg_test_suite.sh script shows when
running as a proof of the work it does now.
++ find test-suite-19.1.0.src -type l ‘!’ -exec test -e ‘{}’ ‘;’ -print
+ broken_symlinks=’test-suite-19.1.0.src/CTMark/7zip
test-suite-19.1.0.src/CTMark/lencod’
+ for f in $broken_symlinks
+ test -L test-suite-19.1.0.src/CTMark/7zip
+ rm -fv test-suite-19.1.0.src/CTMark/7zip
removed ‘test-suite-19.1.0.src/CTMark/7zip’
++ dirname test-suite-19.1.0.src/CTMark/7zip
+ basedir=test-suite-19.1.0.src/CTMark
++ basename test-suite-19.1.0.src/CTMark/7zip
+ dir=7zip
+ cmake_file=test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ test -f test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ sed -i ‘s/add_subdirectory(7zip)//g’ test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ for f in $broken_symlinks
+ test -L test-suite-19.1.0.src/CTMark/lencod
+ rm -fv test-suite-19.1.0.src/CTMark/lencod
removed ‘test-suite-19.1.0.src/CTMark/lencod’
++ dirname test-suite-19.1.0.src/CTMark/lencod
+ basedir=test-suite-19.1.0.src/CTMark
++ basename test-suite-19.1.0.src/CTMark/lencod
+ dir=lencod
+ cmake_file=test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ test -f test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ sed -i ‘s/add_subdirectory(lencod)//g’ test-suite-19.1.0.src/CTMark/CMakeLists.txt
llvm-test-suite-19.1.0-4.fc41
FEDORA-2024-6d9aba8c3c
Packages in this update:
llvm-test-suite-19.1.0-4.fc41
Update description:
Remove ClamAV subdirectory because of viruses in input files:
These were the findings:
MultiSource/Applications/ClamAV/inputs/rtf-test/rtf1.rtf: Eicar-Signature
MultiSource/Applications/ClamAV/inputs/clam.zip: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/docCLAMexe.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc11.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc1.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/clam.cab: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc2.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/clam.exe.bz2: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/doc3.rtf: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/clam.exe: Clamav.Test.File-6
MultiSource/Applications/ClamAV/inputs/rtf-test/Doc22.rtf: Clamav.Test.File-6
Remove broken links in source tarball
Before it wasn’t possible to pass -DTEST_SUITE_SUBDIRS=CTMark to cmake
when configuring the llvm-test-suite:
— Adding directory CTMark
CMake Error at CTMark/CMakeLists.txt:1 (add_subdirectory):
add_subdirectory given source “7zip” which is not an existing directory.
CMake Error at CTMark/CMakeLists.txt:5 (add_subdirectory):
add_subdirectory given source “lencod” which is not an existing directory.
The llvm-test-suite command script pkg_test_suite.sh removes
directories with BAD or unreviewed licenses. Currently this leaves at
least two directories in a broken state:
/usr/share/llvm-test-suite/CTMark/7zip -> ../MultiSource/Benchmarks/7zip
/usr/share/llvm-test-suite/CTMark/lencod -> ../MultiSource/Applications/JM/lencod
In both cases the link target is non-existent.
Therefore I find any broken symbolic links, remove them and adapt the
CMakeLists.txt to not have the add_subdirectory(broken_link) entry in
it. Here’s an excerpt of what the pkg_test_suite.sh script shows when
running as a proof of the work it does now.
++ find test-suite-19.1.0.src -type l ‘!’ -exec test -e ‘{}’ ‘;’ -print
+ broken_symlinks=’test-suite-19.1.0.src/CTMark/7zip
test-suite-19.1.0.src/CTMark/lencod’
+ for f in $broken_symlinks
+ test -L test-suite-19.1.0.src/CTMark/7zip
+ rm -fv test-suite-19.1.0.src/CTMark/7zip
removed ‘test-suite-19.1.0.src/CTMark/7zip’
++ dirname test-suite-19.1.0.src/CTMark/7zip
+ basedir=test-suite-19.1.0.src/CTMark
++ basename test-suite-19.1.0.src/CTMark/7zip
+ dir=7zip
+ cmake_file=test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ test -f test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ sed -i ‘s/add_subdirectory(7zip)//g’ test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ for f in $broken_symlinks
+ test -L test-suite-19.1.0.src/CTMark/lencod
+ rm -fv test-suite-19.1.0.src/CTMark/lencod
removed ‘test-suite-19.1.0.src/CTMark/lencod’
++ dirname test-suite-19.1.0.src/CTMark/lencod
+ basedir=test-suite-19.1.0.src/CTMark
++ basename test-suite-19.1.0.src/CTMark/lencod
+ dir=lencod
+ cmake_file=test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ test -f test-suite-19.1.0.src/CTMark/CMakeLists.txt
+ sed -i ‘s/add_subdirectory(lencod)//g’ test-suite-19.1.0.src/CTMark/CMakeLists.txt
Experts Play Down Significance of Chinese Quantum “Hack”
DigiCert says imminent crypto threat from quantum computing has been over-hyped
UK Government Launches AI Safety Scheme to Tackle Deepfakes
New government grants for AI safety research are designed to fund work into deepfakes and other cyber risks
libarchive-3.7.2-7.fc40
FEDORA-2024-80e4603b92
Packages in this update:
libarchive-3.7.2-7.fc40
Update description:
Fix for CVE-2024-48957
Automatic update for libarchive-3.7.2-6.fc40.
USN-7048-2: Vim vulnerability
USN-7048-1 fixed a vulnerability in Vim. This update provides the
corresponding update for Ubuntu 14.04 LTS.
Original advisory details:
Suyue Guo discovered that Vim incorrectly handled memory when flushing the
typeahead buffer, leading to heap-buffer-overflow. An attacker could
possibly use this issue to cause a denial of service.
USN-7070-1: libarchive vulnerabilities
It was discovered that libarchive mishandled certain memory checks,
which could result in a NULL pointer dereference. An attacker could
potentially use this issue to cause a denial of service. This issue
only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, Ubuntu 18.04 LTS,
Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. (CVE-2022-36227)
It was discovered that libarchive mishandled certain memory operations,
which could result in an out-of-bounds memory access. An attacker could
potentially use this issue to cause a denial of service. This issue only
affected Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
(CVE-2024-48957, CVE-2024-48958)
USN-7038-2: APR vulnerability
USN-7038-1 fixed a vulnerability in Apache Portable Runtime (APR) library.
This update provides the corresponding update for Ubuntu 14.04 LTS.
Original advisory details:
Thomas Stangner discovered a permission vulnerability in the Apache
Portable Runtime (APR) library. A local attacker could possibly use this
issue to read named shared memory segments, potentially exposing sensitive
application data.