| ceekay | I know this isn't strcitly development-related, but it's in the topic and i get no response in #ubuntu so I'll ask here http://www.ubuntu.com/usn/usn-612-1 says that for 7.04 to get libssl0.9.8 version 0.9.8c-4ubuntu0.3 ... however packages.ubuntu.com and my nearest mirror lists 0.9.8c-4ubuntu0.2 as being the latest available... is ...ubuntu0.3 still in the works? | 00:03 |
|---|---|---|
| crimsun | ceekay: no, it's already available. | 00:07 |
| ceekay | just a mirror sync thing or something? | 00:08 |
| crimsun | ceekay: yes | 00:08 |
| crimsun | libssl0.9.8 | 0.9.8c-4ubuntu0.3 | feisty-security | amd64, i386, powerpc | 00:08 |
| crimsun | libssl0.9.8 | 0.9.8c-4ubuntu0.3 | feisty-updates | amd64, i386, powerpc | 00:08 |
| crimsun | so, you can either pull from archive.ubuntu.com or from security.ubuntu.com | 00:08 |
| crimsun | (sorry, I reversed that, respectively) | 00:09 |
| crimsun | as long as you have "Important security updates" ticked/checked in the Updates tab of System> Administration> Software Sources, you should be set. | 00:10 |
| ceekay | cool thx... just wanted to verify that it was actually available | 00:10 |
| ceekay | my repositories are set to a local mirror at work that probably just syncs nightly | 00:10 |
| === nenolod is now known as happinessturtle | ||
| Hobbsee | pitti: i'm no -sru'er.... | 02:42 |
| lamont` | hrm... how do I tell network mangler to keep doing it's thing even when I'm not logged in, I wonder? | 03:33 |
| === lamont` is now known as lamont | ||
| johanbr | lamont: for versions older than 0.7 I think the answer is "you don't". | 03:51 |
| ScottK | lamont: By not logging out AFAIK. | 03:52 |
| lamont | I see. | 03:52 |
| lamont | does 0.7 play well with hardy, I wonder? | 03:52 |
| ScottK | Dunno | 03:53 |
| johanbr | Not without tweaking: http://permalink.gmane.org/gmane.linux.network.networkmanager.devel/9654 | 03:54 |
| andrew_sayers | Should I be filing wishlist bugs when I stumble over things where IPv6 is less well supported than v4? | 04:00 |
| andrew_sayers | (e.g. netcat6 not in main, libsocket6-perl not in main) | 04:01 |
| === asac_ is now known as asac | ||
| pitti | Hobbsee: ah, ok; seems I mixed that up | 07:31 |
| pitti | Good morning | 07:31 |
| YokoZar | pitti: uh oh | 07:44 |
| geser | good morning pitti | 08:02 |
| kirkland | pitti: seems my build had a problem, http://launchpadlibrarian.net/14558108/buildlog_ubuntu-intrepid-i386.ecryptfs-utils_45-1_CHROOTWAIT.txt.gz | 08:16 |
| geser | kirkland: looks like the buildds are broken right now :( | 08:24 |
| pitti | kirkland: that hit me as well yesterday; NFC, unfortunately | 08:33 |
| TheMuso | pitti: Ok ACKEd, will process the rest when I'm down stairs. | 08:40 |
| pitti | TheMuso: thanks | 08:40 |
| Mithrandir | pitti: why does pg_config --libs output lots of stuff like -lz? They should be pulled in by having libpgport linked to it, should they not? | 08:48 |
| pitti | Mithrandir: hm, good point; can you please file a bug about it? (in Debian preferably) | 08:50 |
| pitti | Mithrandir: (sorry, EBUSY ATM) | 08:50 |
| Mithrandir | pitti: np, and will do | 08:50 |
| kirkland | pitti: geser: okay, thanks. i thought this might be pervasive, but mentioned it just in case | 08:59 |
| === hunger_t is now known as hunger | ||
| Keybuk | stupid question of the day: | 10:17 |
| Keybuk | I always what terminals to start at 60px across | 10:17 |
| Keybuk | how? | 10:17 |
| RAOF | s/what/want/? | 10:17 |
| StevenK | And 60 pixels? | 10:18 |
| Keybuk | RAOF: yes | 10:18 |
| andrew_sayers | Not 60 characters? | 10:19 |
| RAOF | The Stupidly Configurable window managers will do this; Compiz is one, and I think you'll find the 'window rules' plugin is where you can specify this behaviour. | 10:19 |
| Keybuk | RAOF: I can't find a way | 10:19 |
| andrew_sayers | Most terminals take a --geometry attribute - the man page for the terminal will tell you more. | 10:20 |
| pitti | Keybuk: session management is *supposed* to do that, and it worked just fine until gutsy; too bad that hardy broke it (might be a gnome-terminal bug, though, it works for other apps) | 10:21 |
| RAOF | Keybuk: Advanced ... -> Window Rules -> Size rules -> New should allow you to specify that you want your gnome-terminals to be 60px wide. | 10:21 |
| Nafallo | Keybuk: devilspie | 10:21 |
| pitti | RAOF: I don't seem to be able to find an 'Advanced' thing in g-t; where is it? | 10:23 |
| Keybuk | RAOF: not 60px wide, as in not use the left-most 60px of the screen | 10:23 |
| Keybuk | Nafallo: doesn't seem to have a rule for "first terminal on an otherwise empty workspace" ? | 10:23 |
| Nafallo | Keybuk: ah. only the first one... not every. | 10:24 |
| andrew_sayers | Keybuk: I'm a but rusty with my geometry, but I think you want something like --geometry 60x?+0+0 | 10:26 |
| andrew_sayers | (Where "?" is the height of your screen) | 10:26 |
| Keybuk | yeah you can do something like that | 10:26 |
| Keybuk | but that's annoying | 10:26 |
| pitti | no, rather +60+0 | 10:26 |
| pitti | + is the offset, AxB the size | 10:26 |
| * Ng wonders why keybuk wants that, although the only hack I can think of right now would force all windows on all workspaces to start at +60 ;/ | 10:31 | |
| RAOF | Hm. You can set the place plugin to manually start terminals at +60+0. | 10:32 |
| RAOF | But that's going to start _all_ terminals at the same place. | 10:32 |
| Ng | depending on how you arrange your terminals, you could go for a terminal program which keeps them all in one window and just have that window start at +60 :D | 10:33 |
| Keybuk | Ng: because with the size of the terminals, I can fit two on the screen | 10:33 |
| Keybuk | with 60px either side | 10:33 |
| Keybuk | which looks nice and balanced | 10:33 |
| Ng | ah | 10:34 |
| Ng | are you determined to keep 80x24? I rather like having 4 120x35 terms :) | 10:35 |
| RAOF | You could get compiz's put plugin to bind a key to "move this terminal to +60+0"; that's the best I can think of. | 10:36 |
| andrew_sayers | Keybuk: you might want to consider using screen, and splitting the screen into regions. | 10:42 |
| TheMuso | pitti: Ok I think I have got all of the ones that remained. | 11:19 |
| emgent | heya | 11:50 |
| === mpt_ is now known as mpt | ||
| Hobbsee | pitti: mp | 12:52 |
| Hobbsee | pitti: ping-a-ling | 13:16 |
| jdstrand | kees: what do you think of: | 13:18 |
| jdstrand | $ sudo ufw limit ssh/tcp | 13:18 |
| jdstrand | limit is an 'allow' but with rate limiting | 13:18 |
| jdstrand | (I'm still not here) | 13:18 |
| jdstrand | s/is an/just like/ | 13:19 |
| === c1|freaky is now known as c1|freaky-ut3 | ||
| lucas | where's the source code behind http://patches.ubuntu.com/? | 13:34 |
| Amaranth | lucas: Someone else runs that. *shrug* | 13:45 |
| mvo | lucas: Scott will know | 13:47 |
| pitti | TheMuso: thanks for the SRU acks; can you please take a look at bug 175536 as well? | 13:51 |
| ubottu | Launchpad bug 175536 in audacious "[Hardy, patch] audacious does not use pulseaudio by default" [High,Fix committed] https://launchpad.net/bugs/175536 | 13:51 |
| TheMuso | pitti: I'm on it. | 13:51 |
| Hobbsee | pitti: tis borken :( | 13:51 |
| Hobbsee | pitti: https://launchpad.net/bugs/231236 | 13:51 |
| ubottu | Launchpad bug 231236 in totem-pl-parser "libtotem-plparser10 Will not install." [Critical,Triaged] | 13:51 |
| pitti | TheMuso: thanks | 13:52 |
| pitti | Hobbsee: oh argh, thanks for pointing out | 13:53 |
| Hobbsee | pitti: may be worth adding to the doc, or something, not to do that. | 13:53 |
| pitti | Hobbsee: we can't update evo yet; I guess we need to do a direct -updates upload with a rebuild | 13:53 |
| Hobbsee | pitti: presumably, yeah. | 13:54 |
| === azeem__ is now known as azeem | ||
| Keybuk | lucas: http://launchpad.net/merge-o-matic | 13:54 |
| seb128 | Hobbsee: rebuild uploaded to hardy-updates now, thanks for mentionning | 13:58 |
| Hobbsee | seb128: thanks | 13:58 |
| seb128 | Hobbsee: it's not as easy as migrating all the rdepends, evolution-data-server is still buggy and not ready to migrate to updates | 13:59 |
| Hobbsee | seb128: which means it all isn't, or you should do as you're doing now, with the rebuild, just in case. | 13:59 |
| Hobbsee | (unless you have some easy way of seeing if all the deps get satisfied, with it in -updates. | 13:59 |
| seb128 | right, it was an oversight | 13:59 |
| Hobbsee | yes, same as last time :) | 14:00 |
| === Zic_ is now known as Zic | ||
| StevenK | I wonder if I can brutalise quilt to add a patch only on one arch | 14:05 |
| azeem | series.$arch | 14:05 |
| StevenK | Sweet | 14:05 |
| azeem | StevenK: glibc does that on Debian at least, AFAIK | 14:05 |
| azeem | least* | 14:05 |
| kirkland | cjwatson: I would like to talk to you about the automatically generated/updated repository of ubuntu manpages and such. Would you like to do this offline/in-the-halls, in a fosscamp session, or next week during UDS? | 14:13 |
| marmadeoli | Como eu posso ajudar no desenvolvimento de algum pacote ubuntu? (How can I help to develop any ubuntu package?) | 15:09 |
| === juliux is now known as Juliux_HSV | ||
| === thekorn is now known as thekorn_96 | ||
| === thekorn_96 is now known as thekorn | ||
| === Juliux_HSV is now known as juliux | ||
| mpt | Keybuk, what's the meaning of blue, pink, and white? | 15:53 |
| Keybuk | mpt: ? | 16:05 |
| mpt | cody-somerville: reported as bug 231403 | 16:07 |
| ubottu | Launchpad bug 231403 in malone "Can't easily list bug reports I need to follow up on" [Undecided,New] https://launchpad.net/bugs/231403 | 16:07 |
| mpt | Keybuk, in the UDS schedule | 16:07 |
| cody-somerville | mpt, thanks. | 16:07 |
| Riddell | there's a UDS schedule? | 16:12 |
| tseliot | Riddell: I'm not sure about this but have a look at this link: http://bazaar.launchpad.net/~ubuntu-drivers/uds-intrepid/trunk/files | 16:26 |
| Riddell | was hoping for something more readable :) | 16:30 |
| tseliot | Riddell: me too... :-( | 16:32 |
| munckfish | that's got to be the ultimate techy web UI no? :D | 16:34 |
| munckfish | all in XML | 16:34 |
| munckfish | all in source control | 16:34 |
| tseliot | XML is the global language. It will soon replace the English language too (which is deprecated) ;) | 16:35 |
| pitti | <answer type="agreement" value="no" /> | 16:38 |
| cody-somerville | Thats not even the latest | 16:41 |
| === fta2 is now known as fta | ||
| tseliot | pitti: hehehe | 16:52 |
| === c1|freaky-ut3 is now known as c1|freaky | ||
| McRib | I am just curious about the status of Bug #228044. I submitted it a few days ago and it's listed as being fixed in -proposed, but I can't install it. | 17:33 |
| ubottu | Launchpad bug 228044 in mplayerplug-in "In Hardy, mozilla-mplayer depends on firefox-3.0 - does not accept firefox-2" [Medium,Confirmed] https://launchpad.net/bugs/228044 | 17:33 |
| crimsun | what do you mean by "can't install it"? Are the maintainer scripts failing? Also, you want to migrate this discussion to #ubuntu-motu. | 17:34 |
| McRib | crimsun: What I mean is that it still depends on firefox-3.0... does not accept firefox-2 | 17:36 |
| crimsun | McRib: dpkg -l mozilla-mplayer|grep ^ii | 17:36 |
| crimsun | McRib: and please, this belongs in -motu | 17:37 |
| McRib | crimsun: Alright, I'll take it there... I was referred here first, though. | 17:37 |
| === gnomefre2k is now known as gnomefreak | ||
| bud32 | Hi, once Ubuntu 8.04 installed, there was some file left with GID 999 throughout the file system. I fixed it with "sudo find / -nogroup -exec chgrp root {} \;" | 19:32 |
| === arthur-__ is now known as arthur- | ||
| === j_ack_ is now known as j_ack | ||
| hwilde | so how compromised are the keys really | 20:40 |
| hwilde | true randomness is not theoretically achievable by state machines | 20:40 |
| hwilde | so how can the new algorithm be that much better than the old one? | 20:41 |
| jdong | hwilde: err, very compromised. | 20:46 |
| jdong | hwilde: metasploit has a 10MB tarball of id_rsa's that you can use to log into any affected machine. | 20:46 |
| jdong | reportedly it took 3 hours to generate | 20:46 |
| Chipzz | hwilde: there's only 32.000 something keys now | 20:46 |
| jdong | if you ran ssh-keygen for 15 minutes you'd probably end up with a bunch of duplicate private keys :) | 20:47 |
| hwilde | and the new algorithm is better how | 20:47 |
| jdong | hwilde: the old one forgot to seed the random number generator. | 20:48 |
| hwilde | holy shit | 20:48 |
| jdong | hwilde: rather, it seeded ONLY by the PID of the ssh-keygen generator. | 20:48 |
| jdong | hwilde: which makes your key one of 32,767 predictable sequences :) | 20:48 |
| jdong | yeah. | 20:48 |
| jdong | that was my reaction waking up that morning | 20:49 |
| hwilde | that can't be true... | 20:49 |
| hwilde | the internet would not still be up | 20:49 |
| jdong | hwilde: I wish it weren't. | 20:49 |
| * hwilde wonders how many rejected login attemps my servers allow | 20:49 | |
| jdong | hwilde: but alas, you can try the metasploit proof of concept with a VM.... it works shockingly well | 20:49 |
| hwilde | and what exactly does it mean when ssh-vulnkey says COMPROMISED | 20:51 |
| desrt | hwilde; it means that someone else _definitely_ has a copy of your private key | 20:51 |
| jdong | hwilde: that means your key is DEFINITELY in http://sugar.metasploit.com/debian_ssh_rsa_2048_x86.tar.bz2 | 20:51 |
| jdong | ;-) | 20:51 |
| jdong | lol | 20:52 |
| * Chipzz wonders why this wasn't embargo'd for longer | 20:53 | |
| jdong | Chipzz: not sure that would've been any more helpful. | 20:54 |
| Chipzz | jdong: well, when the embargo was lifted there only was an openssl update | 20:54 |
| Chipzz | no openssh update yet | 20:54 |
| Chipzz | I had to do a lot of manual key regeneration | 20:55 |
| Chipzz | this left a whole lot of people who didn't know how to regenerate their keys vulnerable for a couple of hours/a day | 20:55 |
| Chipzz | s/keys vulnerable/vulnerable keys/ | 20:56 |
| jdong | ssh and ssl services were completely disabled on my system the moment I read the advisory, until I could figure out what was necessary | 20:56 |
| jdong | definitely the first few hours were not well handled in terms of publishing the security update informatively. | 20:56 |
| Chipzz | jdong: yes, on your system maybe. but there are a lot of less knowledgable people out there | 20:56 |
| jdong | even the DSA pointed to a dead link | 20:56 |
| jdong | Chipzz: I'm agreeing with you here... | 20:56 |
| Chipzz | it should have been as simple as apt-get install openssh-server | 20:57 |
| Chipzz | which it wasn't at first | 20:57 |
| Chipzz | also | 20:57 |
| Chipzz | there wouldn't have been an excuse to have a metasploit "plugin" then | 20:58 |
| Chipzz | since you could easily check just running apt-get install openssh-server | 20:58 |
| ipkaf | hi | 21:50 |
| === juliux__ is now known as juliux | ||
| Mez | cjwatson, ping. Im using ssh-vulnkey, and its showing me some entries that i cant find in files anywhere, but seem suspicious | 23:06 |
| Mez | any idea how to find out what files they're coming from? | 23:06 |
| StevenK | strace? :-P | 23:07 |
| gnomefreak | Mez: it doesnt give you something like /home/gnomefreak/.ssh/id_rsa.pub | 23:44 |
| Mez | nope. was giving me root@domain.i.dont.know | 23:45 |
| Mez | (replacing domain.i.dont.know | 23:45 |
| Mez | as the comment | 23:45 |
| Mez | appears it was my host keys as generated somwhere else | 23:45 |
| Mez | which I've now re-generated anyways | 23:45 |
| gnomefreak | Mez: ah | 23:51 |
Generated by irclog2html.py 2.7 by Marius Gedminas - find it at mg.pov.lt!