Greg K-H
Posts
290Following
87Followers
3100
Greg K-H
gregkh
@monsieuricon And it works, thanks for the support help today in making it happen, ssh config files are "fun" when they have accumulated years of cruft as kernel.org server names have changed over time.
0
0
5
Greg K-H
gregkh
Understatement of the year:
https://lore.kernel.org/all/TYUPR06MB6217E6BD48B0B491AA169E67D29D2@TYUPR06MB6217.apcprd06.prod.outlook.com/
https://lore.kernel.org/all/TYUPR06MB6217E6BD48B0B491AA169E67D29D2@TYUPR06MB6217.apcprd06.prod.outlook.com/
2
7
26
Greg K-H
gregkh
@xexaxo Email works great for patches, or, if you really only like the github workflow, you can send a pull request to https://github.com/gregkh/usbutils as is mentioned in the README
1
0
0
Greg K-H
gregkh
Finally converted usbutils over to meson from autotools. Odds are I messed something up, so I should do a release soon to see what broke in the distros as I have no idea how they package this thing anymore:
https://git.sr.ht/~gregkh/usbutils/commit/86dcab8964901d15b87b156546559c8ae28bd9fe
https://git.sr.ht/~gregkh/usbutils/commit/86dcab8964901d15b87b156546559c8ae28bd9fe
4
8
21
Greg K-H
repeated
repeated
jelly
jelly@dodgy.downloadNew blogpost about creating bit-by-bit reproducible images with mkosi(!)
https://vdwaa.nl/mkosi-reproducible-arch-images.html
#archlinux #systemd #mkosi
0
6
1
Greg K-H
repeated
repeated
Greg K-H
repeated
repeated
K. Ryabitsev 🍁
monsieuricon
My boss: "how is that Gemini AI trial going? Are you making good use of it?"
Me: "Oh, yeah, for sure."
Me: "Oh, yeah, for sure."
1
15
34
@kurtseifried @joshbressers Your TV (i.e. all TVs) was running Linux for 15+ years now, it's always been there, just no one noticed...
1
0
0
@jarkko @kernellogger @pinganini You mean like I posted how to do back in 2013: http://www.kroah.com/log/blog/2013/09/02/booting-a-self-signed-linux-kernel/
? No need even for shim!
? No need even for shim!
2
0
2
@kurtseifried That's a really good point, the "open source" ecosystem being a CNA is very new, I don't think this was even possible until less than a year ago when python blazed that trail.
And it's nice to see we aren't alone here with "big numbers", it's going to be an interesting thing to watch shake out as "take responsibility" rules/laws come into being in different locations. I agree with you in that the quantity is just going to get larger over time.
And it's nice to see we aren't alone here with "big numbers", it's going to be an interesting thing to watch shake out as "take responsibility" rules/laws come into being in different locations. I agree with you in that the quantity is just going to get larger over time.
0
0
1
Greg K-H
gregkh
In non-CVE news, here's some fun hardware I got while visiting Hong Kong. It's not the snappiest laptop I've ever used, but it holds potential!
Kernel source is all public (there's a 6.1.y and 6.6.y tree at the moment), hopefully will start working on getting it all merged upstream to make it a proper platform for others to use.
Kernel source is all public (there's a 6.1.y and 6.6.y tree at the moment), hopefully will start working on getting it all merged upstream to make it a proper platform for others to use.
3
9
32
Greg K-H
gregkh
@brahms @kurtseifried We are not "trolling" anyone, we are doing explicitly what the CVE.org board and staff have required us to do in order for us to be a CNA.
2
1
1
@kurtseifried Note, 3000 includes the "old" things we are backfilling from the GSD database, not just the ones that have shown up this year since we started in February. So while 3000 sounds big, if you are using a modern kernel (i.e. something from this year), it's only 1500+ issues to be assigned so far.
Sorry to nit-pick, just wanted to be specific as 3000 in 6 months originally seemed like a lot to me before I went back and looked at these numbers.
Also, for those who want to play along on their own, just clone our vulns.git repo at git.kernel.org and look at the information directly there yourself, it's all being reviewed and assigned in the open, unlike other projects...
Sorry to nit-pick, just wanted to be specific as 3000 in 6 months originally seemed like a lot to me before I went back and looked at these numbers.
Also, for those who want to play along on their own, just clone our vulns.git repo at git.kernel.org and look at the information directly there yourself, it's all being reviewed and assigned in the open, unlike other projects...
0
0
4
Greg K-H
gregkh
@mathaetaes @kurtseifried No one is forcing you to! But note, if other operating systems are not reporting these same types of numbers, then they just aren't reporting things that actually get fixed, or nothing is being fixed at all in them. It's up to you to determine which is the case for those systems :)
2
0
8
@kurtseifried Yeah, it's only about 60 a week, a bit more than I originally guessed, but not out of the expected range at all.
0
0
1
Greg K-H
gregkh
@dermoth All of those commits we are reviewing are already public and have been for weeks, to somehow think that the "bad guys" are not watching our commit stream as-it-happens is to imply that they don't know what they are doing :)
So there is no benefit or need to be "private" about tagging specific commits as CVEs before we do so as you should have already taken all of these fixes weeks ago anyway.
So there is no benefit or need to be "private" about tagging specific commits as CVEs before we do so as you should have already taken all of these fixes weeks ago anyway.
0
0
1