***: mnathani_ has quit IRC (Ping timeout: 260 seconds)
m0unds: yea, that's annoying
mnathani__: mercutio: yup, I am dealing with cPanel
***: mnathani__ is now known as mnathani_
grody: yew
i can see its use, but eek
finally fixed my file server.. dodgy RAM was crashing it, just managed to pull 4GB of ancient PC6400 for £10
and surprisingly, it handled a 6 hour memtest bashing
mercutio: mnathani_: my condolences
grody: interesting.. i wouldn't have suspected a double in capacity would actually improve this things performance
it rarely used the 2GB before
now it's using 2.6GB
-: grody has never liked RPM systems
grody: although honestly speaking, last i used one was about 4 years ago
threshold used to be slackware was borderlining hate (yet i loved it), debian (swear by as i have no time for BS), gentoo (simply because its LFS w/ the base already fixed and you can do wtf ever), but ultimately my homey is FreeBSD
if i can't do it in FreeBSD, it isn't worth doing (impo)
mercutio: well cpanel is like steamos on top of debian
except with source.
err at least with things like easyapache
***: Seji has quit IRC (Ping timeout: 264 seconds)
m0unds: i used centos 7 somewhat recently, it was alright
i'm not a huge linux guy though so i only use it when i have to (in this case, i was just refamiliarizing myself w/it since the last centos i'd used was 5.x)
wasn't a huge fan of how unreliable EPEL repos are
mercutio: epel?
m0unds: https://fedoraproject.org/wiki/EPEL
adds things that should be in the main repos but aren't
like nginx
mercutio: ahh
i see
nginx has official pacakges
i use those on ubuntu
i really want something in betwen arch linux and ubuntu
m0unds: epel would regularly error out when running yum updates though
mercutio: like a stablised form of arch
m0unds: it was super annoying
mercutio: i get minor problems with arch sometimes.
but overall i prefer it
m0unds: i was ok with it on a personal server
used it for around a year
mercutio: yeah i had some problem with nginx and upgrades and having to update some locally built stuff
i'm using a aur package for nginx
for fancyindex of all things
m0unds: haha
mercutio: i want a better index actually
i wonder if anyone knows of any good ones
i'd like something that could be gui like
and show snapshots of content etc.
m0unds: i haven't looked for anything like that in probably 10yrs
the thing i deployed back then was a mess of php stuff
mercutio: yeh that's what i fear :)
CVE-2015-5366
"A remote attacker can cause a denial of service against applications that use epoll by injecting a single packet with an invalid checksum."
does that sound more than slightly disconcerting to anyone else?
m0unds: haha
kellytk: mercutio: Do you know why https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5366 isn't yet updated?
mercutio: i'm not usually too concerned about dos attacks
but when it's a single packet
someone could just send one packet to each ip in the world and ddos everyone!
kellytk: it only came out today
kellytk: https://access.redhat.com/security/cve/CVE-2015-5366 has more information
m0unds: https://access.redhat.com/security/cve/CVE-2015-3246
mercutio: there's usually a hold while distributions organise releases.
m0unds: https://access.redhat.com/security/cve/CVE-2015-3245
those two are fun too
mercutio: that has less information kelly
what's libuser?
i don't have it on my system
kellytk: mercutio: It has more information for what I'm being shown
m0unds: https://fedorahosted.org/libuser/
mercutio: kelly: mine says "reserved" this candidate has been reserved...
blah blah
kellytk: Which is less than the redhat information
mercutio: kelly: no my redhat one says that
i used the lwn one
kellytk: Ok, well I see more information on the redhat page, so I don't know what we're talking about
mercutio: https://lwn.net/Articles/652164/
which is the same as e-mail one basically
maybe it's caching old versions?
i dunno
** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided.
that's what the redhat one tells me
https://bugzilla.redhat.com/show_bug.cgi?id=1239029
oh there's more here
is that what you were thinking of?
m0unds: https://ma.ttias.be/chrome-44-sending-https-header-by-mistake-breaking-web-applications-everywhere/
whoops
mnathani_: can a FreeBSD host be used for kvm, xen or other kinds of virtualization?
m0unds: behyve
or whatever it is
brycec: I've done bhyve and qemu
Oh and VirtualBox
mnathani_: k
***: Seji has joined #arpnetworks
mercutio: freebsd was going to support xen dom0
dunno what happened.
netbsd supports dom0
and freebsd supports domu
m0unds: yea, runs well in domu too
(netbsd, i mean)
mercutio: it's very light on memory usage.
m0unds: this chrome bug is driving me batshit.
haha
mercutio: which one?
m0unds: new 44.x build released to stable, also in beta still (they haven't incremented beta up yet)
https://ma.ttias.be/chrome-44-sending-https-header-by-mistake-breaking-web-applications-everywhere/
it's causing tabs to die spontaneously
click a link, "it's dead jim"
it's super annoying
mercutio: i wonder why i haven't hit it
m0unds: are you on that build?
mercutio: oh i have chrome 46
m0unds: canary?
or dev?
mercutio: yellow
i have an older one too but the yellow one is more stable
m0unds: yeah, i rolled up to beta and it's the same build as stable right now
thought maybe i'd get lucky but nope
mercutio: ahh the other one is beta
and 44.0.2403.89
beta-m 64 bit
m0unds: yeah, that's the stable build
just missing the beta tag
mercutio: does canary fix it?
it is canary
it works along side on windows, so you can have both :)
on linux i have chromium and chrome
m0unds: i might grab one of the windows chromium builds
seems he's at 46.0.2464.0 atm
http://chromium.woolyss.com/download/en/
mercutio: chromium is better than chrome in some ways.
i kind of wish someone would do a nice chromium fork that follows updtes.
with auto update etc.
but without the google tie in stuff
that reminds me i should disable flash
hazardous: to be fair, i would reckon a nontrivial amount of people that like privacy enough to not use chrome and instead use chromium
would not want autoupdates