Florian Weimer
Florian Weimer
With the current design, it is necessary to use Git to clone the repository and use Git to walk the trees. This means that Git is exposed to untrusted data...
The `debian-security-support` package lists packages for which security support is no longer available within Debian, or for which support is explicitly disclaimed: https://anonscm.debian.org/cgit/collab-maint/debian-security-support.git I don't think it is necessary to...
I got curious about GC pause times, so I changed the logging. `a6le/mats/summary` looks clean with this change.
Currently, the x86-64 call sequence is rather involved. From `c/fasl.c`: ```c static void x86_64_set_jump(void *address, uptr item, IBOOL callp) { I64 disp = (I64)item - ((I64)address + 5); /* 5...
Please implement RSA-CRT hardening, to avoid leaking RSA private keys in case there is a computation error (hardware fault or bignum library implementation problem) during a signature computation involving the...
The manual currently says this: > A data race is said to occur when two domains access the same array element > without synchronization and at least one of the...
In the glibc fork of the Hesiod, we recently fixed a heap-based buffer overflow which is triggered by an invalid (zero-length) TXT record: - https://sourceware.org/bugzilla/show_bug.cgi?id=20031 We did not treat this...
This code ```ocaml type t = [> `A] ``` results in an (expected) error: ```none 1 | type t = [> `A] ^^^^^^^^^^^^^^^ Error: A type variable is unbound in...