The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
The Rust Security Response WG was notified that Cargo did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user.
Mr_Figtree
1y ago
•
0%
Does the certificate have a basic constraints extension with CA:TRUE set? Firefox doesn't allow that for certificates used as ‘end entity’ certificates. You'll want to re-generate the certificate without the extension.
Update on what happened across the GNOME project in the week from July 21 to July 28.
Update on what happened across the GNOME project in the week from July 21 to July 28.
Hello again from the Rust Leadership Council. In our first blog post, we laid out several immediate goals for the council and promised to report back on their progress. It has been about a month since our first update so we wanted to share how it's going and what we're working on now.
Update on what happened across the GNOME project in the week from July 15 to July 22.
Mr_Figtree
1y ago
•
100%
Mr_Figtree
1y ago
•
100%
so I can totally ditch chromium/electron
GNOME Web isn't Chromium-based and does support PWAs, so it might work for your usecase.
Mr_Figtree
1y ago
•
100%
Someone I know recently switched from automatic bathroom lights to manual ones. Remembering to turn them on isn't an issue, but months later everyone still forgets to turn them off.
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software. What's in 1.71.0 stable ========== * C-unwind ABI * Debugger visualization attributes * raw-dylib linking * Upgrade to musl 1.2 * Const-initialized thread locals
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software. What's in 1.71.0 stable ========== * C-unwind ABI * Debugger visualization attributes * raw-dylib linking * Upgrade to musl 1.2 * Const-initialized thread locals
The Rust team is happy to announce a new version of Rust, 1.71.0. Rust is a programming language empowering everyone to build reliable and efficient software. What's in 1.71.0 stable ========== * C-unwind ABI * Debugger visualization attributes * raw-dylib linking * Upgrade to musl 1.2 * Const-initialized thread locals
Mr_Figtree
1y ago
•
100%
And .box has been registered as a generic TLD now, so you could run into external .box domains.
Mr_Figtree
1y ago
•
100%
They're not going to have open signups. It's government agencies only. Not that there's technically anything stopping Germans from joining the PR departments of our government agencies…
Mr_Figtree
1y ago
•
93%
So what you're saying is that Twitter successfully kept out a bad actor.
It's a shame that most of the users they have left are also in that category, but hey, they seem to be working on it.
Mr_Figtree
1y ago
•
100%
That's the real AI apocalypse:
- People outsourcing decisions to predictive text because they believe it thinks
- AI hallucinations becoming commonly accepted as truth, as generated articles bury actual knowledge in a flood of bull droppings
Mr_Figtree
1y ago
•
100%
You'll still have the people who are opposed to any telemetry at all, but I think that would do a lot to alleviate the concerns.
Mr_Figtree
1y ago
•
100%
A poll like this is never going to be representative, unfortunately.
Mr_Figtree
1y ago
•
100%
I'm using kbin Magazine Style Toggle to disable the custom styling on certain magazines, but I had to modify line 36 to make it work:
36c36
< let style = document.querySelector("head > style:nth-child(22)");
---
> let style = document.querySelector("head > style:nth-of-type(1)");
Mr_Figtree
1y ago
•
100%
Is it likely then that Bottas' car stopped because it simply ran out of fuel? 0.09 litres seems very low.
Mr_Figtree
1y ago
•
100%
As far as I know you can't set exceptions on mobile Firefox yet. It's rather annoying.
Mr_Figtree
1y ago
•
100%
Mr_Figtree
1y ago
•
100%
On top of this not being at all final yet, there's nothing stopping you from just not having it enabled (nothing gets sent until you click through the privacy page with the toggle enabled). Could you explain why it's still such a big deal to you?
Yesterday a change proposal for Fedora 40 was made in Fedora Discussion. F40 Change Request: Privacy-preserving Telemetry for Fedora Workstation (System-Wide) [https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320](https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320) We understand that this is a controversial subject and want to take steps to clarify what is going on and how you can participate. To quote from the proposal itself, “Keep in mind this Fedora change proposal is just that: a proposal. It must undergo community review and must be approved by the community-elected Fedora Engineering Steering Committee (FESCo) before it can be implemented, just like any other Fedora change proposal. We welcome community participation and fully expect this proposal may need to be modified significantly depending on Fedora community feedback.” Change proposals are submitted by community members for community discussion. This is part of an intentional process so that all of us can see what is being proposed for the next releases of Fedora. See here for more info on the change process: [https://docs.fedoraproject.org/en-US/program\_management/changes\_policy/#\_change\_process](https://docs.fedoraproject.org/en-US/program_management/changes_policy/#_change_process) In addition, Project Leader [https://fosstodon.org/@mattdm@hachyderm.io](https://fosstodon.org/@mattdm@hachyderm.io) is helping to triage the flow of the conversation in Discourse as it is prompting a lot of feedback. This is actually one of the first change proposals to be made in Discussion instead of a mailing list, and that has provided a new challenge 😅 See here for his notes on the conversation and how to engage: [https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320/319](https://discussion.fedoraproject.org/t/f40-change-request-privacy-preserving-telemetry-for-fedora-workstation-system-wide/85320/319) In all, we’re grateful for the energy and passion the community has shown for this topic! We invite you to look at this and all change proposals coming down the pipeline. We do this in the open for a reason, and that’s to empower you to have a say in your distro. To that end, let’s please keep the conversation surrounding this constructive. The best place to voice your thoughts and ask questions is in the original change proposal thread or its related threads linked at the top of the original (link below). Our Four Foundations are important to us as guiding values in the project. Quoting our Friends foundation: “The Fedora community is made up of people from all walks of life, working together to advance free software. [...] Like any friends, we occasionally disagree on details, but we believe in finding an acceptable consensus to serve the interests of advancing free software.”
Update on what happened across the GNOME project in the week from June 30 to July 07.
Mr_Figtree
1y ago
•
100%
It's not just the upstream for RHEL, it's also a pretty nice desktop operating system. So as a Fedora user I benefit very directly from Fedora working well. If you're not a Fedora user, then sure, there's probably something better that you could do to contribute to the distros you do use.
Invitation to the kernel v6.4 testing week for Fedora Linux July 9-16
Mr_Figtree
1y ago
•
100%
These are all fine in the US, but in other countries not carrying proof of identity can get you into some trouble, as can refusing to talk to the police. Know your local laws.
Mr_Figtree
1y ago
•
100%
Ah, I see. Looks like that should enable people to take individual domains off the list, too, if they want their extensions to work on just some of them.
Mr_Figtree
1y ago
•
100%
For Fedora users it changes nothing at all. Fedora is upstream from Enterprise Linux. There's no practical reason you'd want to switch to a different distribution, just maybe a personal one if you strongly dislike what Red Hat is doing to the RHEL clones.
One's a bit raw and touchy, but the other is vintage stuff, brought up to date
Ferrari continued its development assault at Formula 1’s Austrian Grand Prix with a total overhaul of its front wing design, as well as changes to its floor.