• 0 Posts
  • 11 Comments
Joined 1 year ago
cake
Cake day: June 1st, 2023

help-circle


  • Reading the blog post, it’s a lot more nuanced than that: someone reported a CVE, which was related to a possible int overflow in client code handling the timeout between requests. NVD chose to grade this as a 9.8/10 on their severity scale (for context, CVE-2014-0160, also known as Heartbleed, got a 7.5/10), which is ludicrous for a bug which could at most change the retry timeout of your request from your intended years to a few seconds. Daniel says that this is not a security vulnerability at all and has no business being listed on the CVE database, whereas NVD argues that it’s a bug, it’s been reported to them and because overflows are undefined behavior, anything can happen and so it’s a security vulnerability.

    In the end, they agreed to at least adjust the severity down to a 3.3, but I can understand that Daniel is still somewhat miffed about it. Personally I also agree that it’s not really a security issue and that even a 3.3 is too high in terms of severity.


  • I recently discovered Manic Miners, a remake of 1999’s Lego Rock Raiders, and ever since I’ve been busy reliving my childhood in 1080p. Now if only someone could remake Lego Racers 1&2…

    Beyond that, I found out that the Steam release of Dwarf Fortress totally passed me by last year, and so I’ve been getting back into that and I keep marveling at the lovely graphics and the mouse control. I’m happy that I can support the creators this way after years of playing the game every once in a while. Still waiting for stuff like Dwarf Therapist, but for the first time I’m playing DF without tons of add-ons and it’s actually pretty neat. I’m looking forward to all the FUN I’ll be having! :P




  • Anyone expecting to use Linux the same way they are using Windows, without any changes, is going to be disappointed. You cannot reasonably expect to keep the same learned workflows from one system and use them on a completely different system without having to at least tweak some of it.

    Learning is part of such switchovers, and loudly complaining that “Thing X is not working like I know it to, this is why people don’t like Linux” is not making anyone more likely to help you nor is it going to solve your problem. I’m glad that you managed to find a way to do what you need in any case, and maybe that command will stick around in the back of your head for when you need something similar sometime in the future :)



  • The heavy stuff would be things like shader compilation and state management for multiple different graphics APIs (OpenGL and Vulkan mostly).

    AFAIK Linux graphics drivers are usually separated into a userspace and a kernel space component, like amdgpu on the kernel side and RADV/RadeonSI within Mesa on the userspace side. So you do not need to do a full reboot to e.g. benefit from performance optimizations within Mesa to get things like faster shader compilation or more efficient draw call submission, which I think most people care about when doing driver updates. In fact you don’t even need to soft reboot, because once Mesa is updated, all following uses of it already run the new version, all without a reboot. However if your GPU is not yet supported by the kernel side, then Mesa is of no use to you.

    That being said, yes the kernel side is a very important part of the driver, but it’s such a low-level driver that very few people would be able to do much of anything with it, which is why I made that distinction.