[2024-03-30T06:01:33Z] https://codeberg.org/kiss-community/repo/issues/183#issuecomment-1721814 [2024-03-30T11:58:23Z] hi, is lvm2 and cryptseutp support static linking? [2024-03-30T12:14:32Z] Guest47 they should, but why? [2024-03-30T12:15:29Z] why is a software like xz getting regular updates anyway?? shouldnt this type of stuff be "finished" software? [2024-03-30T12:15:44Z] another example of useless engineering [2024-03-30T12:20:01Z] testuser: i'm trying to package them in oasislinux, so they should support static linking [2024-03-30T12:22:17Z] i can see that cryptsetup supports static linking. but I'm not sure about lvm2. however, i think from lvm2 i only need device mapper [2024-03-30T12:24:17Z] i hate to deal with all of those complex softwares just to encrypt my #HOME partition [2024-03-30T12:31:49Z] Guest47 you can check out ecryptfs [2024-03-30T12:36:19Z] this looks interesting as fuck! [2024-03-30T12:38:08Z] so i just need to enable it in my kernel? [2024-03-30T12:52:48Z] testuser: i can see there is other options too like fscrypt. what would you recomannd? [2024-03-30T12:52:51Z] bruh [2024-03-30T12:55:35Z] sorry my internet just disconnectd [2024-03-30T12:56:34Z] so about ecryptfs, i just need to enable it in the kernel? [2024-03-30T12:57:56Z] testuser: also, i see there is some other options, such as fscrypt. what would you recommand? [2024-03-30T12:58:25Z] ecryptfs yes but you need userspace helpers for it [2024-03-30T12:58:41Z] not heard of fscrypt, will check it out [2024-03-30T12:59:19Z] https://wiki.archlinux.org/title/Fscrypt fscrypt might be better according to this [2024-03-30T13:03:45Z] with ecryptfs, do you thing it is possible to a nation state to decrypt the partition, like seriously [2024-03-30T13:04:33Z] it just says its using older crypto, not broken crypto [2024-03-30T13:04:46Z] as for a nation state they would just put a gun to ur head and ask u to unlock, not try to crarck it [2024-03-30T13:08:24Z] lool i should stop pretending to be nerd [2024-03-30T13:09:11Z] thanks man, you was very helpful [2024-03-30T14:39:48Z] hey [2024-03-30T14:39:48Z] so [2024-03-30T14:39:54Z] don't think it affects kiss [2024-03-30T14:40:05Z] but it might so upstream should still check it out if they haven't already [2024-03-30T14:40:32Z] there's an exploit that was patched into xz's upstream source that ends up affected openssh because stack shenanigans or something [2024-03-30T14:40:55Z] https://boehs.org/node/everything-i-know-about-the-xz-backdoor [2024-03-30T14:42:04Z] also mentions the same user responsible for the xz problems messing with libarchive [2024-03-30T14:45:17Z] systemd and certain patches for openssh are known vulnerable but there's no guarantee for other combinations according to https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27 [2024-03-30T14:45:31Z] same gist also says that only glibc systems are affected due to musl lacking certain symbols [2024-03-30T14:45:44Z] so musl kiss is safe, but gkiss users might want to look into things [2024-03-30T14:57:22Z] seems to have been resolved here by downgrading to 5.4.2. which is the newest without commmits from this individual iirc [2024-03-30T14:57:41Z] atleast for kiss. I havent checked gkiss [2024-03-30T14:58:05Z] alpine and arch, and probably others aswell, seems to instead just use the git tag instead of the generated tarball [2024-03-30T15:01:56Z] okay, cool. i figured someone here was aware of it but i wanted to make sure [2024-03-30T15:02:06Z] i'll have to drop my fork down a minor version [2024-03-30T15:02:09Z] it's still on 5.4.3 [2024-03-30T15:02:20Z] i mean not like i've used kiss in ages but still [2024-03-30T15:02:27Z] hoping to get back into it soon [2024-03-30T15:03:13Z] yeah, better be on the safe side and let people know [2024-03-30T15:03:41Z] mmhm [2024-03-30T15:41:28Z] Phew, sometimes it pays to not upgrade. xz/liblzma 5.2.5. [2024-03-30T20:25:14Z] when new tarball testuser[m]