Recent ibus tarballs don't actually match the source git.
https://www.openwall.com/lists/oss-security/2024/04/01/1
 Ape Out Shirt $21.68 |
 UFOs Are A Psyop Shirt $21.68 |
Ape Out Shirt $21.68 |
ibus is compromised
Recent ibus tarballs don't actually match the source git.
https://www.openwall.com/lists/oss-security/2024/04/01/1
Ape Out Shirt $21.68 |
UFOs Are A Psyop Shirt $21.68 |
Ape Out Shirt $21.68 |
it's over
over de-su.
se acabó.
We're cooked.
Ame-chan a cute.
Menheras are the best.
>ibus tarballs
what's that?
go back
tar these balls into ur mouth
What is ibus and who even uses it?
Mostly Chinese/Japanese/Korean linux users, so not a big loss apparently.
But many distros are shipped with it by default.
I'm gonna bust in ame-chan~
What if she gets pregnant!?
Oh look most posts are slides. What a surprise.
Have a bump OP.
None issue. It will be fixed shortly. Go back to complaining about xz, you unpaid janny.
good morning sir
>https://www.openwall.com/lists/oss-security/2024/04/01/1
What exactly is ibus used for and how many distros/DE's use it?
Is this a hidden keylogger or something? I am confused.
every distro uses ibus, every DE uses ibus.
it's been ubiquitous since 2010
isn't it D-Bus? I've never heard of ibus until now
completely different thing. which you'd know if you took 30 seconds of your time to google it instead of asking pointless questions.
Most distro with GNOME use it by default.
KDE also shipped it, although fcitx5 have better integration
>every distro uses ibus, every DE uses ibus
why don't I have it installed on arch xfce then?
>using a DE
baby duck
You will grow up eventually.
I already did, I use fvwm and have for ages. Nothing ever changes, no broken anything. No jeetcode.
xfeces doesn't have this problem
Actually they're breaking the thing totally and moving to the newest GTK.
>Actually they're breaking the thing totally and moving to the newest GTK.
they yes, me no
Sticking to what works? I ran Sawfish for years after it was dead. Then I figured I'd switch back to FVWM.
My config file's creation date is literally 1997-something.
this, imagine updating for no reason
I think the main reason people run DE's is they're afraid of the mount command. Really I don't see many advantages even for the newb, other than that. And a system control panel.
It's just convenience. I know both mount and udisksct. I just don't see at my age any point on larping as a greybeard idolizing what they knew it was a limitation of the machines of their era.
There is an auto-mounting daemon I used to use on OpenBSD but I rarely mount anything so I stopped it from auto starting and just mount shit manually now.
I know some people use cell phone address book sync software on the main DE's but again, not my problem as I don't even own a shartphone. I have a Bell Trimline plugged into a VOIP box.
UH OH STINKY
ibus-ted in your mom
>tarball.xz
jia'd
Posting in Ame's thread.
"""
Comparing this disttar to the git repository and favorably
*discounting* autotools-related files and (what appears to be)
vala-to-c transpiling, I'm left with benign, but unexplicable
changes. It seems the git is "older", as e.g. one still finds "beta3"
in the diff, but also the disttar's ibuscodegen.h has an older
copyright line and an incomplete cherry-pick from
8f00d67b809036b0b76ae257cfe7e102bc8f1dec.
*runs away screaming*
"""
>*runs away screaming*
are you a grown man writing that???
he's a women with a penis you goddamn antisemite
shalom
a REAL man would have threatened to beat them up, yeah?
Ame!
Don't care I'm gonna jack off now.
So windows was the true weebs OS all along, I'm going back to windows
Bleeding edge troony btfo
imagine making a game about the unstable mental health of women when given early, unfettered access to the internet seen through a pastel-colored denpa aesthetic lens
then imagine foregoing that entire intent and instead give the player the perspective and agency of a faceless hentai goon she's in a relationship with, just so the devs can live out their mindbreak fetish
thats NSO
the japs thought it was "okay", but westerners are tasteless and ate it up
it doesn't even work as satire
>just shut up and enjoy the cute girl
no
Ame is a caricature of egirls drawn from an idea of girls that literally doesn't exist
it's just Andy and Leyley but somehow worse by being artistically competent, while still falling into all of the same outlandish storytelling pitfalls
the "boyfriend" doesn't even exist, it's all her delusion
it's the best femcel representation after watamote
Why do you expect it to be realistic? It's just a cute and wacky simulator/tamagotchi of a Japanese girl with BPD, for people who enjoy (2D) menheras.
what's the game's name?
Needy Girl Overdose
thanks anon
This is why reproducible builds should have become the norm decades ago. It's unbelievable that most distro maintainers still choose to trust upstream tarballs when they could just pull the code, build it and release their own downstream binaries.
This. Reproducible builds are a even more urgent need than Wayland/SELinux and other stuff.
Because you don't have installed it and Arch is so special that you have to explicitly to tell what to install in order to have basic granted functionality.
Also, you probably only use one keyboard layout.
>you probably only use one keyboard layout
correct. I can use more than one if I configure it in keyboard settings though
Me too. Also using arch and a single keyboard layout.
How is it over, if anything we are so back, xz has illuminated many issues which are getting fixed now.
doesn't affect most people. ibus is not a requirement unless you need to type some cjk with an IME. never came across it outside of that context.
Thank god I don't type Chinese
>Have it installed
FRICK
This shit is why I run Debian stable despite its flaws. Updooters get the rope.
xz backdoor was slowly injected over the course of 2 years, even on debian stable you still have compromised commits. Good morning sir
no, the commit history was slowly built over the course of two years, you ignorant buffoon, not the backdoor itself. these distinctions are important and you're moronic
why are tarballs even used instead of just cloning the repo
Just Cnile things. Their builds system are so shitty that many upstream projects provide semi-built tarballs to make it easier for distros to build the thing. And for some reason nobody cares about reproducible builds, so good luck auditing anything.
fricking grim, i wonder how much garbage is floating around
>And for some reason nobody cares about reproducible builds
guix seem to be the only ones working on this
it isn't like rust or go anything is better about this
though admirably they are working on it and trying to move all build time shit into sandboxed wasm
but that has problems of its own