peterS 2017-03-01 11:46:39
tdn: I just heard from a release manager who said he thinks it is probably not suitable for a stable update
tdn 2017-03-01 11:48:05
wow really. because of risk in the patch? or does not agree it is important?
somiaj 2017-03-01 11:48:36
tdn: it maybe that it can be provided via stretch-backports after the release.
peterS 2017-03-01 11:48:40
I don't know, he just said 'probably not'
peterS 2017-03-01 11:49:24
somiaj: well, and this is written in perl and is arch:all. So you may as well just install the stretch .deb directly.
niggard 2017-03-01 11:49:24
Shadow_7: is aaphoto a CLI util?
tdn 2017-03-01 11:52:17
peterS, how long till that? stretch release?
Shadow_7 2017-03-01 11:52:18
niggard: yes
somiaj 2017-03-01 11:52:42
tdn: about 6 months, give or take 2 is my rough guess
lf94 2017-03-01 11:52:44
Is there a way to re-install the font system in debian?
tdn 2017-03-01 11:52:47
what alternatives are there to tinyca in debian?
lf94 2017-03-01 11:52:56
I have totally trashed it
peterS 2017-03-01 11:53:21
tdn: well, you could just pull it down right now. I mean, the package is out there. wget http://ftp.us.debian.org/debian/pool/main/t/tinyca/tinyca_0.7.5-6_all.deb; sudo dpkg -i tinyca_0.7.5-6_all.deb
somiaj 2017-03-01 11:54:14
peterS: I must have missunderstood, thought the conversation was about getting the package into stretch for the release, not the current stable.
somiaj 2017-03-01 11:54:35
,v tinyca
judd 2017-03-01 11:54:37
Package: tinyca on amd64 -- wheezy: 0.7.5-4; jessie: 0.7.5-5; stretch: 0.7.5-6; sid: 0.7.5-6
peterS 2017-03-01 11:54:43
somiaj: tdn's point is that a package designed to manage a CA should not be signing things with SHA-1, even in jessie
peterS 2017-03-01 11:56:52
on its merits, SHA-1 isn't really dangerous for certs, and probably won't be for years to come... but various entities including Microsoft and Google have stopped accepting SHA-1-signed certs in browsers
Hello71 2017-03-01 11:57:32
"there are not yet any published attacks on X.509 certificates using SHA-1"
peterS 2017-03-01 11:57:54
Hello71: yeah, that's a much much much much harder problem than the collision that Google announced a few days ago
Hello71 2017-03-01 11:59:33
"it is not yet 100% broken, we will wait until there are active exploits before changing"
peterS 2017-03-01 12:00:08
eh? who said that?
tdn 2017-03-01 12:00:56
Hello71, problem is that browsers no longer accept sha1 signed certs
tdn 2017-03-01 12:01:22
Hello71, that means sites using sha1 certs stop working
tdn 2017-03-01 12:01:34
broken sha1 or not
peterS 2017-03-01 12:02:25
tdn: right, because the only use for X.509 certificates is web browsing (:
tdn 2017-03-01 12:03:46
peterS, not the only use but by far the most prevalent
AAS13 2017-03-01 12:18:40
I've just followed the instructions on this page https://wiki.debian.org/NvidiaGraphicsDrivers#Version_340.96 to install the nvidia driver for a gtx960, rebooted and getting 'Error: could not insert 'nvidia_current': No such device
AAS13 2017-03-01 12:23:49
I ran nvidia-xconfig as well
OerHeks 2017-03-01 12:25:04
AAS13, according to nvidia, gtx960 is supported by the 346 driver and up
AAS13 2017-03-01 12:32:11
OerHeks, that page installs 367.44, why would it be saying 'no such device'?
oiaohm 2017-03-01 12:33:01
AAS13: what version of debian are you on. If you are on jessie 367.44 (via jessie-backports)<< the big in brackets says you need to add a repository.
OerHeks 2017-03-01 12:33:25
AAS13, oh it did install 367
oiaohm 2017-03-01 12:35:00
AAS13: https://backports.debian.org/Instructions/ this is backports. I am on debian testing so I don't need to worry about that.
