diff options
author | Luke T. Shumaker <lukeshu@lukeshu.com> | 2024-06-08 22:06:45 -0600 |
---|---|---|
committer | Luke T. Shumaker <lukeshu@lukeshu.com> | 2024-06-08 22:06:45 -0600 |
commit | 3423e976f619a913a040c87bf116d06ca5823d4a (patch) | |
tree | 2013cce8981d283f9462fc6150705d498996b959 /imworkingon/contribs.yml | |
parent | 0bd9be7a0ba08fdecb065790f48d2704c88d22c0 (diff) |
Improve contrib descriptions
Diffstat (limited to 'imworkingon/contribs.yml')
-rw-r--r-- | imworkingon/contribs.yml | 47 |
1 files changed, 38 insertions, 9 deletions
diff --git a/imworkingon/contribs.yml b/imworkingon/contribs.yml index 31cd33e..003c6dc 100644 --- a/imworkingon/contribs.yml +++ b/imworkingon/contribs.yml @@ -10,6 +10,7 @@ friction for Ruby users on GNU/Linux distros that care about those 3 things. - urls: [https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/merge_requests/328] + id: mkinitcpio-arm-zimage tags: [ARM, boot] sponsored-by: Umorpha Systems desc: | @@ -22,6 +23,8 @@ This PR removes that friction by teaching mkinitcpio to understand ARM zImage files. + + See also: [mkinitcpio#362](#contrib-mkinitcpio-arm-zimage-tests) - urls: [https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/merge_requests/277] tags: [boot] sponsored-by: Umorpha Systems @@ -85,13 +88,15 @@ This PR makes it easier to contribute to gotk4 by improving developer documentation and automated checks. - urls: [https://gitlab.archlinux.org/archlinux/mkinitcpio/mkinitcpio/-/merge_requests/362] + id: mkinitcpio-arm-zimage-tests tags: [ARM, boot, testing] desc: | - This PR adds tests for the earlier ARM zImage work. This was - split off into a separate PR from the main ARM zImage PR because - the maintainers had concerns about merging binary test files (very - understandable, especially given the recent XZ issue!), but didn't - want to hold up the main work. + This PR adds tests for the [earlier ARM zImage + work](#contrib-mkinitcpio-arm-zimage). This was split off into a + separate PR from the main ARM zImage PR because the maintainers + had concerns about merging binary test files (very understandable, + especially given the recent XZ issue!), but didn't want to hold up + the main work. - urls: - https://github.com/golang/net/pull/208 - https://go-review.googlesource.com/c/net/+/580855 @@ -132,17 +137,41 @@ Parabola, hopefully Artix) to provide init-freedom and support other init systems. - urls: [https://chromium-review.googlesource.com/c/chromiumos/platform/vboot_reference/+/5586382] + id: vboot-32 tags: [boot] desc: | - TODO + This fixes a bug in the code that both (1) may allow a + specially-crafted partition to bypass a bounds check, and (2) + makes it so that the code does not compile when `sizeof(size_t)=4` + (that is: x86-32). + + See also: [libreboot#218](#contrib-libreboot-32) - urls: [https://codeberg.org/libreboot/lbmk/pulls/218] + id: libreboot-32 tags: [boot] desc: | - TODO + This has the Libreboot build-system apply the [fix I submitted to + vboot](#contrib-vboot-32), so that Libreboot can be compiled on + x86-32. Libreboot does not use the affected vboot functionality, + but the bug was preventing things from compiling. - urls: - https://sourceware.org/pipermail/binutils/2024-June/134608.html - https://sourceware.org/pipermail/gdb-patches/2024-June/209720.html - tags: [GNU] + tags: [GNU, supply-chain-security] status: open desc: | - TODO + The binutils-gdb sources bundle a number of files from other + sources (including the autotools, libtools, readline, texinfo, + gnulib, zlib, and GDB). I audited the binutils-gdb sources to + pin-point exactly which versions were being bundled and what + patches were being applied, then wrote a `./bootstrap` script to + automate that bundling. + + As the recent XZ issue taught us, this kind of audit is an + important part of supply-chain security. The `./bootstrap` script + will greatly ease this type of audit in the future, and can even + enable enforcing up-to-date-ness of the audit in CI. + + Also, hopefully this will make it easier to keep binutils' and + GDB's bundled dependencies more up-to-date in the future; as many + are quite out-of-date right now. |