Hello all! Since I couldn't find any existing one on Threema, I have just created the group "illumos @ FOSDEM 2025" there. If you are coming to FOSDEM, feel free to send me your Threema ID hereo or privately via PM. I will also mail to discuss⊙lio later today. I will add everyone who request it, no questions asked.

[illumos-gate] 17114 ndmpstat: impossible condition -- Toomas Soome <tsoome⊙mc>

[illumos-gate] 17125 xge: replace divide condition -- Toomas Soome <tsoome⊙mc>

it's unclear from the writeup linked from cve.org/CVERecord?id=CVE-2024-26317 if they ever reported this to you

but also, if you've not kept up with the upstream CVE's from Mozilla/NSS, there's probably more lurking in the crypto code from NSS copied into the gate

danmcd: one for you

danmcd: (not even cos you're a security contact, which I forgot, but because you're not scared of the math)

or I suspect alex (if he has the bw)...

I've not seen that @alanc

Pls hold.

(Dammit, iPhone is rebooting with iOS update which means no 2fa at the moment which means no VINCE...)

Okay... have not heard about this AFAICT.

our common/crypto/ecc has number of "unsigned is never less than zero" issues as well.

tsoome: These are like compiler hiccups though, not "incorrect algorithm" things, right?

these are the code checking whether unsigned foo < 0

so something, somewhere, has gone wrong thinking

I think this goes back to:

is the summary for illumos-gate.

I have the code-patch in place, but I have to go offline. I'm building -gate in the background right now with the suggested fix. We problably should update usr/src/test/crypto too if possible.