All of the *.netsurf-browser.org services appear to be down.
Just in case you weren't already aware.
Chris
Sunday, 16 November 2025
Friday, 14 November 2025
[netsurf-dev] Fwd: [FOSDEM] Call for participation: Retrocomputing Devroom - FOSDEM 2026
_______________________________________________
FOSDEM mailing list
FOSDEM@lists.fosdem.org
https://lists.fosdem.org/listinfo/fosdem-------- Message transféré --------
Sujet : [FOSDEM] Call for participation: Retrocomputing Devroom -
FOSDEM 2026
Date : Wed, 5 Nov 2025 00:04:19 +0100 (CET)
De : Sebas Devroom manager FOSDEM 2024 Retrocomputing <seg@seglabs.eu>
Pour : devrooms@fosdem.org <devrooms@fosdem.org>,
fosdem@lists.fosdem.org <fosdem@lists.fosdem.org>,
devroom-managers@lists.fosdem.org <devroom-managers@lists.fosdem.org>,
retrocomputing-devroom-manager@fosdem.org
<retrocomputing-devroom-manager@fosdem.org>
*******************************************************************************
*
*
* # FOSDEM 2026 - Retrocomputing Devroom - Call for participation: # *
*
*
*
*
*******************************************************************************
* Retrocomputing Devroom - WHAT
FOSDEM offers open source and free software developers a place to meet,
share ideas and collaborate. Renowned for being highly
developer-oriented, the event brings together some 8500+ participants
from all over the world.
The twenty-sixth edition will take place Saturday 31st January and
Sunday 01st February 2026 in Brussels, Belgium.
The *Retrocomputing DevRoom* will welcome your talks about usage of
older computing hardware and software in modern times.
* Presentation topics may include, but are not limited to:
- Emulation of old systems (i.e. to run videogames, legacy
software, etc.);
- New software, hardware or related to be used with classic systems;
- Open source software emulation/simulation;
- Open hardware;
- Operating systems for retrocomputers & retrosystems;
- Uses of retrocomputing today;
- Other retrocomputing topics;
FOSDEM is an open source conference, therefore commercial and/or
marketing presentations are not allowed.
* Timeline - WHEN
- Deadline submission of your talk proposal: December 01st 2025;
- Accepted talks to be notified by December 15th, 2025;
- FOSDEM dates 31st January & 01st February 2026;
- *Retrocomputing devroom: 01st February 2026 (afternoon).*
* Submission of proposal - practicalities - HOW
We are accepting talks of 20-30 minutes, with time for Q&A's afterwards.
Should you need less or more time, please let us know in your submission.
The conference language is English.
Talks will be delivered live, no pre-recorded talks!!
All submissions have to be made in the pretalx event planning tool:
https://fosdem.org/submit (https://pretalx.fosdem.org/fosdem-2026/cfp)
While creating your proposal, please provide the title of your talk, a
short abstract (one or two paragraphs), and some information about
yourself (name, bio, and photo).
If you used Pentabarf for a previous FOSDEM edition, we are sorry to
inform you the data wasn't migrated.
Make sure you select "Retrocomoputing" Devroom!!
* Recording Permission - CONSENT
All FOSDEM talks will be recorded; this requires speakers to consent to
being recorded and streamed.
Therefore, should you wish to be a speaker, please note you implicitly
give consent for your talk to be recorded and streamed. The recordings
will be published under the same license as all FOSDEM content (CC-BY).
* Volunteering - SUPPORT
A couple of volunteers would be welcome to support during the afternoon
session, ie.: pass the mic. around the room; control room attendance
capacity; technical setup; etc.
Please reach out if you want to contribute in that sense.
* Contact
retrocomputing-devroom-manager at fosdem.org
* See you at FOSDEM!
FOSDEM is a free event for software developers to meet, share ideas and
collaborate. Every year, thousands of developers of free and open source
software from all over the world gather at the event in Brussels.
https://fosdem.org
By participating to the FOSDEM, you are required to adhere to the Code
of Conduct:
https://fosdem.org/2026/practical/conduct/
FOSDEM mailing list
FOSDEM@lists.fosdem.org
https://lists.fosdem.org/listinfo/fosdem-------- Message transféré --------
Sujet : [FOSDEM] Call for participation: Retrocomputing Devroom -
FOSDEM 2026
Date : Wed, 5 Nov 2025 00:04:19 +0100 (CET)
De : Sebas Devroom manager FOSDEM 2024 Retrocomputing <seg@seglabs.eu>
Pour : devrooms@fosdem.org <devrooms@fosdem.org>,
fosdem@lists.fosdem.org <fosdem@lists.fosdem.org>,
devroom-managers@lists.fosdem.org <devroom-managers@lists.fosdem.org>,
retrocomputing-devroom-manager@fosdem.org
<retrocomputing-devroom-manager@fosdem.org>
*******************************************************************************
*
*
* # FOSDEM 2026 - Retrocomputing Devroom - Call for participation: # *
*
*
*
*
*******************************************************************************
* Retrocomputing Devroom - WHAT
FOSDEM offers open source and free software developers a place to meet,
share ideas and collaborate. Renowned for being highly
developer-oriented, the event brings together some 8500+ participants
from all over the world.
The twenty-sixth edition will take place Saturday 31st January and
Sunday 01st February 2026 in Brussels, Belgium.
The *Retrocomputing DevRoom* will welcome your talks about usage of
older computing hardware and software in modern times.
* Presentation topics may include, but are not limited to:
- Emulation of old systems (i.e. to run videogames, legacy
software, etc.);
- New software, hardware or related to be used with classic systems;
- Open source software emulation/simulation;
- Open hardware;
- Operating systems for retrocomputers & retrosystems;
- Uses of retrocomputing today;
- Other retrocomputing topics;
FOSDEM is an open source conference, therefore commercial and/or
marketing presentations are not allowed.
* Timeline - WHEN
- Deadline submission of your talk proposal: December 01st 2025;
- Accepted talks to be notified by December 15th, 2025;
- FOSDEM dates 31st January & 01st February 2026;
- *Retrocomputing devroom: 01st February 2026 (afternoon).*
* Submission of proposal - practicalities - HOW
We are accepting talks of 20-30 minutes, with time for Q&A's afterwards.
Should you need less or more time, please let us know in your submission.
The conference language is English.
Talks will be delivered live, no pre-recorded talks!!
All submissions have to be made in the pretalx event planning tool:
https://fosdem.org/submit (https://pretalx.fosdem.org/fosdem-2026/cfp)
While creating your proposal, please provide the title of your talk, a
short abstract (one or two paragraphs), and some information about
yourself (name, bio, and photo).
If you used Pentabarf for a previous FOSDEM edition, we are sorry to
inform you the data wasn't migrated.
Make sure you select "Retrocomoputing" Devroom!!
* Recording Permission - CONSENT
All FOSDEM talks will be recorded; this requires speakers to consent to
being recorded and streamed.
Therefore, should you wish to be a speaker, please note you implicitly
give consent for your talk to be recorded and streamed. The recordings
will be published under the same license as all FOSDEM content (CC-BY).
* Volunteering - SUPPORT
A couple of volunteers would be welcome to support during the afternoon
session, ie.: pass the mic. around the room; control room attendance
capacity; technical setup; etc.
Please reach out if you want to contribute in that sense.
* Contact
retrocomputing-devroom-manager at fosdem.org
* See you at FOSDEM!
FOSDEM is a free event for software developers to meet, share ideas and
collaborate. Every year, thousands of developers of free and open source
software from all over the world gather at the event in Brussels.
https://fosdem.org
By participating to the FOSDEM, you are required to adhere to the Code
of Conduct:
https://fosdem.org/2026/practical/conduct/
Sunday, 28 September 2025
[netsurf-dev] Video playback support
Hello,
I am interested in NetSurf development.
I saw there was preliminary support for video content, and have written
some code to make it work with newer versions of GStreamer,
although I do wonder whether GStreamer really fits as a NetSurf dependancy.
I'd like to further improve video playback support in NetSurf, but would
like to know whether there is already someone working on it and if I
could contribute.
There are some issues beyond pure playback: video playback creates a
need for some streaming option in the content fetchers, as it is not
possible (especially for memory-constrained devices) to load the
whole video in advance. If such an option would be considered,
I would also be willing to implement it.
Thanks,
avis137
I am interested in NetSurf development.
I saw there was preliminary support for video content, and have written
some code to make it work with newer versions of GStreamer,
although I do wonder whether GStreamer really fits as a NetSurf dependancy.
I'd like to further improve video playback support in NetSurf, but would
like to know whether there is already someone working on it and if I
could contribute.
There are some issues beyond pure playback: video playback creates a
need for some streaming option in the content fetchers, as it is not
possible (especially for memory-constrained devices) to load the
whole video in advance. If such an option would be considered,
I would also be willing to implement it.
Thanks,
avis137
Thursday, 25 September 2025
[netsurf-dev] Help identifying cause of assert
Hi all
In the AmigaOS3 frontend I'm getting the following when visiting https://github.com/jens-maus/amissl (and other GitHub pages):
(0.000034) [ERR flex] content/handlers/html/layout_flex.c:246 layout_flex_item: box 0x42bd06ac: layout failed
(0.230806) [ERR flex] content/handlers/html/layout_flex.c:246 layout_flex_item: box 0x42bcdb94: layout failed
(0.341922) [ERR flex] content/handlers/html/layout_flex.c:246 layout_flex_item: box 0x42bc4da4: layout failed
followed by the assert:
"containing_block->width != UNKNOWN_WIDTH" failed in file "content/handlers/html/layout.c", line 4481
As this works on the AmigaOS4 frontend and there is minimal difference in the layout/window related code, I'm at a loss as to what is causing it. Can anybody provide any pointers?
Chris
In the AmigaOS3 frontend I'm getting the following when visiting https://github.com/jens-maus/amissl (and other GitHub pages):
(0.000034) [ERR flex] content/handlers/html/layout_flex.c:246 layout_flex_item: box 0x42bd06ac: layout failed
(0.230806) [ERR flex] content/handlers/html/layout_flex.c:246 layout_flex_item: box 0x42bcdb94: layout failed
(0.341922) [ERR flex] content/handlers/html/layout_flex.c:246 layout_flex_item: box 0x42bc4da4: layout failed
followed by the assert:
"containing_block->width != UNKNOWN_WIDTH" failed in file "content/handlers/html/layout.c", line 4481
As this works on the AmigaOS4 frontend and there is minimal difference in the layout/window related code, I'm at a loss as to what is causing it. Can anybody provide any pointers?
Chris
Monday, 22 September 2025
[netsurf-users] Re: Question about security
Hi Michael,
Thanks, good to know CodeQL is running.
How do you feel about applying to OSS-fuzz for the library ?
Then we could have pretty good confidence in its safety.
I am able to build libcss outside of NetSURF using meson, so there is nothing stopping
us from doing this other than creating a corpus of test css files, and writing the fuzzer.
Best,
Aaron
On Saturday, September 20th, 2025 at 1:03 PM, Michael Drake <dmarc-noreply@freelists.org> wrote:
Hi Aaron,The issues detected by CodeQL appear under the security tab.Probably not available unless you're a member of the repo.You can read about it here:The analysis is enabled by a CI workflow:
https://github.com/netsurf-browser/libcss/blob/master/.github/workflows/static-analysis.yaml#L48There were three issues which I've squashed. I put the CodeQL Rule ID and description in the commit messages so you can see an example:Best regards,MichaelOn Wed, 17 Sept 2025 at 14:49, Aaron Boxer <dmarc-noreply@freelists.org> wrote:Hi Michael,Thanks, that helps. I looked at the Github mirror but CodeQL does not seem available - do you make this public elsewhere? The fact that libcss only does parsing and not rendering does reduce the attack surface, but there are a number of parsing vulnerabilities like ReDos that have affected other libraries such as WebKIT css parser.Best,AaronOn Wednesday, September 17th, 2025 at 9:29 AM, Michael Drake <dmarc-noreply@freelists.org> wrote:
Hi Aaron,For static analysis be have Coverity and Clang scan-build for libcss on Jenkins.And on the GitHub mirror we have CodeQL.Some of our libraries have been been fuzzed but I'm not sure if it's done routinely or ad-hoc. I'm also not sure if libcss was covered.Best regards,MichaelOn Wed, 17 Sept 2025 at 14:20, Aaron Boxer <dmarc-noreply@freelists.org> wrote:Hello!I am interested in learning more about the safety and security of the NetSurf project in general, and the libcss library in particular. I don't see any CVEs listed for NetSurf, have there been any security incidents in the past, and is there any infrastructure in place like fuzzing or static analysis to mitigate standard C security issues like buffer overflow or use after free ?I am interested in libcss in particular because I would like to use it in another project, GStreamer, which is part of many Linux distros; security is a big issue.Many Thanks,Aaron
Saturday, 20 September 2025
[netsurf-users] Re: Question about security
Hi Aaron,
The issues detected by CodeQL appear under the security tab.
Probably not available unless you're a member of the repo.
You can read about it here:
The analysis is enabled by a CI workflow:
https://github.com/netsurf-browser/libcss/blob/master/.github/workflows/static-analysis.yaml#L48
https://github.com/netsurf-browser/libcss/blob/master/.github/workflows/static-analysis.yaml#L48
There were three issues which I've squashed. I put the CodeQL Rule ID and description in the commit messages so you can see an example:
Best regards,
Michael
On Wed, 17 Sept 2025 at 14:49, Aaron Boxer <dmarc-noreply@freelists.org> wrote:
Hi Michael,Thanks, that helps. I looked at the Github mirror but CodeQL does not seem available - do you make this public elsewhere? The fact that libcss only does parsing and not rendering does reduce the attack surface, but there are a number of parsing vulnerabilities like ReDos that have affected other libraries such as WebKIT css parser.Best,AaronOn Wednesday, September 17th, 2025 at 9:29 AM, Michael Drake <dmarc-noreply@freelists.org> wrote:
Hi Aaron,For static analysis be have Coverity and Clang scan-build for libcss on Jenkins.And on the GitHub mirror we have CodeQL.Some of our libraries have been been fuzzed but I'm not sure if it's done routinely or ad-hoc. I'm also not sure if libcss was covered.Best regards,MichaelOn Wed, 17 Sept 2025 at 14:20, Aaron Boxer <dmarc-noreply@freelists.org> wrote:Hello!I am interested in learning more about the safety and security of the NetSurf project in general, and the libcss library in particular. I don't see any CVEs listed for NetSurf, have there been any security incidents in the past, and is there any infrastructure in place like fuzzing or static analysis to mitigate standard C security issues like buffer overflow or use after free ?I am interested in libcss in particular because I would like to use it in another project, GStreamer, which is part of many Linux distros; security is a big issue.Many Thanks,Aaron
Wednesday, 17 September 2025
[netsurf-users] Re: Question about security
Hi Michael,
Thanks, that helps. I looked at the Github mirror but CodeQL does not seem available - do you make this public elsewhere? The fact that libcss only does parsing and not rendering does reduce the attack surface, but there are a number of parsing vulnerabilities like ReDos that have affected other libraries such as WebKIT css parser.
Best,
Aaron
On Wednesday, September 17th, 2025 at 9:29 AM, Michael Drake <dmarc-noreply@freelists.org> wrote:
Hi Aaron,For static analysis be have Coverity and Clang scan-build for libcss on Jenkins.And on the GitHub mirror we have CodeQL.Some of our libraries have been been fuzzed but I'm not sure if it's done routinely or ad-hoc. I'm also not sure if libcss was covered.Best regards,MichaelOn Wed, 17 Sept 2025 at 14:20, Aaron Boxer <dmarc-noreply@freelists.org> wrote:Hello!I am interested in learning more about the safety and security of the NetSurf project in general, and the libcss library in particular. I don't see any CVEs listed for NetSurf, have there been any security incidents in the past, and is there any infrastructure in place like fuzzing or static analysis to mitigate standard C security issues like buffer overflow or use after free ?I am interested in libcss in particular because I would like to use it in another project, GStreamer, which is part of many Linux distros; security is a big issue.Many Thanks,Aaron
Subscribe to:
Comments (Atom)