Lukas Javorsky <ljavo...@redhat.com> writes:
> Hi,
>
> As from the pcre-8.45, the upstream stopped supporting this
> library. The recommended procedure is to switch onto the new pcre2
> library that has full upstream support. [1]

I was looking into doing this as much as possible for AL2022 and managed
to dig a bit on how to solve some of these. Some knowledge I gained (and
pull requests linked) below:

> As a result of this announcement, the older PCRE library in Fedora will be 
> retired.
> Without upstream support, we don't have enough capacity to keep up
> with the security and bugs-related issues, and thus we will support
> only the new PCRE2 library. [2]
>
> The retirement procedure will happen in the upcoming weeks, so if you would 
> like to take over the package let us know.
>
>
> The list of affected packages:

> aide

aide has been ported upstream (at least in the dev branch),
https://src.fedoraproject.org/rpms/aide/pull-request/3 

> cppcheck
> cppcheck-gui

cppcheck can be built without HAVE_RULES which will avoid pcre at the
expense of functionality.

> ganglia
> ganglia-gmond

Ganglia has been effectively dead upstream for a long time, with no
functional security patching or keeping up to date with modern
PHP. Arguably it should also go, or come with bright flashing warning
lights.

> grep

There's been some development upstream on it:

commit e0d39a9133e1507345d73ac5aff85f037f39aa54
Author: Carlo Marcelo Arenas Belón <care...@gmail.com>
Date:   Fri Nov 12 16:45:04 2021 -0800

    grep: migrate to pcre2


and there's been a few bug fixes since then. It looks like a new release
is in the works, so this should be solved shortly.

> mod_security
> mod_security-mlogc

https://www.modsecurity.org/ seems to indicate that upstream has made
some fundamental changes, and will now be community maintained.

It does seem that PCRE2 support came in though
https://github.com/SpiderLabs/ModSecurity/commit/f84614fe066f74d111b802d582599655d0d7e3af

> nmap

There appears to be a renewed interest upstream for porting over
https://github.com/nmap/nmap/issues/1335


> openscap
> openscap-engine-sce

There's an upstream issue tracking this, I've mentioned that both
Fedora and Amazon Linux are looking to be without pcre in the not too
distant future.
See https://github.com/OpenSCAP/openscap/issues/1873

> postfix-pcre

Looks like it's a simple fix to the current upstream release:
https://src.fedoraproject.org/rpms/postfix/pull-request/6

> zsh

I haven't been able to find any clues on if upstream is working on this
or not. I'd love to know though!
_______________________________________________
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Reply via email to