* Reindl Harald [07/01/2012 08:37] :
>
> however - why do we spit the current running versions to everyone?
In the case of openssh, it's to allow the client to work around known bugs
in the server. In other cases, it's simply of case of not wanting to patch
gratuitously packages.
Emmanuel
--
dev
Once upon a time, Reindl Harald said:
> no, one keys of security is to provide as less informations as
> absolutely necessary, not only for sshd, for every single
> service
That's a key for a false sense of security.
> in the best case no single foreign person has an idea
> what software you are
Once upon a time, Reindl Harald said:
> but i also know that from "SSH-2.0-OpenSSH_5.8" only "SSH-2.0"
> is relevant for clients
That's not actually true for SSH. The additional bits can be used to
work around known problems with specific versions.
--
Chris Adams
Systems and Network Administr
Once upon a time, Reindl Harald said:
> Am 07.01.2012 06:35, schrieb Digimer:
> > If you have a "security expert" who can't grasp the concept of
> > back-ported bug fixes, and is unwilling to test for specific
> > vulnerabilities' existence, it's time to get a new expert.
>
> you are missing the
Am 07.01.2012 08:02, schrieb Digimer:
>> i know about the pros and cons for obscurity
>>
>> but i also know that from "SSH-2.0-OpenSSH_5.8" only "SSH-2.0"
>> is relevant for clients and having backports in mind this must
>> be the truth because if the whole version would matter all
>> LTS distrib
On 01/07/2012 01:59 AM, Reindl Harald wrote:
>
>
> Am 07.01.2012 07:52, schrieb Digimer:
>> On 01/07/2012 01:02 AM, Reindl Harald wrote:
>>> Am 07.01.2012 06:35, schrieb Digimer:
> if you have a big customer which hires a 3rd party auditor
> you are NOT in the poisiton to give such argume
Am 07.01.2012 07:52, schrieb Digimer:
> On 01/07/2012 01:02 AM, Reindl Harald wrote:
>> Am 07.01.2012 06:35, schrieb Digimer:
if you have a big customer which hires a 3rd party auditor
you are NOT in the poisiton to give such arguments or
you can give them but you can not change AN
On 01/07/2012 01:02 AM, Reindl Harald wrote:
> Am 07.01.2012 06:35, schrieb Digimer:
>>> if you have a big customer which hires a 3rd party auditor
>>> you are NOT in the poisiton to give such arguments or
>>> you can give them but you can not change ANYTHING in
>>> the fact that finally "fix it or
On Fri, Jan 6, 2012 at 10:02 PM, Reindl Harald wrote:
> you are missing the point A BIG CUSTOMER has a security-expert
And you, as a trusted vendor, have an opportunity to educate your
customer about their security expert, and about how the Fedora project
works.
Fedora's stance is consistent wit
On 6 January 2012 22:31, Reindl Harald wrote:
>
> Am 07.01.2012 06:13, schrieb Stephen John Smoogen:
>> On 6 January 2012 21:46, Kevin Kofler wrote:
>>> Reindl Harald wrote:
would it not be a good idea to NOT disclosure service versions?
https://bugzilla.redhat.com/show_bug.cgi?id=71813
Am 07.01.2012 06:35, schrieb Digimer:
>> if you have a big customer which hires a 3rd party auditor
>> you are NOT in the poisiton to give such arguments or
>> you can give them but you can not change ANYTHING in
>> the fact that finally "fix it or shutdown the service"
>> is what you have to do
>
On 01/07/2012 12:31 AM, Reindl Harald wrote:
>
> Am 07.01.2012 06:13, schrieb Stephen John Smoogen:
>> On 6 January 2012 21:46, Kevin Kofler wrote:
>>> Reindl Harald wrote:
would it not be a good idea to NOT disclosure service versions?
https://bugzilla.redhat.com/show_bug.cgi?id=718133
Am 07.01.2012 06:13, schrieb Stephen John Smoogen:
> On 6 January 2012 21:46, Kevin Kofler wrote:
>> Reindl Harald wrote:
>>> would it not be a good idea to NOT disclosure service versions?
>>> https://bugzilla.redhat.com/show_bug.cgi?id=718133
>>>
>>> you will more and more have the "problem" of
On 6 January 2012 21:46, Kevin Kofler wrote:
> Reindl Harald wrote:
>> would it not be a good idea to NOT disclosure service versions?
>> https://bugzilla.redhat.com/show_bug.cgi?id=718133
>>
>> you will more and more have the "problem" of 3rd party
>> security scans to your servers and currently
On 01/06/2012 11:09 PM, Reindl Harald wrote:
> would it not be a good idea to NOT disclosure service versions?
> https://bugzilla.redhat.com/show_bug.cgi?id=718133
>
> you will more and more have the "problem" of 3rd party
> security scans to your servers and currently in the case
> of openssh the
Reindl Harald wrote:
> would it not be a good idea to NOT disclosure service versions?
> https://bugzilla.redhat.com/show_bug.cgi?id=718133
>
> you will more and more have the "problem" of 3rd party
> security scans to your servers and currently in the case
> of openssh the only solution is to tka
On Sat, Jan 07, 2012 at 05:09:42 +0100,
Reindl Harald wrote:
>
> however - why do we spit the current running versions to everyone?
It can help when trouble shooting problems. The current version isn't
really that helpful to attackers anyway. It's about as easy to just to try
an exploit as it
would it not be a good idea to NOT disclosure service versions?
https://bugzilla.redhat.com/show_bug.cgi?id=718133
you will more and more have the "problem" of 3rd party
security scans to your servers and currently in the case
of openssh the only solution is to tkae the F16-src-rpm
and rebuild it
Just for the historical record: the QA meeting for 2011-12-26 was
cancelled, as with the two previous weeks, due to a lack of topics
requiring discussion, and many group members being otherwise occupied
over the holidays.
--
Adam Williamson
Fedora QA Community Monkey
IRC: adamw | Twitter: AdamW_Fe
# Fedora Quality Assurance Meeting
# Date: 2012-01-09
# Time: 16:00 UTC
(https://fedoraproject.org/wiki/Infrastructure/UTCHowto)
# Location: #fedora-meeting on irc.freenode.net
Greetings testers!
Hope everyone had a good time over the holidays! Now RH staff are back
at work, and Fedora 17 and FUD
Richard W.M. Jones wrote:
> ocaml-facile-1.1-14.fc15
* Rebuilt
* Checked for new upstream version, none (since 2005… but hey, the current
version works fine)
* Cleaned up the packaging
I also rebuilt kalzium which is statically linked against ocaml-facile (it's
a C++ app embedding ocamlopt nati
Kevin Fenzi wrote:
> Yeah, we should update that.
>
> See also: https://fedorahosted.org/bodhi/ticket/277
Uh, hasn't FESCo recently voted to allow submitters to karma up their own
packages if they're doing it in response to feedback from other people
coming through non-Bodhi channels?
On Fri, 06.01.12 14:55, Richard Shaw (hobbes1...@gmail.com) wrote:
> Ok, I didn't know how to make the subject any shorter, but there's a
> big BUT in this, but (hehe) first a summary.
>
> I have a user of MythTV that has capture devices which require a
> firmware be uploaded. As a consequence, t
Adam Williamson (awill...@redhat.com) said:
> On Thu, 2012-01-05 at 13:13 -0500, Bill Nottingham wrote:
> > Tom Lane (t...@redhat.com) said:
> > > So I submitted a routine bodhi request for updating mysql, and was
> > > astonished to find that it's marked as critpath. It was never that
> > > bef
I had previously taken over the mediawiki-openid package from Axel
Thimm in like early 2010. I'd also be willing to take over fail2ban
(also Axil Thimm). So that's 2 down, 800 to go =).
On Fri, Jan 6, 2012 at 11:01 AM, Kevin Fenzi wrote:
> Greetings.
>
> Last year we asked everyone to change thei
On Fri, Jan 6, 2012 at 3:03 PM, Richard W.M. Jones wrote:
> On Fri, Jan 06, 2012 at 02:55:35PM -0600, Richard Shaw wrote:
>> Ok, I didn't know how to make the subject any shorter, but there's a
>> big BUT in this, but (hehe) first a summary.
>>
>> I have a user of MythTV that has capture devices w
On Thu, 2012-01-05 at 20:25 +0100, Kevin Kofler wrote:
> Bill Nottingham wrote:
> > kdepim is in critical path as part of 'critical-path-apps', which is
> > essentially mail & web. The change that caused this to get added is that
> > the script prior to early December wasn't actually iterating over
On Thu, 2012-01-05 at 13:13 -0500, Bill Nottingham wrote:
> Tom Lane (t...@redhat.com) said:
> > So I submitted a routine bodhi request for updating mysql, and was
> > astonished to find that it's marked as critpath. It was never that
> > before. Who decided this,
>
> The dependency solver. It'
On Fri, Jan 06, 2012 at 02:55:35PM -0600, Richard Shaw wrote:
> Ok, I didn't know how to make the subject any shorter, but there's a
> big BUT in this, but (hehe) first a summary.
>
> I have a user of MythTV that has capture devices which require a
> firmware be uploaded. As a consequence, the /de
Ok, I didn't know how to make the subject any shorter, but there's a
big BUT in this, but (hehe) first a summary.
I have a user of MythTV that has capture devices which require a
firmware be uploaded. As a consequence, the /dev paths are not always
created by the time mythbackend tries to start. A
If you are attending FUDCon:Blacksburg next week (January 13-15), you
need to request a guest internet access account in order to use the
guest wireless access on the Virginia Tech campus. It is requested that
you sign up for this account PRIOR to your arrival at FUDCon. Pretty please.
Directi
Hi,
On 01/06/2012 06:09 PM, Brendan Jones wrote:
On 01/06/2012 05:03 PM, Peter Lemenkov wrote:
Hello All!
2011/12/15 Brendan Jones:
I would like to swap reviews for the following. All are very tiny so feel
free to swap 2 for one. Listed in descending priority:
https://bugzilla.redhat.com/s
Am Freitag, 6. Januar 2012, 18:09:08 schrieb Brendan Jones:
> On 01/06/2012 05:03 PM, Peter Lemenkov wrote:
> > Hello All!
> >
> > 2011/12/15 Brendan Jones:
> >> I would like to swap reviews for the following. All are very tiny so
> >> feel free to swap 2 for one. Listed in descending priority:
>
On 01/06/2012 11:34 AM, Remi Collet wrote:
Le 06/01/2012 19:00, Orion Poplawski a écrit :
How do you generally make use of it? In the course of my build process
I don't normally have two versions of the same library installed on one
machine which seems to be what is needed to use it.
I use i
==
#fedora-meeting: Fedora kernel
==
Meeting started by jwb at 18:00:02 UTC. The full logs are available at
http://meetbot.fedoraproject.org/fedora-meeting/2012-01-06/fedora_kernel.2012-01-06-18.00.log.html
.
Meeting summary
-
commit 08e490532d0e52d8cdb44c6aadc3e24ec1a609a0
Author: Xavier Bachelot
Date: Fri Jan 6 18:25:59 2012 +0100
fix typo in changelog date
perl-MIME-Charset.spec |2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/perl-MIME-Charset.spec b/perl-MIME-Charset.spec
index
Le 06/01/2012 19:00, Orion Poplawski a écrit :
> How do you generally make use of it? In the course of my build process
> I don't normally have two versions of the same library installed on one
> machine which seems to be what is needed to use it.
I use it for some lib I maintain
- generate the
On Fri, Jan 6, 2012 at 11:16 AM, Richard W.M. Jones wrote:
> Below are the ones that I HAVEN'T done. Feel free to jump in!
> However please check the upstream for each package to see if there is
> a new version, and if so, update to it.
>
> ocaml-apron-0.9.10-4.fc17
> ocaml-ocamlgraph-1.8.1-1.fc1
On Fri, Jan 06, 2012 at 12:47:39PM +, Richard W.M. Jones wrote:
>
> http://caml.inria.fr/ocaml/release.en.html
>
> 3.12.1 is a simple bugfix update to the compiler.
It probably would have been a good idea to link to the release notes ...
http://caml.inria.fr/pub/distrib/ocaml-3.12/notes/C
Greetings.
Last year we asked everyone to change their fedora account system
password and upload a new ssh public key. The deadline for this was
2011-11-30. Those who had not uploaded a new key or changed their
password were marked 'inactive' in the fedora account system.
Some subset of those i
On Tue, 03 Jan 2012 17:14:20 -0800
Adam Williamson wrote:
> On Tue, 2011-12-27 at 09:55 -0600, Rex Dieter wrote:
> > Michael Schwendt wrote:
> >
> > > On Tue, 27 Dec 2011 12:43:02 +0100, FD (Francesco) wrote:
> > >
> > >> fawkes-plugin-player.x86_64 require libgeos-3.3.0.so (64bit) but
> > >> g
On 11/14/2011 12:46 PM, Richard Shaw wrote:
I was looking for a way to check abi compatibility for a package I
maintain that does not control API/ABI compatibility and found this:
http://forge.ispras.ru/projects/abi-compliance-checker
I already have it packaged for my own use so I thought I'd c
On 01/06/2012 05:03 PM, Peter Lemenkov wrote:
Hello All!
2011/12/15 Brendan Jones:
I would like to swap reviews for the following. All are very tiny so feel
free to swap 2 for one. Listed in descending priority:
https://bugzilla.redhat.com/show_bug.cgi?id=760270
lv2-ams-plugins - LV2 port of
openCOLLADA is failing to build with GCC 4.7 in rawhide and I was
hoping someone could point me in the right direction for a solution.
Below is the build log snippet.
Thanks,
Richard
---
[ 2%] Building CXX object
GeneratedSaxParser/CMakeFiles/GeneratedSaxParser_shared.dir/src/GeneratedSaxParserP
Hello All!
2011/12/15 Brendan Jones :
> I would like to swap reviews for the following. All are very tiny so feel
> free to swap 2 for one. Listed in descending priority:
> https://bugzilla.redhat.com/show_bug.cgi?id=760270
> lv2-ams-plugins - LV2 port of the Alsa Modular Synth modules
>
> https:
On Fri, Jan 06, 2012 at 04:16:59PM +0100, Iain Arnell wrote:
> On Fri, Jan 6, 2012 at 4:02 PM, Petr Pisar wrote:
> > Hello,
> >
> > I've just built CPAN variant of ExtUtils::MakeMaker in F17. I've been using
> > the version for long time in my F17 virtual machine for doing package
> > reviews,
>
Michael Cronenworth writes:
> Kevin Kofler wrote:
>> PostgreSQL requires manual intervention at each upgrade (dump BEFORE you
>> upgrade, restore afterwards)
> As of PostgreSQL 9.0, there is an upgrade utility[1] that doesn't
> require a dump/restore.
But it does still require manual interventi
commit 21d666541be57b16d95d0241325283775a2570da
Author: Iain Arnell
Date: Fri Jan 6 16:31:42 2012 +0100
update to 0.009013
.gitignore|1 +
perl-Moo.spec | 11 +++
sources |2 +-
3 files changed, 9 insertions(+), 5 deletions(-)
---
diff --git a/.gitignore b/.git
A file has been added to the lookaside cache for perl-Moo:
80ec444a3d274abe66b37ea4e5006ab9 Moo-0.009013.tar.gz
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/
Kevin Kofler wrote:
PostgreSQL requires manual intervention at each upgrade (dump BEFORE you
upgrade, restore afterwards)
As of PostgreSQL 9.0, there is an upgrade utility[1] that doesn't
require a dump/restore. I have used it to go from 8.4 to 9.0 and now 9.0
to 9.1 without an issue.
[1] h
Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug.
https://bugzilla.redhat.com/show_bug.cgi?id=771781
--- Comment #2 from Miloslav Trmač 2012-01-06 09:32:48 EST ---
Created attachment 551153
--> https://bugzilla.redhat.com/attac
Zoltan Boszormenyi wrote:
> Then switch to using PostgreSQL as the database backend.
> It's secure by default (e.g. only allows localhost connections) and
> has better concurrency than MySQL. It's also Tom Lane's territory
> and I like it better too. :-)
PostgreSQL requires manual intervention at
On 01/06/2012 12:33 PM, Gregor Tätzner wrote:
Am Donnerstag, 5. Januar 2012, 16:31:49 schrieb Brendan Jones:
On 12/15/2011 07:14 PM, Brendan Jones wrote:
I would like to swap reviews for the following. All are very tiny so
feel free to swap 2 for one. Listed in descending priority:
https://bug
Summary of changes:
16a9d13... Initial import after review (rhbz #754754) (*)
d37899b... Add BR for ExtUtils::Install (*)
(*) This commit already existed in another branch; no separate mail sent
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing li
http://caml.inria.fr/ocaml/release.en.html
3.12.1 is a simple bugfix update to the compiler.
I'm expecting this may cause some broken dependencies. I intend to
fix these as they come up over the next few days, and make sure that
all OCaml packages are at the latest upstream versions at the same
On 01/06/2012 10:15 AM, Hans de Goede wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=760270
lv2-ams-plugins - LV2 port of the Alsa Modular Synth modules
Hans if you could take the lv2-ams-plugins that would be great! I will
eagerly await yours ...
As for the ladspa plugins, sure, happy t
Am Donnerstag, 5. Januar 2012, 16:31:49 schrieb Brendan Jones:
> On 12/15/2011 07:14 PM, Brendan Jones wrote:
> > I would like to swap reviews for the following. All are very tiny so
> > feel free to swap 2 for one. Listed in descending priority:
> >
> > https://bugzilla.redhat.com/show_bug.cgi?id
A file has been added to the lookaside cache for perl-Graph-Easy:
e0ff999694110fda648d8b19a2da53df Graph-Easy-0.71.tar.gz
--
Fedora Extras Perl SIG
http://www.fedoraproject.org/wiki/Extras/SIGs/Perl
perl-devel mailing list
perl-de...@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman
On 2012-01-05, Björn Persson wrote:
> The simplest solution seems to be to let SIG members co-maintain
> redhat-rpm-config. Did you have some more elaborate solution in mind?
>
My idea is to let SIGs to maintain their specific standalone packages
injecting files into /etc/rpm and to ask redhat-rpm
Rex, count with me, even I'm probably not the right person too
but I think it's the must to have it and properly maintained.
R.
- Original Message -
> Being the avid package monkey I am, I whipped up some initial
> packaging for
> http://gitorious.org/qt-at-spi/ in my space at
> http://rd
Hi,
On 01/05/2012 04:31 PM, Brendan Jones wrote:
On 12/15/2011 07:14 PM, Brendan Jones wrote:
I would like to swap reviews for the following. All are very tiny so
feel free to swap 2 for one. Listed in descending priority:
https://bugzilla.redhat.com/show_bug.cgi?id=760270
lv2-ams-plugins - LV
2012-01-05 20:20 keltezéssel, Kevin Kofler írta:
> Rex Dieter wrote:
>> I'm of a mind to revisit this (again).
> NO, not again!!!
>
> Can we please stop this nonsense?
>
> Upstream defaults to MySQL for a reason, and strongly recommends NOT using
> the SQLite backend by default. SQLite doesn't sup
On Thu, 05 Jan 2012 14:38:57 -0600
Rex Dieter wrote:
> Stijn Hoop wrote:
>
> > Well it also took them two years to consider 'NFS mounted home' a
> > valid use case, during which the whole 'you really need MySQL!!!'
> > was broken for our site.
>
> It's easy to switch (maybe I should blog about
63 matches
Mail list logo
