On Mon, 2022-09-05 at 22:45 -0400, Daniel Micay via devel wrote:
> The comparison is being done incorrectly. Since hardened_malloc
> builds
> both a lightweight and heavyweight library by default, and since I
> already explained this and that the lightweight library still has
> optional security fe
On Wed, Aug 31, 2022 at 05:59:42PM +0200, Pablo Mendez Hernandez wrote:
> Adding Daniel for awareness.
Why was the heavyweight rather than lightweight configuration used? Why
compare with all the expensive optional security features enabled? Even
the lightweight configuration has 2 of the optional
On Wed, Aug 31, 2022 at 10:19:51AM -0700, John Reiser wrote:
> > Bottom line opinion: hardened_malloc ... costs too much.
>
> Attempting to be constructive: Psychologically, I might be willing to pay
> a "security tax" of something like 17%, partly on the basis of similarity
> to the VAT rate (Val
As I did those updates..
well explained, thx.
But this then seems to be a more general problem of how we want to
support a switch an application from one ESR/LTS release if it is EOL to
the next.
not terribly differently than others -- with an abundance of end-user education
and caution?
t
On Mon, Sep 05, 2022 at 12:13:26PM +0200, Miro Hrončok wrote:
> On 05. 09. 22 11:07, Vít Ondruch wrote:
> >
> > Apart from that, I don't think that the pseudo-users or group ownership
> > would work. I saw a good amount of people giving the packages to some
> > groups or pseudo-users, but in turn,
On Mon, 2022-09-05 at 15:00 -0500, Maxwell G via devel wrote:
> On Monday, September 5, 2022 Richard W.M. Jones wrote:
> > I have a downstream patch[0] which -- I don't really understand why
> > --
> > breaks riscv64 builds but is necessary for primary Fedora arches.
> > Is
> > it correct to do:
>
On 5/9/22 16:42, Richard W.M. Jones wrote:
I have a downstream patch[0] which -- I don't really understand why --
breaks riscv64 builds but is necessary for primary Fedora arches. Is
it correct to do:
%ifnarch riscv64
Patch123: downstream.patch
%endif
When I have to do things like t
On Monday, September 5, 2022 Mark E. Fuller wrote:
> Can someone point me to a good resource on how (if permitted) I can make
> appropriate compat(?) packages to allow for two major versions of the
> same package to be available?
> Is this allowed for EPEL?
You can package compat packages as long
On Monday, September 5, 2022 Peter Robinson wrote:
> it would probably be easier to join and become a packager by
> packaging a random leaf package no one would use, then as a packager
> pick up an random orphaned package that's in the core distro and then
> just compromise the distro that way TBH
On Monday, September 5, 2022 Richard W.M. Jones wrote:
> I have a downstream patch[0] which -- I don't really understand why --
> breaks riscv64 builds but is necessary for primary Fedora arches. Is
> it correct to do:
>
> %ifnarch riscv64
> Patch123: downstream.patch
> %endif
>
> given th
On Mon, Sep 05, 2022 at 09:56:58PM +0200, Dominik 'Rathann' Mierzejewski wrote:
> On Monday, 05 September 2022 at 21:42, Richard W.M. Jones wrote:
> > I have a downstream patch[0] which -- I don't really understand why --
> > breaks riscv64 builds but is necessary for primary Fedora arches. Is
> >
On Monday, 05 September 2022 at 21:42, Richard W.M. Jones wrote:
> I have a downstream patch[0] which -- I don't really understand why --
> breaks riscv64 builds but is necessary for primary Fedora arches. Is
> it correct to do:
>
> %ifnarch riscv64
> Patch123: downstream.patch
> %endif
>
I have a downstream patch[0] which -- I don't really understand why --
breaks riscv64 builds but is necessary for primary Fedora arches. Is
it correct to do:
%ifnarch riscv64
Patch123: downstream.patch
%endif
given that the package uses %autosetup and therefore doesn't have
explicit %patch
Hi all,
Can someone point me to a good resource on how (if permitted) I can make
appropriate compat(?) packages to allow for two major versions of the
same package to be available?
Is this allowed for EPEL?
Thanks
--
Mark E. Fuller, Ph.D.
ful...@fedoraproject.org
ful...@mefuller.dev
@fuller:
Hello All!
This spec is actually quite simple - it does all the heavy lifting
with generic Erlang macros, builds cleanly, so it won't take you long
https://bugzilla.redhat.com/show_bug.cgi?id=2123175
I am willing to review something which got stuck in your queue for a while.
--
With best regard
On Mon, Sep 5, 2022 at 2:01 PM Sandro wrote:
> Thank you, Miro, for the explanation and the pull request. I remember
> switching away from setup.cfg after being told that pyproject.toml is
> the way forward. I must have missed the fact that this required a newer
> minimum version of setuptools.
On 05-09-2022 19:17, Miro Hrončok wrote:
On 05. 09. 22 19:00, Sandro wrote:
I see the following errors in the build log of a fc36 build [1]:
ValueError: Globs did not match any module: pymunin
Going up it looks like the name of the package is not expanded and falls back
to UNKNOWN:
Successful
Hey All,
We have a bunch of test days coming up, we are currently running
StrongCryptoSettings3 test day. I will be keeping this open for
community members to come and test. It's fairly simple, just run the
commands you find in[0] and your output should correspond to [1]
This is an *unconventiona
On Wed, Aug 31, 2022 at 1:37 PM Jerry James wrote:
> They're all done, except for this one:
>
> python-furo: https://bugzilla.redhat.com/show_bug.cgi?id=2121594
>
> It's a bit complicated, due to needing a pile of JavaScript at build
> time. Who would like to swap reviews? Give me a complicated
On 05. 09. 22 19:17, Miro Hrončok wrote:
My guess is that when PyMunin3 started to use this feature:
https://github.com/penguinpee/PyMunin3/commit/3993dcaa5366da9d771575e8735dd5a7a2c13894
They should have changed the minimal required setuptools version in:
https://github.com/penguinpee/PyM
On 05. 09. 22 19:00, Sandro wrote:
I see the following errors in the build log of a fc36 build [1]:
ValueError: Globs did not match any module: pymunin
Going up it looks like the name of the package is not expanded and falls back
to UNKNOWN:
Successfully built UNKNOWN
However, the builds fo
I see the following errors in the build log of a fc36 build [1]:
ValueError: Globs did not match any module: pymunin
Going up it looks like the name of the package is not expanded and falls
back to UNKNOWN:
Successfully built UNKNOWN
However, the builds for fc37 and rawhide did succeed. I al
On Sun, Sep 4, 2022 at 5:30 PM Michael Catanzaro wrote:
> And anybody who isn't willing .
... or able (they are not free, and there may be other
restrictions regarding crypto capable device export/import
that can require a bit of hoop jumping due to sourcing
site shrinkage, all of which does
On Mon, Sep 5, 2022 at 6:00 PM Richard Shaw wrote:
>
> I was able to fix my EPEL 7 package and performed a successful build:
> https://koji.fedoraproject.org/koji/buildinfo?buildID=2058266
>
> So I forced a Koschei build to clear the error, but it still built the
> PREVIOUS SRPM:
> https://kosche
On 05/09/2022 17:58, Alexander Bokovoy wrote:
They are using tokens from Aladdin,
Feitian, and Rutoken, compatible with FIDO2 U2F/WebAuthn. These products
are certified and allowed for use in Russia.
AFAIK, Aladdin and Rutoken requires their own proprietary drivers for
GNU/Linux.
--
Sincerel
I've taken a few more (a few for the neuro-sig):
> Depending on: mcpanel (1), status change: 2022-08-30 (0 weeks ago)
> eegview (maintained by: aekoroglu, ankursinha, neuro-sig)
> eegview-0.0-15.fc37.src requires mcpanel-devel = 0.0-15.fc37
> eegview-0.0-15.fc37.x
On ma, 05 syys 2022, Vitaly Zaitsev via devel wrote:
On 05/09/2022 17:05, Alexander Bokovoy wrote:
The site blocks access from outside of Russia.
Yes, you need RU proxy to read the original documents. But you can use
your favorite search engine to find "FSB notification" articles in
English.
On Mon, 2022-09-05 at 16:16 +0200, Fabio Valentini wrote:
> On Mon, Sep 5, 2022 at 4:09 PM Miro Hrončok
> wrote:
> >
> > On 05. 09. 22 14:07, Sérgio Basto wrote:
> > >
> > > fortune-mod says "Orphaned for: Orphaned by releng" , which user
> > > was
> > > considered unresponsive ?
> > > Where I
On 05/09/2022 17:05, Alexander Bokovoy wrote:
The site blocks access from outside of Russia.
Yes, you need RU proxy to read the original documents. But you can use
your favorite search engine to find "FSB notification" articles in English.
Example:
http://www.mintest-russia.com/news/russia-i
On ma, 05 syys 2022, Vitaly Zaitsev via devel wrote:
On 05/09/2022 14:58, Dominik 'Rathann' Mierzejewski wrote:
Do you have any references to articles of law or other regulations?
Sorry, but this sounds so absurd I can't just take your word for it.
Sure (in Russian, use Google Translate):
- h
On 05/09/2022 14:58, Dominik 'Rathann' Mierzejewski wrote:
Do you have any references to articles of law or other regulations?
Sorry, but this sounds so absurd I can't just take your word for it.
Sure (in Russian, use Google Translate):
- http://clsz.fsb.ru/clsz/in-out.htm
- http://clsz.fsb.ru
On Mon, Sep 5, 2022 at 4:09 PM Miro Hrončok wrote:
>
> On 05. 09. 22 14:07, Sérgio Basto wrote:
> >
> > fortune-mod says "Orphaned for: Orphaned by releng" , which user was
> > considered unresponsive ?
> > Where I can find the tickets of unresponsive maintainer ?
>
> $ koji list-history --packag
On 05. 09. 22 14:07, Sérgio Basto wrote:
fortune-mod says "Orphaned for: Orphaned by releng" , which user was
considered unresponsive ?
Where I can find the tickets of unresponsive maintainer ?
$ koji list-history --package=fortune-mod
...
Mon Sep 5 07:11:28 2022 package owner changed for fo
Hi,
As I did those updates..
On Friday, 2022-09-02 17:49:57 +, Mattia Verga via devel wrote:
> Here we go again: thunderbird 102 update was submitted to F36.
Actually we already had 102.2.0 a week before on 2022-08-23 with
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ddee3eb27c for f
Hi Dan,
On Mon, 05 Sep 2022 14:18:05 +0200,
Dan Čermák wrote:
> "Neal H. Walfield" writes:
> As Sequoia is written in Rust, what is your RISCV story? Fedora is (at
> least that's my impression) a quite popular choice for RISCV boards, so
> rpm working on RISCV would be crucial for us staying rele
On Monday, 05 September 2022 at 12:40, Vitaly Zaitsev via devel wrote:
> On 05/09/2022 10:13, Dominik 'Rathann' Mierzejewski wrote:
> > Wait, what? Which countries are 2FA token illegal in?
>
> Russia, China and all countries from the US export banlist.
Do you have any references to articles of l
On Mon, Sep 5, 2022 at 2:18 PM Dan Čermák
wrote:
>
> Hi Neal,
>
> "Neal H. Walfield" writes:
>
> > Hi all,
> >
> > rpm 4.18 is on the horizon and includes a new OpenPGP backend based on
> > Sequoia PGP.
> >
> > https://rpm.org/wiki/Releases/4.18.0
> > https://sequoia-pgp.org/
> >
> > Thanks t
On Mon, 05 Sep 2022 10:12:23 +0200,
Alexander Sosedkin wrote:
> Mind the
> https://docs.fedoraproject.org/en-US/packaging-guidelines/CryptoPolicies
>
> Will we need to introduce a configuration mechanism to limit algorithm
> selection in Sequoia PGP? Or just wait untl it switches to OpenSSL?
Good
I corrected a license declaration in perl-BSSolv package from
"GPL or Artistic" to "GPL-1.0-or-later OR Artistic-1.0-Perl".
-- Petr
signature.asc
Description: PGP signature
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an
OLD: Fedora-37-20220904.n.0
NEW: Fedora-37-20220905.n.0
= SUMMARY =
Added images:0
Dropped images: 0
Added packages: 0
Dropped packages:0
Upgraded packages: 0
Downgraded packages: 0
Size of added packages: 0 B
Size of dropped packages:0 B
Size of upgraded
Hi Neal,
"Neal H. Walfield" writes:
> Hi all,
>
> rpm 4.18 is on the horizon and includes a new OpenPGP backend based on
> Sequoia PGP.
>
> https://rpm.org/wiki/Releases/4.18.0
> https://sequoia-pgp.org/
>
> Thanks to Fabio Valentini (decathorpe) for packaging not only
> rpm-sequoia, but all
Hi Mattia,
We seem to be having the same conversation but with opposite
interpretations :) I'll try to clarify my comments below.
On Mon, Sep 5, 2022 at 9:25 AM Mattia Verga via devel <
devel@lists.fedoraproject.org> wrote:
> Il 05/09/22 08:59, Brian (bex) Exelbierd ha scritto:
>
>
>
> On Sat, S
fortune-mod says "Orphaned for: Orphaned by releng" , which user was
considered unresponsive ?
Where I can find the tickets of unresponsive maintainer ?
Thank you
On Mon, 2022-09-05 at 12:36 +0200, Miro Hrončok wrote:
> The following packages are orphaned and will be retired when they
> are
jwm-2.4.2 in Fedora-rawhide changed its license from GPLv2 to MIT
--
Ali Erdinc Koroglu
Linux OS Systems Engineering
-
Intel Finland Oy
Registered Address: PL 281, 00181 Helsinki
Business Identity Code: 0357606 - 4
Domiciled i
> > However, last this was discussed, the Fedora AAA system(s)
> > did not (yet?) support the full fido2/webauthn/passkey
> > functionality, so at this time such full integration is just a
> > dream(*).
>
> You don't have to be a provenpackager to be able to do serious damage;
> you just need to m
> tasksh orphan 0 weeks ago
Taken tasksh over to begin with. Co-maintainers welcome.
--
Thanks,
Regards,
Ankur Sinha "FranciscoD" (He / Him / His) |
https://fedoraproject.org/wiki/User:Ankursinha
Time zone: Europe/London
signature.asc
Descr
Hi Paul,
Thanks for your comments.
On Fri, 02 Sep 2022 20:21:21 +0200,
Paul Wouters wrote:
> On Fri, 2 Sep 2022, Neal H. Walfield wrote:
>
> > Note: Sequoia currently uses Nettle on Fedora, but there is ongoing
> > work to port it to Sequoia to OpenSSL:
>
> I think this should be considered a b
On 05/09/2022 10:33, Tommy Nguyen wrote:
I cannot think of any reason why 2FA would be illegal in any country
when TOTP is based on HMAC and by default uses SHA-1.
In some countries (eg. Russia, China) all cryptographic devices must be
certified by local government security service.
Further
On 05/09/2022 10:13, Dominik 'Rathann' Mierzejewski wrote:
Wait, what? Which countries are 2FA token illegal in?
Russia, China and all countries from the US export banlist.
--
Sincerely,
Vitaly Zaitsev (vit...@easycoding.org)
___
devel mailing list
The following packages are orphaned and will be retired when they
are orphaned for six weeks, unless someone adopts them. If you know for sure
that the package should be retired, please do so now with a proper reason:
https://fedoraproject.org/wiki/How_to_remove_a_package_at_end_of_life
Note: If
On 05. 09. 22 11:07, Vít Ondruch wrote:
Apart from that, I don't think that the pseudo-users or group ownership would
work. I saw a good amount of people giving the packages to some groups or
pseudo-users, but in turn, that meant there is nobody who would care about such
package.
+100
--
M
On Mon, Sep 05, 2022 at 08:33:40AM +, Tommy Nguyen wrote:
> On Mon, 2022-09-05 at 10:13 +0200, Dominik 'Rathann' Mierzejewski
> wrote:
> > Wait, what? Which countries are 2FA token illegal in?
> >
> > Regards,
> > Dominik
>
> I cannot think of any reason why 2FA would be illegal in any countr
Dne 03. 09. 22 v 22:28 Kevin Fenzi napsal(a):
On Sat, Sep 03, 2022 at 02:01:59PM +, Mattia Verga via devel wrote:
Il 26/08/22 07:17, David Tardon ha scritto:
Hi,
On Thu, 2022-08-25 at 11:04 +0300, Alexander Bokovoy wrote:
On to, 25 elo 2022, Miro Hrončok wrote:
We use the python-maint p
On Mon, Sep 5, 2022 at 10:55 AM Fabio Valentini wrote:
>
> On Mon, Sep 5, 2022 at 10:12 AM Alexander Sosedkin
> wrote:
> >
> > Quoting Neal H. Walfield (2022-09-02 16:31:18)
> > > rpm 4.18 is on the horizon and includes a new OpenPGP backend based on
> > > Sequoia PGP.
> > >
> > > https://rpm.
On Mon, Sep 5, 2022 at 10:12 AM Alexander Sosedkin wrote:
>
> Quoting Neal H. Walfield (2022-09-02 16:31:18)
> > rpm 4.18 is on the horizon and includes a new OpenPGP backend based on
> > Sequoia PGP.
> >
> > https://rpm.org/wiki/Releases/4.18.0
> > https://sequoia-pgp.org/
> >
> > Thanks to F
On Mon, 2022-09-05 at 10:13 +0200, Dominik 'Rathann' Mierzejewski
wrote:
> Wait, what? Which countries are 2FA token illegal in?
>
> Regards,
> Dominik
I cannot think of any reason why 2FA would be illegal in any country
when TOTP is based on HMAC and by default uses SHA-1.
Further if I may off
On Monday, 05 September 2022 at 09:16, Vitaly Zaitsev via devel wrote:
> On 04/09/2022 19:30, Michael Catanzaro wrote:
> > And anybody who isn't willing to buy a security key wouldn't be able to
> > contribute to Fedora at all.
>
> So, you want to ban all contributors from countries where such tok
Quoting Neal H. Walfield (2022-09-02 16:31:18)
> rpm 4.18 is on the horizon and includes a new OpenPGP backend based on
> Sequoia PGP.
>
> https://rpm.org/wiki/Releases/4.18.0
> https://sequoia-pgp.org/
>
> Thanks to Fabio Valentini (decathorpe) for packaging not only
> rpm-sequoia, but all of
Hi
I've put up python-qt6 for review:
https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=2124098
Happy to review in exchange.
Thanks
Sandro
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.f
Dear colleagues,
I'm going to push the updated version of OpenSSL to rawhide.
This version incorporates FIPS-related changes from RHEL 9.
A major change that may affect your applications in FIPS mode is limiting
the RSA encryption.
There are also minor tweaks limiting explicit curves support in a
Il 05/09/22 08:55, Douglas Kosovic ha scritto:
> On Sun, Sep 4, 2022 at 1:38 PM Mattia Verga wrote:
>> If anyone wants to have a look to what packages **may** be orphaned
>> when those users are removed from the packager group, I've set up a
>> script and uploaded the results here [1].
>>
>> Do not
Il 05/09/22 08:59, Brian (bex) Exelbierd ha scritto:
> On Sat, Sep 3, 2022 at 9:24 PM Adam Williamson
> wrote:
>
>> On Thu, 2022-08-18 at 17:28 -0400, Ben Cotton wrote:
>>> Hello everyone!
>>>
>>> I just completed the first run of FESCo's newly approved Inactive
>>> Packager Policy[1]. Packagers
On 04/09/2022 19:30, Michael Catanzaro wrote:
And anybody who isn't willing to buy a security key wouldn't be able to
contribute to Fedora at all.
So, you want to ban all contributors from countries where such tokens
are prohibited, am I right? Strongly -1.
--
Sincerely,
Vitaly Zaitsev (vi
On Sat, Sep 3, 2022 at 9:24 PM Adam Williamson
wrote:
> On Thu, 2022-08-18 at 17:28 -0400, Ben Cotton wrote:
> > Hello everyone!
> >
> > I just completed the first run of FESCo's newly approved Inactive
> > Packager Policy[1]. Packagers that have been identified as inactive
> > have a ticket in t
64 matches
Mail list logo
