Fedora rawhide compose report: 20230119.n.1 changes

OLD: Fedora-Rawhide-20230118.n.0 NEW: Fedora-Rawhide-20230119.n.1 = SUMMARY = Added images:2 Dropped images: 7 Added packages: 12 Dropped packages:3 Upgraded packages: 163 Downgraded packages: 0 Size of added packages: 6.73 MiB Size of dropped packages:772

Re: List of long term FTBFS packages to be retired in February​

On Wed, Jan 18, 2023 at 5:58 AM Miro Hrončok wrote: > Based on the current fail to build from source policy, the following packages > should be retired from Fedora 38 approximately one week before branching. [snip] > maven-scm mizdebsk, trawets For those

[Test-Announce] 2023-01-23 @ 16:00 UTC - Fedora QA Meeting

# Fedora Quality Assurance Meeting # Date: 2023-01-23 # Time: 16:00 UTC (https://fedoraproject.org/wiki/Infrastructure/UTCHowto) # Location: #fedora-meeting on irc.libera.chat Greetings testers! It's time for the first meeting of 2023! Let's check in and see how everything's going. If anyone has

Re: Rawhide updates stuck for the past ~4 hours?

On Fri, 2023-01-20 at 22:44 +0100, Miro Hrončok wrote: > My Rawhide Bodhi updates are stuck in pending, so I've checked > > https://bodhi.fedoraproject.org/updates/?releases=F38 > > and it seems that everything created after 2023-01-20 17:35 UTC is > stuck. > > Is this a natural slowdown due to

Rawhide updates stuck for the past ~4 hours?

My Rawhide Bodhi updates are stuck in pending, so I've checked https://bodhi.fedoraproject.org/updates/?releases=F38 and it seems that everything created after 2023-01-20 17:35 UTC is stuck. Is this a natural slowdown due to the mass rebuild or is something broken? -- Miro Hrončok -- Phone: +4

Re: When to close CVE's

On Fri, Jan 20, 2023 at 2:29 PM Demi Marie Obenour wrote: > > My general rule is that a security fix is worth backporting a SONAME change > for, if there is no way to backport the patch. > In this case all the Fedora branches are recent enough but EL 7 and EL 8 are not and are impractical to fix

Re: When to close CVE's

On 1/20/23 10:48, Richard Shaw wrote: > On Fri, Jan 20, 2023 at 9:22 AM Gary Buhrmaster > wrote: > >> On Fri, Jan 20, 2023 at 1:54 PM Richard Shaw wrote: >>> >>> So is it when a build is complete in Rawhide? Or must *ALL* active >> releases get the "fix"? >>> >> >> I am not sure it is official p

SPDX office hours - Second Session

Hello. The owners of SPDX Change proposal want to have this Change as smooth as possible. And we decided to setup Office hours. Do you have any questions about SPDX migration? Do you hesitate about what steps you should take? How to proceed with your package? We will do our best to help you. Th

Re: When to close CVE's

On Fri, Jan 20, 2023 at 4:47 PM Gary Buhrmaster wrote: > such as yourself are contentious about > doing the right thing). Obviously that word should have been conscientious (I hate autocorrect). ___ devel mailing list -- devel@lists.fedoraproject.org T

Re: Improving Fedora boot time when libvirt is installed

On Thu, Jan 19, 2023, at 11:53 AM, Gordon Messmer wrote: > On 2023-01-19 00:55, Lennart Poettering wrote: >> >> What you could do is split up the problem: have iscsi-starter.service >> or so, that is separate from the iscsi.service main service. The >> former's job would be to scan if iscsi volum

Re: When to close CVE's

On Fri, Jan 20, 2023 at 4:53 PM Kevin P. Fleming wrote: > Small clarification: where you wrote 'component' you meant 'product' :-) > BZ has both Products and Components, forming two levels. RHEL 7/8/9 are > Products, on the same level as Fedora. Thanks. I suppose I should have actually checked

Re: New WASM related mailing list

>> as there has been an interest in creating WASM SIG, I moved on with it. >> >> You can already join our mailing list: wasm-...@lists.fedoraproject.org Thanks for the malling list! I just wanted to share the page to subscribe to the WASM SIG. https://lists.fedoraproject.org/admin/lists/wasm-sig.

Re: When to close CVE's

On 1/20/23 11:47, Gary Buhrmaster wrote: I agree, and that seems to be an artifact of the single Fedora component in RHBZ, which treats Fedora as one thing. I supposed (in theory again) that there could be a master bugzilla for the CVE which depends on child bugzillas for each impacted Fedora re

Re: When to close CVE's

On Fri, Jan 20, 2023 at 3:48 PM Richard Shaw wrote: > I think in practical terms that makes sense but our tools don't really help. I agree, and that seems to be an artifact of the single Fedora component in RHBZ, which treats Fedora as one thing. I supposed (in theory again) that there could be

Re: When to close CVE's

On Fri, Jan 20, 2023 at 9:22 AM Gary Buhrmaster wrote: > On Fri, Jan 20, 2023 at 1:54 PM Richard Shaw wrote: > > > > So is it when a build is complete in Rawhide? Or must *ALL* active > releases get the "fix"? > > > > I am not sure it is official policy/practice, but in > theory I would think th

Re: New WASM related mailing list

On Thu, Jan 19, 2023 at 6:23 PM Zuzana Svetlikova wrote: > > Hi all, > > as there has been an interest in creating WASM SIG, I moved on with it. > > You can already join our mailing list: wasm-...@lists.fedoraproject.org Thanks for the malling list! I just wanted to share the page to subscribe

Re: When to close CVE's

On Fri, Jan 20, 2023 at 1:54 PM Richard Shaw wrote: > > So is it when a build is complete in Rawhide? Or must *ALL* active releases > get the "fix"? > I am not sure it is official policy/practice, but in theory I would think that the CVE is technically closed when all impacted Fedora releases ge

Re: When to close CVE's

On Fri, Jan 20, 2023 at 8:54 AM Richard Shaw wrote: > > So is it when a build is complete in Rawhide? Or must *ALL* active releases > get the "fix"? > It depends on the severity of the CVE. For High severity ones it makes sense to fix in all active releases, less so for Medium/Low CVEs. hth S

When to close CVE's

So is it when a build is complete in Rawhide? Or must *ALL* active releases get the "fix"? Thanks, Richard ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct:

Re: Web Assembly on Fedora: interested in a Fedora SIG to work on this?

I am happy to join the group Now. I have a limited time, and more prioritized tasks in Fedora, but maybe I can help something for the SIG. -- Jun | He - Him | Timezone: UTC+1 or 2, Czech Republic See for the timezone. _