list/devel@lists.fedoraproject.org
> Do not reply to spam, report it:
> https://pagure.io/fedora-infrastructure/new_issue
>
--
Regards,
Huzaifa Sidhpurwala
Senior Principal Product Security Engineer
AI security, safety and trustworthiness
--
__
On Mon, Sep 9, 2024 at 6:57 AM Alexander Ploumistos <
alex.ploumis...@gmail.com> wrote:
> Hello,
>
> On Mon, Sep 9, 2024 at 3:21 AM Huzaifa Sidhpurwala
> wrote:
> >
> > I can grant you co-maintainership of both these pkgs if you want.
>
> That would be much ap
s:
> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> Do not reply to spam, report it:
> https://pagure.io/fedora-infrastructure/new_issue
>
--
Regards,
Huzaifa Sidhpurwala
Senior Principal Product Security Engineer
AI security, safety and trustworthine
/rekor
--
Regards,
Huzaifa Sidhpurwala / Red Hat Product Security
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct:
https://docs.fedoraproject.org/en-US
I can do it, once its gets approved/included
On Thu, Jun 10, 2021 at 6:21 PM Neal Gompa wrote:
> On Mon, Jun 7, 2021 at 3:00 PM Ben Cotton wrote:
> >
> >
> https://fedoraproject.org/wiki/Changes/yescrypt_as_default_hashing_method_for_shadow
> >
> > == Summary ==
> > Make the yescrypt hashing me
I dont think creating 5 bugs per CVE is a correct statement here. We create one
bug per product per CVE.
So if fedora is affected with a node.js, we create one fedora tracker per CVE.
The tracker should block the CVE bug, so it should be easy to find. Also you
can search for bugs with SecurityT
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
>> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
>> List Archives:
>> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> ___________
&g
tion systems downtime. Not all of them may be applicable for
fedora users.
The above being said, i am ok with deferring lows, but please lets fix
or close others?
>
> Rich.
>
--
Huzaifa Sidhpurwala / Red Hat Product Security
___
deve
l to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/
sed on Jakub's suggestion i am also planning to remove to
fortify_source flag and keep others.
The plan is to start some where and each release work with glibc and
other teams so that we make more such security flags as default and also
work with packages which break due to inclusion of such
@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fe
>>
>> == Owner ==
>> * Name: [[User:huzaifas|Huzaifa Sidhpurwala]]
>> * Email: huzai...@redhat.com
>> * Release notes owner: huzai...@redhat.com
>>
>>
>> == Detailed Description ==
>> Currently GCC does not enable any security hardening flags by defau
ailure.
>>
>> Actually the default optflags already has -Wall (which includes
>> -Wformat) and -Werror=format-security which enables that warning
>> and turns on -Werror for it.
>
> I wonder why this change is suggesting to add the flags if they
> are already pr
edoraproject.org/wiki/Changes/HardenedCompiler
>>
>> == Summary ==
>> By Default enable a few security hardening flags which are used with GCC.
>>
>> == Owner ==
>> * Name: [[User:huzaifas|Huzaifa Sidhpurwala]]
>> * Email: huzai...@redhat.com
>> * Re
The intention is to add small number of secure
defaults to GCC for each release. I am open to add PIE by default
though, if you feel its not going to break large number of packages.
> PIE-by-default compilers are very common already, although there are
> many St
s this security related or can i nag about the FE-NEEDSPONSOR flag in
> wdune ?
>
This is related to https://pagure.io/fesco/issue/2090#comment-554987
--
Huzaifa Sidhpurwala / Red Hat Product Security Team
___
devel mailing list -- devel@lists.fedo
Hello,
Really nothing else to say here, apart from $SUBJECT.
Thanks!
--
Huzaifa Sidhpurwala / Red Hat Product Security Team
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
unter
> untrusted input, especially here where we are talking about importing
> external files! So those security issues absolutely MUST be fixed!
>
Heap-based buffer overflows are indeed serious and if there is a patch,
please apply it! Also no serious upstream will ignore these flaws,
On 09/05/2018 12:24 PM, Alexander Bokovoy wrote:
> On Wed, 05 Sep 2018, Huzaifa Sidhpurwala wrote:
>> Hi All,
>>
>> This is a gentle reminder for package maintainers to fix security bugs
>> in the packages they maintain. A complete list of open security flaws
&g
!
--
Huzaifa Sidhpurwala / Red Hat Product Security Team
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List
classification contains the
necessary details.
Please let me know if you need more information!
--
Huzaifa Sidhpurwala / Red Hat Product Security Team
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fe
On 08/01/2018 02:16 PM, Daniel P. Berrangé wrote:
> On Wed, Aug 01, 2018 at 10:40:20AM +0530, Huzaifa Sidhpurwala wrote:
>> On 07/31/2018 08:51 PM, Daniel P. Berrangé wrote:
>>
>>>
>>> Do we have any analysis showing what would be the fallout if we applied
>
On 08/01/2018 01:19 PM, Nikos Mavrogiannopoulos wrote:
> On Tue, 2018-07-31 at 09:09 +0530, Huzaifa Sidhpurwala wrote:
>> Hi All,
>>
>> I was asked to bring this issue[1] to the developer community before
>> FESCO makes a decision.
>>
>> In several instances
On 08/01/2018 01:41 PM, Daniel P. Berrangé wrote:
> On Wed, Aug 01, 2018 at 10:33:11AM +0530, Huzaifa Sidhpurwala wrote:
>> On 07/31/2018 08:33 PM, Rex Dieter wrote:
>>
>>>> 1. If a CRITICAL or IMPORTANT security issue is open against a package
>>>> in Fe
[2]
>> https://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&classification=Fedora&keywords=SecurityTracking%2C%20&keywords_type=allwords&list_id=9076731&order=changeddate%2Cpriority%2Cbug_id&product=Fedora&query_based_on=&query_format
On 07/31/2018 05:05 PM, Ondřej Lysoněk wrote:
> On 31.7.2018 05:39, Huzaifa Sidhpurwala wrote:
>> I would like to propose the following:
>>
>>
>> 1. If a CRITICAL or IMPORTANT security issue is open against a package
>> in Fedora-X and by the time X is E
package maintainer be doing it in
the first place?
>
> Regards,
> Daniel
>
--
Huzaifa Sidhpurwala / Red Hat Product Security Team
apt-cacher-ng
asterisk
async-http-client
binutils
bzr
chromium
connman
docker-distri
ase
already fixed them, so all that is required is to close the bug with an
approproate explanation.
--
Huzaifa Sidhpurwala / Red Hat Product Security Team
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.f
://bugzilla.redhat.com/buglist.cgi?bug_status=NEW&bug_status=ASSIGNED&classification=Fedora&keywords=SecurityTracking%2C%20&keywords_type=allwords&list_id=9076731&order=changeddate%2Cpriority%2Cbug_id&product=Fedora&query_based_on=&query_format=advanced
--
Huzaifa Sidhpur
d we can at least track the sessions through logind very
> precisely. However, X11 and the mount propagation breakage are
> real blockers to make this useful in the general case.
>
> This idea can only fly for very special systems where the
> propagation is irrelevant. It's
I will update both the components today.
Thanks!
- Original Message -
From: "Xose Vazquez Perez"
To: "Development discussions related to Fedora"
Sent: Monday, October 24, 2011 10:00:58 PM
Subject: usb-modeswitch/usb-modeswitch-data must be updated (hardware related)
https://bugzilla.re
On 07/25/2011 07:17 AM, Kevin Fenzi wrote:
> Do file a bug to alert the maintainer(s) that they should update and
> why.
taken care of this, sorry for the delay :)
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
> Is there a way to tell NM not to ask for a new password ever? Because I use a
> 63-symbol passphrase once set up on all the (two) machines so to forget about
> it.
Store the password in gnome-keyring-manager?
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org
Hi,
>If you're interested in - please reply,
>I'd like to start Wiki page and we can talked about more details
>etc.
Count me in :)
Regards,
Huzaifa Sidhpurwala
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
27;t upstreamed yet.
>
I dont think we should patch glibc, unless its upstream.
Looking at the thread at:
http://sources.redhat.com/ml/libc-alpha/2004-09/msg00109.html
it does not appear this patch would make it upstream though.
- --
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
GnuP
Hi Bernie,
Works for me, Since you are already a provenpackager i dont think you need
explicit cvs access on that package, so i would say go ahead
and thanks for doing it.
Regards,
Huzaifa Sidhpurwala.
- Original Message -
From: Bernie Innocenti
To: Huzaifa Sidhpurwala
Cc: Fedora
David Woodhouse wrote:
> On Wed, 2010-04-21 at 14:03 +0530, Huzaifa Sidhpurwala wrote:
>> I would rather patch the tcl script to use the binary in /usr/bin :)
>> Unless people thing otherwise.
>
> Why deviate from what upstream does, which is to use /usr/sbin?
>
Th
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
David Woodhouse wrote:
> On Wed, 2010-04-21 at 12:15 +0530, Huzaifa Sidhpurwala wrote:
>> So i split up usb_modeswitch into the main package and the data part,
>> now called usb_modeswitch and usb_modeswitch-data.
>>
>>
://admin.fedoraproject.org/updates/usb_modeswitch-1.1.2-1.fc12,usb_modeswitch-data-20100418-2.fc12
https://admin.fedoraproject.org/updates/usb_modeswitch-data-20100418-2.fc13,usb_modeswitch-1.1.2-1.fc13
--
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
GnuPG Fingerprint:
3A0F DAFB 9279 02ED
you think is the best option.
Thanks in advance.
- --
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
GnuPG Fingerprint:
3A0F DAFB 9279 02ED 273B FFE9 CC70 DCF2 DA5B DAE5
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Red Hat - http
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Huzaifa Sidhpurwala wrote:
Ah Sorry, scratch the last line please, an oversight :)
> I would suggest using libpcap-ng rather than libpcap if it works.
- --
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
GnuPG Fingerprint:
3A0F DAFB 9
; # setcap cap_net_raw,cap_net_admin+eip /usr/bin/dumpcap
> # setcap cap_net_raw,cap_net_admin+eip /usr/bin/tshark
>
> Suggestions? Ideas? Spec file patches?
>
> Any help is welcome.
>
> Radek
- --
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
GnuPG Fingerpri
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Rahul Sundaram wrote:
>
> Just to clarify, does ModemManager need to depend on usb_modeswitch?
>
It currently does not.
Dan,
I guess its not such a bad idea to make it depend?
> Rahul
- --
Regards,
Huzaifa Sidhpurwala, RHC
l path, used by dracut)
>>>> scponly (pretty important!)
>>>>
>>>>
>>> Trying to take scponly, I keep getting Request Failed.
>>>
>> Same here.
>>
>> Rahul
>> --
>> devel mailing list
>> devel@lists.fedoraproject.o
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi,
I have taken over the maintainership from Robert, and the new
usb_modeswitch rpms are in rawhide now.
Let me know if you guys need anything fixed on that :)
- --
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
IT Desktop R&D
e the
> merrier ;-)
>
yeah,
Since OpenVAS is a big stack, by the time we got some of the packages
reviewed, upstream had already released newer versions.
> Regards,
> Xavier
>
>
- --
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
GnuPG Fingerprint:
3A0F DAFB 9279 02E
as much as I am able.
>
I would like to co-maintain if its ok.
> Many thanks to all,
> -AdamM
>
- --
Regards,
Huzaifa Sidhpurwala, RHCE, CCNA (IRC: huzaifas)
GnuPG Fingerprint:
3A0F DAFB 9279 02ED 273B FFE9 CC70 DCF2 DA5B DAE5
-BEGIN PGP SIGNATURE-
Version: GnuP
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
> * firewalk -- Active reconnaissance network security tool
> * httptunnel -- Tunnels a data stream in HTTP requests
> * nikto -- Web server scanner
Taken these :)
>
- --
Regards,
Huzaifa Sidhpurwala, RHC
48 matches
Mail list logo
