Re: CVE-2021-4034: why is pkexec still a thing?

Hello, po 31. 1. 2022 v 18:13 odesílatel Steve Grubb napsal: > On Monday, January 31, 2022 5:36:24 AM EST Lennart Poettering wrote: > > On Fr, 28.01.22 18:16, Sam Varshavchik (mr...@courier-mta.com) wrote: > > > > I vehemently disagree. The thing with setuid/setgid is that the > > invoked privile

Re: CVE-2021-4034: why is pkexec still a thing?

po 31. 1. 2022 v 13:49 odesílatel Sam Varshavchik napsal: > And in both cases, the issue is the nature of the actual bug in the > exploitable program, and not anything else. Suid is just a scapegoat. I mean, this exact vulnerability is a counterexample. The input to pkexec is approximately (inv

Re: Preventing supply chain attacks via rekor

Hello, pá 11. 6. 2021 v 20:23 odesílatel Luke Hinds napsal: > On Fri, Jun 11, 2021 at 7:01 PM Miloslav Trmac wrote: > >> pá 11. 6. 2021 v 18:54 odesílatel Luke Hinds napsal: >> >>> Why is this useful? You get a timestamped / tamper resistance record of >>&

Re: Preventing supply chain attacks via rekor

Hello, pá 11. 6. 2021 v 18:54 odesílatel Luke Hinds napsal: > Why is this useful? You get a timestamped / tamper resistance record of > all signing events. This is very useful for understanding the exact blast > radius of a key compromise and monitoring for suspicious events. Most of > the time y

Re: Orphaned perl-IPTables-ChainMgr and perl-IPTables-Parse

Hello, 2018-01-18 15:06 GMT+01:00 Robert-André Mauchin : > On jeudi 18 janvier 2018 14:31:17 CET Miloslav Trmac wrote: > > I have orphaned perl-IPTables-ChainMgr and perl-IPTables-Parse . > > I need perl-IPTables-ChainMgr for a package that is currently being > reviewed >

Orphaned perl-IPTables-ChainMgr and perl-IPTables-Parse

Hello, I have orphaned perl-IPTables-ChainMgr and perl-IPTables-Parse . Mirek ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org

Orphaned perl-Net-Ping-External, perl-Net-RawIP, python-4Suite-XML

Hello, I have orphaned: - perl-Net-Ping-External (no in-Fedora users it seems) - perl-Net-RawIP (used by sqlninja) - python-4Suite-XML (used by python-amara and testoob) Feel free to take them over. Mirek ___ devel mailing list -- devel@list

Re: F27 System Wide Change: Rsyslog log format change proposal

2017-06-13 13:54 GMT+02:00 Roman Pavelka : > > It does not inspire confidence that the person(s) proposing this Change > understand the potential fallout. > ... > > what packages in Fedora parse the rsyslog output and make sure that they > are capable of handling the change. > > Everyone is free

Re: Fedora Ring 0 definition

2015-09-14 23:10 GMT+02:00 Brendan Conoboy : > AFAICS somehow the goals and means have gotten confused, and we are >> trying to find goals that would make sense in a specific >> implementation method; that’s completely backwards. >> > > Let’s think about the/produced artifacts/, whatever that is

Re: Fedora Ring 0 definition

2015-09-15 15:48 GMT+02:00 Brendan Conoboy : > On 09/14/2015 11:40 PM, Miroslav Suchy wrote: > >> Dne 14.9.2015 v 23:10 Brendan Conoboy napsal(a): >> >>> /Then/ we could start thinking about /truly minimal/ concepts, perhaps “container minimal” = “the minimal set needed to start and run

Re: Fedora Ring 0 definition

2015-09-07 15:42 GMT+02:00 Ian Malone : > On 7 September 2015 at 13:21, Miloslav Trmac wrote: > > Also, it seems to me that it would be useful to, at least conceptually, > to > > not think about Fedora as a self-hosting perpetual motion^Wrecompilation > > machine, b

Re: Fedora Ring 0 definition

2015-09-02 23:24 GMT+02:00 Brendan Conoboy : > [blc] > >> 5. Ring membership is at the source package level, not the binary > >> package. If one source package's binary/noarch sub-package is in ring > >> 0, all sub-packages are in ring 0. > > [simo] > > Can you elaborate more on this point (5) ?

rpms/perl-Net-RawIP/devel perl-Net-RawIP.spec,1.5,1.6

Author: mitr Update of /cvs/pkgs/rpms/perl-Net-RawIP/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv19442 Modified Files: perl-Net-RawIP.spec Log Message: * Thu Mar 4 2010 Miloslav Trmač - 0.25-4 - Filter out bogus Provides: RawIP.so - Drop no longer required references to

rpms/perl-Net-Ping-External/devel perl-Net-Ping-External.spec, 1.4, 1.5

Author: mitr Update of /cvs/pkgs/rpms/perl-Net-Ping-External/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17413 Modified Files: perl-Net-Ping-External.spec Log Message: Drop no longer required references to BuildRoot Index: perl-Net-Ping-External.spec ===

rpms/perl-IPTables-Parse/devel perl-IPTables-Parse.spec,1.6,1.7

Author: mitr Update of /cvs/pkgs/rpms/perl-IPTables-Parse/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17256 Modified Files: perl-IPTables-Parse.spec Log Message: Drop no longer required references to BuildRoot Index: perl-IPTables-Parse.spec

rpms/perl-IPTables-ChainMgr/devel perl-IPTables-ChainMgr.spec, 1.6, 1.7

Author: mitr Update of /cvs/pkgs/rpms/perl-IPTables-ChainMgr/devel In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv17158 Modified Files: perl-IPTables-ChainMgr.spec Log Message: - Drop no longer required references to BuildRoot Index: perl-IPTables-ChainMgr.spec =