On Thu, Apr 27, 2023 at 12:52 PM Neal H. Walfield wrote:
> A year and a half ago, I began working with Panu on using Sequoia as
> RPM's OpenPGP parser. I wrote up our journey from the initial
> analysis, to adding the code to RPM, and to getting it into Fedora 38
> (yay!) in a blog post. I'm men
On Wed, Feb 1, 2023 at 1:57 PM Milan Crha wrote:
> this is a query for an opinion and a best-practice experience for a
> case when a package needs to change its internal database format
> between versions, in an environment, which does not allow real
> migration, aka the app cannot read both forma
This broke dnf5 in ELN:
nothing provides libfmt.so.10()(64bit) needed by
libdnf5-plugin-actions-5.2.4.0-1.eln141.x86_64 from ELN-Extras
Not sure where to report such ELN issues to, so, please, dispatch accordingly.
On Tue, Jul 16, 2024 at 9:36 AM kefu chai wrote:
>
> Hi folks,
>
> fmt 11.0.1 upd
Did your testing include this update from yesterday?
https://bodhi.fedoraproject.org/updates/FEDORA-2024-1f014d035e
On Thu, Jul 18, 2024 at 3:26 PM Zbigniew Jędrzejewski-Szmek
wrote:
>
> Hi,
>
> We recently noticed in systemd upstream that sha1 signing is _not_
> failing in rawhide. And indeed, t
On Thu, Jul 18, 2024 at 3:26 PM Zbigniew Jędrzejewski-Szmek
wrote:
> We recently noticed in systemd upstream that sha1 signing is _not_
> failing in rawhide. And indeed, the default crypto policy has
> not been updated to disallow sha1 signatures in rawhide yet. If this
> is supposed to happen for
On Wed, Jul 24, 2024 at 12:33 AM Kevin Kofler via devel
wrote:
>
> Zbigniew Jędrzejewski-Szmek wrote:
> > #3244 Change: Retire Python 2.7
> > https://pagure.io/fesco/issue/3244
> > APPROVED (+8, 0, 0)
>
> This is going to break the build of a whole bunch of compatibility packages,
> which will in
Hello,
6 months ago, there's been a F38 blocker: https://pagure.io/fesco/issue/2960
Long story short:
RPM has moved to sequoia,
sequoia has started respecting crypto-policies,
Google repos have been signed with a 1024-bit DSA key,
Google Chrome was not installable => F38 blocker.
Back at the time,
On Tue, Sep 19, 2023 at 11:19 AM Alexander Sosedkin
wrote:
>
> Hello,
>
> 6 months ago, there's been a F38 blocker: https://pagure.io/fesco/issue/2960
> Long story short:
> RPM has moved to sequoia,
> sequoia has started respecting crypto-policies,
> Google repos hav
On Tue, Sep 19, 2023 at 12:44 PM Miroslav Suchý wrote:
>
> Dne 19. 09. 23 v 11:19 Alexander Sosedkin napsal(a):
> > Because of that, I'd like to revert that RPM policy relaxation
> > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/a12f7b20638be8f872ad1995c
On Tue, Sep 19, 2023 at 7:47 PM Kevin Fenzi wrote:
>
> On Tue, Sep 19, 2023 at 11:19:18AM +0200, Alexander Sosedkin wrote:
> > Hello,
> >
> > 6 months ago, there's been a F38 blocker: https://pagure.io/fesco/issue/2960
> > Long story short:
> > RPM has
On Tue, Sep 26, 2023 at 7:47 PM Peter Robinson wrote:
>
> On Tue, Sep 19, 2023 at 10:20 AM Alexander Sosedkin
> wrote:
> >
> > Hello,
> >
> > 6 months ago, there's been a F38 blocker: https://pagure.io/fesco/issue/2960
> > Long story short:
> >
On Tue, Sep 26, 2023 at 7:40 PM Kevin Kofler via devel
wrote:
>
> Alexander Sosedkin wrote:
> > Because of that, I'd like to revert that RPM policy relaxation
> > https://gitlab.com/redhat-crypto/fedora-crypto-policies/-/commit/a12f7b20638be8f872ad1995c7d2edce41c227b5
&
On Wed, Sep 27, 2023 at 2:38 PM Stephen Gallagher wrote:
>
> On Wed, Sep 27, 2023 at 7:06 AM Alexander Sosedkin
> wrote:
> ...
> > Feel free to strike down these proposals
> > using whatever mechanisms Fedora governance offers.
> > https://fedoraproject.org/wiki
On Tue, Sep 19, 2023 at 11:19 AM Alexander Sosedkin
wrote:
>
> Hello,
>
> 6 months ago, there's been a F38 blocker: https://pagure.io/fesco/issue/2960
> Long story short:
> RPM has moved to sequoia,
> sequoia has started respecting crypto-policies,
> Google repos hav
On Mon, Oct 16, 2023 at 8:55 AM josef radinger via devel
wrote:
> openssl1.1 reached EOS on recently (11th September 2023 I assume)
> https://www.openssl.org/blog/blog/2023/03/28/1.1.1-EOL/
>
> according to
> https://www.openssl.org/source/:
> ...
> The previous LTS version (the 1.1.1 series) is a
On Fri, Mar 8, 2024 at 5:19 PM Richard W.M. Jones wrote:
>
> For mingw-* packages we (sometimes) have a separate package from the
> native package, eg. libgcrypt vs mingw-libgcrypt. Therefore two
> different packages are sometimes built with the exact same sources.
>
> However I discovered copyin
On Wed, Aug 24, 2022 at 4:18 PM Vít Ondruch wrote:
>
> Alexander,
>
> Would you mind to comment on your intentions with:
>
> https://src.fedoraproject.org/rpms/crypto-policies/c/2f33ffcfa7192037f969c6a28e092aca767a1415?branch=rawhide
>
> which just landed in Fedora and broke Ruby test suite (even
On Wed, Aug 24, 2022 at 4:32 PM Fabio Valentini wrote:
>
> On Wed, Aug 24, 2022 at 4:28 PM Alexander Sosedkin
> wrote:
> >
> > On Wed, Aug 24, 2022 at 4:18 PM Vít Ondruch wrote:
> > >
> > > Alexander,
> > >
> > > Would you m
On Wed, Aug 24, 2022 at 4:33 PM Alexander Sosedkin wrote:
>
> On Wed, Aug 24, 2022 at 4:32 PM Fabio Valentini wrote:
> >
> > On Wed, Aug 24, 2022 at 4:28 PM Alexander Sosedkin
> > wrote:
> > >
> > > On Wed, Aug 24, 2022 at 4:18 PM Vít
On Fri, Aug 26, 2022 at 2:54 PM Stephen Gallagher wrote:
>
> On Thu, Aug 25, 2022 at 8:00 AM wrote:
> >
> > Dear all,
> >
> > You are kindly invited to the meeting:
> >ELN SIG on 2022-08-26 from 12:00:00 to 13:00:00 US/Eastern
> >At fedora-meet...@irc.libera.chat
> >
> > The meeting will
On Fri, Aug 26, 2022 at 4:06 PM Troy Dawson wrote:
> On Fri, Aug 26, 2022 at 6:55 AM Alexander Sosedkin
> wrote:
>> Not a full-blown meeting prompt,
>> but I recall complaining about `fipscheck` missing from ELN repositories,
>> and IIRC it was blocked on something th
On Fri, Aug 26, 2022 at 5:09 PM Stephen Gallagher wrote:
> On Fri, Aug 26, 2022 at 10:12 AM Alexander Sosedkin
> wrote:
> > On Fri, Aug 26, 2022 at 4:06 PM Troy Dawson wrote:
> > > On Fri, Aug 26, 2022 at 6:55 AM Alexander Sosedkin
> > > wrote:
> >
On Mon, Aug 29, 2022 at 10:48 PM Miro Hrončok wrote:
>
> On 29. 08. 22 20:30, Ben Cotton wrote:
> > https://fedoraproject.org/wiki/Changes/StrongCryptoSettings3Forewarning2
> >
> > == Summary ==
> >
> > Cryptographic policies will be tightened in Fedora ''38''-39,
> > SHA-1 signatures will no long
Quoting Neal H. Walfield (2022-09-02 16:31:18)
> rpm 4.18 is on the horizon and includes a new OpenPGP backend based on
> Sequoia PGP.
>
> https://rpm.org/wiki/Releases/4.18.0
> https://sequoia-pgp.org/
>
> Thanks to Fabio Valentini (decathorpe) for packaging not only
> rpm-sequoia, but all of
On Mon, Sep 5, 2022 at 10:55 AM Fabio Valentini wrote:
>
> On Mon, Sep 5, 2022 at 10:12 AM Alexander Sosedkin
> wrote:
> >
> > Quoting Neal H. Walfield (2022-09-02 16:31:18)
> > > rpm 4.18 is on the horizon and includes a new OpenPGP backend based on
> >
On Tue, Sep 13, 2022 at 7:35 PM Kevin Fenzi wrote:
>
> How about this:
>
> Drop the term 'jump scare' entirely. IMHO it just sounds bad.
I'm open for proposals on the wording. =)
> Rework the change so it's basically planning on making this change in
> f38.
That makes it closer than currently,
On Wed, Sep 14, 2022 at 6:40 PM Kevin Fenzi wrote:
>
> On Wed, Sep 14, 2022 at 11:45:16AM +0200, Alexander Sosedkin wrote:
> > On Tue, Sep 13, 2022 at 7:35 PM Kevin Fenzi wrote:
> > >
> > > How about this:
> > >
> > > Drop the term 'jump scare
On Wed, Oct 12, 2022 at 4:47 PM Stephen Smoogen wrote:
> On Wed, 12 Oct 2022 at 10:32, Kevin P. Fleming wrote:
>> On 10/12/22 08:59, Stephen Smoogen wrote:
>> > Maybe call it the Fedora Update Manager 'FUM' ?
>>
>> Unless we're going to call it RUM when it makes its way into RHEL, that
>> name ma
On Tue, Oct 25, 2022 at 5:09 PM Daniel P. Berrangé wrote:
> So this change is talking about a new GCC landing in Fedora 40.
>
> To avoid massive disruption to Fedora though, we need to be doing
> work way earlier than the Fedora 40 dev cycle though.
>
> Identifying all the places where autocon
On Tue, Oct 25, 2022 at 7:42 PM Florian Weimer wrote:
>
> * Alexander Sosedkin:
>
> > Since it's a build-time-only change,
> > can it be rolled out under controlled pressure like this?
> >
> > 1. every package explicitly opts out (with some macro in spe
On Fri, Nov 11, 2022 at 11:53 AM Petr Pisar wrote:
>
> V Thu, Nov 10, 2022 at 03:23:49PM -0500, Ben Cotton napsal(a):
> > https://fedoraproject.org/wiki/Changes/ReproducibleBuildsClampMtimes
> >
> > == Summary ==
> >
> > The `%clamp_mtime_to_source_date_epoch` RPM macro will be set to `1`.
> > Whe
On Fri, Nov 11, 2022 at 2:03 PM Florian Weimer wrote:
>
> * Alexander Sosedkin:
>
> > On Fri, Nov 11, 2022 at 11:53 AM Petr Pisar wrote:
> >> An RPM package itself carry a build time in its RPM header.
> >> Are we also going to fake this time in the name of
On Fri, Nov 25, 2022 at 1:14 PM Richard W.M. Jones wrote:
>
> Hi Daiki & Frantisek,
>
> There's a new error that is appearing in the libnbd test suite when
> testing TLS-PSK. Regular TLS (with X.509 certs) works fine. It seems
> to have started since I upgraded the kernel on my machine from 5.19
On Wed, Mar 20, 2024 at 6:52 PM Ali Erdinc Koroglu
wrote:
>
>
>
> On 08/03/2024 22:37, Aoife Moloney wrote:
> > Wiki - https://fedoraproject.org/wiki/Changes/OpensslNoEngine
> >
> > This is a proposed Change for Fedora Linux.
> > This document represents a proposed Change. As part of the Changes
>
On Thu, Apr 4, 2024 at 8:00 PM Arnie T via devel
wrote:
>
> Hello Kevin,
>
> > I'm hopeful some things will come out of this as it's a chance for us to
> > look at our processes and improve them.
>
> I'm glad that's happening. It seems to me that improving those processes
> would be Distro decis
On Wed, May 22, 2024 at 4:34 PM Marius Schwarz wrote:
> ATM I'm upgrading a remote server from F38 to F39 via SSH login.
>
> The bash runs a screen, so if ssh or the network dies, the upgrade can
> continue.
>
> I just noticed that even if it keeps running, it's useless because
> openssl und opens
proposal will only be implemented if approved
> > by the Fedora Engineering Steering Committee.
> >
> > == Summary ==
> > OpenSSL will no longer trust cryptographic signatures using SHA-1 by
> > default, starting from Fedora 41.
> >
> > == Owner ==
> >
mented if approved
> > >by the Fedora Engineering Steering Committee.
> > >
> > >== Summary ==
> > >OpenSSL will no longer trust cryptographic signatures using SHA-1 by
> > >default, starting from Fedora 41.
> > >
> > >== Owner ==
>
On Mon, May 30, 2022 at 10:34 PM Garry T. Williams wrote:
>
> On Friday, April 29, 2022 5:49:05 PM EDT Ben Cotton wrote:
> > Cryptographic policies will be tightened in Fedora 38-39,
> > SHA-1 signatures will no longer be trusted by default.
> > Fedora 37 specifically doesn't come with any change
On Tue, May 31, 2022 at 12:28 PM Vitaly Zaitsev via devel
wrote:
> On 31/05/2022 10:21, Petr Pisar wrote:
> > Not in current F37 FUTURE policy the user tested.
>
> Yes. If the new F37 cryptographic policy considers RSA-2048 to be weak,
> it should be reverted.
The actual proposal is in the OP.
N
On Tue, May 31, 2022 at 3:45 PM Petr Pisar wrote:
>
> V Tue, May 31, 2022 at 02:56:56PM +0200, Alexander Sosedkin napsal(a):
> > On Tue, May 31, 2022 at 12:28 PM Vitaly Zaitsev via devel
> > wrote:
> > > On 31/05/2022 10:21, Petr Pisar wrote:
> > > > No
On Tue, May 31, 2022 at 4:09 PM Petr Pisar wrote:
>
> V Tue, May 31, 2022 at 03:51:26PM +0200, Alexander Sosedkin napsal(a):
> > On Tue, May 31, 2022 at 3:45 PM Petr Pisar wrote:
> > >
> > > V Tue, May 31, 2022 at 02:56:56PM +0200, Alexander Sosedkin napsal(a):
>
On Mon, Jun 6, 2022 at 12:03 PM Bojan Smojver via devel
wrote:
>
> Before I open a bug on this, the latest firefox/nss software that is in F36 -
> is it not accepting SSL certificates without matching subjectAlternativeName
> on purpose?
>
> I still have to complete more tests, but it seems that
Quoting Marián Konček (2022-06-29 10:26:13)
> I recently discovered this project:
> https://github.com/astrada/google-drive-ocamlfuse
>
> Supposedly it makes it possible to mount google drive as a filesystem
> using fuse.
Not to devalue the request, but this requirement alone
should be covered by
Quoting Kevin Kofler via devel (2022-06-30 13:16:55)
> Clemens Lang wrote:
> > I hope you’re not suggesting we keep the defaults insecure because there
> > are some institutions out there that don’t support modern standards.
>
> Sorry, but I am.
> The defaults need to work out there in the real wor
Quoting Kevin Kofler via devel (2022-06-30 14:15:04)
> You are making two doubtful assumptions:
>
> 1. That the users will bother reporting their issues to the server
> administrators at all. I would expect them to just blame Fedora for it and
> move to a different operating system that just works,
On Thu, Aug 18, 2022 at 1:45 PM Yann Droneaud wrote:
> I've noticed ca-certificates package was updated recently, and went looking
> at the changes, and I have some questions.
Not Bob Relyea, but I'll try to answer to the best of my knowledge:
> The first issue is what certdata.txt was used ? It
On Wed, Dec 8, 2021 at 6:10 PM Björn Persson wrote:
>
> Chris Adams wrote:
> > Once upon a time, Björn Persson said:
> > > Chris Adams wrote:
> > > > If the admin has done one thing to lock down the system, then they can
> > > > do another (removing the sulogin --force addition).
> > >
> > > How
On Mon, Jan 10, 2022 at 5:20 PM David Cantrell wrote:
>
> On Wed, Dec 29, 2021 at 10:01:57AM -0500, Ben Cotton wrote:
> >https://fedoraproject.org/wiki/Changes/RelocateRPMToUsr
> >
> >== Summary ==
> >Currently, the RPM databases is located in `/var`. Let's move it to
> >`/usr`. The move is alread
On Tue, Jan 11, 2022 at 6:04 PM Yaakov Selkowitz wrote:
>
> On Tue, 2022-01-11 at 11:58 -0500, Christopher wrote:
> > Hi,
> >
> > Today, I received an email from f...@fedoraproject.org with the subject
> > line "Fedora Account System: please verify your Bugzilla email
> > address". This email has
On Wed, Feb 16, 2022 at 10:00 PM Diego Herrera wrote:
>
> Hi. I was checking if the scrcpy software [1] could get packaged, but to
> continue I need to know how to package an APK package file. For context, this
> project consists on a Linux client and an Android server app that is uploaded
> as
Hello, community, I need your wisdom for planning a disruptive change.
Fedora 28 had https://fedoraproject.org/wiki/Changes/StrongCryptoSettings
Fedora 33 had https://fedoraproject.org/wiki/Changes/StrongCryptoSettings2
I believe we should start planning
for the next cryptographic defaults tighten
On Tue, Mar 8, 2022 at 8:52 PM Zbigniew Jędrzejewski-Szmek
wrote:
>
> On Tue, Mar 08, 2022 at 07:40:15PM +0100, Alexander Sosedkin wrote:
> > the only realistic way to weed out its reliance on SHA-1 signatures
> > from all of its numerous dark corners is to break them.
>
On Wed, Mar 9, 2022 at 10:20 AM Daniel P. Berrangé wrote:
>
> On Tue, Mar 08, 2022 at 07:40:15PM +0100, Alexander Sosedkin wrote:
> > We've been disabling it in TLS, but its usage is much wider than TLS.
> > The next agonizing step is to restrict its usage for signatures
&
On Wed, Mar 9, 2022 at 10:57 AM Daniel P. Berrangé wrote:
>
> On Wed, Mar 09, 2022 at 10:46:21AM +0100, Alexander Sosedkin wrote:
> > On Wed, Mar 9, 2022 at 10:20 AM Daniel P. Berrangé
> > wrote:
> > >
> > > On Tue, Mar 08, 2022 at 07:40:15PM +0100, Alexande
On Wed, Mar 9, 2022 at 2:47 PM Richard W.M. Jones wrote:
>
> Previous tightening of crypto defaults caused problems with us
> connecting to older ssh servers.
>
> I am particularly interested / worried about sshd from RHEL 5, 6 & 7
> for virt-p2v and virt-v2v conversions. This broke before, requi
On Wed, Mar 9, 2022 at 4:40 PM Robbie Harwood wrote:
>
> Alexander Sosedkin writes:
>
> > Daniel P. Berrangé wrote:
> >
> >> Perhaps a useful first step is to just modify the three main
> >> crypto libs (gnutls, openssl, and nss) to send a scary warnihg
On Wed, Mar 9, 2022 at 6:22 PM Matthew Miller wrote:
>
> On Wed, Mar 09, 2022 at 12:14:28PM +0100, Alexander Sosedkin wrote:
> > I left my crystal ball at home today,
> > but I don't need it to say it'd be ~0 bugs filed if we log to syslog
> > and ~3 if
On Wed, Mar 9, 2022 at 7:05 PM Daniel P. Berrangé wrote:
>
> On Wed, Mar 09, 2022 at 06:45:49PM +0100, Alexander Sosedkin wrote:
> > On Wed, Mar 9, 2022 at 6:22 PM Matthew Miller
> > wrote:
> > >
> > > On Wed, Mar 09, 2022 at 12:14:28PM +0100, Alexander Sosed
On Wed, Mar 9, 2022 at 7:19 PM Daniel P. Berrangé wrote:
>
> On Wed, Mar 09, 2022 at 01:05:38PM -0500, Matthew Miller wrote:
> > On Wed, Mar 09, 2022 at 05:40:50PM +, Daniel P. Berrangé wrote:
> > > > But: maybe if we logged it _and_ had a tool people could run to
> > > > look specifically for
On Wed, Mar 16, 2022 at 3:47 PM Neal Becker wrote:
>
> Sorry if this is a duplicate message, previous one was held for moderation.
>
> $ fedpkg new-sources ~/Downloads/unuran-1.9.0.tar.gz
> Could not execute new_sources: Fail to upload files. Server returns status 403
>
> I haven't been active in
On Wed, Mar 23, 2022 at 12:51 AM Josh Boyer wrote:
>
> On Tue, Mar 8, 2022 at 1:40 PM Alexander Sosedkin
> wrote:
> >
> > Hello, community, I need your wisdom for planning a disruptive change.
> >
> > Fedora 28 had https://fedoraproject.org/wiki/Changes/Stron
On Tue, Mar 8, 2022 at 7:40 PM Alexander Sosedkin wrote:
>
> Hello, community, I need your wisdom for planning a disruptive change.
>
> Fedora 28 had https://fedoraproject.org/wiki/Changes/StrongCryptoSettings
> Fedora 33 had https://fedoraproject.org/wiki/Changes/StrongCryp
On Wed, Apr 6, 2022 at 1:00 PM Vít Ondruch wrote:
>
>
> Dne 08. 03. 22 v 19:40 Alexander Sosedkin napsal(a):
> > Hello, community, I need your wisdom for planning a disruptive change.
> >
> > Fedora 28 had https://fedoraproject.org/wiki/Changes/StrongCryptoSetti
On Thu, Apr 7, 2022 at 4:11 PM Stephen Gallagher wrote:
>
> On Thu, Apr 7, 2022 at 8:52 AM wrote:
> >
> > Dear all,
> >
> > You are kindly invited to the meeting:
> >ELN SIG on 2022-04-08 from 12:00:00 to 13:00:00 US/Eastern
> >At fedora-meet...@irc.libera.chat
> >
> > The meeting will be
On Thu, Apr 7, 2022 at 4:33 PM Alexander Sosedkin wrote:
>
> On Thu, Apr 7, 2022 at 4:11 PM Stephen Gallagher wrote:
> >
> > On Thu, Apr 7, 2022 at 8:52 AM wrote:
> > >
> > > Dear all,
> > >
> > > You are kindly invited to the meeting:
>
On Thu, Apr 7, 2022 at 9:06 PM Zbigniew Jędrzejewski-Szmek
wrote:
>
> On Tue, Mar 29, 2022 at 03:34:49PM -0700, Kevin Fenzi wrote:
> > On Tue, Mar 29, 2022 at 08:12:47PM +0200, Alexander Sosedkin wrote:
> > >
> > > "You know these lights in the theaters that go
Another status update for transparency purposes:
1. openssl-3.0.2-3 and crypto-policies-20220412-1.git97fe449
now distrust SHA-1 signatures in FUTURE policy or NO-SHA1 subpolicy.
Meaning that updating the packages and issuing
`update-crypto-policies --set FUTURE` /
`update-crypto-polic
On Thu, Apr 28, 2022 at 3:33 PM Gary Buhrmaster
wrote:
>
> On Wed, Apr 27, 2022 at 11:50 PM Adam Williamson
> wrote:
>
> > Could we consider, in future, posting a clarification for journalists
> > in flaming six-foot high letters (I exaggerate only slightly) at the
> > top of *every* proposed Cha
Another status update:
1. USDT/eBPF tracing turned out to be a fruitful logging approach.
Clemens Lang has kindly added USDT probes to the latest openssl builds,
traceable with a small tool [1] available from a copr [2].
Yes, this way it doesn't log into your face unpromptedly,
like st
On Sat, Apr 30, 2022 at 4:28 PM David Woodhouse wrote:
> On Fri, 2022-04-29 at 17:49 -0400, Ben Cotton wrote:
> > This document represents a proposed Change. As part of the Changes
> > process, proposals are publicly announced in order to receive
> > community feedback. This proposal will only be
On Mon, May 2, 2022 at 6:28 PM Robbie Harwood wrote:
>
> JT writes:
>
> >> IMO, there's a rather desperate need to be able to override the
> >> system-wide policy for individual processes, maybe via some sort of
> >> wrapper around one of the containerization technologies.
> >
> > Alternatively I
On Mon, May 2, 2022 at 7:18 PM Robbie Harwood wrote:
>
> Alexander Sosedkin writes:
>
> > crypto-policies' goal is to define system-wide *defaults*.
>
> Well, that's certainly part of it, but...
>
> "The purpose is to unify the crypto policies used by di
On Tue, May 3, 2022 at 1:20 PM Kevin Kofler via devel
wrote:
>
> Ian Pilcher wrote:
> > It sure feels like we're reaching the point where anyone who has to work
> > with any sort of older equipment or servers is going to to forced to
> > switch their entire system to the LEGACY policy, which seems
On Wed, May 4, 2022 at 12:43 AM David Woodhouse wrote:
>
> On Mon, 2022-05-02 at 19:33 +0200, Clemens Lang wrote:
> > This is the reason why the proposal contains extensive methods to test
> > whether things are going to break by modifying the crypto-policy or using
> > bpftrace. Unfortunately the
On Wed, May 4, 2022 at 12:52 PM Vít Ondruch wrote:
>
> Dne 04. 05. 22 v 9:32 Alexander Sosedkin napsal(a):
> > On Wed, May 4, 2022 at 12:43 AM David Woodhouse wrote:
> >> On Mon, 2022-05-02 at 19:33 +0200, Clemens Lang wrote:
> >>> This is the reason why the pr
On Tue, May 17, 2022 at 5:09 PM Daniel P. Berrangé wrote:
>
> On Tue, May 17, 2022 at 04:20:56PM +0200, Tomasz Torcz wrote:
> > On Tue, May 17, 2022 at 02:11:03PM +0200, Vitaly Zaitsev via devel wrote:
> > > > First - our burden. We ahve to certify each binary. This is quite long
> > > > and lengh
On Tue, Jun 29, 2021 at 3:38 PM Tomas Tomecek wrote:
> * Can you imagine maintaining Fedora's 30k+ packages in a single repo?
> Without some git-fetch magic it would be unbearable to perform a
> git-pull.
I cannot imagine *not* doing this, maintaining a distro
and preserving any sanity in the pro
On Sun, Aug 22, 2021 at 11:00 PM Chris Adams wrote:
>
> Once upon a time, Dan Čermák said:
> > #2659 Arbitration request: Crypto policy prevents VPN connections
> > https://pagure.io/fesco/issue/2659
>
> VPN requirements are a problem for increasing the encryption strength.
> I have to connect to
On Tue, Aug 24, 2021 at 12:07 AM Chris Adams wrote:
>
> Once upon a time, Alexander Sosedkin said:
> > Sure. Crypto-policies are there to give you control of what's enabled,
> > ideally what's enabled by default.
> >
> > 1) There's a blanket `update-c
On Tue, Aug 24, 2021 at 8:57 PM przemek klosowski via devel
wrote:
>
>
> On 8/23/21 5:49 AM, Alexander Sosedkin wrote:
> > Sure. Crypto-policies are there to give you control of what's enabled,
> > ideally what's enabled by default.
> >
> > 1) Ther
On Fri, Aug 27, 2021 at 6:28 PM przemek klosowski via devel
wrote:
>
>
> On 8/25/21 4:54 AM, Alexander Sosedkin wrote:
>
> It's not ideal if one obsolete website forces downgrading the security
> potentially for all the connections. I hope 5) is addressing that.
>
> T
On Thu, Oct 10, 2024 at 11:19 AM Marius Schwarz wrote:
> I checked Koji and there seems no build in process to fix this 0-Day
> exploitation in firefix
>
> https://www.mozilla.org/en-US/security/advisories/mfsa2024-51/
>
> The "News" about it is already out and exploited:
>
> Mozilla has revealed
On Tue, Apr 1, 2025 at 12:23 PM Daniel P. Berrangé wrote:
>
> On Tue, Apr 01, 2025 at 10:49:59AM +0200, Alexander Sosedkin wrote:
> > On Mon, Mar 31, 2025 at 9:31 PM Zbigniew Jędrzejewski-Szmek
> > wrote:
> > >
> > > On Mon, Mar 31, 2025 at 01:24:06PM +0200,
On Mon, Mar 31, 2025 at 9:31 PM Zbigniew Jędrzejewski-Szmek
wrote:
>
> On Mon, Mar 31, 2025 at 01:24:06PM +0200, Alexander Sosedkin wrote:
> > On Mon, Mar 31, 2025 at 12:56 PM Zbigniew Jędrzejewski-Szmek
> > Just one question: how would you make those git forges output st
On Tue, Apr 15, 2025 at 12:55 PM Zbigniew Jędrzejewski-Szmek
wrote:
> [I'm writing this on Colin's suggestion, to introduce more people to
> the discussion and hopefully get some new ideas how to solve the
> problem. Apologies for the length.]
>
> The problem: when packages have files owned by a u
On Fri, Apr 18, 2025 at 8:25 PM Zbigniew Jędrzejewski-Szmek
wrote:
>
> On Thu, Apr 17, 2025 at 06:52:43PM +0200, Alexander Sosedkin wrote:
> > The problem stems entirely from UIDs and GUDs being numbers
> > and not strings. I see this as a peculiarity of some of the filesyste
On Wed, Apr 30, 2025 at 2:13 PM John Whitington
wrote:
> (Per
> https://docs.fedoraproject.org/en-US/package-maintainers/Joining_the_Package_Maintainers/
> )
>
> For the past fifteen or so years, I've been writing a set of command line
> tools for processing PDF files. You can find them here:
>
On Thu, Mar 13, 2025 at 10:42 AM Dan Čermák
wrote:
>
> Panu Matilainen writes:
>
> > On 3/13/25 10:56 AM, Dan Čermák wrote:
> >> Aoife Moloney via devel-announce
> >> writes:
> >>
> >>> * This is the first version of rpm built as C++, so rpm gains a
> >>> runtime dependency on libstdc++.
> >>
>
On Mon, Mar 31, 2025 at 2:04 PM Daniel P. Berrangé wrote:
>
> On Mon, Mar 31, 2025 at 01:39:57PM +0200, Vitaly Zaitsev via devel wrote:
> > On 31/03/2025 12:53, Zbigniew Jędrzejewski-Szmek wrote:
> > > This is inspired by the discussion in "Reproducible Builds" mailing list,
> > > in particular [1
On Mon, Mar 31, 2025 at 12:56 PM Zbigniew Jędrzejewski-Szmek
wrote:
>
> tl;dr: change the Packaging Guidelines to recommend the raw "git
> archive" or equivalent over the upstream tarball produced using
> "make dist".
>
> This is inspired by the discussion in "Reproducible Builds" mailing list,
>
On Thu, May 29, 2025 at 1:51 PM Neal Gompa wrote:
>
> On Thu, May 29, 2025 at 7:28 AM Alexander Sosedkin
> wrote:
> >
> > On Thu, May 29, 2025 at 12:34 PM Neal Gompa wrote:
> > >
> > > On Thu, May 29, 2025 at 5:42 AM Alexander Sosedkin
> > > w
On Thu, May 29, 2025 at 12:34 PM Neal Gompa wrote:
>
> On Thu, May 29, 2025 at 5:42 AM Alexander Sosedkin
> wrote:
> >
> > On Thu, May 29, 2025 at 12:19 AM Neal Gompa wrote:
> > >
> > > On Wed, May 28, 2025 at 5:52 PM Chris Adams wrote:
> > &g
On Thu, May 29, 2025 at 12:19 AM Neal Gompa wrote:
>
> On Wed, May 28, 2025 at 5:52 PM Chris Adams wrote:
> >
> > Once upon a time, Michael Catanzaro said:
> > > On Wed, May 28 2025 at 03:19:49 PM -05:00:00, Chris Adams
> > > wrote:
> > > >So it's been another month and this still isn't resolve
On Fri, Jul 18, 2025 at 7:55 PM Florian Weimer wrote:
> * Charles-Antoine Couret:
> > Here, due to the method and the fact it can produce a percentage of
> > code reproduction by design, any developer using this tool can
> > produce, without noticing or knowing it, a copyright violation.
>
> You c
95 matches
Mail list logo
