On Thu, Jul 2, 2015 at 7:49 AM, Adam Jackson wrote:
>
> Since the change was
> done by changing the rpm build macros, I think we can conclude that the
> build macros aren't being applied. Granted, packages can disable the
> hardened build macros, but the packages I've called out above aren't
>
On Mon, Aug 17, 2015 at 7:42 AM, Adam Jackson wrote:
> On Sat, 2015-08-15 at 11:18 +, Fedora Rawhide Report wrote:
>> acl-2.2.52-10.fc24
>> --
>> * Fri Aug 14 2015 Adam Jackson 2.2.52-10
>> - Remove bizarre 12 year old libtool invocation workaround that prevented
>> hardened
dates testing)
I used to communicate previously on this List and on Bugzilla using the
email quickbooks.off...@gmail.com
Thanks.
-Moez Roy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/co
On Thu, Oct 9, 2014 at 2:52 PM, Orion Poplawski wrote:
>
> On 10/08/2014 11:41 PM, Moez Roy wrote:
> > Summary of changes:
> >
> > 58461a8... Rebuilt for https://fedoraproject.org/wiki/Changes/Python_3 (*)
> > 7ec9589... - Rebuilt for https://fedorap
Tripwire fails to build for F21 and Rawhide. Is there a proven
packager out there who has some spare time to submit a fix for this?
Relevant info:
https://bugzilla.redhat.com/show_bug.cgi?id=1107464
https://pkgs.fedoraproject.org/cgit/tripwire.git/
https://koji.fedoraproject.org/koji/taskinfo?t
Thanks. I committed the suggested change in epel7 branch (as I don't
have commit access on master / f21).
https://pkgs.fedoraproject.org/cgit/tripwire.git/commit/?h=epel7&id=107f956898d439b7d602438369d09fffe96547bf
And here is the scratch build:
https://koji.fedoraproject.org/koji/taskinfo?taskI
On Mon, Oct 20, 2014 at 11:28 AM, Richard Hughes wrote:
> On 20 October 2014 19:12, Josh Boyer wrote:
>> That's PackageKit-libs you're referring to.
>
> Right, the original quote was "uninstall anything in context of packagekit"
>
>> If you remove PackageKit
>> itself only the yum backend and gno
On Tue, Oct 28, 2014 at 10:50 AM, Robert Marcano
wrote:
> I created a new bug [1] that explains that ssmtp is sending all cron jobs
> output to an external SMTP server. I marked it as a security bug, the
> security tag was removed and it was recommend to make it public, something I
> can't do. I w
On Sun, Mar 1, 2015 at 5:16 PM, David Airlie wrote:
> So the rebuild to use hardened builds by default in rawhide, broke X.org.
>
> Thanks guys, my system is more secure, but I can't run any apps.
>
> Anyways enough snark from me, the problem seems to be that hardening
> makes bind now override RT
On Sun, Mar 1, 2015 at 10:31 PM, Christopher Meng wrote:
> Hi,
>
> I encountered this when I distro-synced my f21 non-product to rawhide
> and kernel updated to 4.0 in this morning.
>
> Now no matter which kernel the system runs under, all couldn't start
> X, with these in Xorg.0.log:
>
> Loading
On Mon, Mar 2, 2015 at 1:30 AM, Christopher Meng wrote:
> Ok, this time is vesa's problem:
>
> http://lists.x.org/archives/xorg/2015-February/057183.html
>
> But hardening breaks it indeed.
>
> --
>
> Yours sincerely,
> Christopher Meng
>
> http://cicku.me
https://bugzilla.redhat.com/show_bug.cgi
On Fri, Mar 6, 2015 at 2:01 PM, Jerry James wrote:
>
> Oops, sorry, got distracted. It is polymake. That package has
> multiple problems.
>
> First, it invokes undefined behavior in one bit of code. That
> happened to work out with gcc 4.x, but gcc 5.x compiles the code a bit
> differently, res
On Wed, Mar 11, 2015 at 8:28 AM, Jerry James wrote:
> Now, cddlib was rebuilt just before alpha freeze, so it has been built
> with the hardening flags. This morning, I tried to rebuild gfan after
> adding in $RPM_LD_FLAGS, so that it too would be built hardened. The
> link step fails on x86_64
When I set the target to f21 it fails on the test:
LP algorithm being used: "cddgmp".
gfan: polyhedralcone.cpp:604: IntegerVector
PolyhedralCone::getUniquePoint() const: Assertion
`containsRelatively(ret)' failed.
gfan: parser.cpp:438: PolynomialSetList
CharacterBasedParser::parsePolynomialSetList
On Thu, Mar 12, 2015 at 7:49 AM, Tom Hughes wrote:
> On 12/03/15 14:41, Adam Jackson wrote:
>>
>> On Thu, 2015-03-12 at 13:45 +, Petr Pisar wrote:
>>>
>>>
>>> However I can add my recent story: After hardening perl, loading a DSO
>>> by perl failed. I believe the reason was the DSO had an unde
'%undefine _hardened_build' to your spec file
would appreciate a comment above this line pointing to your bug (which
blocks the above tracking bug).
Thanks.
- Moez Roy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Con
On Thu, Mar 12, 2015 at 1:46 AM, Tom Hughes wrote:
> Does anybody have any clue what's going on here:
>
> https://kojipkgs.fedoraproject.org//work/tasks/8137/9208137/build.log
>
> It's an update to libdwarf, but the actual cause appears to be that it
> doesn't like the new hardened build options
On Thu, Mar 12, 2015 at 10:55 AM, Moez Roy wrote:
> On Thu, Mar 12, 2015 at 1:46 AM, Tom Hughes wrote:
>> Does anybody have any clue what's going on here:
>>
>> https://kojipkgs.fedoraproject.org//work/tasks/8137/9208137/build.log
>>
>> It's an updat
On Fri, Mar 13, 2015 at 12:34 AM, Nikos Mavrogiannopoulos
wrote:
> I think it is important to document what a hardened build means, in the
> change request as well as provide a pointer from the packaging
> guidelines. It's no much point mentioning hardened builds but no-one can
> find out what are
On Wed, Mar 18, 2015 at 6:54 AM, Nikos Mavrogiannopoulos
wrote:
> On Mon, 2015-03-16 at 10:57 +0100, Nikos Mavrogiannopoulos wrote:
>
>> > Am 16.03.2015 um 09:47 schrieb Nikos Mavrogiannopoulos:
>> > > What was the rationale of adding -z now to the hardening flags? Looking
>> > > its description d
On Wed, Mar 18, 2015 at 7:21 AM, Moez Roy wrote:
> On Wed, Mar 18, 2015 at 6:54 AM, Nikos Mavrogiannopoulos
> wrote:
>> On Mon, 2015-03-16 at 10:57 +0100, Nikos Mavrogiannopoulos wrote:
>>
>>> > Am 16.03.2015 um 09:47 schrieb Nikos Mavrogiannopoulos:
>>>
builds successfully:
https://koji.fedoraproject.org/koji/taskinfo?taskID=9276929
------
Regards,
Moez Roy
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Are there any tools to automatically report bugs upstream?
i.e. from RedHat's Bugzilla to upstream's bugzilla / github issues /
bug tracking software.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedorapr
On Wed, Apr 15, 2015 at 2:08 AM, Baoquan He wrote:
> Hi,
>
> I got this problem too on kexec-tools package building. Linker
> asked me to add "-fPIC" and recompile.
>
> So what is suggested to do?
>
> Turn it off or just make change as compiler/linker suggested?
>
> Thanks
> Baoquan
See:
https:/
Copying more than 500 MB crashes Fedora Live CD even though there is
sufficient RAM.
It doesn't matter how much RAM your system has, once you copy more
than 500 MB you will get stuff like "Input/output error" or just plain
crashes like "Segmentation fault".
Why does this happen?
--
devel mailing
On Thu, Apr 16, 2015 at 4:13 PM, Moez Roy wrote:
> Copying more than 500 MB crashes Fedora Live CD even though there is
> sufficient RAM.
>
> It doesn't matter how much RAM your system has, once you copy more
> than 500 MB you will get stuff like "Input/output error"
On Thu, Apr 9, 2015 at 11:37 PM, Timotheus Pokorra
wrote:
> Hello,
>
> this is my first post to this list. My name is Timotheus Pokorra, I am
> from Germany, and I am also interested to get an uptodate version of
> Mono into Fedora and later into CentOS or Epel.
> I am developing and deploying Ope
On Mon, May 4, 2015 at 4:02 AM, Juan Orti Alcaine
wrote:
> El 2015-05-04 11:02, Jan Kurik escribió:
>>
>> = Proposed System Wide Change: Mono 4 =
>> https://fedoraproject.org/wiki/Changes/Mono_4
>>
>> Change owner(s): Claudio Rodrigo Pereyra Diaz
>>
>>
>
> Thanks for pushing forward this change.
Mono is updated in Rawhide. Can a proven-packager run a script to
rebuild all the packages that require mono.
-Thanks.
--
devel mailing list
devel@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
On Tue, May 19, 2015 at 2:36 AM, Peter Robinson wrote:
> On Mon, May 18, 2015 at 4:52 AM, Moez Roy wrote:
>> Mono is updated in Rawhide. Can a proven-packager run a script to
>> rebuild all the packages that require mono.
>
> Most of these are now built, sadly because all th
On Thu, May 28, 2015 at 12:44 AM, Marcin Juszkiewicz
wrote:
> W dniu 28.05.2015 o 09:27, drago01 pisze:
>>>
>>> >Problem was with VirtualBox... so for some time I will have to deal
>>> > without
>>> >winxp vm (used from time to time for tools which are not wine friendly).
>
>
>> You could use Boxe
Hi Pavel Simerda,
The IPv6 updates are breaking stuff (and probably increasing the
attack surface):
Bug 1231946 - unbound-anchor ignores net.ipv6.conf.all.disable_ipv6=1
in /etc/sysctl.conf
https://bugzilla.redhat.com/show_bug.cgi?id=1231946
Bug 1251762 - dnssec-triggerd ignores net.ipv6.conf.al
On Tue, Nov 3, 2015 at 9:06 PM, Scott Schmit wrote:
> On Tue, Nov 03, 2015 at 09:50:53AM -0800, Moez Roy wrote:
>> The IPv6 updates are breaking stuff (and probably increasing the
>> attack surface):
>>
>> Bug 1231946 - unbound-anchor ignores net.ipv6.conf.al
I only want certain binaries to be allowed network access.
For example, I want to allow the below binaries access to the internet:
/usr/lib64/firefox/firefox
/usr/lib/virtualbox/VirtualBox
/bin/yum (it seems to be done via python like /usr/bin/python /bin/yum
update -- so here obviously python is
On Wed, Jan 7, 2015 at 5:30 AM, Josh Boyer
wrote:
>
> We just went over something very much like this for x86_64 packages
> with FESCo ticket 1113:
>
> https://fedorahosted.org/fesco/ticket/1113
>
> Could you perhaps review that and elaborate on the differences between
> that proposal and this on
I originally made a request to rel-eng here:
https://fedorahosted.org/rel-eng/ticket/6049 -
Long running packages in F21 that 'MUST enable the PIE compiler flags'
Here https://fedoraproject.org/wiki/Packaging:Guidelines#PIE it says
If your package meets any of the following criteria you MUST en
On Sat, Jan 10, 2015 at 6:12 PM, Richard W.M. Jones wrote:
>
> Does this proposal apply to native non-C/C++ programs?
>
> Rich.
>
I would like to see this proposal apply to native non-C/C++ programs,
but I am not sure on how that would be done?
Do the other compilers understand what needs to be
ImageMagick Unresponsive Maintainer process - hubbitus (Pavel Alexeev)
Sources were last updated 2016-01-06 13:43:26 -
https://koji.fedoraproject.org/koji/packageinfo?packageID=425
Since then there have been numerous security vulnerabilities including
ImageTragick.
I commented here:
https://bugz
On Mon, Jul 31, 2017 at 12:13 PM, Kevin Fenzi wrote:
> ok, I rebuilt the following ones. The ones with F next to them failed to
> build:
>
> autotrace-0.31.1-44.fc26.src.rpm
> converseen-0.9.6.2-1.fc27.src.rpm
> dmtx-utils-0.7.4-2.fc27.src.rpm
> drawtiming-0.7.1-20.fc26.src.rpm
> F gtatoo
de
more sense to just update it directly to v7 which has High Dynamic Range
Imaging by default and more Pixel channels.
-Moez Roy
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
On Mon, Sep 4, 2017 at 4:11 PM, Adam Williamson
wrote:
> On Mon, 2017-09-04 at 20:07 +0100, Sérgio Basto wrote:
> >
> > That is the point, how many package fail to build with ImageMagick7 ?
> > we "just" need change requires on FTBFS packages (with ImageMagick7)
>
> No it isn't the point. More th
41 matches
Mail list logo
