On středa 20. listopadu 2024 8:16:40, středoevropský standardní čas Pavel Raiskup wrote: > On úterý 19. listopadu 2024 12:57:05, středoevropský standardní čas Barry > Scott via copr-devel wrote: > > You may want to see if there is anything to worry about > > from a report a security problem with copr. > > > > See > > https://discussion.fedoraproject.org/t/fedora-vulnerability-report/137495 > > Hello Barry, thank you for forwarding this. The report does not appear > to be security-related, as it is expected that users have (for RPM > builds necessary) full access to the Copr builder. However, I did > report [1] because it would be much better if we had some commit-ish > validation in place. > > [1] https://github.com/fedora-copr/copr/issues/3516
For the next time I enabled the vulnerability reporting feature on GitHub: https://github.com/fedora-copr/copr/security Pavel > Pavel > > > Barry > -- _______________________________________________ copr-devel mailing list -- copr-devel@lists.fedorahosted.org To unsubscribe send an email to copr-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/copr-devel@lists.fedorahosted.org Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
