Bernd Edlinger <bernd.edlin...@hotmail.de> writes: > On 4/2/20 11:01 AM, Richard Sandiford wrote: >> Bernd Edlinger <bernd.edlin...@hotmail.de> writes: >>> On 4/1/20 8:51 AM, Bernd Edlinger wrote: >>>> On 3/26/20 4:27 PM, Bernd Edlinger wrote: >>>>> On 3/26/20 4:16 PM, Christopher Faylor wrote: >>>>>> >>>>>> marc.info is an independent site that is not associated with >>>>>> sourceware.org. We don't control it. If you have questions about their >>>>>> site then ask them. >>>>>> >>>>>> The mailing list software is all easily discernible by investigating >>>>>> email headers and via google but someone else answered your questions >>>>>> later in this thread. >>>>>> >>>>> >>>>> But don't you think that we change something in 6.3 to make them break. >>>>> like no longer sending updates, or something? >>>>> >>>>> Don't you have any idea what changed on our side? >>>>> >>>>> I mean what should I tell them they should do to fix that????? >>>>> >>>>> >>>> >>>> Ah, marc.info is fixed, it turned out that the messages were just >>>> Quarantined >>>> because due to the change in the ip adresses, mailing software etc. >>>> marc.info was under the impression that all these messages were just spam. >>>> >>>> That is what they told me: >>>> >>>> "For lists that often get spammed, we set up some silent header-checks >>>> so that mails that don't look like they came from the real listserver >>>> get quarrantined, and don't appear when viewing that list. >>>> >>>> Well, that can break when mailing list software changes - like when they >>>> switched away from ezmlm to Mailman. >>>> >>>> I've updated our filter check and un-quarrantined about 4500 mails to >>>> various gcc- lists that landed there this month." >>>> >>>> So indeed all our mailing list message are again on marc.info, >>>> I think when it can handle lkml it can handle gcc-patches as well. >>>> >>>> Many Thanks go to Hank Leininger who does a gread job with marc.info. >>>> >>>> >>>> Bernd. >>>> >>> >>> PS: I have a discovered a very serious problem with the mailing lists >>> that must be fixed by our overseers. >>> >>> That is the scubbed attachments. >>> >>> As an example please look at this one: >>> https://marc.info/?l=gdb-patches&m=158571308379946&w=2 >>> >>> >>> you see this: >>> >>> -------------- next part -------------- >>> A non-text attachment was scrubbed... >>> Name: 0001-Fix-range-end-handling-of-inlined-subroutines.patch >>> Type: text/x-patch >>> Size: 10992 bytes >>> Desc: not available >>> URL: >>> <http://sourceware.org/pipermail/gdb-patches/attachments/20200313/5158bb87/attachment.bin> >>> >>> So there are two serious problems here: >>> >>> 1. there is a single point of failure, if sourceware.org goes down the >>> attachment is lost. >>> >>> 2. since the url is http: a man in the middle can impersonate >>> sourceware.org and give you a >>> virus instead of my patch file. >>> It does not help that sourceware.org redirects the download to >>> https://sourceware.org/pipermail/gdb-patches/attachments/20200313/5158bb87/attachment.bin >>> an attacker will not be so polite to do that. >>> >>> >>> @overseeers: PLEASE STOP IMMEDIATELY THAT SCRUBBING >>> >>> can you act now, or do you need a CVE number first ? >> >> The overseers are reachable on: >> >> https://sourceware.org/mailman/listinfo/overseers >> >> Please keep the tone civil. I hope we never see the day where the GCC/ >> sourceware lists have to have a code of conduct, but if we did, I think >> some of the messages on this thread would have breached it. >> >> Thanks, >> Richard >> > Thanks, for reminding me. > > I do personally full-heatedly apologize, and regret what I said above. > > I am sorry if I made you feel bad. That was not the true intention of what > I said. > > > I asked Hank Leininger for clarification how mark.info subscribes the mails, > and what data he gets exactly from us. > > I am still waiting for his response, and let you know what he says. > > In the meantime, culd you please change http: to https:
Just in case: I'm not actually an overseer myself, but I can see how my message could give that impression. I think the request would be better sent to the overseers list, if you haven't already Sorry for the confusion :-) Richard
