[Test-Announce] Fedora Packager for Eclipse Test Day tomorrow (2011-10-13)
Hey, everyone. It's that time again - there's a Test Day coming up tomorrow. This one's of particular interest to you devel list readers, so prick up your ears! https://fedoraproject.org/wiki/Test_Day:2011-10-13_Fedora_Packager_for_Eclipse The topic is the Fedora Packager for Eclipse plugin, which integrates Eclipse with the Fedora packaging workflow. It's a pretty neat tool and fun to play with even if you don't wind up sticking with it full time, so if you have a spare bit of time do come along and help with the test day - you'll probably enjoy yourself. The event will be happening in #fedora-test-day on IRC and all the instructions are on the Wiki page. Thanks, all. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net ___ test-announce mailing list test-annou...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/test-announce -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On 10/12/2011 07:44 PM, Kevin Fenzi wrote: QA: Q: I never uploaded a ssh key to the Fedora Account System, nor am I in a group that needs one, do I still have to upload a new one? A: No. If you don't have a ssh public key uploaded or desire to do so, you can just change your password. Please add to the FAQ: Q: I determined I don't really need keys to access Fedora infrastructure and want to move to password-only, can I just remove my key from the FAS? -- nicu :: http://nicubunu.ro :: http://nicubunu.blogspot.com/ -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Wed, Oct 12, 2011 at 1:37 PM, Przemek Klosowski przemek.klosow...@nist.gov wrote: Length beats out larger character set, which is nicely illustrated by the XKCD cartoon http://imgs.xkcd.com/comics/password_strength.png Be careful, that xkcd strip glosses over how that phrase was actually generated. If you just pick words or sentences out of your head, you could actually have dangerously little actual entropy in your passphrase. Do NOT actually use spaces in your passphrase, the space bar typically makes a distinctive sound so an eavesdropper can potentially figure out how many words are in your passphrase, and the length of each word, narrowing their search window... He's assigning 11 bits of entropy to each word, 2^11 = a word list 2048 words long, which corresponds with S/KEY: http://en.wikipedia.org/wiki/S/KEY There's also: http://en.wikipedia.org/wiki/Diceware http://en.wikipedia.org/wiki/Bubble_Babble http://en.wikipedia.org/wiki/Biometric_word_list Cryptographic security is all in the details, doing it even slightly wrong can completely destroy your security. Make sure to follow a proven strategy if you're going the passphrase route. Personally I've been generating passwords with pwgen -s 12 1, or for really important stuff (like online banking), pwgen -s 12 1. A different password for absolutely everything, all passwords are stored in a Revelation database protected by a REALLY long passphrase. I find its not that hard to remember a completely obscure 12-char password, after a day or two of frequent use, if you force yourself to actually type it in by hand rather than just cut-and-pasting from Revelation. Try just memorizing 2-4 chars at a time until you remember it all. I find I end up just consciously remembering the first 4 chars and muscle memory completes the rest... Also see: http://www.wired.com/politics/security/commentary/securitymatters/2007/01/72458 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Wed, Oct 12, 2011 at 12:48:57PM -0700, Adam Williamson wrote: Sure. However, if you have multiple keys with multiple passphrases, then it's extra work to compromise each key. Not true at all. If I keep my key(s) in a single location (a secure machine at my home), then either all keys in that location are secure or they've all been compromised. Someone with a rootkit on that machine can capture all of my keys and all of my passphrases. let's say you have an account on kernel.org and one on linux.com. It may make some kind of sense to your workflow for you to keep the private key you use to access linux.com in your home directory on kernel.org. If you do this, you're doing it wrong. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones virt-p2v converts physical machines to virtual machines. Boot with a live CD or over the network (PXE) and turn machines into Xen guests. http://et.redhat.com/~rjones/virt-p2v -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Wed, Oct 12, 2011 at 02:59:31PM -0500, Mike McGrath wrote: 2) We've found PRIVATE keys on our servers By all means educate these users with a large clue-stick. Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming blog: http://rwmj.wordpress.com Fedora now supports 80 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On 10/12/11 19:53, Adam Williamson wrote: On Wed, 2011-10-12 at 13:45 -0400, Simo Sorce wrote: I have no problem with changing the password, but leave my ssh keys alone, unless there is a real reason to ask people to change them. Reading between the lines of recent attacks, it seems likely that private keys compromised in some of the attacks were used to perform others. (No-one's come out and officially said this yet but it seems pretty obvious from the subtext of some of the reports; I'm thinking kernel.org / linux.com, for e.g.) It doesn't seem at all unlikely that some people may have used the same identities on some of the other compromised systems as they are using on FAS, and hence it seems pretty reasonable to require this change. I don't think so. People which have found their system compromised most likely already have replaced all the ssh keys - fine. People which have not been compromised can continue to use the old keys without problems. For people which are compromised but didn't notice (and thus still running a compromised system) the key change buys not much as the new keys likely will be compromised too. cheers, Gerd -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: VerifyHostKeyDNS, was Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Tomas Mraz tm...@redhat.com writes: And if this malicious DNS administrator controls the caching nameserver you're using for DNS queries, he can present you ANY data even 'valid' fake DNSSEC data. This is not generally true. Resolver libraries can (and should, IMHO) verify DNSSEC themselves. Otherwise DNSSEC is somewhat pointless, because it is precisely when you are stuck behind an untrusted Wifi gateway that you need DNSSEC the most. /Benny -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Wed, Oct 12, 2011 at 02:18:20PM -0600, Kevin Fenzi wrote: On Wed, 12 Oct 2011 22:13:11 +0200 Tomas Mraz tm...@redhat.com wrote: OK, but then you should not penalize also the people who keep their SSH private keys only on safe private computers. We're sorry if it's causing you inconvenience. We have no way at all to tell apart the groups of people who understand keys and crypto and best practices from the people who should read the docs and information and learn about them. If even just a few people learn and improve their practices, isn't it worth the small trouble to those that already understand? Not really. How is this going to change the behaviour of the people who don't use good practices? Rich. -- Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones Read my programming blog: http://rwmj.wordpress.com Fedora now supports 80 OCaml packages (the OPEN alternative to F#) http://cocan.org/getting_started_with_ocaml_on_red_hat_and_fedora -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Hi, Sure, ssh keys are much harder to compromise than passwords, but _assuming a compromise has happened_ the consequences of using a single key for everything are just as bad as using a single password for everything. One ssh key per project doesn't make sense at all to me. They all would be on my laptop, and in case it gets compromised the attacker can easily snatch all the keys. One ssh key per machine makes alot more sense. For outgoing ssh connections from -- say -- shell.fedoraproject.org I wouldn't just copy my private key from my laptop but generate a new one, then add it to authorized_keys where needed. That does (a) limit the access to the machines really needed instead of allowing ssh to every machine I'm ssh'ing to from my laptop and (b) doesn't compromise the keys used on my laptop in case shell.fedoraproject.org is hacked. cheers, Gerd -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: VerifyHostKeyDNS, was Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 2011-10-13 at 10:29 +0200, Benny Amorsen wrote: Tomas Mraz tm...@redhat.com writes: And if this malicious DNS administrator controls the caching nameserver you're using for DNS queries, he can present you ANY data even 'valid' fake DNSSEC data. This is not generally true. Resolver libraries can (and should, IMHO) verify DNSSEC themselves. Otherwise DNSSEC is somewhat pointless, because it is precisely when you are stuck behind an untrusted Wifi gateway that you need DNSSEC the most. Yes, they can and should. But they don't. -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Hi, What can we do there? We can't separate out those with good practices and those without. For starters block ssh keys found @ fedorapeople.org ? cheers, Gerd -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
[perl-Tk-TableMatrix/f15: 3/3] Merge cleanup.
commit bd880bbc484622e21bbf81eb0f92ce638b917e6b Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 10:52:50 2011 +0200 Merge cleanup. perl-Tk-TableMatrix.spec |3 --- 1 files changed, 0 insertions(+), 3 deletions(-) --- diff --git a/perl-Tk-TableMatrix.spec b/perl-Tk-TableMatrix.spec index febb04c..d608197 100644 --- a/perl-Tk-TableMatrix.spec +++ b/perl-Tk-TableMatrix.spec @@ -78,9 +78,6 @@ rm -rf $RPM_BUILD_ROOT * Thu Oct 13 2011 Ralf Corsépius corse...@fedoraproject.org - 1.23-12 - Add BR: perl(Tk::MMutil). -* Tue Jun 21 2011 Marcela Mašláňová mmasl...@redhat.com - 1.23-11 -- Perl mass rebuild - * Wed Feb 09 2011 Fedora Release Engineering rel-...@lists.fedoraproject.org - 1.23-10 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On 10/12/2011 09:59 PM, Mike McGrath wrote: On Wed, 12 Oct 2011, Henrik Nordström wrote: ons 2011-10-12 klockan 13:04 -0500 skrev Mike McGrath: Lots of people use and share keys across different projects. There is no security issue in sharing kes across different projects, other than that it gives a strong hint that you are the same person in both projects, much stronger than name or email. Sorry I didn't explain it very well. 1) People share keys across different projects. 2) We've found PRIVATE keys on our servers 3) We have no reason to believe private keys that can authenticate to Fedora weren't on some of the compromised systems we've heard so much about. 4) There are indications for keys being shared between indivuals. Ralf -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 2011-10-13 at 10:59 +0200, Ralf Corsepius wrote: On 10/12/2011 09:59 PM, Mike McGrath wrote: On Wed, 12 Oct 2011, Henrik Nordström wrote: ons 2011-10-12 klockan 13:04 -0500 skrev Mike McGrath: Lots of people use and share keys across different projects. There is no security issue in sharing kes across different projects, other than that it gives a strong hint that you are the same person in both projects, much stronger than name or email. Sorry I didn't explain it very well. 1) People share keys across different projects. 2) We've found PRIVATE keys on our servers 3) We have no reason to believe private keys that can authenticate to Fedora weren't on some of the compromised systems we've heard so much about. 4) There are indications for keys being shared between indivuals. Which you dreamed up and made false accusations of. But let's suppose that anyone really shares their private keys on purpose what would prevent them to share them again if they change them? -- Tomas Mraz No matter how far down the wrong road you've gone, turn back. Turkish proverb -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On 10/13/2011 11:13 AM, Tomas Mraz wrote: On Thu, 2011-10-13 at 10:59 +0200, Ralf Corsepius wrote: On 10/12/2011 09:59 PM, Mike McGrath wrote: On Wed, 12 Oct 2011, Henrik Nordström wrote: ons 2011-10-12 klockan 13:04 -0500 skrev Mike McGrath: Lots of people use and share keys across different projects. There is no security issue in sharing kes across different projects, other than that it gives a strong hint that you are the same person in both projects, much stronger than name or email. Sorry I didn't explain it very well. 1) People share keys across different projects. 2) We've found PRIVATE keys on our servers 3) We have no reason to believe private keys that can authenticate to Fedora weren't on some of the compromised systems we've heard so much about. 4) There are indications for keys being shared between indivuals. Which you dreamed up and made false accusations of. Putting aside the rude tone of your answer, ... ... there were questionable git check-ins from a package dep mass rebuilt, whose changelog entries were attributed to a different person than that who actually commited the changes (Doing so makes sense when a person submits a substantial patch, but doing so in a mass rebuild doesn't). This leaves few conclusions, e.g. - the account owner passed on his ssh keys to another person or granted terminal access to another person, who then missed to disguise himself as the account owner. - the account owner doesn't understand changelog entries and commited a broken changelog entry. Note that I said indications - May-be the git server admins could prove this (e.g. checking IPs), but it's close to impossible prove from outside. But let's suppose that anyone really shares their private keys on purpose what would prevent them to share them again if they change them? Nothing - It's a matter of trust. If these people are caught, confronting them with sanctions (close down their Fedora accounts) would be an appropriate means. Ralf -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: yubikey
On Tue, 11 Oct 2011 23:02:36 -0700 Toshio Kuratomi wrote: On Tue, Oct 11, 2011 at 11:11:39PM -0400, Paul Wouters wrote: On Tue, 11 Oct 2011, Nathanael D. Noblet wrote: As far as I know if you burn the key you will lose the ability to use the yubikey's servers and I'm guessing coincidentally the lastpass as well. I have seen that you are allowed to upload a new key to their servers to restore its useability. So that may be one avenue to look into. If these keys are still the AES symmetric keys, do not upload them to any third party - those type of keys cannot and should not be used with different entities. I thought the newer yubi keys had more then one slot though, so perhaps one slot can be used for FAS, and the other for the yubisoft servers. I currently have my yubikey set up to do this (slot 1 is Fedora, slot 2 is for yubikey servers). Could you describe how you did that? All I could find is this instruction set [1]. Maybe that could be added there. Thanks. Tom [1] https://fedoraproject.org/wiki/Infrastructure/Yubikey -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On 10/13/2011 09:45 AM, Callum Lerwick wrote: On Wed, Oct 12, 2011 at 1:37 PM, Przemek Klosowski przemek.klosow...@nist.gov wrote: Length beats out larger character set, which is nicely illustrated by the XKCD cartoon http://imgs.xkcd.com/comics/password_strength.png Be careful, that xkcd strip glosses over how that phrase was actually generated. If you just pick words or sentences out of your head, you could actually have dangerously little actual entropy in your passphrase. Do NOT actually use spaces in your passphrase, the space bar typically makes a distinctive sound so an eavesdropper can potentially figure out how many words are in your passphrase, and the length of each word, narrowing their search window... - well, to me correct horse battery staple seems random enough, but I'd like to ask everyone to not use it, because it's what I use as my password on every machine I have access to... Regards, Jirka He's assigning 11 bits of entropy to each word, 2^11 = a word list 2048 words long, which corresponds with S/KEY: http://en.wikipedia.org/wiki/S/KEY There's also: http://en.wikipedia.org/wiki/Diceware http://en.wikipedia.org/wiki/Bubble_Babble http://en.wikipedia.org/wiki/Biometric_word_list Cryptographic security is all in the details, doing it even slightly wrong can completely destroy your security. Make sure to follow a proven strategy if you're going the passphrase route. Personally I've been generating passwords with pwgen -s 12 1, or for really important stuff (like online banking), pwgen -s 12 1. A different password for absolutely everything, all passwords are stored in a Revelation database protected by a REALLY long passphrase. I find its not that hard to remember a completely obscure 12-char password, after a day or two of frequent use, if you force yourself to actually type it in by hand rather than just cut-and-pasting from Revelation. Try just memorizing 2-4 chars at a time until you remember it all. I find I end up just consciously remembering the first 4 chars and muscle memory completes the rest... Also see: http://www.wired.com/politics/security/commentary/securitymatters/2007/01/72458 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: yubikey
I don't think it is actually used somewhere, but I wrote an article about using Yubikeys with Fedora a long time ago when the Infra team was busy implementing Yubikey support. Iirc I wrote about using the second slot somewhere in there. It might help you: https://fedoraproject.org/wiki/Using_Yubikeys_with_Fedora Maxim Burgerhout ma...@wzzrd.com EB11 5E56 E648 9D99 E8EF 05FB C513 6FD4 1302 B48A () ascii ribbon campaign - against html e-mail /\ www.asciiribbon.org - against proprietary attachments On Thu, Oct 13, 2011 at 11:45, Thomas Spura toms...@fedoraproject.orgwrote: On Tue, 11 Oct 2011 23:02:36 -0700 Toshio Kuratomi wrote: On Tue, Oct 11, 2011 at 11:11:39PM -0400, Paul Wouters wrote: On Tue, 11 Oct 2011, Nathanael D. Noblet wrote: As far as I know if you burn the key you will lose the ability to use the yubikey's servers and I'm guessing coincidentally the lastpass as well. I have seen that you are allowed to upload a new key to their servers to restore its useability. So that may be one avenue to look into. If these keys are still the AES symmetric keys, do not upload them to any third party - those type of keys cannot and should not be used with different entities. I thought the newer yubi keys had more then one slot though, so perhaps one slot can be used for FAS, and the other for the yubisoft servers. I currently have my yubikey set up to do this (slot 1 is Fedora, slot 2 is for yubikey servers). Could you describe how you did that? All I could find is this instruction set [1]. Maybe that could be added there. Thanks. Tom [1] https://fedoraproject.org/wiki/Infrastructure/Yubikey -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
File App-cpanminus-1.5000.tar.gz uploaded to lookaside cache by psabata
A file has been added to the lookaside cache for perl-App-cpanminus: f0d120dde9ae82c4a718a951741ca136 App-cpanminus-1.5000.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-App-cpanminus] 1.5000 bump
commit a0471213623126dd4eee132a22a70ce01cdd5e89 Author: Petr Sabata con...@redhat.com Date: Thu Oct 13 13:03:31 2011 +0200 1.5000 bump .gitignore |1 + perl-App-cpanminus.spec |7 +-- sources |2 +- 3 files changed, 7 insertions(+), 3 deletions(-) --- diff --git a/.gitignore b/.gitignore index ed882dc..5333c3c 100644 --- a/.gitignore +++ b/.gitignore @@ -17,3 +17,4 @@ App-cpanminus-0.9935.tar.gz /App-cpanminus-1.4006.tar.gz /App-cpanminus-1.4007.tar.gz /App-cpanminus-1.4008.tar.gz +/App-cpanminus-1.5000.tar.gz diff --git a/perl-App-cpanminus.spec b/perl-App-cpanminus.spec index eb87313..0f70d1d 100644 --- a/perl-App-cpanminus.spec +++ b/perl-App-cpanminus.spec @@ -1,6 +1,6 @@ Name: perl-App-cpanminus -Version:1.4008 -Release:3%{?dist} +Version:1.5000 +Release:1%{?dist} Summary:Library for get, unpack, build and install CPAN modules License:GPL+ or Artistic Group: Development/Libraries @@ -65,6 +65,9 @@ make test %{_bindir}/cpanm %changelog +* Thu Oct 13 2011 Petr Sabata con...@redhat.com - 1.5000-1 +- 1.5000 bump + * Fri Jul 22 2011 Petr Pisar ppi...@redhat.com - 1.4008-3 - RPM 4.9 dependency filtering added diff --git a/sources b/sources index 99239e0..c470c1b 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -35631af0c42ecbdb93bb2468f97de284 App-cpanminus-1.4008.tar.gz +f0d120dde9ae82c4a718a951741ca136 App-cpanminus-1.5000.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Wed, 2011-10-12 at 14:37 -0400, Przemek Klosowski wrote: On 10/12/2011 01:41 PM, Richard Hughes wrote: On 12 October 2011 17:44, Kevin Fenzike...@scrye.com wrote: * Nine or more characters with lower and upper case letters, digits and punctuation marks. * Ten or more characters with lower and upper case letters and digits. * Twelve or more characters with lower case letters and digits * Twenty or more characters with all lower case letters. This is just insane. My existing password is 8 digits and alphanumeric, and given that I have to enter it over and over again (and prove I'm human, another WTF) when creating updates I'm really wondering if I want to bother. Length beats out larger character set, which is nicely illustrated by the XKCD cartoon http://imgs.xkcd.com/comics/password_strength.png Considering that it's hard to type a wide character set (I probably touch-type '' correctly about 70% of the time), I actually like long alpha passwords. It is strange though that the complexity of the new requirements varies so much: (24+24+10+12)^9 or 4.0354e+16 (24+24+10)^10or 4.3080e+17 (24+24)^12 or 1.4959e+20 (24)^20 or 4.0200e+27 except, of course, the alphabetic strings aren't likely to be purely random but rather dictionary words, which would reduce the complexity spread. This rules are very restricting. If I want to use _random_ lower case letters, I have to remember 20 random characters and have marginally more secure password compared to people who use lower case, upper case and digits? Even just 14 random lower case letters have bigger complexity than the other cases. I can use 12 characters long random lower case password, or . I will not be remembering 20 random letters. Please change the rules to have at least similar complexity. Richard's complexity is (24+24+10)^8, or 1.2806e+14 which is not that much worse than the low end. We all know that he'll just add '1' to his existing password :) except, of course, the alphabetic strings aren't going to be purely random but rather dictionary words, which would reduce the complexity spread. -- Martin Gracik mgra...@redhat.com -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
openSUSE announces release of openqa
http://news.opensuse.org/2011/10/11/opensuse-announces-first-public-release-of- openqa/ -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: HAL depreciated, but what replaced it?
On Wed, Oct 12, 2011 at 8:16 PM, Dan Williams d...@redhat.com wrote: udev replaced HAL, along with some additional helpers. udev has a database too, much like HAL. You can use libudev or libgudev (if you use glib) to talk to udev and get information. Ok, I found python-gudev which lets me talk to udev! And I thought the documentation on UDisks was poor. The only documentation in the package is a README file with a bad link and a test program. I've worked around that for testing the property DriveMediaCompatibility 0 since it returns an array but this would also pick up flash card readers, zip, and jaz drives. I'll have to modify that to look for optical on the front of any members of the array. Second, I can not find any property that reports the disc capacity. The only property that looked close is DriveSize but for a blank disc this reports the same as the SectorSize, 2048. UDISKS_PARTITION_SIZE I'm thinking the equivalent in the python wrapper is PartitionSize. The problem is that it AND DeviceSize both report 2048... Right now I'm using the test program provided with python-gudev and I think I'm making headway. It has a property ID_TYPE that is cd for optical drives so that's one problem down. Now I just have to figure out how to: 1. Get the drive capacity. 2. Get the media state. 3. Detect and properly handle media changes. Thanks, Richard Thanks, Richard -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: VerifyHostKeyDNS, was Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 13 Oct 2011, Tomas Mraz wrote: And if this malicious DNS administrator controls the caching nameserver you're using for DNS queries, he can present you ANY data even 'valid' fake DNSSEC data. This is not generally true. Resolver libraries can (and should, IMHO) verify DNSSEC themselves. Otherwise DNSSEC is somewhat pointless, because it is precisely when you are stuck behind an untrusted Wifi gateway that you need DNSSEC the most. Yes, they can and should. But they don't. We're testing ftp://ftp.xelerance.com/dnssec-trigger/ and I hope it can get integrated into Fedora. It means running dnssec aware resolvers on the endnode, with as much use as possible od dhcp obtained dns server caches. Paul -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
[perl-File-Find-Rule] Upstream update. Modernize spec file.
commit d75db9e1dbc7229504ad7536f741aebbd568a216 Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 16:27:37 2011 +0200 Upstream update. Modernize spec file. .gitignore |2 +- perl-File-Find-Rule.spec | 15 +++ sources |2 +- 3 files changed, 9 insertions(+), 10 deletions(-) --- diff --git a/.gitignore b/.gitignore index c1994b5..7c22864 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -File-Find-Rule-0.32.tar.gz +/File-Find-Rule-0.33.tar.gz diff --git a/perl-File-Find-Rule.spec b/perl-File-Find-Rule.spec index 612550a..a32a001 100644 --- a/perl-File-Find-Rule.spec +++ b/perl-File-Find-Rule.spec @@ -1,12 +1,11 @@ Name: perl-File-Find-Rule -Version: 0.32 -Release: 6%{?dist} +Version: 0.33 +Release: 1%{?dist} Summary: Perl module implementing an alternative interface to File::Find License: GPL+ or Artistic Group: Development/Libraries URL: http://search.cpan.org/dist/File-Find-Rule/ Source0: http://www.cpan.org/modules/by-module/File/File-Find-Rule-%{version}.tar.gz -BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n) BuildArch: noarch BuildRequires: perl @@ -29,27 +28,27 @@ you to build rules which specify the desired files and directories. make %{?_smp_mflags} %install -rm -rf $RPM_BUILD_ROOT make pure_install PERL_INSTALL_ROOT=$RPM_BUILD_ROOT find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} ';' find $RPM_BUILD_ROOT -type d -depth -exec rmdir {} 2/dev/null ';' chmod -R u+w $RPM_BUILD_ROOT/* -%clean -rm -rf $RPM_BUILD_ROOT - %check make test %files %defattr(-,root,root,-) -%doc Changes README +%doc Changes %{_bindir}/findrule %{_mandir}/man1/* %{perl_vendorlib}/File %{_mandir}/man3/* %changelog +* Thu Oct 13 2011 Ralf Corsépius corse...@fedoraproject.org - 0.33-1 +- Upstream update. +- Modernize spec file. + * Mon Jun 20 2011 Marcela Mašláňová mmasl...@redhat.com - 0.32-6 - Perl mass rebuild diff --git a/sources b/sources index b92f0ae..db0bc6c 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -1b43810c6b8fd4ee5cee8046e1e05ff4 File-Find-Rule-0.32.tar.gz +92c6cb88549c30f5665e39bf80f3d704 File-Find-Rule-0.33.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-File-Find-Rule/f16] Upstream update. Modernize spec file.
Summary of changes: d75db9e... Upstream update. Modernize spec file. (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-File-Find-Rule/f15] (3 commits) ...Post merge cleanup.
Summary of changes: f0127e8... Perl mass rebuild (*) d75db9e... Upstream update. Modernize spec file. (*) 4517902... Post merge cleanup. (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-File-Find-Rule/f15: 3/3] Post merge cleanup.
commit 4517902b13990719a55a56fc5b9c5deadaba3034 Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 16:34:24 2011 +0200 Post merge cleanup. perl-File-Find-Rule.spec |3 --- 1 files changed, 0 insertions(+), 3 deletions(-) --- diff --git a/perl-File-Find-Rule.spec b/perl-File-Find-Rule.spec index a32a001..22d4524 100644 --- a/perl-File-Find-Rule.spec +++ b/perl-File-Find-Rule.spec @@ -49,9 +49,6 @@ make test - Upstream update. - Modernize spec file. -* Mon Jun 20 2011 Marcela Mašláňová mmasl...@redhat.com - 0.32-6 -- Perl mass rebuild - * Tue Feb 08 2011 Fedora Release Engineering rel-...@lists.fedoraproject.org - 0.32-5 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-File-Find-Rule/f14] (6 commits) ...Post merge cleanup.
Summary of changes: 1ef6866... - 661697 rebuild for fixing problems with vendorach/lib (*) 9b2adae... - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass (*) f0127e8... Perl mass rebuild (*) d75db9e... Upstream update. Modernize spec file. (*) 4517902... Post merge cleanup. (*) c5f5aee... Post merge cleanup. (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-File-Find-Rule/f14: 6/6] Post merge cleanup.
commit c5f5aee528450252f6e48df9f8d88a8ca49985a9 Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 16:38:23 2011 +0200 Post merge cleanup. perl-File-Find-Rule.spec |6 -- 1 files changed, 0 insertions(+), 6 deletions(-) --- diff --git a/perl-File-Find-Rule.spec b/perl-File-Find-Rule.spec index 22d4524..014f379 100644 --- a/perl-File-Find-Rule.spec +++ b/perl-File-Find-Rule.spec @@ -49,12 +49,6 @@ make test - Upstream update. - Modernize spec file. -* Tue Feb 08 2011 Fedora Release Engineering rel-...@lists.fedoraproject.org - 0.32-5 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild - -* Thu Dec 16 2010 Marcela Maslanova mmasl...@redhat.com - 0.32-4 -- 661697 rebuild for fixing problems with vendorach/lib - * Sat May 01 2010 Marcela Maslanova mmasl...@redhat.com - 0.32-3 - Mass rebuild with perl-5.12.0 -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: VerifyHostKeyDNS, was Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 13 Oct 2011, Tomas Mraz wrote: Nope, you do not understand what the dependency is. Of course you depend on the DNS to not be compromised to get the IP address of the host but you still can verify the fingerprint on the first connection if you got it by other means. That scales as well as all those firefox plugins that warn you when a cert changes but yes, a very few individuals with pick up the phone, and good for them! and you'll connect to a different host. With 'VerifyHostKeyDNS yes' if there is a malicious DNS administrator, you will not have a chance to verify the fingerprint, you will be directly connected to a false server immediately compromising your password if password auth is used. That's a very good argument - but against password ssh authentication, not against fingerprints in dnssec. 1) the infrastructure is already compromised by an inside DNS admin 2) the user apparently typing in a password into a machine they never contacted before. You should use ssh-keyscan remotehost to a machine you never connected to before where you depend on password authentication to avoid this. The only scenario where I can see trusting machines I never logged into before is one where the cluster is trusted by the same admin, using the same usernames and shared homedirs, in which case I would alwas have my authorized_keys, and would immediately hit ctrl-c when a password prompt would happen. And if this malicious DNS administrator controls the caching nameserver you're using for DNS queries, he can present you ANY data even 'valid' fake DNSSEC data. I have no idea what 'valid' fake DNSSEC data is supposed to mean. I am assuming you mean something silly as trust random dhcp obtained dns server's AD bit. If you do that, you already lost before even getting an ssh login on a new server. Any security aware fedora user is running a local DNSSEC caching server. If not, then ssh will prompt them with the host key! Also, trusted the AD bit without trusting the last mile violates the RFC 3655 Section 3 3. Interpretation of the AD bit A response containing data marked Insecure in the answer or authority section MUST never have the AD bit set. In this case, the resolver SHOULD treat the data as Insecure whether or not SIG records are present. A resolver MUST NOT blindly trust the AD bit unless it communicates with a recursive nameserver over a secure transport mechanism or using a message authentication such as TSIG [RFC2845] or SIG(0) [RFC2931] and is explicitly configured to trust this recursive name server. If the ssh client grabs non-localhost resolver entries and trusts the AD bit, then that is a bug and should be reported upstream. Paul -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
File Number-Compare-0.03.tar.gz uploaded to lookaside cache by corsepiu
A file has been added to the lookaside cache for perl-Number-Compare: ded4085a8fc96328742785574ca65208 Number-Compare-0.03.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Number-Compare] Upstream update.
commit 1c4c4df5c59efd6db8ed9c039def6e7cf637cf33 Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 16:50:58 2011 +0200 Upstream update. .gitignore |3 +-- perl-Number-Compare.spec |5 - sources |2 +- 3 files changed, 6 insertions(+), 4 deletions(-) --- diff --git a/.gitignore b/.gitignore index df2ef9e..35270b7 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1 @@ -Number-Compare-0.01.tar.gz -/Number-Compare-0.02.tar.gz +/Number-Compare-0.03.tar.gz diff --git a/perl-Number-Compare.spec b/perl-Number-Compare.spec index 5605b4f..0087512 100644 --- a/perl-Number-Compare.spec +++ b/perl-Number-Compare.spec @@ -1,5 +1,5 @@ Name: perl-Number-Compare -Version: 0.02 +Version: 0.03 Release: 1%{?dist} Summary: Perl module for numeric comparisons License: GPL+ or Artistic @@ -40,6 +40,9 @@ make test %{_mandir}/man3/* %changelog +* Thu Oct 13 2011 Ralf Corsépius corse...@fedoraproject.org - 0.03-1 +- Upstream update. + * Mon Sep 19 2011 Ralf Corsépius corse...@fedoraproject.org - 0.02-1 - Upstream update. - Spec file cleanup. diff --git a/sources b/sources index ca13d78..3b084d9 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -e77d5218a236184064c2866f334f9702 Number-Compare-0.02.tar.gz +ded4085a8fc96328742785574ca65208 Number-Compare-0.03.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Subsidy requests for FUDCon Blacksburg are now OOOOOPEN!
Greetings, FUDCon friends, near and far: As you are probably aware, the 2012 North American FUDCon will be held in Blacksburg, Virginia, on the campus of Virginia Tech. If you are planning on attending, it's never too early to pre-register, and to start thinking about your travel plans. FUDCon Blacksburg will take place January 13-15, 2012. https://fedoraproject.org/wiki/FUDCon:Blacksburg_2012 I'm happy to announce that we are officially accepting subsidy requests for travel to Blacksburg. If you are requesting a subsidy, we just have a few steps that we ask you to follow: 1: Register on the FUDCon: Blacksburg wiki page in the pre-registration area. https://fedoraproject.org/wiki/FUDCon:Blacksburg_2012#Pre-registration 2: Put an X in the $$$ column. 3: Create a funding request ticket in the FUDCon trac at: https://fedorahosted.org/fudcon-planning/wiki/FundingRequest General information about being sponsored can be found at http://fedoraproject.org/wiki/Sponsoring_event_attendees . Requests are processed in a first-come, first-served manner, though generally prioritization is giving to local travel over international travel first. Requests will be reviewed by fellow Fedora community members at FUDCon subsidy request meetings over the next few weeks. The first subsidy meeting will take place on Wednesday, November 9th. The time and IRC channel will be announced as we approach that day. As always, participation both in planning as well as subsidy granting is ALWAYS welcome. Please join us on the fudcon-planning mailing list for information about meetings, as well as for general FUDCon updates, and see the meetings section of your FUDCon's wiki page for meeting information. Mailing list: https://admin.fedoraproject.org/mailman/listinfo/fudcon-planning FUDCon Blacksburg Meetings: https://fedoraproject.org/wiki/FUDCon:Blacksburg_2012#Meetings ___ devel-announce mailing list devel-annou...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel-announce -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: HAL depreciated, but what replaced it?
Excerpts from Richard Shaw's message of Thu Oct 13 16:13:00 +0200 2011: On Wed, Oct 12, 2011 at 8:16 PM, Dan Williams d...@redhat.com wrote: udev replaced HAL, along with some additional helpers. udev has a database too, much like HAL. You can use libudev or libgudev (if you use glib) to talk to udev and get information. Ok, I found python-gudev which lets me talk to udev! And I thought the documentation on UDisks was poor. The only documentation in the package is a README file with a bad link and a test program. You can use [1] (or look in your kernel source directory) for gudev API documentation. The python wrapper basically does 1:1 copy of the functions. I've worked around that for testing the property DriveMediaCompatibility 0 since it returns an array but this would also pick up flash card readers, zip, and jaz drives. I'll have to modify that to look for optical on the front of any members of the array. Second, I can not find any property that reports the disc capacity. The only property that looked close is DriveSize but for a blank disc this reports the same as the SectorSize, 2048. UDISKS_PARTITION_SIZE I'm thinking the equivalent in the python wrapper is PartitionSize. The problem is that it AND DeviceSize both report 2048... There is still a possibility there is a bug (or a missing feature) in udisks. Maybe have a look at udisks/udev bug tracker? Right now I'm using the test program provided with python-gudev and I think I'm making headway. It has a property ID_TYPE that is cd for optical drives so that's one problem down. Now I just have to figure out how to: 1. Get the drive capacity. 2. Get the media state. 3. Detect and properly handle media changes. Good luck finding what you are looking for, [1] ftp://slackware.oregonstate.edu/pub/linux/utils/kernel/hotplug/gudev/index.html -- Stanislav Ochotnicky sochotni...@redhat.com Software Engineer - Base Operating Systems Brno PGP: 7B087241 Red Hat Inc. http://cz.redhat.com signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
[perl-Number-Compare/f15] Upstream update.
Summary of changes: 1c4c4df... Upstream update. (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Number-Compare/f14] Upstream update.
Summary of changes: 1c4c4df... Upstream update. (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Test-Announce] 2011-10-14 @ 17:00 UTC - F16 Final Blocker Bug Review #3
# F16 Final Blocker Review meeting #3 # Date: 2011-10-14 # Time: 17:00 UTC [1] (13:00 EDT, 10:00 PDT) # Location: #fedora-bugzappers on irc.freenode.net The third Fedora 16 final blocker bug review meeting will be this Friday at 17:00 UTC in #fedora-bugzappers. We'll be running through the final blockers and nice-to-haves. An updated list of blocker bugs is available at https://fedoraproject.org/wiki/Current_Release_Blockers. We'll be reviewing the bugs to determine ... 1. Whether they meet the final release criteria [2] and should stay on the list 2. Whether they are getting the attention they need For guidance on Blocker and Nice-to-have (NTH) bugs, refer to https://fedoraproject.org/wiki/QA:SOP_blocker_bug_process and https://fedoraproject.org/wiki/QA:SOP_nth_bug_process For the blocker review meeting protocol, see https://fedoraproject.org/wiki/QA:SOP_Blocker_Bug_Meeting . Thanks, Tim [1] https://fedoraproject.org/wiki/Infrastructure/UTCHowto [2] https://fedoraproject.org/wiki/Fedora_16_Final_Release_Criteria signature.asc Description: PGP signature ___ test-announce mailing list test-annou...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/test-announce-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
File Plack-0.9984.tar.gz uploaded to lookaside cache by corsepiu
A file has been added to the lookaside cache for perl-Plack: 3d30c1b99124b9dfc78a2b0139d38a14 Plack-0.9984.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Plack] Upstream update.
commit 71aeb41dd2fcfe14bf323da4aaca35a003782182 Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 18:38:34 2011 +0200 Upstream update. .gitignore |2 +- perl-Plack.spec |5 - sources |2 +- 3 files changed, 6 insertions(+), 3 deletions(-) --- diff --git a/.gitignore b/.gitignore index cd2dca0..120ce0d 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -/Plack-0.9982.tar.gz +/Plack-0.9984.tar.gz diff --git a/perl-Plack.spec b/perl-Plack.spec index 9e91302..1c71a36 100644 --- a/perl-Plack.spec +++ b/perl-Plack.spec @@ -1,5 +1,5 @@ Name: perl-Plack -Version:0.9982 +Version:0.9984 Release:1%{?dist} Summary:Perl Superglue for Web frameworks and Web Servers (PSGI toolkit) License:GPL+ or Artistic @@ -105,6 +105,9 @@ make test TEST_APACHE2=1 TEST_FCGI_CLIENT=1 %{_mandir}/man3/* %changelog +* Thu Oct 13 2011 Ralf Corsépius corse...@fedoraproject.org 0.9984-1 +- Upstream update. + * Fri Aug 19 2011 Ralf Corsépius corse...@fedoraproject.org 0.9982-1 - Upstream update. diff --git a/sources b/sources index 29ad270..6d42e3e 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -5dc7c6b8fec4b51adc5ff076a0aacc8c Plack-0.9982.tar.gz +3d30c1b99124b9dfc78a2b0139d38a14 Plack-0.9984.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: TFTP not working on F15 as well as updated F14
On 10/12/2011 06:37 PM, Aaron Gray wrote: sudo /usr/sbin/in.tftpd -L -v -v -v -s /var/lib/tftpboot Wow, TFTP works like this ! Thanks for that, now why does it not work under xinetd ? I have no idea. xinetd should be spawning off the equivalent of: /usr/sbin/in.tftpd -s /var/lib/tftpboot You can add the -v (for verbosity) to /etc/xinetd.d/tftp (same line as the -s /var/lib/tftpboot), but don't add the -L (man in.tftpd will explain why that is incorrect). If you can't localhost connect to your tftp server, you have bigger issues, and I don't think they involve tftp. ~tom == Fedora Project -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
File Test-SharedFork-0.18.tar.gz uploaded to lookaside cache by corsepiu
A file has been added to the lookaside cache for perl-Test-SharedFork: edd6b8d2fcd9a5449d193f23a9b9a29c Test-SharedFork-0.18.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Test-SharedFork] Upstream update.
commit a8efed520da65574e2b3e9889bb53039012832e3 Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 18:58:44 2011 +0200 Upstream update. .gitignore|4 +--- perl-Test-SharedFork.spec |7 +-- sources |2 +- 3 files changed, 7 insertions(+), 6 deletions(-) --- diff --git a/.gitignore b/.gitignore index d49a5b8..a63e9d1 100644 --- a/.gitignore +++ b/.gitignore @@ -1,3 +1 @@ -Test-SharedFork-0.11.tar.gz -/Test-SharedFork-0.15.tar.gz -/Test-SharedFork-0.16.tar.gz +/Test-SharedFork-0.18.tar.gz diff --git a/perl-Test-SharedFork.spec b/perl-Test-SharedFork.spec index 6875484..3004175 100644 --- a/perl-Test-SharedFork.spec +++ b/perl-Test-SharedFork.spec @@ -1,7 +1,7 @@ Name: perl-Test-SharedFork Summary:Fork test -Version:0.16 -Release:3%{?dist} +Version:0.18 +Release:0%{?dist} License:GPL+ or Artistic Group: Development/Libraries Source0: http://search.cpan.org/CPAN/authors/id/T/TO/TOKUHIROM/Test-SharedFork-%{version}.tar.gz @@ -46,6 +46,9 @@ make test %{_mandir}/man3/*.3* %changelog +* Thu Oct 13 2011 Ralf Corsépius corse...@fedoraproject.org - 0.18-1 +- Upstream update. + * Fri Jun 17 2011 Marcela Mašláňová mmasl...@redhat.com - 0.16-3 - Perl mass rebuild diff --git a/sources b/sources index b3be378..470fcdf 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -ee0469b14d48bbd651f2ec5465f61a52 Test-SharedFork-0.16.tar.gz +edd6b8d2fcd9a5449d193f23a9b9a29c Test-SharedFork-0.18.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: HAL depreciated, but what replaced it?
On Thu, Oct 13, 2011 at 11:17 AM, Stanislav Ochotnicky sochotni...@redhat.com wrote: Excerpts from Richard Shaw's message of Thu Oct 13 16:13:00 +0200 2011: On Wed, Oct 12, 2011 at 8:16 PM, Dan Williams d...@redhat.com wrote: udev replaced HAL, along with some additional helpers. udev has a database too, much like HAL. You can use libudev or libgudev (if you use glib) to talk to udev and get information. Ok, I found python-gudev which lets me talk to udev! And I thought the documentation on UDisks was poor. The only documentation in the package is a README file with a bad link and a test program. You can use [1] (or look in your kernel source directory) for gudev API documentation. The python wrapper basically does 1:1 copy of the functions. Thanks! I'll take a look. I've worked around that for testing the property DriveMediaCompatibility 0 since it returns an array but this would also pick up flash card readers, zip, and jaz drives. I'll have to modify that to look for optical on the front of any members of the array. https://bugs.freedesktop.org/show_bug.cgi?id=41752 Second, I can not find any property that reports the disc capacity. The only property that looked close is DriveSize but for a blank disc this reports the same as the SectorSize, 2048. UDISKS_PARTITION_SIZE I'm thinking the equivalent in the python wrapper is PartitionSize. The problem is that it AND DeviceSize both report 2048... There is still a possibility there is a bug (or a missing feature) in udisks. Maybe have a look at udisks/udev bug tracker? https://bugs.freedesktop.org/show_bug.cgi?id=41753 Right now I'm using the test program provided with python-gudev and I think I'm making headway. It has a property ID_TYPE that is cd for optical drives so that's one problem down. Now I just have to figure out how to: 1. Get the drive capacity. 2. Get the media state. 3. Detect and properly handle media changes. Good luck finding what you are looking for, Thanks! Richard -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 2011-10-13 at 09:12 +0100, Richard W.M. Jones wrote: On Wed, Oct 12, 2011 at 12:48:57PM -0700, Adam Williamson wrote: Sure. However, if you have multiple keys with multiple passphrases, then it's extra work to compromise each key. Not true at all. If I keep my key(s) in a single location (a secure machine at my home), then either all keys in that location are secure or they've all been compromised. Someone with a rootkit on that machine can capture all of my keys and all of my passphrases. A rootkit is one kind of compromise, sure. I outlined another kind in an earlier reply to a similar objection. (Here's another one: you keep your Single Key For Everything or your Giant Key Collection on a USB key, and the USB key gets swiped. Yes, yes, I know, the key should be encrypted...sigh.) let's say you have an account on kernel.org and one on linux.com. It may make some kind of sense to your workflow for you to keep the private key you use to access linux.com in your home directory on kernel.org. If you do this, you're doing it wrong. It's been pretty well established by now that lots of people do security wrong all the time. Just saying 'everyone who's doing it wrong loses and the only scenario we care about is the one in which everyone does it right' is ludicrous. The point is that there are actual plausible scenarios in which using multiple keys results in a less catastrophic outcome than using a single key for everything. That's all I ever claimed. I did not claim any of the hypothetical examples I presented were cases of best security practice. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 2011-10-13 at 10:43 +0200, Gerd Hoffmann wrote: Hi, Sure, ssh keys are much harder to compromise than passwords, but _assuming a compromise has happened_ the consequences of using a single key for everything are just as bad as using a single password for everything. One ssh key per project doesn't make sense at all to me. They all would be on my laptop, and in case it gets compromised the attacker can easily snatch all the keys. I didn't claim it was necessarily a great approach. I simply disputed a bald assertion that there was absolutely zero exposure difference between using a single key for everything and using multiple keys. I never claimed that 'you should use multiple keys' or 'it's best security practice to use multiple keys' or anything like that; I simply took exception at the suggestion that there was absolutely no difference between the scenarios. One ssh key per machine makes alot more sense. For outgoing ssh connections from -- say -- shell.fedoraproject.org I wouldn't just copy my private key from my laptop but generate a new one, then add it to authorized_keys where needed. That's a sensible approach, sure. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
[perl-Test-SharedFork/f16] Upstream update.
Summary of changes: a8efed5... Upstream update. (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: openSUSE announces release of openqa
On Thu, 2011-10-13 at 08:35 -0400, Neal Becker wrote: http://news.opensuse.org/2011/10/11/opensuse-announces-first-public-release-of- openqa/ saw it! in fact, we've talked to one of the lead developers before. it's got some cool design features, a reasonably nice results interface, and it's somewhat more mature than AutoQA at present: these are good points about it. it relies on screenshot validation for pass/fail and it's written in freakin' perl: these are bad points about it. =) One problem with screenshot validation is that it's innately fragile: if we used such an approach for anaconda testing, for instance, we'd have to revise the 'pass' and 'fail' results for dozens of tests at least once a cycle, most likely. The entire suite would be invalidated by a UI rewrite like the one pending for F17. A consequence of the innate fragility is that it's very difficult to make it truly end-to-end automated; you can't just throw the raw results at developers because they're very often going to be invalid or incomplete. Whenever a test 'fails' or returns 'unknown' you need human intervention to take a look at it and verify what actually happened, then file an appropriate bug report. If you look at the bug reports down the left hand side of the openQA page, none of them was actually filed by an openQA bot, or anything: they're all hand-filed reports that have been done by people interpreting the openQA results. The AutoQA design is inherently more capable of allowing tests which can spit out results that are directly useful to developers without human intervention; in fact, depcheck already does so, by giving the actual yum output describing the dependency issues it finds. The other problem with screenshot validation is that it's inherently unsuited to some tests that are important to Fedora and that we have more-or-less working *right now* in AutoQA - things like depcheck and repoclosure - because all it can really tell you is 'does this results screen look like a known pass case' - it's inherently pass/fail based, which is no use if the output you want is these five dependencies are broken. But hey, it's dumb but it works right now, which means it's not dumb: in a sense, updating a screenshot hash once a week is still much better than manually re-doing the test every day, and though the approach doesn't work for _some_ tests, there are certainly tests that would be useful to Fedora which we _could_ implement with screenshot validation. The test format of openQA is nice and idiot-proof too, at least from the quick look I took at it - each test can have as many known 'pass' and 'fail' screenshot hashes as you want, and adding one is literally a one-line copy/paste/modify operation, so it would be very contributable-to. We're about to hit the F16 final crunch, at which point QA has about zero time to look at anything but release validation, but once final is done we could certainly try and find someone to take a quick look at openQA and see if it would be viable to make it usable for at least a bit of Fedora testing in the short term. -- Adam Williamson Fedora QA Community Monkey IRC: adamw | Twitter: AdamW_Fedora | identi.ca: adamwfedora http://www.happyassassin.net -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, Oct 13, 2011 at 09:14:46AM +0100, Richard W.M. Jones wrote: On Wed, Oct 12, 2011 at 02:59:31PM -0500, Mike McGrath wrote: 2) We've found PRIVATE keys on our servers By all means educate these users with a large clue-stick. The problem is this: Fedora contributors are a group of technically minded people that we think should know better. Fedora contributors in the sysadmin groups (needed to have shells on these machines) are an even more technically and security minded group that should know even better. Yet that select group of people are making a very bad mistake. We can (and have) identified these people and hit them with the clue stick. What we cannot do is audit kernel.org, linux.com, etc, and find out what technically minded users that we have in common are made a similar mistake on their systems and then hit *them* with a cluestick. Which is not to place blame on those other sites for withholding information; we've never revealed similar information. Debian didn't reveal that level of information after their intrusion either. But what does that lack of information leave us with? A whole lot of ssh keys that may or may not have had their private keys on a compromised host with no way of telling who's who. We don't even know if one of the keys was known to have been used in the kernel.org and linux.com compromises. If the users in question are on a long hiatus for Fedora work, those keys might never be changed even if the user has been hit with a cluestick on kernel.org. So what are our admins to do? 1) We could ignore the issue. We have a lot of contributors. Maybe we should just expect that some of their accounts are going to be compromised. 2) We could require everyone to change keys. 3) You might have the information necessary to get us a list of our users whose accounts or keys were potentially compromised on other people's systems. If so, it might be reasonable to filter for just those people. OTOH, if someone is out there purposefully targetting open source sites, perhaps too much caution is better than too little. -Toshio pgpRthsw9lnea.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: yubikey
On Thu, Oct 13, 2011 at 11:45:35AM +0200, Thomas Spura wrote: On Tue, 11 Oct 2011 23:02:36 -0700 Toshio Kuratomi wrote: On Tue, Oct 11, 2011 at 11:11:39PM -0400, Paul Wouters wrote: On Tue, 11 Oct 2011, Nathanael D. Noblet wrote: As far as I know if you burn the key you will lose the ability to use the yubikey's servers and I'm guessing coincidentally the lastpass as well. I have seen that you are allowed to upload a new key to their servers to restore its useability. So that may be one avenue to look into. If these keys are still the AES symmetric keys, do not upload them to any third party - those type of keys cannot and should not be used with different entities. I thought the newer yubi keys had more then one slot though, so perhaps one slot can be used for FAS, and the other for the yubisoft servers. I currently have my yubikey set up to do this (slot 1 is Fedora, slot 2 is for yubikey servers). Could you describe how you did that? All I could find is this instruction set [1]. Maybe that could be added there. http://lists.fedoraproject.org/pipermail/infrastructure/2010-October/009569.html Things you do one-time you tend to forget. That's what I have. Feel free to enhance the wiki page as you go if you do this. -Toshio pgpeidOjHCmWd.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: VerifyHostKeyDNS, was Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 13 Oct 2011 10:46:01 -0400 (EDT), Paul Wouters p...@xelerance.com said: PW Also, trusted the AD bit without trusting the last mile violates the PW RFC 3655 Section 3 [snip] PW If the ssh client grabs non-localhost resolver entries and trusts the AD PW bit, then that is a bug and should be reported upstream. The other option is to do in-application validation which gets all the way to the end-system. We actually have some instrumented openssh RPMs that are based on the Fedora RPM with an additional patch to support in-application DNSSEC validation. https://www.dnssec-tools.org/wiki/index.php/OpenSSH https://www.dnssec-tools.org/download/ The implementation does a number of nice things, which includes auto-accepting SSHFP keys that were verified via DNSSEC. -- Wes Hardaker My Pictures: http://capturedonearth.com/ My Thoughts: http://pontifications.hardakers.net/ -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Taking a two-week holiday
Hi, just to let you know - I'm taking a two-week holiday starting tomorrow, during which time I probably won't have internet access. So, don't wonder why I'm not, e.g., attending anything in bugzilla. -- Jussi Lehtola Fedora Project Contributor jussileht...@fedoraproject.org -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Taking a two-week holiday
On Thu, 2011-10-13 at 21:19 +0300, Jussi Lehtola wrote: Hi, just to let you know - I'm taking a two-week holiday starting tomorrow, during which time I probably won't have internet access. So, don't wonder why I'm not, e.g., attending anything in bugzilla. Thank you for sending this email. Enjoy your holiday. -sv -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Taking a two-week holiday
Enjoy your two-week vacation :) On Thu, Oct 13, 2011 at 1:23 PM, seth vidal skvi...@fedoraproject.orgwrote: On Thu, 2011-10-13 at 21:19 +0300, Jussi Lehtola wrote: Hi, just to let you know - I'm taking a two-week holiday starting tomorrow, during which time I probably won't have internet access. So, don't wonder why I'm not, e.g., attending anything in bugzilla. Thank you for sending this email. Enjoy your holiday. -sv -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 13 Oct 2011 10:39:03 -0700 Toshio Kuratomi a.bad...@gmail.com wrote: ... So what are our admins to do? 1) We could ignore the issue. We have a lot of contributors. Maybe we should just expect that some of their accounts are going to be compromised. Not maybe. Certainly some of the accounts will be compromised. 2) We could require everyone to change keys. And some time after that, some accounts will be compromised again. Some of the same accounts as before, and some other accounts. Not maybe. Certainly, 100%. -- Bernd Stramm bernd.str...@gmail.com signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 13 Oct 2011 09:40:59 +0300 Nicu Buculei nicu_fed...@nicubunu.ro wrote: On 10/12/2011 07:44 PM, Kevin Fenzi wrote: QA: Q: I never uploaded a ssh key to the Fedora Account System, nor am I in a group that needs one, do I still have to upload a new one? A: No. If you don't have a ssh public key uploaded or desire to do so, you can just change your password. Please add to the FAQ: Q: I determined I don't really need keys to access Fedora infrastructure and want to move to password-only, can I just remove my key from the FAS? Currently there's not a way to do this, but there really should be. https://fedorahosted.org/fedora-infrastructure/ticket/2977 kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: HAL depreciated, but what replaced it?
Ok, looks like gudev is a dead end too. Problems: 1. No property which give media type. Instead it looks like there are boolean value given instead, i.e.: ID_CDROM_MEDIA_DVD_PLUS_R: 1 So I assume if I was using a DVD-R it would be: ID_CDROM_MEDIA_DVD_MINUS_R: 1 THIS IS CRAZY This means I would have to keep my own database of media types and check to see if any of the ID_CDROM_MEDIA...'s matched what's in my database. At least UDisks gave me a media type as a string. 2. Still no size/capacity property. So HAL is dead as of F16 but not fully replaced. I'll post all the properties at the bottom if anyone wants to wade through them. Thanks, Richard --- device file symlinks: /dev/scd0, /dev/disk/by-id/ata-ASUS_DRW-24B1ST_a_B2D0CL372638, /dev/disk/by-path/pci-:00:11.0-scsi-3:0:0:0, /dev/cdrom, /dev/cdrw, /dev/dvd, /dev/dvdrw device keys: UDEV_LOG, DEVPATH, MAJOR, MINOR, DEVNAME, DEVTYPE, SUBSYSTEM, ID_CDROM, ID_CDROM_CD, ID_CDROM_CD_R, ID_CDROM_CD_RW, ID_CDROM_DVD, ID_CDROM_DVD_R, ID_CDROM_DVD_RW, ID_CDROM_DVD_RAM, ID_CDROM_DVD_PLUS_R, ID_CDROM_DVD_PLUS_RW, ID_CDROM_DVD_PLUS_R_DL, ID_CDROM_MEDIA, ID_CDROM_MEDIA_DVD_PLUS_R, ID_CDROM_MEDIA_STATE, ID_CDROM_MEDIA_SESSION_NEXT, ID_CDROM_MEDIA_SESSION_COUNT, ID_CDROM_MEDIA_TRACK_COUNT, ID_ATA, ID_TYPE, ID_BUS, ID_MODEL, ID_MODEL_ENC, ID_REVISION, ID_SERIAL, ID_SERIAL_SHORT, ID_ATA_SATA, ID_ATA_SATA_SIGNAL_RATE_GEN1, ID_PATH, GENERATED, UDISKS_PRESENTATION_NOPOLICY, DEVLINKS, TAGS device property UDEV_LOG: 3 device property DEVPATH: /devices/pci:00/:00:11.0/host3/target3:0:0/3:0:0:0/block/sr0 device property MAJOR: 11 device property MINOR: 0 device property DEVNAME: /dev/sr0 device property DEVTYPE: disk device property SUBSYSTEM: block device property ID_CDROM: 1 device property ID_CDROM_CD: 1 device property ID_CDROM_CD_R: 1 device property ID_CDROM_CD_RW: 1 device property ID_CDROM_DVD: 1 device property ID_CDROM_DVD_R: 1 device property ID_CDROM_DVD_RW: 1 device property ID_CDROM_DVD_RAM: 1 device property ID_CDROM_DVD_PLUS_R: 1 device property ID_CDROM_DVD_PLUS_RW: 1 device property ID_CDROM_DVD_PLUS_R_DL: 1 device property ID_CDROM_MEDIA: 1 device property ID_CDROM_MEDIA_DVD_PLUS_R: 1 device property ID_CDROM_MEDIA_STATE: blank device property ID_CDROM_MEDIA_SESSION_NEXT: 1 device property ID_CDROM_MEDIA_SESSION_COUNT: 1 device property ID_CDROM_MEDIA_TRACK_COUNT: 1 device property ID_ATA: 1 device property ID_TYPE: cd device property ID_BUS: ata device property ID_MODEL: ASUS_DRW-24B1ST_a device property ID_MODEL_ENC: ASUS\x20\x20\x20\x20DRW-24B1ST\x20\x20\x20a\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20\x20 device property ID_REVISION: 1.04 device property ID_SERIAL: ASUS_DRW-24B1ST_a_B2D0CL372638 -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Fedora 16 Final Release Criterion for Xen DomU
On Mon, 10 Oct 2011 12:09:51 -0600 Tim Flink tfl...@redhat.com wrote: Are there any objections to moving forward with this? There seems to be no objections from the kernel maintainers who have been participating in the discussion on test@ but we wanted a bit more devel input before moving forward. Since there were no objections here, I have proposed running as Xen DomU (not Dom0) as a final release criterion for Fedora 16 [1]. it would be nice to get this resolved by the end of the week, so if you would like to weigh in on the proposal, please respond to the thread on test@. Tim [1] http://lists.fedoraproject.org/pipermail/test/2011-October/103624.html signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
File IO-Socket-SSL-1.45.tar.gz uploaded to lookaside cache by pghmcfc
A file has been added to the lookaside cache for perl-IO-Socket-SSL: 4c1c1655da9cb5ee8da874893bfb7662 IO-Socket-SSL-1.45.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: rawhide report: 20111012 changes
On Wed, Oct 12, 2011 at 10:12 AM, Tom Callaway tcall...@redhat.com wrote: Actually, I revived perl-Text-Aspell, but I haven't built it yet: https://bugzilla.redhat.com/show_bug.cgi?id=742759 I see. This isn't exactly an emergency, given how long acheck has been broken, with 0 bug reports. The right thing to do is leave perl-Text-Aspell dead and fix acheck to use perl-Text-Hunspell. But if you really want to go this route, then would you like to take over the F-14, F-15, EPEL-4, EPEL-5, or EPEL-6 branches? I'll happily release them in pkgdb if so. Regards, -- Jerry James http://www.jamezone.org/ -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
[perl-IO-Socket-SSL] Update to 1.45
commit 90348cd7018c9b0f3c644ff8e0bd0a7a87fe3879 Author: Paul Howarth p...@city-fan.org Date: Thu Oct 13 20:16:19 2011 +0100 Update to 1.45 - New upstream release 1.45: - Fix readline to continue when getting interrupt waiting for more data - BR: perl(Carp) perl-IO-Socket-SSL.spec | 11 --- sources |2 +- 2 files changed, 9 insertions(+), 4 deletions(-) --- diff --git a/perl-IO-Socket-SSL.spec b/perl-IO-Socket-SSL.spec index a6e141f..e5f7d07 100644 --- a/perl-IO-Socket-SSL.spec +++ b/perl-IO-Socket-SSL.spec @@ -4,8 +4,8 @@ # Name: perl-IO-Socket-SSL -Version: 1.44 -Release: 2%{?dist} +Version: 1.45 +Release: 1%{?dist} Summary: Perl library for transparent SSL Group: Development/Libraries License: GPL+ or Artistic @@ -13,7 +13,7 @@ URL: http://search.cpan.org/dist/IO-Socket-SSL/ Source0: http://search.cpan.org/CPAN/authors/id/S/SU/SULLR/IO-Socket-SSL-%{version}.tar.gz BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(id -nu) BuildArch: noarch -BuildRequires: perl(ExtUtils::MakeMaker), perl(Test::Simple) +BuildRequires: perl(Carp), perl(ExtUtils::MakeMaker), perl(Test::Simple) BuildRequires: perl(IO::Socket::INET6), perl(Net::LibIDN), perl(Net::SSLeay) = 1.21 BuildRequires: procps Requires: perl(:MODULE_COMPAT_%(eval `perl -V:version`; echo $version)) @@ -59,6 +59,11 @@ rm -rf %{buildroot} %{_mandir}/man3/IO::Socket::SSL.3pm* %changelog +* Thu Oct 13 2011 Paul Howarth p...@city-fan.org - 1.45-1 +- Update to 1.45 + - fix readline to continue when getting interrupt waiting for more data +- BR: perl(Carp) + * Tue Jul 19 2011 Petr Sabata con...@redhat.com - 1.44-2 - Perl mass rebuild diff --git a/sources b/sources index 005f584..8bb70c7 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -c9d23d3398f7c0dfce0a1cf6d21e86c7 IO-Socket-SSL-1.44.tar.gz +4c1c1655da9cb5ee8da874893bfb7662 IO-Socket-SSL-1.45.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-IO-Socket-SSL] Created tag perl-IO-Socket-SSL-1.45-1.fc17
The lightweight tag 'perl-IO-Socket-SSL-1.45-1.fc17' was created pointing to: 90348cd... Update to 1.45 -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-IO-Socket-SSL/f16] Update to 1.45
Summary of changes: 90348cd... Update to 1.45 (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-IO-Socket-SSL] Created tag perl-IO-Socket-SSL-1.45-1.fc16
The lightweight tag 'perl-IO-Socket-SSL-1.45-1.fc16' was created pointing to: 90348cd... Update to 1.45 -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-de...@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Re: non-responsive icon theme maintainer
On Wed, 12 Oct 2011 17:27:07 +0200 Pierre-Yves Chibon pin...@pingoured.fr wrote: On Mon, 2011-10-03 at 22:12 +0200, Pierre-Yves Chibon wrote: On Thu, 2011-09-15 at 13:24 +0200, Pierre-Yves Chibon wrote: I just sent an email directly to his archlinux.us email address asking if he wishes to resign from his maintainer duties or if he is just busy. Let's see if he replies. tajidinabd still hasn't replied and I did not receive any bounce on the email I sent. I think the procedure should move forward. ping ? I have orphaned all their packages. Please feel free to take the ones you wish. elementary-icon-theme faenza-icon-theme itools xmldb-api xom xpp3 kevin signature.asc Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, Oct 13, 2011 at 2:45 AM, Callum Lerwick s...@haxxed.com wrote: Personally I've been generating passwords with pwgen -s 12 1, or for really important stuff (like online banking), pwgen -s 12 1. Erk, that should be pwgen -s -y 12 for the important stuff. Cut-and-paste fail. :( A fully random 12 char alpha-numeric (with fully random caps) password is about ~71 bits of entropy. A fully random 12 char password using all 94 printable ASCII characters (not including space) is ~78 bits of entropy. Remember, bits multiply exponentially. Each additional bit doubles your search space. If I did my math right, this is exceeding a four word S/KEY passphrase (~44 bits) by about 8-10 orders of magnitude. You need to go to 7 (!) S/KEY words to get to ~77 bits of entropy. See: http://en.wikipedia.org/wiki/Password_strength Also of interest: http://www.schneier.com/blog/archives/2005/06/write_down_your.html As computers become faster, depending purely on human memory for security only becomes more and more impractical. As time goes on, OTP devices are necessary for any real security: http://fedoraproject.org/wiki/Infrastruture/Yubikey http://code.google.com/p/google-authenticator/ http://us.blizzard.com/support/article.xml?locale=en_USarticleId=24660 (IIRC, World of Warcraft is the #1 target for cracking, phishing, and fraud in the world today. Its big business! But I can't find any references offhand...) -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Fedora Kernel Team Meeting October 14, 2011
Have some kernel questions you want to ask in a real-time fashion? Want an overview of where the various Fedora releases are at in terms of the kernel? Have a really awesome idea for the kernel package you want to share? Then come join us for the first Fedora Kernel Team meeting tomorrow! We're going to hold the first public Fedora Kernel team meeting in the #fedora-meeting channel tomorrow at 18:00 UTC. We'll focus mostly on a status overview, and discuss any questions people might have. We'll start with an unstructured meeting for now and see how it goes. If nothing else, you can come and wait for the inevitable why don't you ship nvidia kmod type trolling. Always good for a laugh. One thing to note though, is that this is not a report kernel bugs session. Bugzilla is where that should be done, and the Fedora Kernel Bug Days are for focusing on those. So please, don't show up and expect us to solve bugs on the spot. We'll just queue it in with the other ~900 we already have while trying to be civil. So come hang out with us. We're always looking to grow community participation and this might be a great way to start. josh -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Fedora Kernel Team Meeting October 14, 2011
On 10/13/2011 04:07 PM, Josh Boyer wrote: If nothing else, you can come and wait for the inevitable why don't you ship nvidia kmod type trolling. Always good for a laugh. See you there! -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
Richard Hughes wrote: On 12 October 2011 17:44, Kevin Fenzi ke...@scrye.com wrote: All existing users of the Fedora Account System (FAS) at https://admin.fedoraproject.org/accounts are required to change their password and upload a NEW ssh public key before 2011-11-30. I have to upload a *new* public key? Why should I have two sets of keys? (or upload a new key to all the other f***ing servers I'm using) +1 * Nine or more characters with lower and upper case letters, digits and punctuation marks. * Ten or more characters with lower and upper case letters and digits. * Twelve or more characters with lower case letters and digits * Twenty or more characters with all lower case letters. This is just insane. My existing password is 8 digits and alphanumeric, and given that I have to enter it over and over again (and prove I'm human, another WTF) when creating updates I'm really wondering if I want to bother. Talk about putting up barriers. +1 again! This stupid security paranoia really needs to stop! There is NO concrete reason why we're being forced to change the password and the SSH key, plus the new password requirements are too strict. It's bad enough that we have to generate a new Koji client certificate every 6 months for no reason. (The expiration time on these should be infinite, only explicitly revoked certs should be rejected.) Now after the whole FPCA stuff (which was enforced really radically, with a tight deadline, mass orphaning of packages and no deadline extension even though many people hadn't complied by the posted deadline, when the old ICLA had served us well for years (so why the rush?)), we're going to once again lose many contributors, and packages with them, due to stupid, unnecessary and inflexible bureaucratic policies being enforced in an automated and draconian way. And once again we're going another step further from TRUSTING our contributors (to either keep their credentials secure or replace/revoke them, in this case). What will come next? Will you start taking our (actual, biometric) fingerprints? Iris scans? Will we only be able to log into Fedora infrastructure in the presence of armed security guards? It's time to stop the nonsense! Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: RPM DB corruption with F-16 Beta
Bojan Smojver wrote: Even more interestingly, dmesg and Xorg.0.log contain all the right things and yet, mutter won't start. I guess being in Intel graphics camp for some time now made me unfamiliar with radeon driver. It might be blacklisted in mutter/gnome-shell because of known driver issues. Both gnome-shell and KWin have their lists of known broken and/or known working drivers. Kevin Kofler -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, Oct 13, 2011 at 12:18 PM, Adam Williamson awill...@redhat.com wrote: On Thu, 2011-10-13 at 10:43 +0200, Gerd Hoffmann wrote: One ssh key per machine makes alot more sense. For outgoing ssh connections from -- say -- shell.fedoraproject.org I wouldn't just copy my private key from my laptop but generate a new one, then add it to authorized_keys where needed. That's a sensible approach, sure. Its the only right way to do it. As a general rule, a private ssh key should NEVER be transferred off the machine it was generated on. If you have the same private key on more than one machine at a time, you're Doing It Wrong. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, Oct 13, 2011 at 10:55:59PM -0500, Callum Lerwick wrote: On Thu, Oct 13, 2011 at 12:18 PM, Adam Williamson awill...@redhat.com wrote: On Thu, 2011-10-13 at 10:43 +0200, Gerd Hoffmann wrote: One ssh key per machine makes alot more sense. For outgoing ssh connections from -- say -- shell.fedoraproject.org I wouldn't just copy my private key from my laptop but generate a new one, then add it to authorized_keys where needed. That's a sensible approach, sure. Its the only right way to do it. As a general rule, a private ssh key should NEVER be transferred off the machine it was generated on. If you have the same private key on more than one machine at a time, you're Doing It Wrong. Having the same private key on two machines may indeed be the wrong way to do things but it's questionable that the method described is truly the only right way to do it. Is it worse to have any private keys (even one generated on that machine) on a shared server or to use an ssh-agent with your local credentials through the shared shared server? -Toshio pgplkHWWYhFRP.pgp Description: PGP signature -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, Oct 13, 2011 at 11:18 PM, Toshio Kuratomi a.bad...@gmail.com wrote: On Thu, Oct 13, 2011 at 10:55:59PM -0500, Callum Lerwick wrote: On Thu, Oct 13, 2011 at 12:18 PM, Adam Williamson awill...@redhat.com wrote: On Thu, 2011-10-13 at 10:43 +0200, Gerd Hoffmann wrote: One ssh key per machine makes alot more sense. For outgoing ssh connections from -- say -- shell.fedoraproject.org I wouldn't just copy my private key from my laptop but generate a new one, then add it to authorized_keys where needed. That's a sensible approach, sure. Its the only right way to do it. As a general rule, a private ssh key should NEVER be transferred off the machine it was generated on. If you have the same private key on more than one machine at a time, you're Doing It Wrong. Having the same private key on two machines may indeed be the wrong way to do things but it's questionable that the method described is truly the only right way to do it. Is it worse to have any private keys (even one generated on that machine) on a shared server or to use an ssh-agent with your local credentials through the shared shared server? Its the only right way to manage private keys on a given system. Whether or not a given system should even HAVE private keys in use on it at all is an orthogonal issue... :) -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, Oct 13, 2011 at 10:55:59PM -0500, Callum Lerwick wrote: Its the only right way to do it. As a general rule, a private ssh key should NEVER be transferred off the machine it was generated on. Yeah, who needs backups of private keys anyways! you have the same private key on more than one machine at a time, you're Doing It Wrong. That's kinda silly. I work on a desktop or on a laptop. When working on my desktop, I really don't want to fire up my laptop just for the ssh key. And adding two keys in all authorized_keys for this is kinda silly, and does not add any security over the one copied key. Paul -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: Subject: IMPORTANT: Mandatory password and ssh key change by 2011-11-30
On Thu, 13 Oct 2011, Callum Lerwick wrote: Yeah, who needs backups of private keys anyways! We're talking about SSH keys here. There's no web of trust to lose. Lose your keys? Generate new ones. And contact my customers and what not to change it? Go past all the servers i have access to with that key? No thanks. you have the same private key on more than one machine at a time, you're Doing It Wrong. That's kinda silly. I work on a desktop or on a laptop. When working on my desktop, I really don't want to fire up my laptop just for the ssh key. And adding two keys in all authorized_keys for this is kinda silly, and does not add any security over the one copied key. You're wrong, and you're doing it wrong. Excellent dialog, strong arguments! Guess I'll stop feeding the trolls now. Paul -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: non-responsive icon theme maintainer
On 10/13/2011 10:26 PM, Kevin Fenzi wrote: On Wed, 12 Oct 2011 17:27:07 +0200 Pierre-Yves Chibonpin...@pingoured.fr wrote: On Mon, 2011-10-03 at 22:12 +0200, Pierre-Yves Chibon wrote: On Thu, 2011-09-15 at 13:24 +0200, Pierre-Yves Chibon wrote: I just sent an email directly to his archlinux.us email address asking if he wishes to resign from his maintainer duties or if he is just busy. Let's see if he replies. tajidinabd still hasn't replied and I did not receive any bounce on the email I sent. I think the procedure should move forward. ping ? I have orphaned all their packages. Please feel free to take the ones you wish. elementary-icon-theme Why did you orphan this one? It was already taken by me and I maintained it properly. faenza-icon-theme itools xmldb-api xom xpp3 kevin -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: non-responsive icon theme maintainer
Ok, sorry. Just took over full-ownership for elementary-icon-theme. Thought I had it already, sorry... ;-) On 10/13/2011 10:26 PM, Kevin Fenzi wrote: On Wed, 12 Oct 2011 17:27:07 +0200 Pierre-Yves Chibonpin...@pingoured.fr wrote: On Mon, 2011-10-03 at 22:12 +0200, Pierre-Yves Chibon wrote: On Thu, 2011-09-15 at 13:24 +0200, Pierre-Yves Chibon wrote: I just sent an email directly to his archlinux.us email address asking if he wishes to resign from his maintainer duties or if he is just busy. Let's see if he replies. tajidinabd still hasn't replied and I did not receive any bounce on the email I sent. I think the procedure should move forward. ping ? I have orphaned all their packages. Please feel free to take the ones you wish. elementary-icon-theme faenza-icon-theme itools xmldb-api xom xpp3 kevin -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
[perl-Tk-TableMatrix] Add BR: perl(Tk::MMutil).
commit 88a23db5fd0496e26bf972784b987732a8a55525 Author: Ralf Corsépius corse...@fedoraproject.org Date: Thu Oct 13 09:26:32 2011 +0200 Add BR: perl(Tk::MMutil). perl-Tk-TableMatrix.spec |6 +- 1 files changed, 5 insertions(+), 1 deletions(-) --- diff --git a/perl-Tk-TableMatrix.spec b/perl-Tk-TableMatrix.spec index 0cac083..febb04c 100644 --- a/perl-Tk-TableMatrix.spec +++ b/perl-Tk-TableMatrix.spec @@ -1,6 +1,6 @@ Name: perl-Tk-TableMatrix Version:1.23 -Release:11%{?dist} +Release:12%{?dist} Summary:Perl module for creating and manipulating tables Group: Development/Libraries @@ -13,6 +13,7 @@ BuildRequires: perl(ExtUtils::MakeMaker) BuildRequires: libX11-devel # See (RHBZ#456019) BuildRequires: perl(Tk) +BuildRequires: perl(Tk::MMutil) Requires: perl(:MODULE_COMPAT_%(eval `%{__perl} -V:version`; echo $version)) @@ -74,6 +75,9 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Thu Oct 13 2011 Ralf Corsépius corse...@fedoraproject.org - 1.23-12 +- Add BR: perl(Tk::MMutil). + * Tue Jun 21 2011 Marcela Mašláňová mmasl...@redhat.com - 1.23-11 - Perl mass rebuild -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 741777] Bogus requires on perl-devel from perl-tk
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=741777 --- Comment #6 from Fedora Update System upda...@fedoraproject.org 2011-10-13 03:29:17 EDT --- perl-Tk-ProgressBar-Mac-1.2-9.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/perl-Tk-ProgressBar-Mac-1.2-9.fc16 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Tk-TableMatrix/f16] Add BR: perl(Tk::MMutil).
Summary of changes: 88a23db... Add BR: perl(Tk::MMutil). (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 741777] Bogus requires on perl-devel from perl-tk
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=741777 --- Comment #7 from Fedora Update System upda...@fedoraproject.org 2011-10-13 04:53:52 EDT --- perl-Tk-TableMatrix-1.23-12.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/perl-Tk-TableMatrix-1.23-12.fc16 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 741777] Bogus requires on perl-devel from perl-tk
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=741777 --- Comment #8 from Ralf Corsepius rc040...@freenet.de 2011-10-13 05:49:32 EDT --- I am delaying splitting out Tk::MMutil into a perl-Tk-MMutil subpackage, because something else has caught my attention: perl-Tk contains further modules, I believe to be devel modules in particular Tk/MakeDepend.pm and Tk/install.pm. Provided this, I am inclined to think it would be better to move Tk/MakeDepend, Tk/install and Tk/MMutil into a perl-Tk-devel sub package, instead of just splitting out Tk/MMutil Opinions, comments? -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 745766] New: perl-Wx-0.9902 is available
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: perl-Wx-0.9902 is available https://bugzilla.redhat.com/show_bug.cgi?id=745766 Summary: perl-Wx-0.9902 is available Product: Fedora Version: rawhide Platform: Unspecified OS/Version: Unspecified Status: NEW Keywords: FutureFeature, Triaged Severity: unspecified Priority: unspecified Component: perl-Wx AssignedTo: tcall...@redhat.com ReportedBy: upstream-release-monitor...@fedoraproject.org QAContact: extras...@fedoraproject.org CC: tcall...@redhat.com, fedora-perl-devel-l...@redhat.com Classification: Fedora Story Points: --- Type: --- Latest upstream release: 0.9902 Current version in Fedora Rawhide: 0.9901 URL: http://search.cpan.org/dist/Wx/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 745764] New: perl-App-cpanminus-1.5000 is available
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: perl-App-cpanminus-1.5000 is available https://bugzilla.redhat.com/show_bug.cgi?id=745764 Summary: perl-App-cpanminus-1.5000 is available Product: Fedora Version: rawhide Platform: Unspecified OS/Version: Unspecified Status: NEW Keywords: FutureFeature, Triaged Severity: unspecified Priority: unspecified Component: perl-App-cpanminus AssignedTo: mmasl...@redhat.com ReportedBy: upstream-release-monitor...@fedoraproject.org QAContact: extras...@fedoraproject.org CC: fedora-perl-devel-l...@redhat.com, mmasl...@redhat.com Classification: Fedora Story Points: --- Type: --- Latest upstream release: 1.5000 Current version in Fedora Rawhide: 1.4008 URL: http://search.cpan.org/dist/App-cpanminus/ Please consult the package updates policy before you issue an update to a stable branch: https://fedoraproject.org/wiki/Updates_Policy More information about the service that created this bug can be found at: https://fedoraproject.org/wiki/Upstream_release_monitoring -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 745764] perl-App-cpanminus-1.5000 is available
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=745764 Petr Sabata psab...@redhat.com changed: What|Removed |Added Status|NEW |ASSIGNED CC||psab...@redhat.com AssignedTo|mmasl...@redhat.com |psab...@redhat.com -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 745764] perl-App-cpanminus-1.5000 is available
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. https://bugzilla.redhat.com/show_bug.cgi?id=745764 Petr Sabata psab...@redhat.com changed: What|Removed |Added Status|ASSIGNED|CLOSED Fixed In Version||perl-App-cpanminus-1.5000-1 ||.fc17 Resolution||RAWHIDE Last Closed||2011-10-13 07:12:15 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Broken dependencies: perl-Pugs-Compiler-Rule
perl-Pugs-Compiler-Rule has broken dependencies in the F-16 tree: On x86_64: perl-Pugs-Compiler-Rule-0.37-9.fc16.noarch requires perl(:MODULE_COMPAT_5.12.3) On i386: perl-Pugs-Compiler-Rule-0.37-9.fc16.noarch requires perl(:MODULE_COMPAT_5.12.3) Please resolve this as soon as possible. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Broken dependencies: perl-Text-Aspell
perl-Text-Aspell has broken dependencies in the F-16 tree: On x86_64: perl-Text-Aspell-0.09-9.fc15.x86_64 requires perl(:MODULE_COMPAT_5.12.3) On i386: perl-Text-Aspell-0.09-9.fc15.i686 requires perl(:MODULE_COMPAT_5.12.3) Please resolve this as soon as possible. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Broken dependencies: perl-Pugs-Compiler-Rule
perl-Pugs-Compiler-Rule has broken dependencies in the rawhide tree: On x86_64: perl-Pugs-Compiler-Rule-0.37-9.fc16.noarch requires perl(:MODULE_COMPAT_5.12.3) On i386: perl-Pugs-Compiler-Rule-0.37-9.fc16.noarch requires perl(:MODULE_COMPAT_5.12.3) Please resolve this as soon as possible. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
Broken dependencies: perl-Bio-Graphics
perl-Bio-Graphics has broken dependencies in the rawhide tree: On x86_64: perl-Bio-Graphics-2.25-1.fc17.noarch requires perl(Bio::DB::BigWig) On i386: perl-Bio-Graphics-2.25-1.fc17.noarch requires perl(Bio::DB::BigWig) Please resolve this as soon as possible. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[Bug 746104] New: perl-Net-Stomp: please update to version 0.42
Please do not reply directly to this email. All additional comments should be made in the comments box of this bug. Summary: perl-Net-Stomp: please update to version 0.42 https://bugzilla.redhat.com/show_bug.cgi?id=746104 Summary: perl-Net-Stomp: please update to version 0.42 Product: Fedora Version: rawhide Platform: Unspecified OS/Version: Unspecified Status: NEW Severity: unspecified Priority: unspecified Component: perl-Net-SMTP-SSL AssignedTo: psab...@redhat.com ReportedBy: j...@di.uminho.pt QAContact: extras...@fedoraproject.org CC: fedora-perl-devel-l...@redhat.com, kana...@kanarip.com, psab...@redhat.com Classification: Fedora Story Points: --- Type: --- Description of problem: Please update perl-Net-Stomp to the latest upstream version (0.42 at the moment). Version-Release number of selected component (if applicable): 0.36 Expected results: To have version 0.42 available for Fedora = 16 and EPEL6 Additional info: CPAN homepage: http://search.cpan.org/dist/Net-Stomp/ Diff from version 0.36 to 0.42: http://search.cpan.org/diff?from=Net-Stomp-0.36to=Net-Stomp-0.42 -- Configure bugmail: https://bugzilla.redhat.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Plack] Add %bcond_with apache to work around building failures in koji.
commit b3439ba96f52bad721ef9ab1f06076aeec129f8c Author: Ralf Corsépius corse...@fedoraproject.org Date: Fri Oct 14 04:27:32 2011 +0200 Add %bcond_with apache to work around building failures in koji. perl-Plack.spec | 12 ++-- 1 files changed, 10 insertions(+), 2 deletions(-) --- diff --git a/perl-Plack.spec b/perl-Plack.spec index 1c71a36..1bba80f 100644 --- a/perl-Plack.spec +++ b/perl-Plack.spec @@ -1,6 +1,6 @@ Name: perl-Plack Version:0.9984 -Release:1%{?dist} +Release:2%{?dist} Summary:Perl Superglue for Web frameworks and Web Servers (PSGI toolkit) License:GPL+ or Artistic Group: Development/Libraries @@ -8,6 +8,11 @@ URL:http://search.cpan.org/dist/Plack/ Source0: http://www.cpan.org/authors/id/M/MI/MIYAGAWA/Plack-%{version}.tar.gz BuildArch: noarch +# Building with apache2 tests enabled works in local mocks, +# but fails in Fedora's koji. +# Default to not testing apache2. +%bcond_with apache + BuildRequires: perl(Devel::StackTrace) = 1.23 BuildRequires: perl(Devel::StackTrace::AsHTML) = 0.11 # Optional, not yet in Fedora: BuildRequires: perl(Devel::StackTrace::WithLexicals) = 0.8 @@ -85,7 +90,7 @@ find $RPM_BUILD_ROOT -depth -type d -exec rmdir {} 2/dev/null \; %{_fixperms} $RPM_BUILD_ROOT/* %check -make test TEST_APACHE2=1 TEST_FCGI_CLIENT=1 +make test %{?_with_apache:TEST_APACHE2=1 TEST_FCGI_CLIENT=1} %files %defattr(-,root,root,-) @@ -105,6 +110,9 @@ make test TEST_APACHE2=1 TEST_FCGI_CLIENT=1 %{_mandir}/man3/* %changelog +* Thu Oct 14 2011 Ralf Corsépius corse...@fedoraproject.org 0.9984-2 +- Add %%bcond_with apache to work around building failures in koji. + * Thu Oct 13 2011 Ralf Corsépius corse...@fedoraproject.org 0.9984-1 - Upstream update. -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
File Plack-Middleware-ReverseProxy-0.11.tar.gz uploaded to lookaside cache by iarnell
A file has been added to the lookaside cache for perl-Plack-Middleware-ReverseProxy: 99748914ad37508ff8a122903e6da2b6 Plack-Middleware-ReverseProxy-0.11.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
File Lingua-EN-Inflect-Phrase-0.08.tar.gz uploaded to lookaside cache by iarnell
A file has been added to the lookaside cache for perl-Lingua-EN-Inflect-Phrase: d5cc19b37e06f813b3ed71fe48c38b2c Lingua-EN-Inflect-Phrase-0.08.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Plack-Middleware-ReverseProxy] update to 0.11
commit a1d4cafce82b557a9a060c148780d596e4bdde87 Author: Iain Arnell iarn...@gmail.com Date: Fri Oct 14 05:55:17 2011 +0200 update to 0.11 .gitignore |1 + perl-Plack-Middleware-ReverseProxy.spec |9 ++--- sources |2 +- 3 files changed, 8 insertions(+), 4 deletions(-) --- diff --git a/.gitignore b/.gitignore index 58e0bf2..1019e9f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /Plack-Middleware-ReverseProxy-0.10.tar.gz +/Plack-Middleware-ReverseProxy-0.11.tar.gz diff --git a/perl-Plack-Middleware-ReverseProxy.spec b/perl-Plack-Middleware-ReverseProxy.spec index 7291496..a7a14f1 100644 --- a/perl-Plack-Middleware-ReverseProxy.spec +++ b/perl-Plack-Middleware-ReverseProxy.spec @@ -1,5 +1,5 @@ Name: perl-Plack-Middleware-ReverseProxy -Version:0.10 +Version:0.11 Release:1%{?dist} Summary:Supports app to run as a reverse proxy backend License:GPL+ or Artistic @@ -8,10 +8,11 @@ URL: http://search.cpan.org/dist/Plack-Middleware-ReverseProxy/ Source0: http://www.cpan.org/authors/id/D/DA/DANJOU/Plack-Middleware-ReverseProxy-%{version}.tar.gz BuildArch: noarch BuildRequires: perl(ExtUtils::MakeMaker) -BuildRequires: perl(Filter::Util::Call) BuildRequires: perl(parent) BuildRequires: perl(Plack::Middleware) BuildRequires: perl(Plack::Request) +BuildRequires: perl(Test::Base) +BuildRequires: perl(Test::More) BuildRequires: perl(YAML) Requires: perl(Plack::Middleware) Requires: perl(:MODULE_COMPAT_%(eval `%{__perl} -V:version`; echo $version)) @@ -42,11 +43,13 @@ find %{buildroot} -depth -type d -exec rmdir {} 2/dev/null \; make test %files -%defattr(-,root,root,-) %doc Changes README %{perl_vendorlib}/* %{_mandir}/man3/* %changelog +* Fri Oct 14 2011 Iain Arnell iarn...@gmail.com 0.11-1 +- update to latest upstream version + * Mon Aug 29 2011 Iain Arnell iarn...@gmail.com 0.10-1 - Specfile autogenerated by cpanspec 1.78. diff --git a/sources b/sources index 75b3d68..0edd951 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -9473223e9b2415611f3e11b9e02eaa8f Plack-Middleware-ReverseProxy-0.10.tar.gz +99748914ad37508ff8a122903e6da2b6 Plack-Middleware-ReverseProxy-0.11.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Lingua-EN-Inflect-Phrase] update to 0.08
commit 5c85e38f7d1b6eb5f51ea2b140a7378ff21939d2 Author: Iain Arnell iarn...@gmail.com Date: Fri Oct 14 05:57:27 2011 +0200 update to 0.08 .gitignore |1 + perl-Lingua-EN-Inflect-Phrase.spec | 13 + sources|2 +- 3 files changed, 11 insertions(+), 5 deletions(-) --- diff --git a/.gitignore b/.gitignore index 3e50cfa..093e39f 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ /Lingua-EN-Inflect-Phrase-0.04.tar.gz +/Lingua-EN-Inflect-Phrase-0.08.tar.gz diff --git a/perl-Lingua-EN-Inflect-Phrase.spec b/perl-Lingua-EN-Inflect-Phrase.spec index 9e9422c..1e7944b 100644 --- a/perl-Lingua-EN-Inflect-Phrase.spec +++ b/perl-Lingua-EN-Inflect-Phrase.spec @@ -1,6 +1,6 @@ Name: perl-Lingua-EN-Inflect-Phrase -Version:0.04 -Release:3%{?dist} +Version:0.08 +Release:1%{?dist} Summary:Inflect short English Phrases License:GPL+ or Artistic Group: Development/Libraries @@ -15,6 +15,8 @@ BuildRequires: perl(Test::More) = 0.94 Requires: perl(Lingua::EN::Inflect) = 1.891 Requires: perl(:MODULE_COMPAT_%(eval `%{__perl} -V:version`; echo $version)) +%?perl_default_filter + %description Attempts to pluralize or singularize short English phrases. @@ -26,7 +28,7 @@ Attempts to pluralize or singularize short English phrases. make %{?_smp_mflags} %install -make pure_install PERL_INSTALL_ROOT=$RPM_BUILD_ROOT +make pure_install DESTDIR=$RPM_BUILD_ROOT find $RPM_BUILD_ROOT -type f -name .packlist -exec rm -f {} \; find $RPM_BUILD_ROOT -depth -type d -exec rmdir {} 2/dev/null \; @@ -37,12 +39,15 @@ find $RPM_BUILD_ROOT -depth -type d -exec rmdir {} 2/dev/null \; make test %files -%defattr(-,root,root,-) %doc Changes README %{perl_vendorlib}/* %{_mandir}/man3/* %changelog +* Fri Oct 14 2011 Iain Arnell iarn...@gmail.com 0.08-1 +- update to latest upstream version +- use perl_default_filter and DESTDIR + * Tue Jul 19 2011 Petr Sabata con...@redhat.com - 0.04-3 - Perl mass rebuild diff --git a/sources b/sources index f537aa9..8e150fa 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -79aa10fd4a3502ff0c7b0aedce4a0f6a Lingua-EN-Inflect-Phrase-0.04.tar.gz +d5cc19b37e06f813b3ed71fe48c38b2c Lingua-EN-Inflect-Phrase-0.08.tar.gz -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Plack/f16] (2 commits) ...Add %bcond_with apache to work around building failures in koji.
Summary of changes: 71aeb41... Upstream update. (*) b3439ba... Add %bcond_with apache to work around building failures in (*) (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Plack/f15] (3 commits) ...Merge remote-tracking branch 'origin/f16' into f15
Summary of changes: 71aeb41... Upstream update. (*) b3439ba... Add %bcond_with apache to work around building failures in (*) 2a70329... Merge remote-tracking branch 'origin/f16' into f15 (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Plack/f14] (4 commits) ...Merge remote-tracking branch 'origin/f15' into f14
Summary of changes: 71aeb41... Upstream update. (*) b3439ba... Add %bcond_with apache to work around building failures in (*) 2a70329... Merge remote-tracking branch 'origin/f16' into f15 (*) 4ddf5ad... Merge remote-tracking branch 'origin/f15' into f14 (*) This commit already existed in another branch; no separate mail sent -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel
[perl-Plack/f14: 4/4] Merge remote-tracking branch 'origin/f15' into f14
commit 4ddf5adb07ef9850c4e03ae006b89096ccf4e4ea Merge: 714fe03 2a70329 Author: Ralf Corsépius corse...@fedoraproject.org Date: Fri Oct 14 06:26:53 2011 +0200 Merge remote-tracking branch 'origin/f15' into f14 .gitignore |2 +- perl-Plack.spec | 17 ++--- sources |2 +- 3 files changed, 16 insertions(+), 5 deletions(-) --- -- Fedora Extras Perl SIG http://www.fedoraproject.org/wiki/Extras/SIGs/Perl perl-devel mailing list perl-devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/perl-devel