Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
2013/9/12 Jan Kratochvil jan.kratoch...@redhat.com: On Thu, 12 Sep 2013 10:42:20 +0200, Peter Lemenkov wrote: I'm afraid that's just adds additional work for maintainers w/o any visible benefits. The benefits are the stable Fedora release does not break 3rd party applications during its deployment/lifecycle. Let's move further instead of backporting - that's just a leafnode app so nobody got hurt by a potential dependency issue. wireshark.rpm contains many commandline utilities which may be used by 3rd party sysadmin scripts (and maybe even 3rd party C applications). Don't worry about that. If these people processed external data for two months with software containing more than 30+ exploitable vulnerabilities then they either dead/offline permanently, or already hacked. In both cases they lost control over their hardware and won't complain. Regarding command line utilities - they are quite stable in terms of CLI interface and compatible. -- With best regards, Peter Lemenkov. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
Hello All! There are *lots* of CVEs against Wireshark shipped with Fedora 18 (quite old 1.8.8 version). * https://bugzilla.redhat.com/965942 * https://bugzilla.redhat.com/972762 * https://bugzilla.redhat.com/990189 In order to fix them and not to add additional work for the maintainers I'm thinking of upgrading up to 1.10.2 from 1.8.x. Instead of backporting stuff let's build the latest stable! I'm sure users will love this, since new Wireshark adds a lot of new features and fixes all these CVEs. -- With best regards, Peter Lemenkov. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
Hi Peter, On 09/12/2013 10:00 AM, Peter Lemenkov wrote: Hello All! There are *lots* of CVEs against Wireshark shipped with Fedora 18 (quite old 1.8.8 version). * https://bugzilla.redhat.com/965942 * https://bugzilla.redhat.com/972762 * https://bugzilla.redhat.com/990189 In order to fix them and not to add additional work for the maintainers I'm thinking of upgrading up to 1.10.2 from 1.8.x. Well, idea looks fine, but before pushing such update, give us some time to reply to your message (3 minutes is not enough). Instead of backporting stuff let's build the latest stable! I'm sure users will love this, since new Wireshark adds a lot of new features and fixes all these CVEs. I would rather stick to 1.8.10, which is the latest Maintenance release of wireshark. 1.8.10 will be certainly more OK with Fedora Update Policy [1] [2] [3]. I don't think, Wireshark is on exception list. [1] http://fedoraproject.org/wiki/Updates_Policy#Stable_Releases [2] http://fedoraproject.org/wiki/Updates_Policy#Philosophy [3] Have a nice day :) -- Peter Hatina ENG Server Experience, System Management Red Hat Czech, Brno -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
On 09/12/2013 10:17 AM, Peter Hatina wrote: Hi Peter, On 09/12/2013 10:00 AM, Peter Lemenkov wrote: Hello All! There are *lots* of CVEs against Wireshark shipped with Fedora 18 (quite old 1.8.8 version). * https://bugzilla.redhat.com/965942 * https://bugzilla.redhat.com/972762 * https://bugzilla.redhat.com/990189 In order to fix them and not to add additional work for the maintainers I'm thinking of upgrading up to 1.10.2 from 1.8.x. Well, idea looks fine, but before pushing such update, give us some time to reply to your message (3 minutes is not enough). Instead of backporting stuff let's build the latest stable! I'm sure users will love this, since new Wireshark adds a lot of new features and fixes all these CVEs. I would rather stick to 1.8.10, which is the latest Maintenance release of wireshark. 1.8.10 will be certainly more OK with Fedora Update Policy [1] [2] [3]. I don't think, Wireshark is on exception list. [1] http://fedoraproject.org/wiki/Updates_Policy#Stable_Releases [2] http://fedoraproject.org/wiki/Updates_Policy#Philosophy [3] Have a nice day :) Ah, link 3 is missing. [3] http://fedoraproject.org/wiki/Updates_Policy#All_other_updates [4] http://fedoraproject.org/wiki/Updates_Policy#Exceptions Cheers -- Peter Hatina ENG Server Experience, System Management Red Hat Czech, Brno -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
2013/9/12 Peter Hatina phat...@redhat.com: Hi Peter, On 09/12/2013 10:00 AM, Peter Lemenkov wrote: Hello All! There are *lots* of CVEs against Wireshark shipped with Fedora 18 (quite old 1.8.8 version). * https://bugzilla.redhat.com/965942 * https://bugzilla.redhat.com/972762 * https://bugzilla.redhat.com/990189 In order to fix them and not to add additional work for the maintainers I'm thinking of upgrading up to 1.10.2 from 1.8.x. Well, idea looks fine, but before pushing such update, give us some time to reply to your message (3 minutes is not enough). Instead of backporting stuff let's build the latest stable! I'm sure users will love this, since new Wireshark adds a lot of new features and fixes all these CVEs. I would rather stick to 1.8.10, which is the latest Maintenance release of wireshark. 1.8.10 will be certainly more OK with Fedora Update Policy [1] [2] [3]. I don't think, Wireshark is on exception list. I'm afraid that's just adds additional work for maintainers w/o any visible benefits. Let's move further instead of backporting - that's just a leafnode app so nobody got hurt by a potential dependency issue. Regarding version - fortunately that's not a critpath application, so we have a lot of freedom here. -- With best regards, Peter Lemenkov. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
On Thu, 12 Sep 2013 10:42:20 +0200, Peter Lemenkov wrote: I'm afraid that's just adds additional work for maintainers w/o any visible benefits. The benefits are the stable Fedora release does not break 3rd party applications during its deployment/lifecycle. Let's move further instead of backporting - that's just a leafnode app so nobody got hurt by a potential dependency issue. wireshark.rpm contains many commandline utilities which may be used by 3rd party sysadmin scripts (and maybe even 3rd party C applications). further in your explanation means nullifying the long Fedora alpha/beta release engineering and also nullifying the upstream efforts to release 1.8.x versions even after 1.10.0 had been already released. joke So let's drop the Fedora releases effort and we can all just run Rawhide. /joke Regards, Jan -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
On Thu, Sep 12, 2013 at 8:12 PM, Jan Kratochvil jan.kratoch...@redhat.com wrote: joke So let's drop the Fedora releases effort and we can all just run Rawhide. /joke It's not a joke now in some cases. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
Re: Heads up! I'm going to upgrade Wireshark up to 1.10.x in Fedora 18
Hi, On 09/12/2013 02:12 PM, Jan Kratochvil wrote: On Thu, 12 Sep 2013 10:42:20 +0200, Peter Lemenkov wrote: I'm afraid that's just adds additional work for maintainers w/o any visible benefits. The benefits are the stable Fedora release does not break 3rd party applications during its deployment/lifecycle. Let's move further instead of backporting - that's just a leafnode app so nobody got hurt by a potential dependency issue. wireshark.rpm contains many commandline utilities which may be used by 3rd party sysadmin scripts (and maybe even 3rd party C applications). Correct. further in your explanation means nullifying the long Fedora alpha/beta release engineering and also nullifying the upstream efforts to release 1.8.x versions even after 1.10.0 had been already released. Agree. joke So let's drop the Fedora releases effort and we can all just run Rawhide. /joke Actually, this will make living releases of Fedora kind of Rawhide. As stated in former mail, it would be good to do 1.8.10 upgrade in Fedora 18. Regards, Jan -- Peter Hatina ENG Server Experience, System Management Red Hat Czech, Brno -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct