Re: ImageMagick - [Fedora Update] [comment] xine-lib-1.1.20.1-3.fc17, emacs-24.0.94-3.fc17, calibre-0.8.42-1.fc17, perl-GD-SecurityImage-1.71-3.fc17, techne-0.2.1-4.fc17, gdl-0.9.2-5.fc17, autotrace
06.04.2012 19:43, Michael Schwendt написал: On Fri, 6 Apr 2012 16:57:14 +0200, CF (Christophe) wrote: On Fri, Apr 06, 2012 at 07:27:31AM -0600, Orion Poplawski wrote: Suggestions? I'm tempted to pushed this to stable so that broken deps emails start going out to get people to do the needed rebuilds. Or perhaps someone in releng can for the needed buildroot overrides? Or perhaps we drop the whole endeavor? I'd lean towards this, why do we need to push a soname bump of ImageMagick so late in the game when f17 is already in beta? If there's a critical bug in the f17 package, isn't it possible to backport the fix instead of forcing these rebuilds? There are several CVEs. As whether the fixes for them could be backported, well, somebody would need to investigate and do it. Yes, indeed. There several security issues found https://bugzilla.redhat.com/show_bug.cgi?id=807994, https://bugzilla.redhat.com/show_bug.cgi?id=807997, https://bugzilla.redhat.com/show_bug.cgi?id=807993, https://bugzilla.redhat.com/show_bug.cgi?id=808159, https://bugzilla.redhat.com/show_bug.cgi?id=804591, https://bugzilla.redhat.com/show_bug.cgi?id=804588, https://bugzilla.redhat.com/show_bug.cgi?id=808159 I have contacted with upstream author to clarify when it will be fixed in main tree. As I'll got answer I'll post update in rawhide asap. Really it have worth have that in stable branches also (but it is not in my rights now, so I must try find someone with at least with provenpackager acl who want help). So have .so.5 in F17 is good idea - in this case may be needed rebuild only dependencies explicitly depends by ImageMagick version (ruby-RMagick for example), and I think I'll can do that with contact of maintainers of that's packages. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Fwd: ImageMagick - [Fedora Update] [comment] xine-lib-1.1.20.1-3.fc17, emacs-24.0.94-3.fc17, calibre-0.8.42-1.fc17, perl-GD-SecurityImage-1.71-3.fc17, techne-0.2.1-4.fc17, gdl-0.9.2-5.fc17, autotrace
Suggestions? I'm tempted to pushed this to stable so that broken deps emails start going out to get people to do the needed rebuilds. Or perhaps someone in releng can for the needed buildroot overrides? Or perhaps we drop the whole endeavor? Original Message Subject: [Fedora Update] [comment] xine-lib-1.1.20.1-3.fc17, emacs-24.0.94-3.fc17, calibre-0.8.42-1.fc17, perl-GD-SecurityImage-1.71-3.fc17, techne-0.2.1-4.fc17, gdl-0.9.2-5.fc17, autotrace-0.31.1-29.fc17.1, ImageMagick-6.7.5.6-3.fc17 Date: Fri, 06 Apr 2012 11:30:06 + From: upda...@fedoraproject.org To: or...@fedoraproject.org The following comment has been added to the xine-lib-1.1.20.1-3.fc17,emacs-24.0.94-3.fc17,calibre-0.8.42-1.fc17,perl-GD-SecurityImage-1.71-3.fc17,techne-0.2.1-4.fc17,gdl-0.9.2-5.fc17,autotrace-0.31.1-29.fc17.1,ImageMagick-6.7.5.6-3.fc17 update: salimma (proventesters) - 2012-04-06 11:30:06 (karma: 0) so apparently the old Bodhi bug still exists: once something is in -testing you can't create an override for it, but it's still not being used to populate build roots.If the rebuild will take a while, could you unpush this from testing until all the deps are rebuilt? The alternative is we'd have to mark this stable (though the set is incomplete) To reply to this comment, please visit the URL at the bottom of this mail xine-lib-1.1.20.1-3.fc17, emacs-24.0.94-3.fc17, calibre-0.8.42-1.fc17, perl-GD-SecurityImage-1.71-3.fc17, techne-0.2.1-4.fc17, gdl-0.9.2-5.fc17, autotrace-0.31.1-29.fc17.1, ImageMagick-6.7.5.6-3.fc17 Update ID: FEDORA-2012-4828 Release: Fedora 17 Status: testing Type: bugfix Karma: 1 Notes: Update to ImageMagick 6.7.5.6. Submitter: orion Submitted: 2012-03-28 16:16:02 Comments: bodhi - 2012-03-28 16:17:03 (karma 0) This update has been submitted for testing by orion. bodhi - 2012-03-28 16:25:59 (karma 0) orion has edited this update. New build(s): perl-GD- SecurityImage-1.71-3.fc17. bodhi - 2012-03-28 16:55:08 (karma 0) orion has edited this update. New build(s): emacs-24.0.94-3.fc17, calibre-0.8.42-1.fc17. bodhi - 2012-03-28 18:31:49 (karma 0) This update is currently being pushed to the Fedora 17 testing updates repository. bodhi - 2012-03-28 18:32:48 (karma 0) orion has edited this update. New build(s): xine- lib-1.1.20.1-3.fc17. bodhi - 2012-03-28 19:36:15 (karma 0) This update has been pushed to testing patches (proventesters) - 2012-03-29 15:16:08 (karma 1) no regressions noted using ImageMagick tools briefly bodhi - 2012-03-31 22:04:00 (karma 0) This update has reached 3 days in testing and can be pushed to stable now if the maintainer wishes lmacken (proventesters) - 2012-04-02 23:13:17 (karma 0) This update has been unpushed bodhi - 2012-04-02 23:13:43 (karma 0) This update has been submitted for testing by lmacken. bodhi - 2012-04-03 20:12:33 (karma 0) This update is currently being pushed to the Fedora 17 testing updates repository. bodhi - 2012-04-04 19:16:16 (karma 0) This update is currently being pushed to the Fedora 17 testing updates repository. bodhi - 2012-04-04 21:10:03 (karma 0) This update has been pushed to testing robatino (proventesters) - 2012-04-05 00:32:26 (karma 1) Seems fine. The ImageMagick update fixes the extremely annoying bug 755827 . teuf - 2012-04-05 18:59:56 (karma -1) This changes libMagick soname from 4 to 5 but some of the packages using it are not rebuilt. It fails to install here because inkscape still wants libMagickCore.so.4 teuf - 2012-04-05 19:02:45 (karma 0) $ repoquery -a --whatrequires 'libMagickCore.so.4()(64bit)' ImageMagick-c++-0:6.7.1.9-3.fc17.x86_64 ImageMagick- devel-0:6.7.1.9-3.fc17.x86_64 ImageMagick- djvu-0:6.7.1.9-3.fc17.x86_64 ImageMagick- perl-0:6.7.1.9-3.fc17.x86_64 ale-0:0.9.0.3-6.fc17.x86_64 autotrace-0:0.31.1-26.fc15.1.x86_64 calibre-0:0.8.39-1.fc17.x86_64 dmapd-0:0.0.45-1.fc16.x86_64 dmapd-0:0.0.47-2.fc17.x86_64 drawtiming-0:0.7.1-5.fc17.x86_64 dx-0:4.4.4-21.fc17.x86_64 dx- libs-0:4.4.4-21.fc17.x86_64 emacs-1:24.0.94-1.fc17.x86_64
Re: ImageMagick - [Fedora Update] [comment] xine-lib-1.1.20.1-3.fc17, emacs-24.0.94-3.fc17, calibre-0.8.42-1.fc17, perl-GD-SecurityImage-1.71-3.fc17, techne-0.2.1-4.fc17, gdl-0.9.2-5.fc17, autotrace-
On Fri, 6 Apr 2012 16:57:14 +0200, CF (Christophe) wrote: On Fri, Apr 06, 2012 at 07:27:31AM -0600, Orion Poplawski wrote: Suggestions? I'm tempted to pushed this to stable so that broken deps emails start going out to get people to do the needed rebuilds. Or perhaps someone in releng can for the needed buildroot overrides? Or perhaps we drop the whole endeavor? I'd lean towards this, why do we need to push a soname bump of ImageMagick so late in the game when f17 is already in beta? If there's a critical bug in the f17 package, isn't it possible to backport the fix instead of forcing these rebuilds? There are several CVEs. As whether the fixes for them could be backported, well, somebody would need to investigate and do it. -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
Re: ImageMagick - [Fedora Update] [comment] xine-lib-1.1.20.1-3.fc17, emacs-24.0.94-3.fc17, calibre-0.8.42-1.fc17, perl-GD-SecurityImage-1.71-3.fc17, techne-0.2.1-4.fc17, gdl-0.9.2-5.fc17, autotrace
On Fri, Apr 6, 2012 at 9:27 AM, Orion Poplawski wrote: Suggestions? I'm tempted to pushed this to stable so that broken deps emails start going out to get people to do the needed rebuilds. +1. The ImageMagick maintainer gave a fair notice and a sufficient time (3 weeks?) to package maintainers for rebuilding their stuff. There is little benefit in punishing the ImageMagick maintainer more. Cheers, Orcan -- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel
