[EPEL-devel] Re: related question / off topic - EPEL Proposal #1: Rechartering
On 02/22/2016 09:06 PM, Peter wrote: > On 19/02/16 15:16, ~Stack~ wrote: >> Thanks for replying. Makes sense. But what would the harm be to move a >> package into a separate "retired" repo? Community would know that it >> isn't maintained and yet the package wouldn't just disappear completely. >> I guess the difficult question would then be, how long is the package >> kept till it needs to be pruned? 1yr? 6mo? Still, it would be nice to >> give the user base the option to pull the packages they need out on a >> long enough scale that they have time to discover it with new builds. > > My suggestion would be for the life of the point release of the repos > that's built against. Since the package is not going to be built > against newer point releases of RHEL it is less likely to continue to > work after RHEL moves to a new point release (say from 7.2 to 7.3). We > could have an individual "retired" repo for each point release that > would see the packages built against that release moved there. We would > not necessarily need get rid of older retired repos, but just maintain a > symbolic link to the latest one. > > So for example if package foo was last built against RHEL 7.2 before it > was retired, we could move it to the repo "epel-retired-7.2" and there > would be a symbolic link for "epel-retired" that points to > epel-retired-7.2 until RHEL 7.3 is released. In my opinion, that is a brilliant idea. I like it! :-) ~Stack~ signature.asc Description: OpenPGP digital signature ___ epel-devel mailing list epel-devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/epel-devel@lists.fedoraproject.org
[EPEL-devel] Re: related question / off topic - EPEL Proposal #1: Rechartering
On 19/02/16 15:16, ~Stack~ wrote: > Thanks for replying. Makes sense. But what would the harm be to move a > package into a separate "retired" repo? Community would know that it > isn't maintained and yet the package wouldn't just disappear completely. > I guess the difficult question would then be, how long is the package > kept till it needs to be pruned? 1yr? 6mo? Still, it would be nice to > give the user base the option to pull the packages they need out on a > long enough scale that they have time to discover it with new builds. My suggestion would be for the life of the point release of the repos that's built against. Since the package is not going to be built against newer point releases of RHEL it is less likely to continue to work after RHEL moves to a new point release (say from 7.2 to 7.3). We could have an individual "retired" repo for each point release that would see the packages built against that release moved there. We would not necessarily need get rid of older retired repos, but just maintain a symbolic link to the latest one. So for example if package foo was last built against RHEL 7.2 before it was retired, we could move it to the repo "epel-retired-7.2" and there would be a symbolic link for "epel-retired" that points to epel-retired-7.2 until RHEL 7.3 is released. Peter ___ epel-devel mailing list epel-devel@lists.fedoraproject.org http://lists.fedoraproject.org/admin/lists/epel-devel@lists.fedoraproject.org
[EPEL-devel] Fedora EPEL 7 updates-testing report
The following Fedora EPEL 7 Security updates need testing: Age URL 351 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-1087 dokuwiki-0-0.24.20140929c.el7 113 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-dac7ed832f mcollective-2.8.4-1.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-2d8fa2e036 firebird-2.5.5.26952.0-2.el7 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-23f4cb12a2 php-horde-horde-5.2.9-1.el7 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-50304d1e1f nodejs-0.10.42-4.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-bc557a5441 nghttp2-1.7.1-1.el7 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-287d763bcd GraphicsMagick-1.3.23-4.el7 gdl-0.9.5-3.el7 octave-3.8.2-19.el7 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-5748740371 qt-creator-3.5.1-2.el7 botan-1.10.12-1.el7 1 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8c727601c5 libebml-1.3.3-3.el7 The following builds have been pushed to Fedora EPEL 7 updates-testing 0install-2.11-1.el7 fluxbox-1.3.6-4.el7 libinput-1.1.8-1.el7 pgadmin3-1.22.1-1.el7 php-nette-2.3.9-1.el7 php-nette-caching-2.3.5-1.el7 php-tracy-2.3.9-1.el7 rebase-helper-0.7.1-1.el7 salt-2015.5.9-4.el7 since-1.1-11.el7 yad-0.34.0-1.el7 Details about builds: 0install-2.11-1.el7 (FEDORA-EPEL-2016-6e37f92d4b) A decentralized cross-distribution software installation system Update Information: - Upstream update to 2.11. - Exclude ppc64le and ppc fluxbox-1.3.6-4.el7 (FEDORA-EPEL-2016-e8ab4c99f9) Window Manager based on Blackbox Update Information: Initial import for EPEL7 libinput-1.1.8-1.el7 (FEDORA-EPEL-2016-7f512b1888) Input device library Update Information: Upstream update to 1.1.8 pgadmin3-1.22.1-1.el7 (FEDORA-EPEL-2016-d3d0c76e21) Graphical client for PostgreSQL Update Information: Update to 1.22.1 php-nette-2.3.9-1.el7 (FEDORA-EPEL-2016-d9c8a9ad7f) Nette Framework Update Information: Nette Framework is a popular tool for PHP web development It is designed to be as usable and as friendly as possible. It focuses on security and performance and is definitely one of the safest PHP frameworks. Nette Framework speaks your language and helps you to easily build better websites. Cache accelerates your application by storing data, once hardly retrieved, for future use. To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/autoload.php'; References: [ 1 ] Bug #1277484 - Review Request: php-nette - Nette Framework https://bugzilla.redhat.com/show_bug.cgi?id=1277484 php-nette-caching-2.3.5-1.el7 (FEDORA-EPEL-2016-a941e34e24) Nette Caching Component Update Information: **Released version 2.3.5** *added NewMemcachedStorage using memcached extension #38 *CacheMacro: better error message php-tracy-2.3.9-1.el7 (FEDORA-EPEL-2016-1f88459bd7) Tracy: useful PHP debugger Update Information: **Released version 2.3.9** *bar.js: MouseEvent.buttons is not supported by Safari #134 *Dumper: support for general object exporter which is called for every object *Dumper: object exporters are called in order from most
[EPEL-devel] Fedora EPEL 6 updates-testing report
The following Fedora EPEL 6 Security updates need testing: Age URL 247 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-6828 chicken-4.9.0.1-4.el6 229 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7031 python-virtualenv-12.0.7-1.el6 223 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-7168 rubygem-crack-0.3.2-2.el6 154 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8148 optipng-0.7.5-5.el6 154 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-8156 nagios-4.0.8-1.el6 113 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-e2b4b5b2fb mcollective-2.8.4-1.el6 84 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2015-35e240edd9 thttpd-2.25b-24.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-cb3b95bd2f firebird-2.5.5.26952.0-2.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-8aee7a9340 php-horde-horde-5.2.9-1.el6 12 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-f61ec30f9f poco-1.4.2p1-3.el6 11 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-791080c274 nodejs-0.10.42-4.el6 7 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-eb24bfea0d octave-3.4.3-2.el6 gdl-0.9.5-4.el6 GraphicsMagick-1.3.23-4.el6 5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-46c6b5e4d4 botan-1.8.15-1.el6 0 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2016-58b3766907 libebml-1.2.2-1.el6 The following builds have been pushed to Fedora EPEL 6 updates-testing libebml-1.2.2-1.el6 php-nette-2.3.9-1.el6 php-nette-caching-2.3.5-1.el6 php-tracy-2.3.9-1.el6 salt-2015.5.9-4.el6 Details about builds: libebml-1.2.2-1.el6 (FEDORA-EPEL-2016-58b3766907) Extensible Binary Meta Language library Update Information: New in 1.2.2 version: * fix usage of the DEBUG #define (use LIBEBML_DEBUG instead) * The EbmlCodeVersion variable now resides in the library instead of being declared static in the header file. * only use the test element to read once in the loop Backported fixes for: * CVE-2015-8789 libebml: Usa-after-free vulnerability in EblMaster::Read() * CVE-2015-8790 CVE-2015-8791 libebml: information leaks in two functions References: [ 1 ] Bug #1276337 - CVE-2015-8789 libebml: Usa-after-free vulnerability in EblMaster::Read() [epel-all] https://bugzilla.redhat.com/show_bug.cgi?id=1276337 [ 2 ] Bug #1303854 - CVE-2015-8791 CVE-2015-8790 libebml: information leaks in two functions [epel-6] https://bugzilla.redhat.com/show_bug.cgi?id=1303854 php-nette-2.3.9-1.el6 (FEDORA-EPEL-2016-22d9369b13) Nette Framework Update Information: Nette Framework is a popular tool for PHP web development It is designed to be as usable and as friendly as possible. It focuses on security and performance and is definitely one of the safest PHP frameworks. Nette Framework speaks your language and helps you to easily build better websites. Cache accelerates your application by storing data, once hardly retrieved, for future use. To use this library, you just have to add, in your project: require_once '/usr/share/php/Nette/autoload.php'; References: [ 1 ] Bug #1277484 - Review Request: php-nette - Nette Framework https://bugzilla.redhat.com/show_bug.cgi?id=1277484 php-nette-caching-2.3.5-1.el6 (FEDORA-EPEL-2016-4b45707f19) Nette Caching Component Update Information: **Released version 2.3.5** *added NewMemcachedStorage using memcached extension #38 *CacheMacro: better error message php-tracy-2.3.9-1.el6 (FEDORA-EPEL-2016-86402e2f37) Tracy: useful PHP debugger Update Information: **Released version 2.3.9** *bar.js: MouseEvent.buttons is not supported by Safari #134 *Dumper: support for general object exporter which is called for every object *Dumper: object exporters are called in order from most specific to general *Debugger: removes
