Re: [arch-dev-public] Get involved with tracking security issues in Arch Linux packages

On Sunday, March 09, 2014 15:56:57 Allan McRae wrote: > We have had some great help in this area by a user 'RbN' who has been > filing bug reports about CVEs with links to the patches fixing the > issue. However, it is not a one person job, and they can not keep up alone. I agree. Many thanks to

[arch-dev-public] Get involved with tracking security issues in Arch Linux packages

Hi all, A bit of background first! There are two main classes of security issues that our packages can suffer from: - a security issue disclosed and fixed by an update - a security issue that requires backporting of patches As a rolling release, we are fairly good at updating our software quick

Re: [arch-dev-public] Looking for maintainers for a few packages

Hi On Fri, Mar 7, 2014 at 7:59 PM, Allan McRae wrote: > I'm looking to offload a few packages so I can spend more time dealing > with pacman (the patches pile up faster than I can deal with them and > there are things I want to implement...). I essentially intend to keep > dealing with the tool

Re: [arch-dev-public] Looking for maintainers for a few packages

On 08/03/2014 04:59, Allan McRae wrote: > I can spend more time dealing with pacman > (the patches pile up faster than I can deal with them and > there are things I want to implement...). Nice! > > Here is a list of what is on offer: > All these packages interest me, but I prefer only take care

Re: [arch-dev-public] [kde-unstable] 4.13

On Sat 08, March 09:38:43 you wrote: > Nepomuk and Baloo can co-exists, but this is advise against and you've to > manually disable Nepomuk. On a second thought, is more easier to just disable Nepomuk for everyone: * KGet and Plasma-Addons 4.13 have been rebuilt without Nepomuk support. * I alrea

[arch-dev-public] libevdev .so bump / clutter status

I took over libevdev. It's somehow related to the Xorg packages I maintain. But the only packages in our repo that can optionally depend on it are clutter and packages depending in it. I've put libevdev 1.0.x into staging to start the .so rebuild. I've found that the old 1.16.x clutter won't build

[arch-dev-public] Signoff report for [testing]

=== Signoff report for [testing] === https://www.archlinux.org/packages/signoffs/ There are currently: * 6 new packages in last 24 hours * 1 known bad package * 0 packages not accepting signoffs * 2 fully signed off packages * 23 packages missing signoffs * 3 packages older than 14 days (Note: th

[arch-dev-public] [kde-unstable] 4.13

Hi all, it's again time for a new major release of KDE. The first beta of the 4.13 series has been released[1]. As usual, you find the packages in the [kde-unstable] repo, which only contains beta/rc releases. Read install instruction from here[2]. *NOTE*: It requires [testing] enabled. The fol