Re: [CentOS] wildcard certificate
> Am 17.06.2018 um 00:24 schrieb Keith Keller via CentOS : > > On 2018-06-16, Gordon Messmer via CentOS wrote: >> >> https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579 >> >> Wildcard support is new, but it's available! :) > > Cool! I had read about wildcard support being planned a few months ago > but totally forgot about it. > AFAIK, it’s only available with the DNS-challege. You must have authority over your DNS and use one of the supported providers (or build your own). ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] wildcard certificate
On 2018-06-16, Gordon Messmer via CentOS wrote: > > https://community.letsencrypt.org/t/acme-v2-and-wildcard-certificate-support-is-live/55579 > > Wildcard support is new, but it's available! :) Cool! I had read about wildcard support being planned a few months ago but totally forgot about it. --keith -- kkel...@wombat.san-francisco.ca.us ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] CentOS Kernel Support
On 15 June 2018 at 21:07, Keith Keller via CentOS wrote: > On 2018-06-16, Johnny Hughes via CentOS wrote: >> >> You agreed to an EULA that says you will not distribute things that you >> get from that paid subscription. You can do it, and be in violation of >> the terms of your subscription. > > Is this enforceable with the GPLv2? IIRC someone who distributes GPLv2 > source code is not permitted to restrict other people's ability to > redistribute. It could be an interesting legal test (that I don't think > CentOS should test :) ) > This gets asked every couple of months for the last 18+ years. This has been the model that pretty much every enterprise company from Cygnus before Red Hat merged with it, to SuSE and Red Hat enforce their contracts. RMS has probably answered it so many times that he has an autoresponder on it.. so I would say ask him and see what he says. The general way it has been said is that this does not equal what the law sees as an additional restriction on the code. The restriction is on the support contract you have with Red Ha which is not promised in the GPL as being a right you have. The only licenses which do provide that amount and more requirements are code which are covered under the AGPL. > --keith > > -- > kkel...@wombat.san-francisco.ca.us > > > ___ > CentOS mailing list > CentOS@centos.org > https://lists.centos.org/mailman/listinfo/centos -- Stephen J Smoogen. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] CentOS-announce Digest, Vol 160, Issue 4
Send CentOS-announce mailing list submissions to centos-annou...@centos.org To subscribe or unsubscribe via the World Wide Web, visit https://lists.centos.org/mailman/listinfo/centos-announce or, via email, send a message with subject or body 'help' to centos-announce-requ...@centos.org You can reach the person managing the list at centos-announce-ow...@centos.org When replying, please edit your Subject line so it is more specific than "Re: Contents of CentOS-announce digest..." Today's Topics: 1. CESA-2018:1852 Moderate CentOS 7 kernel Security Update (Johnny Hughes) -- Message: 1 Date: Sat, 16 Jun 2018 10:49:53 + From: Johnny Hughes To: centos-annou...@centos.org Subject: [CentOS-announce] CESA-2018:1852 Moderate CentOS 7 kernel SecurityUpdate Message-ID: <20180616104953.ga65...@n04.lon1.karan.org> Content-Type: text/plain; charset=us-ascii CentOS Errata and Security Advisory 2018:1852 Moderate Upstream details at : https://access.redhat.com/errata/RHSA-2018:1852 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: ea66a974143f533fddeffe8f3f1cd32c86c4e3f253622959d0c10e6efb4ab3c3 kernel-3.10.0-862.3.3.el7.x86_64.rpm 64f2e56ed123e1a167d317e003e21c40d1dcfb48305ba3c6c78d07731dd16741 kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm e3337bc41e6c09efbd66931c6247383f9cb6b771f1e22b91d54cd90372a50e15 kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm 41d72ae15f786aebf0cd63bb30a70d876247fa22ea7d4577b847c8b83aef12b4 kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm 3f870fdf26b2e000a061d7dd31d7742ca36127e5f7db7b87556612e808e680ae kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm d2ee86a99c5fae77d7984dd087502a636bd5115ed3b93e3166014a65466f07ed kernel-doc-3.10.0-862.3.3.el7.noarch.rpm be7972c92f9ef5bebc69912025e18090a7850c0d1f6186fdb28816c4d43f9ada kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm fceece180472bab1d582834e2673711ad29406cf50fe42445ffebd07f1d0b677 kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm 76f864788ce7c4debc1d9252e78051b6f4e0baeabb1fb582370dfcc878f1b9f6 kernel-tools-libs-3.10.0-862.3.3.el7.x86_64.rpm 329fc0513bebdccc20cf02d282ac006bee327bc0f57d0882b2c07ab4bbce6302 kernel-tools-libs-devel-3.10.0-862.3.3.el7.x86_64.rpm adb57998b2c5a06b88b6002c2bc9635173fd51aa6000ff4326e6a7a490cb8ea3 perf-3.10.0-862.3.3.el7.x86_64.rpm 47b576e251ed21a547132daa240adaa377b91859cc6f9545c5b4a2f74d8000aa python-perf-3.10.0-862.3.3.el7.x86_64.rpm Source: 0a17d9113e2ddbf3ca76d1e24591083acf5b898d42609f6db180263c7dbfd72d kernel-3.10.0-862.3.3.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net Twitter: @JohnnyCentOS -- Subject: Digest Footer ___ CentOS-announce mailing list centos-annou...@centos.org https://lists.centos.org/mailman/listinfo/centos-announce -- End of CentOS-announce Digest, Vol 160, Issue 4 *** ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] About the membership issue
On Sat, Jun 16, 2018 at 05:58:11AM -0500, Johnny Hughes via CentOS wrote: > On 06/16/2018 05:42 AM, Leon Fauster via CentOS wrote: > WRT the action taken .. we have used the Munge option from here (for > versions 2.1.18 or greater): > > https://wiki.list.org/DEV/DMARC > > > I still see 'reply to list' as an option and it works the same for ne in > Thunderbird (If I reply directly to he mail, it does to original author, > if I reply to list, it goes to the list). > > > If your {all of us 'yous', not just Leon :) } mail client has a reply > to list function, you will want to use that to send replies to the list. > For neomutt, if I hit reply, it asks if I wish to reply to the sender. If I do, it sends a copy to you and the list. If I hit n for no, it then asks reply to Johnny Hughes (for this email, obviously) vid CentOS and just sends the reply to the list. though the To line will show to Johnny Hughes via CentOS. -- Scott Robbins PGP keyID EB3467D6 ( 1B48 077D 66F6 9DB0 FDC2 A409 FA54 EB34 67D6 ) gpg --keyserver pgp.mit.edu --recv-keys EB3467D6 ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] About the membership issue
On 06/16/2018 06:04 AM, Johnny Hughes via CentOS wrote: > On 06/16/2018 05:58 AM, Johnny Hughes via CentOS wrote: >> On 06/16/2018 05:42 AM, Leon Fauster via CentOS wrote: >>> Concerning the disabled membership (yesterday). Is there anything that I >>> should do? >>> Visiting the "re-enable" link shows only a plain site with meta information >>> about >>> the list but without any feedback like "membership enabled". Albeit some >>> postings are >>> coming in again now (with "normalized" sender address ). >>> Seems >>> the work to resolve this issue is in progress ... >> >> >> WRT the action taken .. we have used the Munge option from here (for >> versions 2.1.18 or greater): >> >> https://wiki.list.org/DEV/DMARC >> >> So, other than all 'From:' addresses being the mailing list, everything >> seems to be working the same as before. >> >> I still see 'reply to list' as an option and it works the same for ne in >> Thunderbird (If I reply directly to he mail, it does to original author, >> if I reply to list, it goes to the list). > > It is in the Reply To: not CC: field in Thunderbird .. but that shows > up by defalt when viewing the list mails for me. Not sure how otehr > mail clients handle it. In the gmail interface .. it shows the the Author, like this in the From line: Johnny Hughes via CentOS And there is a drop down arrow the shows all the header info. A reply puts both the author and the list in the To section. That also seems manageable. > >> >> So for me and thunderbird it is business as usual. >> >> If your {all of us 'yous', not just Leon :) } mail client has a reply >> to list function, you will want to use that to send replies to the list. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] About the membership issue
On 06/16/2018 05:58 AM, Johnny Hughes via CentOS wrote: > On 06/16/2018 05:42 AM, Leon Fauster via CentOS wrote: >> Concerning the disabled membership (yesterday). Is there anything that I >> should do? >> Visiting the "re-enable" link shows only a plain site with meta information >> about >> the list but without any feedback like "membership enabled". Albeit some >> postings are >> coming in again now (with "normalized" sender address ). >> Seems >> the work to resolve this issue is in progress ... > > > WRT the action taken .. we have used the Munge option from here (for > versions 2.1.18 or greater): > > https://wiki.list.org/DEV/DMARC > > So, other than all 'From:' addresses being the mailing list, everything > seems to be working the same as before. > > I still see 'reply to list' as an option and it works the same for ne in > Thunderbird (If I reply directly to he mail, it does to original author, > if I reply to list, it goes to the list). It is in the Reply To: not CC: field in Thunderbird .. but that shows up by defalt when viewing the list mails for me. Not sure how otehr mail clients handle it. > > So for me and thunderbird it is business as usual. > > If your {all of us 'yous', not just Leon :) } mail client has a reply > to list function, you will want to use that to send replies to the list. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Passwords in plain text
On 06/16/2018 05:50 AM, Richard via CentOS wrote: > >> Date: Saturday, June 16, 2018 05:25:05 -0500 >> From: Johnny Hughes via CentOS >> >> On 06/15/2018 05:18 PM, Richard wrote: >>> >>> >>> I believe this is a DMARC issue. Yahoo, among other places, has set >>> their dmarc records to p=reject: >>> >>> dig +short txt _dmarc.yahoo.com >>> "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_...@yahoo.com;; >>> >>> So, if your mail hosting provider enforces dmarc,(gmail does) and >>> you get mail from a list that doesn't rewrite the headers, and >>> people from places like yahoo post to the list, you'll likely get >>> some form of warning about being being kicked off the mailing list >>> every now and then. The frequency depends on how often people from >>> p=reject places post, and what the settings are for bounce >>> handling of the mailing list in question. >>> >>> I believe that the current version of mailman can be configured to >>> do the necessary header rewrites. Some lists I'm on only do the >>> rewrites for headers of posts coming from p=reject sites (much >>> less annoying than having them all rewritten). >> >> This is indeed what happened. An email from yahoo.com.uk caused >> gmail to reject all the mails sent by that user because of the >> yahoo DMARC settings. >> >> We have now set the mailing list to rewrite headers. That also has >> set the From: of the email to the Mailing list and not the Original >> Author. The author is moved to the CC: block and you can still >> easily see who sent it and my email client (thunderbird) still does >> things the same way (reply to list sends to the list, reply sends >> to the original author). >> >> This should prevent the yahoo/gmail (or other dmarc) issues from >> happening again. >> >> For others running mailings lists on CentOS with this issue, Red >> Hat has back ported the 'dmarc_moderation_action' into the current >> version of mailman that is used in RHEL and CentOS. You can follow >> the instructions here for Mailman 2 (for version 2.1.18) even >> though the version in CentOS is mailman-2.1.15-26.el7_4.1 >> >> we will be watching the list for the next few days to see if this >> change is working as expected. If it id not working for other >> email clients please let us know. >> >> Great job by Brian Stinson to figure all this out :) >> >> Thanks, >> Johnny Hughes >> > > Thank you - one less list I'll get kicked off of regularly. > > One note, I am seeing the author in the Reply-To: in the message > headers, not in the visible Cc: as you indicate: > >From: Johnny Hughes via CentOS >Reply-To: Johnny Hughes , > CentOS mailing list > > so to see the address of the sender I have to either poke through the > headers or initiate a reply. I don't think that this is email client > specific. RIGHT ! .. I am showing that in Thunderbird for my emails (instead of CC on the lists :D). So I thought it was CC. So in thunderbird, you should see reply to (at least I do) when viewing the mail. For other email clients, not sure what is seen. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] About the membership issue
On 06/16/2018 05:42 AM, Leon Fauster via CentOS wrote: > Concerning the disabled membership (yesterday). Is there anything that I > should do? > Visiting the "re-enable" link shows only a plain site with meta information > about > the list but without any feedback like "membership enabled". Albeit some > postings are > coming in again now (with "normalized" sender address ). > Seems > the work to resolve this issue is in progress ... WRT the action taken .. we have used the Munge option from here (for versions 2.1.18 or greater): https://wiki.list.org/DEV/DMARC So, other than all 'From:' addresses being the mailing list, everything seems to be working the same as before. I still see 'reply to list' as an option and it works the same for ne in Thunderbird (If I reply directly to he mail, it does to original author, if I reply to list, it goes to the list). So for me and thunderbird it is business as usual. If your {all of us 'yous', not just Leon :) } mail client has a reply to list function, you will want to use that to send replies to the list. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Passwords in plain text
> Date: Saturday, June 16, 2018 05:25:05 -0500 > From: Johnny Hughes via CentOS > > On 06/15/2018 05:18 PM, Richard wrote: >> >> >> I believe this is a DMARC issue. Yahoo, among other places, has set >> their dmarc records to p=reject: >> >> dig +short txt _dmarc.yahoo.com >> "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_...@yahoo.com;; >> >> So, if your mail hosting provider enforces dmarc,(gmail does) and >> you get mail from a list that doesn't rewrite the headers, and >> people from places like yahoo post to the list, you'll likely get >> some form of warning about being being kicked off the mailing list >> every now and then. The frequency depends on how often people from >> p=reject places post, and what the settings are for bounce >> handling of the mailing list in question. >> >> I believe that the current version of mailman can be configured to >> do the necessary header rewrites. Some lists I'm on only do the >> rewrites for headers of posts coming from p=reject sites (much >> less annoying than having them all rewritten). > > This is indeed what happened. An email from yahoo.com.uk caused > gmail to reject all the mails sent by that user because of the > yahoo DMARC settings. > > We have now set the mailing list to rewrite headers. That also has > set the From: of the email to the Mailing list and not the Original > Author. The author is moved to the CC: block and you can still > easily see who sent it and my email client (thunderbird) still does > things the same way (reply to list sends to the list, reply sends > to the original author). > > This should prevent the yahoo/gmail (or other dmarc) issues from > happening again. > > For others running mailings lists on CentOS with this issue, Red > Hat has back ported the 'dmarc_moderation_action' into the current > version of mailman that is used in RHEL and CentOS. You can follow > the instructions here for Mailman 2 (for version 2.1.18) even > though the version in CentOS is mailman-2.1.15-26.el7_4.1 > > we will be watching the list for the next few days to see if this > change is working as expected. If it id not working for other > email clients please let us know. > > Great job by Brian Stinson to figure all this out :) > > Thanks, > Johnny Hughes > Thank you - one less list I'll get kicked off of regularly. One note, I am seeing the author in the Reply-To: in the message headers, not in the visible Cc: as you indicate: From: Johnny Hughes via CentOS Reply-To: Johnny Hughes , CentOS mailing list so to see the address of the sender I have to either poke through the headers or initiate a reply. I don't think that this is email client specific. ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Passwords in plain text
Am 16.06.2018 um 12:25 schrieb Johnny Hughes via CentOS : > We have now set the mailing list to rewrite headers. That also has set > the From: of the email to the Mailing list and not the Original Author. > The author is moved to the CC: block and you can still easily see who > sent it and my email client (thunderbird) still does things the same way > (reply to list sends to the list, reply sends to the original author). It seems that it moved to Reply-To: instead to CC: ?! -- LF ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS-announce] CESA-2018:1852 Moderate CentOS 7 kernel Security Update
CentOS Errata and Security Advisory 2018:1852 Moderate Upstream details at : https://access.redhat.com/errata/RHSA-2018:1852 The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: ea66a974143f533fddeffe8f3f1cd32c86c4e3f253622959d0c10e6efb4ab3c3 kernel-3.10.0-862.3.3.el7.x86_64.rpm 64f2e56ed123e1a167d317e003e21c40d1dcfb48305ba3c6c78d07731dd16741 kernel-abi-whitelists-3.10.0-862.3.3.el7.noarch.rpm e3337bc41e6c09efbd66931c6247383f9cb6b771f1e22b91d54cd90372a50e15 kernel-debug-3.10.0-862.3.3.el7.x86_64.rpm 41d72ae15f786aebf0cd63bb30a70d876247fa22ea7d4577b847c8b83aef12b4 kernel-debug-devel-3.10.0-862.3.3.el7.x86_64.rpm 3f870fdf26b2e000a061d7dd31d7742ca36127e5f7db7b87556612e808e680ae kernel-devel-3.10.0-862.3.3.el7.x86_64.rpm d2ee86a99c5fae77d7984dd087502a636bd5115ed3b93e3166014a65466f07ed kernel-doc-3.10.0-862.3.3.el7.noarch.rpm be7972c92f9ef5bebc69912025e18090a7850c0d1f6186fdb28816c4d43f9ada kernel-headers-3.10.0-862.3.3.el7.x86_64.rpm fceece180472bab1d582834e2673711ad29406cf50fe42445ffebd07f1d0b677 kernel-tools-3.10.0-862.3.3.el7.x86_64.rpm 76f864788ce7c4debc1d9252e78051b6f4e0baeabb1fb582370dfcc878f1b9f6 kernel-tools-libs-3.10.0-862.3.3.el7.x86_64.rpm 329fc0513bebdccc20cf02d282ac006bee327bc0f57d0882b2c07ab4bbce6302 kernel-tools-libs-devel-3.10.0-862.3.3.el7.x86_64.rpm adb57998b2c5a06b88b6002c2bc9635173fd51aa6000ff4326e6a7a490cb8ea3 perf-3.10.0-862.3.3.el7.x86_64.rpm 47b576e251ed21a547132daa240adaa377b91859cc6f9545c5b4a2f74d8000aa python-perf-3.10.0-862.3.3.el7.x86_64.rpm Source: 0a17d9113e2ddbf3ca76d1e24591083acf5b898d42609f6db180263c7dbfd72d kernel-3.10.0-862.3.3.el7.src.rpm -- Johnny Hughes CentOS Project { http://www.centos.org/ } irc: hughesjr, #cen...@irc.freenode.net Twitter: @JohnnyCentOS ___ CentOS-announce mailing list CentOS-announce@centos.org https://lists.centos.org/mailman/listinfo/centos-announce
Re: [CentOS] About the membership issue
On 06/16/2018 05:42 AM, Leon Fauster via CentOS wrote: > Concerning the disabled membership (yesterday). Is there anything that I > should do? > Visiting the "re-enable" link shows only a plain site with meta information > about > the list but without any feedback like "membership enabled". Albeit some > postings are > coming in again now (with "normalized" sender address ). > Seems > the work to resolve this issue is in progress ... > We re-enabled all users, so no action is required. signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
[CentOS] About the membership issue
Concerning the disabled membership (yesterday). Is there anything that I should do? Visiting the "re-enable" link shows only a plain site with meta information about the list but without any feedback like "membership enabled". Albeit some postings are coming in again now (with "normalized" sender address ). Seems the work to resolve this issue is in progress ... -- Thanks LF ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos
Re: [CentOS] Passwords in plain text
On 06/15/2018 05:18 PM, Richard wrote: > >> Date: Friday, June 15, 2018 14:55:21 -0700 >> From: Akemi Yagi >> >> On Fri, Jun 15, 2018 at 9:57 AM, Gianluca Cecchi >> wrote: >>> >>> Il Ven 15 Giu 2018, 18:45 Larry Martell >>> ha scritto: >>> On Fri, Jun 15, 2018 at 12:41 PM rj coleman wrote: > Am I the only one who just received this email from this group? > Which came with my password in the email in plain text? >> >> Your membership in the mailing list CentOS has been disabled >> due to excessive bounces The last bounce received from you >> was dated 15-Jun-2018. You will not get any more messages >> from this list until you re-enable your membership. You will >> receive 3 more reminders like this before your membership in >> the list is deleted. >> I got it as well. >>> Mee too >> >> I also received the "has been disabled" notification. It looks like >> users with gmail addresses are affected. >> >> CentOS admins are looking into this issue (I believe). >> >> Akemi > > I believe this is a DMARC issue. Yahoo, among other places, has set > their dmarc records to p=reject: > > dig +short txt _dmarc.yahoo.com > "v=DMARC1; p=reject; pct=100; rua=mailto:dmarc_y_...@yahoo.com;; > > So, if your mail hosting provider enforces dmarc,(gmail does) and you > get mail from a list that doesn't rewrite the headers, and people > from places like yahoo post to the list, you'll likely get some form > of warning about being being kicked off the mailing list every now > and then. The frequency depends on how often people from p=reject > places post, and what the settings are for bounce handling of the > mailing list in question. > > I believe that the current version of mailman can be configured to do > the necessary header rewrites. Some lists I'm on only do the rewrites > for headers of posts coming from p=reject sites (much less annoying > than having them all rewritten). This is indeed what happened. An email from yahoo.com.uk caused gmail to reject all the mails sent by that user because of the yahoo DMARC settings. We have now set the mailing list to rewrite headers. That also has set the From: of the email to the Mailing list and not the Original Author. The author is moved to the CC: block and you can still easily see who sent it and my email client (thunderbird) still does things the same way (reply to list sends to the list, reply sends to the original author). This should prevent the yahoo/gmail (or other dmarc) issues from happening again. For others running mailings lists on CentOS with this issue, Red Hat has back ported the 'dmarc_moderation_action' into the current version of mailman that is used in RHEL and CentOS. You can follow the instructions here for Mailman 2 (for version 2.1.18) even though the version in CentOS is mailman-2.1.15-26.el7_4.1 we will be watching the list for the next few days to see if this change is working as expected. If it id not working for other email clients please let us know. Great job by Brian Stinson to figure all this out :) Thanks, Johnny Hughes signature.asc Description: OpenPGP digital signature ___ CentOS mailing list CentOS@centos.org https://lists.centos.org/mailman/listinfo/centos