The following Fedora EPEL 7 Security updates need testing:
Age URL
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-15cde9f00b
chromium-123.0.6312.58-1.el7
4 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-07e8f5f1f0
libopenmpt-0.7.6-1.el7
The following builds
The following Fedora EPEL 8 Security updates need testing:
Age URL
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-fc233c6d2e
chromium-123.0.6312.58-1.el8
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-0ced8d6066
tinyxml-2.6.2-28.el8
4
Kevin Fenzi wrote:
> Why not the opposite:
>
> Download Workstation
>
> [I'm a linux user and know what I want, just show me the full list of
> downloads, click here]?
Because that still leads people to click that "Download Workstation" link
before even seeing the options. "I do not want to
Adam Williamson wrote:
> I mean, we really don't need to speculate about this much. We did an
> entire overhaul of the project - Fedora.next
That was for Fedora 21 in 2014! As you stated it, I know you and I have been
around forever and 2014 feels like yesterday, but it was really quite a long
Steve Cossette wrote:
> Sorry, that's pretty much how things are right now, is that what you were
> trying to demonstrate?
>
> I'm not really following.
Not really. The current design is better than those old designs that
immediately served you an ISO when you clicked "Download now", but the
https://bugzilla.redhat.com/show_bug.cgi?id=2270834
Fedora Update System changed:
What|Removed |Added
Fixed In Version|perl-Pod-Weaver-4.020-1.fc4 |perl-Pod-Weaver-4.020-1.fc4
On Wed, Apr 03, 2024 at 02:36:07AM +0200, Kevin Kofler via devel wrote:
> Kevin Fenzi wrote:
> > Ok, thats obvously somewhat tounge in cheek, but if we promote multiple
> > things, we need some way to describe them to uses who might not know the
> > history of things and do it in a quick enough
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
Fedora Update System changed:
What|Removed |Added
Status|MODIFIED|ON_QA
--- Comment #5 from
Sorry, that's pretty much how things are right now, is that what you were
trying to demonstrate?
I'm not really following.
Personally, if we were to promote both KDE and Gnome on the website, I'd
make it dead simple. I really suck at making graphics so I'll try to put it
in text:
I imagine a
On Tue, 2024-04-02 at 21:15 -0400, Steve Cossette wrote:
> I get your point, Kevin. I would argue though that, if a user is looking to
> use Linux, they probably got a decent idea as to what DE they want to use.
> There are SO MANY LINUX DISTROS! Making a choice between two is
> honestly
https://bugzilla.redhat.com/show_bug.cgi?id=2270834
Fedora Update System changed:
What|Removed |Added
Status|ON_QA |CLOSED
Resolution|---
https://bugzilla.redhat.com/show_bug.cgi?id=2269439
Fedora Update System changed:
What|Removed |Added
Fixed In Version|perl-HTML-Parser-3.82-1.fc4 |perl-HTML-Parser-3.82-1.fc4
I get your point, Kevin. I would argue though that, if a user is looking to
use Linux, they probably got a decent idea as to what DE they want to use.
There are SO MANY LINUX DISTROS! Making a choice between two is
honestly probably not that jarring imo.
On Tue, Apr 2, 2024 at 7:49 PM Kevin
Kevin Fenzi wrote:
> Ok, thats obvously somewhat tounge in cheek, but if we promote multiple
> things, we need some way to describe them to uses who might not know the
> history of things and do it in a quick enough way that they won't decide
> it's all confusing and go do something else.
It is
Am 03.04.24 um 01:48 schrieb Kevin Fenzi:
On Tue, Apr 02, 2024 at 04:06:45PM -0400, Steve Cossette wrote:
Alright, so a substantial amount of information changed since the original
submission of the change proposal. We aren't necessarily thinking of
demoting Gnome. The overall spirit of the CP
On Tue, Apr 02, 2024 at 04:06:45PM -0400, Steve Cossette wrote:
> Alright, so a substantial amount of information changed since the original
> submission of the change proposal. We aren't necessarily thinking of
> demoting Gnome. The overall spirit of the CP is that we think KDE, and to
> some
On Tue, Apr 02, 2024 at 04:38:25PM -0400, Stephen Gallagher wrote:
> On Tue, Apr 2, 2024 at 3:55 PM Steve Cossette wrote:
> >
> > I personally would very much agree with enforcing the use of 2fa on the
> > Fedora Account System. Maybe take that opportunity to make it a bit more
> > user
On 2024-03-30 11:52, Dmitry Belyavskiy wrote:
We have an upstream-adjusted version of this patch, see
https://bugzilla.mindrot.org/show_bug.cgi?id=2641
I'm OK to bring the updated version of this script to Fedora as soon
as it is finalized.
I proposed
Steve Cossette wrote:
> We essentially just want more visibility on the website, if that makes
> sense.
Back when I was still a KDE SIG member, whenever we brought that up with the
Websites Team, they would just point us to the Board (what is now the
Council), and the Board would point us back
Adam Williamson wrote:
> Change proposals can be, and frequently are, rejected.
If you look at the statistics, they very rarely are. A lot of bad changes
with lots of criticism on the mailing list were waved through by FESCo. But
if they dare touching a Red Hat holy cow such as the dogma of
Richard W.M. Jones wrote:
> Yes, in this case the attacker had set the serial number to 30, but
> the latest upstream serial number was 3. autoreconf won't replace the
> file in this case unless it is deleted. There really should be an
> "always replace if you can" option in autoreconf.
Is that
Gary Buhrmaster wrote:
> And, more importantly, the industry has agreed
> to use the term supply chain. Is the term
> perhaps overloaded, or perhaps too
> ill-defined/imprecise? Sure. But if one wants
> to use a different term one would need to work
> across the industry to change the term, and
On Wed, 2024-04-03 at 00:15 +0200, Kevin Kofler via devel wrote:
> Adam Williamson wrote:
> > It occurs to me - maybe you don't agree, but this is how it looks to me
> > - that, ironically, you and I usually argue the exact *opposite* side
> > of this case, no? I argue in *favor* of
Adam Williamson wrote:
> It occurs to me - maybe you don't agree, but this is how it looks to me
> - that, ironically, you and I usually argue the exact *opposite* side
> of this case, no? I argue in *favor* of somewhat-arbitrary delays to
> packages appearing in 'stable', and you argue *against*
>
> it’s not a change.
> --
> --
> Sergio Belkin
> LPIC-2 Certified - http://www.lpi.org
>
It's not a change already decided I meant :) !
sorry for the noise
--
--
Sergio Belkin
LPIC-2 Certified - http://www.lpi.org
--
___
devel mailing list --
Oooo I could go for some Yak meat!
On Tue, Apr 2, 2024 at 5:32 PM Adam Williamson
wrote:
> On Tue, 2024-04-02 at 17:37 -0300, Sergio Belkin wrote:
> >
> > I am a happy KDE user, since the good old days of version 1.0. I
> celebrate
> > this decision! My recognition goes to the enormous and
El mar, 2 abr 2024 a las 18:32, Adam Williamson ()
escribió:
> On Tue, 2024-04-02 at 17:37 -0300, Sergio Belkin wrote:
> >
> > I am a happy KDE user, since the good old days of version 1.0. I
> celebrate
> > this decision! My recognition goes to the enormous and sustained work of
> > the entire
On Tue, 2024-04-02 at 17:37 -0300, Sergio Belkin wrote:
>
> I am a happy KDE user, since the good old days of version 1.0. I celebrate
> this decision! My recognition goes to the enormous and sustained work of
> the entire KDE community.
> Cheers,
> Sergiio
To be clear, there is no 'decision'.
Gordon Messmer wrote:
> Purely as trivia, and as I haven't seen it discussed elsewhere, the
> malware steals a different set of symbols on Fedora, where
> RSA_public_decrypt doesn't seem to appear in the GOT at all.
This proves again that this is a very targeted attack that carefully
analyzed
On Tue, Apr 2, 2024 at 3:55 PM Steve Cossette wrote:
>
> I personally would very much agree with enforcing the use of 2fa on the
> Fedora Account System. Maybe take that opportunity to make it a bit more user
> friendly? (Such as the fkinit prompt requiring the 2fa code being added at
> the
El mar, 2 abr 2024 a las 6:40, Aoife Moloney ()
escribió:
> Wiki - https://fedoraproject.org/wiki/Changes/FedoraPlasmaWorkstation
>
> This document represents a proposed Change. As part of the Changes
> process, proposals are publicly announced in order to receive
> community feedback. This
On Tue, Apr 2, 2024 at 3:44 PM Matthew Kosarek via devel
wrote:
>
> Hello all,
>
> My name is Matthew (Matt) Kosarek and I am a developer on the Mir team at
> Canonical. I am currently developing a tiling window manager based on Mir
> called miracle-wm (https://github.com/mattkae/miracle-wm).
Alright, so a substantial amount of information changed since the original
submission of the change proposal. We aren't necessarily thinking of
demoting Gnome. The overall spirit of the CP is that we think KDE, and to
some extent the other spins too, need a bit more visibility on the website.
At
Hello Matthew, and welcome to Fedora!
You'll find alot of good people in here eager to help you. Feel free to
also drop in on matrix for a more real-time conversation!
On Tue, Apr 2, 2024 at 3:44 PM Matthew Kosarek via devel <
devel@lists.fedoraproject.org> wrote:
> Hello all,
>
> My name is
On 4/2/24 03:50 PM, Steve Cossette wrote:
Well, we did submit this yesterday around 2:30-3:00PM EST, guessing it was a
bit too late.
But the proposal is 1000% serious.
I'm glad to hear you say that, as I switched to KDE around the time of Gnome3
and never looked back.
Steve
--
I personally would very much agree with enforcing the use of 2fa on the
Fedora Account System. Maybe take that opportunity to make it a bit more
user friendly? (Such as the fkinit prompt requiring the 2fa code being
added at the end of your password -- to be clear I think the 2fa code
should be
Well, we did submit this yesterday around 2:30-3:00PM EST, guessing it was
a bit too late.
But the proposal is 1000% serious.
On Tue, Apr 2, 2024 at 3:46 PM Jonathan Wakely wrote:
> On Tue, 2 Apr 2024 at 19:44, Richard Hughes wrote:
> >
> > On Tue, 2 Apr 2024 at 10:40, Aoife Moloney wrote:
>
On Tue, 2 Apr 2024 at 19:44, Richard Hughes wrote:
>
> On Tue, 2 Apr 2024 at 10:40, Aoife Moloney wrote:
> > Switch the default desktop experience for Workstation to KDE Plasma.
> > The GNOME desktop is moved to a separate spin / edition, retaining
> > release-blocking status.
>
> If this is an
Hello all,
My name is Matthew (Matt) Kosarek and I am a developer on the Mir team
at Canonical. I am currently developing a tiling window manager based on
/Mir/ called *miracle-wm* (https://github.com/mattkae/miracle-wm). The
goal is to have a tiling experience similar to /sway///i3/, but
On Tue, Apr 02, 2024 at 06:44:02PM +, Richard Hughes wrote:
> On Tue, 2 Apr 2024 at 10:40, Aoife Moloney wrote:
> > Switch the default desktop experience for Workstation to KDE Plasma.
> > The GNOME desktop is moved to a separate spin / edition, retaining
> > release-blocking status.
>
> If
On Tue, 2024-04-02 at 21:05 +0200, Kevin Kofler via devel wrote:
> Aoife Moloney wrote:
> > Switch the default desktop experience for Workstation to KDE Plasma.
> > The GNOME desktop is moved to a separate spin / edition, retaining
> > release-blocking status.
>
> It is funny that the KDE SIG is
On 2024-04-02 03:42, Lennart Poettering wrote:
Also, I don't think we should get hung up too much on the libsystemd
thing. I know people like to hit on systemd,
I know, and one of the problems that results from having just a torrent
of undeserved criticism is that it naturally predisposes
Aoife Moloney wrote:
> Switch the default desktop experience for Workstation to KDE Plasma.
> The GNOME desktop is moved to a separate spin / edition, retaining
> release-blocking status.
It is funny that the KDE SIG is proposing that now. I have a sense of déjà-
vu:
Chris Adams wrote:
> However, it's a good trigger to review Fedora's security approach in
> general (like 2FA use).
Using such an issue that made it through upstream 2FA and would also have
made it through any 2FA enforcement in Fedora as an excuse to force 2FA on
us is just pure nonsense.
Matthew Miller wrote:
> I sometimes see unit test failures. The developer ran the tests, but not
> on S390.
Why would I want a test failure on such an exotic architecture to fail my
build? The only reason Fedora supports that architecture at all is pressure
from IBM. Basically nobody uses it.
On Tue, 2 Apr 2024 at 10:40, Aoife Moloney wrote:
> Switch the default desktop experience for Workstation to KDE Plasma.
> The GNOME desktop is moved to a separate spin / edition, retaining
> release-blocking status.
If this is an April fools joke -- it's a weird one, and a day too late.
Lennart Poettering wrote:
> It *literally* is just sending a text string "READY=1" in an AF_UNIX
> datagram to a socket whose path is provided to you in the
> $NOTIFY_SOCKET env var.
I see so many ways one can get this wrong. E.g., using some abstraction for
the socket write that can also write
Dear all,
You are kindly invited to the meeting:
EPEL Steering Committee on 2024-04-03 from 18:00:00 to 19:00:00 UTC
At fedora-meet...@chat.fedoraproject.org
The meeting will be about:
https://chat.fedoraproject.org/#/room/#meeting:fedoraproject.org
This is the weekly EPEL Steering
On 02. 04. 24 14:17, Lennart Poettering wrote:
On Di, 02.04.24 14:04, Petr Menšík (pemen...@redhat.com) wrote:
I am not convinced dlopen will it make secure in the end. I am not sure this
is a good solution. dlopen makes those dependencies non-obvious from
packaging side and non-visible from
On Tue Apr 2, 2024 at 17:16 +0200, Dan Čermák wrote:
> Hi Maxwell & Go SIG,
Hi Dan,
Thank you for reaching out!
> we have recently started working on introducing a bundled() provides
> generator for golang in openSUSE and found a very simple solution using
> the output of `go version -m
On Tue, 2024-04-02 at 10:22 -0600, Jerry James wrote:
>
> - We retroactively change the time to stable of all updates that have
> already been submitted. I might have an update that I think will go
> stable in 1 more day, and suddenly it isn't going to go stable for 5
> more days.
This is a
On Tue, Apr 2, 2024 at 12:18 PM Fabio Valentini wrote:
>
> On Tue, Apr 2, 2024 at 6:08 PM Sandro wrote:
> >
> > On 26-03-2024 22:15, Adam Williamson wrote:
> > > On Tue, 2024-03-26 at 21:34 +0100, Sandro wrote:
> > >> On 26-03-2024 16:25, Kevin Fenzi wrote:
> > >>> So, please take this time to
Dear Gary,
On Tue, Apr 2, 2024 at 5:39 PM Gary Buhrmaster
wrote:
> On Tue, Apr 2, 2024 at 3:12 PM Dmitry Belyavskiy
> wrote:
>
> > Third-party engines may be a problem but as we don't break ABI, it's not
> a problem of the moment.
>
> The fact you are removing the headers means it is
> a
On Tue, Apr 2, 2024 at 10:08 AM Sandro wrote:
> We are one week down the road. I've submitted an update a week ago
> shortly after Adam's reply was sent (March 26, 21:48 UTC). Final freeze
> is now in effect and the update[1] has *not* made it to stable. It's
> still in testing.
>
> Luckily, this
Report started at 2024-04-02 16:05:20 UTC
The following packages are orphaned and will be retired when they
are orphaned for six weeks, unless someone adopts them. If you know for sure
that the package should be retired, please do so now with a proper reason:
On Tue, Apr 2, 2024 at 6:08 PM Sandro wrote:
>
> On 26-03-2024 22:15, Adam Williamson wrote:
> > On Tue, 2024-03-26 at 21:34 +0100, Sandro wrote:
> >> On 26-03-2024 16:25, Kevin Fenzi wrote:
> >>> So, please take this time to do any last minute testing and bugfixing
> >>> and make sure any
On 26-03-2024 22:15, Adam Williamson wrote:
On Tue, 2024-03-26 at 21:34 +0100, Sandro wrote:
On 26-03-2024 16:25, Kevin Fenzi wrote:
So, please take this time to do any last minute testing and bugfixing
and make sure any packages you expect to be in the final f40 base
repositories are pushed
* Kilian Hanich via devel:
> Am 02.04.24 um 10:22 schrieb Florian Weimer:
>>> - Can some wrappers be developed to make it both easier and safer?
>> GCC already provides function multi-versioning/target clones as a
>> higher-level interface.
>
>
> Also, upstreams should by default properly mark
On Tue, Apr 02, 2024 at 02:24:51PM +0200, Frantisek Zatloukal wrote:
> On Tue, Apr 2, 2024 at 12:39 PM Jakub Jelinek wrote:
>
> > sting->stable marked updates be still included in
> > stable without having to go through the exception/blocker process?
> >
>
> I was told there would be one more
On Tue, Apr 2, 2024 at 3:12 PM Dmitry Belyavskiy wrote:
> Third-party engines may be a problem but as we don't break ABI, it's not a
> problem of the moment.
The fact you are removing the headers means it is
a problem for 3rd party engines who build from
source (and everyone should at least
On Sat, 2024-03-30 at 15:23 +, Zbigniew Jędrzejewski-Szmek wrote:
> On Sat, Mar 30, 2024 at 07:25:50AM -0500, Chris Adams wrote:
> > Once upon a time, Michael Catanzaro said:
> > > I agree that running autoreconf on our packages makes sense to start
> > > doing. Still, to avoid this
On Tue, Apr 02, 2024 at 12:45:18AM -0700, Gordon Messmer wrote:
> On 2024-04-01 23:59, Gordon Messmer wrote:
> >Now gdb can print the GOT with the paths providing the memory
> >section containing a function. For example, on a Debian 12 system
> >with liblzma 5.6:
>
>
> Purely as trivia, and as
On Tue, Apr 02, 2024 at 05:09:18PM +0200, Kilian Hanich via devel wrote:
> Am 02.04.24 um 10:22 schrieb Florian Weimer:
> >> - Can some wrappers be developed to make it both easier and safer?
> >GCC already provides function multi-versioning/target clones as a
> >higher-level interface.
>
>
>
Hi Maxwell & Go SIG,
we have recently started working on introducing a bundled() provides
generator for golang in openSUSE and found a very simple solution using
the output of `go version -m /path/to/binary` [1]
The solution is of course only that simple, because we build more or
less all go
Dear Luca
On Tue, Apr 2, 2024 at 4:32 PM Luca Boccassi wrote:
> > Hi Zbigniew!
> >
> > On Tue, Apr 2, 2024 at 1:15 PM Zbigniew Jędrzejewski-Szmek <
> > zbyszek(a)in.waw.pl wrote:
> >
> >
> > Thanks. In the period between the proposal was written and published the
> > TPM2 provider has landed in
Am 02.04.24 um 10:22 schrieb Florian Weimer:
- Can some wrappers be developed to make it both easier and safer?
GCC already provides function multi-versioning/target clones as a
higher-level interface.
Also, upstreams should by default properly mark their stuffs with
restrictive
> Hi Zbigniew!
>
> On Tue, Apr 2, 2024 at 1:15 PM Zbigniew Jędrzejewski-Szmek <
> zbyszek(a)in.waw.pl wrote:
>
>
> Thanks. In the period between the proposal was written and published the
> TPM2 provider has landed in Fedora.
> PKCS#11 provider is already here for a while.
The fact that such
https://bugzilla.redhat.com/show_bug.cgi?id=2266094
Fedora Update System changed:
What|Removed |Added
Fixed In Version|perl-Compress-Raw-Zlib-2.20 |perl-Compress-Raw-Zlib-2.20
https://bugzilla.redhat.com/show_bug.cgi?id=2265610
Fedora Update System changed:
What|Removed |Added
Fixed In Version|perl-Log-ger-0.042-1.fc41 |perl-Log-ger-0.042-1.fc41
https://bugzilla.redhat.com/show_bug.cgi?id=2269439
Fedora Update System changed:
What|Removed |Added
Fixed In Version|perl-HTML-Parser-3.82-1.fc4 |perl-HTML-Parser-3.82-1.fc4
Hi Zbigniew!
On Tue, Apr 2, 2024 at 1:15 PM Zbigniew Jędrzejewski-Szmek <
zbys...@in.waw.pl> wrote:
> On Tue, Apr 02, 2024 at 10:45:32AM +0100, Aoife Moloney wrote:
> > == Summary ==
> > We disable building the packages using ENGINE API in OpenSSL without
> > breaking ABI.
>
> "Without breaking
Dne 30. 03. 24 v 18:26 Artem S. Tashkinov via devel napsal(a):
Hi,
It was sheer luck that the exploit was discovered and major distros haven't yet
included it in their stable releases. It's quite possible and plausible it
could have reached RHEL, Debian, Ubuntu, SLES and other distros and
Dne 30. 03. 24 v 22:14 Zbigniew Jędrzejewski-Szmek napsal(a):
On Sat, Mar 30, 2024 at 08:00:29PM +0100, Kevin Kofler via devel wrote:
Zbigniew Jędrzejewski-Szmek wrote:
I think there's some useful points here, but this would need to be
qualified and/or made more flexible to be applied.
For
On Tue, 2 Apr 2024 at 08:18, Lennart Poettering
wrote:
> On Di, 02.04.24 14:04, Petr Menšík (pemen...@redhat.com) wrote:
>
>
> > Could be even smaller library libsystemd-notify linked from libsystemd,
> > which would allow end applications to explicitly declare they need more
> > limited set of
OLD: Fedora-40-20240401.n.0
NEW: Fedora-40-20240402.n.0
= SUMMARY =
Added images:1
Dropped images: 3
Added packages: 1
Dropped packages:3
Upgraded packages: 343
Downgraded packages: 0
Size of added packages: 41.93 MiB
Size of dropped packages:16.87 MiB
On Tue, Apr 2, 2024 at 12:39 PM Jakub Jelinek wrote:
> sting->stable marked updates be still included in
> stable without having to go through the exception/blocker process?
>
I was told there would be one more stable push at the releng channel on
matrix.
--
Best regards / S pozdravem,
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
--- Comment #4 from Fedora Update System ---
FEDORA-2024-176c95f1c4 (perl-SDL-2.548-23.fc40) has been submitted as an update
to Fedora 40.
https://bodhi.fedoraproject.org/updates/FEDORA-2024-176c95f1c4
--
You are receiving this mail
On Di, 02.04.24 14:04, Petr Menšík (pemen...@redhat.com) wrote:
> I am not convinced dlopen will it make secure in the end. I am not sure this
> is a good solution. dlopen makes those dependencies non-obvious from
> packaging side and non-visible from ldd or similar checking programs.
>
> I think
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
Petr Pisar changed:
What|Removed |Added
Fixed In Version||perl-SDL-2.548-23.fc41
I am not convinced dlopen will it make secure in the end. I am not sure
this is a good solution. dlopen makes those dependencies non-obvious
from packaging side and non-visible from ldd or similar checking programs.
I think it should be considered to offer more than one dynamic library.
For
* Lennart Poettering:
> On Sa, 30.03.24 18:56, Fedora Development ML (devel@lists.fedoraproject.org)
> wrote:
>
>> > In systemd git main, libsystemd is only linked to libc, libcap,
>> > and libgcrypt + libgpg-error. A pull request to convert that that last
>> > pair to dlopen is under review.
>>
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
Petr Pisar changed:
What|Removed |Added
Assignee|hdego...@redhat.com |ppi...@redhat.com
Status|NEW
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
Petr Pisar changed:
What|Removed |Added
Link ID||Github
|
On Tue, Apr 02, 2024 at 10:45:32AM +0100, Aoife Moloney wrote:
> == Summary ==
> We disable building the packages using ENGINE API in OpenSSL without
> breaking ABI.
"Without breaking ABI" is a improvement.
Everything else — not so much.
> == Detailed Description ==
> We are going to deprecate
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
Petr Pisar changed:
What|Removed |Added
Summary|perl-SDL-2.548-22.fc41 |perl-SDL-2.548-22.fc41
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
--- Comment #1 from Petr Pisar ---
Verbose output of the test:
$ prove -b -v t/core_events.t
t/core_events.t ..
ok 1 - SDL::Events->can(...)
ok 2 - SDL::Event->can(...)
[...]
ok 692 - [joystick_event_state] return SDL_IGNORE correctly
ok 693
https://bugzilla.redhat.com/show_bug.cgi?id=2272636
Bug ID: 2272636
Summary: perl-SDL-2.548-22.fc41 FTBFS: t/core_events.t fails
Product: Fedora
Version: rawhide
URL: https://koschei.fedoraproject.org/package/perl-SDL
Status:
On Sa, 30.03.24 13:18, Gordon Messmer (gordon.mess...@gmail.com) wrote:
> On 2024-03-30 02:37, Richard W.M. Jones wrote:
> > (3) We should have a "security path", like "critical path".
> >
> > sshd is linked to a lot of libraries:
>
>
> I really don't want to start a systemd thread, but... the
On Tue, Apr 02, 2024 at 12:33:04PM +0530, Samyak Jain wrote:
> Today, 2024-04-02, is an important day on the Fedora Linux 40 schedule
> [1], with significant cut-offs.
>
> Today we have the Final Freeze [2] which starts at 14:00 UTC. This means
> that only packages that fix accepted blocker or
On Sa, 30.03.24 18:56, Fedora Development ML (devel@lists.fedoraproject.org)
wrote:
> > In systemd git main, libsystemd is only linked to libc, libcap,
> > and libgcrypt + libgpg-error. A pull request to convert that that last
> > pair to dlopen is under review.
>
> That helps somewhat (it would
* Gordon Messmer:
> Why doesn't dlopen() solve the problem? As best I understand it,
> liblzma was able to steal one (or more) of the symbols from
> libcrypto.so.3 because it ran constructors at a point in time when the
> GOT was still writable. After loading shared objects is complete,
> that
Wiki - https://fedoraproject.org/wiki/Changes/OpensslDeprecateEngine
This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be
Wiki - https://fedoraproject.org/wiki/Changes/OpensslDeprecateEngine
This is a proposed Change for Fedora Linux.
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be
Wiki - https://fedoraproject.org/wiki/Changes/FedoraPlasmaWorkstation
This document represents a proposed Change. As part of the Changes
process, proposals are publicly announced in order to receive
community feedback. This proposal will only be implemented if approved
by the Fedora Engineering
Hi all,
Today, 2024-04-02, is an important day on the Fedora Linux 40 schedule
[1], with significant cut-offs.
Today we have the Final Freeze [2] which starts at 14:00 UTC. This means
that only packages that fix accepted blocker or freeze exception bugs
[3][4][5] will be marked as 'stable' and
On Tue, Apr 02, 2024 at 02:00:52AM -0700, Gordon Messmer wrote:
> On 2024-03-30 09:12, Neal Gompa wrote:
> > Note that dlopen() doesn't fix the problem of the giant libsystemd in
> > the first place. It just obfuscates the true dependency graph of
> > libsystemd.
>
>
> This isn't my area of
On Tue, Apr 02, 2024 at 10:59:10AM +0200, Florian Weimer wrote:
> * Richard W. M. Jones:
> > In the xz case this wouldn't have been enough, it turns out we would
> > also have to delete m4/build-to-host.m4, which then autoreconf
> > regenerates. I don't fully understand why that is.
>
> I would
On Tue, Apr 2, 2024 at 4:59 AM Florian Weimer wrote:
>
> * Richard W. M. Jones:
>
> > I'm not pretending these will solve everything, but they should make
> > attacks a little harder in future.
> >
> >
> > (1) We should routinely delete autoconf-generated cruft from upstream
> > projects and
On 2024-03-30 09:12, Neal Gompa wrote:
Note that dlopen() doesn't fix the problem of the giant libsystemd in
the first place. It just obfuscates the true dependency graph of
libsystemd.
This isn't my area of expertise, but I am curious:
Why doesn't dlopen() solve the problem? As best I
* Richard W. M. Jones:
> I'm not pretending these will solve everything, but they should make
> attacks a little harder in future.
>
>
> (1) We should routinely delete autoconf-generated cruft from upstream
> projects and regenerate it in %prep. It is easier to study the real
> source rather
1 - 100 of 109 matches
Mail list logo
