Re: Retiring a set of old X utilities

[Peter Hutterer]

On Thu, Apr 22, 2021 at 12:37:40AM -0400, DJ Delorie wrote:
> Peter Hutterer  writes:
> > xfd
> 
> I use this a lot; what is the modern replacement for it?

I was about to say gnome-font-viewer but that doesn't seem to list the old X
fonts (or requires conversion or something). So, tbh, I'm not sure there is
one.

Cheers,
   Peter
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Retiring a set of old X utilities

[DJ Delorie]

Peter Hutterer  writes:
> xfd

I use this a lot; what is the modern replacement for it?
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Test-Announce] Fedora 34 Candidate RC-1.1 Available Now!

[rawhide]

According to the schedule [1], Fedora 34 Candidate RC-1.1 is now
available for testing. Please help us complete all the validation
testing! For more information on release validation testing, see:
https://fedoraproject.org/wiki/QA:Release_validation_test_plan

Test coverage information for the current release can be seen at:
https://openqa.fedoraproject.org/testcase_stats/34

You can see all results, find testing instructions and image download
locations, and enter results on the Summary page:

https://fedoraproject.org/wiki/Test_Results:Fedora_34_RC_1.1_Summary

The individual test result pages are:

https://fedoraproject.org/wiki/Test_Results:Fedora_34_RC_1.1_Installation
https://fedoraproject.org/wiki/Test_Results:Fedora_34_RC_1.1_Base
https://fedoraproject.org/wiki/Test_Results:Fedora_34_RC_1.1_Server
https://fedoraproject.org/wiki/Test_Results:Fedora_34_RC_1.1_Cloud
https://fedoraproject.org/wiki/Test_Results:Fedora_34_RC_1.1_Desktop
https://fedoraproject.org/wiki/Test_Results:Fedora_34_RC_1.1_Security_Lab

All RC priority test cases for each of these test pages [2] must
pass in order to meet the RC Release Criteria [3].

Help is available on #fedora-qa on irc.freenode.net [4], or on the
test list [5].

Current Blocker and Freeze Exception bugs:
http://qa.fedoraproject.org/blockerbugs/current

[1] http://fedorapeople.org/groups/schedule/f-34/f-34-quality-tasks.html
[2] https://fedoraproject.org/wiki/QA:Release_validation_test_plan
[3] https://fedoraproject.org/wiki/Fedora_34_RC_Release_Criteria
[4] irc://irc.freenode.net/fedora-qa
[5] https://lists.fedoraproject.org/archives/list/t...@lists.fedoraproject.org/
___
test-announce mailing list -- test-annou...@lists.fedoraproject.org
To unsubscribe send an email to test-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/test-annou...@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

License change: harmonyseq (changed from “GPLv3+” to “GPLv3+ and CC0”)

[Benjamin Beasley]

The harmonyseq package changed from “GPLv3+” to “GPLv3+ and CC0” due to the 
downstream addition of an AppData XML file under the latter license 
(https://github.com/rafalcieslak/harmonySEQ/issues/5).
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Retiring a set of old X utilities

[Peter Hutterer]

Now that the XorgUtilityDeaggregation [1] is complete, I'm planning to
retire a set of old X utilities that I think don't need to be in Fedora:

oclock
xbiff
xload
xman
xrefresh
xlogo
xpr
xfd
viewres
listres
xconsole

This is a very conservative list of packages, there are likely more
that should be on this list but for now, this is a start.

If you are using any of the above, please let me know and I'll hand the
package over to you - it's either retirement or you take over the package
maintainership.

Cheers,
   Peter

[1] https://fedoraproject.org/wiki/Changes/XorgUtilityDeaggregation
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951972] perl-CPAN-Perl-Releases-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951972



--- Comment #5 from Fedora Update System  ---
FEDORA-2021-5c48be891a has been pushed to the Fedora 33 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing
--advisory=FEDORA-2021-5c48be891a`
You can provide feedback for this update here:
https://bodhi.fedoraproject.org/updates/FEDORA-2021-5c48be891a

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information
on how to test updates.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[EPEL-devel] Re: Getting conman into EPEL8

[Trey Dockendorf]

On Mon, Apr 19, 2021 at 3:07 PM Dave Love 
wrote:

> For what it's worth, there's a conman build for x86_64 and aarch64 in
> the loveshack/livhpc copr (untested).
> ___
> epel-devel mailing list -- epel-devel@lists.fedoraproject.org
> To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
> https://pagure.io/fedora-infrastructure


There is now a conman package in EPEL8 testing:
https://src.fedoraproject.org/rpms/conman

- Trey
___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Questions regarding the new account system

[Kevin Fenzi]

On Wed, Apr 21, 2021 at 10:49:16PM +0200, Robert-André Mauchin wrote:
> Hello,
> 
> On the old account system, when I sponsored someone into the "packager"
> group, they were automatically added to the "fedorabugs" group. This is not
> the case anymore, is it a bug or a feature?

It's a bug. Already known and being worked on: 
https://pagure.io/fedora-infrastructure/issue/9869

> Globally I don't really like the new system. On a big group like:
> https://accounts.fedoraproject.org/group/packager/
> We can only see 100 members and we have lost many infos like email, date of
> membership, who sponsored them, or sorting by sponsor, compared to
> https://admin.fedoraproject.org/accounts/group/members/packager
> The Add user is hidden after the sponsor list, is not very explicit and does
> not provide a "confirmation" step like the old system. The information
> density is also way lower than before.

https://github.com/fedora-infra/noggin/issues/566

> Does anyone know where can I report bugs for this?

Already done above, but please do add anything thats not already noted
there. :) 

kevin


signature.asc
Description: PGP signature
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955



--- Comment #6 from Fedora Update System  ---
FEDORA-2021-95f5894eaa has been pushed to the Fedora 33 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing
--advisory=FEDORA-2021-95f5894eaa`
You can provide feedback for this update here:
https://bodhi.fedoraproject.org/updates/FEDORA-2021-95f5894eaa

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information
on how to test updates.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[EPEL-devel] Fedora EPEL 7 updates-testing report

[updates]

The following Fedora EPEL 7 Security updates need testing:
 Age  URL
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-f08dc6b4c1   
gnuchess-6.2.7-5.el7
  13  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-13ed778e19   
singularity-3.7.3-1.el7
  12  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-3f9b6786f4   
clamav-0.103.2-1.el7
  10  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-9daa9fc0b1   
seamonkey-2.53.7-3.el7
   6  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-fe3075d537   
wordpress-5.1.9-1.el7
   2  https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2021-044df87bd4   
rust-1.51.0-3.el7


The following builds have been pushed to Fedora EPEL 7 updates-testing

libretls-3.3.2-1.el7
mock-centos-sig-configs-0.1-3.el7
openvpn-2.4.11-1.el7
sourcextractor++-0.14-1.el7

Details about builds:



 libretls-3.3.2-1.el7 (FEDORA-EPEL-2021-5dc3f4d5fa)
 Port of libtls from LibreSSL to OpenSSL

Update Information:

 - Upgrade to 3.3.2 (#1952200)

ChangeLog:

* Wed Apr 21 2021 Robert Scheck  3.3.2-1
- Upgrade to 3.3.2 (#1952200)

References:

  [ 1 ] Bug #1952200 - libretls-3.3.2 is available
https://bugzilla.redhat.com/show_bug.cgi?id=1952200




 mock-centos-sig-configs-0.1-3.el7 (FEDORA-EPEL-2021-c2e62ff231)
 Mock configs for CentOS SIGs

Update Information:

Initial package

ChangeLog:


References:

  [ 1 ] Bug #1950559 - Review Request: mock-centos-sig-configs - Mock configs 
for CentOS SIGs
https://bugzilla.redhat.com/show_bug.cgi?id=1950559




 openvpn-2.4.11-1.el7 (FEDORA-EPEL-2021-ec6398823b)
 A full-featured SSL VPN solution

Update Information:

Security update - OpenVPN 2.5.1 and earlier versions allows a remote attackers
to bypass authentication and access control channel data on servers configured
with deferred authentication, which can be used to potentially trigger further
information leaks. (CVE-2020-15078)

ChangeLog:

* Wed Apr 21 2021 David Sommerseth  - 2.4.11-1
- Update to upstream OpenVPN 2.4.11
- Fixes CVE-2020-15078




 sourcextractor++-0.14-1.el7 (FEDORA-EPEL-2021-01fe5a1d77)
 A program that extracts a catalog of sources from astronomical images, and the 
successor of SExtractor

Update Information:

New sourcextractor release 0.14

ChangeLog:

* Wed Apr 21 2021 Alejandro Alvarez Ayllon  - 0.14-1
- Release 0.14


___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951972] perl-CPAN-Perl-Releases-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951972

Fedora Update System  changed:

   What|Removed |Added

 Status|MODIFIED|ON_QA



--- Comment #4 from Fedora Update System  ---
FEDORA-2021-7fb045a26a has been pushed to the Fedora 32 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing
--advisory=FEDORA-2021-7fb045a26a`
You can provide feedback for this update here:
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7fb045a26a

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information
on how to test updates.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955



--- Comment #5 from Fedora Update System  ---
FEDORA-2021-521060f43c has been pushed to the Fedora 32 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing
--advisory=FEDORA-2021-521060f43c`
You can provide feedback for this update here:
https://bodhi.fedoraproject.org/updates/FEDORA-2021-521060f43c

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information
on how to test updates.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Questions regarding the new account system

[Robert-André Mauchin]

Hello,

On the old account system, when I sponsored someone into the "packager" 
group, they were automatically added to the "fedorabugs" group. This is 
not the case anymore, is it a bug or a feature?


Globally I don't really like the new system. On a big group like:
https://accounts.fedoraproject.org/group/packager/
We can only see 100 members and we have lost many infos like email, date 
of membership, who sponsored them, or sorting by sponsor, compared to

https://admin.fedoraproject.org/accounts/group/members/packager
The Add user is hidden after the sponsor list, is not very explicit and 
does not provide a "confirmation" step like the old system. The 
information density is also way lower than before.


Does anyone know where can I report bugs for this?

Best regards,

Robert-André
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Florian Weimer]

* Frank Ch. Eigler:

> Unfortunately, in the absence of per-file signatures generated by the
> build system, and securely distributed out-of-band, I can't think of any
> way to provide client-side verifiability of a debuginfod type service.
> That's independent of any particular level of server code robustness.

I hat to bring them up, but IMA signatures could *almost* be used for
this.  They cover individual files.

The problem is that any Fedora developer can get an IMA signature of any
file contents.  There is nothing in the signature that says that it's
been produced by debuginfo generation.  So I'm not sure if IMA
signatures actually reduce the attack surface in any significant way.

Thanks,
Florian
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Owen Taylor]

On Wed, Apr 21, 2021 at 4:09 PM Frank Ch. Eigler  wrote:

> A direct way would be for someone to koji-download the given rpm, and
> hand-extract/compare the files.  (It's obviously not economical.)
>
> > Thus, the debuginfod server becomes a juicy target.
>
> Yes.  The Changes FAQ section discusses this topic.
>
> Unfortunately, in the absence of per-file signatures generated by the
> build system, and securely distributed out-of-band, I can't think of any
> way to provide client-side verifiability of a debuginfod type service.
> That's independent of any particular level of server code robustness.

I think there *are* solutions that reduce the attack surface so that
the public facing server no longer needs to be trusted.

Service 1: indexes signed debuginfo files in Fedora, verifying RPM
signatures, puts the object IDs and hashes into a Merkle tree
[Root node of Merkle tree is signed]
Service 2: serves out those debuginfo files to clients, along with
root signature and the nodes from the root to the file of interest

But I don't want to see this proposal blocked on implementing
something that technically complex - I think it offers big benefits to
Fedora users as is. Certainly there are other programs that are
typically run without sandboxing by developers and connect to network
services -  even entirely untrusted network services - and we
typically consider that acceptable.

Owen
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Frank Ch. Eigler]

"Sampson Fung"  writes:

> The first run, giving my "Try"s, takes much longer than the second run, which 
> gives no "Trys".
> Just from impression:
> 1st run:  From run to download finish, I will say it takes about 5+ minutes.
> 2nd run: ~1 minute
> For each "Try" given, the delay is not obvious to me.

I'm pretty sure Sampson was affected by a proxy.stg.fedoraproject.org
misconfiguration problem that was fixed about an hour ago, so those
timeouts should not be happening any more.  That means we'd be down to
normal service latencies ameliorated by caching effects.

A cute demonstration of the cost/benefit of this capability now in the
distro, I recently ran

% gdb /usr/bin/gnome-control-center

On a normal machine, you'll get no debuginfo and a suggestion to install
a wall-of-text list of RPMs as root.

On a debuginfod configured machine, you'll get gdb downloading ~400MB of
debuginfo (HTTP compressed -- decompresses to ~6GB) as rapidly as your
network connection allows.  This could take some minutes, for the first
time.  After that time, you get instant visibility into the entire
enormous gnome software stack, including LLVM, mesa, x11, samba, gst,
opengl, glib, etc. etc. etc.  right down to the glibc assembly wrappers
for syscalls.

- FChE
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Schedule for Thursday's FPC Meeting (2021-04-22 16:00 UTC)

[James Antill]

 Following is the list of topics that will be discussed in the FPC
meeting Thursday at 2021-04-22 16:00 UTC in #fedora-meeting-1 on
irc.freenode.net.

 Local time information (via. uitime):

= Day: Thursday ==
2021-04-22 09:00 PDT  US/Pacific
2021-04-22 12:00 EDT  --> US/Eastern <--
2021-04-22 16:00 UTC  UTC   
2021-04-22 17:00 BST  Europe/London 
2021-04-22 18:00 CEST Europe/Berlin 
2021-04-22 18:00 CEST Europe/Paris  
2021-04-22 21:30 IST  Asia/Calcutta 
 New Day: Friday -
2021-04-23 00:00 HKT  Asia/Hong_Kong
2021-04-23 00:00 +08  Asia/Singapore
2021-04-23 01:00 JST  Asia/Tokyo
2021-04-23 02:00 AEST Australia/Brisbane


 Links to all tickets below can be found at: 

https://pagure.io/packaging-committee/issues?status=Open=meeting

= Followup Actions =

#topic #pr-814
 * mhroncok
   talk to authors again, having a working example might help a lot

= Followup Issues =

#topic #886 Enable BRP for detecting RPATH 
.fpc 886
https://pagure.io/packaging-committee/issue/886

#topic #907 Which %__foo macros for executables are acceptable? 
.fpc 907
https://pagure.io/packaging-committee/issue/907

#topic #1058 How to handle %lang files in package owned directories? .fpc 1058
https://pagure.io/packaging-committee/issue/1058

= Followup Pull Requests =

#topic #pr-814 Add SELinux Independent Policy Guidelines.
https://pagure.io/packaging-committee/pull-request/814

#topic #pr-1045 WIP: Add discussion of macro names beginning with underscores.
https://pagure.io/packaging-committee/pull-request/1045

= Open Floor = 

 For more complete details, please visit each individual ticket.  The
report of the agenda items can be found at:

https://pagure.io/packaging-committee/issues?status=Open=meeting

 If you would like to add something to this agenda, you can:
  * Reply to this e-mail
  * File a new ticket at: https://pagure.io/packaging-committee
  * E-mail me directly
  * Bring it up at the end of the meeting, during the open floor topic. Note
    that added topics may be deferred until the following meeting.

___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Frank Ch. Eigler]

Zbigniew Jędrzejewski-Szmek  writes:

> OTOH, the debuginfo files distributed through the debuginfod server
> are not signed and there is no direct way to verify that they match
> the (signed) contents of the debuginfo package.

A direct way would be for someone to koji-download the given rpm, and
hand-extract/compare the files.  (It's obviously not economical.)

> Thus, the debuginfod server becomes a juicy target.

Yes.  The Changes FAQ section discusses this topic.

Unfortunately, in the absence of per-file signatures generated by the
build system, and securely distributed out-of-band, I can't think of any
way to provide client-side verifiability of a debuginfod type service.
That's independent of any particular level of server code robustness.

Interestingly, if debuginfod were considered *trusted*, then it could be
used as the *basis* for such a capability, because the client-side hash
verification feature being prototyped.  It would serve trusted hashes to
RPM-based artifacts on demand.


- FChE
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Zbigniew Jędrzejewski-Szmek]

On Wed, Apr 21, 2021 at 03:15:23PM -0400, Frank Ch. Eigler wrote:
> 
> Björn Persson  writes:
> 
> >> https://sourceware.org/bugzilla/show_bug.cgi?id=27758
> >
> > The design you propose there won't improve anything for anyone. If the
> > hash is computed on the debuginfo server, then an attacker who can make
> > the server serve malicious debuginfo can also make it serve hashes that
> > match the malicious files. 
> 
> Yes, this does not provide protection against a penetrated server.  It
> does not claim to.
> 
> > And as you noted yourself, an attacker who can manipulate cached files
> > client-side has already taken over the user account anyway.
> 
> Yes and no, and so I must disagree with your "won't improve ... for
> anyone".  The proposed client-side verification is roughly analogous to
> running "rpm -V" on a machine.  Yes, if an attacker has control at that
> moment, it's not reliable.  Nevertheless, to detect residue of a
> -previous attack- or accidental data corruption, it can be worthwhile.

We have btrfs now… It's not exactly the same, but it provides protection
against the most likely corruption scenario — disk errors.

> > [...]  I see that debuginfod.fedoraproject.org is currently another
> > name for koji.fedoraproject.org. 
> 
> They are separate VMs, if that's what you mean.  (You may be confused by
> use of a number of shared HTTP front-end proxies.)
> 
> > Given that it serves debuginfo only for Fedora packages, and does not
> > forward requests to any other debuginfo servers, using this server
> > seems equivalent security-wise to downloading unsigned packages from
> > Koji.
> 
> Not exactly.  All the data is -from- signed packages.

It is equivalent in the following sense: if the server is compromised,
it can serve any data it wants, and the client has no chance of
knowing.

Zbyszek
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Sampson Fung]

IP addresses sent by gmail.

Thanks for the reminder for the new URL.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Sampson Fung]

I have run the same debug session using two different machines.

The first run, giving my "Try"s, takes much longer than the second run, which 
gives no "Trys".

Just from impression:
1st run:  From run to download finish, I will say it takes about 5+ minutes.
2nd run: ~1 minute

For each "Try" given, the delay is not obvious to me.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Frank Ch. Eigler]

Björn Persson  writes:

>> https://sourceware.org/bugzilla/show_bug.cgi?id=27758
>
> The design you propose there won't improve anything for anyone. If the
> hash is computed on the debuginfo server, then an attacker who can make
> the server serve malicious debuginfo can also make it serve hashes that
> match the malicious files. 

Yes, this does not provide protection against a penetrated server.  It
does not claim to.

> And as you noted yourself, an attacker who can manipulate cached files
> client-side has already taken over the user account anyway.

Yes and no, and so I must disagree with your "won't improve ... for
anyone".  The proposed client-side verification is roughly analogous to
running "rpm -V" on a machine.  Yes, if an attacker has control at that
moment, it's not reliable.  Nevertheless, to detect residue of a
-previous attack- or accidental data corruption, it can be worthwhile.

> [...]  I see that debuginfod.fedoraproject.org is currently another
> name for koji.fedoraproject.org. 

They are separate VMs, if that's what you mean.  (You may be confused by
use of a number of shared HTTP front-end proxies.)

> Given that it serves debuginfo only for Fedora packages, and does not
> forward requests to any other debuginfo servers, using this server
> seems equivalent security-wise to downloading unsigned packages from
> Koji.

Not exactly.  All the data is -from- signed packages.

> To make the debuginfo protocol as secure as signed debuginfo packages,
> the client should verify the files against a hash computed and signed
> on the signing server.

If the threat model includes a -local active attacker-, then this would
not help either.  An attacker could interfere with the local keystore
and/or trust chains and/or signature verification software.

> For those who are concerned about privacy, the proposal would make
> that problem worse as it would cause the "phoning home" to happen
> every time they debug something.

That's if they wish to rely on live verification.

Note that the privacy being leaked consists of the hex buildid of the
program being debugged, and an elfutils#/fedora#/arch, and of course IP
address.  It's not nothing, but it's nothing more.  It's roughly
equivalent to the dnf-automatic.timer call-home in this respect.

> By the way, the change page still doesn't say enough about how network
> problems will affect the user experience. [...]

I'm not sure why you say "still" when this question was not posed here
before.  I will add some text on this.


- FChE
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Sampson Fung]

It is just a short delay then the "Try" suggestion is given.

My first run using my Notebook takes quite some time.

A few hours later, I run again using my Desktop, this time is very fast and no 
"Try" given.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

F34 Final Go/No-Go moved to Friday

[Ben Cotton]

Hi everyone,

Since we anticipate a Fedora Linux 34 release candidate request today,
I am moving the Go/No-Go meeting from Thursday to Friday. This will
allow the QA team more time to perform validation tests.

The Fedora Linux 34 Final Go/No-Go[1] meeting is scheduled for Friday
23 April at 1700 UTC in #fedora-meeting-1. At this time, we will
determine the status of F34 for the 27 April target date. For more
information about the Go/No-Go meeting, see the wiki[2].

[1] https://calendar.fedoraproject.org/meeting/9969/
[2] https://fedoraproject.org/wiki/Go_No_Go_Meeting

-- 
Ben Cotton
He / Him / His
Senior Program Manager, Fedora & CentOS Stream
Red Hat
TZ=America/Indiana/Indianapolis
___
devel-announce mailing list -- devel-announce@lists.fedoraproject.org
To unsubscribe send an email to devel-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel-announce@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[EPEL-devel] Re: Intent to update nginx to 1.20.0

[Kevin Fenzi]

On Tue, Apr 20, 2021 at 11:01:14PM -0400, Felix Kaechele wrote:
> Hi there,
> 
> I think this has been discussed at committee meetings before: nginx's
> procedure of immediately dropping a release series when a new one hits the
> stable branches is essentially forcing us to upgrade along with it, unless
> someone is willing to backport patches.
> 
> I personally am not willing to do backports as I do not use EL7 at this
> point and only continue maintaining the package as a courtesy to the
> community.
> 
> I therefor intend to make the following changes to the nginx package in
> EPEL7:
> - Update to 1.20.0
> - build against OpenSSL 1.1 to enable TLS1.3 support
> 
> Do I require additional permission do move forward with this in this manner?
> There should not be any breaking changes or incompatible changes to config
> syntax. But I'll admit that I do not have complex config scenarios as
> testcases.
> 
> EPEL8 is not affected as nginx doesn't have an EPEL build for EL8. It is
> maintained upstream.
> There are, however, modules with certain streams (1.18 and mainline, for
> example) available from EPEL.

I think this sounds fine, but you might want to send a note to
'epel-annou...@lists.fedoraproject.org' once its in updates-testing and
again when it goes to stable. 

kevin


signature.asc
Description: PGP signature
___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Test-Announce] F34 Final Go/No-Go moved to Friday

[Ben Cotton]

Hi everyone,

Since we anticipate a Fedora Linux 34 release candidate request today,
I am moving the Go/No-Go meeting from Thursday to Friday. This will
allow the QA team more time to perform validation tests.

The Fedora Linux 34 Final Go/No-Go[1] meeting is scheduled for Friday
23 April at 1700 UTC in #fedora-meeting-1. At this time, we will
determine the status of F34 for the 27 April target date. For more
information about the Go/No-Go meeting, see the wiki[2].

[1] https://calendar.fedoraproject.org/meeting/9969/
[2] https://fedoraproject.org/wiki/Go_No_Go_Meeting

-- 
Ben Cotton
He / Him / His
Senior Program Manager, Fedora & CentOS Stream
Red Hat
TZ=America/Indiana/Indianapolis
___
test-announce mailing list -- test-annou...@lists.fedoraproject.org
To unsubscribe send an email to test-announce-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/test-annou...@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Frank Ch. Eigler]

Björn Persson  writes:

> I was wondering what the user experience would be like in such a
> situation. Could you estimate how long you had to wait in total? Was
> there a long delay before each "Timer expired" message, or only one
> delay?

Each outright-hung request could entail a $DEBUGINFOD_TIMEOUT (default
90s) wait.  The common code does not "hold a grudge" against a server
that formerly timed out.

- FChE
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Frank Ch. Eigler]

"FUNG Chi Chuen Sampson"  writes:

> Downloading separate debug info for /lib64/liblzma.so.5...
> Download failed: Timer expired.  Continuing without debug info for 
> /lib64/libbrotlicommon.so.1.
> Missing separate debuginfo for /lib64/libbrotlicommon.so.1
> [...]

By the way, if you were using the staging (.stg.) debuginfod server,
please switch to the main one, which is in full service.

DEBUGINFOD_URLS=https://debuginfod.fedoraproject.org/

We're currently tracking down some infrastructure/proxy problem that
intermittently affects only the .stg. ones.

- FChE
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Frank Ch. Eigler]

sampsonfung wrote:

> While trying to collect a backtrace for org.gnome.Tetravex, I got this in gdb:

> [...]
> Download failed: Timer expired.  Continuing without debug info for 
> /lib64/libzstd.so.1.
> Missing separate debuginfo for /lib64/libzstd.so.1
> Try: dnf --enablerepo='*debug*' install 
> /usr/lib/debug/.build-id/33/70d80a1bf749b3c2baaad0188c864ee9e4bbc4.debug
> [...]

We have had reports that from some corners of the internet (e.g. behind
the "great firewall"), that maintaining a waiting HTTPS connection for
10s of seconds was fragile.  Extending the $DEBUGINFOD_TIMEOUT on the
other hand was sometimes reported to help.

https://sourceware.org/bugzilla/show_bug.cgi?id=27531

Looking over the system logs for that particular request (3370d80a...),
I'm seeing debuginfod.fedoraproject.org answer that particular buildid
in about tens of milliseconds (!) a bunch of times, and one failure to
transmit (usually a broken HTTP connection).  If you could send me
(directly) the IP address from where you requested it, and the
$DEBUGINFOD_URLS you were using, I could look further in the logs.  But
so far I see no sign of something triggering timeouts on this side.


- FChE
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: PETSc 3.15

[Ankur Sinha]

On Mon, Apr 19, 2021 12:05:09 +0200, Antonio T. sagitter wrote:
> PETSc-3.15 is built in side-tag f35-build-side-40112
> Please, rebuild your own related package.

Thanks:

> > python-steps-0:3.5.0-5.fc33.src

Done: https://koji.fedoraproject.org/koji/taskinfo?taskID=66426528


-- 
Thanks,
Regards,
Ankur Sinha "FranciscoD" (He / Him / His) | 
https://fedoraproject.org/wiki/User:Ankursinha
Time zone: Europe/London


signature.asc
Description: PGP signature
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Non-responsive maintainer: liangwen12year nando pavlix zoglesby

[Sérgio Basto]

On Fri, 2021-04-16 at 09:32 -0400, Ben Cotton wrote:
> On Fri, Apr 16, 2021 at 9:19 AM Pierre-Yves Chibon <
> pin...@pingoured.fr> wrote:
> > zoglesby is maintainer of rpms/publican-fedora
> > 
> Huh. That still exists? What a throwback!

publican-fedora is not marked as retired on 
https://src.fedoraproject.org/rpms/publican-fedora ! 

is just orphan 

> > Does anyone know how to contact them?
> > 
> I sent a tweet in zoglesby's direction. He posted about a week ago,
> so
> hopefully he'll see it.
> 
> 
> -- 
> Ben Cotton
> He / Him / His
> Senior Program Manager, Fedora & CentOS Stream
> Red Hat
> TZ=America/Indiana/Indianapolis
> ___
> devel mailing list -- devel@lists.fedoraproject.org
> To unsubscribe send an email to devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct: 
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: 
> https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives: 
> https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
> Do not reply to spam on the list, report it: 
> https://pagure.io/fedora-infrastructure
-- 
Sérgio M. B.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

OFFLIST Re: Call for testing: nginx 1.20.0 with permission changes on logs

[PGNet Dev]

Hi,

OFFLIST as it's not directly pertinent to your specific distro pkgs.

but, since you're packaging, fwiw, I take a very different approach than 
distro-pkgd atm,

  
https://download.copr.fedorainfracloud.org/results/pgfed/nginx-mainline/fedora-33-x86_64/02142389-nginx/nginx.spec

that puts runtime service files under /run/nginx and logs under /var/log/nginx, 
both chown'd as wwwrun:www.

personally, I find it a lot cleaner, easier to manage.  my $0.02, anyway.

that said, I'm very clear 'my' pkg'ing is not even close to release canonical 
... i.e., just fyi.




On 4/21/21 1:25 PM, Felix Kaechele via devel wrote:

Dear Fedorans,

Nginx 1.20.0 stable was just released and I took the opportunity to squash some 
long standing open bugs while updating the package.

The new release is on it's way to updates-testing right now.

I would like to encourage some extra testing for this release as there is one 
behaviour change, specific to Fedora/EPEL, that may affect some use cases:
The ownership and mode of the log directory has changed to root:root and 700 
respectively. Logrotate (if in use) no longer creates the logfiles when 
rotating and leaves this to nginx which will create them as root:root-owned.
This matches the behaviour of httpd in Fedora.
You may see the effects of this if you are using external tools to process 
these logs that do not run as root, but as the nginx user instead.

The bugs relating to this are:
- BZ#1390183 CVE-2016-1247 nginx: Local privilege escalation via log files 
[fedora-all]

- BZ#1683388 Log file ownership created by logrotate inconsistent with the one 
created by systemd

In my local testing I have not seen any changes to behaviour but I would like 
to make extra sure everything continues to work as expected for users as this 
version of the package will make it's way to EPEL 7 as well to replace the EOL 
version of nginx that is currently packaged there.

Quite a number of other bugs that I deem to have no effect on simple upgrades 
have made it's way into this release of the package as well. Specifically:
- BZ#1565377 Service reload should check configuration file
- BZ#1708799 Drop nginx requirement on nginx-all-modules
- BZ#1834452 Enable --with-compat configure option
- BZ#1869026 nginx.service fails to parse /run/nginx.pid
- BZ#1943779 nginx.service wants wrong network target - causes race condition 
on boot

Here are the links to Bodhi for this update. Please test these releases and 
provide feedback/karma.

Fedora 34: https://bodhi.fedoraproject.org/updates/FEDORA-2021-3aa9ac7fd1
Fedora 33: https://bodhi.fedoraproject.org/updates/FEDORA-2021-10c1cd4cba
Fedora 32: https://bodhi.fedoraproject.org/updates/FEDORA-2021-1556d440ba

Thanks a ton!

Regards,
Felix
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Call for testing: nginx 1.20.0 with permission changes on logs

[Felix Kaechele via devel]

Dear Fedorans,

Nginx 1.20.0 stable was just released and I took the opportunity to 
squash some long standing open bugs while updating the package.


The new release is on it's way to updates-testing right now.

I would like to encourage some extra testing for this release as there 
is one behaviour change, specific to Fedora/EPEL, that may affect some 
use cases:
The ownership and mode of the log directory has changed to root:root and 
700 respectively. Logrotate (if in use) no longer creates the logfiles 
when rotating and leaves this to nginx which will create them as 
root:root-owned.

This matches the behaviour of httpd in Fedora.
You may see the effects of this if you are using external tools to 
process these logs that do not run as root, but as the nginx user instead.


The bugs relating to this are:
- BZ#1390183 CVE-2016-1247 nginx: Local privilege escalation via log 
files [fedora-all]


- BZ#1683388 Log file ownership created by logrotate inconsistent with 
the one created by systemd


In my local testing I have not seen any changes to behaviour but I would 
like to make extra sure everything continues to work as expected for 
users as this version of the package will make it's way to EPEL 7 as 
well to replace the EOL version of nginx that is currently packaged there.


Quite a number of other bugs that I deem to have no effect on simple 
upgrades have made it's way into this release of the package as well. 
Specifically:

- BZ#1565377 Service reload should check configuration file
- BZ#1708799 Drop nginx requirement on nginx-all-modules
- BZ#1834452 Enable --with-compat configure option
- BZ#1869026 nginx.service fails to parse /run/nginx.pid
- BZ#1943779 nginx.service wants wrong network target - causes race 
condition on boot


Here are the links to Bodhi for this update. Please test these releases 
and provide feedback/karma.


Fedora 34: https://bodhi.fedoraproject.org/updates/FEDORA-2021-3aa9ac7fd1
Fedora 33: https://bodhi.fedoraproject.org/updates/FEDORA-2021-10c1cd4cba
Fedora 32: https://bodhi.fedoraproject.org/updates/FEDORA-2021-1556d440ba

Thanks a ton!

Regards,
Felix
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Fedora-34-20210421.n.0 compose check report

[Fedora compose checker]

No missing expected images.

Failed openQA tests: 3/189 (x86_64), 3/127 (aarch64)

New failures (same test not failed in Fedora-34-20210420.n.0):

ID: 864104  Test: x86_64 Everything-boot-iso install_default@uefi
URL: https://openqa.fedoraproject.org/tests/864104
ID: 864192  Test: aarch64 Server-dvd-iso install_blivet_lvm_ext4@uefi
URL: https://openqa.fedoraproject.org/tests/864192
ID: 864260  Test: x86_64 universal install_blivet_lvmthin
URL: https://openqa.fedoraproject.org/tests/864260

Old failures (same test failed in Fedora-34-20210420.n.0):

ID: 864247  Test: x86_64 universal install_asian_language
URL: https://openqa.fedoraproject.org/tests/864247
ID: 864322  Test: aarch64 universal install_asian_language@uefi
URL: https://openqa.fedoraproject.org/tests/864322
ID: 864341  Test: aarch64 universal install_blivet_resize_lvm@uefi
URL: https://openqa.fedoraproject.org/tests/864341

Soft failed openQA tests: 4/189 (x86_64), 6/127 (aarch64)
(Tests completed, but using a workaround for a known bug)

Old soft failures (same test soft failed in Fedora-34-20210420.n.0):

ID: 864058  Test: x86_64 Server-dvd-iso install_vncconnect_client
URL: https://openqa.fedoraproject.org/tests/864058
ID: 864099  Test: x86_64 Server-dvd-iso install_vnc_client
URL: https://openqa.fedoraproject.org/tests/864099
ID: 864156  Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud
URL: https://openqa.fedoraproject.org/tests/864156
ID: 864162  Test: aarch64 Minimal-raw_xz-raw.xz 
install_arm_image_deployment_upload@uefi
URL: https://openqa.fedoraproject.org/tests/864162
ID: 864175  Test: aarch64 Server-dvd-iso install_vncconnect_client@uefi
URL: https://openqa.fedoraproject.org/tests/864175
ID: 864200  Test: aarch64 Server-dvd-iso install_vnc_client@uefi
URL: https://openqa.fedoraproject.org/tests/864200
ID: 864215  Test: aarch64 Server-raw_xz-raw.xz 
install_arm_image_deployment_upload@uefi
URL: https://openqa.fedoraproject.org/tests/864215
ID: 864237  Test: aarch64 Cloud_Base-qcow2-qcow2 cloud_autocloud@uefi
URL: https://openqa.fedoraproject.org/tests/864237
ID: 864296  Test: x86_64 universal upgrade_2_server_domain_controller
URL: https://openqa.fedoraproject.org/tests/864296
ID: 864351  Test: aarch64 universal upgrade_2_server_domain_controller@uefi
URL: https://openqa.fedoraproject.org/tests/864351

Passed openQA tests: 181/189 (x86_64), 118/127 (aarch64)

New passes (same test not passed in Fedora-34-20210420.n.0):

ID: 864283  Test: x86_64 universal install_sata@uefi
URL: https://openqa.fedoraproject.org/tests/864283

Installed system changes in test x86_64 Server-dvd-iso install_default_upload: 
System load changed from 0.24 to 0.06
Previous test data: https://openqa.fedoraproject.org/tests/862723#downloads
Current test data: https://openqa.fedoraproject.org/tests/864062#downloads

Installed system changes in test x86_64 Workstation-live-iso 
install_default@uefi: 
3 packages(s) added since previous compose: xhost, xmodmap, xrdb
3 packages(s) removed since previous compose: libmcpp, mcpp, 
xorg-x11-server-utils
System load changed from 0.68 to 0.41
Previous test data: https://openqa.fedoraproject.org/tests/862768#downloads
Current test data: https://openqa.fedoraproject.org/tests/864107#downloads

Installed system changes in test x86_64 Workstation-live-iso 
install_default_upload: 
3 packages(s) added since previous compose: xhost, xmodmap, xrdb
3 packages(s) removed since previous compose: libmcpp, mcpp, 
xorg-x11-server-utils
System load changed from 0.59 to 0.71
Previous test data: https://openqa.fedoraproject.org/tests/862769#downloads
Current test data: https://openqa.fedoraproject.org/tests/864108#downloads

Installed system changes in test x86_64 KDE-live-iso install_default@uefi: 
3 packages(s) added since previous compose: iceauth, xhost, xrdb
3 packages(s) removed since previous compose: libmcpp, mcpp, 
xorg-x11-server-utils
System load changed from 0.70 to 0.87
Previous test data: https://openqa.fedoraproject.org/tests/862786#downloads
Current test data: https://openqa.fedoraproject.org/tests/864125#downloads

Installed system changes in test x86_64 KDE-live-iso install_default_upload: 
3 packages(s) added since previous compose: iceauth, xhost, xrdb
3 packages(s) removed since previous compose: libmcpp, mcpp, 
xorg-x11-server-utils
Previous test data: https://openqa.fedoraproject.org/tests/862787#downloads
Current test data: https://openqa.fedoraproject.org/tests/864126#downloads

Installed system changes in test x86_64 Silverblue-dvd_ostree-iso 
install_default@uefi: 
Mount /run contents changed to 71.03511591% of previous size
Previous test data: https://openqa.fedoraproject.org/tests/862805#downloads
Current test data: https://openqa.fedoraproject.org/tests/864144#downloads

Installed system changes in test x86_64 Silverblue-dvd_ostree-iso 
install_default_upload: 
Mount /run/user/977 

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Zbigniew Jędrzejewski-Szmek]

On Wed, Apr 21, 2021 at 11:26:10AM +0200, Björn Persson wrote:
> Frank Ch. Eigler wrote:
> > Björn Persson writes:
> > 
> > > · How is it verified that files received from debuginfo servers have not
> > >   been tampered with?  
> > 
> > Following up further to this, we're planning to add optional client-side
> > hash-verification of cached content, to provide some protection against
> > tampering:
> > 
> > https://sourceware.org/bugzilla/show_bug.cgi?id=27758
> 
> The design you propose there won't improve anything for anyone. If the
> hash is computed on the debuginfo server, then an attacker who can make
> the server serve malicious debuginfo can also make it serve hashes that
> match the malicious files. And as you noted yourself, an attacker who
> can manipulate cached files client-side has already taken over the user
> account anyway.
> 
> Quote from Sourceware Bugzilla:
> > As transport over HTTPS protects the content, we can safely assume
> > that immediately during/after the download, the content will be fine.
> > However, what of cached files?
> 
> Of course – from your point of view. From my point of view, I can safely
> assume that nobody has tampered with my cache. However, what of files on
> the debuginfo server?
> 
> I see that debuginfod.fedoraproject.org is currently another name for
> koji.fedoraproject.org. Given that it serves debuginfo only for Fedora
> packages, and does not forward requests to any other debuginfo servers,
> using this server seems equivalent security-wise to downloading unsigned
> packages from Koji.
> 
> As far as I understand, packages are built and signed on separate
> servers with a smaller attack surface than the web front-end to minimize
> the risk that an attacker could tamper with them. To make the debuginfo
> protocol as secure as signed debuginfo packages, the client should
> verify the files against a hash computed and signed on the signing
> server.

Yes, this is the scenario which I think is worrisome. This was also raised
during the FESCo meeting, and I want to clarify a bit.

A hypothetical attack through -debuginfo files would require gdb (or
other consumers of the debug data) to incorrectly handle corrupt debug
data. Even if we don't know any such cases right now, gdb and the
underlying libraries are written in C. We have a long history of
buffer overflows and other exploitable memory handling errors, and we
should assume that sooner or later some will be discovered in those
code paths too.

Currently, the -debuginfo packages are distributed as any other
package, i.e. they are built and signed on dedicated machines. A
modification anywhere at a later point would cause a signature
mismatch. The trust level for -debuginfo data is the same as any other
package. A hypothetical attacker who gained access to the package contents
*before signing* would probably be better off modifying executable code in
those packages, instead of a roundabout attack through debug data.

OTOH, the debuginfo files distributed through the debuginfod server
are not signed and there is no direct way to verify that they match
the (signed) contents of the debuginfo package. Thus, the debuginfod
server becomes a juicy target. There are a few things which make it
particularly attractive to an attacker: the debugger is very likely to
be ran directly from a developer account. The debugger is executed
without any sandboxing, and possibly even with elevated privileges
(when debugging system services). The debugger code was not written
with security it mind, so it's more likely to be exploitable than say
a web browser.

As to the debuginfod code itself, it is in C++, and has SQL and
threads, a http server, and also does bunch of low-level string
parsing. It is also fairly new code. I don't have any particular
knowledge about the code, but some exploit being found is not outside
of the realm of possibility.

Thus, to summarize: debuginfo files served over the web provide a new
fairly big attack surface, with attacks most likely leading to a
compromise of a developer or privileged account.

Zbyszek


> 
> Perhaps a hash of the debuginfo could be stored in a signed RPM package,
> either the main package or a separate debughash package?
> 
> For those who are concerned about privacy, the proposal would make that
> problem worse as it would cause the "phoning home" to happen every time
> they debug something.
> 
> By the way, the change page still doesn't say enough about how network
> problems will affect the user experience. Making a previously offline
> activity network-dependent also makes it sensitive to network problems.
> For example, if great packet loss causes TCP timeouts or long delays,
> will that make GDB hang for minutes at a time, or is it handled
> asynchronously? Will GDB hang once per process, once per login session,
> or every time it encounters a new source filename?
> 
> Björn Persson



> ___
> devel mailing list -- 

[Bug 1952135] New: perl-Module-ScanDeps-1.31 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1952135

Bug ID: 1952135
   Summary: perl-Module-ScanDeps-1.31 is available
   Product: Fedora
   Version: rawhide
Status: NEW
 Component: perl-Module-ScanDeps
  Keywords: FutureFeature, Triaged
  Assignee: jples...@redhat.com
  Reporter: upstream-release-monitor...@fedoraproject.org
QA Contact: extras...@fedoraproject.org
CC: anon.am...@gmail.com, jose.p.oliveira@gmail.com,
jples...@redhat.com,
perl-devel@lists.fedoraproject.org, st...@silug.org
  Target Milestone: ---
Classification: Fedora



Latest upstream release: 1.31
Current version/release in rawhide: 1.30-3.fc34
URL: http://search.cpan.org/dist/Module-ScanDeps/

Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring


Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.


Based on the information from anitya:
https://release-monitoring.org/project/3112/


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951972] perl-CPAN-Perl-Releases-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951972

Jitka Plesnikova  changed:

   What|Removed |Added

   Fixed In Version||perl-CPAN-Perl-Releases-5.2
   ||0210420-1.fc35




-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951972] perl-CPAN-Perl-Releases-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951972

Fedora Update System  changed:

   What|Removed |Added

 Status|ASSIGNED|MODIFIED



--- Comment #2 from Fedora Update System  ---
FEDORA-2021-7fb045a26a has been submitted as an update to Fedora 32.
https://bodhi.fedoraproject.org/updates/FEDORA-2021-7fb045a26a


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955

Fedora Update System  changed:

   What|Removed |Added

 Status|MODIFIED|ON_QA



--- Comment #4 from Fedora Update System  ---
FEDORA-2021-62f7e9758e has been pushed to the Fedora 34 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing
--advisory=FEDORA-2021-62f7e9758e`
You can provide feedback for this update here:
https://bodhi.fedoraproject.org/updates/FEDORA-2021-62f7e9758e

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information
on how to test updates.


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Fedora-IoT-34-20210421.0 compose check report

[Fedora compose checker]

No missing expected images.

Failed openQA tests: 2/16 (x86_64), 3/15 (aarch64)

New failures (same test not failed in Fedora-IoT-34-20210420.0):

ID: 864434  Test: x86_64 IoT-dvd_ostree-iso base_services_start
URL: https://openqa.fedoraproject.org/tests/864434
ID: 864436  Test: x86_64 IoT-dvd_ostree-iso iot_rpmostree_overlay
URL: https://openqa.fedoraproject.org/tests/864436
ID: 864445  Test: aarch64 IoT-dvd_ostree-iso base_services_start@uefi
URL: https://openqa.fedoraproject.org/tests/864445
ID: 864449  Test: aarch64 IoT-dvd_ostree-iso iot_rpmostree_overlay@uefi
URL: https://openqa.fedoraproject.org/tests/864449

Old failures (same test failed in Fedora-IoT-34-20210420.0):

ID: 864440  Test: aarch64 IoT-dvd_ostree-iso iot_clevis@uefi
URL: https://openqa.fedoraproject.org/tests/864440

Soft failed openQA tests: 1/16 (x86_64)
(Tests completed, but using a workaround for a known bug)

Old soft failures (same test soft failed in Fedora-IoT-34-20210420.0):

ID: 864423  Test: x86_64 IoT-dvd_ostree-iso iot_clevis
URL: https://openqa.fedoraproject.org/tests/864423

Passed openQA tests: 13/16 (x86_64), 12/15 (aarch64)

Installed system changes in test x86_64 IoT-dvd_ostree-iso 
install_default@uefi: 
3 services(s) added since previous compose: dbus-parsec.service, 
redboot-auto-reboot.service, redboot-task-runner.service
System load changed from 0.14 to 0.30
Previous test data: https://openqa.fedoraproject.org/tests/863364#downloads
Current test data: https://openqa.fedoraproject.org/tests/864422#downloads

Installed system changes in test x86_64 IoT-dvd_ostree-iso 
install_default_upload: 
3 services(s) added since previous compose: dbus-parsec.service, 
redboot-auto-reboot.service, redboot-task-runner.service
Previous test data: https://openqa.fedoraproject.org/tests/863366#downloads
Current test data: https://openqa.fedoraproject.org/tests/864424#downloads

Installed system changes in test aarch64 IoT-dvd_ostree-iso 
install_default_upload@uefi: 
3 services(s) added since previous compose: dbus-parsec.service, 
redboot-auto-reboot.service, redboot-task-runner.service
System load changed from 0.40 to 0.55
Previous test data: https://openqa.fedoraproject.org/tests/863380#downloads
Current test data: https://openqa.fedoraproject.org/tests/864438#downloads
-- 
Mail generated by check-compose:
https://pagure.io/fedora-qa/check-compose
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951972] perl-CPAN-Perl-Releases-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951972

Jitka Plesnikova  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 CC|iarn...@gmail.com   |
   Doc Type|--- |If docs needed, set a value




-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955



--- Comment #3 from Fedora Update System  ---
FEDORA-2021-62f7e9758e has been submitted as an update to Fedora 34.
https://bodhi.fedoraproject.org/updates/FEDORA-2021-62f7e9758e


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955



--- Comment #1 from Fedora Update System  ---
FEDORA-2021-521060f43c has been submitted as an update to Fedora 32.
https://bodhi.fedoraproject.org/updates/FEDORA-2021-521060f43c

--- Comment #2 from Fedora Update System  ---
FEDORA-2021-95f5894eaa has been submitted as an update to Fedora 33.
https://bodhi.fedoraproject.org/updates/FEDORA-2021-95f5894eaa


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955



--- Comment #1 from Fedora Update System  ---
FEDORA-2021-521060f43c has been submitted as an update to Fedora 32.
https://bodhi.fedoraproject.org/updates/FEDORA-2021-521060f43c


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955

Jitka Plesnikova  changed:

   What|Removed |Added

 Status|ASSIGNED|MODIFIED
   Fixed In Version||perl-Module-CoreList-5.2021
   ||0420-1.fc35




-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Fedora 34 compose report: 20210421.n.0 changes

[Fedora Rawhide Report]

OLD: Fedora-34-20210420.n.0
NEW: Fedora-34-20210421.n.0

= SUMMARY =
Added images:2
Dropped images:  0
Added packages:  0
Dropped packages:1
Upgraded packages:   37
Downgraded packages: 0

Size of added packages:  0 B
Size of dropped packages:89.19 KiB
Size of upgraded packages:   322.27 MiB
Size of downgraded packages: 0 B

Size change of upgraded packages:   -1.83 MiB
Size change of downgraded packages: 0 B

= ADDED IMAGES =
Image: Xfce raw-xz armhfp
Path: Spins/armhfp/images/Fedora-Xfce-34-20210421.n.0.armhfp.raw.xz
Image: Astronomy_KDE live x86_64
Path: Labs/x86_64/iso/Fedora-Astronomy_KDE-Live-x86_64-34-20210421.n.0.iso

= DROPPED IMAGES =

= ADDED PACKAGES =

= DROPPED PACKAGES =
Package: rgb-1.0.6-40.fc34
Summary: X color name database
RPMs:rgb
Size:89.19 KiB


= UPGRADED PACKAGES =
Package:  bdftopcf-1.1-2.fc34
Old package:  bdftopcf-1.1-1.fc34
Summary:  Font compiler for the X server and font server
RPMs: bdftopcf
Size: 159.71 KiB
Size change:  917 B
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  1.1-2
  - Fix the Conflicts line to properly conflict with the -50 font-utils,
without a {?dist} <= doesn't work as expected.


Package:  firefox-87.0-12.fc34
Old package:  firefox-87.0-7.fc34
Summary:  Mozilla Firefox Web browser
RPMs: firefox firefox-testresults firefox-wayland firefox-x11
Size: 309.68 MiB
Size change:  -1.85 MiB
Changelog:
  * Thu Apr 01 2021 Martin Stransky  - 87.0-8
  - Run testsuite on Wayland on Fedora 33+
  - Spec cleanup

  * Thu Apr 01 2021 Martin Stransky  - 87.0-9
  - Added fix for mozbz#1702606 / rhbz#1936071
  - Switched tests back to X11 due to massive failures.

  * Sat Apr 03 2021 Martin Stransky  - 87.0-10
  - Wayland testing again.

  * Tue Apr 06 2021 Martin Stransky  - 87.0-11
  - Enabled xpcshell/crashtests on Wayland.

  * Mon Apr 12 2021 Martin Stransky  - 87.0-12
  - Added fix for mozbz#1701089 (Widevine playback issues).


Package:  fonttosfnt-1.2.1-2.fc34
Old package:  fonttosfnt-1.2.1-1.fc34
Summary:  Tool to wrap bdf or pcf bitmap fonts in an sfnt wrapper
RPMs: fonttosfnt
Size: 143.16 KiB
Size change:  1.38 KiB
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  1.2.1-2
  - Fix the Conflicts line to properly conflict with the -50 font-utils,
without a {?dist} <= doesn't work as expected.


Package:  gnome-shell-40.0-3.fc34
Old package:  gnome-shell-40.0-1.fc34
Summary:  Window management and application launching for GNOME
RPMs: gnome-shell
Size: 7.99 MiB
Size change:  -516 B
Changelog:
  * Tue Apr 13 2021 Ray Strode  - 40.0-2
  - Fix timed login when user list is disabled
Resolves: #1940618

  * Tue Apr 13 2021 Adam Williamson  - 40.0-3
  - Fix scrolling between workspaces/app grid pages with PgUp/PgDn


Package:  iceauth-1.0.8-2.fc34
Old package:  iceauth-1.0.8-1.fc34
Summary:  Display the authorization information used in connecting with ICE
RPMs: iceauth
Size: 129.65 KiB
Size change:  991 B
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  - 1.0.8-2
  - Fix Obsoletes line to actually obsolete the -39 server-utils (#1932754)


Package:  luit-1.1.1-2.fc34
Old package:  luit-1.1.1-1.fc34
Summary:  Locale to UTF-8 encoding filter
RPMs: luit
Size: 150.02 KiB
Size change:  545 B
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  - 1.1.1-2
  - Fix Obsoletes line to actually obsolete the -30 xorg-x11-apps (#1947245)


Package:  mkfontscale-1.2.1-2.fc34
Old package:  mkfontscale-1.2.1-1.fc34
Summary:  Tool to generate legacy X11 font system index files
RPMs: mkfontscale
Size: 157.75 KiB
Size change:  556 B
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  1.2.1-2
  - Fix the Conflicts line to properly conflict with the -50 font-utils,
without a {?dist} <= doesn't work as expected.


Package:  oclock-1.0.4-2.fc34
Old package:  oclock-1.0.4-1.fc34
Summary:  A simple analog clock
RPMs: oclock
Size: 98.78 KiB
Size change:  786 B
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  - 1.0.4-2
  - Fix Obsoletes line to actually obsolete the -30 xorg-x11-apps (#1947245)


Package:  sessreg-1.1.2-2.fc34
Old package:  sessreg-1.1.2-1.fc34
Summary:  Utility to manage utmp/wtmp entries for X sessions
RPMs: sessreg
Size: 83.47 KiB
Size change:  665 B
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  - 1.1.2-2
  - Fix Obsoletes line to actually obsolete the -39 server-utils (#1932754)


Package:  x11perf-1.6.1-2.fc34
Old package:  x11perf-1.6.1-1.fc34
Summary:  X11 server performance test program
RPMs: x11perf
Size: 394.76 KiB
Size change:  942 B
Changelog:
  * Thu Apr 08 2021 Peter Hutterer  - 1.6.1-2
  - Fix Obsoletes line to actually obsolete the -30 xorg-x11-apps (#1947245)


Package:  xbiff-1.0.4-2.fc34
Old package:  xbiff-1.0.4-1.fc34
Summary:  

[EPEL-devel] Re: Intent to update nginx to 1.20.0

[Troy Dawson]

Hi Felix,
First off, thank you for maintaining the EPEL7 nginx, especially when you
no longer use it on EPEL7.

To me, it looks like you have addressed everything you should in the email,
and there shouldn't be anything else you need to do.
That being said, I've missed things before so maybe give it a few days
before you consider this a go-ahead.

Do you already have a build somewhere that people can test?

Troy


On Tue, Apr 20, 2021 at 8:07 PM Felix Kaechele  wrote:

> Hi there,
>
> I think this has been discussed at committee meetings before: nginx's
> procedure of immediately dropping a release series when a new one hits
> the stable branches is essentially forcing us to upgrade along with it,
> unless someone is willing to backport patches.
>
> I personally am not willing to do backports as I do not use EL7 at this
> point and only continue maintaining the package as a courtesy to the
> community.
>
> I therefor intend to make the following changes to the nginx package in
> EPEL7:
> - Update to 1.20.0
> - build against OpenSSL 1.1 to enable TLS1.3 support
>
> Do I require additional permission do move forward with this in this
> manner?
> There should not be any breaking changes or incompatible changes to
> config syntax. But I'll admit that I do not have complex config
> scenarios as testcases.
>
> EPEL8 is not affected as nginx doesn't have an EPEL build for EL8. It is
> maintained upstream.
> There are, however, modules with certain streams (1.18 and mainline, for
> example) available from EPEL.
>
> Regards,
> Felix
> ___
> epel-devel mailing list -- epel-devel@lists.fedoraproject.org
> To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
> https://pagure.io/fedora-infrastructure
>
___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Fedora-Rawhide-20210421.n.0 compose check report

[Fedora compose checker]

No missing expected images.

Compose FAILS proposed Rawhide gating check!
6 of 43 required tests failed, 1 result missing
openQA tests matching unsatisfied gating requirements shown with **GATING** 
below

Failed openQA tests: 18/189 (x86_64), 12/127 (aarch64)

New failures (same test not failed in Fedora-Rawhide-20210420.n.0):

ID: 863711  Test: x86_64 Server-dvd-iso server_cockpit_default **GATING**
URL: https://openqa.fedoraproject.org/tests/863711
ID: 863713  Test: x86_64 Server-dvd-iso realmd_join_sssd **GATING**
URL: https://openqa.fedoraproject.org/tests/863713
ID: 863732  Test: x86_64 Server-dvd-iso server_realmd_join_kickstart 
**GATING**
URL: https://openqa.fedoraproject.org/tests/863732
ID: 863735  Test: x86_64 Everything-boot-iso install_default@uefi **GATING**
URL: https://openqa.fedoraproject.org/tests/863735
ID: 863744  Test: x86_64 Workstation-live-iso desktop_browser **GATING**
URL: https://openqa.fedoraproject.org/tests/863744
ID: 863746  Test: x86_64 Workstation-live-iso 
desktop_notifications_postinstall
URL: https://openqa.fedoraproject.org/tests/863746
ID: 863747  Test: x86_64 Workstation-live-iso apps_startstop
URL: https://openqa.fedoraproject.org/tests/863747
ID: 863758  Test: x86_64 KDE-live-iso desktop_login
URL: https://openqa.fedoraproject.org/tests/863758
ID: 863759  Test: x86_64 KDE-live-iso desktop_browser **GATING**
URL: https://openqa.fedoraproject.org/tests/863759
ID: 863810  Test: aarch64 Server-dvd-iso server_cockpit_default@uefi
URL: https://openqa.fedoraproject.org/tests/863810
ID: 863825  Test: aarch64 Server-dvd-iso realmd_join_sssd@uefi
URL: https://openqa.fedoraproject.org/tests/863825
ID: 863844  Test: aarch64 Server-dvd-iso server_realmd_join_kickstart@uefi
URL: https://openqa.fedoraproject.org/tests/863844
ID: 863866  Test: aarch64 Workstation-raw_xz-raw.xz desktop_browser@uefi
URL: https://openqa.fedoraproject.org/tests/863866
ID: 863920  Test: x86_64 universal support_server
URL: https://openqa.fedoraproject.org/tests/863920
ID: 863946  Test: x86_64 universal install_iscsi
URL: https://openqa.fedoraproject.org/tests/863946
ID: 863964  Test: aarch64 universal install_arabic_language@uefi
URL: https://openqa.fedoraproject.org/tests/863964

Old failures (same test failed in Fedora-Rawhide-20210420.n.0):

ID: 863718  Test: x86_64 Server-dvd-iso modularity_tests
URL: https://openqa.fedoraproject.org/tests/863718
ID: 863781  Test: x86_64 Silverblue-dvd_ostree-iso release_identification
URL: https://openqa.fedoraproject.org/tests/863781
ID: 863836  Test: aarch64 Server-dvd-iso modularity_tests@uefi
URL: https://openqa.fedoraproject.org/tests/863836
ID: 863878  Test: x86_64 universal install_asian_language
URL: https://openqa.fedoraproject.org/tests/863878
ID: 863927  Test: x86_64 universal upgrade_2_server_domain_controller
URL: https://openqa.fedoraproject.org/tests/863927
ID: 863934  Test: x86_64 universal upgrade_server_domain_controller
URL: https://openqa.fedoraproject.org/tests/863934
ID: 863949  Test: x86_64 universal upgrade_2_realmd_client
URL: https://openqa.fedoraproject.org/tests/863949
ID: 863950  Test: x86_64 universal upgrade_realmd_client
URL: https://openqa.fedoraproject.org/tests/863950
ID: 863953  Test: aarch64 universal install_asian_language@uefi
URL: https://openqa.fedoraproject.org/tests/863953
ID: 863982  Test: aarch64 universal upgrade_2_server_domain_controller@uefi
URL: https://openqa.fedoraproject.org/tests/863982
ID: 863983  Test: aarch64 universal upgrade_minimal_64bit@uefi
URL: https://openqa.fedoraproject.org/tests/863983
ID: 863985  Test: aarch64 universal upgrade_server_domain_controller@uefi
URL: https://openqa.fedoraproject.org/tests/863985
ID: 863995  Test: aarch64 universal upgrade_2_realmd_client@uefi
URL: https://openqa.fedoraproject.org/tests/863995
ID: 863996  Test: aarch64 universal upgrade_realmd_client@uefi
URL: https://openqa.fedoraproject.org/tests/863996

Soft failed openQA tests: 3/189 (x86_64), 5/127 (aarch64)
(Tests completed, but using a workaround for a known bug)

Old soft failures (same test soft failed in Fedora-Rawhide-20210420.n.0):

ID: 863689  Test: x86_64 Server-dvd-iso install_vncconnect_client
URL: https://openqa.fedoraproject.org/tests/863689
ID: 863730  Test: x86_64 Server-dvd-iso install_vnc_client
URL: https://openqa.fedoraproject.org/tests/863730
ID: 863787  Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud
URL: https://openqa.fedoraproject.org/tests/863787
ID: 863793  Test: aarch64 Minimal-raw_xz-raw.xz 
install_arm_image_deployment_upload@uefi
URL: https://openqa.fedoraproject.org/tests/863793
ID: 863806  Test: aarch64 Server-dvd-iso install_vncconnect_client@uefi
URL: https://openqa.fedoraproject.org/tests/863806
ID: 863831  Test: aarch64 Server-dvd-iso install_vnc_client@uefi
URL: https://openqa.fedoraproject.org/tests/863831
ID: 863846  Test: 

Re: Inactive packagers to be removed from their packages

[Pierre-Yves Chibon]

On Fri, Apr 16, 2021 at 03:25:01PM +0200, Pierre-Yves Chibon wrote:
> Good Morning Everyone,
> 
> When we rolled out the new AAA solution a few weeks ago, some accounts have 
> not
> been migrated:
> - Accounts that have been set inactive by their owner
> - Accounts that are disabled
> - Accounts marked as spam
> 
> This resulted in some packager accounts not being migrated.
> As a consequence, since then, the script that syncs the default-assignee and 
> CC
> list for each component from dist-git to bugzilla has been notifying us about 
> a
> list of packagers in dist-git that could not be synced to bugzilla due to a 
> lack
> of bugzilla account (or rather, in this case, the lack of Fedora account). 
> Since
> these accounts do not exist in the new FAS, I will be removing them from their
> packages on dist-git.
> 
> Here is the list of account impacted:
> - amukunda
> - brolley
> - dp67
> - ianweller
> - jensm
> - jima
> - jjmcd
> - juanmabc
> - kmatsui
> - kurtseifried
> - marcusk
> - rnorwood
> - sindrepb
> - splinux
> - vvitek
> 
> I am planning on removing these users on April 20th. If anyone is opposed to
> this, please let me know.

The only feedback I've had about this email were positive (as in, it should be
done). So I'm going to proceed.


Thanks,
Pierre


signature.asc
Description: PGP signature
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1950383] please build perl-Archive-Extract for EPEL 8

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1950383

Michal Josef Spacek  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
   Doc Type|--- |If docs needed, set a value




-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Fedora rawhide compose report: 20210421.n.0 changes

[Fedora Rawhide Report]

OLD: Fedora-Rawhide-20210420.n.0
NEW: Fedora-Rawhide-20210421.n.0

= SUMMARY =
Added images:3
Dropped images:  3
Added packages:  5
Dropped packages:3
Upgraded packages:   84
Downgraded packages: 0

Size of added packages:  2.79 MiB
Size of dropped packages:1.52 MiB
Size of upgraded packages:   3.47 GiB
Size of downgraded packages: 0 B

Size change of upgraded packages:   112.91 MiB
Size change of downgraded packages: 0 B

= ADDED IMAGES =
Image: Scientific_KDE live x86_64
Path: Labs/x86_64/iso/Fedora-Scientific_KDE-Live-x86_64-Rawhide-20210421.n.0.iso
Image: Scientific vagrant-libvirt x86_64
Path: 
Labs/x86_64/images/Fedora-Scientific-Vagrant-Rawhide-20210421.n.0.x86_64.vagrant-libvirt.box
Image: Scientific vagrant-virtualbox x86_64
Path: 
Labs/x86_64/images/Fedora-Scientific-Vagrant-Rawhide-20210421.n.0.x86_64.vagrant-virtualbox.box

= DROPPED IMAGES =
Image: Games live x86_64
Path: Labs/x86_64/iso/Fedora-Games-Live-x86_64-Rawhide-20210420.n.0.iso
Image: Server raw-xz armhfp
Path: Server/armhfp/images/Fedora-Server-Rawhide-20210420.n.0.armhfp.raw.xz
Image: LXDE live x86_64
Path: Spins/x86_64/iso/Fedora-LXDE-Live-x86_64-Rawhide-20210420.n.0.iso

= ADDED PACKAGES =
Package: htppu-1.8-1.fc35
Summary: Hessu's Tampa Ping-Pong conversd URO modified version
RPMs:htppu
Size:487.98 KiB

Package: intel-ipp-crypto-mb-1.0.1-1.fc35
Summary: Intel(R) IPP Cryptography multi-buffer library
RPMs:intel-ipp-crypto-mb intel-ipp-crypto-mb-devel
Size:287.19 KiB

Package: ocaml-parmap-1.2-1.fc35
Summary: OCaml library for exploiting multicore architectures
RPMs:ocaml-parmap ocaml-parmap-devel
Size:1.99 MiB

Package: perl-Test-Lib-0.002-1.fc35
Summary: Use libraries from a t/lib directory
RPMs:perl-Test-Lib
Size:10.85 KiB

Package: python-x3dh-0.5.9~beta-4.fc35
Summary: Python implementation of the X3DH key agreement protocol
RPMs:python3-x3dh
Size:30.28 KiB


= DROPPED PACKAGES =
Package: python-neo4j-driver-1.6.2-11.fc34
Summary: The official Neo4j Python driver
RPMs:python3-neo4j-driver
Size:981.73 KiB

Package: python-neotime-1.0.0-12.fc34
Summary: Nanosecond resolution temporal types
RPMs:python3-neotime
Size:35.96 KiB

Package: xorg-x11-utils-7.5-38.fc35
Summary: X.Org X11 X client utilities
RPMs:xorg-x11-utils
Size:534.94 KiB


= UPGRADED PACKAGES =
Package:  annobin-9.67-2.fc35
Old package:  annobin-9.66-4.fc35
Summary:  Annotate and examine compiled binary files
RPMs: annobin-annocheck annobin-docs annobin-plugin-clang 
annobin-plugin-gcc annobin-plugin-llvm
Size: 1.23 MiB
Size change:  8.10 KiB
Changelog:
  * Tue Apr 20 2021 Nick Clifton  - 9.67-1
  - Annocheck: Improve detection of missing GNU-stack support.

  * Tue Apr 20 2021 Petr Pisar  - 9.67-2
  - Obsolete annobin < 9.66-1 (bug #1949570)


Package:  atlas-3.10.3-17.fc35
Old package:  atlas-3.10.3-13.fc34
Summary:  Automatically Tuned Linear Algebra Software
RPMs: atlas atlas-corei2 atlas-corei2-devel atlas-corei2-static 
atlas-devel atlas-static atlas-z14 atlas-z14-devel atlas-z14-static atlas-z15 
atlas-z15-devel atlas-z15-static
Size: 76.82 MiB
Size change:  -142.61 KiB
Changelog:
  * Mon Feb 22 2021 Jakub Martisko  - 3.10.3-14
  - Fix the messed scriptlets
  Resolves: #1929845

  * Mon Feb 22 2021 Jakub Martisko  - 3.10.3-15
  - Remove unused scriptlets

  * Tue Apr 20 2021 Jakub Martisko  - 3.10.3-16
  - Move the cblas.h and clapack.h to include/atlas to resolve conflict with 
lapack
  - Resolves: #1948187

  * Tue Apr 20 2021 Jakub Martisko  - 3.10.3-17
  - Disable the custom vvrsum function introduced in the ibm patch
  Related: 1951565


Package:  badwolf-1.1.0-1.fc35
Old package:  badwolf-1.0.3-2.fc34
Summary:  Web Browser which aims at security and privacy over usability
RPMs: badwolf
Size: 407.73 KiB
Size change:  29.31 KiB
Changelog:
  * Wed Apr 21 2021 Lyes Saadi  - 1.1.0-1
  - Updating to 1.1.0


Package:  bottles-3.1.5-1.fc35
Old package:  bottles-3.1.3-1.fc35
Summary:  Easily manage Wine prefix in a new way
RPMs: bottles
Size: 134.03 KiB
Size change:  9.77 KiB
Changelog:
  * Thu Apr 08 2021 Artem Polishchuk  - 3.1.4-1
  - build(update): 3.1.4

  * Tue Apr 20 2021 Artem Polishchuk  - 3.1.5-1
  - build(update): 3.1.5


Package:  boxes-2.1.0-1.fc35
Old package:  boxes-2.0.0-1.fc35
Summary:  Draw any kind of box around some given text
RPMs: boxes boxes-vim
Size: 387.11 KiB
Size change:  28.02 KiB
Changelog:
  * Sun Apr 18 2021 Artem Polishchuk  - 2.1.0-1
  - build(update): 2.1.0


Package:  cage-0.1.3-1.fc35
Old package:  cage-0.1.2.1-4.fc35
Summary:  A Wayland kiosk
RPMs: cage
Size: 166.71 KiB
Size change:  1.26 KiB
Changelog:
  * Tue Apr 20 2021 Lyes Saadi  - 0.1.3-1
  - Updating to 0.1.3 (Fix #1950582)


Package:  caribou-0.4.21-26.fc35
Old package:  cari

[Bug 1951955] perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955

Jitka Plesnikova  changed:

   What|Removed |Added

 Status|NEW |ASSIGNED
 CC|jose.p.oliveira.oss@gmail.c |
   |om, mspa...@redhat.com, |
   |spo...@gmail.com,   |
   |st...@silug.org |
   Doc Type|--- |If docs needed, set a value




-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951955] New: perl-Module-CoreList-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951955

Bug ID: 1951955
   Summary: perl-Module-CoreList-5.20210420 is available
   Product: Fedora
   Version: rawhide
Status: NEW
 Component: perl-Module-CoreList
  Keywords: FutureFeature, Triaged
  Assignee: jples...@redhat.com
  Reporter: upstream-release-monitor...@fedoraproject.org
QA Contact: extras...@fedoraproject.org
CC: jose.p.oliveira@gmail.com, jples...@redhat.com,
mspa...@redhat.com,
perl-devel@lists.fedoraproject.org, spo...@gmail.com,
st...@silug.org
  Target Milestone: ---
Classification: Fedora



Latest upstream release: 5.20210420
Current version/release in rawhide: 5.20210320-1.fc35
URL: http://search.cpan.org/dist/Module-CoreList/

Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring


Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.


Based on the information from anitya:
https://release-monitoring.org/project/3080/


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Fedora-Cloud-32-20210421.0 compose check report

[Fedora compose checker]

No missing expected images.

Soft failed openQA tests: 1/7 (x86_64), 1/7 (aarch64)
(Tests completed, but using a workaround for a known bug)

Old soft failures (same test soft failed in Fedora-Cloud-32-20210419.0):

ID: 863668  Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud
URL: https://openqa.fedoraproject.org/tests/863668
ID: 863675  Test: aarch64 Cloud_Base-qcow2-qcow2 cloud_autocloud@uefi
URL: https://openqa.fedoraproject.org/tests/863675

Passed openQA tests: 6/7 (x86_64), 6/7 (aarch64)
-- 
Mail generated by check-compose:
https://pagure.io/fedora-qa/check-compose
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Björn Persson]

FUNG Chi Chuen Sampson wrote:
> While trying to collect a backtrace for org.gnome.Tetravex, I got this in gdb:
> 
> ===
> 
> Downloading separate debug info for /lib64/liblzma.so.5...
> Download failed: Timer expired.  Continuing without debug info for 
> /lib64/libbrotlicommon.so.1.
> Missing separate debuginfo for /lib64/libbrotlicommon.so.1
> Try: dnf --enablerepo='*debug*' install 
> /usr/lib/debug/.build-id/0e/bb3270fdbf40dbe56ea79d6630ac594b897ffe.debug
> Download failed: Timer expired.  Continuing without debug info for 
> /lib64/libzstd.so.1.
> Missing separate debuginfo for /lib64/libzstd.so.1
> Try: dnf --enablerepo='*debug*' install 
> /usr/lib/debug/.build-id/33/70d80a1bf749b3c2baaad0188c864ee9e4bbc4.debug
> Downloading separate debug info for /lib64/liblz4.so.1...
> Download failed: Timer expired.  Continuing without debug info for 
> /home/fcc/.var/app/org.gnome.Tetravex/cache/debuginfod_client/a2429c266188acc10181f6936915f35274bb4a38/debuginfo.
> Error while reading shared library symbols for /lib64/liblz4.so.1:
> could not find '.gnu_debugaltlink' file for 
> /home/fcc/.var/app/org.gnome.Tetravex/cache/debuginfod_client/a2429c266188acc10181f6936915f35274bb4a38/debuginfo
> Downloading separate debug info for /lib64/libcap.so.2...

I was wondering what the user experience would be like in such a
situation. Could you estimate how long you had to wait in total? Was
there a long delay before each "Timer expired" message, or only one
delay?

Björn Persson


pgpkyJGGu6Vvi.pgp
Description: OpenPGP digital signatur
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change: Debuginfod By Default (Self-Contained Change proposal)

[Björn Persson]

Frank Ch. Eigler wrote:
> Björn Persson writes:
> 
> > · How is it verified that files received from debuginfo servers have not
> >   been tampered with?  
> 
> Following up further to this, we're planning to add optional client-side
> hash-verification of cached content, to provide some protection against
> tampering:
> 
> https://sourceware.org/bugzilla/show_bug.cgi?id=27758

The design you propose there won't improve anything for anyone. If the
hash is computed on the debuginfo server, then an attacker who can make
the server serve malicious debuginfo can also make it serve hashes that
match the malicious files. And as you noted yourself, an attacker who
can manipulate cached files client-side has already taken over the user
account anyway.

Quote from Sourceware Bugzilla:
> As transport over HTTPS protects the content, we can safely assume
> that immediately during/after the download, the content will be fine.
> However, what of cached files?

Of course – from your point of view. From my point of view, I can safely
assume that nobody has tampered with my cache. However, what of files on
the debuginfo server?

I see that debuginfod.fedoraproject.org is currently another name for
koji.fedoraproject.org. Given that it serves debuginfo only for Fedora
packages, and does not forward requests to any other debuginfo servers,
using this server seems equivalent security-wise to downloading unsigned
packages from Koji.

As far as I understand, packages are built and signed on separate
servers with a smaller attack surface than the web front-end to minimize
the risk that an attacker could tamper with them. To make the debuginfo
protocol as secure as signed debuginfo packages, the client should
verify the files against a hash computed and signed on the signing
server.

Perhaps a hash of the debuginfo could be stored in a signed RPM package,
either the main package or a separate debughash package?

For those who are concerned about privacy, the proposal would make that
problem worse as it would cause the "phoning home" to happen every time
they debug something.

By the way, the change page still doesn't say enough about how network
problems will affect the user experience. Making a previously offline
activity network-dependent also makes it sensitive to network problems.
For example, if great packet loss causes TCP timeouts or long delays,
will that make GDB hang for minutes at a time, or is it handled
asynchronously? Will GDB hang once per process, once per login session,
or every time it encounters a new source filename?

Björn Persson


pgpd6o8sweyXG.pgp
Description: OpenPGP digital signatur
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951911] New: perl-Crypt-OpenSSL-X509-1.904 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951911

Bug ID: 1951911
   Summary: perl-Crypt-OpenSSL-X509-1.904 is available
   Product: Fedora
   Version: rawhide
Status: NEW
 Component: perl-Crypt-OpenSSL-X509
  Keywords: FutureFeature, Triaged
  Assignee: wjhns...@hardakers.net
  Reporter: upstream-release-monitor...@fedoraproject.org
QA Contact: extras...@fedoraproject.org
CC: perl-devel@lists.fedoraproject.org,
wjhns...@hardakers.net, xav...@bachelot.org
  Target Milestone: ---
Classification: Fedora



Latest upstream release: 1.904
Current version/release in rawhide: 1.903-1.fc35
URL: http://search.cpan.org/dist/Crypt-OpenSSL-X509/

Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring


Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.


Based on the information from anitya:
https://release-monitoring.org/project/2749/


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Outreachy 2021 applicant

[Lukas Brabec]

There really isn't a reason, it is a quick and dirty code I did to have a
proof of concept. Feel free to fix it.

L.

On Wed, Apr 21, 2021 at 10:52 AM KUNAL PRAKASH 
wrote:

> Hello again Lukas Brabec,
> I have one query that despite of having state store which contain all the
> state. Why we are passing state as a props to component like Timeline.js,
> Event.js etc. Why don't we use mapStateToProps for directly using the
> particular state that component want to use.
> ___
> qa-devel mailing list -- qa-devel@lists.fedoraproject.org
> To unsubscribe send an email to qa-devel-le...@lists.fedoraproject.org
> Fedora Code of Conduct:
> https://docs.fedoraproject.org/en-US/project/code-of-conduct/
> List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
> List Archives:
> https://lists.fedoraproject.org/archives/list/qa-devel@lists.fedoraproject.org
> Do not reply to spam on the list, report it:
> https://pagure.io/fedora-infrastructure
>
___
qa-devel mailing list -- qa-devel@lists.fedoraproject.org
To unsubscribe send an email to qa-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/qa-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951972] New: perl-CPAN-Perl-Releases-5.20210420 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951972

Bug ID: 1951972
   Summary: perl-CPAN-Perl-Releases-5.20210420 is available
   Product: Fedora
   Version: rawhide
Status: NEW
 Component: perl-CPAN-Perl-Releases
  Keywords: FutureFeature, Triaged
  Assignee: jples...@redhat.com
  Reporter: upstream-release-monitor...@fedoraproject.org
QA Contact: extras...@fedoraproject.org
CC: iarn...@gmail.com, jples...@redhat.com,
perl-devel@lists.fedoraproject.org
  Target Milestone: ---
Classification: Fedora



Latest upstream release: 5.20210420
Current version/release in rawhide: 5.20210320-1.fc35
URL: http://search.cpan.org/dist/CPAN-Perl-Releases/

Please consult the package updates policy before you issue an update to a
stable branch: https://docs.fedoraproject.org/en-US/fesco/Updates_Policy/


More information about the service that created this bug can be found at:
https://fedoraproject.org/wiki/Upstream_release_monitoring


Please keep in mind that with any upstream change, there may also be packaging
changes that need to be made. Specifically, please remember that it is your
responsibility to review the new version to ensure that the licensing is still
correct and that no non-free or legally problematic items have been added
upstream.


Based on the information from anitya:
https://release-monitoring.org/project/5881/


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: F35 Change proposal: RPM 4.17 (System-Wide Change proposal)

[Miro Hrončok]

On 31. 03. 21 21:52, Ben Cotton wrote:

https://fedoraproject.org/wiki/Changes/RPM-4.17

== Summary ==
Update RPM to the [https://rpm.org/wiki/Releases/4.17.0  4.17] release.

== Owner ==
* Name: [[User:pmatilai|Panu Matilainen]]
* Email: [pmati...@redhat.com]


== Detailed Description ==
RPM 4.17 contains numerous improvements over previous versions
* More robust install failure handling
* Many macro improvements, in particular much improved Lua integration
* Strict checking for unpackaged content in builds
* Libraries no longer need executable permission for dependency
generation and is automatically removed for non-executable libraries
* Long needed transaction APIs enhancements
* Improved documentation


Panu,
in case this was lost in the enthusiastic discussion about the behavior of 
%exclude, I just wanted to say that I am very exited about all the other new 
stuff in this release, particularly the Lua stuff.


Thanks!

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Outreachy 2021 applicant

[KUNAL PRAKASH]

Hello again Lukas Brabec,
I have one query that despite of having state store which contain all the 
state. Why we are passing state as a props to component like Timeline.js, 
Event.js etc. Why don't we use mapStateToProps for directly using the 
particular state that component want to use.
___
qa-devel mailing list -- qa-devel@lists.fedoraproject.org
To unsubscribe send an email to qa-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/qa-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Poetry/Pyproject expert: how to deal with extra files

[Miro Hrončok]

On 21. 04. 21 9:58, Miro Hrončok wrote:

On 21. 04. 21 0:14, Robert-André Mauchin wrote:

Hi,

I'm trying to help someone package a GUI in Python that is using
Pyproject. The project needs to add a desktop file, an appdata file
and also a "binary" to launch the GUI.

So far I have managed to drop the library files in %python3_sitelib.
But how should upstream deal with the extra files needed? Is there a
way provided by Poetry from the pyproject.toml? Or should upstream
write a separate Makefile?

In setuptools, I'd do it like this:

https://github.com/jupyter/notebook/pull/6010
https://github.com/kliment/Printrun/blob/printrun-2.0.0rc8/setup.py#L55

I am no poetry expert, so I don't know how to do it via poetry. Googling poetry 
data_files yielded https://github.com/python-poetry/poetry/issues/890


That issue is closed but not fixed.

Also, setuptools apparently deprecated data_files but I don't know when :/


https://github.com/pypa/setuptools/discussions/2648

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
python-devel mailing list -- python-devel@lists.fedoraproject.org
To unsubscribe send an email to python-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Re: Poetry/Pyproject expert: how to deal with extra files

[Miro Hrončok]

On 21. 04. 21 0:14, Robert-André Mauchin wrote:

Hi,

I'm trying to help someone package a GUI in Python that is using
Pyproject. The project needs to add a desktop file, an appdata file
and also a "binary" to launch the GUI.

So far I have managed to drop the library files in %python3_sitelib.
But how should upstream deal with the extra files needed? Is there a
way provided by Poetry from the pyproject.toml? Or should upstream
write a separate Makefile?

In setuptools, I'd do it like this:

https://github.com/jupyter/notebook/pull/6010
https://github.com/kliment/Printrun/blob/printrun-2.0.0rc8/setup.py#L55

I am no poetry expert, so I don't know how to do it via poetry. Googling poetry 
data_files yielded https://github.com/python-poetry/poetry/issues/890


That issue is closed but not fixed.

Also, setuptools apparently deprecated data_files but I don't know when :/

--
Miro Hrončok
--
Phone: +420777974800
IRC: mhroncok
___
python-devel mailing list -- python-devel@lists.fedoraproject.org
To unsubscribe send an email to python-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/python-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[Bug 1951911] perl-Crypt-OpenSSL-X509-1.904 is available

[bugzilla]

https://bugzilla.redhat.com/show_bug.cgi?id=1951911



--- Comment #1 from Upstream Release Monitoring 
 ---
Unable to resolve the hostname for one of the package's Source URLs


-- 
You are receiving this mail because:
You are on the CC list for the bug.
___
perl-devel mailing list -- perl-devel@lists.fedoraproject.org
To unsubscribe send an email to perl-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/perl-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

Fedora-Cloud-33-20210421.0 compose check report

[Fedora compose checker]

No missing expected images.

Soft failed openQA tests: 1/7 (x86_64), 1/7 (aarch64)
(Tests completed, but using a workaround for a known bug)

Old soft failures (same test soft failed in Fedora-Cloud-33-20210420.0):

ID: 863449  Test: x86_64 Cloud_Base-qcow2-qcow2 cloud_autocloud
URL: https://openqa.fedoraproject.org/tests/863449
ID: 863456  Test: aarch64 Cloud_Base-qcow2-qcow2 cloud_autocloud@uefi
URL: https://openqa.fedoraproject.org/tests/863456

Passed openQA tests: 6/7 (x86_64), 6/7 (aarch64)
-- 
Mail generated by check-compose:
https://pagure.io/fedora-qa/check-compose
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[389-devel] 389 DS nightly 2021-04-21 - 95% PASS

[vashirov]

https://fedorapeople.org/groups/389ds/ci/nightly/2021/04/21/report-389-ds-base-2.0.4-20210421git4559a89c0.fc33.x86_64.html
___
389-devel mailing list -- 389-devel@lists.fedoraproject.org
To unsubscribe send an email to 389-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/389-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure

[EPEL-devel] Intent to update nginx to 1.20.0

[Felix Kaechele]

Hi there,

I think this has been discussed at committee meetings before: nginx's 
procedure of immediately dropping a release series when a new one hits 
the stable branches is essentially forcing us to upgrade along with it, 
unless someone is willing to backport patches.


I personally am not willing to do backports as I do not use EL7 at this 
point and only continue maintaining the package as a courtesy to the 
community.


I therefor intend to make the following changes to the nginx package in 
EPEL7:

- Update to 1.20.0
- build against OpenSSL 1.1 to enable TLS1.3 support

Do I require additional permission do move forward with this in this manner?
There should not be any breaking changes or incompatible changes to 
config syntax. But I'll admit that I do not have complex config 
scenarios as testcases.


EPEL8 is not affected as nginx doesn't have an EPEL build for EL8. It is 
maintained upstream.
There are, however, modules with certain streams (1.18 and mainline, for 
example) available from EPEL.


Regards,
Felix
___
epel-devel mailing list -- epel-devel@lists.fedoraproject.org
To unsubscribe send an email to epel-devel-le...@lists.fedoraproject.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedoraproject.org/archives/list/epel-devel@lists.fedoraproject.org
Do not reply to spam on the list, report it: 
https://pagure.io/fedora-infrastructure