https://bugzilla.redhat.com/show_bug.cgi?id=2150992
--- Comment #4 from Fedora Update System ---
FEDORA-2022-848ebdeccf has been submitted as an update to Fedora 37.
https://bodhi.fedoraproject.org/updates/FEDORA-2022-848ebdeccf
--
You are receiving this mail because:
You are on the CC list
https://bugzilla.redhat.com/show_bug.cgi?id=2150992
Jitka Plesnikova changed:
What|Removed |Added
Status|NEW |MODIFIED
Fixed In Version|
The following Fedora EPEL 7 Security updates need testing:
Age URL
6 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-63588ab702
woff-0.20091126-11.el7
5 https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2022-058d69433a
snapd-2.57.6-1.el7
3
https://bugzilla.redhat.com/show_bug.cgi?id=2144904
Bug 2144904 depends on bug 2148436, which changed state.
Bug 2148436 Summary: Add perl-HTTP-Tinyish to EPEL 9
https://bugzilla.redhat.com/show_bug.cgi?id=2148436
What|Removed |Added
https://bugzilla.redhat.com/show_bug.cgi?id=2148436
Fedora Update System changed:
What|Removed |Added
Resolution|--- |ERRATA
Fixed In Version|
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
--- Comment #7 from Fedora Update System ---
FEDORA-2022-8bfb602a86 has been pushed to the Fedora 36 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
--- Comment #6 from Fedora Update System ---
FEDORA-2022-ee41db4054 has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
Fedora Update System changed:
What|Removed |Added
Status|MODIFIED|ON_QA
--- Comment #5 from
https://bugzilla.redhat.com/show_bug.cgi?id=2143735
Fedora Update System changed:
What|Removed |Added
Fixed In Version|perl-Getopt-Long-2.54-1.fc3 |perl-Getopt-Long-2.54-1.fc3
https://bugzilla.redhat.com/show_bug.cgi?id=2142938
Fedora Update System changed:
What|Removed |Added
Fixed In Version|perl-Getopt-Long-2.53-1.fc3 |perl-Getopt-Long-2.53-1.fc3
Hi,
This is just a heads-up that the OpenVPN community has released
OpenVPN 2.6 beta 1.
While this release includes several nice new features, one important one
requires more attention - Kernel based Data Channel Offload (DCO). The
DCO support has already been available in the OpenVPN 3 Linux
No. He probably doesn't even know about this proposal yet, since it was just
published yesterday. This is not the sort of thing that matters for desktop
performance, where we care about orders of magnitude rather than a few percent
improvement here or there. Even if extra bounds checking makes
On Tue, 2022-12-06 at 11:22 -0500, PGNet Dev wrote:
>
> > As I said earlier in the thread: of the 25 reverse dependencies of
> > the
> > ImageMagick libraries, only five don't build[1].
> >
> > Further analysis indicates that dvdauthor has a patch in
> > openSUSE[2],
> > but the fix breaks
On Tue, Dec 6, 2022 at 7:04 PM Michael Catanzaro via devel
wrote:
> Red Hat's desktop performance engineer
Since you bring up RH's performance engineer,
have they done performance evaluation on
_FORTIFY_SOURCE=3? And while I understand
that until the eval is reviewed and reproduced no
On Tue, Dec 6, 2022 at 2:01 PM Stephen Smoogen wrote:
>
>
>
> On Tue, 6 Dec 2022 at 13:50, Josh Boyer wrote:
>>
>> On Tue, Dec 6, 2022 at 11:27 AM Neal Gompa wrote:
>> >
>> > On Tue, Dec 6, 2022 at 7:54 AM Josh Boyer
>> > wrote:
>> > >
>> > > On Tue, Dec 6, 2022 at 1:43 AM Terry Barnaby
Red Hat's desktop performance engineer has repeatedly rejected use of DWARF as
impractical and outlandish, including on this mailing list [1] and most
recently at [2].
[1]
https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/UV65DSMPINEE6KWNI5MBH3MBQ26JHNNJ/
[2]
On Tue, Dec 06, 2022 at 05:52:16PM -, Andrii Nakryiko wrote:
> > On Tue, Dec 06, 2022 at 03:12:19AM +, Gary Buhrmaster wrote:
> >
> > Note that is not a fully equivalent scenario. The no-omit-frame-pointer
> > proposal was only offering a functional debugging benefit to a fairly
> > small
On Tue, Dec 6, 2022 at 12:56 PM Andrii Nakryiko
wrote:
> > On Tue, Dec 6, 2022 at 10:06 AM Gary Buhrmaster
> > >
> > My full comment in that blog post is:
> >
> > "We need a proper study of performance and code size to understand the
> > magnitude of the impact created by _FORTIFY_SOURCE=3
On Tue, 6 Dec 2022 at 13:50, Josh Boyer wrote:
> On Tue, Dec 6, 2022 at 11:27 AM Neal Gompa wrote:
> >
> > On Tue, Dec 6, 2022 at 7:54 AM Josh Boyer
> wrote:
> > >
> > > On Tue, Dec 6, 2022 at 1:43 AM Terry Barnaby
> wrote:
> > > >
> > > > On 05/12/2022 16:00, Jarek Prokop wrote:
> > > >
> >
Andrii,
copilot to pilot, you are responding to Jakub Jelinek's points, not
Neal's. Jakub is a compiler/toolchain engineer with considerable
experience, so when he talks about compiler technology involved in
tracing execution flow, I am inclined to believe him.
I understand that your
On Tue, Dec 06, 2022 at 05:46:11PM -, Andrii Nakryiko wrote:
> Now, about prologues/epilogues. What percentage of useful workload is spent
> in those? Tiny fraction of a percent at best? Even if we don't get accurate
> stack trace in such cases it doesn't matter in the grand scheme of
I'm sorry, I clicked, "Send" too quickly.
If the document doesn't have that Note in it yet, please wait an hour an
check again.
On Tue, Dec 6, 2022 at 9:57 AM Troy Dawson wrote:
> The ELN Extras page[1] was updated with one note. I thought I'd share
> that note with the epel-devel mailing
The ELN Extras page[1] was updated with one note. I thought I'd share that
note with the epel-devel mailing list.
NOTE: **You** are responsible when your package fails to build on ELN
Extras. Remember to check your packages on the ELN Status Page.[2]
ELN Extras packages get rebuilt much more
> On Tue, Dec 6, 2022 at 10:06 AM Gary Buhrmaster
>
> My full comment in that blog post is:
>
> "We need a proper study of performance and code size to understand the
> magnitude of the impact created by _FORTIFY_SOURCE=3 additional
> runtime code generation. However the performance and code
> On Tue, Dec 06, 2022 at 03:12:19AM +, Gary Buhrmaster wrote:
>
> Note that is not a fully equivalent scenario. The no-omit-frame-pointer
> proposal was only offering a functional debugging benefit to a fairly
> small number of users who are also developers, while adding a likely
>
> On Tue, Dec 06, 2022 at 08:13:51AM -0500, Neal Gompa wrote:
>
> That is nonsense. Even with -fno-omit-frame-pointers, you can't rely
> on frame pointers, they are not accurate in function prologues and epilogues
> and they are total garbage e.g. in a lot of functions written in assembly.
Dne 06. 12. 22 v 17:09 Terry Barnaby napsal(a):
On 06/12/2022 15:56, Vít Ondruch wrote:
Dne 06. 12. 22 v 16:44 Terry Barnaby napsal(a):
On 06/12/2022 10:40, Dominik 'Rathann' Mierzejewski wrote:
On Tuesday, 06 December 2022 at 07:43, Terry Barnaby wrote:
[...]
My view is that compat
===
#fedora-meeting: FESCO (2022-12-06)
===
Meeting started by mhroncok at 17:00:22 UTC. The full logs are available
at
https://meetbot.fedoraproject.org/fedora-meeting/2022-12-06/fesco.2022-12-06-17.00.log.html
.
Meeting
On Tue, Dec 6, 2022 at 11:27 AM Neal Gompa wrote:
>
> On Tue, Dec 6, 2022 at 7:54 AM Josh Boyer wrote:
> >
> > On Tue, Dec 6, 2022 at 1:43 AM Terry Barnaby wrote:
> > >
> > > On 05/12/2022 16:00, Jarek Prokop wrote:
> > >
> > >
> > > On 12/5/22 14:57, Peter Robinson wrote:
> > >
> > > On Mon,
On Tue, Dec 6, 2022 at 11:30 AM Kevin Kofler via devel
wrote:
>
> Neal Gompa wrote:
> > While that is true, *I* don't like doing that if I don't have to. I'd
> > rather try to get things fixed upstream in tandem. Upstreams tend to
> > appreciate that in my experience. :)
>
> Sure, but it tends to
Terry Barnaby wrote:
> Well in this case I have created a suitable compat lib, all I did was
> re-introduce the bits to the SPEC file that removed the building of the
> compat lib and we are fine. I haven't separated it out from the main
> ncurses SPEC through and have only done this locally as I
On 12/5/22 5:39 AM, Terry Barnaby wrote:
With the latest release of Fedora37 we were hit with an issue where the
ncurses-compat-libs RPM had been depreciated. Due to this some of the tools we use
would no longer install from their respective RPM's or their tar based installs
would not run as
Neal Gompa wrote:
> While that is true, *I* don't like doing that if I don't have to. I'd
> rather try to get things fixed upstream in tandem. Upstreams tend to
> appreciate that in my experience. :)
Sure, but it tends to be significantly more work. Upstreams need to support
several platforms at
On Tue, Dec 6, 2022 at 7:54 AM Josh Boyer wrote:
>
> On Tue, Dec 6, 2022 at 1:43 AM Terry Barnaby wrote:
> >
> > On 05/12/2022 16:00, Jarek Prokop wrote:
> >
> >
> > On 12/5/22 14:57, Peter Robinson wrote:
> >
> > On Mon, Dec 5, 2022 at 12:01 PM Vitaly Zaitsev via devel
> > wrote:
> >
> > On
As I said earlier in the thread: of the 25 reverse dependencies of the
ImageMagick libraries, only five don't build[1].
Further analysis indicates that dvdauthor has a patch in openSUSE[2],
but the fix breaks support for GraphicsMagick as an alternative. I
want to rework that patch so it
https://bugzilla.redhat.com/show_bug.cgi?id=2150992
Miro Hrončok changed:
What|Removed |Added
Summary|perl-generators 1.14|perl-generators 1.14
https://bugzilla.redhat.com/show_bug.cgi?id=2150992
--- Comment #3 from Miro Hrončok ---
(In reply to Petr Pisar from comment #2)
> > perl(CGI::PSGI)
>
> This dependency is correct:
>
> t/web/redirect.t:5:use CGI::PSGI;
Yes, I never said it is not.
--
You are receiving this mail because:
On Tue, Dec 06, 2022 at 03:44:37PM +, Terry Barnaby wrote:
On 06/12/2022 10:40, Dominik 'Rathann' Mierzejewski wrote:
On Tuesday, 06 December 2022 at 07:43, Terry Barnaby wrote:
[...]
My view is that compat versions of the commonly used shared libraries
for programs that are used on
https://bugzilla.redhat.com/show_bug.cgi?id=2151307
Bug ID: 2151307
Summary: perl-Log-Dispatchouli-3.002 is available
Product: Fedora
Version: rawhide
Status: NEW
Component: perl-Log-Dispatchouli
Keywords: FutureFeature,
On Tue, Dec 6, 2022 at 10:49 AM Kevin Kofler via devel
wrote:
>
> Neal Gompa wrote:
> > There are actually
> > other packages I could fix in Fedora with patches from openSUSE or
> > PLD, but they need more work to not break compatibility with building
> > with GraphicsMagick (which these packages
On 06/12/2022 15:56, Vít Ondruch wrote:
Dne 06. 12. 22 v 16:44 Terry Barnaby napsal(a):
On 06/12/2022 10:40, Dominik 'Rathann' Mierzejewski wrote:
On Tuesday, 06 December 2022 at 07:43, Terry Barnaby wrote:
[...]
My view is that compat versions of the commonly used shared libraries
for
jplesnik merged a pull-request against the project: `perl-generators` that you
are following.
Merged pull-request:
``
1.15 bump; Package tests
``
https://src.fedoraproject.org/rpms/perl-generators/pull-request/1
___
perl-devel mailing list --
Hi,
first off, sorry if my write-up seemed a bit harsh, this was the last
time I am trying to respond to a change proposal late at night :).
On 12/6/22 14:14, Siddhesh Poyarekar wrote:
On Mon, Dec 5, 2022 at 7:35 PM Jaroslav Prokop wrote:
Default C and C++ compiler flags to build packages
On Tue, Dec 6, 2022 at 10:17 AM Michael Cronenworth wrote:
>
> On 12/6/22 8:31 AM, Neal Gompa wrote:
> > There's a very important difference between September 2017 and now: we
> > know someone else already did it!
>
> Great. Good luck.
>
> > As an aside: I don't appreciate the "high horse"
Dear all,
You are kindly invited to the meeting:
EPEL Steering Committee on 2022-12-07 from 16:00:00 to 17:00:00 US/Eastern
At fedora-meet...@irc.libera.chat
The meeting will be about:
This is the weekly EPEL Steering Committee Meeting.
A general agenda is the following:
#topic aloha
Dne 06. 12. 22 v 16:44 Terry Barnaby napsal(a):
On 06/12/2022 10:40, Dominik 'Rathann' Mierzejewski wrote:
On Tuesday, 06 December 2022 at 07:43, Terry Barnaby wrote:
[...]
My view is that compat versions of the commonly used shared libraries
for programs that are used on Redhat7 should be
jplesnik opened a new pull-request against the project: `perl-generators` that
you are following:
``
1.15 bump; Package tests
``
To reply, visit the link below
https://src.fedoraproject.org/rpms/perl-generators/pull-request/1
___
perl-devel mailing
On Tue, Dec 6, 2022 at 3:42 PM Siddhesh Poyarekar wrote:
> I have added a performance note[1] in the proposal.
Thank you.
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send an email to devel-le...@lists.fedoraproject.org
Neal Gompa wrote:
> There are actually
> other packages I could fix in Fedora with patches from openSUSE or
> PLD, but they need more work to not break compatibility with building
> with GraphicsMagick (which these packages in question support), so
> using IM6 there for now is fine while that gets
On 06/12/2022 10:40, Dominik 'Rathann' Mierzejewski wrote:
On Tuesday, 06 December 2022 at 07:43, Terry Barnaby wrote:
[...]
My view is that compat versions of the commonly used shared libraries
for programs that are used on Redhat7 should be kept available until
most people are not producing
On Tue, Dec 6, 2022 at 10:26 AM Gary Buhrmaster
wrote:
>
> On Tue, Dec 6, 2022 at 3:16 PM Siddhesh Poyarekar wrote:
>
> > My full comment in that blog post is:
> >
> > "We need a proper study of performance and code size to understand the
> > magnitude of the impact created by _FORTIFY_SOURCE=3
On Tue, Dec 6, 2022 at 3:16 PM Siddhesh Poyarekar wrote:
> My full comment in that blog post is:
>
> "We need a proper study of performance and code size to understand the
> magnitude of the impact created by _FORTIFY_SOURCE=3 additional
> runtime code generation. However the performance and
On 12/6/22 8:31 AM, Neal Gompa wrote:
There's a very important difference between September 2017 and now: we
know someone else already did it!
Great. Good luck.
As an aside: I don't appreciate the "high horse" comment, considering
during most of this discussion, I was doing the work and
On Tue, Dec 6, 2022 at 10:06 AM Gary Buhrmaster
wrote:
>
> On Tue, Dec 6, 2022 at 12:47 PM Siddhesh Poyarekar
> wrote:
>
> > Overall even if there is a miniscule performance overhead, I
> > reckon the reward is much higher.
>
> I am curious how you can claim there is only a
> minuscule
On Tue, Dec 6, 2022 at 12:47 PM Siddhesh Poyarekar wrote:
> Overall even if there is a miniscule performance overhead, I
> reckon the reward is much higher.
I am curious how you can claim there is only a
minuscule performance overhead without doing
any benchmarks?
I am not claiming the
On Tue, Dec 6, 2022 at 9:55 AM Siddhesh Poyarekar wrote:
>
> On Tue, Dec 6, 2022 at 8:14 AM Siddhesh Poyarekar wrote:
> > > Please provide a proper "how to test" section, I cannot fix what I cannot
> > > test or compare results when I have no idea what I am seeing.
> > >
> > > Actually, last
On Tue, Dec 6, 2022 at 8:14 AM Siddhesh Poyarekar wrote:
> > Please provide a proper "how to test" section, I cannot fix what I cannot
> > test or compare results when I have no idea what I am seeing.
> >
> > Actually, last time I heard about number of packages, it was around 50k
> > (not
On Tue, Dec 6, 2022 at 8:26 AM Michael Cronenworth wrote:
>
> On 12/5/22 5:41 PM, Neal Gompa wrote:
> > But in general, it looks like an upgrade to ImageMagick 7 will be
> > rather easy to do.
>
> Hi Neal,
>
> I appreciate your eagerness here, but it is a little misled.
>
> Version 7 is radically
Hi everyone,
As you prepare for the end of the year, it's time to be thinking about
your F38 plans. Here are the upcoming F38 Change proposal deadlines:
* 2022-12-21: Deadline for Changes requiring infrastructure changes
* 2022-12-27: Deadline for System-Wide Changes and Changes requiring a
mass
Hi everyone,
As you prepare for the end of the year, it's time to be thinking about
your F38 plans. Here are the upcoming F38 Change proposal deadlines:
* 2022-12-21: Deadline for Changes requiring infrastructure changes
* 2022-12-27: Deadline for System-Wide Changes and Changes requiring a
mass
Parametric macro dependency generators are not supported in EPEL 7 and
8's RPM versions. You can still implement this using a "regular"
dependency generator. This is also described in the RPM
documentation[1]. Instead of specifying %__perlcompat_requires() and
writing an RPM macro that accepts
On Tue, Dec 6, 2022 at 5:45 AM Jakub Jelinek wrote:
>
> On Tue, Dec 06, 2022 at 11:13:38AM +0100, Vitaly Zaitsev via devel wrote:
> > On 05/12/2022 20:58, Ben Cotton wrote:
> > > Replace the current `_FORTIFY_SOURCE=2` with `_FORTIFY_SOURCE=3` to
> > > improve mitigation of security issues
On Tue, Dec 06, 2022 at 08:13:51AM -0500, Neal Gompa wrote:
> "may improve" is proven to be "does improve significantly". We had
That is nonsense. Even with -fno-omit-frame-pointers, you can't rely
on frame pointers, they are not accurate in function prologues and epilogues
and they are total
On 12/5/22 5:41 PM, Neal Gompa wrote:
But in general, it looks like an upgrade to ImageMagick 7 will be
rather easy to do.
Hi Neal,
I appreciate your eagerness here, but it is a little misled.
Version 7 is radically different than version 6. Most (I don't have an exact figure)
packages in
On Tue, Dec 6, 2022 at 4:05 AM Richard W.M. Jones wrote:
>
> On Tue, Dec 06, 2022 at 01:35:04AM +0100, Jaroslav Prokop wrote:
> > On 12/5/22 20:58, Ben Cotton wrote:
> >
> > The core change to bring in this mitigation is to change the default
> > build flags in `redhat-rpm-config` so that
On Mon, Dec 5, 2022 at 10:20 PM Gary Buhrmaster
wrote:
>
> On Mon, Dec 5, 2022 at 10:53 PM Neal Gompa wrote:
>
> > It has a similar impact that turning back on frame pointers would.
> >
> > Cf.
> >
On Mon, Dec 5, 2022 at 7:35 PM Jaroslav Prokop wrote:
> Default C and C++ compiler flags to build packages in Fedora currently
> includes `-Wp,-D_FORTIFY_SOURCE=2`, which enables fortification of
> some functions in glibc, thus providing some mitigation against buffer
> overflows. Since glibc
On Tue, Dec 6, 2022 at 7:50 AM Siddhesh Poyarekar wrote:
>
> On Mon, Dec 5, 2022 at 5:53 PM Neal Gompa wrote:
> >
> > On Mon, Dec 5, 2022 at 3:17 PM Gary Buhrmaster
> > wrote:
> > >
> > > On Mon, Dec 5, 2022 at 7:58 PM Ben Cotton wrote:
> > > >
> > > >
On Tue, Dec 6, 2022 at 1:43 AM Terry Barnaby wrote:
>
> On 05/12/2022 16:00, Jarek Prokop wrote:
>
>
> On 12/5/22 14:57, Peter Robinson wrote:
>
> On Mon, Dec 5, 2022 at 12:01 PM Vitaly Zaitsev via devel
> wrote:
>
> On 05/12/2022 12:39, Terry Barnaby wrote:
>
> I am wondering what Fedora's
On Sat, Dec 3, 2022 at 5:57 AM Vitaly Zaitsev via devel
wrote:
>
> On 03/12/2022 00:30, Sérgio Basto wrote:
> > The proposal now is to keep ImageMagick 6 and make a new package with
> > ImageMagick 7 , when we have all applications use only ImageMagick 7,
> > we move the sources from ImageMagick7
On Mon, Dec 5, 2022 at 5:53 PM Neal Gompa wrote:
>
> On Mon, Dec 5, 2022 at 3:17 PM Gary Buhrmaster
> wrote:
> >
> > On Mon, Dec 5, 2022 at 7:58 PM Ben Cotton wrote:
> > >
> > > https://fedoraproject.org/wiki/Changes/Add_FORTIFY_SOURCE%3D3_to_distribution_build_flags
> > >
> >
> > It is my
On Mon, Dec 5, 2022 at 3:17 PM Gary Buhrmaster
wrote:
>
> On Mon, Dec 5, 2022 at 7:58 PM Ben Cotton wrote:
> >
> > https://fedoraproject.org/wiki/Changes/Add_FORTIFY_SOURCE%3D3_to_distribution_build_flags
> >
>
> It is my vague recollection (I could easily be wrong, so
> correct me as
On Sun, 2022-12-04 at 21:06 -0600, Richard Shaw wrote:
> On Sun, Dec 4, 2022 at 6:32 PM Sérgio Basto
> wrote:
> > Final statement, instead of wasting my time and energy on
> > arguments,
> > Imagemagick7 could already be built on rawhide if someone had done
> > the
> > package review for me
> >
> false negative - especially
> the *-fonts because they declare the license using macro, which I am unable
> to process
> (yet).|
Can I put the new tags in the same macro, e.g.:
```
%global foundry ADF
-%global fontlicense GPLv2+ with exceptions
+%global fontlicense
OLD: Fedora-Rawhide-20221205.n.0
NEW: Fedora-Rawhide-20221206.n.0
= SUMMARY =
Added images:0
Dropped images: 0
Added packages: 11
Dropped packages:0
Upgraded packages: 109
Downgraded packages: 0
Size of added packages: 3.51 MiB
Size of dropped packages:0
Adam Williamson wrote:
> On Mon, 2022-12-05 at 22:44 +0100, Kevin Kofler via devel wrote:
>> Mattia Verga via devel wrote:
>> > Or let's just get rid of Bodhi and trust all packagers to "know exactly
>> > what they are doing with their package".
>>
>> Yes please!
>
> Exhibits 1 through 2636 for
Hello Fedora community,
The Christmas period is coming, and soon after the Fedora mass rebuild will
come and may lead to the creation of a bunch of FTBFS bugzillas.
I'd like to share with you the availability of a tool that we started to
develop this year, which aims to help developers to
On Tuesday, 06 December 2022 at 07:43, Terry Barnaby wrote:
[...]
> My view is that compat versions of the commonly used shared libraries
> for programs that are used on Redhat7 should be kept available until
> most people are not producing programs for that system at least
> +nyears and then I
On Tue, Dec 06, 2022 at 11:13:38AM +0100, Vitaly Zaitsev via devel wrote:
> On 05/12/2022 20:58, Ben Cotton wrote:
> > Replace the current `_FORTIFY_SOURCE=2` with `_FORTIFY_SOURCE=3` to
> > improve mitigation of security issues arising from buffer overflows in
> > packages in Fedora.
>
> AFAIK,
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
--- Comment #4 from Fedora Update System ---
FEDORA-2022-ee41db4054 has been submitted as an update to Fedora 35.
https://bodhi.fedoraproject.org/updates/FEDORA-2022-ee41db4054
--
You are receiving this mail because:
You are on the CC list
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
--- Comment #2 from Fedora Update System ---
FEDORA-2022-10bdbca815 has been submitted as an update to Fedora 37.
https://bodhi.fedoraproject.org/updates/FEDORA-2022-10bdbca815
--
You are receiving this mail because:
You are on the CC list
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
--- Comment #3 from Fedora Update System ---
FEDORA-2022-8bfb602a86 has been submitted as an update to Fedora 36.
https://bodhi.fedoraproject.org/updates/FEDORA-2022-8bfb602a86
--
You are receiving this mail because:
You are on the CC list
On 05/12/2022 20:58, Ben Cotton wrote:
Replace the current `_FORTIFY_SOURCE=2` with `_FORTIFY_SOURCE=3` to
improve mitigation of security issues arising from buffer overflows in
packages in Fedora.
AFAIK, _FORTIFY_SOURCE=3 enables runtime checks for every mem*()
function call. This should
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
Petr Pisar changed:
What|Removed |Added
Status|ASSIGNED|MODIFIED
Fixed In Version|
https://bugzilla.redhat.com/show_bug.cgi?id=2151095
Fedora Update System changed:
What|Removed |Added
Fixed In Version||perl-Perl-Critic-1.144-1.fc
https://bugzilla.redhat.com/show_bug.cgi?id=2151095
Fedora Update System changed:
What|Removed |Added
Status|NEW |MODIFIED
--- Comment #2 from
https://bugzilla.redhat.com/show_bug.cgi?id=2150998
Petr Pisar changed:
What|Removed |Added
CC|ppi...@redhat.com |
Doc Type|---
https://bugzilla.redhat.com/show_bug.cgi?id=2150992
--- Comment #2 from Petr Pisar ---
> $ rpm -qRp rt-tests-5.0.3-2.fc38.noarch.rpm
[...]
> perl(.::t/lifecycles/utils.pl)
I think this is a bug in the generators. Relative imports (./) should be
ignored.
t/web/lifecycle_rights.t:4:BEGIN
On 12/6/22 10:08, Richard W.M. Jones wrote:
On Tue, Dec 06, 2022 at 08:59:03AM +, Richard W.M. Jones wrote:
I don't believe the proposal is that everyone *has* to use this (or at
least, I hope not). Even existing _FORTIFY_SOURCE=2 is optional. I'd
like to know what the problems are that
On Tue, Dec 06, 2022 at 08:59:03AM +, Richard W.M. Jones wrote:
> I don't believe the proposal is that everyone *has* to use this (or at
> least, I hope not). Even existing _FORTIFY_SOURCE=2 is optional. I'd
> like to know what the problems are that affect systemd however.
It's mentioned in
On Tue, Dec 06, 2022 at 01:35:04AM +0100, Jaroslav Prokop wrote:
> On 12/5/22 20:58, Ben Cotton wrote:
>
> The core change to bring in this mitigation is to change the default
> build flags in `redhat-rpm-config` so that packages build by default
> with `-Wp,-D_FORTIFY_SOURCE=3`.
On Tue, Dec 06, 2022 at 08:19:22AM +, Daniel P. Berrangé wrote:
> On Tue, Dec 06, 2022 at 03:12:19AM +, Gary Buhrmaster wrote:
> > On Mon, Dec 5, 2022 at 10:53 PM Neal Gompa wrote:
> >
> > > It has a similar impact that turning back on frame pointers would.
> > >
> > > Cf.
> > >
On Tue, Dec 06, 2022 at 03:12:19AM +, Gary Buhrmaster wrote:
> On Mon, Dec 5, 2022 at 10:53 PM Neal Gompa wrote:
>
> > It has a similar impact that turning back on frame pointers would.
> >
> > Cf.
> >
Il 06/12/22 00:08, Adam Williamson ha scritto:
> On Mon, 2022-12-05 at 22:44 +0100, Kevin Kofler via devel wrote:
>> Mattia Verga via devel wrote:
>>> Or let's just get rid of Bodhi and trust all packagers to "know exactly
>>> what they are doing with their package".
>> Yes please!
> Exhibits 1
94 matches
Mail list logo
