On Thu, Nov 03, 2022 at 12:51:28PM +0100, Vít Ondruch wrote:
>
> Now who will be motivated enough to at least open the Koji ticket as
> suggested in the other place of this thread? :D
>
> Actually, for my purposes, it would be much better if there was something
> like `koji download-url --signed
Dne 02. 11. 22 v 20:28 Josh Stone napsal(a):
On 11/1/22 3:51 PM, Kevin Fenzi wrote:
On Tue, Nov 01, 2022 at 02:55:34PM -0700, Josh Stone wrote:
On 11/1/22 11:16 AM, Neal Gompa wrote:
That said, the packages *are* signed in Koji, because as soon as it's
submitted to Bodhi, the packages are
Otto Liljalaakso writes:
Kevin Fenzi kirjoitti 2.11.2022 klo 20.33:
So, I suppose the web interface could offer signed copies if they exist,
but might be confusing if you don't know what the various keys short
hash is. Feel free to file a RFE for koji folks: https://pagure.io/koji
I
Kevin Fenzi kirjoitti 2.11.2022 klo 20.33:
On Wed, Nov 02, 2022 at 08:15:00PM +0200, Otto Liljalaakso wrote:
Would it be possible to update Koji's web UI so that it offers the signed
one for download? Is there anything going for the current behavior of
offering the unsigned one instead?
On 11/1/22 3:51 PM, Kevin Fenzi wrote:
> On Tue, Nov 01, 2022 at 02:55:34PM -0700, Josh Stone wrote:
>> On 11/1/22 11:16 AM, Neal Gompa wrote:
>>> That said, the packages *are* signed in Koji, because as soon as it's
>>> submitted to Bodhi, the packages are signed in-place in Koji.
>>
>> Is that
On Wed, Nov 02, 2022 at 08:15:00PM +0200, Otto Liljalaakso wrote:
> Vít Ondruch kirjoitti 2.11.2022 klo 16.18:
> >
> > Dne 01. 11. 22 v 18:59 Fabio Valentini napsal(a):
> > > On Tue, Nov 1, 2022 at 6:53 PM Demi Marie Obenour
> > > wrote:
> > > >
> > > > Please push them out to testing
Vít Ondruch kirjoitti 2.11.2022 klo 16.18:
Dne 01. 11. 22 v 18:59 Fabio Valentini napsal(a):
On Tue, Nov 1, 2022 at 6:53 PM Demi Marie Obenour
wrote:
Please push them out to testing immediately. Some, such as myself,
simply
refuse to install unsigned packages.
The packages are already
Dne 01. 11. 22 v 18:59 Fabio Valentini napsal(a):
On Tue, Nov 1, 2022 at 6:53 PM Demi Marie Obenour wrote:
Please push them out to testing immediately. Some, such as myself, simply
refuse to install unsigned packages.
The packages are already signed, no need to wait for them to be pushed
Ian Laurie wrote:
> On 11/2/22 04:22, Dmitry Belyavskiy wrote:
>
> Dear colleagues,
>
> I've just pushed the updates for OpenSSL fixing 2 CVEs evaluated as HIGH.
> Could you please check the freshly pushed builds to get necessary karma
> ASAP?
>
> Are we not fixing Fedora 35?
On 11/2/22 04:22, Dmitry Belyavskiy
wrote:
Dear colleagues,
I've just pushed the updates for OpenSSL fixing 2 CVEs
evaluated as HIGH. Could you please check the freshly pushed
builds to get necessary karma ASAP?
On Tue, Nov 01, 2022 at 02:55:34PM -0700, Josh Stone wrote:
> On 11/1/22 11:16 AM, Neal Gompa wrote:
> > That said, the packages *are* signed in Koji, because as soon as it's
> > submitted to Bodhi, the packages are signed in-place in Koji.
>
> Is that really in-place? Bodhi says these are
On 01/11/2022 19:16, Demi Marie Obenour wrote:
Still, what would it take to push them to testing right away?
24 hours.
--
Sincerely,
Vitaly Zaitsev (vit...@easycoding.org)
___
devel mailing list -- devel@lists.fedoraproject.org
To unsubscribe send
On 11/1/22 11:16 AM, Neal Gompa wrote:
> That said, the packages *are* signed in Koji, because as soon as it's
> submitted to Bodhi, the packages are signed in-place in Koji.
Is that really in-place? Bodhi says these are signed, but when I
download from koji, "rpm -qip" still shows "Signature:
On Tue, 1 Nov 2022 at 14:18, Demi Marie Obenour
wrote:
> On 11/1/22 13:59, Fabio Valentini wrote:
> > On Tue, Nov 1, 2022 at 6:53 PM Demi Marie Obenour
> wrote:
> >>
> >> On 11/1/22 13:30, Jason L Tibbitts III wrote:
> Ewoud Kohl van Wijngaarden
> writes:
> >>>
> Right now you
Just tested and added karma to f36 and f37. Thanks!
On 01/11/2022 18:22, Dmitry Belyavskiy wrote:
Dear colleagues,
I've just pushed the updates for OpenSSL fixing 2 CVEs evaluated as
HIGH. Could you please check the freshly pushed builds to get
necessary karma ASAP?
Many thanks!
--
Dmitry
On Tue, Nov 1, 2022 at 6:17 PM Demi Marie Obenour wrote:
>
> On 11/1/22 13:59, Fabio Valentini wrote:
> > On Tue, Nov 1, 2022 at 6:53 PM Demi Marie Obenour
> > wrote:
> >>
> >> On 11/1/22 13:30, Jason L Tibbitts III wrote:
> Ewoud Kohl van Wijngaarden
> writes:
> >>>
>
On Tue, Nov 1, 2022 at 5:53 PM Demi Marie Obenour wrote:
>
> On 11/1/22 13:30, Jason L Tibbitts III wrote:
> >> Ewoud Kohl van Wijngaarden writes:
> >
> >> Right now you can't test them since they haven't been migrated to
> >> testing yet.
> >
> > You can download the packages directly from
On Tue, Nov 1, 2022 at 1:53 PM Demi Marie Obenour wrote:
>
> On 11/1/22 13:30, Jason L Tibbitts III wrote:
> >> Ewoud Kohl van Wijngaarden writes:
> >
> >> Right now you can't test them since they haven't been migrated to
> >> testing yet.
> >
> > You can download the packages directly from
On 11/1/22 13:59, Fabio Valentini wrote:
> On Tue, Nov 1, 2022 at 6:53 PM Demi Marie Obenour
> wrote:
>>
>> On 11/1/22 13:30, Jason L Tibbitts III wrote:
Ewoud Kohl van Wijngaarden writes:
>>>
Right now you can't test them since they haven't been migrated to
testing yet.
>>>
On Tue, Nov 1, 2022 at 6:53 PM Demi Marie Obenour wrote:
>
> On 11/1/22 13:30, Jason L Tibbitts III wrote:
> >> Ewoud Kohl van Wijngaarden writes:
> >
> >> Right now you can't test them since they haven't been migrated to
> >> testing yet.
> >
> > You can download the packages directly from
On 11/1/22 13:30, Jason L Tibbitts III wrote:
>> Ewoud Kohl van Wijngaarden writes:
>
>> Right now you can't test them since they haven't been migrated to
>> testing yet.
>
> You can download the packages directly from koji. From the relevant
> update page, you can clock the "Builds" tab
On Tue, Nov 01, 2022 at 12:30:31PM -0500, Jason L Tibbitts III wrote:
Ewoud Kohl van Wijngaarden writes:
Right now you can't test them since they haven't been migrated to
testing yet.
You can download the packages directly from koji. From the relevant
update page, you can clock the
Dear Peter,
On Tue, Nov 1, 2022 at 6:44 PM Peter Robinson wrote:
> Hi Dmitry,
>
> > I've just pushed the updates for OpenSSL fixing 2 CVEs evaluated as
> HIGH. Could you please check the freshly pushed builds to get necessary
> karma ASAP?
>
> Is there a reason we're note rebasing to 3.0.7 or
Hi Dmitry,
> I've just pushed the updates for OpenSSL fixing 2 CVEs evaluated as HIGH.
> Could you please check the freshly pushed builds to get necessary karma ASAP?
Is there a reason we're note rebasing to 3.0.7 or generally updating
in Fedora with 3.x? It looks like 3.0.6 had CVE-2022-3358
> Ewoud Kohl van Wijngaarden writes:
> Right now you can't test them since they haven't been migrated to
> testing yet.
You can download the packages directly from koji. From the relevant
update page, you can clock the "Builds" tab which will give you a link.
You can down exactly the
Karma given
On Tue, Nov 1, 2022 at 6:23 PM Dmitry Belyavskiy wrote:
>
> Dear colleagues,
>
> I've just pushed the updates for OpenSSL fixing 2 CVEs evaluated as HIGH.
> Could you please check the freshly pushed builds to get necessary karma ASAP?
>
> Many thanks!
>
> --
> Dmitry Belyavskiy
>
On Tue, Nov 01, 2022 at 06:22:27PM +0100, Dmitry Belyavskiy wrote:
Dear colleagues,
I've just pushed the updates for OpenSSL fixing 2 CVEs evaluated as HIGH.
Could you please check the freshly pushed builds to get necessary karma
ASAP?
Many thanks!
These would be:
Dear colleagues,
I've just pushed the updates for OpenSSL fixing 2 CVEs evaluated as HIGH.
Could you please check the freshly pushed builds to get necessary karma
ASAP?
Many thanks!
--
Dmitry Belyavskiy
___
devel mailing list --
28 matches
Mail list logo