Re: Supporting hibernation in Workstation ed., draft 1

Am 30.05.20 um 09:36 schrieb Chris Murphy: > > It's a security risk that is incompatible with having UEFI Secure Boot > enabled. > > The entire point of UEFI Secure Boot is to ensure cryptographic > verification that the kernel you're running is in fact a Fedora built > and signed kernel. Since re

Re: Supporting hibernation in Workstation ed., draft 1

Am 03.06.20 um 07:27 schrieb Chris Murphy: > You trust the encryption only to provide confidentiality of your data > from the attacker. Not as a means of detecting an attack on your data. > And also this isn't really just user data, the hibernation image is > the kernel. If it's really compromised,

Bodhi: Problem with Greenwave

Hi, small(?) problem with automated testing in bodhi: * Test Gating * Failed to talk to Greenwave. at least with: https://bodhi.fedoraproject.org/updates/FEDORA-2020-0e5ada32f1 best regards, Marius Schwarz ___ devel mailing list -- devel

Re: Proposal: Install gparted to Live installers

Am 04.06.20 um 17:47 schrieb Felipe Borges: > > We already ship Disks (gnome-disks) in the live image. Doesn't it > suffice for the type of task you need to perform? > > :D Gparted does all the needed steps you would need to do manual with gnome-disks . It way better for this kind of work. Gnome-

Re: Proposal: Install gparted to Live installers

Am 04.06.20 um 18:52 schrieb Michael Catanzaro: > > I don't think we actually have the technical capability to ship it in > live media without also installing it by default on the installed system. > That won't be the worst consequence ;) best regards, Marius _

Re: Fedora 33 System-Wide Change proposal: swap on zram

Am 09.06.20 um 02:03 schrieb Kevin Kofler: > I disagree. /etc should be prepopulated by packages and/or the distribution > installer. Then the directory is left for the local admin to customize. Not to speak of the fact, that you do not know which defaults are in place, if they are not visible som

Re: Nvidia binary drivers fail to install on Fedora 32

Am 29.03.20 um 18:24 schrieb Kevin Kofler: > > RPM Fusion used to provide compiled kmod packages for years, and those just > worked. (Well, for the proprietary ones, they only worked as well as > proprietary drivers work to begin with, but that was no fault of the kmod > packages.) So why and wh

bodhi: Failed to talk to Greenwave.

Hi, ATM the Tab "Automated Test Results" shows just is message: Failed to talk to Greenwave. best regards, Marius ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code o

Q: is a missing info URL for a package a problem?

Description of problem: the Info URL of the package "clamsmtp" seems to be offline ... $  dnf info clamsmtp | grep -i url URL  : http://memberwebs.com/stef/software/clamsmtp/ $ host  memberwebs.com Host memberwebs.com not found: 2(SERVFAIL) it does not look like a temporary error. Is t

SEL: double restorecon on systemupgrade F31->F32

Hi, while upgrading from F31 to F32, the selpolicy script has executed a full restorecon on any main path (/*): once after installing the package and once on removing the old package ( aka house keeping the old package ). As it's not directly a bug, more an intense waste of time and IO, i did no

Re: Summary/Minutes from today's FESCo Meeting (2020-05-11)

Am 11.05.20 um 20:35 schrieb Zbigniew Jędrzejewski-Szmek: > > Is /run/systemd/resolve/resolv.conf good enough? Would a comment in > /etc/resolv.conf pointing the user to that file help? > Why not using a symlink from new to old resolve.conf? This way old app will keep working and admins also do no

ClamAV: quick security build needed

34910 best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ Lis

Re: F30 security update submitted for stable "marked obsolete" instead of being pushed

Am 27.05.20 um 08:25 schrieb Artur Iwicki: > While I understand the mechanism, I think that this needs to be communicated > more clearly. I've been a packager for close to 3 years now and I admit until > I read this e-mail I wasn't quite sure whether "no updates after EOL" meant > "you can't sub

Re: Way to visualize where Fedora contributors are around the world?

hi, Am 12.10.19 um 22:38 schrieb Silvia Sánchez: > > I don't think the Ambassadors map is still working. I opened it but it > shows only the geography, not Ambassadors or contributors pinpointed.  > I couldn't even see myself. > It does work,sort of, but some graphics are missing. The positions a

Re: Bugzilla needinfo reminders

>> Few days ago (22nd Oct) I've started receiving daily reminders >> about needinfo for over a year old bugs. Which is strange, as those bugs >> are closed. I got them too :( > Bugzilla sends you notifications because the needinfo flag is set on you. > Why do not you simply clear the needinfo

Re: Bugzilla needinfo reminders

Am 25.10.19 um 10:36 schrieb Miro Hrončok: > On 25. 10. 19 10:31, Marius Schwarz wrote: >> a) closing a bug for any reason, should clear the flag. it does not. > > It's not that simple. Sometimes, it makes sense to clear, sometimes not. > > Imagine closing a bug wit

Re: Encrypted DNS in Fedora

Am 04.11.19 um 17:40 schrieb Michael Cronenworth: > Hi, > > Is there any project or team involved with improving encrypted DNS > support in Fedora? Any movement in Red Hat corporate? > > - Glibc team? >     The /etc/resolv.conf file needs some love. AFAIK it still does not > verify DNSSEC. > - Bind

Re: Encrypted DNS in Fedora

Am 04.11.19 um 23:52 schrieb Michael Cronenworth: > cryptographic library into every process that queries an Internet host >> name.  That also applies to DNSSEC. > > The transition to DoT/DoH makes the resolv.conf file obsolete. Any > discussion on removing it entirely? Default to looking at a loca

Re: Encrypted DNS in Fedora

Am 05.11.19 um 14:21 schrieb Florian Weimer: > >> ahm.. in which way, does the use of encryption, make a sourcelist for >> dns names to ask, obsolete? > Names or servers? "names of domainnameservers" >> nscd i.e. uses resolv.conf as source for the round robin server list. > With encryption, the se

Re: Encrypted DNS in Fedora

Am 05.11.19 um 14:38 schrieb Tomasz Torcz: > On Tue, Nov 05, 2019 at 02:09:31PM +0100, Marius Schwarz wrote: >> DoH is IMHO a waste of resources and as Browsers implement it, useless >> at best, but mostly a centralization of control of users under a false >> protection umbre

Re: Encrypted DNS in Fedora

Am 05.11.19 um 15:17 schrieb Florian Weimer: > I categorically reject your notion that you can increase privacy by > sending queries to more servers. As a result, you will end up with a > larger set of servers you must trust, not a smaller one. > You don't need to trust them for your privacy, the

Re: Encrypted DNS in Fedora

Am 05.11.19 um 16:01 schrieb Stephen John Smoogen: > >> To an extend in bandwidth, you could send out parallel queries and >> check, if they match or if someone has tampered >> with them. Would be a nice sideeffect. > This breaks down for multiple reasons. > > I do a parallel query and I get two di

Re: Encrypted DNS in Fedora

Am 06.11.19 um 21:59 schrieb Kevin Fenzi: > > In any case, I will note here that firefox in Fedora is not going to > enable DoH like upstream firefox. I don't know about chromium. > > > kevin That's good news, as it takes about half an hour to make ff privacy conform again. Each step less helps.

Re: Encrypted DNS in Fedora

Am 09.11.19 um 10:12 schrieb Nicolas Mailhot via devel: > That’s why DoH is intrinsically centralized and rotten to the core. > > DoH supporters are perfectly happy with a world where there is no > standard for delegation. And if there is no standard, classical network > effects will favor the bigg

F30+F31: systemupgrades added unfullfillable module dependencies

Hi, I just found this on Bugzilla and i think it needs immediate intervention: https://bugzilla.redhat.com/show_bug.cgi?id=1767422 release upgrades involved: F29->F30 & F30->F31 - removing the mentioned packages do not fix the problem - they complain about issues in the next release Conclusion

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 03.12.19 um 09:07 schrieb Lennart Poettering: > Also note that on Fedora Workstation we default to suspend-on-idle > these days. i.e. when you don't actually work on the laptop the laptop > is suspended and not reachable via SSH at all, hence adding > systemd-homed doesn't make anything worse in

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 04.12.19 um 02:02 schrieb Chris Murphy: > Anaconda custom partitioning has a per mount point encryption option. > I can LUKS encrypt only the volume mounted at /home. And if I do this, If you do this, someone can manipulate your system to trojan horse your passwords, when he has physical access

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 05.12.19 um 01:13 schrieb John M. Harris Jr: >> Full-Diskencryption ( /boot included ) is the only way to protect the >> system itself. >> Anything else is simply not secure. > systemd-homed doesn't depend on /etc/passwd or /etc/shadow for > authentication. By all means its security guarantees s

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Hi, Am 05.12.19 um 10:33 schrieb Lennart Poettering: >>> Also note that on Fedora Workstation we default to suspend-on-idle >>> these days. i.e. when you don't actually work on the laptop the laptop >>> is suspended and not reachable via SSH at all, hence adding >>> systemd-homed doesn't make anyt

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 05.12.19 um 09:03 schrieb Nicolas Mailhot via devel: > Really, we should try to change the default to Azerty or the Russian > layout for a release. That would teach qwerty users what is hostile to > users of other layouts or not. It was in the past, and i.e. a live disk is still defaulting to th

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Hi, Am 25.11.19 um 22:59 schrieb Samuel Sieb: > > Steps 1 - 4 are not benefits, they are workarounds to critical system > utilities required by this change.  I don't understand why this change > is necessary at all.  It only affects local logins and if someone > wants to have an empty password, wh

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 05.12.19 um 13:32 schrieb Lennart Poettering: > Well, the way this has been traditionally done is that the lock screen > is displayed by a program running under the user's identity and that > the user's data is entirely unlocked the entire time during suspend, That depends on what you have chose

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 05.12.19 um 21:40 schrieb Chris Murphy: > > Hibernation is out of scope to rely on, let alone make a default, for > at least the following reasons: > a. It's not sufficiently well supported upstream for regressions that > may appear in new kernels, and not supported by the Fedora kernel > team.

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 00:33 schrieb John M. Harris Jr: > >> Uh, locking down USB like that doesn't really work. USB has no >> mechanism for recognizing devices securely, which means any whitelist >> is pointless because any device can claim to be whatever it wants to >> be. (And yes, it would be great if

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 09:02 schrieb Lennart Poettering: > > Humm, so you turn off gpg verification of RPMs you install? Nah, you > don't, because you put trust in Fedora that the RPMs they build are > somewhat safe to use. That's what vendor trust means. Since regular As the vendor supplies the checksums

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 05.12.19 um 21:21 schrieb Andreas Tunek: > On Thu, 5 Dec 2019, 02:11 John M. Harris Jr, > wrote: > > > Rebuild initramfs when the system-wide keyboard > layout is changed. > > > I change my keyboard layout several times every hour. > I had the wrong keyboar

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 05.12.19 um 23:02 schrieb Chris Murphy: > read "LUKS by default" > https://pagure.io/fedora-workstation/issue/82 > > If you read the whole thing, you should come to understand why the > initial agreement to implement full disk encryption was suspended, and > also that this issue has a history pr

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 00:53 schrieb John M. Harris Jr: > > There is really no UI/UX issue. It just needs to ask for a password for a key > to decrypt. That's it. The UI is limited to either: > 1, without Plymouth: A line in a framebuffer asking you to enter a password > 2, with Plymouth: A box in the cen

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 08:57 schrieb Lennart Poettering: > If you know where stuff is located you can change individual blocks in > files. You are not going to know what you are changing them to, but > you can change it and traditional files will not detect that you did that. > That is correct, but i did

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 17:33 schrieb John M. Harris Jr: >> But plymouth ui needs to be changed anyway to get a working OSK, or >> tablets and mobiles are not be able to use encryption. > What you're asking for would be incredibly difficult. It could be done, but > not with Plymouth, and not without increa

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 17:40 schrieb John M. Harris Jr: > >> If the vm is paravirtualized ( i.e. Xen ) you can't even enter a >> plymouth password to unlock a drive. > Well, you can. Why wouldn't you be able to? because I already tried it ;) it's a tty problem with high secure ttys, hvcsomething. Thats th

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 23:22 schrieb Chris Murphy: > > Is it your position that encrypting ~/ alone is not an incremental > improvement? Are you suggesting it's necessary to assume Fedora > Workstation users are subject to targeted attacks? And therefore > install time default must encrypt /, /home, swap?

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 07.12.19 um 01:09 schrieb Kevin Kofler: > > Anaconda should encrypt /boot too. Calamares does it. GRUB supports it > FULL ACK. Marius ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproj

Re: Fedora 32 System-Wide Change proposal: Disallow Empty Password By Default

Am 06.12.19 um 21:04 schrieb Chris Murphy: > swap being compromised. Case 2 is present day Fedora "full disk > encryption" which does not lock down the bootloader, /boot volume is > not encrypted, and thus the initramfs is vulnerable to a targeted > attack which could be used to deploy a key logge

Info: Koji: servers are offline 29.12.2019 11:55 CET

Hi, the webslaves for Koji show an error message: "The server is offline. Retry later" It does not seem to be a planned outage, can someone take a look? Best regards, Marius ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send

F29 liberations-fonts dependencies are messed in several packages(or it's dnf)

Hi, pls refer to *Bug 1751699* for more informations. (in short: no update to 2.00.5-3 was possible via dnf, as packages refer to 2.00.3-1 directly) to name some: cups flute foomatic gstreamer libreoffice tons of lib packages poppler samba

Re: koji / bodhi issues status update

Hi Kevin, Koji is misbehaving ("again"|"still?"). If you search for a package, the search result is available fast. If you searched for a build around 8-9 am CET (~3h ago) today, the search did not return in a reasonable timeframe, to be exact: it did not return at all. Now, the same search ret

Re: What would it take to drop release and changelog from our spec files? (and do we want to?)

Am 10.01.20 um 17:36 schrieb Pierre-Yves Chibon: > Good Morning Everyone, > > This is not a new idea, it has been presented at flock last year and spoken > about on this very list this fall, so I'd like to push it a little further. > > Do we want to drop release and changelog from our spec file? Vo

ClamAV: CVE-2020-3123 needs addressing - 102.2 available

r the maintainer (CC: set) , in case they did not notice it yet. thx. Best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct:

infrastructure problem: koji and bodhi responding very slow / dl with 80kb/s

Hi, while testing ff 73 update, i noticed that bodhi and koji are sponding very slow. The download speed at koji for germany was around 80KB/s, while other parts of the country reached MB/s easily.  As bodhi does not have that much html to transfer, i don't think it's a network issue. Could som

Re: infrastructure problem: koji and bodhi responding very slow / dl with 80kb/s

Am 14.02.20 um 17:57 schrieb Kevin Fenzi: > > Also, it might help if people noted the exact time of day (UTC) they are > accessing things? > > I suspect it may be backup slowness (which happens after 00:00UTC +- > 2hours) > it was around 12AM CET (+100), so the backup is off the hook. unfortune fo

Re: infrastructure problem: koji and bodhi responding very slow / dl with 80kb/s

Am 14.02.20 um 17:57 schrieb Kevin Fenzi: > On Fri, Feb 14, 2020 at 08:07:19AM -0500, Stephen John Smoogen wrote: >> On Fri, 14 Feb 2020 at 06:21, Leigh Griffin wrote: >> >>> >>> On Fri, Feb 14, 2020 at 12:59 AM Artem Tim wrote: >>> Same here. I am waiting several minutes for every my action

RFC: entering luks password on grub level for devices without keyboards

e phones bios and do things like "wipe cache" "boot from .." "test graphics" etc. etc. which is then obviously touchbased.  Opening the already present touchhandling to an OSK on startup as MS did, could be the way to go for all future touch devices. Your comme

Re: RFC: entering luks password on grub level for devices without keyboards

Am 15.03.20 um 13:32 schrieb Vitaly Zaitsev via devel: > On 14.03.2020 13:05, Marius Schwarz wrote: >> If you encrypt  the fedora ( or any ) installation with luks, as >> security of a mobile device indicates, you end up without the >> possibility to enter the password, when

Re: RFC: entering luks password on grub level for devices without keyboards

ease do not forget that when generalising. > The Surface Bios is inserting an OSK (only) on the level where grub operates, so you can choose your kernel and edit your cmd line. No external keyboard needed at that point. Best regards, Marius Schwarz

Re: RFC: entering luks password on grub level for devices without keyboards

Am 19.03.20 um 15:52 schrieb Momčilo Medić: > > I'm not familiar with TPM chips, but from what I read here it sounds > like there would be no password prompt and anyone would be able to boot > the device, no? > > correct and thats the main issue, as long you have grub where you can edit the kernel

Re: RFC: entering luks password on grub level for devices without keyboards

Am 19.03.20 um 17:11 schrieb Michael Cronenworth: > On 3/19/20 11:04 AM, Marius Schwarz wrote: >> correct and thats the main issue, as long you have grub where you can >> edit the kernel line to start in runlevel 1. >> This makes the encryption null and void. > >

Re: RFC: entering luks password on grub level for devices without keyboards

Am 19.03.20 um 20:57 schrieb John M. Harris Jr: > > If you're drawing a direct comparison to the Fedora boot process from the > Windows process, the point at which Windows is presenting an OSK is about at > the point after which initrd is loaded in the Fedora boot process. It's not > happening a

Re: Bugzilla signal/noise ratio

Hi all, Am 22.03.20 um 14:19 schrieb Emmanuel Seyman: > I feel you've proved the opposite: filing bugs alone isn't sufficient and, > apparently, neither is sending out periodic reminders by mail. Perhaps we > need to be more agressive in encouraging people to find co-maintainers > that can help th

Re: Fedora 32: setup with encrypted LVM

Am 22.03.20 um 20:55 schrieb Dario Lesca: > I do not want this situation, I want only the VG device encrypted and > the filesystem created on LV device Not encrypting /swap makes your disk encryption partly pointless. Your PC will use swap if you want or not. If your device is powerless, your swap

Re: "Phantom" unlock message

Am 24.03.20 um 03:27 schrieb Marty Felker: > I am in Ubuntu for the moment but have a wicked fast F32 > workstation.   My only "issue" is that I get asked for an unlock key > when I boot when what I want is to boot directly to the desktop.   I > am the only one with physical or any other access to

Re: Upgrade to F30 gone wrong

Am 04.05.19 um 22:50 schrieb Sam Varshavchik: > Chris Murphy writes: > >> This bug itself was expected to be an edge case, that not many users >> would be affected, in that not many would have a stale Fedora 20 or >> older bootloader. Surely 'grub2-install' would have been manually run, >> or the u

"Trafficserver" builds are from 2016

Hello, there seems to be a problem with the trafficserver builds since 2016. according to koji, they just fail and noone cares. The package itself is outdated by 3 major releases of trafficserver itself, and 6 Fedora cycles.  The packages shipped are labeled "fc24" The rpm installations works,

Re: "Trafficserver" builds are from 2016

Am 10.07.19 um 21:05 schrieb Adam Williamson: > On Wed, 2019-07-10 at 14:59 -0400, Scott Talbert wrote: >> On Wed, 10 Jul 2019, Marius Schwarz wrote: >> >>> Hello, >>> >>> there seems to be a problem with the trafficserver builds since 2016. >>&

Re: "Trafficserver" builds are from 2016

Am 10.07.19 um 21:26 schrieb Scott Talbert: > On Wed, 10 Jul 2019, Marius Schwarz wrote: > >>>>> Hello, >>>>> >>>>> there seems to be a problem with the trafficserver builds since 2016. >>>>> >>>>> according to koji,

httpd 2.4.56 fixes CVE-2023-25690 (crit 9.8) and CVE-2023-27522 (high 7.5)

this kind of info is vital for any kind of package, but just httpd. So, pls do not forget to add those informations. 2.4.56 has been put to stable already, nothing else to do here. Thanks. best regards, Marius Schwarz ___ devel mailing lis

package WP-CLI needs update

Hi, package WP-CLI needs an update to 2.7.1 in all releases as in the current state, it's useless. A bugreport against the package is open since nov. 2022: https://bugzilla.redhat.com/show_bug.cgi?id=2148434 best regards, Marius Schwarz___ devel m

Re: It’s time to transform the Fedora devel list into something new

7;t think so. If "you",reader, have problems following the threads with your mailapp, which was the main argument here, get a better mailapp to handle it. Best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.or

Re: package WP-CLI needs update

Am 20.04.23 um 11:01 schrieb Dan Horák: On Thu, 20 Apr 2023 09:20:27 +0200 Marius Schwarz wrote: Hi, package WP-CLI needs an update to 2.7.1 in all releases as in the current state, it's useless. A bugreport against the package is open since nov. 2022: https://bugzilla.redha

CVE: Python-twisted a.o. needs update for F37 due to matrix-synapse security issue

dependencies. AFAICT it's works without issues atm. This brings me to the question: whats the main issue for twisted here? best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe

split package cgnslib-common into ui and none-ui part

I suggest to split the package into the ui and none-ui parts. This way, the depending apps are happy, and users do not get borrowed with apps they did not want and suddenly popped up on theire app panel. best regards, Marius Schwarz ___ devel ma

Re: split package cgnslib-common into ui and none-ui part

r app (OpenShot) it will still get installed. But if those apps change theire dependencies, I thnik it will be perfect ;) Thanks. best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to dev

FYI: boot issues with kernel 6.1.5+

blems. Best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

Re: FYI: boot issues with kernel 6.1.5+

Am 15.01.23 um 22:35 schrieb Marius Schwarz: Hi, on Asrock 550B / Ryzen 5600X kernel 6.1.5 - 6.2.0 alpha are not booting, not even complaining about the irq vector bug in the firmware anymore, which happens extrem early. As it's not logging anything at that point, debugging will be a p.

Re: FYI: boot issues with kernel 6.1.5+

oot/config-6.1.5-200.fc37.x86_64 # CONFIG_FB_EFI is not set Regards, Dominik CONFIG_FB_VESA is not set either. Best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email t

unfixed CVE-2024-39929 in exim

https://bugzilla.redhat.com/show_bug.cgi?id=2297728 Luckily is not a RCE, but we have an unpatched CVE in Exim .. can someone pls poke the right person for it? There was no reaction to the exim accouncement on OSS and to the bugreport. thank you. best regards, Marius Schwarz

firefox builds seem stuck on the farm - pls check

? Thanks. Best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List

Re: firefox builds seem stuck on the farm - pls check

Am 30.08.23 um 10:59 schrieb Peter Robinson: On Wed, Aug 30, 2023 at 9:55 AM Martin Stransky wrote: On 8/30/23 10:51, Peter Robinson wrote: The builds are here: https://koji.fedoraproject.org/koji/packageinfo?packageID=37 So you mean all 3? Yes. Well I've freed the 3 x86 builds, I presume y

Re: firefox builds seem stuck on the farm - pls check

Thanks Kevin, Am 30.08.23 um 20:54 schrieb Kevin Fenzi: Was there any changes from the last version that would increase memory/cpu use? or have any issues building on a vm instead of a real machine? Perhaps some folks could try building on an x86_64 vm and see if it happens outside of koji?

Re: CVE: Python-twisted a.o. needs update for F37 due to matrix-synapse security issue

Am 30.08.23 um 20:44 schrieb Jonathan Steffan: On Sat, May 27, 2023 at 3:45 AM Vitaly Zaitsev via devel wrote: On 26/05/2023 16:22, Marius Schwarz wrote: > This brings me to the question: whats the main issue for twisted here? 1. Contact python-twisted maintainers. Mar

Re: firefox builds seem stuck on the farm - pls check

Hi all, Am 30.08.23 um 20:54 schrieb Kevin Fenzi: Perhaps some folks could try building on an x86_64 vm and see if it happens outside of koji? The updates are not in the testing repo. They are now "just build". The usual workflow seems to be interrupted somehow. best regar

Re: Access superseded Fedora RPMs

7.0-1.fc37 updates firefox-x11.x86_64 117.0-1.fc37 updates-archive [root ~]# The Base URL accessed via firefox gives out an ACCESS DENIED. That may be intended, but isn't helpfull ;) best regards, Marius Schwarz __

time is running: security issue BZ#2241470

in question is the default package for rh based installations. best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https

Xen F37 destroyed it, grub2 from Fedora 30 needed to rescue it

you need infos, when a browser is not available, but you would need to search for answers.. guess what, that's what man pages are for ;) Guess what was no help, grub manpages :( I hope we can improve the situation for others here by adding some safty checks and an rescue core.img mode . best

FYI: removal of bastion server in DNSBL spam.dnsbl.anonmails.de requested

spam.dnsbl.anonmails.de I hope it gets removed soon. best regards, Marius Schwarz -- ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct: https

do we need CONFIG_UPROBES=y in our kernels?

uditors tell you about "a vulnerability & it's just there, but inexploitable". I had a case 2 weeks ago, about a missing patch for the ssh-agent CVE vulnerability in fedora's openssh. Trust me, it will create trouble the more the topic is discus

Re: do we need CONFIG_UPROBES=y in our kernels?

ly read if they ever manage to compromise your computer. That contraption is one of the first things I disable on my computers! Agreed, for a more profane reason: it trashes the logfiles for 99.9+% of the time ;) best regards, Marius Schwarz-- _

Re: Thunderbird 102 pushed to F36 stable

Am 02.09.22 um 19:49 schrieb Mattia Verga via devel: Here we go again: thunderbird 102 update was submitted to F36. This new version was known to bring incompatible changes to several addons, yet it has been submitted to a stable Fedora release with autopush enable and just a karma threshold of

Re: Thunderbird 102 pushed to F36 stable

, I'm pretty sure, you won't get those many votes for both stable fedora releases. bets regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedo

Re: F39 proposal: Replace DNF with DNF5 (System-Wide Change proposal)

future * Unify Python bindings If it's still written in python, it will still be slow on devices like Pinephones. I was under the impression, that microdnf + libdnf was developed to counter this slowness? best regards, Marius Schwarz ___

FYI: livesys and livesys-late init.d files left over after Fedora installation

Hi, if Fedora 35 Liveimage is used to install Fedora, livesys and livesys-late initscripts are incorrectly copied onto the system or not deleted after they lost their functionality. This happens afterwards... [Jul 5 17:01] systemd-sysv-generator[72798]: SysV service '/etc/rc.d/init.d/livesy

Re: F39 proposal: Replace DNF with DNF5 (System-Wide Change proposal)

with different resolutions, but hardcore dnf fans will need to adapt to it. The old one was a bit simplier and had a more eased, not to say relaxed, flair ;) best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe s

Re: Replacing GNOME Disks with Blivet GUI in comps' admin-tools?

. The installation requirements is than the fact, if the DE is installed or not. best regards, Marius Schwarz ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject.org Fedora Code of Conduct

FYI: mutter + wayland are broken in F36 ATM

Hi, Mutter for Gnome 42.5.3 does not work with wayland for AST and Intel Graphics . ATM, it ends in a black screen. This involves M$ Surface devices, server onboard graphics and maybe more. Workarounds for users are switching to lightdm or downgrading to mutter 41.9-1. https://bugzilla.red

small logic issue with system upgrades

mall. i.e. by grouping the packages i.e. "network" "office" etc. best regards, Marius Schwarz -- ___ devel mailing list -- devel@lists.fedoraproject.org To unsubscribe send an email to devel-le...@lists.fedoraproject

Re: small logic issue with system upgrades

Am 22.05.24 um 17:48 schrieb Alexander Sosedkin: On Wed, May 22, 2024 at 4:34 PM Marius Schwarz wrote: Were you following the steps outlined in https://docs.fedoraproject.org/en-US/quick-docs/upgrading-fedora-offline ? I'm under the impression, there is a small misunderstanding here

Re: small logic issue with system upgrades

n't an option either here. In the past 13 years of distro-syncing our serverfarm I had to revert 2 times. Means: "GOOD JOB Everyone! Thanks." And I’m running a bunch of servers in a remote data center, too, w/o access to the console (but a temporary KVM in case of emergency). So I

Re: small logic issue with system upgrades

Am 24.05.24 um 12:01 schrieb Roberto Ragusa: On 5/22/24 16:33, Marius Schwarz wrote: So, atm, the server has a sshd that says, that openssl is newer as the required openssl version. It does not start it nor can the running sshd, that runs the upgrade connection, fork a new instance. In other

FAS login not possible

login via the website or api. Direct messages to  "infrastruct...@lists.fedoraproject.org" are also not possible, you need to be on the list to do that. best regards, Marius Schwarz -- ___ devel mailing list -- devel@lists.fedoraproject.org To

Bugzilla: You can't ask Lennart Poettering because that account is disabled.

Hi, I have some bug reports for PA opening BZ and only one ever got a response. Is it possible that this is the cause: You can't ask /Lennart Poettering / because that account is disabled. I tried a needinfo request after a month long silence. Short: PAVU shows the input meter at the app ou

  1   2   3   >