[scl.org] Python "latest" SCLo

2017-06-29 Thread Davis, Daniel (NIH/NLM) [C]
I've been lurking on this list for a while, and I wanted to bring myself up to date. I noticed some talk of a community SCL for a "latest" Python, which would be a non-patched pure build of Python that is kept up-to-date by the community. Where is that at? Who is leading it? How can I

Re: [scl.org] Python "latest" SCLo

2017-06-29 Thread Brian Gollaher
Hi Dan. May I ask a question? Is your security team looking for a fix to a specific security problem or CVE or are they asking that you run the latest version as a rule? thanks, Brian On 06/29/2017 11:24 AM, Davis, Daniel (NIH/NLM) [C] wrote: I’ve been lurking on this list for a while,

Re: [scl.org] Python "latest" SCLo

2017-06-29 Thread Davis, Daniel (NIH/NLM) [C]
So, maybe I've missed something, but is this more complicated than running rpmbuild with different Macros?I'm pretty good with rpms, but I know I don't always follow Fedora Packaging Guidelines. I know that our DevOps guys will not want to submit builds to Copr, etc., and may not even use

Re: [scl.org] Python "latest" SCLo

2017-06-29 Thread Davis, Daniel (NIH/NLM) [C]
The DevOps team wants to update to the latest Python as a rule as a security from security mitigation technique.I hope that makes sense. From: Brian Gollaher [mailto:bgoll...@redhat.com] Sent: Thursday, June 29, 2017 11:50 AM To: Davis, Daniel (NIH/NLM) [C] ;

Re: [scl.org] Python "latest" SCLo

2017-06-29 Thread Brian Gollaher
Yes, thanks Dan. Many security scanning tools look for the latest version and flag older versions as being a potential risk. I wanted to be sure that this is what is happening, rather than collections not receiving security updates fast enough and actually missing an important CVE. On