A few warnings if you are using these Fedora "official" and EPEL builds (I'm guessing not many, as per below):
- RHEL 9.5 is currently releasing, which updates to OpenSSL 3.2.2. The existing 9.2.5 builds in EPEL *will not be able to contact TLS origin servers* due to https://github.com/apache/trafficserver/issues/11465. I am backporting the fix (#11501) from 10.x to 9.2.6 -- it would be nice to have this land in a 9.2.7 in the future. - As per the same issue, none of the active Fedora releases (40, 41, rawhide) work either. Issue #11465 is not caught by the release tests. Since nobody has reported this to our Bugzilla, I'm guessing that nobody is using these builds. :-) Regards, --Jered ----- On Nov 12, 2024, at 8:45 PM, Jered Floyd je...@convivian.com wrote: > Well, how about that. Thanks! > > Builds submitted for all active Fedora and EPEL branches. Track status here > (if > you wish): > https://koji.fedoraproject.org/koji/packageinfo?packageID=13558 > > --Jered > > ----- On Nov 12, 2024, at 6:07 PM, Chris McFarlen ch...@mcfarlen.us wrote: > >> TIL there is a more recent KEYS file here: >> >> https://downloads.apache.org/trafficserver/KEYS >> >> >> Sent with Proton Mail secure email. >> >> On Tuesday, November 12th, 2024 at 4:57 PM, Jered Floyd <je...@convivian.com> >> wrote: >> >>> I'm not able to verify the signature against the provided KEYS file; does a >>> key >>> need to be added? >>> >>> $ /usr/lib/rpm/redhat/gpgverify >>> --keyring=/home/jered/fedora-scm/trafficserver/KEYS >>> --signature=/home/jered/fedora-scm/trafficserver/trafficserver-9.2.6.tar.bz2.asc >>> --data=/home/jered/fedora-scm/trafficserver/trafficserver-9.2.6.tar.bz2 >>> gpgv: Signature made Tue 12 Nov 2024 07:03:29 PM UTC >>> gpgv: using RSA key 73144AA83B10A97B04C1E98315AD62E940104E96 >>> gpgv: Can't check signature: No public key >>> gpgverify: Signature verification failed. >>> >>> --Jered >>> >>> ----- On Nov 12, 2024, at 3:31 PM, Evan Zelkowitz e...@apache.org wrote: >>> >>> > I've prepared a release for 9.2.6. The release notes are available at: >>> >>> > [ https://github.com/apache/trafficserver/milestone/77 | >>> > https://github.com/apache/trafficserver/milestone/77 ] >>> > [ >>> > https://docs.trafficserver.apache.org/en/latest/release-notes/upgrading.en.html >>> > | >>> > https://docs.trafficserver.apache.org/en/latest/release-notes/upgrading.en.html >>> > ] >>> >>> > or for a brief ChangeLog: >>> >>> > [ https://github.com/apache/trafficserver/blob/9.2.x/CHANGELOG-9.2.6 | >>> > https://github.com/apache/trafficserver/blob/9.2.x/CHANGELOG-9.2.6 ] >>> >>> > The artifacts are available for download at: >>> >>> > [ https://dist.apache.org/repos/dist/dev/trafficserver/9.2.6/ | >>> > https://dist.apache.org/repos/dist/dev/trafficserver/9.2.6/ ] >>> >>> > SHA512 checksum: >>> >>> > de5666847616db699d81ee32450adbbd5e5ccf3e6ca16ec679e432e3f8c7d7095bcb9e688c6ea759b7a4a57fc2db6af5bda9df94710245c320686107a159b204 >>> >>> > This corresponds to git refs: >>> >>> > Hash: de3e58726f6f58a95266a41eaa31ff3c6fc14336 >>> > Tag: 9.2.6-rc0 >>> >>> > Which can be verified with the following command: >>> >>> > $ git tag -v 9.2.6-rc0 >>> >>> > All code signing keys are available here: >>> >>> > [ https://dist.apache.org/repos/dist/dev/trafficserver/KEYS | >>> > https://dist.apache.org/repos/dist/dev/trafficserver/KEYS ] >>> >>> > Make sure you refresh from a key server to get all relevant signatures >>> > > > > Please test and cast your votes as early as possible.
